@stackframe/stack-shared 2.8.2 → 2.8.5

package/dist/config/schema.js

@@ -0,0 +1,185 @@
+import * as schemaFields from "../schema-fields";
+import { yupBoolean, yupObject, yupRecord, yupString } from "../schema-fields";
+import { allProviders } from "../utils/oauth";
+import { get, has, isObjectLike, set } from "../utils/objects";
+// NOTE: The validation schemas in here are all schematic validators, not sanity-check validators.
+// For more info, see ./README.md
+export const configLevels = ['project', 'branch', 'environment', 'organization'];
+const permissionRegex = /^\$?[a-z0-9_:]+$/;
+/**
+ * All fields that can be overridden at this level.
+ */
+export const projectConfigSchema = yupObject({});
+// --- NEW RBAC Schema ---
+const branchRbacDefaultPermissions = yupRecord(yupString().optional().matches(permissionRegex), yupBoolean().isTrue().optional()).optional();
+const branchRbacSchema = yupObject({
+    permissions: yupRecord(yupString().optional().matches(permissionRegex), yupObject({
+        description: yupString().optional(),
+        scope: yupString().oneOf(['team', 'project']).optional(),
+        containedPermissionIds: yupRecord(yupString().optional().matches(permissionRegex), yupBoolean().isTrue().optional()).optional(),
+    }).optional()).optional(),
+    defaultPermissions: yupObject({
+        teamCreator: branchRbacDefaultPermissions,
+        teamMember: branchRbacDefaultPermissions,
+        signUp: branchRbacDefaultPermissions,
+    }).optional(),
+}).optional();
+// --- END NEW RBAC Schema ---
+// --- NEW API Keys Schema ---
+const branchApiKeysSchema = yupObject({
+    enabled: yupObject({
+        team: yupBoolean().optional(),
+        user: yupBoolean().optional(),
+    }).optional(),
+}).optional();
+// --- END NEW API Keys Schema ---
+const branchAuthSchema = yupObject({
+    allowSignUp: yupBoolean().optional(),
+    password: yupObject({
+        allowSignIn: yupBoolean().optional(),
+    }).optional(),
+    otp: yupObject({
+        allowSignIn: yupBoolean().optional(),
+    }).optional(),
+    passkey: yupObject({
+        allowSignIn: yupBoolean().optional(),
+    }).optional(),
+    oauth: yupObject({
+        accountMergeStrategy: yupString().oneOf(['link_method', 'raise_error', 'allow_duplicates']).optional(),
+        providers: yupRecord(yupString().optional().matches(permissionRegex), yupObject({
+            type: yupString().oneOf(allProviders).optional(),
+            allowSignIn: yupBoolean().optional(),
+            allowConnectedAccounts: yupBoolean().optional(),
+        }).defined()).optional(),
+    }).optional(),
+}).optional();
+const branchDomain = yupObject({
+    allowLocalhost: yupBoolean().optional(),
+}).optional();
+export const branchConfigSchema = projectConfigSchema.concat(yupObject({
+    rbac: branchRbacSchema,
+    teams: yupObject({
+        createPersonalTeamOnSignUp: yupBoolean().optional(),
+        allowClientTeamCreation: yupBoolean().optional(),
+    }).optional(),
+    users: yupObject({
+        allowClientUserDeletion: yupBoolean().optional(),
+    }).optional(),
+    apiKeys: branchApiKeysSchema,
+    domains: branchDomain,
+    auth: branchAuthSchema,
+    emails: yupObject({}),
+}));
+export const environmentConfigSchema = branchConfigSchema.concat(yupObject({
+    auth: branchConfigSchema.getNested("auth").concat(yupObject({
+        oauth: branchConfigSchema.getNested("auth").getNested("oauth").concat(yupObject({
+            providers: yupRecord(yupString().optional().matches(permissionRegex), yupObject({
+                type: yupString().oneOf(allProviders).optional(),
+                isShared: yupBoolean().optional(),
+                clientId: schemaFields.oauthClientIdSchema.optional(),
+                clientSecret: schemaFields.oauthClientSecretSchema.optional(),
+                facebookConfigId: schemaFields.oauthFacebookConfigIdSchema.optional(),
+                microsoftTenantId: schemaFields.oauthMicrosoftTenantIdSchema.optional(),
+                allowSignIn: yupBoolean().optional(),
+                allowConnectedAccounts: yupBoolean().optional(),
+            })).optional(),
+        }).optional()),
+    })),
+    emails: branchConfigSchema.getNested("emails").concat(yupObject({
+        server: yupObject({
+            isShared: yupBoolean().optional(),
+            host: schemaFields.emailHostSchema.optional().nonEmpty(),
+            port: schemaFields.emailPortSchema.optional(),
+            username: schemaFields.emailUsernameSchema.optional().nonEmpty(),
+            password: schemaFields.emailPasswordSchema.optional().nonEmpty(),
+            senderName: schemaFields.emailSenderNameSchema.optional().nonEmpty(),
+            senderEmail: schemaFields.emailSenderEmailSchema.optional().nonEmpty(),
+        }),
+    }).optional()),
+    domains: branchConfigSchema.getNested("domains").concat(yupObject({
+        trustedDomains: yupRecord(yupString().uuid().optional(), yupObject({
+            baseUrl: schemaFields.urlSchema.optional(),
+            handlerPath: schemaFields.handlerPathSchema.optional(),
+        })).optional(),
+    })),
+}));
+export const organizationConfigSchema = environmentConfigSchema.concat(yupObject({}));
+// Defaults
+// these are objects that are merged together to form the rendered config (see ./README.md)
+// Wherever an object could be used as a value, a function can instead be used to generate the default values on a per-key basis
+export const projectConfigDefaults = {};
+export const branchConfigDefaults = {};
+export const environmentConfigDefaults = {};
+export const organizationConfigDefaults = {
+    rbac: {
+        permissions: (key) => ({}),
+        defaultPermissions: {
+            teamCreator: {},
+            teamMember: {},
+            signUp: {},
+        },
+    },
+    apiKeys: {
+        enabled: {
+            team: false,
+            user: false,
+        },
+    },
+    teams: {
+        createPersonalTeamOnSignUp: false,
+        allowClientTeamCreation: false,
+    },
+    users: {
+        allowClientUserDeletion: false,
+    },
+    domains: {
+        allowLocalhost: false,
+        trustedDomains: (key) => ({
+            handlerPath: '/handler',
+        }),
+    },
+    auth: {
+        allowSignUp: true,
+        password: {
+            allowSignIn: false,
+        },
+        otp: {
+            allowSignIn: false,
+        },
+        passkey: {
+            allowSignIn: false,
+        },
+        oauth: {
+            accountMergeStrategy: 'link_method',
+            providers: (key) => ({
+                allowSignIn: false,
+                allowConnectedAccounts: false,
+            }),
+        },
+    },
+    emails: {
+        server: {
+            isShared: true,
+        },
+    },
+};
+export function applyDefaults(defaults, config) {
+    const res = { ...typeof defaults === 'function' ? {} : defaults };
+    for (const [key, mergeValue] of Object.entries(config)) {
+        const baseValue = typeof defaults === 'function' ? defaults(key) : (has(defaults, key) ? get(defaults, key) : undefined);
+        if (baseValue !== undefined) {
+            if (isObjectLike(baseValue) && isObjectLike(mergeValue)) {
+                set(res, key, applyDefaults(baseValue, mergeValue));
+                continue;
+            }
+        }
+        set(res, key, mergeValue);
+    }
+    return res;
+}
+import.meta.vitest?.test("applyDefaults", ({ expect }) => {
+    expect(applyDefaults({ a: 1 }, { a: 2 })).toEqual({ a: 2 });
+    expect(applyDefaults({ a: { b: 1 } }, { a: { c: 2 } })).toEqual({ a: { b: 1, c: 2 } });
+    expect(applyDefaults((key) => ({ b: key }), { a: {} })).toEqual({ a: { b: "a" } });
+    expect(applyDefaults({ a: (key) => ({ b: key }) }, { a: { c: { d: 1 } } })).toEqual({ a: { c: { b: "c", d: 1 } } });
+});

