@zapier/zapier-sdk-cli 0.49.1 → 0.51.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/CHANGELOG.md +28 -0
  2. package/README.md +26 -25
  3. package/dist/cli.cjs +50 -10
  4. package/dist/cli.mjs +50 -10
  5. package/dist/experimental.cjs +31 -8
  6. package/dist/experimental.mjs +31 -8
  7. package/dist/index.cjs +32 -9
  8. package/dist/index.mjs +32 -9
  9. package/dist/package.json +2 -1
  10. package/dist/src/plugins/login/index.d.ts +1 -0
  11. package/dist/src/plugins/login/index.js +9 -2
  12. package/dist/src/plugins/login/schemas.d.ts +1 -0
  13. package/dist/src/plugins/login/schemas.js +4 -0
  14. package/dist/src/utils/auth/client-credentials.d.ts +11 -1
  15. package/dist/src/utils/auth/client-credentials.js +18 -4
  16. package/dist/src/utils/parameter-resolver.d.ts +21 -0
  17. package/dist/src/utils/parameter-resolver.js +41 -1
  18. package/dist/tsconfig.tsbuildinfo +1 -1
  19. package/package.json +4 -3
package/CHANGELOG.md CHANGED
@@ -1,5 +1,33 @@
1
1
  # @zapier/zapier-sdk-cli
2
2
 
3
+ ## 0.51.0
4
+
5
+ ### Minor Changes
6
+
7
+ - d2aa0e9: Allow opting into approvals during login
8
+
9
+ ### Patch Changes
10
+
11
+ - Updated dependencies [d2aa0e9]
12
+ - @zapier/zapier-sdk@0.56.0
13
+ - @zapier/zapier-sdk-mcp@0.13.8
14
+
15
+ ## 0.50.0
16
+
17
+ ### Minor Changes
18
+
19
+ - ce779d1: Add `hint?: string | string[]` to `PromptConfig.choices`. The CLI renders it after the choice's `name` as dimmed parens; an unset `hint` with a primitive `value` auto-renders the value.
20
+
21
+ All built-in resolvers migrate to the new shape, so existing dropdowns get small visual cleanups (dim parens, no `ID:` prefix, dash converted to parens, em-dash in `tableRecordId` gone).
22
+
23
+ Plugin authors who embed the value in `name` (e.g. `"Foo (${id})"`) should drop the embedded parens; the auto-default appends a second otherwise.
24
+
25
+ ### Patch Changes
26
+
27
+ - Updated dependencies [ce779d1]
28
+ - @zapier/zapier-sdk@0.55.0
29
+ - @zapier/zapier-sdk-mcp@0.13.7
30
+
3
31
  ## 0.49.1
4
32
 
5
33
  ### Patch Changes
package/README.md CHANGED
@@ -134,27 +134,27 @@ npx zapier-sdk fetch "https://gmail.googleapis.com/gmail/v1/users/me/labels" --c
134
134
 
