@tiquo/dom-package 1.4.0 → 1.5.0

package/dist/index.d.mts

@@ -328,13 +328,14 @@ interface TiquoOrderItem {
 /**
  * An order belonging to the authenticated customer.
  *
- * Note: abandoned `lost_cart` orders are never returned — they're internal
- * marketing-recovery state, not part of the customer's purchase history.
+ * Note: `lost_cart` (abandoned) and `pending` (unprocessed/awaiting-payment)
+ * orders are never returned — they're internal state, not part of the
+ * customer's purchase history.
  */
 interface TiquoOrder {
     id: string;
     orderNumber: string;
-    status: 'draft' | 'pending' | 'processing' | 'completed' | 'cancelled' | 'refunded' | 'open_tab';
+    status: 'draft' | 'processing' | 'completed' | 'cancelled' | 'refunded' | 'open_tab';
     paymentStatus: 'pending' | 'paid' | 'partial' | 'refunded' | 'partially_refunded' | 'failed' | 'cancelled';
     total: number;
     subtotal: number;
@@ -423,16 +424,27 @@ interface TiquoReceipt {
     business: TiquoReceiptBusiness;
     customer: TiquoReceiptCustomer;
 }
+/**
+ * A booking belonging to the authenticated customer.
+ *
+ * Note: `draft` bookings (in-progress checkout state) are never returned —
+ * they're internal state, not part of the customer's booking history.
+ */
 interface TiquoBooking {
     id: string;
     bookingNumber: string;
-    status: 'draft' | 'scheduled' | 'confirmed' | 'reminder_sent' | 'waiting_room' | 'waiting_list' | 'checked_in' | 'active' | 'in_progress' | 'completed' | 'cancelled' | 'no_show' | 'rescheduled';
+    status: 'scheduled' | 'confirmed' | 'reminder_sent' | 'waiting_room' | 'waiting_list' | 'checked_in' | 'active' | 'in_progress' | 'completed' | 'cancelled' | 'no_show' | 'rescheduled';
     date: number;
     startTime: string;
     endTime: string;
     duration: number;
     timezone: string;
     attendeeCount: number;
+    /**
+     * Service title (e.g. "OJAS Listening Room"). Empty string when the
+     * underlying service has been deleted — render your own fallback if you
+     * need a non-empty display string.
+     */
     serviceName: string;
     serviceId: string;
     sublocationId: string;
@@ -480,6 +492,80 @@ interface GetEnquiriesResult {
     hasMore: boolean;
     nextCursor?: string;
 }
+type TiquoCompanyRelationship = 'employee' | 'contractor' | 'manager' | 'executive' | 'owner' | 'contact' | 'other';
+/**
+ * The authenticated customer's membership in a company. Each company the
+ * customer belongs to has its own membership record — a customer can be
+ * an admin of one company and a regular employee of another.
+ */
+interface TiquoCompanyMembership {
+    relationship: TiquoCompanyRelationship;
+    title?: string;
+    department?: string;
+    isPrimaryContact: boolean;
+    /** True when this customer can call `getCompanyColleagues(company.id)`. */
+    isCompanyAdmin: boolean;
+    startDate?: number;
+}
+/**
+ * A company the authenticated customer is a member of. Bundles the
+ * company's public-ish details with the caller's own role inside it
+ * (`membership`). CRM/financial fields are intentionally omitted.
+ */
+interface TiquoCompany {
+    id: string;
+    name: string;
+    displayName?: string;
+    companyNumber: string;
+    description?: string;
+    email?: string;
+    phone?: string;
+    website?: string;
+    websites?: string[];
+    logo?: string;
+    addressLine1?: string;
+    addressLine2?: string;
+    city?: string;
+    state?: string;
+    postalCode?: string;
+    country?: string;
+    industry?: string;
+    companySize?: '1-10' | '11-50' | '51-200' | '201-500' | '501-1000' | '1000+';
+    status: 'active' | 'inactive' | 'archived';
+    type?: 'client' | 'prospect' | 'vendor' | 'partner' | 'other';
+    membership: TiquoCompanyMembership;
+}
+interface GetCompaniesResult {
+    companies: TiquoCompany[];
+}
+/**
+ * A colleague — another customer in the same company. Returned only to
+ * Company Admins via `getCompanyColleagues()`. Limited to display-card
+ * info; CRM/financial data is never exposed.