package/dist/crud.js

@@ -1,3 +1,4 @@
+import { yupObject, yupString } from './schema-fields';
 import { filterUndefined } from './utils/objects';
 export function createCrud(options) {
     const docs = options.docs ?? {};
@@ -52,7 +53,6 @@ export function createCrud(options) {
         hasDelete: !!admin.deleteSchema,
     };
 }
-import { yupObject, yupString } from './schema-fields';
 import.meta.vitest?.test("createCrud", ({ expect }) => {
     // Test with empty options
     const emptyCrud = createCrud({});

package/dist/interface/adminInterface.d.ts

@@ -1,7 +1,7 @@
 import { InternalSession } from "../sessions";
-import { ApiKeysCrud } from "./crud/api-keys";
 import { EmailTemplateCrud, EmailTemplateType } from "./crud/email-templates";
 import { InternalEmailsCrud } from "./crud/emails";
+import { InternalApiKeysCrud } from "./crud/internal-api-keys";
 import { ProjectPermissionDefinitionsCrud } from "./crud/project-permissions";
 import { ProjectsCrud } from "./crud/projects";
 import { SvixTokenCrud } from "./crud/svix-token";
@@ -12,14 +12,14 @@ export type AdminAuthApplicationOptions = ServerAuthApplicationOptions & ({
 } | {
     projectOwnerSession: InternalSession;
 });
-export type ApiKeyCreateCrudRequest = {
+export type InternalApiKeyCreateCrudRequest = {
     has_publishable_client_key: boolean;
     has_secret_server_key: boolean;
     has_super_secret_admin_key: boolean;
     expires_at_millis: number;
     description: string;
 };
-export type ApiKeyCreateCrudResponse = ApiKeysCrud["Admin"]["Read"] & {
+export type InternalApiKeyCreateCrudResponse = InternalApiKeysCrud["Admin"]["Read"] & {
     publishable_client_key?: string;
     secret_server_key?: string;
     super_secret_admin_key?: string;
@@ -35,10 +35,10 @@ export declare class StackAdminInterface extends StackServerInterface {
     }>;
     getProject(): Promise<ProjectsCrud["Admin"]["Read"]>;
     updateProject(update: ProjectsCrud["Admin"]["Update"]): Promise<ProjectsCrud["Admin"]["Read"]>;
-    createApiKey(options: ApiKeyCreateCrudRequest): Promise<ApiKeyCreateCrudResponse>;
-    listApiKeys(): Promise<ApiKeysCrud["Admin"]["Read"][]>;
-    revokeApiKeyById(id: string): Promise<void>;
-    getApiKey(id: string, session: InternalSession): Promise<ApiKeysCrud["Admin"]["Read"]>;
+    createInternalApiKey(options: InternalApiKeyCreateCrudRequest): Promise<InternalApiKeyCreateCrudResponse>;
+    listInternalApiKeys(): Promise<InternalApiKeysCrud["Admin"]["Read"][]>;
+    revokeInternalApiKeyById(id: string): Promise<void>;
+    getInternalApiKey(id: string, session: InternalSession): Promise<InternalApiKeysCrud["Admin"]["Read"]>;
     listEmailTemplates(): Promise<EmailTemplateCrud['Admin']['Read'][]>;
     updateEmailTemplate(type: EmailTemplateType, data: EmailTemplateCrud['Admin']['Update']): Promise<EmailTemplateCrud['Admin']['Read']>;
     resetEmailTemplate(type: EmailTemplateType): Promise<void>;

package/dist/interface/adminInterface.js

@@ -14,13 +14,13 @@ export class StackAdminInterface extends StackServerInterface {
         }, session, requestType);
     }
     async getProject() {
-        const response = await this.sendAdminRequest("/projects/current", {
+        const response = await this.sendAdminRequest("/internal/projects/current", {
             method: "GET",
         }, null);
         return await response.json();
     }
     async updateProject(update) {
-        const response = await this.sendAdminRequest("/projects/current", {
+        const response = await this.sendAdminRequest("/internal/projects/current", {
             method: "PATCH",
             headers: {
                 "content-type": "application/json",
@@ -29,7 +29,7 @@ export class StackAdminInterface extends StackServerInterface {
         }, null);
         return await response.json();
     }
-    async createApiKey(options) {
+    async createInternalApiKey(options) {
         const response = await this.sendAdminRequest("/internal/api-keys", {
             method: "POST",
             headers: {
@@ -39,12 +39,12 @@ export class StackAdminInterface extends StackServerInterface {
         }, null);
         return await response.json();
     }
-    async listApiKeys() {
+    async listInternalApiKeys() {
         const response = await this.sendAdminRequest("/internal/api-keys", {}, null);
         const result = await response.json();
         return result.items;
     }
-    async revokeApiKeyById(id) {
+    async revokeInternalApiKeyById(id) {
         await this.sendAdminRequest(`/internal/api-keys/${id}`, {
             method: "PATCH",
             headers: {
@@ -55,7 +55,7 @@ export class StackAdminInterface extends StackServerInterface {
             }),
         }, null);
     }
-    async getApiKey(id, session) {
+    async getInternalApiKey(id, session) {
         const response = await this.sendAdminRequest(`/internal/api-keys/${id}`, {}, session);
         return await response.json();
     }
@@ -145,7 +145,7 @@ export class StackAdminInterface extends StackServerInterface {
         return await response.json();
     }
     async deleteProject() {
-        await this.sendAdminRequest("/projects/current", {
+        await this.sendAdminRequest("/internal/projects/current", {
             method: "DELETE",
         }, null);
     }

