@simplr-ai/node 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  Simplr's **server-side** SDK for Node.js — run fraud/identity checks, score orders, ingest edge logs, and verify webhook signatures, all with your secret key.
4
4
 
5
- > This is the backend SDK. For client-side device signals, RUM, and feature-flag evaluation use [`@simplr-ai/fraud-sdk`](https://www.npmjs.com/package/@simplr-ai/fraud-sdk) (browser) or `simplify_fraud` (Flutter).
5
+ > This is the backend SDK. For client-side device signals, RUM, and feature-flag evaluation use [`@simplr-ai/js`](https://www.npmjs.com/package/@simplr-ai/js) (browser) or `simplr_fraud` (Flutter).
6
6
 
7
7
  Docs: https://docs.simplr.so/docs/sdks/node
8
8
 
@@ -73,7 +73,7 @@ import { Simplr } from "@simplr-ai/node";
73
73
  const simplr = new Simplr({ apiKey: process.env.SIMPLR_API_KEY! });
74
74
  const app = express();
75
75
 
76
- app.post("/hooks/simplify", express.raw({ type: "application/json" }), (req, res) => {
76
+ app.post("/hooks/simplr", express.raw({ type: "application/json" }), (req, res) => {
77
77
  const sig = req.header("X-Simplr-Signature")!;
78
78
  try {
79
79
  const event = simplr.webhooks.constructEvent(req.body, sig, process.env.SIMPLR_WEBHOOK_SECRET!);
@@ -106,8 +106,100 @@ if (simplr.flags.isEnabled("new-checkout")) {
106
106
  simplr.flags.isEnabled("beta", { userId: "u1", attributes: { plan: "growth" } });
107
107
  ```
108
108
 
109
+ ### Targeting a named environment
110
+
111
+ `environment` accepts a named environment slug (e.g. `"dev"`, `"uat"`, `"prod"`) as well as the legacy `"live"`/`"test"` key modes. When omitted, the API falls back to the public key's own live/test mode.
112
+
113
+ ```ts
114
+ // On the Simplr client (forwarded to simplr.flags):
115
+ const simplr = new Simplr({ apiKey, publicKey, environment: "uat" });
116
+
117
+ // Or standalone:
118
+ import { SimplrFlags } from "@simplr-ai/node";
119
+ const flags = new SimplrFlags({ publicKey, environment: "uat" });
120
+ await flags.initialize();
121
+ ```
122
+
109
123
  You can also use `SimplrFlags` standalone.
110
124
 
125
+ ## Profiles (`simplr.profiles`)
126
+
127
+ Anonymous user profiles + order fraud monitoring. Identify a user, score orders, read a user's risk, and report outcomes back to improve scoring.
128
+
129
+ ```ts
130
+ // Create/update an anonymous profile and (optionally) link a device.
131
+ const { profile, is_new } = await simplr.profiles.identify("user-123", {
132
+ profileType: "customer",
133
+ fingerprintHash: "9f2a…", // from a client device-signal collector
134
+ });
135
+
136
+ // Score an order.
137
+ const result = await simplr.profiles.submitOrder({
138
+ order_id: "order-1",
139
+ external_id: "user-123",
140
+ amount: 4999,
141
+ currency: "USD",
142
+ });
143
+
144
+ // Read a user's current risk profile.
145
+ const risk = await simplr.profiles.getProfileRisk("user-123");
146
+
147
+ // Feed back a confirmed outcome (chargeback, manual review, …).
148
+ await simplr.profiles.reportOutcome("user-123", "fraud"); // or "legitimate"
149
+ ```
150
+
151
+ ## RUM (`simplr.rum`)
152
+
153
+ Server-side Real User Monitoring. Events are batched and flushed to `/v1/rum/events`. The flush timer is installed with `unref()`, so it never keeps your process alive. There is no DOM auto-capture on the server — report views/actions/errors/logs explicitly.
154
+
155
+ ```ts
156
+ simplr.rum.initialize({ applicationId: "my-api", environment: "production" });
157
+
158
+ simplr.rum.setUser("user-123", { plan: "pro" });
159
+ simplr.rum.addAttribute("region", "eu-west-1");
160
+
161
+ simplr.rum.trackView("POST /checkout");
162
+ simplr.rum.trackAction("charge_card", { gateway: "stripe" });
163
+ simplr.rum.log("info", "checkout completed", { orderId: "order-1" });
164
+
165
+ try {
166
+ // …
167
+ } catch (err) {
168
+ simplr.rum.trackError(err as Error);
169
+ }
170
+
171
+ await simplr.rum.flush(); // force a flush
172
+ await simplr.rum.stopSession(); // emit session_end, flush, stop timer
173
+ ```
174
+
175
+ ## AI delegation (`simplr.ai`)
176
+
177
+ OAuth-like AI authentication — mint, validate, and revoke delegation tokens that an end user shares with their AI agent.
178
+
179
+ ```ts
180
+ // Mint a token (only returned once).
181
+ const delegation = await simplr.ai.createDelegation({
182
+ userId: "user-123",
183
+ binding: "verified_device",
184
+ expiresInDays: 7,
185
+ fingerprintHash: "9f2a…",
186
+ });
187
+
188
+ // Validate (introspect) an incoming token on your AI gateway.
189
+ const check = await simplr.ai.validate(token, { aiProvider: "anthropic", action: "read_orders" });
190
+ if (!check.valid) { /* reject */ }
191
+
192
+ // Manage delegations.
193
+ await simplr.ai.list("user-123");
194
+ await simplr.ai.get(delegation.delegationId);
195
+ await simplr.ai.stats();
196
+ await simplr.ai.revoke(delegation.delegationId, "user revoked");
197
+ await simplr.ai.revokeAllForUser("user-123", "logout"); // returns count
198
+
199
+ ```
200
+
201
+ > The browser SDK's interactive `connect()` popup flow is web-only and is intentionally omitted from the server SDK.
202
+
111
203
  ## Admin / measurement (`SimplrAdmin`)
112
204
 
113
205
  Dashboard operations — usage/measurement, feature-flag CRUD, and RUM analytics — require a **portal token** (JWT), not an API key: