@startsimpli/api 0.5.19 → 0.5.21

package/package.json

@@ -1,11 +1,20 @@
 {
   "name": "@startsimpli/api",
-  "version": "0.5.19",
+  "version": "0.5.21",
   "description": "Type-safe Django REST API client for StartSimpli apps",
   "main": "./src/index.ts",
   "types": "./src/index.ts",
   "exports": {
-    ".": "./src/index.ts"
+    ".": {
+      "types": "./src/index.ts",
+      "react-native": "./src/index.ts",
+      "default": "./src/index.ts"
+    },
+    "./middleware": {
+      "types": "./src/middleware/index.ts",
+      "default": "./src/middleware/index.ts"
+    },
+    "./package.json": "./package.json"
   },
   "files": [
     "src",
@@ -14,14 +23,6 @@
   "publishConfig": {
     "access": "public"
   },
-  "scripts": {
-    "build": "tsup",
-    "dev": "tsup --watch",
-    "type-check": "tsc --noEmit",
-    "test": "vitest run",
-    "test:watch": "vitest",
-    "clean": "rm -rf dist"
-  },
   "dependencies": {
     "isomorphic-dompurify": "^3.10.0",
     "zod": "^4.3.6"
@@ -51,5 +52,13 @@
     "tsup": "^8.5.1",
     "typescript": "^6.0.3",
     "vitest": "^4.1.5"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "type-check": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "clean": "rm -rf dist"
   }
-}
+}

package/src/constants/endpoints.ts

@@ -59,6 +59,9 @@ export const ENDPOINTS = {
   CONTACT_ENRICH: (id: string) => `api/v1/contacts/${id}/enrich`,
   CONTACTS_ENRICH_APOLLO: 'api/v1/contacts/enrich-apollo',
 
+  // Auth
+  AUTH_EARLY_REGISTER: 'api/v1/auth/early-register',
+
   // Users
   USER_ME: 'api/v1/users/me',
   USER_CHANGE_PASSWORD: 'api/v1/users/me/change-password',
@@ -66,6 +69,36 @@ export const ENDPOINTS = {
   // Companies / Feature flags
   FEATURE_FLAGS: 'api/v1/companies/feature-flags',
 
+  // Companies (startsim-o7s) — accepts numeric id OR slug
+  COMPANIES: 'api/v1/companies',
+  COMPANY: (idOrSlug: string) => `api/v1/companies/${idOrSlug}`,
+  COMPANY_FEATURE_FLAGS: (idOrSlug: string) => `api/v1/companies/${idOrSlug}/feature-flags`,
+
+  // Teams (startsim-o7s, startsim-tsm)
+  TEAMS: 'api/v1/teams',
+  TEAM: (idOrSlug: string) => `api/v1/teams/${idOrSlug}`,
+  TEAM_MEMBERS: (idOrSlug: string) => `api/v1/teams/${idOrSlug}/members`,
+  TEAM_BULK_INVITE: (idOrSlug: string) => `api/v1/teams/${idOrSlug}/bulk-invite`,
+  TEAM_REMOVE_MEMBER: (idOrSlug: string) => `api/v1/teams/${idOrSlug}/remove-member`,
+  TEAM_UPDATE_ROLE: (idOrSlug: string) => `api/v1/teams/${idOrSlug}/update-role`,
+  TEAM_MEMBERS_MY_TEAMS: 'api/v1/team-members/my-teams',
+
+  // Team invitations (startsim-tsm)
+  TEAM_INVITATIONS: 'api/v1/team-invitations',
+  TEAM_INVITATION: (id: string) => `api/v1/team-invitations/${id}`,
+  TEAM_INVITATION_ACCEPT: (id: string) => `api/v1/team-invitations/${id}/accept`,
+  TEAM_INVITATION_REVOKE: (id: string) => `api/v1/team-invitations/${id}/revoke`,
+
+  // Email domain claims (startsim-gpu)
+  TEAM_DOMAIN_CLAIMS: 'api/v1/team-domain-claims',
+  TEAM_DOMAIN_CLAIM: (id: string) => `api/v1/team-domain-claims/${id}`,
+  TEAM_DOMAIN_CLAIM_VERIFY_DNS: (id: string) => `api/v1/team-domain-claims/${id}/verify-dns`,
+  TEAM_DOMAIN_CLAIM_VERIFY_EMAIL_INITIATE: (id: string) =>
+    `api/v1/team-domain-claims/${id}/verify-email-initiate`,
+  TEAM_DOMAIN_CLAIM_VERIFY_EMAIL_CODE: (id: string) =>
+    `api/v1/team-domain-claims/${id}/verify-email-code`,
+  TEAM_DOMAIN_CLAIM_REVOKE: (id: string) => `api/v1/team-domain-claims/${id}/revoke`,
+
   // Markets (instruments, prices, analytics, news, health)
   INSTRUMENTS: 'api/v1/markets/instruments',
   INSTRUMENT: (symbol: string) => `api/v1/markets/instruments/${symbol}`,
@@ -77,11 +110,18 @@ export const ENDPOINTS = {
   SECTOR_BREADTH: 'api/v1/markets/sector_breadth',
   EARNINGS_CALENDAR: 'api/v1/markets/calendar',
   TRADING_SNAPSHOTS: 'api/v1/markets/trading/snapshots',
+  BARS_BULK: 'api/v1/markets/bars/bulk',
+  SOCIAL_POSTS: 'api/v1/markets/social_posts',
 
