@stackframe/stack-shared 2.7.29 → 2.8.1

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # @stackframe/stack-shared
 
+## 2.8.1
+
+## 2.8.0
+
+### Minor Changes
+
+- Various changes
+
+## 2.7.30
+
+### Patch Changes
+
+- Various changes
+
 ## 2.7.29
 
 ### Patch Changes

package/dist/interface/adminInterface.d.ts

@@ -2,6 +2,7 @@ import { InternalSession } from "../sessions";
 import { ApiKeysCrud } from "./crud/api-keys";
 import { EmailTemplateCrud, EmailTemplateType } from "./crud/email-templates";
 import { InternalEmailsCrud } from "./crud/emails";
+import { ProjectPermissionDefinitionsCrud } from "./crud/project-permissions";
 import { ProjectsCrud } from "./crud/projects";
 import { SvixTokenCrud } from "./crud/svix-token";
 import { TeamPermissionDefinitionsCrud } from "./crud/team-permissions";
@@ -41,10 +42,14 @@ export declare class StackAdminInterface extends StackServerInterface {
     listEmailTemplates(): Promise<EmailTemplateCrud['Admin']['Read'][]>;
     updateEmailTemplate(type: EmailTemplateType, data: EmailTemplateCrud['Admin']['Update']): Promise<EmailTemplateCrud['Admin']['Read']>;
     resetEmailTemplate(type: EmailTemplateType): Promise<void>;
-    listPermissionDefinitions(): Promise<TeamPermissionDefinitionsCrud['Admin']['Read'][]>;
-    createPermissionDefinition(data: TeamPermissionDefinitionsCrud['Admin']['Create']): Promise<TeamPermissionDefinitionsCrud['Admin']['Read']>;
-    updatePermissionDefinition(permissionId: string, data: TeamPermissionDefinitionsCrud['Admin']['Update']): Promise<TeamPermissionDefinitionsCrud['Admin']['Read']>;
-    deletePermissionDefinition(permissionId: string): Promise<void>;
+    listTeamPermissionDefinitions(): Promise<TeamPermissionDefinitionsCrud['Admin']['Read'][]>;
+    createTeamPermissionDefinition(data: TeamPermissionDefinitionsCrud['Admin']['Create']): Promise<TeamPermissionDefinitionsCrud['Admin']['Read']>;
+    updateTeamPermissionDefinition(permissionId: string, data: TeamPermissionDefinitionsCrud['Admin']['Update']): Promise<TeamPermissionDefinitionsCrud['Admin']['Read']>;
+    deleteTeamPermissionDefinition(permissionId: string): Promise<void>;
+    listProjectPermissionDefinitions(): Promise<ProjectPermissionDefinitionsCrud['Admin']['Read'][]>;
+    createProjectPermissionDefinition(data: ProjectPermissionDefinitionsCrud['Admin']['Create']): Promise<ProjectPermissionDefinitionsCrud['Admin']['Read']>;
+    updateProjectPermissionDefinition(permissionId: string, data: ProjectPermissionDefinitionsCrud['Admin']['Update']): Promise<ProjectPermissionDefinitionsCrud['Admin']['Read']>;
+    deleteProjectPermissionDefinition(permissionId: string): Promise<void>;
     getSvixToken(): Promise<SvixTokenCrud["Admin"]["Read"]>;
     deleteProject(): Promise<void>;
     getMetrics(): Promise<any>;

package/dist/interface/adminInterface.js

@@ -77,12 +77,13 @@ export class StackAdminInterface extends StackServerInterface {
     async resetEmailTemplate(type) {
         await this.sendAdminRequest(`/email-templates/${type}`, { method: "DELETE" }, null);
     }
-    async listPermissionDefinitions() {
+    // Team permission definitions methods
+    async listTeamPermissionDefinitions() {
         const response = await this.sendAdminRequest(`/team-permission-definitions`, {}, null);
         const result = await response.json();
         return result.items;
     }
-    async createPermissionDefinition(data) {
+    async createTeamPermissionDefinition(data) {
         const response = await this.sendAdminRequest("/team-permission-definitions", {
             method: "POST",
             headers: {
@@ -92,7 +93,7 @@ export class StackAdminInterface extends StackServerInterface {
         }, null);
         return await response.json();
     }
-    async updatePermissionDefinition(permissionId, data) {
+    async updateTeamPermissionDefinition(permissionId, data) {
         const response = await this.sendAdminRequest(`/team-permission-definitions/${permissionId}`, {
             method: "PATCH",
             headers: {
@@ -102,9 +103,37 @@ export class StackAdminInterface extends StackServerInterface {
         }, null);
         return await response.json();
     }
-    async deletePermissionDefinition(permissionId) {
+    async deleteTeamPermissionDefinition(permissionId) {
         await this.sendAdminRequest(`/team-permission-definitions/${permissionId}`, { method: "DELETE" }, null);
     }
+    async listProjectPermissionDefinitions() {
+        const response = await this.sendAdminRequest(`/project-permission-definitions`, {}, null);
+        const result = await response.json();
+        return result.items;
+    }
+    async createProjectPermissionDefinition(data) {
+        const response = await this.sendAdminRequest("/project-permission-definitions", {
+            method: "POST",
+            headers: {
+                "content-type": "application/json",
+            },
+            body: JSON.stringify(data),
+        }, null);
+        return await response.json();
+    }
+    async updateProjectPermissionDefinition(permissionId, data) {
+        const response = await this.sendAdminRequest(`/project-permission-definitions/${permissionId}`, {
+            method: "PATCH",
+            headers: {
+                "content-type": "application/json",
+            },
+            body: JSON.stringify(data),
+        }, null);
+        return await response.json();
+    }
+    async deleteProjectPermissionDefinition(permissionId) {
+        await this.sendAdminRequest(`/project-permission-definitions/${permissionId}`, { method: "DELETE" }, null);
+    }
     async getSvixToken() {
         const response = await this.sendAdminRequest("/webhooks/svix-token", {
             method: "POST",

package/dist/interface/clientInterface.d.ts

@@ -10,6 +10,7 @@ import { InternalProjectsCrud, ProjectsCrud } from './crud/projects';
 import { SessionsCrud } from './crud/sessions';
 import { TeamInvitationCrud } from './crud/team-invitation';
 import { TeamMemberProfilesCrud } from './crud/team-member-profiles';
+import { ProjectPermissionsCrud } from './crud/project-permissions';
 import { TeamPermissionsCrud } from './crud/team-permissions';
 import { TeamsCrud } from './crud/teams';
 export type ClientInterfaceOptions = {
@@ -117,6 +118,10 @@ export declare class StackClientInterface {
         accessToken: string;
         refreshToken: string;
     }, KnownErrors["UserWithEmailAlreadyExists"] | KnownErrors["PasswordRequirementsNotMet"]>>;
+    signUpAnonymously(session: InternalSession): Promise<Result<{
+        accessToken: string;
+        refreshToken: string;
+    }, never>>;
     signInWithMagicLink(code: string): Promise<Result<{
         newUser: boolean;
         accessToken: string;
@@ -183,6 +188,9 @@ export declare class StackClientInterface {
         teamId: string;
         recursive: boolean;
     }, session: InternalSession): Promise<TeamPermissionsCrud['Client']['Read'][]>;
+    listCurrentUserProjectPermissions(options: {
+        recursive: boolean;
+    }, session: InternalSession): Promise<ProjectPermissionsCrud['Client']['Read'][]>;
     listCurrentUserTeams(session: InternalSession): Promise<TeamsCrud["Client"]["Read"][]>;
     getClientProject(): Promise<Result<ProjectsCrud['Client']['Read'], KnownErrors["ProjectNotFound"]>>;
     updateClientUser(update: CurrentUserCrud["Client"]["Update"], session: InternalSession): Promise<void>;

package/dist/interface/clientInterface.js

@@ -576,6 +576,19 @@ export class StackClientInterface {
             refreshToken: result.refresh_token,
         });
     }
+    async signUpAnonymously(session) {
+        const res = await this.sendClientRequestAndCatchKnownError("/auth/anonymous/sign-up", {
+            method: "POST",
+        }, session, []);
+        if (res.status === "error") {
+            return Result.error(res.error);
+        }
+        const result = await res.data.json();
+        return Result.ok({
+            accessToken: result.access_token,
+            refreshToken: result.refresh_token,
+        });
+    }
     async signInWithMagicLink(code) {
         const res = await this.sendClientRequestAndCatchKnownError("/auth/otp/sign-in", {
             method: "POST",
@@ -777,6 +790,11 @@ export class StackClientInterface {
         const result = await response.json();
         return result.items;
     }
+    async listCurrentUserProjectPermissions(options, session) {
+        const response = await this.sendClientRequest(`/project-permissions?user_id=me&recursive=${options.recursive}`, {}, session);
+        const result = await response.json();
+        return result.items;
+    }
     async listCurrentUserTeams(session) {
         const response = await this.sendClientRequest("/teams?user_id=me", {}, session);
         const result = await response.json();

package/dist/interface/crud/current-user.d.ts

@@ -16,6 +16,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         passkey_auth_enabled: boolean;
         otp_auth_enabled: boolean;
         selected_team_id: string | null;
+        is_anonymous: boolean;
         signed_up_at_millis: number;
         has_password: boolean;
         auth_with_email: boolean;
@@ -51,6 +52,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         client_read_only_metadata: undefined;
         server_metadata: undefined;
         last_active_at_millis: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
         auth_with_email: undefined;
         requires_totp_mfa: undefined;
@@ -80,6 +82,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
         last_active_at_millis: number;
+        is_anonymous: boolean;
         oauth_providers: {
             email?: string | null | undefined;
             id: string;
@@ -112,6 +115,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         client_read_only_metadata: undefined;
         server_metadata: undefined;
         last_active_at_millis: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
         auth_with_email: undefined;
         requires_totp_mfa: undefined;
@@ -139,6 +143,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         otp_auth_enabled: undefined;
         totp_secret_base64: undefined;
         selected_team_id: undefined;
+        is_anonymous: undefined;
     }, "">;
     serverUpdateSchema: import("yup").ObjectSchema<{
         display_name: string | null | undefined;
@@ -155,6 +160,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         otp_auth_enabled: boolean | undefined;
         totp_secret_base64: string | null | undefined;
         selected_team_id: string | null | undefined;
+        is_anonymous: boolean | undefined;
     }, import("yup").AnyObject, {
         display_name: undefined;
         profile_image_url: undefined;
@@ -170,6 +176,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         otp_auth_enabled: undefined;
         totp_secret_base64: undefined;
         selected_team_id: undefined;
+        is_anonymous: undefined;
     }, "">;
     clientDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
     docs: {

package/dist/interface/crud/current-user.js

@@ -28,6 +28,7 @@ const clientReadSchema = usersCrudServerReadSchema.pick([
     "requires_totp_mfa",
     "otp_auth_enabled",
     "passkey_auth_enabled",
+    "is_anonymous",
 ]).concat(yupObject({
     selected_team: teamsCrudClientReadSchema.nullable().defined(),
 })).defined();

