@sparkvault/sdk 1.24.1 → 1.24.3

package/dist/config.d.ts

@@ -4,6 +4,16 @@
 export interface SparkVaultConfig {
     /** Account ID for Identity operations */
     accountId: string;
+    /** Core API origin. Defaults to https://api.sparkvault.com. A trailing /v1 is accepted and normalized. */
+    apiBaseUrl?: string;
+    /** Identity App API base URL. Defaults to https://api.sparkvault.com/v1/apps/identity. */
+    identityBaseUrl?: string;
+    /** Static SparkVault Core access token for authenticated API calls. */
+    accessToken?: string;
+    /** Dynamic SparkVault Core access token provider for authenticated API calls. */
+    getAccessToken?: () => string | null | Promise<string | null>;
+    /** Optional API key for server-side SDK use. */
+    apiKey?: string;
     /** Request timeout in milliseconds (default: 30000) */
     timeout?: number;
     /**
@@ -15,14 +25,24 @@ export interface SparkVaultConfig {
     preloadConfig?: boolean;
     /** Enable backdrop blur on dialogs (default: true) */
     backdropBlur?: boolean;
+    /**
+     * Host allowlist for backend-issued ingot download URLs. Defaults to the
+     * canonical SparkVault Forge / S3 / CloudFront hosts. Override only when
+     * pointing at a custom deployment.
+     */
+    allowedDownloadHostPatterns?: RegExp[];
 }
 export interface ResolvedConfig {
     accountId: string;
     timeout: number;
     apiBaseUrl: string;
     identityBaseUrl: string;
+    accessToken?: string;
+    getAccessToken?: () => string | null | Promise<string | null>;
+    apiKey?: string;
     preloadConfig: boolean;
     backdropBlur: boolean;
+    allowedDownloadHostPatterns: RegExp[];
 }
 export declare function resolveConfig(config: SparkVaultConfig): ResolvedConfig;
 export declare function validateConfig(config: SparkVaultConfig): void;

package/dist/health.d.ts

@@ -0,0 +1,18 @@
+import type { ResolvedConfig } from './config';
+export interface HealthCheckOptions {
+    timeout?: number;
+}
+export interface HealthCheckResult {
+    online: boolean;
+    status: string;
+    httpStatus?: number;
+    checkedAt: number;
+    error?: string;
+}
+export declare class HealthModule {
+    private readonly config;
+    constructor(config: ResolvedConfig);
+    check(options?: HealthCheckOptions): Promise<HealthCheckResult>;
+    isOnline(options?: HealthCheckOptions): Promise<boolean>;
+    private readStatus;
+}

package/dist/http.d.ts

@@ -19,6 +19,8 @@ export interface ApiResponse<T = unknown> {
 export declare class HttpClient {
     private readonly config;
     constructor(config: ResolvedConfig);
+    private getDefaultHeaders;
+    private getAccessToken;
     request<T = unknown>(path: string, options?: RequestOptions): Promise<ApiResponse<T>>;
     /**
      * Execute the actual HTTP request (internal implementation)
@@ -31,6 +33,7 @@ export declare class HttpClient {
     private isRetryableError;
     private parseResponse;
     private createErrorFromResponse;
+    private unwrapApiResponse;
     get<T = unknown>(path: string, options?: Omit<RequestOptions, 'method' | 'body'>): Promise<ApiResponse<T>>;
     post<T = unknown>(path: string, body?: unknown, options?: Omit<RequestOptions, 'method'>): Promise<ApiResponse<T>>;
     put<T = unknown>(path: string, body?: unknown, options?: Omit<RequestOptions, 'method'>): Promise<ApiResponse<T>>;

package/dist/index.d.ts

@@ -4,6 +4,16 @@
 interface SparkVaultConfig {
     /** Account ID for Identity operations */
     accountId: string;
+    /** Core API origin. Defaults to https://api.sparkvault.com. A trailing /v1 is accepted and normalized. */
+    apiBaseUrl?: string;
+    /** Identity App API base URL. Defaults to https://api.sparkvault.com/v1/apps/identity. */
+    identityBaseUrl?: string;
+    /** Static SparkVault Core access token for authenticated API calls. */
+    accessToken?: string;
+    /** Dynamic SparkVault Core access token provider for authenticated API calls. */
+    getAccessToken?: () => string | null | Promise<string | null>;
+    /** Optional API key for server-side SDK use. */
+    apiKey?: string;
     /** Request timeout in milliseconds (default: 30000) */
     timeout?: number;
     /**
@@ -15,14 +25,42 @@ interface SparkVaultConfig {
     preloadConfig?: boolean;
     /** Enable backdrop blur on dialogs (default: true) */
     backdropBlur?: boolean;
+    /**
+     * Host allowlist for backend-issued ingot download URLs. Defaults to the
+     * canonical SparkVault Forge / S3 / CloudFront hosts. Override only when
+     * pointing at a custom deployment.
+     */
+    allowedDownloadHostPatterns?: RegExp[];
 }
 interface ResolvedConfig {
     accountId: string;
     timeout: number;
     apiBaseUrl: string;
     identityBaseUrl: string;
+    accessToken?: string;
+    getAccessToken?: () => string | null | Promise<string | null>;
+    apiKey?: string;
     preloadConfig: boolean;
     backdropBlur: boolean;
+    allowedDownloadHostPatterns: RegExp[];
+}
+
+interface HealthCheckOptions {
+    timeout?: number;
+}
+interface HealthCheckResult {
+    online: boolean;
+    status: string;
+    httpStatus?: number;
+    checkedAt: number;
+    error?: string;
+}
+declare class HealthModule {
+    private readonly config;
+    constructor(config: ResolvedConfig);
+    check(options?: HealthCheckOptions): Promise<HealthCheckResult>;
+    isOnline(options?: HealthCheckOptions): Promise<boolean>;
+    private readStatus;
 }
 