+ */
+interface TiquoCompanyColleague {
+    id: string;
+    firstName?: string;
+    lastName?: string;
+    displayName?: string;
+    profilePhoto?: string;
+    email?: string;
+    phone?: string;
+    relationship: TiquoCompanyRelationship;
+    title?: string;
+    department?: string;
+    isPrimaryContact: boolean;
+    isCompanyAdmin: boolean;
+    /** True when this colleague is the authenticated customer themselves. */
+    isSelf: boolean;
+}
+interface GetCompanyColleaguesResult {
+    company: {
+        id: string;
+        name: string;
+    };
+    colleagues: TiquoCompanyColleague[];
+}
 type AuthStateChangeCallback = (session: TiquoSession | null) => void;
 declare class TiquoAuthError extends Error {
     code: string;
@@ -540,9 +626,10 @@ declare class TiquoAuth {
     /**
      * Get the authenticated customer's order history.
      *
-     * Returns orders across every status (draft, pending, processing, completed,
-     * cancelled, refunded, open_tab) — except `lost_cart`, which is internal
-     * marketing-recovery state and is never exposed to customers.
+     * Returns orders across most statuses (draft, processing, completed,
+     * cancelled, refunded, open_tab). `lost_cart` (abandoned) and `pending`
+     * (unprocessed/awaiting-payment) orders are never exposed — they're
+     * internal state, not purchase history.
      *
      * Pass `status` to filter to a single status; pass `cursor` (an order id
      * from a previous `nextCursor`) to paginate. Sorted most recent first.
@@ -561,6 +648,11 @@ declare class TiquoAuth {
      * Convenience wrapper around `getBookings({ upcoming: true })` for the
      * common "show me my upcoming bookings" case. Results are sorted
      * soonest-first.
+     *
+     * Only actionable future bookings are returned — `cancelled`, `no_show`,
+     * and `rescheduled` bookings are excluded even if their date is in the
+     * future, since they're effectively history. Use `getBookings()` without
+     * `upcoming: true` if you need those.
      */
     getUpcomingBookings(options?: Omit<GetBookingsOptions, 'upcoming'>): Promise<GetBookingsResult>;
     /**
@@ -585,6 +677,32 @@ declare class TiquoAuth {
      * Only returns enquiries for the logged-in customer
      */
     getEnquiries(options?: GetEnquiriesOptions): Promise<GetEnquiriesResult>;
+    /**
+     * Get the companies the authenticated customer belongs to.
+     *
+     * Each entry includes the customer's role inside that company via
+     * `membership` — branch on `membership.isCompanyAdmin` to decide whether
+     * to render admin features (e.g. a colleagues list).
+     *
+     * Returns an empty array (not an error) when the customer isn't a
+     * member of any company.
+     */
+    getCompanies(): Promise<GetCompaniesResult>;
+    /**
+     * Get the colleagues (other customers) inside a company the authenticated
+     * customer is a member of.
+     *
+     * Restricted to Company Admins — if the caller isn't flagged as
+     * `isCompanyAdmin` on that company, this throws `TiquoAuthError` with
+     * code `NOT_COMPANY_ADMIN` (status 403). Check `membership.isCompanyAdmin`
+     * from `getCompanies()` before calling this if you want to render the
+     * admin UI conditionally.
+     *
+     * Each colleague includes basic contact info and their relationship to
+     * the company. The authenticated customer is included in the list with
+     * `isSelf: true` so the UI can highlight or skip them.