-  // Options — schemas aligned with brain-trading prefs (agent_bridge req b09a6bb6)
-  OPTIONS_CHAIN: 'api/v1/markets/options/chain',
+  // Options — schemas confirmed by claude-mac (agent_bridge req 22ac4889).
+  // /options/iv/ summary + /options/skew/ intentionally omitted: iv/history covers
+  // rank/RV/spread; skew is client-derived from chain (mac req a2f98ba6).
+  OPTIONS_CHAIN: (symbol: string) => `api/v1/markets/instruments/${symbol}/options/chain`,
   OPTIONS_IV_HISTORY: (symbol: string) => `api/v1/markets/instruments/${symbol}/options/iv/history`,
+  OPTIONS_ATM_IV_HISTORY: (symbol: string) => `api/v1/markets/instruments/${symbol}/options/atm_iv_history`,
+  MACRO_CALENDAR: 'api/v1/markets/macro_calendar',
   OPTIONS_GREEKS: 'api/v1/markets/options/greeks',
+  OPTIONS_UNUSUAL_ACTIVITY: 'api/v1/markets/options/unusual_activity',
   VIX_TERM: 'api/v1/markets/vix_term',
 
   // Sources ops

package/src/index.ts

@@ -25,7 +25,7 @@ export type { MessageStats } from './lib/message-stats';
 export { MessageTemplatesApi } from './lib/message-templates-api';
 export type { MessageTemplate, MessageTemplateFilters, CreateMessageTemplateInput } from './lib/message-templates-api';
 export { UsersApi } from './lib/users-api';
-export type { UserProfile, UpdateProfileRequest, ChangePasswordRequest, ChangePasswordResponse } from './types/user';
+export type { UserProfile, UpdateProfileRequest, ChangePasswordRequest, ChangePasswordResponse, EarlyRegisterRequest, EarlyRegisterResponse } from './types/user';
 export { FunnelsApi, isFunnelRunConflict, isFunnelValidationError } from './lib/funnels-api';
 export type {
   FunnelPreviewResult,
@@ -163,6 +163,11 @@ import { EnrichmentApi } from './lib/enrichment-api';
 import { TargetListsApi } from './lib/target-lists-api';
 import { MessageTemplatesApi } from './lib/message-templates-api';
 import { MarketsApi } from './lib/markets-api';
+import { VaultApi } from './lib/vault-api';
+import { CompaniesApi } from './lib/companies-api';
+import { TeamsApi } from './lib/teams-api';
+import { TeamInvitationsApi } from './lib/team-invitations-api';
+import { DomainClaimsApi } from './lib/domain-claims-api';
 
 import type { ApiClientConfig } from './lib/api-client';
 
@@ -187,9 +192,36 @@ export function createStartSimpliApi(config: ApiClientConfig = {}) {
     targetLists: new TargetListsApi(client),
     messageTemplates: new MessageTemplatesApi(client),
     markets: new MarketsApi(client),
+    vault: new VaultApi(client),
+    companies: new CompaniesApi(client),
+    teams: new TeamsApi(client),
+    teamInvitations: new TeamInvitationsApi(client),
+    domainClaims: new DomainClaimsApi(client),
   };
 }
 