package/dist/interface/crud/project-permissions.d.ts

@@ -0,0 +1,155 @@
+import { CrudTypeOf } from "../../crud";
+export declare const projectPermissionsCrudClientReadSchema: import("yup").ObjectSchema<{
+    id: string;
+    user_id: string;
+}, import("yup").AnyObject, {
+    id: undefined;
+    user_id: undefined;
+}, "">;
+export declare const projectPermissionsCrudServerCreateSchema: import("yup").ObjectSchema<{}, import("yup").AnyObject, {}, "">;
+export declare const projectPermissionsCrudServerDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+export declare const projectPermissionsCrud: import("../../crud").CrudSchemaFromOptions<{
+    clientReadSchema: import("yup").ObjectSchema<{
+        id: string;
+        user_id: string;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        user_id: undefined;
+    }, "">;
+    serverCreateSchema: import("yup").ObjectSchema<{}, import("yup").AnyObject, {}, "">;
+    serverDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+    docs: {
+        clientList: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        serverList: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        serverCreate: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        serverDelete: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+    };
+}>;
+export type ProjectPermissionsCrud = CrudTypeOf<typeof projectPermissionsCrud>;
+export declare const projectPermissionCreatedWebhookEvent: {
+    type: string;
+    schema: import("yup").ObjectSchema<{
+        id: string;
+        user_id: string;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        user_id: undefined;
+    }, "">;
+    metadata: {
+        summary: string;
+        description: string;
+        tags: string[];
+    };
+};
+export declare const projectPermissionDeletedWebhookEvent: {
+    type: string;
+    schema: import("yup").ObjectSchema<{
+        id: string;
+        user_id: string;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        user_id: undefined;
+    }, "">;
+    metadata: {
+        summary: string;
+        description: string;
+        tags: string[];
+    };
+};
+export declare const projectPermissionDefinitionsCrudAdminReadSchema: import("yup").ObjectSchema<{
+    id: string;
+    description: string | undefined;
+    contained_permission_ids: string[];
+}, import("yup").AnyObject, {
+    id: undefined;
+    description: undefined;
+    contained_permission_ids: undefined;
+}, "">;
+export declare const projectPermissionDefinitionsCrudAdminCreateSchema: import("yup").ObjectSchema<{
+    id: string;
+    description: string | undefined;
+    contained_permission_ids: string[] | undefined;
+}, import("yup").AnyObject, {
+    id: undefined;
+    description: undefined;
+    contained_permission_ids: undefined;
+}, "">;
+export declare const projectPermissionDefinitionsCrudAdminUpdateSchema: import("yup").ObjectSchema<{
+    id: string | undefined;
+    description: string | undefined;
+    contained_permission_ids: string[] | undefined;
+}, import("yup").AnyObject, {
+    id: undefined;
+    description: undefined;
+    contained_permission_ids: undefined;
+}, "">;
+export declare const projectPermissionDefinitionsCrudAdminDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+export declare const projectPermissionDefinitionsCrud: import("../../crud").CrudSchemaFromOptions<{
+    adminReadSchema: import("yup").ObjectSchema<{
+        id: string;
+        description: string | undefined;
+        contained_permission_ids: string[];
+    }, import("yup").AnyObject, {
+        id: undefined;
+        description: undefined;
+        contained_permission_ids: undefined;
+    }, "">;
+    adminCreateSchema: import("yup").ObjectSchema<{
+        id: string;
+        description: string | undefined;
+        contained_permission_ids: string[] | undefined;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        description: undefined;
+        contained_permission_ids: undefined;
+    }, "">;
+    adminUpdateSchema: import("yup").ObjectSchema<{
+        id: string | undefined;
+        description: string | undefined;
+        contained_permission_ids: string[] | undefined;
+    }, import("yup").AnyObject, {
+        id: undefined;
+        description: undefined;
+        contained_permission_ids: undefined;
+    }, "">;
+    adminDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+    docs: {
+        adminList: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        adminCreate: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        adminUpdate: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        adminDelete: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+    };
+}>;
+export type ProjectPermissionDefinitionsCrud = CrudTypeOf<typeof projectPermissionDefinitionsCrud>;