package/dist/interface/clientInterface.d.ts

@@ -1,3 +1,4 @@
+import * as yup from 'yup';
 import { KnownErrors } from '../known-errors';
 import { AccessToken, InternalSession, RefreshToken } from '../sessions';
 import { ReadonlyJson } from '../utils/json';
@@ -6,8 +7,9 @@ import { Result } from "../utils/results";
 import { ContactChannelsCrud } from './crud/contact-channels';
 import { CurrentUserCrud } from './crud/current-user';
 import { ConnectedAccountAccessTokenCrud } from './crud/oauth';
+import { TeamApiKeysCrud, UserApiKeysCrud, teamApiKeysCreateInputSchema, teamApiKeysCreateOutputSchema, userApiKeysCreateInputSchema, userApiKeysCreateOutputSchema } from './crud/project-api-keys';
 import { ProjectPermissionsCrud } from './crud/project-permissions';
-import { InternalProjectsCrud, ProjectsCrud } from './crud/projects';
+import { AdminUserProjectsCrud, ClientProjectsCrud } from './crud/projects';
 import { SessionsCrud } from './crud/sessions';
 import { TeamInvitationCrud } from './crud/team-invitation';
 import { TeamMemberProfilesCrud } from './crud/team-member-profiles';
@@ -192,10 +194,10 @@ export declare class StackClientInterface {
         recursive: boolean;
     }, session: InternalSession): Promise<ProjectPermissionsCrud['Client']['Read'][]>;
     listCurrentUserTeams(session: InternalSession): Promise<TeamsCrud["Client"]["Read"][]>;
-    getClientProject(): Promise<Result<ProjectsCrud['Client']['Read'], KnownErrors["ProjectNotFound"]>>;
+    getClientProject(): Promise<Result<ClientProjectsCrud['Client']['Read'], KnownErrors["ProjectNotFound"]>>;
     updateClientUser(update: CurrentUserCrud["Client"]["Update"], session: InternalSession): Promise<void>;
-    listProjects(session: InternalSession): Promise<InternalProjectsCrud['Client']['Read'][]>;
-    createProject(project: InternalProjectsCrud['Client']['Create'], session: InternalSession): Promise<InternalProjectsCrud['Client']['Read']>;
+    listProjects(session: InternalSession): Promise<AdminUserProjectsCrud['Client']['Read'][]>;
+    createProject(project: AdminUserProjectsCrud['Client']['Create'], session: InternalSession): Promise<AdminUserProjectsCrud['Client']['Read']>;
     createProviderAccessToken(provider: string, scope: string, session: InternalSession): Promise<ConnectedAccountAccessTokenCrud['Client']['Read']>;
     createClientTeam(data: TeamsCrud['Client']['Create'], session: InternalSession): Promise<TeamsCrud['Client']['Read']>;
     deleteTeam(teamId: string, session: InternalSession): Promise<void>;
@@ -208,4 +210,44 @@ export declare class StackClientInterface {
     listClientContactChannels(session: InternalSession): Promise<ContactChannelsCrud['Client']['Read'][]>;
     sendCurrentUserContactChannelVerificationEmail(contactChannelId: string, callbackUrl: string, session: InternalSession): Promise<Result<undefined, KnownErrors["EmailAlreadyVerified"]>>;
     cliLogin(loginCode: string, refreshToken: string, session: InternalSession): Promise<Result<undefined, KnownErrors["SchemaError"]>>;
+    private _getApiKeyRequestInfo;
+    listProjectApiKeys(options: {
+        user_id: string;
+    }, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<UserApiKeysCrud['Client']['Read'][]>;
+    listProjectApiKeys(options: {
+        team_id: string;
+    }, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<TeamApiKeysCrud['Client']['Read'][]>;
+    listProjectApiKeys(options: {
+        user_id: string;
+    } | {
+        team_id: string;
+    }, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<(UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'])[]>;
+    createProjectApiKey(data: yup.InferType<typeof userApiKeysCreateInputSchema>, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<yup.InferType<typeof userApiKeysCreateOutputSchema>>;
+    createProjectApiKey(data: yup.InferType<typeof teamApiKeysCreateInputSchema>, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<yup.InferType<typeof teamApiKeysCreateOutputSchema>>;
+    createProjectApiKey(data: yup.InferType<typeof userApiKeysCreateInputSchema> | yup.InferType<typeof teamApiKeysCreateInputSchema>, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<yup.InferType<typeof userApiKeysCreateOutputSchema> | yup.InferType<typeof teamApiKeysCreateOutputSchema>>;
+    getProjectApiKey(options: {
+        user_id: string | null;
+    }, keyId: string, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<UserApiKeysCrud['Client']['Read']>;
+    getProjectApiKey(options: {
+        team_id: string;
+    }, keyId: string, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<TeamApiKeysCrud['Client']['Read']>;
+    getProjectApiKey(options: {
+        user_id: string | null;
+    } | {
+        team_id: string;
+    }, keyId: string, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']>;
+    updateProjectApiKey(options: {
+        user_id: string;
+    }, keyId: string, data: UserApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<UserApiKeysCrud['Client']['Read']>;
+    updateProjectApiKey(options: {
+        team_id: string;
+    }, keyId: string, data: TeamApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<TeamApiKeysCrud['Client']['Read']>;
+    updateProjectApiKey(options: {
+        user_id: string;
+    } | {
+        team_id: string;
+    }, keyId: string, data: UserApiKeysCrud['Client']['Update'] | TeamApiKeysCrud['Client']['Update'], session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read']>;
+    checkProjectApiKey(type: "user", apiKey: string, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<UserApiKeysCrud['Client']['Read'] | null>;
+    checkProjectApiKey(type: "team", apiKey: string, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<TeamApiKeysCrud['Client']['Read'] | null>;
+    checkProjectApiKey(type: "user" | "team", apiKey: string, session: InternalSession | null, requestType: "client" | "server" | "admin"): Promise<UserApiKeysCrud['Client']['Read'] | TeamApiKeysCrud['Client']['Read'] | null>;
 }