135
135
  These options are available for all commands:
136
136
 
137
- | Option | Short | Description |
138
- | -------------------------------------- | ----- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
139
- | `--version` | `-V` | Display version number |
140
- | `--help` | `-h` | Display help for command |
141
- | `--credentials <token>` | | Authentication token. |
142
- | `--credentials-client-id <id>` | | OAuth client ID for authentication. |
143
- | `--credentials-client-secret <secret>` | | OAuth client secret for authentication. |
144
- | `--credentials-base-url <url>` | | Override authentication base URL. |
145
- | `--debug` | | Enable debug logging. |
146
- | `--base-url <url>` | | Base URL for Zapier API endpoints. |
147
- | `--tracking-base-url <url>` | | Base URL for Zapier tracking endpoints. |
148
- | `--max-network-retries <count>` | | Max retries for rate-limited requests (default: 3). |
149
- | `--max-network-retry-delay-ms <ms>` | | Max delay in ms to wait for retry (default: 60000). |
150
- | `--max-concurrent-requests <count>` | | Max concurrent in-flight HTTP requests (default: 200, max: 10000). |
151
- | `--approval-timeout-ms <ms>` | | Timeout in ms for approval polling. Default: 600000 (10 min). |
152
- | `--max-approval-retries` | | Maximum number of sequential approval rounds per request (one per gating policy) before giving up. Default: 2. |
153
- | `--approval-mode` | | Approval flow behavior. "disabled" (default) throws a ZapierApprovalError on approval-required responses without creating an approval. "poll" creates the approval, opens it in a browser, polls until resolved, and retries the original request. "throw" creates the approval and throws a ZapierApprovalError with the approval URL so the caller can surface it. Defaults to the ZAPIER_APPROVAL_MODE env var, then "disabled". |
154
- | `--can-include-shared-connections` | | Allow listing shared connections. |
155
- | `--can-include-shared-tables` | | Allow listing shared tables. |
156
- | `--can-delete-tables` | | Allow deleting tables. |
157
- | `--json` | | Output raw JSON instead of formatted results |
137
+ | Option | Short | Description |
138
+ | -------------------------------------- | ----- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
139
+ | `--version` | `-V` | Display version number |
140
+ | `--help` | `-h` | Display help for command |
141
+ | `--credentials <token>` | | Authentication token. |
142
+ | `--credentials-client-id <id>` | | OAuth client ID for authentication. |
143
+ | `--credentials-client-secret <secret>` | | OAuth client secret for authentication. |
144
+ | `--credentials-base-url <url>` | | Override authentication base URL. |
145
+ | `--debug` | | Enable debug logging. |
146
+ | `--base-url <url>` | | Base URL for Zapier API endpoints. |
147
+ | `--tracking-base-url <url>` | | Base URL for Zapier tracking endpoints. |
148
+ | `--max-network-retries <count>` | | Max retries for rate-limited requests (default: 3). |
149
+ | `--max-network-retry-delay-ms <ms>` | | Max delay in ms to wait for retry (default: 60000). |
150
+ | `--max-concurrent-requests <count>` | | Max concurrent in-flight HTTP requests (default: 200, max: 10000). |
151
+ | `--approval-timeout-ms <ms>` | | Timeout in ms for approval polling. Default: 600000 (10 min). |
152
+ | `--max-approval-retries` | | Maximum number of sequential approval rounds per request (one per gating policy) before giving up. Default: 2. |
153
+ | `--approval-mode` | | Approval flow behavior. "poll" creates the approval, opens it in a browser, polls until resolved, and retries the original request. "throw" creates the approval and throws a ZapierApprovalError with the approval URL so the caller can surface it. "disabled" throws a ZapierApprovalError on approval-required responses without creating an approval. Resolution order is: explicit option, then ZAPIER_APPROVAL_MODE, then the default behavior (poll for interactive TTY, throw otherwise). |
154
+ | `--can-include-shared-connections` | | Allow listing shared connections. |
155
+ | `--can-include-shared-tables` | | Allow listing shared tables. |
156
+ | `--can-delete-tables` | | Allow deleting tables. |
157
+ | `--json` | | Output raw JSON instead of formatted results |
158
158
 
159
159
  ## Available Commands
160
160
 
@@ -178,14 +178,15 @@ Log in to Zapier to access your account
178
178
 
179
179
  **Options:**
180
180
 
181
- | Option | Type | Required | Default | Possible Values | Description |
182
- | ----------- | -------- | -------- | ------- | --------------- | --------------------------------------- |
183
- | `--timeout` | `string` | ❌ | — | — | Login timeout in seconds (default: 300) |
181
+ | Option | Type | Required | Default | Possible Values | Description |
182
+ | ----------------- | --------- | -------- | ------- | --------------- | -------------------------------------------------------------- |
183
+ | `--timeout` | `string` | ❌ | — | — | Login timeout in seconds (default: 300) |
184
+ | `--use-approvals` | `boolean` | ❌ | — | — | Require approvals for actions performed with these credentials |
184
185
 