package/dist/interface/crud/project-permissions.js

@@ -0,0 +1,100 @@
+import { createCrud } from "../../crud";
+import * as schemaFields from "../../schema-fields";
+import { yupMixed, yupObject } from "../../schema-fields";
+// =============== Project permissions =================
+export const projectPermissionsCrudClientReadSchema = yupObject({
+    id: schemaFields.permissionDefinitionIdSchema.defined(),
+    user_id: schemaFields.userIdSchema.defined(),
+}).defined();
+export const projectPermissionsCrudServerCreateSchema = yupObject({}).defined();
+export const projectPermissionsCrudServerDeleteSchema = yupMixed();
+export const projectPermissionsCrud = createCrud({
+    clientReadSchema: projectPermissionsCrudClientReadSchema,
+    serverCreateSchema: projectPermissionsCrudServerCreateSchema,
+    serverDeleteSchema: projectPermissionsCrudServerDeleteSchema,
+    docs: {
+        clientList: {
+            summary: "List project permissions",
+            description: "List global permissions of the current user. `user_id=me` must be set for client requests. `(user_id, permission_id)` together uniquely identify a permission.",
+            tags: ["Permissions"],
+        },
+        serverList: {
+            summary: "List project permissions",
+            description: "Query and filter the permission with `user_id` and `permission_id`. `(user_id, permission_id)` together uniquely identify a permission.",
+            tags: ["Permissions"],
+        },
+        serverCreate: {
+            summary: "Grant a global permission to a user",
+            description: "Grant a global permission to a user (the permission must be created first on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+        serverDelete: {
+            summary: "Revoke a global permission from a user",
+            description: "Revoke a global permission from a user",
+            tags: ["Permissions"],
+        },
+    },
+});
+export const projectPermissionCreatedWebhookEvent = {
+    type: "project_permission.created",
+    schema: projectPermissionsCrud.server.readSchema,
+    metadata: {
+        summary: "Project Permission Created",
+        description: "This event is triggered when a project permission is created.",
+        tags: ["Users"],
+    },
+};
+export const projectPermissionDeletedWebhookEvent = {
+    type: "project_permission.deleted",
+    schema: projectPermissionsCrud.server.readSchema,
+    metadata: {
+        summary: "Project Permission Deleted",
+        description: "This event is triggered when a project permission is deleted.",
+        tags: ["Users"],
+    },
+};
+// =============== Project permission definitions =================
+export const projectPermissionDefinitionsCrudAdminReadSchema = yupObject({
+    id: schemaFields.permissionDefinitionIdSchema.defined(),
+    description: schemaFields.teamPermissionDescriptionSchema.optional(),
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.defined(),
+}).defined();
+export const projectPermissionDefinitionsCrudAdminCreateSchema = yupObject({
+    id: schemaFields.customPermissionDefinitionIdSchema.defined(),
+    description: schemaFields.teamPermissionDescriptionSchema.optional(),
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional(),
+}).defined();
+export const projectPermissionDefinitionsCrudAdminUpdateSchema = yupObject({
+    id: schemaFields.customPermissionDefinitionIdSchema.optional(),
+    description: schemaFields.teamPermissionDescriptionSchema.optional(),
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional(),
+}).defined();
+export const projectPermissionDefinitionsCrudAdminDeleteSchema = yupMixed();
+export const projectPermissionDefinitionsCrud = createCrud({
+    adminReadSchema: projectPermissionDefinitionsCrudAdminReadSchema,
+    adminCreateSchema: projectPermissionDefinitionsCrudAdminCreateSchema,
+    adminUpdateSchema: projectPermissionDefinitionsCrudAdminUpdateSchema,
+    adminDeleteSchema: projectPermissionDefinitionsCrudAdminDeleteSchema,
+    docs: {
+        adminList: {
+            summary: "List project permission definitions",
+            description: "Query and filter project permission definitions (the equivalent of listing permissions on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+        adminCreate: {
+            summary: "Create a new project permission definition",
+            description: "Create a new project permission definition (the equivalent of creating a new permission on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+        adminUpdate: {
+            summary: "Update a project permission definition",
+            description: "Update a project permission definition (the equivalent of updating a permission on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+        adminDelete: {
+            summary: "Delete a project permission definition",
+            description: "Delete a project permission definition (the equivalent of deleting a permission on the Stack dashboard)",
+            tags: ["Permissions"],
+        },
+    },
+});

package/dist/interface/crud/projects.d.ts

@@ -80,6 +80,9 @@ export declare const projectsCrudAdminReadSchema: import("yup").ObjectSchema<{
         team_member_default_permissions: {
             id: string;
         }[];
+        user_default_permissions: {
+            id: string;
+        }[];
         oauth_account_merge_strategy: "link_method" | "raise_error" | "allow_duplicates";
     };
 }, import("yup").AnyObject, {
@@ -113,6 +116,7 @@ export declare const projectsCrudAdminReadSchema: import("yup").ObjectSchema<{
         create_team_on_sign_up: undefined;
         team_creator_default_permissions: undefined;
         team_member_default_permissions: undefined;
+        user_default_permissions: undefined;
         oauth_account_merge_strategy: undefined;
     };
 }, "">;
@@ -184,6 +188,9 @@ export declare const projectsCrudAdminUpdateSchema: import("yup").ObjectSchema<{
         team_member_default_permissions?: {
             id: string;
         }[] | undefined;
+        user_default_permissions?: {
+            id: string;
+        }[] | undefined;
         oauth_account_merge_strategy?: "link_method" | "raise_error" | "allow_duplicates" | undefined;
     } | undefined;
 }, import("yup").AnyObject, {
@@ -233,6 +240,9 @@ export declare const projectsCrudAdminCreateSchema: import("yup").ObjectSchema<{
         team_member_default_permissions?: {
             id: string;
         }[] | undefined;
+        user_default_permissions?: {
+            id: string;
+        }[] | undefined;
         oauth_account_merge_strategy?: "link_method" | "raise_error" | "allow_duplicates" | undefined;
     } | undefined;
 } & {
@@ -320,6 +330,9 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             team_member_default_permissions: {
                 id: string;
             }[];
+            user_default_permissions: {
+                id: string;
+            }[];
             oauth_account_merge_strategy: "link_method" | "raise_error" | "allow_duplicates";
         };
     }, import("yup").AnyObject, {
@@ -353,6 +366,7 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             create_team_on_sign_up: undefined;
             team_creator_default_permissions: undefined;
             team_member_default_permissions: undefined;
+            user_default_permissions: undefined;
             oauth_account_merge_strategy: undefined;
         };
     }, "">;
@@ -397,6 +411,9 @@ export declare const projectsCrud: import("../../crud").CrudSchemaFromOptions<{
             team_member_default_permissions?: {
                 id: string;
             }[] | undefined;
+            user_default_permissions?: {
+                id: string;
+            }[] | undefined;
             oauth_account_merge_strategy?: "link_method" | "raise_error" | "allow_duplicates" | undefined;
         } | undefined;
     }, import("yup").AnyObject, {
@@ -479,6 +496,9 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             team_member_default_permissions: {
                 id: string;
             }[];
+            user_default_permissions: {
+                id: string;
+            }[];
             oauth_account_merge_strategy: "link_method" | "raise_error" | "allow_duplicates";
         };
     }, import("yup").AnyObject, {
@@ -512,6 +532,7 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             create_team_on_sign_up: undefined;
             team_creator_default_permissions: undefined;
             team_member_default_permissions: undefined;
+            user_default_permissions: undefined;
             oauth_account_merge_strategy: undefined;
         };
     }, "">;
@@ -556,6 +577,9 @@ export declare const internalProjectsCrud: import("../../crud").CrudSchemaFromOp
             team_member_default_permissions?: {
                 id: string;
             }[] | undefined;
+            user_default_permissions?: {
+                id: string;
+            }[] | undefined;
             oauth_account_merge_strategy?: "link_method" | "raise_error" | "allow_duplicates" | undefined;
         } | undefined;
     } & {

