@zapier/zapier-sdk-core 0.10.0 → 0.12.0

package/CHANGELOG.md

@@ -1,5 +1,17 @@
 # @zapier/zapier-sdk-core
 
+## 0.12.0
+
+### Minor Changes
+
+- 821a368: Add `POST /api/v0/approvals` endpoint. The SDK calls this to create an approval request after receiving a `403 x-zapier-error-type: approval_required` from a proxy or handler. The body carries a typed request context (`http_request` or `action_run`).
+
+## 0.11.0
+
+### Minor Changes
+
+- eb026a9: Add `GET /api/v0/approvals/{approvalId}` polling endpoint. The SDK uses this to poll approval status. On resolution, sdkapi invalidates the token-exchange cache so the next request re-fetches a fresh JWT with the updated `policy_urn`.
+
 ## 0.10.0
 
 ### Minor Changes

package/dist/v0/config/metadata.cjs

@@ -64,6 +64,10 @@ var tags = [
   {
     name: "Documentation",
     description: "Documentation-related routes"
+  },
+  {
+    name: "Approvals",
+    description: "Approval request management routes"
   }
 ];
 var securitySchemes = {

package/dist/v0/config/metadata.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/v0/config/metadata.ts"],"sourcesContent":["/**\n * OpenAPI specification metadata\n *\n * This file contains all the base metadata for the OpenAPI specification\n * that was previously stored in openapi-base.yaml.\n *\n * Note on 'as const' usage:\n * - We use 'as const' on literal values that should be treated as enums\n *   (e.g., \"apiKey\", \"header\", \"3.1.0\") to get precise literal types\n * - We avoid 'as const' on top-level configuration objects to prevent\n *   deep readonly types that can cause compatibility issues with libraries\n *   expecting mutable types (like zod-to-openapi)\n * - If you encounter readonly type errors, check whether the consuming\n *   library expects mutable types and remove 'as const' accordingly\n */\n\nexport const apiInfo = {\n  title: \"Zapier SDK API\",\n  version: \"1.0.0\",\n  contact: {\n    email: \"engineering@zapier.com\",\n  },\n  description: \"The Zapier SDK API serves as a backend for the Zapier SDK.\",\n};\n\nexport const servers: Array<{ url: string; description: string }> = [];\n\nexport const tags = [\n  {\n    name: \"Actions\",\n    description: \"Action-related routes\",\n  },\n  {\n    name: \"Apps\",\n    description: \"App-related routes\",\n  },\n  {\n    name: \"Authentications\",\n    description: \"Authentication-related routes (deprecated, use Connections)\",\n  },\n  {\n    name: \"Client Credentials\",\n    description: \"Client credentials management routes\",\n  },\n  {\n    name: \"Connections\",\n    description: \"Connection-related routes\",\n  },\n  {\n    name: \"Deduplication\",\n    description: \"Deduplication-related routes\",\n  },\n  {\n    name: \"Documentation\",\n    description: \"Documentation-related routes\",\n  },\n];\n\n/**\n * Security schemes for OpenAPI specification\n *\n * Note: 'as const' is used on enum-like literal values (\"apiKey\", \"header\")\n * to ensure TypeScript treats them as literal types rather than generic strings.\n * This provides better type safety when the OpenAPI generator validates these values.\n */\nexport const securitySchemes = {\n  userJwt: {\n    type: \"apiKey\" as const,\n    in: \"header\" as const,\n    name: \"Authorization\",\n    description:\n      \"Format should be `JWT <your-jwt>` (you must ensure that the JWT prefix \" +\n      \"is included in your requests).\\\\n\\\\n\" +\n      \"Example:  `Authorization: JWT your.jwt.value.here`\",\n  },\n} as const;\n\n/**\n * Complete OpenAPI metadata for document generation\n */\nexport const openApiMetadata = {\n  openapi: \"3.1.0\" as const,\n  info: apiInfo,\n  servers,\n  tags,\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAgBO,IAAM,UAAU;AAAA,EACrB,OAAO;AAAA,EACP,SAAS;AAAA,EACT,SAAS;AAAA,IACP,OAAO;AAAA,EACT;AAAA,EACA,aAAa;AACf;AAEO,IAAM,UAAuD,CAAC;AAE9D,IAAM,OAAO;AAAA,EAClB;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AACF;AASO,IAAM,kBAAkB;AAAA,EAC7B,SAAS;AAAA,IACP,MAAM;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,aACE;AAAA,EAGJ;AACF;AAKO,IAAM,kBAAkB;AAAA,EAC7B,SAAS;AAAA,EACT,MAAM;AAAA,EACN;AAAA,EACA;AACF;","names":[]}
