@transcend-io/cli 4.36.0 → 4.37.0

package/README.md

@@ -53,6 +53,10 @@
     - [Authentication](#authentication-10)
     - [Arguments](#arguments-10)
     - [Usage](#usage-11)
+  - [tr-generate-api-keys](#tr-generate-api-keys)
+    - [Authentication](#authentication-11)
+    - [Arguments](#arguments-11)
+    - [Usage](#usage-12)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
@@ -1068,3 +1072,55 @@ Specifying the backend URL, needed for US hosted backend infrastructure.
 yarn tr-retry-request-data-silos --auth=$TRANSCEND_API_KEY --dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f --actions=ACCESS \
  --transcendUrl=https://api.us.transcend.io
 ```
+
+### tr-generate-api-keys
+
+This command allows for creating API keys across multiple Transcend instances. This is useful for customers that are managing many Transcend instances and need to regularly create, cycle or delete API keys across all of their instances. Unlike the other commands that rely on API key authentication, this command relies upon username/password authentication. This command will spit out the API keys into a [JSON file](./examples/api-keys.json), and that JSON file can be used in subsequent cli commands.
+
+#### Authentication
+
+In order to use this command, you will need to provide your email and password for the Transcend account. This command will only generate API keys for Transcend instances where you have the permission to "Manage API Keys".
+
+#### Arguments
+
+| Argument             | Description                                                                                                                                                  | Type               | Default                  | Required |
+| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------ | ------------------------ | -------- |
+| email                | The email address that you use to [log into Transcend](https://app.transcend.io/login).                                                                      | string             | N/A                      | true     |
+| password             | The password for your account login.                                                                                                                         | string             | N/A                      | true     |
+| apiKeyTitle          | The title of the API key being generated or destroyed.                                                                                                       | string             | N/A                      | true     |
+| file                 | The file where API keys should be written to.                                                                                                                | string - file-path | N/A                      | true     |
+| scopes               | The list of [scopes](https://docs.transcend.io/docs/security/access-control#scopes) that should be given to the API key.                                     | string[]           | N/A                      | true     |
+| deleteExistingApiKey | When true, if an API key exists with the specified "apiKeyTitle", the existing API key is deleted. When false, an error is thrown if API key already exists. | boolean            | true                     | false    |
+| createNewApiKey      | When true, new API keys will be created. Set to false if you simply want to delete all API keys with a title.                                                | boolean            | true                     | false    |
+| transcendUrl         | URL of the Transcend backend. Use https://api.us.transcend.io for US hosting.                                                                                | string - URL       | https://api.transcend.io | false    |
+
+#### Usage
+
+```sh
+yarn tr-generate-api-keys  --email=test@transcend.io --password=$TRANSCEND_PASSWORD \
+   --scopes="View Email Templates,View Data Map" --apiKeyTitle="CLI Usage Cross Instance Sync" -file=./working/auth.json
+```
+
+Specifying the backend URL, needed for US hosted backend infrastructure.
+
+```sh
+yarn tr-generate-api-keys  --email=test@transcend.io --password=$TRANSCEND_PASSWORD \
+   --scopes="View Email Templates,View Data Map" --apiKeyTitle="CLI Usage Cross Instance Sync" -file=./working/auth.json \
+   --transcendUrl=https://api.us.transcend.io
+```
+
+Delete all API keys with a certain title.
+
+```sh
+yarn tr-generate-api-keys  --email=test@transcend.io --password=$TRANSCEND_PASSWORD \
+   --scopes="View Email Templates,View Data Map" --apiKeyTitle="CLI Usage Cross Instance Sync" -file=./working/auth.json \
+   --createNewApiKey=false
+```
+
+Throw error if an API key already exists with that title, default behavior is to delete the existing API key and create a new one with that same title.
+
+```sh
+yarn tr-generate-api-keys  --email=test@transcend.io --password=$TRANSCEND_PASSWORD \
+   --scopes="View Email Templates,View Data Map" --apiKeyTitle="CLI Usage Cross Instance Sync" -file=./working/auth.json \
+   --deleteExistingApiKey=false
+```

package/build/api-keys/generateCrossAccountApiKeys.d.ts

@@ -0,0 +1,45 @@
+import { ScopeName } from '@transcend-io/privacy-types';
+export interface ApiKeyAndOrganization {
+    /** Name of instance */
+    organizationName: string;
+    /** API key */
+    apiKey: string;
+    /** Organization ID API key is for */
+    organizationId: string;
+}
+export interface ApiKeyGenerateError {
+    /** Name of instance */
+    organizationName: string;
+    /** Error */
+    error: string;
+    /** Organization ID API key is for */
+    organizationId: string;
+}
+/**
+ * Generate API keys across multiple transcend accounts
+ *
+ * @param options - Options
+ * @returns Number of API keys created
+ */
+export declare function generateCrossAccountApiKeys({ email, password, scopes, apiKeyTitle, deleteExistingApiKey, createNewApiKey, transcendUrl, }: {
+    /** Email address of user generating API keys */
+    email: string;
+    /** Password of user generating API keys */
+    password: string;
+    /** Title of the API create to create */
+    apiKeyTitle: string;