package/dist/interface/crud/projects.js

@@ -75,6 +75,7 @@ export const projectsCrudAdminReadSchema = yupObject({
         create_team_on_sign_up: schemaFields.projectCreateTeamOnSignUpSchema.defined(),
         team_creator_default_permissions: yupArray(teamPermissionSchema.defined()).defined(),
         team_member_default_permissions: yupArray(teamPermissionSchema.defined()).defined(),
+        user_default_permissions: yupArray(teamPermissionSchema.defined()).defined(),
         oauth_account_merge_strategy: schemaFields.oauthAccountMergeStrategySchema.defined(),
     }).defined(),
 }).defined();
@@ -109,6 +110,7 @@ export const projectsCrudAdminUpdateSchema = yupObject({
         create_team_on_sign_up: schemaFields.projectCreateTeamOnSignUpSchema.optional(),
         team_creator_default_permissions: yupArray(teamPermissionSchema.defined()).optional(),
         team_member_default_permissions: yupArray(teamPermissionSchema.defined()).optional(),
+        user_default_permissions: yupArray(teamPermissionSchema.defined()).optional(),
         oauth_account_merge_strategy: schemaFields.oauthAccountMergeStrategySchema.optional(),
     }).optional().default(undefined),
 }).defined();

package/dist/interface/crud/team-invitation.d.ts

@@ -29,6 +29,16 @@ export declare const teamInvitationCrud: import("../../crud").CrudSchemaFromOpti
             description: string;
             tags: string[];
         };
+        clientList: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
+        clientDelete: {
+            summary: string;
+            description: string;
+            tags: string[];
+        };
     };
 }>;
 export type TeamInvitationCrud = CrudTypeOf<typeof teamInvitationCrud>;

package/dist/interface/crud/team-invitation.js

@@ -16,5 +16,15 @@ export const teamInvitationCrud = createCrud({
             description: "",
             tags: ["Teams"],
         },
+        clientList: {
+            summary: "List team invitations",
+            description: "",
+            tags: ["Teams"],
+        },
+        clientDelete: {
+            summary: "Delete a team invitation",
+            description: "",
+            tags: ["Teams"],
+        },
     },
 });

package/dist/interface/crud/team-member-profiles.d.ts

@@ -34,6 +34,7 @@ export declare const teamMemberProfilesCrudServerReadSchema: import("yup").Objec
         passkey_auth_enabled: boolean;
         otp_auth_enabled: boolean;
         selected_team_id: string | null;
+        is_anonymous: boolean;
         selected_team: {
             client_metadata?: {} | null | undefined;
             client_read_only_metadata?: {} | null | undefined;
@@ -79,6 +80,7 @@ export declare const teamMemberProfilesCrudServerReadSchema: import("yup").Objec
         client_read_only_metadata: undefined;
         server_metadata: undefined;
         last_active_at_millis: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
         auth_with_email: undefined;
         requires_totp_mfa: undefined;
@@ -127,6 +129,7 @@ export declare const teamMemberProfilesCrud: import("../../crud").CrudSchemaFrom
             passkey_auth_enabled: boolean;
             otp_auth_enabled: boolean;
             selected_team_id: string | null;
+            is_anonymous: boolean;
             selected_team: {
                 client_metadata?: {} | null | undefined;
                 client_read_only_metadata?: {} | null | undefined;
@@ -172,6 +175,7 @@ export declare const teamMemberProfilesCrud: import("../../crud").CrudSchemaFrom
             client_read_only_metadata: undefined;
             server_metadata: undefined;
             last_active_at_millis: undefined;
+            is_anonymous: undefined;
             oauth_providers: undefined;
             auth_with_email: undefined;
             requires_totp_mfa: undefined;

package/dist/interface/crud/team-permissions.js

@@ -3,7 +3,7 @@ import * as schemaFields from "../../schema-fields";
 import { yupMixed, yupObject } from "../../schema-fields";
 // =============== Team permissions =================
 export const teamPermissionsCrudClientReadSchema = yupObject({
-    id: schemaFields.teamPermissionDefinitionIdSchema.defined(),
+    id: schemaFields.permissionDefinitionIdSchema.defined(),
     user_id: schemaFields.userIdSchema.defined(),
     team_id: schemaFields.teamIdSchema.defined(),
 }).defined();
@@ -56,19 +56,19 @@ export const teamPermissionDeletedWebhookEvent = {
 };
 // =============== Team permission definitions =================
 export const teamPermissionDefinitionsCrudAdminReadSchema = yupObject({
-    id: schemaFields.teamPermissionDefinitionIdSchema.defined(),
+    id: schemaFields.permissionDefinitionIdSchema.defined(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
-    contained_permission_ids: schemaFields.containedPermissionIdsSchema.defined()
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.defined(),
 }).defined();
 export const teamPermissionDefinitionsCrudAdminCreateSchema = yupObject({
-    id: schemaFields.customTeamPermissionDefinitionIdSchema.defined(),
+    id: schemaFields.customPermissionDefinitionIdSchema.defined(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
-    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional()
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional(),
 }).defined();
 export const teamPermissionDefinitionsCrudAdminUpdateSchema = yupObject({
-    id: schemaFields.customTeamPermissionDefinitionIdSchema.optional(),
+    id: schemaFields.customPermissionDefinitionIdSchema.optional(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
-    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional()
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional(),
 }).defined();
 export const teamPermissionDefinitionsCrudAdminDeleteSchema = yupMixed();
 export const teamPermissionDefinitionsCrud = createCrud({