+{"version":3,"sources":["../../../src/v0/config/metadata.ts"],"sourcesContent":["/**\n * OpenAPI specification metadata\n *\n * This file contains all the base metadata for the OpenAPI specification\n * that was previously stored in openapi-base.yaml.\n *\n * Note on 'as const' usage:\n * - We use 'as const' on literal values that should be treated as enums\n *   (e.g., \"apiKey\", \"header\", \"3.1.0\") to get precise literal types\n * - We avoid 'as const' on top-level configuration objects to prevent\n *   deep readonly types that can cause compatibility issues with libraries\n *   expecting mutable types (like zod-to-openapi)\n * - If you encounter readonly type errors, check whether the consuming\n *   library expects mutable types and remove 'as const' accordingly\n */\n\nexport const apiInfo = {\n  title: \"Zapier SDK API\",\n  version: \"1.0.0\",\n  contact: {\n    email: \"engineering@zapier.com\",\n  },\n  description: \"The Zapier SDK API serves as a backend for the Zapier SDK.\",\n};\n\nexport const servers: Array<{ url: string; description: string }> = [];\n\nexport const tags = [\n  {\n    name: \"Actions\",\n    description: \"Action-related routes\",\n  },\n  {\n    name: \"Apps\",\n    description: \"App-related routes\",\n  },\n  {\n    name: \"Authentications\",\n    description: \"Authentication-related routes (deprecated, use Connections)\",\n  },\n  {\n    name: \"Client Credentials\",\n    description: \"Client credentials management routes\",\n  },\n  {\n    name: \"Connections\",\n    description: \"Connection-related routes\",\n  },\n  {\n    name: \"Deduplication\",\n    description: \"Deduplication-related routes\",\n  },\n  {\n    name: \"Documentation\",\n    description: \"Documentation-related routes\",\n  },\n  {\n    name: \"Approvals\",\n    description: \"Approval request management routes\",\n  },\n];\n\n/**\n * Security schemes for OpenAPI specification\n *\n * Note: 'as const' is used on enum-like literal values (\"apiKey\", \"header\")\n * to ensure TypeScript treats them as literal types rather than generic strings.\n * This provides better type safety when the OpenAPI generator validates these values.\n */\nexport const securitySchemes = {\n  userJwt: {\n    type: \"apiKey\" as const,\n    in: \"header\" as const,\n    name: \"Authorization\",\n    description:\n      \"Format should be `JWT <your-jwt>` (you must ensure that the JWT prefix \" +\n      \"is included in your requests).\\\\n\\\\n\" +\n      \"Example:  `Authorization: JWT your.jwt.value.here`\",\n  },\n} as const;\n\n/**\n * Complete OpenAPI metadata for document generation\n */\nexport const openApiMetadata = {\n  openapi: \"3.1.0\" as const,\n  info: apiInfo,\n  servers,\n  tags,\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAgBO,IAAM,UAAU;AAAA,EACrB,OAAO;AAAA,EACP,SAAS;AAAA,EACT,SAAS;AAAA,IACP,OAAO;AAAA,EACT;AAAA,EACA,aAAa;AACf;AAEO,IAAM,UAAuD,CAAC;AAE9D,IAAM,OAAO;AAAA,EAClB;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AACF;AASO,IAAM,kBAAkB;AAAA,EAC7B,SAAS;AAAA,IACP,MAAM;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,aACE;AAAA,EAGJ;AACF;AAKO,IAAM,kBAAkB;AAAA,EAC7B,SAAS;AAAA,EACT,MAAM;AAAA,EACN;AAAA,EACA;AACF;","names":[]}