package/dist/interface/clientInterface.js

@@ -5,7 +5,7 @@ import { generateSecureRandomString } from '../utils/crypto';
 import { StackAssertionError, throwErr } from '../utils/errors';
 import { globalVar } from '../utils/globals';
 import { HTTP_METHODS } from '../utils/http';
-import { filterUndefined } from '../utils/objects';
+import { filterUndefined, filterUndefinedOrNull } from '../utils/objects';
 import { wait } from '../utils/promises';
 import { Result } from "../utils/results";
 import { deindent } from '../utils/strings';
@@ -173,7 +173,7 @@ export class StackClientInterface {
         }
         const params = {
             /**
-             * This fetch may be cross-origin, in which case we don't want to send cookies of the
+             * This fetch may be cross-origin, in which case we don't want to send cookies of the
              * original origin (this is the default behavior of `credentials`).
              *
              * To help debugging, also omit cookies on same-origin, so we don't accidentally
@@ -942,4 +942,68 @@ export class StackClientInterface {
         }
         return Result.ok(undefined);
     }
+    async _getApiKeyRequestInfo(options) {
+        if ("user_id" in options && "team_id" in options) {
+            throw new StackAssertionError("Cannot specify both user_id and team_id in _getApiKeyRequestInfo");
+        }
+        return {
+            endpoint: "team_id" in options ? "/team-api-keys" : "/user-api-keys",
+            queryParams: new URLSearchParams(filterUndefinedOrNull(options)),
+        };
+    }
+    async listProjectApiKeys(options, session, requestType) {
+        const sendRequest = (requestType === "client" ? this.sendClientRequest : this.sendServerRequest).bind(this);
+        const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);
+        const response = await sendRequest(`${endpoint}?${queryParams.toString()}`, {
+            method: "GET",
+        }, session, requestType);
+        const json = await response.json();
+        return json.items;
+    }
+    async createProjectApiKey(data, session, requestType) {
+        const sendRequest = (requestType === "client" ? this.sendClientRequest : this.sendServerRequest).bind(this);
+        const { endpoint } = await this._getApiKeyRequestInfo(data);
+        const response = await sendRequest(`${endpoint}`, {
+            method: "POST",
+            headers: {
+                "content-type": "application/json",
+            },
+            body: JSON.stringify(data),
+        }, session, requestType);
+        return await response.json();
+    }
+    async getProjectApiKey(options, keyId, session, requestType) {
+        const sendRequest = (requestType === "client" ? this.sendClientRequest : this.sendServerRequest).bind(this);
+        const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);
+        const response = await sendRequest(`${endpoint}/${keyId}?${queryParams.toString()}`, {
+            method: "GET",
+        }, session, requestType);
+        return await response.json();
+    }
+    async updateProjectApiKey(options, keyId, data, session, requestType) {
+        const sendRequest = (requestType === "client" ? this.sendClientRequest : this.sendServerRequest).bind(this);
+        const { endpoint, queryParams } = await this._getApiKeyRequestInfo(options);
+        const response = await sendRequest(`${endpoint}/${keyId}?${queryParams.toString()}`, {
+            method: "PATCH",
+            headers: {
+                "content-type": "application/json",
+            },
+            body: JSON.stringify(data),
+        }, session, requestType);
+        return await response.json();
+    }
+    async checkProjectApiKey(type, apiKey, session, requestType) {
+        const sendRequest = (requestType === "client" ? this.sendClientRequestAndCatchKnownError : this.sendServerRequestAndCatchKnownError).bind(this);
+        const result = await sendRequest(`/${type}-api-keys/check`, {