+// Team management (startsim-o7s)
+export { CompaniesApi } from './lib/companies-api';
+export { TeamsApi } from './lib/teams-api';
+export type { MyTeamMembership } from './lib/teams-api';
+export { TeamInvitationsApi } from './lib/team-invitations-api';
+export { DomainClaimsApi } from './lib/domain-claims-api';
+
+// Vault API
+export { VaultApi } from './lib/vault-api';
+export type {
+  VaultEnvironment,
+  VaultEnvironmentInput,
+  VaultSecret,
+  VaultSecretInput,
+  VaultSecretReveal,
+  VaultAccessKey,
+  VaultAccessKeyCreated,
+  VaultAccessKeyInput,
+  VaultAuditEntry,
+  VaultListParams,
+} from './lib/vault-api';
+
 // Markets API
 export { MarketsApi } from './lib/markets-api';
 export type {
@@ -239,9 +271,29 @@ export type {
   OptionsIvResponse,
   OptionsIvHistoryParams,
   OptionsSkewPoint,
+  OptionsChainRaw,
   OptionsGreeks,
+  OptionsUnusualActivityPoint,
+  OptionsUnusualActivityParams,
+  OptionsUnusualActivityResponse,
+  AtmIvHistoryPoint,
+  AtmIvHistoryParams,
+  AtmIvHistoryResponse,
+  MacroCategory,
+  MacroCalendarRow,
+  MacroCalendarParams,
+  MacroCalendarResponse,
   VixTenor,
   VixTermState,
   VixTermPoint,
   VixTermResponse,
+  BarsBulkParams,
+  BarsBulkResponse,
+  SocialPlatform,
+  SocialDirection,
+  SocialPost,
+  SocialPostMatchedEntity,
+  SocialPostResolvedContact,
+  SocialPostsParams,
+  SocialPostsResponse,
 } from './lib/markets-api';

package/src/lib/__tests__/companies-api.test.ts

@@ -0,0 +1,53 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { CompaniesApi } from '../companies-api';
+
+function makeApi() {
+  const fetch = { get: vi.fn(), post: vi.fn(), patch: vi.fn(), delete: vi.fn() };
+  const api = new CompaniesApi({ fetch } as never);
+  return { api, fetch };
+}
+
+describe('CompaniesApi', () => {
+  let api: CompaniesApi;
+  let fetch: { get: ReturnType<typeof vi.fn>; post: ReturnType<typeof vi.fn>; patch: ReturnType<typeof vi.fn>; delete: ReturnType<typeof vi.fn> };
+
+  beforeEach(() => {
+    ({ api, fetch } = makeApi());
+  });
+
+  it('list passes params through to the companies endpoint', async () => {
+    fetch.get.mockResolvedValue({ results: [], count: 0 });
+    await api.list({ search: 'acme', pageSize: 50 });
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/companies', {
+      params: { search: 'acme', pageSize: 50 },
+    });
+  });
+
+  it('retrieve accepts either id or slug in the path', async () => {
+    fetch.get.mockResolvedValue({ id: '1', slug: 'acme' });
+    await api.retrieve('acme');
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/companies/acme');
+  });
+
+  it('update PATCHes the company with the camelCase payload', async () => {
+    fetch.patch.mockResolvedValue({ id: '1', slug: 'acme', name: 'Acme Inc.' });
+    await api.update('acme', { name: 'Acme Inc.' });
+    expect(fetch.patch).toHaveBeenCalledWith('api/v1/companies/acme', { name: 'Acme Inc.' });
+  });
+
+  it('featureFlags.get unwraps the flags envelope', async () => {
+    fetch.get.mockResolvedValue({ flags: { section_inbox: true } });
+    const flags = await api.featureFlags.get('acme');
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/companies/acme/feature-flags');
+    expect(flags).toEqual({ section_inbox: true });
+  });
+
+  it('featureFlags.update PATCHes a wrapped flags payload', async () => {
+    fetch.patch.mockResolvedValue({ flags: { section_inbox: false } });
+    const flags = await api.featureFlags.update('acme', { section_inbox: false });
+    expect(fetch.patch).toHaveBeenCalledWith('api/v1/companies/acme/feature-flags', {
+      flags: { section_inbox: false },
+    });
+    expect(flags).toEqual({ section_inbox: false });
+  });
+});