+    /** Title of the API create to create */
+    scopes: ScopeName[];
+    /** API URL for Transcend backend */
+    transcendUrl?: string;
+    /** When true delete existing API keys with that title, if set to false an API key exists with that title, an error is thrown */
+    deleteExistingApiKey?: boolean;
+    /** When true, generate new API keys, otherwise only will delete past API keys */
+    createNewApiKey?: boolean;
+}): Promise<{
+    /** Successfully generated */
+    apiKeys: ApiKeyAndOrganization[];
+    /** Error results */
+    errors: ApiKeyGenerateError[];
+}>;
+//# sourceMappingURL=generateCrossAccountApiKeys.d.ts.map

package/build/api-keys/generateCrossAccountApiKeys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"generateCrossAccountApiKeys.d.ts","sourceRoot":"","sources":["../../src/api-keys/generateCrossAccountApiKeys.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AAIxD,MAAM,WAAW,qBAAqB;IACpC,uBAAuB;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,cAAc;IACd,MAAM,EAAE,MAAM,CAAC;IACf,qCAAqC;IACrC,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,uBAAuB;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,YAAY;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,qCAAqC;IACrC,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;;;;GAKG;AACH,wBAAsB,2BAA2B,CAAC,EAChD,KAAK,EACL,QAAQ,EACR,MAAM,EACN,WAAW,EACX,oBAA2B,EAC3B,eAAsB,EACtB,YAAyC,GAC1C,EAAE;IACD,gDAAgD;IAChD,KAAK,EAAE,MAAM,CAAC;IACd,2CAA2C;IAC3C,QAAQ,EAAE,MAAM,CAAC;IACjB,wCAAwC;IACxC,WAAW,EAAE,MAAM,CAAC;IACpB,wCAAwC;IACxC,MAAM,EAAE,SAAS,EAAE,CAAC;IACpB,oCAAoC;IACpC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,gIAAgI;IAChI,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,iFAAiF;IACjF,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B,GAAG,OAAO,CAAC;IACV,6BAA6B;IAC7B,OAAO,EAAE,qBAAqB,EAAE,CAAC;IACjC,oBAAoB;IACpB,MAAM,EAAE,mBAAmB,EAAE,CAAC;CAC/B,CAAC,CA8HD"}

package/build/api-keys/generateCrossAccountApiKeys.js

@@ -0,0 +1,90 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateCrossAccountApiKeys = void 0;
+const bluebird_1 = require("bluebird");
+const graphql_1 = require("../graphql");
+const colors_1 = __importDefault(require("colors"));
+const logger_1 = require("../logger");
+/**
+ * Generate API keys across multiple transcend accounts
+ *
+ * @param options - Options
+ * @returns Number of API keys created
+ */
+async function generateCrossAccountApiKeys({ email, password, scopes, apiKeyTitle, deleteExistingApiKey = true, createNewApiKey = true, transcendUrl = 'https://api.transcend.io', }) {
+    // Create GraphQL client
+    const client = await (0, graphql_1.buildTranscendGraphQLClientGeneric)(transcendUrl, {});
+    // Login the user
+    logger_1.logger.info(colors_1.default.magenta('Logging in using email and password.'));
+    const { roles, loginCookie } = await (0, graphql_1.loginUser)(client, { email, password });
+    logger_1.logger.info(colors_1.default.green(`Successfully logged in and found ${roles.length} role${roles.length === 1 ? '' : 's'}!`));
+    // Save cookie to call route subsequent times
+    client.setHeaders({
+        Cookie: loginCookie,
+    });
+    // Save the resulting API keys
+    const results = [];
+    const errors = [];
+    // Generate API keys
+    logger_1.logger.info(colors_1.default.magenta(`Generating API keys with title: ${apiKeyTitle}, scopes: ${scopes.join(',')}.`));
+    // Map over each role
+    await (0, bluebird_1.mapSeries)(roles, async (role) => {
+        try {
+            // Log into the other instance
+            await (0, graphql_1.assumeRole)(client, { roleId: role.id, email });
+            // Grab API keys with that title
+            logger_1.logger.info(colors_1.default.magenta(`Checking if API key already exists in organization "${role.organization.name}" with title: "${apiKeyTitle}".`));
+            // Delete existing API key
+            const [apiKeyWithTitle] = await (0, graphql_1.fetchAllApiKeys)(client, [apiKeyTitle]);
+            if (apiKeyWithTitle && deleteExistingApiKey) {
+                logger_1.logger.info(colors_1.default.yellow(`Deleting existing API key in "${role.organization.name}" with title: "${apiKeyTitle}".`));
+                await (0, graphql_1.deleteApiKey)(client, apiKeyWithTitle.id);
+                logger_1.logger.info(colors_1.default.green(`Successfully deleted API key in "${role.organization.name}" with title: "${apiKeyTitle}".`));
+            }
+            else if (apiKeyWithTitle) {
+                // throw error if one exists but not configured to delete
+                throw new Error(`API key already exists with title: "${apiKeyTitle}"`);
+            }
+            // Create the API key
+            if (createNewApiKey) {
+                logger_1.logger.info(colors_1.default.magenta(`Creating API key in "${role.organization.name}" with title: "${apiKeyTitle}".`));
+                const { apiKey } = await (0, graphql_1.createApiKey)(client, {
+                    title: apiKeyTitle,
+                    scopes,
+                });
+                results.push({
+                    organizationName: role.organization.name,
+                    organizationId: role.organization.id,
+                    apiKey,
+                });
+                logger_1.logger.info(colors_1.default.green(`Successfully created API key in "${role.organization.name}" with title: "${apiKeyTitle}".`));
+            }
+            else {
+                // Delete only
+                results.push({
+                    organizationName: role.organization.name,
+                    organizationId: role.organization.id,
+                    apiKey: '',
+                });
+            }
+        }
+        catch (err) {
+            logger_1.logger.error(colors_1.default.red(`Failed to create API key in organization "${role.organization.name}"! - ${err.message}`));
+            errors.push({
+                organizationName: role.organization.name,
+                organizationId: role.organization.id,
+                error: err.message,
+            });
+        }
+    });