package/dist/interface/crud/users.d.ts

@@ -14,6 +14,7 @@ export declare const usersCrudServerUpdateSchema: import("yup").ObjectSchema<{
     otp_auth_enabled: boolean | undefined;
     totp_secret_base64: string | null | undefined;
     selected_team_id: string | null | undefined;
+    is_anonymous: boolean | undefined;
 }, import("yup").AnyObject, {
     display_name: undefined;
     profile_image_url: undefined;
@@ -29,6 +30,7 @@ export declare const usersCrudServerUpdateSchema: import("yup").ObjectSchema<{
     otp_auth_enabled: undefined;
     totp_secret_base64: undefined;
     selected_team_id: undefined;
+    is_anonymous: undefined;
 }, "">;
 export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     id: string;
@@ -55,6 +57,7 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     client_read_only_metadata: {} | null;
     server_metadata: {} | null;
     last_active_at_millis: number;
+    is_anonymous: boolean;
     oauth_providers: {
         email?: string | null | undefined;
         id: string;
@@ -87,6 +90,7 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     client_read_only_metadata: undefined;
     server_metadata: undefined;
     last_active_at_millis: undefined;
+    is_anonymous: undefined;
     oauth_providers: undefined;
     auth_with_email: undefined;
     requires_totp_mfa: undefined;
@@ -105,12 +109,14 @@ export declare const usersCrudServerCreateSchema: import("yup").ObjectSchema<{
     password_hash: string | undefined;
     otp_auth_enabled: boolean | undefined;
     totp_secret_base64: string | null | undefined;
+    is_anonymous: boolean | undefined;
 } & {
     oauth_providers: {
         email: string | null;
         id: string;
         account_id: string;
     }[] | undefined;
+    is_anonymous: boolean | undefined;
 }, import("yup").AnyObject, {
     display_name: undefined;
     profile_image_url: undefined;
@@ -126,6 +132,7 @@ export declare const usersCrudServerCreateSchema: import("yup").ObjectSchema<{
     otp_auth_enabled: undefined;
     totp_secret_base64: undefined;
     selected_team_id: undefined;
+    is_anonymous: undefined;
     oauth_providers: undefined;
 }, "">;
 export declare const usersCrudServerDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
@@ -155,6 +162,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
         last_active_at_millis: number;
+        is_anonymous: boolean;
         oauth_providers: {
             email?: string | null | undefined;
             id: string;
@@ -187,6 +195,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         client_read_only_metadata: undefined;
         server_metadata: undefined;
         last_active_at_millis: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
         auth_with_email: undefined;
         requires_totp_mfa: undefined;
@@ -206,6 +215,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         otp_auth_enabled: boolean | undefined;
         totp_secret_base64: string | null | undefined;
         selected_team_id: string | null | undefined;
+        is_anonymous: boolean | undefined;
     }, import("yup").AnyObject, {
         display_name: undefined;
         profile_image_url: undefined;
@@ -221,6 +231,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         otp_auth_enabled: undefined;
         totp_secret_base64: undefined;
         selected_team_id: undefined;
+        is_anonymous: undefined;
     }, "">;
     serverCreateSchema: import("yup").ObjectSchema<{
         primary_email: string | null | undefined;
@@ -236,12 +247,14 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         password_hash: string | undefined;
         otp_auth_enabled: boolean | undefined;
         totp_secret_base64: string | null | undefined;
+        is_anonymous: boolean | undefined;
     } & {
         oauth_providers: {
             email: string | null;
             id: string;
             account_id: string;
         }[] | undefined;
+        is_anonymous: boolean | undefined;
     }, import("yup").AnyObject, {
         display_name: undefined;
         profile_image_url: undefined;
@@ -257,6 +270,7 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         otp_auth_enabled: undefined;
         totp_secret_base64: undefined;
         selected_team_id: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
     }, "">;
     serverDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
@@ -316,6 +330,7 @@ export declare const userCreatedWebhookEvent: {
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
         last_active_at_millis: number;
+        is_anonymous: boolean;
         oauth_providers: {
             email?: string | null | undefined;
             id: string;
@@ -348,6 +363,7 @@ export declare const userCreatedWebhookEvent: {
         client_read_only_metadata: undefined;
         server_metadata: undefined;
         last_active_at_millis: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
         auth_with_email: undefined;
         requires_totp_mfa: undefined;
@@ -385,6 +401,7 @@ export declare const userUpdatedWebhookEvent: {
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
         last_active_at_millis: number;
+        is_anonymous: boolean;
         oauth_providers: {
             email?: string | null | undefined;
             id: string;
@@ -417,6 +434,7 @@ export declare const userUpdatedWebhookEvent: {
         client_read_only_metadata: undefined;
         server_metadata: undefined;
         last_active_at_millis: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
         auth_with_email: undefined;
         requires_totp_mfa: undefined;

package/dist/interface/crud/users.js

@@ -16,6 +16,7 @@ export const usersCrudServerUpdateSchema = fieldSchema.yupObject({
     otp_auth_enabled: fieldSchema.userOtpAuthEnabledMutationSchema.optional(),
     totp_secret_base64: fieldSchema.userTotpSecretMutationSchema.optional(),
     selected_team_id: fieldSchema.selectedTeamIdSchema.nullable().optional(),
+    is_anonymous: fieldSchema.yupBoolean().oneOf([false]).optional(),
 }).defined();
 export const usersCrudServerReadSchema = fieldSchema.yupObject({
     id: fieldSchema.userIdSchema.defined(),
@@ -34,6 +35,7 @@ export const usersCrudServerReadSchema = fieldSchema.yupObject({
     client_read_only_metadata: fieldSchema.userClientReadOnlyMetadataSchema,
     server_metadata: fieldSchema.userServerMetadataSchema,
     last_active_at_millis: fieldSchema.userLastActiveAtMillisSchema.nonNullable().defined(),
+    is_anonymous: fieldSchema.yupBoolean().defined(),
     oauth_providers: fieldSchema.yupArray(fieldSchema.yupObject({
         id: fieldSchema.yupString().defined(),
         account_id: fieldSchema.yupString().defined(),
@@ -54,6 +56,7 @@ export const usersCrudServerCreateSchema = usersCrudServerUpdateSchema.omit(['se
         account_id: fieldSchema.yupString().defined(),
         email: fieldSchema.yupString().nullable().defined().default(null),
     }).defined()).optional().meta({ openapiField: { hidden: true } }),
+    is_anonymous: fieldSchema.yupBoolean().optional(),
 }).defined());
 export const usersCrudServerDeleteSchema = fieldSchema.yupMixed();
 export const usersCrud = createCrud({