package/src/lib/__tests__/domain-claims-api.test.ts

@@ -0,0 +1,68 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { DomainClaimsApi } from '../domain-claims-api';
+
+function makeApi() {
+  const fetch = { get: vi.fn(), post: vi.fn(), patch: vi.fn(), delete: vi.fn() };
+  const api = new DomainClaimsApi({ fetch } as never);
+  return { api, fetch };
+}
+
+describe('DomainClaimsApi', () => {
+  let api: DomainClaimsApi;
+  let fetch: { get: ReturnType<typeof vi.fn>; post: ReturnType<typeof vi.fn>; patch: ReturnType<typeof vi.fn>; delete: ReturnType<typeof vi.fn> };
+
+  beforeEach(() => {
+    ({ api, fetch } = makeApi());
+  });
+
+  it('list hits the team-domain-claims endpoint', async () => {
+    fetch.get.mockResolvedValue({ results: [], count: 0 });
+    await api.list({ companyId: 'c1', verified: true });
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/team-domain-claims', {
+      params: { companyId: 'c1', verified: true },
+    });
+  });
+
+  it('create POSTs the claim payload + returns the visible token', async () => {
+    fetch.post.mockResolvedValue({
+      id: 'd1',
+      domain: 'acme.com',
+      verificationToken: 'startsim-verify=xyz',
+    });
+    const r = await api.create({ companyId: 'c1', domain: 'acme.com' });
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/team-domain-claims', {
+      companyId: 'c1',
+      domain: 'acme.com',
+    });
+    expect(r.verificationToken).toBe('startsim-verify=xyz');
+  });
+
+  it('verifyDns posts the verify-dns action', async () => {
+    fetch.post.mockResolvedValue({ id: 'd1', verified: true });
+    await api.verifyDns('d1');
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/team-domain-claims/d1/verify-dns');
+  });
+
+  it('verifyEmailInitiate posts the initiate action', async () => {
+    fetch.post.mockResolvedValue({ detail: 'sent' });
+    await api.verifyEmailInitiate('d1');
+    expect(fetch.post).toHaveBeenCalledWith(
+      'api/v1/team-domain-claims/d1/verify-email-initiate',
+    );
+  });
+
+  it('verifyEmailCode posts the code', async () => {
+    fetch.post.mockResolvedValue({ id: 'd1', verified: true });
+    await api.verifyEmailCode('d1', '123456');
+    expect(fetch.post).toHaveBeenCalledWith(
+      'api/v1/team-domain-claims/d1/verify-email-code',
+      { code: '123456' },
+    );
+  });
+
+  it('revoke posts the revoke action', async () => {
+    fetch.post.mockResolvedValue(undefined);
+    await api.revoke('d1');
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/team-domain-claims/d1/revoke');
+  });
+});

package/src/lib/__tests__/team-invitations-api.test.ts

@@ -0,0 +1,50 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { TeamInvitationsApi } from '../team-invitations-api';
+
+function makeApi() {
+  const fetch = { get: vi.fn(), post: vi.fn(), patch: vi.fn(), delete: vi.fn() };
+  const api = new TeamInvitationsApi({ fetch } as never);
+  return { api, fetch };
+}
+
+describe('TeamInvitationsApi', () => {
+  let api: TeamInvitationsApi;
+  let fetch: { get: ReturnType<typeof vi.fn>; post: ReturnType<typeof vi.fn>; patch: ReturnType<typeof vi.fn>; delete: ReturnType<typeof vi.fn> };
+
+  beforeEach(() => {
+    ({ api, fetch } = makeApi());
+  });
+
+  it('list reaches the invitations endpoint', async () => {
+    fetch.get.mockResolvedValue({ results: [], count: 0 });
+    await api.list({ teamId: 't1' });
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/team-invitations', {
+      params: { teamId: 't1' },
+    });
+  });
+
+  it('create POSTs the invitation payload', async () => {
+    fetch.post.mockResolvedValue({ id: 'i1', token: 'raw-token' });
+    const r = await api.create({ email: 'a@x.com', teamId: 't1', role: 'member' });
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/team-invitations', {
+      email: 'a@x.com',
+      teamId: 't1',
+      role: 'member',
+    });
+    expect(r.token).toBe('raw-token');
+  });
+
+  it('revoke POSTs the revoke action', async () => {
+    fetch.post.mockResolvedValue(undefined);
+    await api.revoke('i1');
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/team-invitations/i1/revoke');
+  });
+
+  it('accept POSTs the token in the body', async () => {
+    fetch.post.mockResolvedValue({ id: 'i1', acceptedAt: '2025-01-01' });
+    await api.accept('i1', 'raw-token');
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/team-invitations/i1/accept', {
+      token: 'raw-token',
+    });
+  });
+});