package/dist/v0/config/metadata.js

@@ -36,6 +36,10 @@ var tags = [
   {
     name: "Documentation",
     description: "Documentation-related routes"
+  },
+  {
+    name: "Approvals",
+    description: "Approval request management routes"
   }
 ];
 var securitySchemes = {

package/dist/v0/config/metadata.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/v0/config/metadata.ts"],"sourcesContent":["/**\n * OpenAPI specification metadata\n *\n * This file contains all the base metadata for the OpenAPI specification\n * that was previously stored in openapi-base.yaml.\n *\n * Note on 'as const' usage:\n * - We use 'as const' on literal values that should be treated as enums\n *   (e.g., \"apiKey\", \"header\", \"3.1.0\") to get precise literal types\n * - We avoid 'as const' on top-level configuration objects to prevent\n *   deep readonly types that can cause compatibility issues with libraries\n *   expecting mutable types (like zod-to-openapi)\n * - If you encounter readonly type errors, check whether the consuming\n *   library expects mutable types and remove 'as const' accordingly\n */\n\nexport const apiInfo = {\n  title: \"Zapier SDK API\",\n  version: \"1.0.0\",\n  contact: {\n    email: \"engineering@zapier.com\",\n  },\n  description: \"The Zapier SDK API serves as a backend for the Zapier SDK.\",\n};\n\nexport const servers: Array<{ url: string; description: string }> = [];\n\nexport const tags = [\n  {\n    name: \"Actions\",\n    description: \"Action-related routes\",\n  },\n  {\n    name: \"Apps\",\n    description: \"App-related routes\",\n  },\n  {\n    name: \"Authentications\",\n    description: \"Authentication-related routes (deprecated, use Connections)\",\n  },\n  {\n    name: \"Client Credentials\",\n    description: \"Client credentials management routes\",\n  },\n  {\n    name: \"Connections\",\n    description: \"Connection-related routes\",\n  },\n  {\n    name: \"Deduplication\",\n    description: \"Deduplication-related routes\",\n  },\n  {\n    name: \"Documentation\",\n    description: \"Documentation-related routes\",\n  },\n];\n\n/**\n * Security schemes for OpenAPI specification\n *\n * Note: 'as const' is used on enum-like literal values (\"apiKey\", \"header\")\n * to ensure TypeScript treats them as literal types rather than generic strings.\n * This provides better type safety when the OpenAPI generator validates these values.\n */\nexport const securitySchemes = {\n  userJwt: {\n    type: \"apiKey\" as const,\n    in: \"header\" as const,\n    name: \"Authorization\",\n    description:\n      \"Format should be `JWT <your-jwt>` (you must ensure that the JWT prefix \" +\n      \"is included in your requests).\\\\n\\\\n\" +\n      \"Example:  `Authorization: JWT your.jwt.value.here`\",\n  },\n} as const;\n\n/**\n * Complete OpenAPI metadata for document generation\n */\nexport const openApiMetadata = {\n  openapi: \"3.1.0\" as const,\n  info: apiInfo,\n  servers,\n  tags,\n};\n"],"mappings":";AAgBO,IAAM,UAAU;AAAA,EACrB,OAAO;AAAA,EACP,SAAS;AAAA,EACT,SAAS;AAAA,IACP,OAAO;AAAA,EACT;AAAA,EACA,aAAa;AACf;AAEO,IAAM,UAAuD,CAAC;AAE9D,IAAM,OAAO;AAAA,EAClB;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AACF;AASO,IAAM,kBAAkB;AAAA,EAC7B,SAAS;AAAA,IACP,MAAM;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,aACE;AAAA,EAGJ;AACF;AAKO,IAAM,kBAAkB;AAAA,EAC7B,SAAS;AAAA,EACT,MAAM;AAAA,EACN;AAAA,EACA;AACF;","names":[]}
+{"version":3,"sources":["../../../src/v0/config/metadata.ts"],"sourcesContent":["/**\n * OpenAPI specification metadata\n *\n * This file contains all the base metadata for the OpenAPI specification\n * that was previously stored in openapi-base.yaml.\n *\n * Note on 'as const' usage:\n * - We use 'as const' on literal values that should be treated as enums\n *   (e.g., \"apiKey\", \"header\", \"3.1.0\") to get precise literal types\n * - We avoid 'as const' on top-level configuration objects to prevent\n *   deep readonly types that can cause compatibility issues with libraries\n *   expecting mutable types (like zod-to-openapi)\n * - If you encounter readonly type errors, check whether the consuming\n *   library expects mutable types and remove 'as const' accordingly\n */\n\nexport const apiInfo = {\n  title: \"Zapier SDK API\",\n  version: \"1.0.0\",\n  contact: {\n    email: \"engineering@zapier.com\",\n  },\n  description: \"The Zapier SDK API serves as a backend for the Zapier SDK.\",\n};\n\nexport const servers: Array<{ url: string; description: string }> = [];\n\nexport const tags = [\n  {\n    name: \"Actions\",\n    description: \"Action-related routes\",\n  },\n  {\n    name: \"Apps\",\n    description: \"App-related routes\",\n  },\n  {\n    name: \"Authentications\",\n    description: \"Authentication-related routes (deprecated, use Connections)\",\n  },\n  {\n    name: \"Client Credentials\",\n    description: \"Client credentials management routes\",\n  },\n  {\n    name: \"Connections\",\n    description: \"Connection-related routes\",\n  },\n  {\n    name: \"Deduplication\",\n    description: \"Deduplication-related routes\",\n  },\n  {\n    name: \"Documentation\",\n    description: \"Documentation-related routes\",\n  },\n  {\n    name: \"Approvals\",\n    description: \"Approval request management routes\",\n  },\n];\n\n/**\n * Security schemes for OpenAPI specification\n *\n * Note: 'as const' is used on enum-like literal values (\"apiKey\", \"header\")\n * to ensure TypeScript treats them as literal types rather than generic strings.\n * This provides better type safety when the OpenAPI generator validates these values.\n */\nexport const securitySchemes = {\n  userJwt: {\n    type: \"apiKey\" as const,\n    in: \"header\" as const,\n    name: \"Authorization\",\n    description:\n      \"Format should be `JWT <your-jwt>` (you must ensure that the JWT prefix \" +\n      \"is included in your requests).\\\\n\\\\n\" +\n      \"Example:  `Authorization: JWT your.jwt.value.here`\",\n  },\n} as const;\n\n/**\n * Complete OpenAPI metadata for document generation\n */\nexport const openApiMetadata = {\n  openapi: \"3.1.0\" as const,\n  info: apiInfo,\n  servers,\n  tags,\n};\n"],"mappings":";AAgBO,IAAM,UAAU;AAAA,EACrB,OAAO;AAAA,EACP,SAAS;AAAA,EACT,SAAS;AAAA,IACP,OAAO;AAAA,EACT;AAAA,EACA,aAAa;AACf;AAEO,IAAM,UAAuD,CAAC;AAE9D,IAAM,OAAO;AAAA,EAClB;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,aAAa;AAAA,EACf;AACF;AASO,IAAM,kBAAkB;AAAA,EAC7B,SAAS;AAAA,IACP,MAAM;AAAA,IACN,IAAI;AAAA,IACJ,MAAM;AAAA,IACN,aACE;AAAA,EAGJ;AACF;AAKO,IAAM,kBAAkB;AAAA,EAC7B,SAAS;AAAA,EACT,MAAM;AAAA,EACN;AAAA,EACA;AACF;","names":[]}