+     */
+    getCompanyColleagues(companyId: string): Promise<GetCompanyColleaguesResult>;
     /**
      * Generate a short-lived token for customer flow iframe authentication
      */
@@ -678,6 +796,8 @@ declare function useTiquoAuth(auth: TiquoAuth): {
     getUpcomingBookings: (options?: Omit<GetBookingsOptions, "upcoming">) => Promise<GetBookingsResult>;
     getReceipt: (orderId: string) => Promise<TiquoReceipt>;
     getEnquiries: (options?: GetEnquiriesOptions) => Promise<GetEnquiriesResult>;
+    getCompanies: () => Promise<GetCompaniesResult>;
+    getCompanyColleagues: (companyId: string) => Promise<GetCompanyColleaguesResult>;
     getIframeToken: (flowId?: string) => Promise<IframeTokenResult>;
     embedCustomerFlow: (flowUrl: string, container: HTMLElement | string, options?: {
         width?: string;
@@ -740,4 +860,4 @@ declare class TiquoPhone {
     static buildPhone: typeof buildPhone;
 }
 
-export { type AuthStateChangeCallback, type CountryPhoneInfo, type GetBookingsOptions, type GetBookingsResult, type GetEnquiriesOptions, type GetEnquiriesResult, type GetOrdersOptions, type GetOrdersResult, type IframeTokenResult, type PhoneValidationResult, type ProfileUpdateData, type ProfileUpdateResult, type SendOTPResult, TiquoAuth, type TiquoAuthConfig, TiquoAuthError, type TiquoBooking, type TiquoCustomer, type TiquoCustomerEmail, type TiquoCustomerPhone, type TiquoEnquiry, type TiquoOrder, type TiquoOrderItem, TiquoPhone, type TiquoReceipt, type TiquoReceiptBusiness, type TiquoReceiptCustomer, type TiquoReceiptItem, type TiquoReceiptOrder, type TiquoSession, type TiquoUser, type VerifyOTPResult, addCustomerUserId, clearCachedEmail, TiquoAuth as default, getCustomerUserIds, getPrefilledEmailFromCookie, isDashboardSession, trackCustomerPresence, useTiquoAuth };
+export { type AuthStateChangeCallback, type CountryPhoneInfo, type GetBookingsOptions, type GetBookingsResult, type GetCompaniesResult, type GetCompanyColleaguesResult, type GetEnquiriesOptions, type GetEnquiriesResult, type GetOrdersOptions, type GetOrdersResult, type IframeTokenResult, type PhoneValidationResult, type ProfileUpdateData, type ProfileUpdateResult, type SendOTPResult, TiquoAuth, type TiquoAuthConfig, TiquoAuthError, type TiquoBooking, type TiquoCompany, type TiquoCompanyColleague, type TiquoCompanyMembership, type TiquoCompanyRelationship, type TiquoCustomer, type TiquoCustomerEmail, type TiquoCustomerPhone, type TiquoEnquiry, type TiquoOrder, type TiquoOrderItem, TiquoPhone, type TiquoReceipt, type TiquoReceiptBusiness, type TiquoReceiptCustomer, type TiquoReceiptItem, type TiquoReceiptOrder, type TiquoSession, type TiquoUser, type VerifyOTPResult, addCustomerUserId, clearCachedEmail, TiquoAuth as default, getCustomerUserIds, getPrefilledEmailFromCookie, isDashboardSession, trackCustomerPresence, useTiquoAuth };

package/dist/index.d.ts

@@ -328,13 +328,14 @@ interface TiquoOrderItem {
 /**
  * An order belonging to the authenticated customer.
  *
- * Note: abandoned `lost_cart` orders are never returned — they're internal
- * marketing-recovery state, not part of the customer's purchase history.
+ * Note: `lost_cart` (abandoned) and `pending` (unprocessed/awaiting-payment)
+ * orders are never returned — they're internal state, not part of the
+ * customer's purchase history.
  */
 interface TiquoOrder {
     id: string;
     orderNumber: string;
-    status: 'draft' | 'pending' | 'processing' | 'completed' | 'cancelled' | 'refunded' | 'open_tab';
+    status: 'draft' | 'processing' | 'completed' | 'cancelled' | 'refunded' | 'open_tab';
     paymentStatus: 'pending' | 'paid' | 'partial' | 'refunded' | 'partially_refunded' | 'failed' | 'cancelled';
     total: number;
     subtotal: number;
@@ -423,16 +424,27 @@ interface TiquoReceipt {
     business: TiquoReceiptBusiness;
     customer: TiquoReceiptCustomer;
 }
+/**
+ * A booking belonging to the authenticated customer.