185
186
  **Usage:**
186
187
 
187
188
  ```bash
188
- npx zapier-sdk login [--timeout]
189
+ npx zapier-sdk login [--timeout] [--use-approvals]
189
190
  ```
190
191
 
191
192
  #### `logout`
package/dist/cli.cjs CHANGED
@@ -178,6 +178,20 @@ function coerceToSchemaType(value, schema) {
178
178
  }
179
179
  return value;
180
180
  }
181
+ function renderChoiceLabel(choice) {
182
+ let effectiveHint = choice.hint;
183
+ if (effectiveHint === void 0 && (typeof choice.value === "string" || typeof choice.value === "number")) {
184
+ effectiveHint = String(choice.value);
185
+ }
186
+ if (!effectiveHint || Array.isArray(effectiveHint) && effectiveHint.length === 0) {
187
+ return choice;
188
+ }
189
+ const hintText = Array.isArray(effectiveHint) ? effectiveHint.join(", ") : effectiveHint;
190
+ if (hintText === choice.name) {
191
+ return choice;
192
+ }
193
+ return { ...choice, name: `${choice.name} ${chalk__default.default.dim(`(${hintText})`)}` };
194
+ }
181
195
  var SchemaParameterResolver = class {
182
196
  constructor() {
183
197
  this.debug = false;
@@ -585,7 +599,7 @@ var SchemaParameterResolver = class {
585
599
  }
586
600
  const { items } = await this.unpackFetchResult(fetchResult, promptLabel);
587
601
  const choicesConfig = resolver.prompt(items, searchParams);
588
- const dataChoices = choicesConfig.choices ?? [];
602
+ const dataChoices = (choicesConfig.choices ?? []).map(renderChoiceLabel);
589
603
  const capabilityHintMessages = await this.computeCapabilityHints(
590
604
  resolver,
591
605
  context
@@ -774,6 +788,9 @@ var SchemaParameterResolver = class {
774
788
  context.resolvedParams
775
789
  );
776
790
  promptConfig.name = promptName;
791
+ if (promptConfig.choices) {
792
+ promptConfig.choices = promptConfig.choices.map(renderChoiceLabel);
793
+ }
777
794
  const hasSelectableChoice = promptConfig.choices?.some(
778
795
  (c) => !c.disabled
779
796
  );
@@ -1555,7 +1572,7 @@ var SHARED_COMMAND_CLI_OPTIONS = [
1555
1572
 
1556
1573
  // package.json
1557
1574
  var package_default = {
1558
- version: "0.49.1"};
1575
+ version: "0.51.0"};
1559
1576
 
1560
1577
  // src/telemetry/builders.ts
1561
1578
  function createCliBaseEvent(context = {}) {
@@ -3787,10 +3804,18 @@ async function runOauthFlow({
3787
3804
 