+    logger_1.logger.info(colors_1.default.green(`Successfully created ${results.length} API keys${results.length === 1 ? '' : 's'}`));
+    if (errors.length > 0) {
+        logger_1.logger.error(colors_1.default.red(`Failed to create ${errors.length} API key${errors.length === 1 ? '' : 's'}!`));
+    }
+    return { errors, apiKeys: results };
+}
+exports.generateCrossAccountApiKeys = generateCrossAccountApiKeys;
+//# sourceMappingURL=generateCrossAccountApiKeys.js.map

package/build/api-keys/generateCrossAccountApiKeys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generateCrossAccountApiKeys.js","sourceRoot":"","sources":["../../src/api-keys/generateCrossAccountApiKeys.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAqC;AACrC,wCAOoB;AAEpB,oDAA4B;AAC5B,sCAAmC;AAoBnC;;;;;GAKG;AACI,KAAK,UAAU,2BAA2B,CAAC,EAChD,KAAK,EACL,QAAQ,EACR,MAAM,EACN,WAAW,EACX,oBAAoB,GAAG,IAAI,EAC3B,eAAe,GAAG,IAAI,EACtB,YAAY,GAAG,0BAA0B,GAgB1C;IAMC,wBAAwB;IACxB,MAAM,MAAM,GAAG,MAAM,IAAA,4CAAkC,EAAC,YAAY,EAAE,EAAE,CAAC,CAAC;IAE1E,iBAAiB;IACjB,eAAM,CAAC,IAAI,CAAC,gBAAM,CAAC,OAAO,CAAC,sCAAsC,CAAC,CAAC,CAAC;IACpE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,GAAG,MAAM,IAAA,mBAAS,EAAC,MAAM,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC5E,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,KAAK,CACV,oCAAoC,KAAK,CAAC,MAAM,QAC9C,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAC5B,GAAG,CACJ,CACF,CAAC;IAEF,6CAA6C;IAC7C,MAAM,CAAC,UAAU,CAAC;QAChB,MAAM,EAAE,WAAW;KACpB,CAAC,CAAC;IAEH,8BAA8B;IAC9B,MAAM,OAAO,GAA4B,EAAE,CAAC;IAC5C,MAAM,MAAM,GAA0B,EAAE,CAAC;IAEzC,oBAAoB;IACpB,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,OAAO,CACZ,mCAAmC,WAAW,aAAa,MAAM,CAAC,IAAI,CACpE,GAAG,CACJ,GAAG,CACL,CACF,CAAC;IAEF,qBAAqB;IACrB,MAAM,IAAA,oBAAS,EAAC,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACpC,IAAI;YACF,8BAA8B;YAC9B,MAAM,IAAA,oBAAU,EAAC,MAAM,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAErD,gCAAgC;YAChC,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,OAAO,CACZ,uDAAuD,IAAI,CAAC,YAAY,CAAC,IAAI,kBAAkB,WAAW,IAAI,CAC/G,CACF,CAAC;YAEF,0BAA0B;YAC1B,MAAM,CAAC,eAAe,CAAC,GAAG,MAAM,IAAA,yBAAe,EAAC,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC;YACvE,IAAI,eAAe,IAAI,oBAAoB,EAAE;gBAC3C,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,MAAM,CACX,iCAAiC,IAAI,CAAC,YAAY,CAAC,IAAI,kBAAkB,WAAW,IAAI,CACzF,CACF,CAAC;gBACF,MAAM,IAAA,sBAAY,EAAC,MAAM,EAAE,eAAe,CAAC,EAAE,CAAC,CAAC;gBAC/C,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,KAAK,CACV,oCAAoC,IAAI,CAAC,YAAY,CAAC,IAAI,kBAAkB,WAAW,IAAI,CAC5F,CACF,CAAC;aACH;iBAAM,IAAI,eAAe,EAAE;gBAC1B,yDAAyD;gBACzD,MAAM,IAAI,KAAK,CAAC,uCAAuC,WAAW,GAAG,CAAC,CAAC;aACxE;YAED,qBAAqB;YACrB,IAAI,eAAe,EAAE;gBACnB,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,OAAO,CACZ,wBAAwB,IAAI,CAAC,YAAY,CAAC,IAAI,kBAAkB,WAAW,IAAI,CAChF,CACF,CAAC;gBACF,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAA,sBAAY,EAAC,MAAM,EAAE;oBAC5C,KAAK,EAAE,WAAW;oBAClB,MAAM;iBACP,CAAC,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC;oBACX,gBAAgB,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI;oBACxC,cAAc,EAAE,IAAI,CAAC,YAAY,CAAC,EAAE;oBACpC,MAAM;iBACP,CAAC,CAAC;gBACH,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,KAAK,CACV,oCAAoC,IAAI,CAAC,YAAY,CAAC,IAAI,kBAAkB,WAAW,IAAI,CAC5F,CACF,CAAC;aACH;iBAAM;gBACL,cAAc;gBACd,OAAO,CAAC,IAAI,CAAC;oBACX,gBAAgB,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI;oBACxC,cAAc,EAAE,IAAI,CAAC,YAAY,CAAC,EAAE;oBACpC,MAAM,EAAE,EAAE;iBACX,CAAC,CAAC;aACJ;SACF;QAAC,OAAO,GAAG,EAAE;YACZ,eAAM,CAAC,KAAK,CACV,gBAAM,CAAC,GAAG,CACR,6CAA6C,IAAI,CAAC,YAAY,CAAC,IAAI,QAAQ,GAAG,CAAC,OAAO,EAAE,CACzF,CACF,CAAC;YACF,MAAM,CAAC,IAAI,CAAC;gBACV,gBAAgB,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI;gBACxC,cAAc,EAAE,IAAI,CAAC,YAAY,CAAC,EAAE;gBACpC,KAAK,EAAE,GAAG,CAAC,OAAO;aACnB,CAAC,CAAC;SACJ;IACH,CAAC,CAAC,CAAC;IACH,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,KAAK,CACV,wBAAwB,OAAO,CAAC,MAAM,YACpC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAC9B,EAAE,CACH,CACF,CAAC;IAEF,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;QACrB,eAAM,CAAC,KAAK,CACV,gBAAM,CAAC,GAAG,CACR,oBAAoB,MAAM,CAAC,MAAM,WAC/B,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAC7B,GAAG,CACJ,CACF,CAAC;KACH;IAED,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AACtC,CAAC;AA1JD,kEA0JC"}

package/build/api-keys/index.d.ts

@@ -0,0 +1,2 @@
+export * from './generateCrossAccountApiKeys';
+//# sourceMappingURL=index.d.ts.map

package/build/api-keys/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/api-keys/index.ts"],"names":[],"mappings":"AAAA,cAAc,+BAA+B,CAAC"}

package/build/api-keys/index.js

@@ -0,0 +1,14 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./generateCrossAccountApiKeys"), exports);
+//# sourceMappingURL=index.js.map

package/build/api-keys/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/api-keys/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,gEAA8C"}

package/build/cli-generate-cross-account-api-keys.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cli-generate-cross-account-api-keys.d.ts.map

package/build/cli-generate-cross-account-api-keys.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli-generate-cross-account-api-keys.d.ts","sourceRoot":"","sources":["../src/cli-generate-cross-account-api-keys.ts"],"names":[],"mappings":""}

package/build/cli-generate-cross-account-api-keys.js

@@ -0,0 +1,87 @@
+#!/usr/bin/env node
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const yargs_parser_1 = __importDefault(require("yargs-parser"));
+const colors_1 = __importDefault(require("colors"));
+const fs_1 = require("fs");
+const keyBy_1 = __importDefault(require("lodash/keyBy"));
+const privacy_types_1 = require("@transcend-io/privacy-types");
+const logger_1 = require("./logger");
+const api_keys_1 = require("./api-keys");
+const SCOPES_BY_TITLE = (0, keyBy_1.default)(Object.entries(privacy_types_1.TRANSCEND_SCOPES).map(([name, value]) => ({
+    ...value,
+    name,
+})), 'title');
+const SCOPE_TITLES = Object.keys(SCOPES_BY_TITLE);
+/**
+ * Create API keys with the same set of scopes across multiple Transcend instances
+ *
+ * Requires the username and password of user with access to multiple instances.