+ *
+ * Note: `draft` bookings (in-progress checkout state) are never returned —
+ * they're internal state, not part of the customer's booking history.
+ */
 interface TiquoBooking {
     id: string;
     bookingNumber: string;
-    status: 'draft' | 'scheduled' | 'confirmed' | 'reminder_sent' | 'waiting_room' | 'waiting_list' | 'checked_in' | 'active' | 'in_progress' | 'completed' | 'cancelled' | 'no_show' | 'rescheduled';
+    status: 'scheduled' | 'confirmed' | 'reminder_sent' | 'waiting_room' | 'waiting_list' | 'checked_in' | 'active' | 'in_progress' | 'completed' | 'cancelled' | 'no_show' | 'rescheduled';
     date: number;
     startTime: string;
     endTime: string;
     duration: number;
     timezone: string;
     attendeeCount: number;
+    /**
+     * Service title (e.g. "OJAS Listening Room"). Empty string when the
+     * underlying service has been deleted — render your own fallback if you
+     * need a non-empty display string.
+     */
     serviceName: string;
     serviceId: string;
     sublocationId: string;
@@ -480,6 +492,80 @@ interface GetEnquiriesResult {
     hasMore: boolean;
     nextCursor?: string;
 }
+type TiquoCompanyRelationship = 'employee' | 'contractor' | 'manager' | 'executive' | 'owner' | 'contact' | 'other';
+/**
+ * The authenticated customer's membership in a company. Each company the
+ * customer belongs to has its own membership record — a customer can be
+ * an admin of one company and a regular employee of another.
+ */
+interface TiquoCompanyMembership {
+    relationship: TiquoCompanyRelationship;
+    title?: string;
+    department?: string;
+    isPrimaryContact: boolean;
+    /** True when this customer can call `getCompanyColleagues(company.id)`. */
+    isCompanyAdmin: boolean;
+    startDate?: number;
+}
+/**
+ * A company the authenticated customer is a member of. Bundles the
+ * company's public-ish details with the caller's own role inside it
+ * (`membership`). CRM/financial fields are intentionally omitted.
+ */
+interface TiquoCompany {
+    id: string;
+    name: string;
+    displayName?: string;
+    companyNumber: string;
+    description?: string;
+    email?: string;
+    phone?: string;
+    website?: string;
+    websites?: string[];
+    logo?: string;
+    addressLine1?: string;
+    addressLine2?: string;
+    city?: string;
+    state?: string;
+    postalCode?: string;
+    country?: string;
+    industry?: string;
+    companySize?: '1-10' | '11-50' | '51-200' | '201-500' | '501-1000' | '1000+';
+    status: 'active' | 'inactive' | 'archived';
+    type?: 'client' | 'prospect' | 'vendor' | 'partner' | 'other';
+    membership: TiquoCompanyMembership;
+}
+interface GetCompaniesResult {
+    companies: TiquoCompany[];
+}
+/**
+ * A colleague — another customer in the same company. Returned only to
+ * Company Admins via `getCompanyColleagues()`. Limited to display-card
+ * info; CRM/financial data is never exposed.
+ */
+interface TiquoCompanyColleague {
+    id: string;
+    firstName?: string;
+    lastName?: string;
+    displayName?: string;
+    profilePhoto?: string;
+    email?: string;
+    phone?: string;
+    relationship: TiquoCompanyRelationship;
+    title?: string;
+    department?: string;
+    isPrimaryContact: boolean;
+    isCompanyAdmin: boolean;
+    /** True when this colleague is the authenticated customer themselves. */
+    isSelf: boolean;
+}
+interface GetCompanyColleaguesResult {
+    company: {
+        id: string;
+        name: string;
+    };
+    colleagues: TiquoCompanyColleague[];
+}
 type AuthStateChangeCallback = (session: TiquoSession | null) => void;
 declare class TiquoAuthError extends Error {
     code: string;
@@ -540,9 +626,10 @@ declare class TiquoAuth {
     /**
      * Get the authenticated customer's order history.