3788
3805
  // src/utils/auth/client-credentials.ts
3789
3806
  var CREDENTIALS_SCOPES = ["external", "credentials"];
3790
- async function createCredentialsOnServer(api2, name) {
3807
+ var EMPTY_POLICY = {
3808
+ version: 2,
3809
+ statements: []
3810
+ };
3811
+ async function createCredentialsOnServer(api2, name, policy) {
3791
3812
  const response = await api2.post(
3792
3813
  "/api/v0/client-credentials",
3793
- { name, allowed_scopes: CREDENTIALS_SCOPES },
3814
+ {
3815
+ name,
3816
+ allowed_scopes: CREDENTIALS_SCOPES,
3817
+ ...policy !== void 0 && { policy }
3818
+ },
3794
3819
  { authRequired: true, requiredScopes: ["credentials"] }
3795
3820
  );
3796
3821
  return {
@@ -3807,9 +3832,14 @@ async function deleteCredentialsOnServer(api2, clientId) {
3807
3832
  async function setupClientCredentials({
3808
3833
  api: api2,
3809
3834
  name,
3810
- credentialsBaseUrl: credentialsBaseUrl2
3835
+ credentialsBaseUrl: credentialsBaseUrl2,
3836
+ policy
3811
3837
  }) {
3812
- const { clientId, clientSecret } = await createCredentialsOnServer(api2, name);
3838
+ const { clientId, clientSecret } = await createCredentialsOnServer(
3839
+ api2,
3840
+ name,
3841
+ policy
3842
+ );
3813
3843
  try {
3814
3844
  await withRetry({
3815
3845
  action: () => storeClientCredentials({
@@ -3851,7 +3881,10 @@ async function resolveCredentialsBaseUrl(context) {
3851
3881
  return getBaseUrlFromResolvedCredentials(resolvedCredentials) ?? getBaseUrlFromOptionsCredentials(context.options?.credentials) ?? context.options?.baseUrl;
3852
3882
  }
3853
3883
  var LoginSchema = zod.z.object({
3854
- timeout: zod.z.string().optional().describe("Login timeout in seconds (default: 300)")
3884
+ timeout: zod.z.string().optional().describe("Login timeout in seconds (default: 300)"),
3885
+ useApprovals: zod.z.boolean().optional().describe(
3886
+ "Require approvals for actions performed with these credentials"
3887
+ )
3855
3888
  }).describe("Log in to Zapier to access your account");
3856
3889
 
3857
3890
  // src/plugins/login/index.ts
@@ -3945,7 +3978,9 @@ function emitLoginSuccess({
3945
3978
  sdk.context.eventEmission.emit(
3946
3979
  "platform.sdk.ApplicationLifecycleEvent",
3947
3980
  zapierSdk.buildApplicationLifecycleEvent(
3948
- { lifecycle_event_type: "login_success" },
3981
+ {
3982
+ lifecycle_event_type: "login_success"
3983
+ },
3949
3984
  {
3950
3985
  customuser_id: profile.user_id,
3951
3986
  account_id: profile.roles[0]?.account_id ?? null
@@ -4017,15 +4052,20 @@ var loginPlugin = zapierSdk.definePlugin(
4017
4052
  profile.email,
4018
4053
  credentialsBaseUrl2
4019
4054
  );
4055
+ const useApprovals = options.useApprovals === true;
4020
4056
  await setupClientCredentials({
4021
4057
  api: scopedApi,
4022
4058
  name: credentialName,
4023
- credentialsBaseUrl: credentialsBaseUrl2
4059
+ credentialsBaseUrl: credentialsBaseUrl2,
4060
+ ...useApprovals && { policy: EMPTY_POLICY }
4024
4061
  });
4025
4062
  await bestEffortClearLegacyJwtState();
4026
4063
  console.log(
4027
4064
  `\u2705 Credentials "${credentialName}" created and set as default. You are ready to use the Zapier SDK.`
4028
4065
  );
4066
+ if (useApprovals) {
4067
+ console.log("\u{1F510} Approvals are enabled for these credentials.");
4068
+ }
4029
4069
  emitLoginSuccess({ sdk: sdk2, profile });
4030
4070
  }
4031
4071
  })
@@ -6586,7 +6626,7 @@ var watchTriggerInboxCliPlugin = zapierSdk.definePlugin(
6586
6626
  // package.json with { type: 'json' }
6587
6627
  var package_default2 = {
6588
6628
  name: "@zapier/zapier-sdk-cli",
6589
- version: "0.49.1"};
6629
+ version: "0.51.0"};
6590
6630
 