+            method: "POST",
+            headers: {
+                "content-type": "application/json",
+            },
+            body: JSON.stringify({ api_key: apiKey }),
+        }, session, [KnownErrors.ApiKeyNotValid]);
+        if (result.status === "error") {
+            return null;
+        }
+        return await result.data.json();
+    }
 }

package/dist/interface/crud/current-user.d.ts

@@ -1,7 +1,6 @@
 import { CrudTypeOf } from "../../crud";
 export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions<{
     clientReadSchema: import("yup").ObjectSchema<{
-        primary_email: string | null;
         id: string;
         display_name: string | null;
         oauth_providers: {
@@ -12,6 +11,7 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
         profile_image_url: string | null;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
+        primary_email: string | null;
         primary_email_verified: boolean;
         passkey_auth_enabled: boolean;
         otp_auth_enabled: boolean;
@@ -68,8 +68,8 @@ export declare const currentUserCrud: import("../../crud").CrudSchemaFromOptions
             client_read_only_metadata?: {} | null | undefined;
             server_metadata?: {} | null | undefined;
             id: string;
-            created_at_millis: number;
             display_name: string;
+            created_at_millis: number;
             profile_image_url: string | null;
         } | null;
         selected_team_id: string | null;

package/dist/interface/crud/{api-keys.d.ts → internal-api-keys.d.ts}

@@ -1,5 +1,5 @@
 import { CrudTypeOf } from "../../crud";
-export declare const apiKeysCreateInputSchema: import("yup").ObjectSchema<{
+export declare const internalApiKeysCreateInputSchema: import("yup").ObjectSchema<{
     description: string;
     expires_at_millis: number;
     has_publishable_client_key: boolean;
@@ -12,7 +12,7 @@ export declare const apiKeysCreateInputSchema: import("yup").ObjectSchema<{
     has_secret_server_key: undefined;
     has_super_secret_admin_key: undefined;
 }, "">;
-export declare const apiKeysCreateOutputSchema: import("yup").ObjectSchema<{
+export declare const internalApiKeysCreateOutputSchema: import("yup").ObjectSchema<{
     id: string;
     description: string;
     expires_at_millis: number;
@@ -32,7 +32,7 @@ export declare const apiKeysCreateOutputSchema: import("yup").ObjectSchema<{
     secret_server_key: undefined;
     super_secret_admin_key: undefined;
 }, "">;
-export declare const apiKeysCrudAdminObfuscatedReadSchema: import("yup").ObjectSchema<{
+export declare const internalApiKeysCrudAdminObfuscatedReadSchema: import("yup").ObjectSchema<{
     id: string;
     description: string;
     expires_at_millis: number;
@@ -64,15 +64,15 @@ export declare const apiKeysCrudAdminObfuscatedReadSchema: import("yup").ObjectS
         last_four: undefined;
     };
 }, "">;
-export declare const apiKeysCrudAdminUpdateSchema: import("yup").ObjectSchema<{
+export declare const internalApiKeysCrudAdminUpdateSchema: import("yup").ObjectSchema<{
     description: string | undefined;
     revoked: boolean | undefined;
 }, import("yup").AnyObject, {
     description: undefined;
     revoked: undefined;
 }, "">;
-export declare const apiKeysCrudAdminDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
-export declare const apiKeysCrud: import("../../crud").CrudSchemaFromOptions<{
+export declare const internalApiKeysCrudAdminDeleteSchema: import("yup").MixedSchema<{} | undefined, import("yup").AnyObject, undefined, "">;
+export declare const internalApiKeysCrud: import("../../crud").CrudSchemaFromOptions<{
     adminReadSchema: import("yup").ObjectSchema<{
         id: string;
         description: string;
@@ -131,4 +131,4 @@ export declare const apiKeysCrud: import("../../crud").CrudSchemaFromOptions<{
         };
     };
 }>;
-export type ApiKeysCrud = CrudTypeOf<typeof apiKeysCrud>;
+export type InternalApiKeysCrud = CrudTypeOf<typeof internalApiKeysCrud>;