      *
-     * Returns orders across every status (draft, pending, processing, completed,
-     * cancelled, refunded, open_tab) — except `lost_cart`, which is internal
-     * marketing-recovery state and is never exposed to customers.
+     * Returns orders across most statuses (draft, processing, completed,
+     * cancelled, refunded, open_tab). `lost_cart` (abandoned) and `pending`
+     * (unprocessed/awaiting-payment) orders are never exposed — they're
+     * internal state, not purchase history.
      *
      * Pass `status` to filter to a single status; pass `cursor` (an order id
      * from a previous `nextCursor`) to paginate. Sorted most recent first.
@@ -561,6 +648,11 @@ declare class TiquoAuth {
      * Convenience wrapper around `getBookings({ upcoming: true })` for the
      * common "show me my upcoming bookings" case. Results are sorted
      * soonest-first.
+     *
+     * Only actionable future bookings are returned — `cancelled`, `no_show`,
+     * and `rescheduled` bookings are excluded even if their date is in the
+     * future, since they're effectively history. Use `getBookings()` without
+     * `upcoming: true` if you need those.
      */
     getUpcomingBookings(options?: Omit<GetBookingsOptions, 'upcoming'>): Promise<GetBookingsResult>;
     /**
@@ -585,6 +677,32 @@ declare class TiquoAuth {
      * Only returns enquiries for the logged-in customer
      */
     getEnquiries(options?: GetEnquiriesOptions): Promise<GetEnquiriesResult>;
+    /**
+     * Get the companies the authenticated customer belongs to.
+     *
+     * Each entry includes the customer's role inside that company via
+     * `membership` — branch on `membership.isCompanyAdmin` to decide whether
+     * to render admin features (e.g. a colleagues list).
+     *
+     * Returns an empty array (not an error) when the customer isn't a
+     * member of any company.
+     */
+    getCompanies(): Promise<GetCompaniesResult>;
+    /**
+     * Get the colleagues (other customers) inside a company the authenticated
+     * customer is a member of.
+     *
+     * Restricted to Company Admins — if the caller isn't flagged as
+     * `isCompanyAdmin` on that company, this throws `TiquoAuthError` with
+     * code `NOT_COMPANY_ADMIN` (status 403). Check `membership.isCompanyAdmin`
+     * from `getCompanies()` before calling this if you want to render the
+     * admin UI conditionally.
+     *
+     * Each colleague includes basic contact info and their relationship to
+     * the company. The authenticated customer is included in the list with
+     * `isSelf: true` so the UI can highlight or skip them.