6591
6631
  // src/sdk.ts
6592
6632
  zapierSdk.injectCliLogin(login_exports);
package/dist/cli.mjs CHANGED
@@ -136,6 +136,20 @@ function coerceToSchemaType(value, schema) {
136
136
  }
137
137
  return value;
138
138
  }
139
+ function renderChoiceLabel(choice) {
140
+ let effectiveHint = choice.hint;
141
+ if (effectiveHint === void 0 && (typeof choice.value === "string" || typeof choice.value === "number")) {
142
+ effectiveHint = String(choice.value);
143
+ }
144
+ if (!effectiveHint || Array.isArray(effectiveHint) && effectiveHint.length === 0) {
145
+ return choice;
146
+ }
147
+ const hintText = Array.isArray(effectiveHint) ? effectiveHint.join(", ") : effectiveHint;
148
+ if (hintText === choice.name) {
149
+ return choice;
150
+ }
151
+ return { ...choice, name: `${choice.name} ${chalk.dim(`(${hintText})`)}` };
152
+ }
139
153
  var SchemaParameterResolver = class {
140
154
  constructor() {
141
155
  this.debug = false;
@@ -543,7 +557,7 @@ var SchemaParameterResolver = class {
543
557
  }
544
558
  const { items } = await this.unpackFetchResult(fetchResult, promptLabel);
545
559
  const choicesConfig = resolver.prompt(items, searchParams);
546
- const dataChoices = choicesConfig.choices ?? [];
560
+ const dataChoices = (choicesConfig.choices ?? []).map(renderChoiceLabel);
547
561
  const capabilityHintMessages = await this.computeCapabilityHints(
548
562
  resolver,
549
563
  context
@@ -732,6 +746,9 @@ var SchemaParameterResolver = class {
732
746
  context.resolvedParams
733
747
  );
734
748
  promptConfig.name = promptName;
749
+ if (promptConfig.choices) {
750
+ promptConfig.choices = promptConfig.choices.map(renderChoiceLabel);
751
+ }
735
752
  const hasSelectableChoice = promptConfig.choices?.some(
736
753
  (c) => !c.disabled
737
754
  );
@@ -1513,7 +1530,7 @@ var SHARED_COMMAND_CLI_OPTIONS = [
1513
1530
 
1514
1531
  // package.json
1515
1532
  var package_default = {
1516
- version: "0.49.1"};
1533
+ version: "0.51.0"};
1517
1534
 
1518
1535
  // src/telemetry/builders.ts
1519
1536
  function createCliBaseEvent(context = {}) {
@@ -3745,10 +3762,18 @@ async function runOauthFlow({
3745
3762
 
3746
3763
  // src/utils/auth/client-credentials.ts
3747
3764
  var CREDENTIALS_SCOPES = ["external", "credentials"];
3748
- async function createCredentialsOnServer(api2, name) {
3765
+ var EMPTY_POLICY = {
3766
+ version: 2,
3767
+ statements: []
3768
+ };
3769
+ async function createCredentialsOnServer(api2, name, policy) {
3749
3770
  const response = await api2.post(
3750
3771
  "/api/v0/client-credentials",
3751
- { name, allowed_scopes: CREDENTIALS_SCOPES },
3772
+ {
3773
+ name,
3774
+ allowed_scopes: CREDENTIALS_SCOPES,
3775
+ ...policy !== void 0 && { policy }
3776
+ },
3752
3777
  { authRequired: true, requiredScopes: ["credentials"] }
3753
3778
  );
3754
3779
  return {
@@ -3765,9 +3790,14 @@ async function deleteCredentialsOnServer(api2, clientId) {
3765
3790
  async function setupClientCredentials({
3766
3791
  api: api2,
3767
3792
  name,
3768
- credentialsBaseUrl: credentialsBaseUrl2
3793
+ credentialsBaseUrl: credentialsBaseUrl2,
3794
+ policy
3769
3795
  }) {
3770
- const { clientId, clientSecret } = await createCredentialsOnServer(api2, name);
3796
+ const { clientId, clientSecret } = await createCredentialsOnServer(
3797
+ api2,
3798
+ name,
3799
+ policy
3800
+ );
3771
3801
  try {
3772
3802
  await withRetry({
3773
3803
  action: () => storeClientCredentials({
@@ -3809,7 +3839,10 @@ async function resolveCredentialsBaseUrl(context) {
3809
3839
  return getBaseUrlFromResolvedCredentials(resolvedCredentials) ?? getBaseUrlFromOptionsCredentials(context.options?.credentials) ?? context.options?.baseUrl;
3810
3840
  }
3811
3841
  var LoginSchema = z.object({
3812
- timeout: z.string().optional().describe("Login timeout in seconds (default: 300)")
3842
+ timeout: z.string().optional().describe("Login timeout in seconds (default: 300)"),
3843
+ useApprovals: z.boolean().optional().describe(
3844
+ "Require approvals for actions performed with these credentials"
3845
+ )
3813
3846
  }).describe("Log in to Zapier to access your account");
3814
3847
 