package/dist/interface/serverInterface.d.ts

@@ -9,6 +9,7 @@ import { SessionsCrud } from "./crud/sessions";
 import { TeamInvitationCrud } from "./crud/team-invitation";
 import { TeamMemberProfilesCrud } from "./crud/team-member-profiles";
 import { TeamMembershipsCrud } from "./crud/team-memberships";
+import { ProjectPermissionsCrud } from "./crud/project-permissions";
 import { TeamPermissionsCrud } from "./crud/team-permissions";
 import { TeamsCrud } from "./crud/teams";
 import { UsersCrud } from "./crud/users";
@@ -51,6 +52,10 @@ export declare class StackServerInterface extends StackClientInterface {
         teamId?: string;
         recursive: boolean;
     }, session: InternalSession | null): Promise<TeamPermissionsCrud['Server']['Read'][]>;
+    listServerProjectPermissions(options: {
+        userId?: string;
+        recursive: boolean;
+    }, session: InternalSession | null): Promise<ProjectPermissionsCrud['Server']['Read'][]>;
     listServerUsers(options: {
         cursor?: string;
         limit?: number;

package/dist/interface/serverInterface.js

@@ -91,6 +91,14 @@ export class StackServerInterface extends StackClientInterface {
         const result = await response.json();
         return result.items;
     }
+    async listServerProjectPermissions(options, session) {
+        const response = await this.sendServerRequest(`/project-permissions?${new URLSearchParams(filterUndefined({
+            user_id: options.userId,
+            recursive: options.recursive.toString(),
+        }))}`, {}, session);
+        const result = await response.json();
+        return result.items;
+    }
     async listServerUsers(options) {
         const searchParams = new URLSearchParams(filterUndefined({
             cursor: options.cursor,

package/dist/interface/webhooks.d.ts

@@ -35,6 +35,7 @@ export declare const webhookEvents: readonly [{
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
         last_active_at_millis: number;
+        is_anonymous: boolean;
         oauth_providers: {
             email?: string | null | undefined;
             id: string;
@@ -67,6 +68,7 @@ export declare const webhookEvents: readonly [{
         client_read_only_metadata: undefined;
         server_metadata: undefined;
         last_active_at_millis: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
         auth_with_email: undefined;
         requires_totp_mfa: undefined;
@@ -103,6 +105,7 @@ export declare const webhookEvents: readonly [{
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
         last_active_at_millis: number;
+        is_anonymous: boolean;
         oauth_providers: {
             email?: string | null | undefined;
             id: string;
@@ -135,6 +138,7 @@ export declare const webhookEvents: readonly [{
         client_read_only_metadata: undefined;
         server_metadata: undefined;
         last_active_at_millis: undefined;
+        is_anonymous: undefined;
         oauth_providers: undefined;
         auth_with_email: undefined;
         requires_totp_mfa: undefined;

package/dist/known-errors.d.ts

@@ -247,6 +247,9 @@ export declare const KnownErrors: {
     PasskeyAuthenticationNotEnabled: KnownErrorConstructor<KnownError & KnownErrorBrand<"PASSKEY_AUTHENTICATION_NOT_ENABLED">, []> & {
         errorCode: "PASSKEY_AUTHENTICATION_NOT_ENABLED";
     };
+    AnonymousAccountsNotEnabled: KnownErrorConstructor<KnownError & KnownErrorBrand<"ANONYMOUS_ACCOUNTS_NOT_ENABLED">, []> & {
+        errorCode: "ANONYMOUS_ACCOUNTS_NOT_ENABLED";
+    };
     EmailPasswordMismatch: KnownErrorConstructor<KnownError & KnownErrorBrand<"EMAIL_PASSWORD_MISMATCH">, []> & {
         errorCode: "EMAIL_PASSWORD_MISMATCH";
     };
@@ -370,6 +373,9 @@ export declare const KnownErrors: {
     TeamMembershipAlreadyExists: KnownErrorConstructor<KnownError & KnownErrorBrand<"TEAM_MEMBERSHIP_ALREADY_EXISTS">, []> & {
         errorCode: "TEAM_MEMBERSHIP_ALREADY_EXISTS";
     };
+    ProjectPermissionRequired: KnownErrorConstructor<KnownError & KnownErrorBrand<"PROJECT_PERMISSION_REQUIRED">, [any, any]> & {
+        errorCode: "PROJECT_PERMISSION_REQUIRED";
+    };
     TeamPermissionRequired: KnownErrorConstructor<KnownError & KnownErrorBrand<"TEAM_PERMISSION_REQUIRED">, [any, any, any]> & {
         errorCode: "TEAM_PERMISSION_REQUIRED";
     };