package/dist/interface/crud/{api-keys.js → internal-api-keys.js}

@@ -1,6 +1,6 @@
 import { createCrud } from "../../crud";
 import { yupBoolean, yupMixed, yupNumber, yupObject, yupString } from "../../schema-fields";
-const baseApiKeysReadSchema = yupObject({
+const baseInternalApiKeysReadSchema = yupObject({
     id: yupString().defined(),
     description: yupString().defined(),
     expires_at_millis: yupNumber().defined(),
@@ -8,20 +8,20 @@ const baseApiKeysReadSchema = yupObject({
     created_at_millis: yupNumber().defined(),
 });
 // Used for the result of the create endpoint
-export const apiKeysCreateInputSchema = yupObject({
+export const internalApiKeysCreateInputSchema = yupObject({
     description: yupString().defined(),
     expires_at_millis: yupNumber().defined(),
     has_publishable_client_key: yupBoolean().defined(),
     has_secret_server_key: yupBoolean().defined(),
     has_super_secret_admin_key: yupBoolean().defined(),
 });
-export const apiKeysCreateOutputSchema = baseApiKeysReadSchema.concat(yupObject({
+export const internalApiKeysCreateOutputSchema = baseInternalApiKeysReadSchema.concat(yupObject({
     publishable_client_key: yupString().optional(),
     secret_server_key: yupString().optional(),
     super_secret_admin_key: yupString().optional(),
 }).defined());
 // Used for list, read and update endpoints after the initial creation
-export const apiKeysCrudAdminObfuscatedReadSchema = baseApiKeysReadSchema.concat(yupObject({
+export const internalApiKeysCrudAdminObfuscatedReadSchema = baseInternalApiKeysReadSchema.concat(yupObject({
     publishable_client_key: yupObject({
         last_four: yupString().defined(),
     }).optional(),
@@ -32,15 +32,15 @@ export const apiKeysCrudAdminObfuscatedReadSchema = baseApiKeysReadSchema.concat
         last_four: yupString().defined(),
     }).optional(),
 }));
-export const apiKeysCrudAdminUpdateSchema = yupObject({
+export const internalApiKeysCrudAdminUpdateSchema = yupObject({
     description: yupString().optional(),
     revoked: yupBoolean().oneOf([true]).optional(),
 }).defined();
-export const apiKeysCrudAdminDeleteSchema = yupMixed();
-export const apiKeysCrud = createCrud({
-    adminReadSchema: apiKeysCrudAdminObfuscatedReadSchema,
-    adminUpdateSchema: apiKeysCrudAdminUpdateSchema,
-    adminDeleteSchema: apiKeysCrudAdminDeleteSchema,
+export const internalApiKeysCrudAdminDeleteSchema = yupMixed();
+export const internalApiKeysCrud = createCrud({
+    adminReadSchema: internalApiKeysCrudAdminObfuscatedReadSchema,
+    adminUpdateSchema: internalApiKeysCrudAdminUpdateSchema,
+    adminDeleteSchema: internalApiKeysCrudAdminDeleteSchema,
     docs: {
         adminList: {
             hidden: true,