3815
3848
  // src/plugins/login/index.ts
@@ -3903,7 +3936,9 @@ function emitLoginSuccess({
3903
3936
  sdk.context.eventEmission.emit(
3904
3937
  "platform.sdk.ApplicationLifecycleEvent",
3905
3938
  buildApplicationLifecycleEvent(
3906
- { lifecycle_event_type: "login_success" },
3939
+ {
3940
+ lifecycle_event_type: "login_success"
3941
+ },
3907
3942
  {
3908
3943
  customuser_id: profile.user_id,
3909
3944
  account_id: profile.roles[0]?.account_id ?? null
@@ -3975,15 +4010,20 @@ var loginPlugin = definePlugin(
3975
4010
  profile.email,
3976
4011
  credentialsBaseUrl2
3977
4012
  );
4013
+ const useApprovals = options.useApprovals === true;
3978
4014
  await setupClientCredentials({
3979
4015
  api: scopedApi,
3980
4016
  name: credentialName,
3981
- credentialsBaseUrl: credentialsBaseUrl2
4017
+ credentialsBaseUrl: credentialsBaseUrl2,
4018
+ ...useApprovals && { policy: EMPTY_POLICY }
3982
4019
  });
3983
4020
  await bestEffortClearLegacyJwtState();
3984
4021
  console.log(
3985
4022
  `\u2705 Credentials "${credentialName}" created and set as default. You are ready to use the Zapier SDK.`
3986
4023
  );
4024
+ if (useApprovals) {
4025
+ console.log("\u{1F510} Approvals are enabled for these credentials.");
4026
+ }
3987
4027
  emitLoginSuccess({ sdk: sdk2, profile });
3988
4028
  }
3989
4029
  })
@@ -6544,7 +6584,7 @@ var watchTriggerInboxCliPlugin = definePlugin(
6544
6584
  // package.json with { type: 'json' }
6545
6585
  var package_default2 = {
6546
6586
  name: "@zapier/zapier-sdk-cli",
6547
- version: "0.49.1"};
6587
+ version: "0.51.0"};
6548
6588
 
6549
6589
  // src/sdk.ts
6550
6590
  injectCliLogin(login_exports);
package/dist/experimental.cjs CHANGED
@@ -1181,10 +1181,18 @@ async function runOauthFlow({
1181
1181
 