package/dist/known-errors.js

@@ -320,6 +320,10 @@ const PasskeyAuthenticationNotEnabled = createKnownErrorConstructor(KnownError,
     400,
     "Passkey authentication is not enabled for this project.",
 ], () => []);
+const AnonymousAccountsNotEnabled = createKnownErrorConstructor(KnownError, "ANONYMOUS_ACCOUNTS_NOT_ENABLED", () => [
+    400,
+    "Anonymous accounts are not enabled for this project.",
+], () => []);
 const EmailPasswordMismatch = createKnownErrorConstructor(KnownError, "EMAIL_PASSWORD_MISMATCH", () => [
     400,
     "Wrong e-mail or password.",
@@ -506,6 +510,14 @@ const TeamMembershipAlreadyExists = createKnownErrorConstructor(KnownError, "TEA
     409,
     "Team membership already exists.",
 ], () => []);
+const ProjectPermissionRequired = createKnownErrorConstructor(KnownError, "PROJECT_PERMISSION_REQUIRED", (userId, permissionId) => [
+    401,
+    `User ${userId} does not have permission ${permissionId}.`,
+    {
+        user_id: userId,
+        permission_id: permissionId,
+    },
+], (json) => [json.user_id, json.permission_id]);
 const TeamPermissionRequired = createKnownErrorConstructor(KnownError, "TEAM_PERMISSION_REQUIRED", (teamId, userId, permissionId) => [
     401,
     `User ${userId} does not have permission ${permissionId} in team ${teamId}.`,
@@ -606,6 +618,7 @@ export const KnownErrors = {
     SignUpNotEnabled,
     PasswordAuthenticationNotEnabled,
     PasskeyAuthenticationNotEnabled,
+    AnonymousAccountsNotEnabled,
     EmailPasswordMismatch,
     RedirectUrlNotWhitelisted,
     PasswordRequirementsNotMet,
@@ -643,6 +656,7 @@ export const KnownErrors = {
     InvalidTotpCode,
     UserAuthenticationRequired,
     TeamMembershipAlreadyExists,
+    ProjectPermissionRequired,
     TeamPermissionRequired,
     InvalidSharedOAuthProviderId,
     InvalidStandardOAuthProviderId,

package/dist/schema-fields.d.ts

@@ -131,8 +131,8 @@ export declare const signInResponseSchema: yup.ObjectSchema<{
     user_id: undefined;
 }, "">;
 export declare const teamSystemPermissions: readonly ["$update_team", "$delete_team", "$read_members", "$remove_members", "$invite_members"];
-export declare const teamPermissionDefinitionIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
-export declare const customTeamPermissionDefinitionIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
+export declare const permissionDefinitionIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
+export declare const customPermissionDefinitionIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const teamPermissionDescriptionSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const containedPermissionIdsSchema: yup.ArraySchema<string[] | undefined, yup.AnyObject, undefined, "">;
 export declare const teamIdSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;

package/dist/schema-fields.js

@@ -327,7 +327,7 @@ export const teamSystemPermissions = [
     '$remove_members',
     '$invite_members',
 ];
-export const teamPermissionDefinitionIdSchema = yupString()
+export const permissionDefinitionIdSchema = yupString()
     .matches(/^\$?[a-z0-9_:]+$/, 'Only lowercase letters, numbers, ":", "_" and optional "$" at the beginning are allowed')
     .test('is-system-permission', 'System permissions must start with a dollar sign', (value, ctx) => {
     if (!value)
@@ -338,11 +338,11 @@ export const teamPermissionDefinitionIdSchema = yupString()
     return true;
 })
     .meta({ openapiField: { description: `The permission ID used to uniquely identify a permission. Can either be a custom permission with lowercase letters, numbers, \`:\`, and \`_\` characters, or one of the system permissions: ${teamSystemPermissions.map(x => `\`${x}\``).join(', ')}`, exampleValue: 'read_secret_info' } });
-export const customTeamPermissionDefinitionIdSchema = yupString()
+export const customPermissionDefinitionIdSchema = yupString()
     .matches(/^[a-z0-9_:]+$/, 'Only lowercase letters, numbers, ":", "_" are allowed')
     .meta({ openapiField: { description: 'The permission ID used to uniquely identify a permission. Can only contain lowercase letters, numbers, ":", and "_" characters', exampleValue: 'read_secret_info' } });
 export const teamPermissionDescriptionSchema = yupString().meta({ openapiField: { description: 'A human-readable description of the permission', exampleValue: 'Read secret information' } });
-export const containedPermissionIdsSchema = yupArray(teamPermissionDefinitionIdSchema.defined()).meta({ openapiField: { description: 'The IDs of the permissions that are contained in this permission', exampleValue: ['read_public_info'] } });
+export const containedPermissionIdsSchema = yupArray(permissionDefinitionIdSchema.defined()).meta({ openapiField: { description: 'The IDs of the permissions that are contained in this permission', exampleValue: ['read_public_info'] } });
 // Teams
 export const teamIdSchema = yupString().uuid().meta({ openapiField: { description: _idDescription('team'), exampleValue: 'ad962777-8244-496a-b6a2-e0c6a449c79e' } });
 export const teamDisplayNameSchema = yupString().meta({ openapiField: { description: _displayNameDescription('team'), exampleValue: 'My Team' } });

package/dist/sessions.d.ts

@@ -1,6 +1,8 @@
+import * as jose from 'jose';
 export declare class AccessToken {
     readonly token: string;
     constructor(token: string);
+    get decoded(): jose.JWTPayload;
     get expiresAt(): Date;
     /**
      * @returns The number of milliseconds until the access token expires, or 0 if it has already expired.

package/dist/sessions.js

@@ -8,8 +8,11 @@ export class AccessToken {
             throw new StackAssertionError("Access token is the string 'undefined'; it's unlikely this is the correct value. They're supposed to be unguessable!");
         }
     }
+    get decoded() {
+        return jose.decodeJwt(this.token);
+    }
     get expiresAt() {
-        const { exp } = jose.decodeJwt(this.token);
+        const { exp } = this.decoded;
         if (exp === undefined)
             return new Date(8640000000000000); // max date value
         return new Date(exp * 1000);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/stack-shared",
-  "version": "2.7.29",
+  "version": "2.8.1",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "type": "module",