+     */
+    getCompanyColleagues(companyId: string): Promise<GetCompanyColleaguesResult>;
     /**
      * Generate a short-lived token for customer flow iframe authentication
      */
@@ -678,6 +796,8 @@ declare function useTiquoAuth(auth: TiquoAuth): {
     getUpcomingBookings: (options?: Omit<GetBookingsOptions, "upcoming">) => Promise<GetBookingsResult>;
     getReceipt: (orderId: string) => Promise<TiquoReceipt>;
     getEnquiries: (options?: GetEnquiriesOptions) => Promise<GetEnquiriesResult>;
+    getCompanies: () => Promise<GetCompaniesResult>;
+    getCompanyColleagues: (companyId: string) => Promise<GetCompanyColleaguesResult>;
     getIframeToken: (flowId?: string) => Promise<IframeTokenResult>;
     embedCustomerFlow: (flowUrl: string, container: HTMLElement | string, options?: {
         width?: string;
@@ -740,4 +860,4 @@ declare class TiquoPhone {
     static buildPhone: typeof buildPhone;
 }
 
-export { type AuthStateChangeCallback, type CountryPhoneInfo, type GetBookingsOptions, type GetBookingsResult, type GetEnquiriesOptions, type GetEnquiriesResult, type GetOrdersOptions, type GetOrdersResult, type IframeTokenResult, type PhoneValidationResult, type ProfileUpdateData, type ProfileUpdateResult, type SendOTPResult, TiquoAuth, type TiquoAuthConfig, TiquoAuthError, type TiquoBooking, type TiquoCustomer, type TiquoCustomerEmail, type TiquoCustomerPhone, type TiquoEnquiry, type TiquoOrder, type TiquoOrderItem, TiquoPhone, type TiquoReceipt, type TiquoReceiptBusiness, type TiquoReceiptCustomer, type TiquoReceiptItem, type TiquoReceiptOrder, type TiquoSession, type TiquoUser, type VerifyOTPResult, addCustomerUserId, clearCachedEmail, TiquoAuth as default, getCustomerUserIds, getPrefilledEmailFromCookie, isDashboardSession, trackCustomerPresence, useTiquoAuth };
+export { type AuthStateChangeCallback, type CountryPhoneInfo, type GetBookingsOptions, type GetBookingsResult, type GetCompaniesResult, type GetCompanyColleaguesResult, type GetEnquiriesOptions, type GetEnquiriesResult, type GetOrdersOptions, type GetOrdersResult, type IframeTokenResult, type PhoneValidationResult, type ProfileUpdateData, type ProfileUpdateResult, type SendOTPResult, TiquoAuth, type TiquoAuthConfig, TiquoAuthError, type TiquoBooking, type TiquoCompany, type TiquoCompanyColleague, type TiquoCompanyMembership, type TiquoCompanyRelationship, type TiquoCustomer, type TiquoCustomerEmail, type TiquoCustomerPhone, type TiquoEnquiry, type TiquoOrder, type TiquoOrderItem, TiquoPhone, type TiquoReceipt, type TiquoReceiptBusiness, type TiquoReceiptCustomer, type TiquoReceiptItem, type TiquoReceiptOrder, type TiquoSession, type TiquoUser, type VerifyOTPResult, addCustomerUserId, clearCachedEmail, TiquoAuth as default, getCustomerUserIds, getPrefilledEmailFromCookie, isDashboardSession, trackCustomerPresence, useTiquoAuth };

package/dist/index.js

@@ -921,9 +921,10 @@ var TiquoAuth = class {
   /**
    * Get the authenticated customer's order history.
    *
-   * Returns orders across every status (draft, pending, processing, completed,
-   * cancelled, refunded, open_tab) — except `lost_cart`, which is internal
-   * marketing-recovery state and is never exposed to customers.
+   * Returns orders across most statuses (draft, processing, completed,
+   * cancelled, refunded, open_tab). `lost_cart` (abandoned) and `pending`
+   * (unprocessed/awaiting-payment) orders are never exposed — they're
+   * internal state, not purchase history.
    *
    * Pass `status` to filter to a single status; pass `cursor` (an order id
    * from a previous `nextCursor`) to paginate. Sorted most recent first.
@@ -997,6 +998,11 @@ var TiquoAuth = class {
    * Convenience wrapper around `getBookings({ upcoming: true })` for the
    * common "show me my upcoming bookings" case. Results are sorted
    * soonest-first.
+   *
+   * Only actionable future bookings are returned — `cancelled`, `no_show`,
+   * and `rescheduled` bookings are excluded even if their date is in the
+   * future, since they're effectively history. Use `getBookings()` without
+   * `upcoming: true` if you need those.
    */
   async getUpcomingBookings(options) {
     return this.getBookings({ ...options, upcoming: true });
@@ -1068,6 +1074,67 @@ var TiquoAuth = class {
     const result = await response.json();
     return result.data || { enquiries: [], hasMore: false };
   }
+  /**
+   * Get the companies the authenticated customer belongs to.
+   *
+   * Each entry includes the customer's role inside that company via
+   * `membership` — branch on `membership.isCompanyAdmin` to decide whether
+   * to render admin features (e.g. a colleagues list).