package/src/lib/__tests__/teams-api.test.ts

@@ -0,0 +1,74 @@
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+import { TeamsApi } from '../teams-api';
+
+function makeApi() {
+  const fetch = { get: vi.fn(), post: vi.fn(), patch: vi.fn(), delete: vi.fn() };
+  const api = new TeamsApi({ fetch } as never);
+  return { api, fetch };
+}
+
+describe('TeamsApi', () => {
+  let api: TeamsApi;
+  let fetch: { get: ReturnType<typeof vi.fn>; post: ReturnType<typeof vi.fn>; patch: ReturnType<typeof vi.fn>; delete: ReturnType<typeof vi.fn> };
+
+  beforeEach(() => {
+    ({ api, fetch } = makeApi());
+  });
+
+  it('list hits the teams endpoint with params', async () => {
+    fetch.get.mockResolvedValue({ results: [], count: 0 });
+    await api.list({ companyId: 'c1' });
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/teams', { params: { companyId: 'c1' } });
+  });
+
+  it('retrieve accepts slug', async () => {
+    fetch.get.mockResolvedValue({ id: '1', slug: 'eng' });
+    await api.retrieve('eng');
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/teams/eng');
+  });
+
+  it('members returns the bare array (no pagination wrapper)', async () => {
+    fetch.get.mockResolvedValue([{ id: 'm1', userId: 'u1', role: 'owner' }]);
+    const members = await api.members('eng');
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/teams/eng/members');
+    expect(members).toHaveLength(1);
+  });
+
+  it('bulkInvite POSTs the invitations array wrapped in an envelope', async () => {
+    fetch.post.mockResolvedValue({ invited: [], skipped: [] });
+    await api.bulkInvite('eng', [
+      { email: 'a@x.com', role: 'member' },
+      { email: 'b@x.com', role: 'admin' },
+    ]);
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/teams/eng/bulk-invite', {
+      invitations: [
+        { email: 'a@x.com', role: 'member' },
+        { email: 'b@x.com', role: 'admin' },
+      ],
+    });
+  });
+
+  it('removeMember sends userId in the body, not the URL', async () => {
+    fetch.post.mockResolvedValue(undefined);
+    await api.removeMember('eng', 'u42');
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/teams/eng/remove-member', {
+      userId: 'u42',
+    });
+  });
+
+  it('updateRole sends userId + role in the body', async () => {
+    fetch.post.mockResolvedValue({ id: 'm1', userId: 'u42', role: 'admin' });
+    await api.updateRole('eng', 'u42', 'admin');
+    expect(fetch.post).toHaveBeenCalledWith('api/v1/teams/eng/update-role', {
+      userId: 'u42',
+      role: 'admin',
+    });
+  });
+
+  it('myTeams returns the unpaginated membership array', async () => {
+    fetch.get.mockResolvedValue([{ id: 'm1', teamId: 't1', role: 'owner' }]);
+    const rows = await api.myTeams();
+    expect(fetch.get).toHaveBeenCalledWith('api/v1/team-members/my-teams');
+    expect(rows[0].role).toBe('owner');
+  });
+});