+ *
+ * Dev Usage:
+ * yarn ts-node ./src/cli-generate-cross-account-api-keys.ts --email=test@transcend.io --email=NE8pGp$s8Gm4Mzb5 \
+ *   --apiKeyTitle="My Test Key" --scopes="View Email Templates,View Data Map" --file=./secrets.json
+ *
+ * Standard usage:
+ * yarn tr-generate-api-keys --email=test@transcend.io --password=NE8pGp$s8Gm4Mzb5 \
+ *   --apiKeyTitle="My Test Key" --scopes="View Email Templates,View Data Map" --file=./secrets.json
+ */
+async function main() {
+    // Parse command line arguments
+    const { transcendUrl = 'https://api.transcend.io', file, email, password, apiKeyTitle, scopes, deleteExistingApiKey = 'true', createNewApiKey = 'true', } = (0, yargs_parser_1.default)(process.argv.slice(2));
+    // Ensure file is passed
+    if (!file) {
+        logger_1.logger.error(colors_1.default.red('A file must be provided. You can specify using --file=./secrets.json'));
+        process.exit(1);
+    }
+    // Ensure email is passed
+    if (!email) {
+        logger_1.logger.error(colors_1.default.red('An email must be provided. You can specify using --email=asd123@test.com'));
+        process.exit(1);
+    }
+    // Ensure password is passed
+    if (!password) {
+        logger_1.logger.error(colors_1.default.red('A password must be provided. You can specify using --password=asd123'));
+        process.exit(1);
+    }
+    // Ensure apiKeyTitle is passed
+    if (!apiKeyTitle) {
+        logger_1.logger.error(colors_1.default.red('An API key title must be provided. You can specify using --apiKeyTitle="My Title"'));
+        process.exit(1);
+    }
+    // Ensure scopes is passed
+    if (!scopes) {
+        logger_1.logger.error(colors_1.default.red('Scopes must be provided. You can specify using --scopes="View Email Templates,View Data Map". ' +
+            `Expected one of: \n${SCOPE_TITLES.join('\n')}`));
+        process.exit(1);
+    }
+    // Validate scopes
+    const splitScopes = scopes.split(',');
+    const invalidScopes = splitScopes.filter((scopeTitle) => !SCOPES_BY_TITLE[scopeTitle]);
+    if (invalidScopes.length > 0) {
+        logger_1.logger.error(colors_1.default.red(`Failed to parse scopes:"${invalidScopes.join(',')}".\n` +
+            `Expected one of: \n${SCOPE_TITLES.join('\n')}`));
+        process.exit(1);
+    }
+    const scopeNames = splitScopes.map((scopeTitle) => SCOPES_BY_TITLE[scopeTitle].name);
+    // Upload privacy requests
+    const { errors, apiKeys } = await (0, api_keys_1.generateCrossAccountApiKeys)({
+        transcendUrl,
+        password,
+        email,
+        deleteExistingApiKey: deleteExistingApiKey !== 'false',
+        createNewApiKey: createNewApiKey !== 'false',
+        apiKeyTitle,
+        scopes: scopeNames,
+    });
+    // Write to disk
+    (0, fs_1.writeFileSync)(file, `${JSON.stringify(apiKeys, null, 2)}\n`);
+    if (errors.length > 0) {
+        process.exit(1);
+    }
+}
+main();
+//# sourceMappingURL=cli-generate-cross-account-api-keys.js.map

package/build/cli-generate-cross-account-api-keys.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli-generate-cross-account-api-keys.js","sourceRoot":"","sources":["../src/cli-generate-cross-account-api-keys.ts"],"names":[],"mappings":";;;;;;AAEA,gEAAiC;AACjC,oDAA4B;AAC5B,2BAAmC;AACnC,yDAAiC;AACjC,+DAA0E;AAE1E,qCAAkC;AAClC,yCAAyD;AAEzD,MAAM,eAAe,GAAG,IAAA,eAAK,EAC3B,MAAM,CAAC,OAAO,CAAC,gCAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,GAAG,KAAK;IACR,IAAI;CACL,CAAC,CAAC,EACH,OAAO,CACR,CAAC;AACF,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;AAElD;;;;;;;;;;;;GAYG;AACH,KAAK,UAAU,IAAI;IACjB,+BAA+B;IAC/B,MAAM,EACJ,YAAY,GAAG,0BAA0B,EACzC,IAAI,EACJ,KAAK,EACL,QAAQ,EACR,WAAW,EACX,MAAM,EACN,oBAAoB,GAAG,MAAM,EAC7B,eAAe,GAAG,MAAM,GACzB,GAAG,IAAA,sBAAK,EAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAA8B,CAAC;IAE9D,wBAAwB;IACxB,IAAI,CAAC,IAAI,EAAE;QACT,eAAM,CAAC,KAAK,CACV,gBAAM,CAAC,GAAG,CACR,sEAAsE,CACvE,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,yBAAyB;IACzB,IAAI,CAAC,KAAK,EAAE;QACV,eAAM,CAAC,KAAK,CACV,gBAAM,CAAC,GAAG,CACR,0EAA0E,CAC3E,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,4BAA4B;IAC5B,IAAI,CAAC,QAAQ,EAAE;QACb,eAAM,CAAC,KAAK,CACV,gBAAM,CAAC,GAAG,CACR,sEAAsE,CACvE,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,+BAA+B;IAC/B,IAAI,CAAC,WAAW,EAAE;QAChB,eAAM,CAAC,KAAK,CACV,gBAAM,CAAC,GAAG,CACR,mFAAmF,CACpF,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,0BAA0B;IAC1B,IAAI,CAAC,MAAM,EAAE;QACX,eAAM,CAAC,KAAK,CACV,gBAAM,CAAC,GAAG,CACR,gGAAgG;YAC9F,sBAAsB