 /**
@@ -272,6 +310,8 @@ interface ApiResponse<T = unknown> {
 declare class HttpClient {
     private readonly config;
     constructor(config: ResolvedConfig);
+    private getDefaultHeaders;
+    private getAccessToken;
     request<T = unknown>(path: string, options?: RequestOptions): Promise<ApiResponse<T>>;
     /**
      * Execute the actual HTTP request (internal implementation)
@@ -284,6 +324,7 @@ declare class HttpClient {
     private isRetryableError;
     private parseResponse;
     private createErrorFromResponse;
+    private unwrapApiResponse;
     get<T = unknown>(path: string, options?: Omit<RequestOptions, 'method' | 'body'>): Promise<ApiResponse<T>>;
     post<T = unknown>(path: string, body?: unknown, options?: Omit<RequestOptions, 'method'>): Promise<ApiResponse<T>>;
     put<T = unknown>(path: string, body?: unknown, options?: Omit<RequestOptions, 'method'>): Promise<ApiResponse<T>>;
@@ -324,16 +365,14 @@ interface Vault {
 interface UnsealedVault {
     /** Vault ID */
     id: string;
-    /** Vault name */
-    name: string;
-    /** Vault Access Token (short-lived session) */
+    /** Vault Access Token (short-lived session, required for all ingot operations) */
     vatToken: string;
+    /** VAT issued-at timestamp (Unix seconds) */
+    issuedAt: number;
     /** VAT expiry timestamp (Unix seconds) */
     expiresAt: number;
-    /** Number of ingots in vault */
-    ingotCount: number;
-    /** Total storage used in bytes */
-    storageBytes: number;
+    /** VAT lifetime in seconds */
+    ttlSeconds: number;
 }
 interface VaultSummary {
     /** Vault ID */
@@ -360,8 +399,18 @@ interface Ingot {
     size: number;
     /** Creation timestamp (Unix seconds) */
     createdAt: number;
-    /** Ingot type: 'standard' or 'structured' */
-    type: 'standard' | 'structured';
+}
+interface CreatedIngot {
+    /** Ingot ID */
+    id: string;
+    /** Ingot name */
+    name: string;
+    /** Content type (MIME) */
+    contentType: string;
+    /** Size in bytes */
+    size: number;
+    /** Forge upload session expiry (Unix seconds) */
+    uploadExpiresAt: number;
 }
 interface UploadIngotOptions {
     /** File to upload */
@@ -370,6 +419,8 @@ interface UploadIngotOptions {
     name?: string;
     /** Content type (auto-detected if not provided) */
     contentType?: string;
+    /** Progress callback for Forge/TUS upload */
+    onProgress?: (bytesUploaded: number, bytesTotal: number) => void;
 }
 
 /**
@@ -503,6 +554,7 @@ interface UploadCallable {
     close(): void;
 }
 declare class VaultsModule {
+    private readonly config;
     private readonly http;
     private readonly uploadModule;
     /**
@@ -562,7 +614,7 @@ declare class VaultsModule {
      *   name: 'document.pdf'
      * });
      */
-    uploadIngot(vault: UnsealedVault, options: UploadIngotOptions): Promise<Ingot>;
+    uploadIngot(vault: UnsealedVault, options: UploadIngotOptions): Promise<CreatedIngot>;
     /**
      * Download an ingot from an unsealed vault.
      *
@@ -588,6 +640,7 @@ declare class VaultsModule {
     deleteIngot(vault: UnsealedVault, ingotId: string): Promise<void>;
     private validateCreateOptions;
     private validateUploadOptions;
+    private validateDownloadUrl;
 }
 
 /**
@@ -667,6 +720,8 @@ declare class SparkVault {
     readonly identity: IdentityModule;
     /** Persistent encrypted storage module */
     readonly vaults: VaultsModule;
+    /** API availability checks */
+    readonly health: HealthModule;
     private readonly config;
     private constructor();
     /**
@@ -692,4 +747,4 @@ declare global {
 }
 
 export { AuthenticationError, AuthorizationError, NetworkError, PopupBlockedError, SparkVault, SparkVaultError, TimeoutError, UserCancelledError, ValidationError, SparkVault as default, logger, setDebugMode };
-export type { AuthMethod, CreateVaultOptions, AttachOptions as IdentityAttachOptions, Ingot, SparkVaultConfig, Theme, TokenClaims, UnsealedVault, UploadAttachOptions, UploadBranding, UploadIngotOptions, UploadOptions, UploadProgress, UploadResult, Vault, VaultSummary, VaultUploadConfig, VerifyOptions, VerifyResult };
+export type { AuthMethod, CreateVaultOptions, CreatedIngot, HealthCheckOptions, HealthCheckResult, AttachOptions as IdentityAttachOptions, Ingot, SparkVaultConfig, Theme, TokenClaims, UnsealedVault, UploadAttachOptions, UploadBranding, UploadIngotOptions, UploadOptions, UploadProgress, UploadResult, Vault, VaultSummary, VaultUploadConfig, VerifyOptions, VerifyResult };