+   *
+   * Returns an empty array (not an error) when the customer isn't a
+   * member of any company.
+   */
+  async getCompanies() {
+    await this.ensureValidToken();
+    this.log("Fetching customer companies");
+    const response = await fetch(`${this.config.apiEndpoint}/api/client/v1/companies`, {
+      method: "GET",
+      headers: {
+        "Authorization": `Bearer ${this.accessToken}`
+      },
+      credentials: "include"
+    });
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ error: "Failed to get companies" }));
+      throw new TiquoAuthError(error.error || "Failed to get companies", "GET_COMPANIES_FAILED", response.status);
+    }
+    const result = await response.json();
+    return result.data || { companies: [] };
+  }
+  /**
+   * Get the colleagues (other customers) inside a company the authenticated
+   * customer is a member of.
+   *
+   * Restricted to Company Admins — if the caller isn't flagged as
+   * `isCompanyAdmin` on that company, this throws `TiquoAuthError` with
+   * code `NOT_COMPANY_ADMIN` (status 403). Check `membership.isCompanyAdmin`
+   * from `getCompanies()` before calling this if you want to render the
+   * admin UI conditionally.
+   *
+   * Each colleague includes basic contact info and their relationship to
+   * the company. The authenticated customer is included in the list with
+   * `isSelf: true` so the UI can highlight or skip them.
+   */
+  async getCompanyColleagues(companyId) {
+    await this.ensureValidToken();
+    this.log("Fetching company colleagues for:", companyId);
+    const url = new URL(`${this.config.apiEndpoint}/api/client/v1/companies/colleagues`);
+    url.searchParams.set("companyId", companyId);
+    const response = await fetch(url.toString(), {
+      method: "GET",
+      headers: {
+        "Authorization": `Bearer ${this.accessToken}`
+      },
+      credentials: "include"
+    });
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ error: "Failed to get colleagues" }));
+      const code = response.status === 403 ? "NOT_COMPANY_ADMIN" : "GET_COLLEAGUES_FAILED";
+      throw new TiquoAuthError(error.error || "Failed to get colleagues", code, response.status);
+    }
+    const result = await response.json();
+    return result.data;
+  }
   /**
    * Generate a short-lived token for customer flow iframe authentication
    */
@@ -1639,6 +1706,8 @@ function useTiquoAuth(auth) {
     getUpcomingBookings: (options) => auth.getUpcomingBookings(options),
     getReceipt: (orderId) => auth.getReceipt(orderId),
     getEnquiries: (options) => auth.getEnquiries(options),
+    getCompanies: () => auth.getCompanies(),
+    getCompanyColleagues: (companyId) => auth.getCompanyColleagues(companyId),
     getIframeToken: (flowId) => auth.getIframeToken(flowId),
     embedCustomerFlow: auth.embedCustomerFlow.bind(auth),
     onAuthStateChange: (cb) => auth.onAuthStateChange(cb)

package/dist/index.mjs

@@ -885,9 +885,10 @@ var TiquoAuth = class {
   /**
    * Get the authenticated customer's order history.
    *
-   * Returns orders across every status (draft, pending, processing, completed,
-   * cancelled, refunded, open_tab) — except `lost_cart`, which is internal
-   * marketing-recovery state and is never exposed to customers.
+   * Returns orders across most statuses (draft, processing, completed,
+   * cancelled, refunded, open_tab). `lost_cart` (abandoned) and `pending`
+   * (unprocessed/awaiting-payment) orders are never exposed — they're
+   * internal state, not purchase history.
    *
    * Pass `status` to filter to a single status; pass `cursor` (an order id
    * from a previous `nextCursor`) to paginate. Sorted most recent first.
@@ -961,6 +962,11 @@ var TiquoAuth = class {
    * Convenience wrapper around `getBookings({ upcoming: true })` for the
    * common "show me my upcoming bookings" case. Results are sorted
    * soonest-first.
+   *
+   * Only actionable future bookings are returned — `cancelled`, `no_show`,
+   * and `rescheduled` bookings are excluded even if their date is in the
+   * future, since they're effectively history. Use `getBookings()` without
+   * `upcoming: true` if you need those.