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAClD,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,kBAAkB;IAClB,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CACtC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,eAAe,CAAC,UAAU,CAAC,CAC7C,CAAC;IACF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;QAC5B,eAAM,CAAC,KAAK,CACV,gBAAM,CAAC,GAAG,CACR,2BAA2B,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM;YACtD,sBAAsB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAClD,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IAED,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,CAChC,CAAC,UAAU,EAAE,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAiB,CAC9D,CAAC;IAEF,0BAA0B;IAC1B,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,sCAA2B,EAAC;QAC5D,YAAY;QACZ,QAAQ;QACR,KAAK;QACL,oBAAoB,EAAE,oBAAoB,KAAK,OAAO;QACtD,eAAe,EAAE,eAAe,KAAK,OAAO;QAC5C,WAAW;QACX,MAAM,EAAE,UAAU;KACnB,CAAC,CAAC;IAEH,gBAAgB;IAChB,IAAA,kBAAa,EAAC,IAAI,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;IAC7D,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;AACH,CAAC;AAED,IAAI,EAAE,CAAC"}

package/build/graphql/buildTranscendGraphQLClient.d.ts

@@ -3,6 +3,14 @@ import { GraphQLClient } from 'graphql-request';
  * Create a GraphQL client
  *
  * @param transcendUrl - Transcend API URL
+ * @param headers - Request headers to include in each request
+ * @returns GraphQL client
+ */
+export declare function buildTranscendGraphQLClientGeneric(transcendUrl: string, headers: Record<string, string>): GraphQLClient;
+/**
+ * Create a GraphQL client capable of submitting requests with an API key
+ *
+ * @param transcendUrl - Transcend API URL
  * @param auth - API key to authenticate to API
  * @returns GraphQL client
  */

package/build/graphql/buildTranscendGraphQLClient.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"buildTranscendGraphQLClient.d.ts","sourceRoot":"","sources":["../../src/graphql/buildTranscendGraphQLClient.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD;;;;;;GAMG;AACH,wBAAgB,2BAA2B,CACzC,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,MAAM,GACX,aAAa,CAUf"}
+{"version":3,"file":"buildTranscendGraphQLClient.d.ts","sourceRoot":"","sources":["../../src/graphql/buildTranscendGraphQLClient.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD;;;;;;GAMG;AACH,wBAAgB,kCAAkC,CAChD,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAC9B,aAAa,CAUf;AAED;;;;;;GAMG;AACH,wBAAgB,2BAA2B,CACzC,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,MAAM,GACX,aAAa,CAIf"}

package/build/graphql/buildTranscendGraphQLClient.js

@@ -1,24 +1,37 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.buildTranscendGraphQLClient = void 0;
+exports.buildTranscendGraphQLClient = exports.buildTranscendGraphQLClientGeneric = void 0;
 const graphql_request_1 = require("graphql-request");
 /**
  * Create a GraphQL client
  *
  * @param transcendUrl - Transcend API URL
- * @param auth - API key to authenticate to API
+ * @param headers - Request headers to include in each request
  * @returns GraphQL client
  */
-function buildTranscendGraphQLClient(transcendUrl, auth) {
+function buildTranscendGraphQLClientGeneric(transcendUrl, headers) {
     // Create a GraphQL client
     // eslint-disable-next-line global-require
     const { version } = require('../../package.json');
     return new graphql_request_1.GraphQLClient(`${transcendUrl}/graphql`, {
         headers: {
-            Authorization: `Bearer ${auth}`,
+            ...headers,
             version,
         },
     });
 }
+exports.buildTranscendGraphQLClientGeneric = buildTranscendGraphQLClientGeneric;
+/**
+ * Create a GraphQL client capable of submitting requests with an API key
+ *
+ * @param transcendUrl - Transcend API URL
+ * @param auth - API key to authenticate to API
+ * @returns GraphQL client
+ */
+function buildTranscendGraphQLClient(transcendUrl, auth) {
+    return buildTranscendGraphQLClientGeneric(transcendUrl, {
+        Authorization: `Bearer ${auth}`,
+    });
+}
 exports.buildTranscendGraphQLClient = buildTranscendGraphQLClient;
 //# sourceMappingURL=buildTranscendGraphQLClient.js.map

package/build/graphql/buildTranscendGraphQLClient.js.map

@@ -1 +1 @@
-{"version":3,"file":"buildTranscendGraphQLClient.js","sourceRoot":"","sources":["../../src/graphql/buildTranscendGraphQLClient.ts"],"names":[],"mappings":";;;AAAA,qDAAgD;AAEhD;;;;;;GAMG;AACH,SAAgB,2BAA2B,CACzC,YAAoB,EACpB,IAAY;IAEZ,0BAA0B;IAC1B,0CAA0C;IAC1C,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAClD,OAAO,IAAI,+BAAa,CAAC,GAAG,YAAY,UAAU,EAAE;QAClD,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,IAAI,EAAE;YAC/B,OAAO;SACR;KACF,CAAC,CAAC;AACL,CAAC;AAbD,kEAaC"}