1182
1182
  // src/utils/auth/client-credentials.ts
1183
1183
  var CREDENTIALS_SCOPES = ["external", "credentials"];
1184
- async function createCredentialsOnServer(api2, name) {
1184
+ var EMPTY_POLICY = {
1185
+ version: 2,
1186
+ statements: []
1187
+ };
1188
+ async function createCredentialsOnServer(api2, name, policy) {
1185
1189
  const response = await api2.post(
1186
1190
  "/api/v0/client-credentials",
1187
- { name, allowed_scopes: CREDENTIALS_SCOPES },
1191
+ {
1192
+ name,
1193
+ allowed_scopes: CREDENTIALS_SCOPES,
1194
+ ...policy !== void 0 && { policy }
1195
+ },
1188
1196
  { authRequired: true, requiredScopes: ["credentials"] }
1189
1197
  );
1190
1198
  return {
@@ -1201,9 +1209,14 @@ async function deleteCredentialsOnServer(api2, clientId) {
1201
1209
  async function setupClientCredentials({
1202
1210
  api: api2,
1203
1211
  name,
1204
- credentialsBaseUrl
1212
+ credentialsBaseUrl,
1213
+ policy
1205
1214
  }) {
1206
- const { clientId, clientSecret } = await createCredentialsOnServer(api2, name);
1215
+ const { clientId, clientSecret } = await createCredentialsOnServer(
1216
+ api2,
1217
+ name,
1218
+ policy
1219
+ );
1207
1220
  try {
1208
1221
  await withRetry({
1209
1222
  action: () => storeClientCredentials({
@@ -1245,7 +1258,10 @@ async function resolveCredentialsBaseUrl(context) {
1245
1258
  return getBaseUrlFromResolvedCredentials(resolvedCredentials) ?? getBaseUrlFromOptionsCredentials(context.options?.credentials) ?? context.options?.baseUrl;
1246
1259
  }
1247
1260
  var LoginSchema = zod.z.object({
1248
- timeout: zod.z.string().optional().describe("Login timeout in seconds (default: 300)")
1261
+ timeout: zod.z.string().optional().describe("Login timeout in seconds (default: 300)"),
1262
+ useApprovals: zod.z.boolean().optional().describe(
1263
+ "Require approvals for actions performed with these credentials"
1264
+ )
1249
1265
  }).describe("Log in to Zapier to access your account");
1250
1266
 
1251
1267
  // src/plugins/login/index.ts
@@ -1339,7 +1355,9 @@ function emitLoginSuccess({
1339
1355
  sdk.context.eventEmission.emit(
1340
1356
  "platform.sdk.ApplicationLifecycleEvent",
1341
1357
  zapierSdk.buildApplicationLifecycleEvent(
1342
- { lifecycle_event_type: "login_success" },
1358
+ {
1359
+ lifecycle_event_type: "login_success"
1360
+ },
1343
1361
  {
1344
1362
  customuser_id: profile.user_id,
1345
1363
  account_id: profile.roles[0]?.account_id ?? null
@@ -1411,15 +1429,20 @@ var loginPlugin = zapierSdk.definePlugin(
1411
1429
  profile.email,
1412
1430
  credentialsBaseUrl
1413
1431
  );
1432
+ const useApprovals = options.useApprovals === true;
1414
1433
  await setupClientCredentials({
1415
1434
  api: scopedApi,
1416
1435
  name: credentialName,
1417
- credentialsBaseUrl
1436
+ credentialsBaseUrl,
1437
+ ...useApprovals && { policy: EMPTY_POLICY }
1418
1438
  });
1419
1439
  await bestEffortClearLegacyJwtState();
1420
1440
  console.log(
1421
1441
  `\u2705 Credentials "${credentialName}" created and set as default. You are ready to use the Zapier SDK.`
1422
1442
  );
1443
+ if (useApprovals) {
1444
+ console.log("\u{1F510} Approvals are enabled for these credentials.");
1445
+ }
1423
1446
  emitLoginSuccess({ sdk: sdk2, profile });
1424
1447
  }
1425
1448
  })
@@ -3963,7 +3986,7 @@ var watchTriggerInboxCliPlugin = zapierSdk.definePlugin(
3963
3986
  // package.json with { type: 'json' }
3964
3987
  var package_default = {
3965
3988
  name: "@zapier/zapier-sdk-cli",
3966
- version: "0.49.1"};
3989
+ version: "0.51.0"};
3967
3990
 
3968
3991
  // src/experimental.ts
3969
3992
  experimental.injectCliLogin(login_exports);
package/dist/experimental.mjs CHANGED
@@ -1145,10 +1145,18 @@ async function runOauthFlow({
1145
1145
 