    */
   async getUpcomingBookings(options) {
     return this.getBookings({ ...options, upcoming: true });
@@ -1032,6 +1038,67 @@ var TiquoAuth = class {
     const result = await response.json();
     return result.data || { enquiries: [], hasMore: false };
   }
+  /**
+   * Get the companies the authenticated customer belongs to.
+   *
+   * Each entry includes the customer's role inside that company via
+   * `membership` — branch on `membership.isCompanyAdmin` to decide whether
+   * to render admin features (e.g. a colleagues list).
+   *
+   * Returns an empty array (not an error) when the customer isn't a
+   * member of any company.
+   */
+  async getCompanies() {
+    await this.ensureValidToken();
+    this.log("Fetching customer companies");
+    const response = await fetch(`${this.config.apiEndpoint}/api/client/v1/companies`, {
+      method: "GET",
+      headers: {
+        "Authorization": `Bearer ${this.accessToken}`
+      },
+      credentials: "include"
+    });
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ error: "Failed to get companies" }));
+      throw new TiquoAuthError(error.error || "Failed to get companies", "GET_COMPANIES_FAILED", response.status);
+    }
+    const result = await response.json();
+    return result.data || { companies: [] };
+  }
+  /**
+   * Get the colleagues (other customers) inside a company the authenticated
+   * customer is a member of.
+   *
+   * Restricted to Company Admins — if the caller isn't flagged as
+   * `isCompanyAdmin` on that company, this throws `TiquoAuthError` with
+   * code `NOT_COMPANY_ADMIN` (status 403). Check `membership.isCompanyAdmin`
+   * from `getCompanies()` before calling this if you want to render the
+   * admin UI conditionally.
+   *
+   * Each colleague includes basic contact info and their relationship to
+   * the company. The authenticated customer is included in the list with
+   * `isSelf: true` so the UI can highlight or skip them.
+   */
+  async getCompanyColleagues(companyId) {
+    await this.ensureValidToken();
+    this.log("Fetching company colleagues for:", companyId);
+    const url = new URL(`${this.config.apiEndpoint}/api/client/v1/companies/colleagues`);
+    url.searchParams.set("companyId", companyId);
+    const response = await fetch(url.toString(), {
+      method: "GET",
+      headers: {
+        "Authorization": `Bearer ${this.accessToken}`
+      },
+      credentials: "include"
+    });
+    if (!response.ok) {
+      const error = await response.json().catch(() => ({ error: "Failed to get colleagues" }));
+      const code = response.status === 403 ? "NOT_COMPANY_ADMIN" : "GET_COLLEAGUES_FAILED";
+      throw new TiquoAuthError(error.error || "Failed to get colleagues", code, response.status);
+    }
+    const result = await response.json();
+    return result.data;
+  }
   /**
    * Generate a short-lived token for customer flow iframe authentication
    */
@@ -1603,6 +1670,8 @@ function useTiquoAuth(auth) {
     getUpcomingBookings: (options) => auth.getUpcomingBookings(options),
     getReceipt: (orderId) => auth.getReceipt(orderId),
     getEnquiries: (options) => auth.getEnquiries(options),
+    getCompanies: () => auth.getCompanies(),
+    getCompanyColleagues: (companyId) => auth.getCompanyColleagues(companyId),
     getIframeToken: (flowId) => auth.getIframeToken(flowId),
     embedCustomerFlow: auth.embedCustomerFlow.bind(auth),
     onAuthStateChange: (cb) => auth.onAuthStateChange(cb)

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@tiquo/dom-package",
-  "version": "1.4.0",
-  "description": "Tiquo SDK for third-party websites - authentication, customer profiles, orders, bookings, and enquiries",
+  "version": "1.5.0",
+  "description": "Tiquo SDK for third-party websites - authentication, customer profiles, orders, bookings, enquiries, receipts, and companies",
   "sideEffects": true,
   "publishConfig": {
     "access": "restricted"