+{"version":3,"file":"buildTranscendGraphQLClient.js","sourceRoot":"","sources":["../../src/graphql/buildTranscendGraphQLClient.ts"],"names":[],"mappings":";;;AAAA,qDAAgD;AAEhD;;;;;;GAMG;AACH,SAAgB,kCAAkC,CAChD,YAAoB,EACpB,OAA+B;IAE/B,0BAA0B;IAC1B,0CAA0C;IAC1C,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAClD,OAAO,IAAI,+BAAa,CAAC,GAAG,YAAY,UAAU,EAAE;QAClD,OAAO,EAAE;YACP,GAAG,OAAO;YACV,OAAO;SACR;KACF,CAAC,CAAC;AACL,CAAC;AAbD,gFAaC;AAED;;;;;;GAMG;AACH,SAAgB,2BAA2B,CACzC,YAAoB,EACpB,IAAY;IAEZ,OAAO,kCAAkC,CAAC,YAAY,EAAE;QACtD,aAAa,EAAE,UAAU,IAAI,EAAE;KAChC,CAAC,CAAC;AACL,CAAC;AAPD,kEAOC"}

package/build/graphql/fetchApiKeys.d.ts

@@ -6,6 +6,14 @@ export interface ApiKey {
     /** Title of API key */
     title: string;
 }
+/**
+ * Fetch all API keys in an organization
+ *
+ * @param client - Client
+ * @param titles - Filter on titles
+ * @returns API keys
+ */
+export declare function fetchAllApiKeys(client: GraphQLClient, titles?: string[]): Promise<ApiKey[]>;
 /**
  * Fetch all apiKeys and if any are found in the config that are
  * missing, create those apiKeys.

package/build/graphql/fetchApiKeys.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"fetchApiKeys.d.ts","sourceRoot":"","sources":["../../src/graphql/fetchApiKeys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAOhD,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAG3C,MAAM,WAAW,MAAM;IACrB,oBAAoB;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,uBAAuB;IACvB,KAAK,EAAE,MAAM,CAAC;CACf;AAMD;;;;;;;;GAQG;AACH,wBAAsB,YAAY,CAChC,EACE,UAAU,EAAE,YAAiB,EAC7B,YAAY,EAAE,SAAc,GAC7B,EAAE,cAAc,EACjB,MAAM,EAAE,aAAa,EACrB,QAAQ,UAAQ,GACf,OAAO,CAAC;KAAG,CAAC,IAAI,MAAM,GAAG,MAAM;CAAE,CAAC,CAkDpC"}
+{"version":3,"file":"fetchApiKeys.d.ts","sourceRoot":"","sources":["../../src/graphql/fetchApiKeys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAOhD,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAG3C,MAAM,WAAW,MAAM;IACrB,oBAAoB;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,uBAAuB;IACvB,KAAK,EAAE,MAAM,CAAC;CACf;AAMD;;;;;;GAMG;AACH,wBAAsB,eAAe,CACnC,MAAM,EAAE,aAAa,EACrB,MAAM,CAAC,EAAE,MAAM,EAAE,GAChB,OAAO,CAAC,MAAM,EAAE,CAAC,CAoBnB;AAED;;;;;;;;GAQG;AACH,wBAAsB,YAAY,CAChC,EACE,UAAU,EAAE,YAAiB,EAC7B,YAAY,EAAE,SAAc,GAC7B,EAAE,cAAc,EACjB,MAAM,EAAE,aAAa,EACrB,QAAQ,UAAQ,GACf,OAAO,CAAC;KAAG,CAAC,IAAI,MAAM,GAAG,MAAM;CAAE,CAAC,CAiCpC"}

package/build/graphql/fetchApiKeys.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.fetchApiKeys = void 0;
+exports.fetchApiKeys = exports.fetchAllApiKeys = void 0;
 const gqls_1 = require("./gqls");
 const keyBy_1 = __importDefault(require("lodash/keyBy"));
 const uniq_1 = __importDefault(require("lodash/uniq"));
@@ -14,17 +14,13 @@ const makeGraphQLRequest_1 = require("./makeGraphQLRequest");
 const PAGE_SIZE = 20;
 const ADMIN_LINK = 'https://app.transcend.io/infrastructure/api-keys';
 /**
- * Fetch all apiKeys and if any are found in the config that are
- * missing, create those apiKeys.
+ * Fetch all API keys in an organization
  *
- * @param apiKeyInputs - API keys to fetch metadata on
- * @param client - GraphQL client
- * @param fetchAll - When true, fetch all API keys
- * @returns A map from apiKey title to Identifier
+ * @param client - Client
+ * @param titles - Filter on titles
+ * @returns API keys
  */
-async function fetchApiKeys({ 'api-keys': apiKeyInputs = [], 'data-silos': dataSilos = [], }, client, fetchAll = false) {
-    logger_1.logger.info(colors_1.default.magenta(`Fetching ${fetchAll ? 'all' : apiKeyInputs.length} API keys...`));
-    const titles = apiKeyInputs.map(({ title }) => title);
+async function fetchAllApiKeys(client, titles) {
     const apiKeys = [];
     let offset = 0;
     // Paginate
@@ -35,12 +31,28 @@ async function fetchApiKeys({ 'api-keys': apiKeyInputs = [], 'data-silos': dataS
          } = await (0, makeGraphQLRequest_1.makeGraphQLRequest)(client, gqls_1.API_KEYS, {
             first: PAGE_SIZE,
             offset,
-            titles: fetchAll ? undefined : titles,
+            titles,
         });
         apiKeys.push(...nodes);
         offset += PAGE_SIZE;
         shouldContinue = nodes.length === PAGE_SIZE;
     } while (shouldContinue);
+    return apiKeys;
+}
+exports.fetchAllApiKeys = fetchAllApiKeys;
+/**
+ * Fetch all apiKeys and if any are found in the config that are
+ * missing, create those apiKeys.