1146
1146
  // src/utils/auth/client-credentials.ts
1147
1147
  var CREDENTIALS_SCOPES = ["external", "credentials"];
1148
- async function createCredentialsOnServer(api2, name) {
1148
+ var EMPTY_POLICY = {
1149
+ version: 2,
1150
+ statements: []
1151
+ };
1152
+ async function createCredentialsOnServer(api2, name, policy) {
1149
1153
  const response = await api2.post(
1150
1154
  "/api/v0/client-credentials",
1151
- { name, allowed_scopes: CREDENTIALS_SCOPES },
1155
+ {
1156
+ name,
1157
+ allowed_scopes: CREDENTIALS_SCOPES,
1158
+ ...policy !== void 0 && { policy }
1159
+ },
1152
1160
  { authRequired: true, requiredScopes: ["credentials"] }
1153
1161
  );
1154
1162
  return {
@@ -1165,9 +1173,14 @@ async function deleteCredentialsOnServer(api2, clientId) {
1165
1173
  async function setupClientCredentials({
1166
1174
  api: api2,
1167
1175
  name,
1168
- credentialsBaseUrl
1176
+ credentialsBaseUrl,
1177
+ policy
1169
1178
  }) {
1170
- const { clientId, clientSecret } = await createCredentialsOnServer(api2, name);
1179
+ const { clientId, clientSecret } = await createCredentialsOnServer(
1180
+ api2,
1181
+ name,
1182
+ policy
1183
+ );
1171
1184
  try {
1172
1185
  await withRetry({
1173
1186
  action: () => storeClientCredentials({
@@ -1209,7 +1222,10 @@ async function resolveCredentialsBaseUrl(context) {
1209
1222
  return getBaseUrlFromResolvedCredentials(resolvedCredentials) ?? getBaseUrlFromOptionsCredentials(context.options?.credentials) ?? context.options?.baseUrl;
1210
1223
  }
1211
1224
  var LoginSchema = z.object({
1212
- timeout: z.string().optional().describe("Login timeout in seconds (default: 300)")
1225
+ timeout: z.string().optional().describe("Login timeout in seconds (default: 300)"),
1226
+ useApprovals: z.boolean().optional().describe(
1227
+ "Require approvals for actions performed with these credentials"
1228
+ )
1213
1229
  }).describe("Log in to Zapier to access your account");
1214
1230
 
1215
1231
  // src/plugins/login/index.ts
@@ -1303,7 +1319,9 @@ function emitLoginSuccess({
1303
1319
  sdk.context.eventEmission.emit(
1304
1320
  "platform.sdk.ApplicationLifecycleEvent",
1305
1321
  buildApplicationLifecycleEvent(
1306
- { lifecycle_event_type: "login_success" },
1322
+ {
1323
+ lifecycle_event_type: "login_success"
1324
+ },
1307
1325
  {
1308
1326
  customuser_id: profile.user_id,
1309
1327
  account_id: profile.roles[0]?.account_id ?? null
@@ -1375,15 +1393,20 @@ var loginPlugin = definePlugin(
1375
1393
  profile.email,
1376
1394
  credentialsBaseUrl
1377
1395
  );
1396
+ const useApprovals = options.useApprovals === true;
1378
1397
  await setupClientCredentials({
1379
1398
  api: scopedApi,
1380
1399
  name: credentialName,
1381
- credentialsBaseUrl
1400
+ credentialsBaseUrl,
1401
+ ...useApprovals && { policy: EMPTY_POLICY }
1382
1402
  });
1383
1403
  await bestEffortClearLegacyJwtState();
1384
1404
  console.log(
1385
1405
  `\u2705 Credentials "${credentialName}" created and set as default. You are ready to use the Zapier SDK.`
1386
1406
  );
1407
+ if (useApprovals) {
1408
+ console.log("\u{1F510} Approvals are enabled for these credentials.");
1409
+ }
1387
1410
  emitLoginSuccess({ sdk: sdk2, profile });
1388
1411
  }
1389
1412
  })
@@ -3927,7 +3950,7 @@ var watchTriggerInboxCliPlugin = definePlugin(
3927
3950
  // package.json with { type: 'json' }
3928
3951
  var package_default = {
3929
3952
  name: "@zapier/zapier-sdk-cli",
3930
- version: "0.49.1"};
3953
+ version: "0.51.0"};
3931
3954
 
3932
3955
  // src/experimental.ts
3933
3956
  injectCliLogin(login_exports);