package/src/lib/companies-api.ts

@@ -0,0 +1,48 @@
+/**
+ * Companies API wrapper for /api/v1/companies/*.
+ *
+ * The Django CompanyViewSet accepts numeric id OR slug as the URL identifier.
+ * Feature-flags get their own nested endpoint so app shells can fetch flags
+ * without pulling the full company object. startsim-o7s.
+ */
+
+import type { ApiClient } from './api-client';
+import { ENDPOINTS } from '../constants/endpoints';
+import type {
+  Company,
+  CompanyListParams,
+  UpdateCompanyInput,
+} from '../types/team';
+import type { FeatureFlags, FeatureFlagsResponse } from './feature-flags';
+import type { PaginatedResponse } from '../types';
+
+export class CompaniesApi {
+  constructor(private client: ApiClient) {}
+
+  /** List companies the current user belongs to. */
+  list(params?: CompanyListParams): Promise<PaginatedResponse<Company>> {
+    return this.client.fetch.get<PaginatedResponse<Company>>(ENDPOINTS.COMPANIES, { params });
+  }
+
+  /** Retrieve a single company by id or slug. */
+  retrieve(idOrSlug: string): Promise<Company> {
+    return this.client.fetch.get<Company>(ENDPOINTS.COMPANY(idOrSlug));
+  }
+
+  /** PATCH update — name, slug, settings. */
+  update(idOrSlug: string, patch: UpdateCompanyInput): Promise<Company> {
+    return this.client.fetch.patch<Company>(ENDPOINTS.COMPANY(idOrSlug), patch);
+  }
+
+  /** Per-company feature-flag accessors (admin-gated on PATCH). */
+  readonly featureFlags = {
+    get: (idOrSlug: string): Promise<FeatureFlags> =>
+      this.client.fetch
+        .get<FeatureFlagsResponse>(ENDPOINTS.COMPANY_FEATURE_FLAGS(idOrSlug))
+        .then((r) => r.flags),
+    update: (idOrSlug: string, patch: Partial<FeatureFlags>): Promise<FeatureFlags> =>
+      this.client.fetch
+        .patch<FeatureFlagsResponse>(ENDPOINTS.COMPANY_FEATURE_FLAGS(idOrSlug), { flags: patch })
+        .then((r) => r.flags),
+  };
+}

package/src/lib/domain-claims-api.ts

@@ -0,0 +1,63 @@
+/**
+ * EmailDomainClaim API wrapper for /api/v1/team-domain-claims/*.
+ *
+ * Two verification methods are supported by the backend (startsim-gpu):
+ *   - DNS TXT: caller adds a TXT record, then calls verify-dns.
+ *   - Email attestation: backend sends a 6-digit code to a postmaster@<domain>
+ *     mailbox; caller submits the code via verify-email-code.
+ */
+
+import type { ApiClient } from './api-client';
+import { ENDPOINTS } from '../constants/endpoints';
+import type {
+  EmailDomainClaim,
+  DomainClaimListParams,
+  CreateDomainClaimInput,
+  DomainVerifyEmailInitiateResponse,
+} from '../types/team';
+import type { PaginatedResponse } from '../types';
+
+export class DomainClaimsApi {
+  constructor(private client: ApiClient) {}
+
+  list(params?: DomainClaimListParams): Promise<PaginatedResponse<EmailDomainClaim>> {
+    return this.client.fetch.get<PaginatedResponse<EmailDomainClaim>>(
+      ENDPOINTS.TEAM_DOMAIN_CLAIMS,
+      { params },
+    );
+  }
+
+  /**
+   * Create a new claim. The response includes the verification_token (visible
+   * only to the creator); subsequent reads return null.
+   */
+  create(input: CreateDomainClaimInput): Promise<EmailDomainClaim> {
+    return this.client.fetch.post<EmailDomainClaim>(ENDPOINTS.TEAM_DOMAIN_CLAIMS, input);
+  }
+
+  /** Trigger DNS TXT lookup. Backend marks verified=true on a clean match. */
+  verifyDns(id: string): Promise<EmailDomainClaim> {
+    return this.client.fetch.post<EmailDomainClaim>(
+      ENDPOINTS.TEAM_DOMAIN_CLAIM_VERIFY_DNS(id),
+    );
+  }
+
+  /** Kick off email-attestation flow — backend emails postmaster@<domain>. */
+  verifyEmailInitiate(id: string): Promise<DomainVerifyEmailInitiateResponse> {
+    return this.client.fetch.post<DomainVerifyEmailInitiateResponse>(
+      ENDPOINTS.TEAM_DOMAIN_CLAIM_VERIFY_EMAIL_INITIATE(id),
+    );
+  }
+
+  /** Submit the postmaster mailbox's 6-digit code to complete attestation. */
+  verifyEmailCode(id: string, code: string): Promise<EmailDomainClaim> {
+    return this.client.fetch.post<EmailDomainClaim>(
+      ENDPOINTS.TEAM_DOMAIN_CLAIM_VERIFY_EMAIL_CODE(id),
+      { code },
+    );
+  }
+
+  revoke(id: string): Promise<void> {
+    return this.client.fetch.post<void>(ENDPOINTS.TEAM_DOMAIN_CLAIM_REVOKE(id));
+  }
+}