+ *
+ * @param apiKeyInputs - API keys to fetch metadata on
+ * @param client - GraphQL client
+ * @param fetchAll - When true, fetch all API keys
+ * @returns A map from apiKey title to Identifier
+ */
+async function fetchApiKeys({ 'api-keys': apiKeyInputs = [], 'data-silos': dataSilos = [], }, client, fetchAll = false) {
+    logger_1.logger.info(colors_1.default.magenta(`Fetching ${fetchAll ? 'all' : apiKeyInputs.length} API keys...`));
+    const titles = apiKeyInputs.map(({ title }) => title);
+    const apiKeys = await fetchAllApiKeys(client, fetchAll ? undefined : titles);
     // Create a map
     const apiKeysByTitle = (0, keyBy_1.default)(apiKeys, 'title');
     // Determine expected set of apiKeys expected

package/build/graphql/fetchApiKeys.js.map

@@ -1 +1 @@
-{"version":3,"file":"fetchApiKeys.js","sourceRoot":"","sources":["../../src/graphql/fetchApiKeys.ts"],"names":[],"mappings":";;;;;;AACA,iCAAkC;AAClC,yDAAiC;AACjC,uDAA+B;AAC/B,mEAA2C;AAC3C,sCAAmC;AACnC,oDAA4B;AAE5B,6DAA0D;AAS1D,MAAM,SAAS,GAAG,EAAE,CAAC;AAErB,MAAM,UAAU,GAAG,kDAAkD,CAAC;AAEtE;;;;;;;;GAQG;AACI,KAAK,UAAU,YAAY,CAChC,EACE,UAAU,EAAE,YAAY,GAAG,EAAE,EAC7B,YAAY,EAAE,SAAS,GAAG,EAAE,GACb,EACjB,MAAqB,EACrB,QAAQ,GAAG,KAAK;IAEhB,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,OAAO,CACZ,YAAY,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,cAAc,CACjE,CACF,CAAC;IACF,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IACtD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,MAAM,GAAG,CAAC,CAAC;IAEf,WAAW;IACX,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,GAAG;QACD,MAAM,EACJ,OAAO,EAAE,EAAE,KAAK,EAAE;QAClB,4CAA4C;UAC7C,GAAG,MAAM,IAAA,uCAAkB,EAAC,MAAM,EAAE,eAAQ,EAAE;YAC7C,KAAK,EAAE,SAAS;YAChB,MAAM;YACN,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM;SACtC,CAAC,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;QACvB,MAAM,IAAI,SAAS,CAAC;QACpB,cAAc,GAAG,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC;KAC7C,QAAQ,cAAc,EAAE;IAEzB,eAAe;IACf,MAAM,cAAc,GAAG,IAAA,eAAK,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAE/C,6CAA6C;IAC7C,MAAM,oBAAoB,GAAG,IAAA,cAAI,EAC/B,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAClE,CAAC;IACF,MAAM,cAAc,GAAG,IAAA,oBAAU,EAC/B,oBAAoB,EACpB,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,CAClC,CAAC;IAEF,+CAA+C;IAC/C,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE;QAC7B,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,GAAG,CACR,4BAA4B,cAAc,CAAC,IAAI,CAC7C,MAAM,CACP,+CAA+C,UAAU,EAAE,CAC7D,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IACD,OAAO,cAAc,CAAC;AACxB,CAAC;AAzDD,oCAyDC"}
+{"version":3,"file":"fetchApiKeys.js","sourceRoot":"","sources":["../../src/graphql/fetchApiKeys.ts"],"names":[],"mappings":";;;;;;AACA,iCAAkC;AAClC,yDAAiC;AACjC,uDAA+B;AAC/B,mEAA2C;AAC3C,sCAAmC;AACnC,oDAA4B;AAE5B,6DAA0D;AAS1D,MAAM,SAAS,GAAG,EAAE,CAAC;AAErB,MAAM,UAAU,GAAG,kDAAkD,CAAC;AAEtE;;;;;;GAMG;AACI,KAAK,UAAU,eAAe,CACnC,MAAqB,EACrB,MAAiB;IAEjB,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,MAAM,GAAG,CAAC,CAAC;IAEf,WAAW;IACX,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,GAAG;QACD,MAAM,EACJ,OAAO,EAAE,EAAE,KAAK,EAAE;QAClB,4CAA4C;UAC7C,GAAG,MAAM,IAAA,uCAAkB,EAAC,MAAM,EAAE,eAAQ,EAAE;YAC7C,KAAK,EAAE,SAAS;YAChB,MAAM;YACN,MAAM;SACP,CAAC,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;QACvB,MAAM,IAAI,SAAS,CAAC;QACpB,cAAc,GAAG,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC;KAC7C,QAAQ,cAAc,EAAE;IACzB,OAAO,OAAO,CAAC;AACjB,CAAC;AAvBD,0CAuBC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,YAAY,CAChC,EACE,UAAU,EAAE,YAAY,GAAG,EAAE,EAC7B,YAAY,EAAE,SAAS,GAAG,EAAE,GACb,EACjB,MAAqB,EACrB,QAAQ,GAAG,KAAK;IAEhB,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,OAAO,CACZ,YAAY,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,cAAc,CACjE,CACF,CAAC;IACF,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IACtD,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IAE7E,eAAe;IACf,MAAM,cAAc,GAAG,IAAA,eAAK,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAE/C,6CAA6C;IAC7C,MAAM,oBAAoB,GAAG,IAAA,cAAI,EAC/B,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAClE,CAAC;IACF,MAAM,cAAc,GAAG,IAAA,oBAAU,EAC/B,oBAAoB,EACpB,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,CAClC,CAAC;IAEF,+CAA+C;IAC/C,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE;QAC7B,eAAM,CAAC,IAAI,CACT,gBAAM,CAAC,GAAG,CACR,4BAA4B,cAAc,CAAC,IAAI,CAC7C,MAAM,CACP,+CAA+C,UAAU,EAAE,CAC7D,CACF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;KACjB;IACD,OAAO,cAAc,CAAC;AACxB,CAAC;AAxCD,oCAwCC"}