package/src/lib/error-handler.ts

@@ -9,23 +9,34 @@ export class ApiException extends Error {
   public statusText?: string;
   public errors?: Record<string, string[]>;
   public detail?: string;
-
-  constructor(message: string, options?: Partial<DRFApiError>) {
+  /** Machine-readable code from the standardized error response (e.g.
+   * 'limit_reached', 'no_company'). Set by parseErrorResponse when the
+   * backend emits a structured error shape via the core exception handler. */
+  public code?: string;
+  /** Extra context the backend stapled onto the standardized response —
+   * e.g. limit_reached carries { feature_key, limit, current }. */
+  public details?: Record<string, unknown>;
+
+  constructor(message: string, options?: Partial<DRFApiError> & { code?: string; details?: Record<string, unknown> }) {
     super(message);
     this.name = 'ApiException';
     this.status = options?.status;
     this.statusText = options?.statusText;
     this.errors = options?.errors;
     this.detail = options?.detail;
+    this.code = options?.code;
+    this.details = options?.details;
   }
 
-  toJSON(): DRFApiError {
+  toJSON(): DRFApiError & { code?: string; details?: Record<string, unknown> } {
     return {
       message: this.message,
       detail: this.detail,
       status: this.status,
       statusText: this.statusText,
       errors: this.errors,
+      code: this.code,
+      details: this.details,
     };
   }
 }
@@ -41,7 +52,31 @@ export async function parseErrorResponse(response: Response): Promise<DRFApiErro
     try {
       const data = await response.json();
 
-      // Django REST Framework error format
+      // 1) Standardized response shape from apps.core.exceptions:
+      //    { error, code, statusCode, fieldErrors?, ...details } — the
+      //    'error' field carries the human message; 'code' is the machine
+      //    code (e.g. 'limit_reached'); any extra keys are structured
+      //    context the view stapled on (feature_key, limit, current, …).
+      //    Snake_case keys keep through camelCase transform too (already
+      //    converted by snakeToCamel before we get here when the client
+      //    applies it; both shapes handled here for safety).
+      if (typeof data === 'object' && data !== null && typeof (data.error ?? data.message) === 'string' && data.code) {
+        const reservedKeys = new Set(['error', 'code', 'statusCode', 'status_code', 'fieldErrors', 'field_errors', 'timestamp', 'requestId', 'request_id', 'detail']);
+        const extras: Record<string, unknown> = {};
+        for (const [k, v] of Object.entries(data as Record<string, unknown>)) {
+          if (!reservedKeys.has(k)) extras[k] = v;
+        }
+        return {
+          message: (data.error as string) ?? (data.message as string),
+          detail: (data.detail as string | undefined) ?? (data.error as string),
+          code: data.code as string,
+          details: Object.keys(extras).length > 0 ? extras : undefined,
+          status: response.status,
+          statusText: response.statusText,
+        };
+      }
+
+      // 2) Plain Django REST Framework error: { detail: '...' }
       if (data.detail) {
         return {
           detail: data.detail,
@@ -51,7 +86,7 @@ export async function parseErrorResponse(response: Response): Promise<DRFApiErro
         };
       }
 
-      // Validation errors format
+      // 3) Field-level validation errors: { email: ['...'], password: ['...'] }
       if (typeof data === 'object') {
         return {
           errors: data,

package/src/lib/errors.ts

@@ -70,8 +70,13 @@ export class AppError extends Error {
     this.details = details;
     this.isOperational = isOperational;
 
-    // Maintains proper stack trace for where our error was thrown
-    Error.captureStackTrace(this, this.constructor);
+    // Maintains proper stack trace where supported (V8/Hermes). Guarded and
+    // typed locally so the package stays portable to engines/tsconfigs without
+    // the Node-only Error.captureStackTrace global (e.g. React Native).
+    const captureStackTrace = (
+      Error as { captureStackTrace?: (target: object, ctor?: unknown) => void }
+    ).captureStackTrace;
+    captureStackTrace?.(this, this.constructor);
   }
 
   /**