package/build/graphql/gqls/apiKey.d.ts

@@ -1,2 +1,4 @@
 export declare const API_KEYS: string;
+export declare const CREATE_API_KEY: string;
+export declare const DELETE_API_KEY: string;
 //# sourceMappingURL=apiKey.d.ts.map

package/build/graphql/gqls/apiKey.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"apiKey.d.ts","sourceRoot":"","sources":["../../../src/graphql/gqls/apiKey.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,QAAQ,QASpB,CAAC"}
+{"version":3,"file":"apiKey.d.ts","sourceRoot":"","sources":["../../../src/graphql/gqls/apiKey.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,QAAQ,QASpB,CAAC;AAEF,eAAO,MAAM,cAAc,QAU1B,CAAC;AAEF,eAAO,MAAM,cAAc,QAM1B,CAAC"}

package/build/graphql/gqls/apiKey.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.API_KEYS = void 0;
+exports.DELETE_API_KEY = exports.CREATE_API_KEY = exports.API_KEYS = void 0;
 const graphql_request_1 = require("graphql-request");
 exports.API_KEYS = (0, graphql_request_1.gql) `
   query TranscendCliApiKeys($first: Int!, $offset: Int!, $titles: [String!]) {
@@ -12,4 +12,22 @@ exports.API_KEYS = (0, graphql_request_1.gql) `
     }
   }
 `;
+exports.CREATE_API_KEY = (0, graphql_request_1.gql) `
+  mutation TranscendCliCreateApiKey($input: ApiKeyInput!) {
+    createApiKey(input: $input) {
+      apiKey {
+        id
+        apiKey
+        title
+      }
+    }
+  }
+`;
+exports.DELETE_API_KEY = (0, graphql_request_1.gql) `
+  mutation TranscendCliDeleteApiKey($id: ID!) {
+    deleteApiKey(id: $id) {
+      clientMutationId
+    }
+  }
+`;
 //# sourceMappingURL=apiKey.js.map

package/build/graphql/gqls/apiKey.js.map

@@ -1 +1 @@
-{"version":3,"file":"apiKey.js","sourceRoot":"","sources":["../../../src/graphql/gqls/apiKey.ts"],"names":[],"mappings":";;;AAAA,qDAAsC;AAEzB,QAAA,QAAQ,GAAG,IAAA,qBAAG,EAAA;;;;;;;;;CAS1B,CAAC"}
+{"version":3,"file":"apiKey.js","sourceRoot":"","sources":["../../../src/graphql/gqls/apiKey.ts"],"names":[],"mappings":";;;AAAA,qDAAsC;AAEzB,QAAA,QAAQ,GAAG,IAAA,qBAAG,EAAA;;;;;;;;;CAS1B,CAAC;AAEW,QAAA,cAAc,GAAG,IAAA,qBAAG,EAAA;;;;;;;;;;CAUhC,CAAC;AAEW,QAAA,cAAc,GAAG,IAAA,qBAAG,EAAA;;;;;;CAMhC,CAAC"}

package/build/graphql/gqls/auth.d.ts

@@ -0,0 +1,4 @@
+export declare const DETERMINE_LOGIN_METHOD: string;
+export declare const LOGIN: string;
+export declare const ASSUME_ROLE: string;
+//# sourceMappingURL=auth.d.ts.map

package/build/graphql/gqls/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/graphql/gqls/auth.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,sBAAsB,QASlC,CAAC;AAEF,eAAO,MAAM,KAAK,QAsBjB,CAAC;AAEF,eAAO,MAAM,WAAW,QAMvB,CAAC"}

package/build/graphql/gqls/auth.js

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ASSUME_ROLE = exports.LOGIN = exports.DETERMINE_LOGIN_METHOD = void 0;
+const graphql_request_1 = require("graphql-request");
+exports.DETERMINE_LOGIN_METHOD = (0, graphql_request_1.gql) `
+  mutation TranscendCliDetermineLoginMethod($email: String!) {
+    determineLoginMethod(input: { email: $email }) {
+      loginMethod {
+        email
+        sombraPublicKey
+      }
+    }
+  }
+`;
+exports.LOGIN = (0, graphql_request_1.gql) `
+  mutation TranscendCliLogin(
+    $email: String!
+    $password: String!
+    $publicKey: String!
+  ) {
+    login(
+      input: { email: $email, password: $password }
+      publicKey: $publicKey
+    ) {
+      user {
+        roles {
+          id
+          organization {
+            name
+            id
+            uri
+          }
+        }
+      }
+    }
+  }
+`;
+exports.ASSUME_ROLE = (0, graphql_request_1.gql) `
+  mutation TranscendCliAssumeRole($id: ID!, $publicKey: String!) {
+    assumeRole(id: $id, publicKey: $publicKey) {
+      clientMutationId
+    }
+  }
+`;
+//# sourceMappingURL=auth.js.map

package/build/graphql/gqls/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/graphql/gqls/auth.ts"],"names":[],"mappings":";;;AAAA,qDAAsC;AAEzB,QAAA,sBAAsB,GAAG,IAAA,qBAAG,EAAA;;;;;;;;;CASxC,CAAC;AAEW,QAAA,KAAK,GAAG,IAAA,qBAAG,EAAA;;;;;;;;;;;;;;;;;;;;;;CAsBvB,CAAC;AAEW,QAAA,WAAW,GAAG,IAAA,qBAAG,EAAA;;;;;;CAM7B,CAAC"}

package/build/graphql/gqls/index.d.ts

@@ -16,4 +16,5 @@ export * from './attribute';
 export * from './consentManager';
 export * from './businessEntity';
 export * from './action';
+export * from './auth';
 //# sourceMappingURL=index.d.ts.map