package/dist/v0/schemas/approvals.cjs

@@ -0,0 +1,45 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/v0/schemas/approvals.ts
+var approvals_exports = {};
+__export(approvals_exports, {
+  ApprovalResponseSchema: () => ApprovalResponseSchema,
+  ApprovalStatusSchema: () => ApprovalStatusSchema,
+  GetApprovalParamSchema: () => GetApprovalParamSchema
+});
+module.exports = __toCommonJS(approvals_exports);
+var import_zod = require("zod");
+var ApprovalStatusSchema = import_zod.z.enum(["pending_approval", "approved", "denied"]).describe("The current status of the approval request");
+var ApprovalResponseSchema = import_zod.z.object({
+  status: ApprovalStatusSchema,
+  approval_id: import_zod.z.string().describe("Unique identifier for the approval request"),
+  approval_url: import_zod.z.string().optional().describe("URL for the user to visit and approve/deny the request"),
+  poll_url: import_zod.z.string().optional().describe("URL for the SDK to poll for status changes")
+});
+var GetApprovalParamSchema = import_zod.z.object({
+  approvalId: import_zod.z.string().describe("The unique identifier of the approval request")
+});
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ApprovalResponseSchema,
+  ApprovalStatusSchema,
+  GetApprovalParamSchema
+});
+//# sourceMappingURL=approvals.cjs.map

package/dist/v0/schemas/approvals.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/v0/schemas/approvals.ts"],"sourcesContent":["import { z } from \"zod\";\n\n/**\n * Shared approval schemas used by both route definitions and core models.\n */\n\n/**\n * Approval status enum\n */\nexport const ApprovalStatusSchema = z\n  .enum([\"pending_approval\", \"approved\", \"denied\"])\n  .describe(\"The current status of the approval request\");\n\n/**\n * Approval response shape returned by both the poll endpoint and the 202 proxy response.\n */\nexport const ApprovalResponseSchema = z.object({\n  status: ApprovalStatusSchema,\n  approval_id: z\n    .string()\n    .describe(\"Unique identifier for the approval request\"),\n  approval_url: z\n    .string()\n    .optional()\n    .describe(\"URL for the user to visit and approve/deny the request\"),\n  poll_url: z\n    .string()\n    .optional()\n    .describe(\"URL for the SDK to poll for status changes\"),\n});\n\nexport type ApprovalStatus = z.infer<typeof ApprovalStatusSchema>;\nexport type ApprovalResponse = z.infer<typeof ApprovalResponseSchema>;\n\n/**\n * Path parameters for get approval\n */\nexport const GetApprovalParamSchema = z.object({\n  approvalId: z\n    .string()\n    .describe(\"The unique identifier of the approval request\"),\n});\n\nexport type GetApprovalParam = z.infer<typeof GetApprovalParamSchema>;\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,iBAAkB;AASX,IAAM,uBAAuB,aACjC,KAAK,CAAC,oBAAoB,YAAY,QAAQ,CAAC,EAC/C,SAAS,4CAA4C;AAKjD,IAAM,yBAAyB,aAAE,OAAO;AAAA,EAC7C,QAAQ;AAAA,EACR,aAAa,aACV,OAAO,EACP,SAAS,4CAA4C;AAAA,EACxD,cAAc,aACX,OAAO,EACP,SAAS,EACT,SAAS,wDAAwD;AAAA,EACpE,UAAU,aACP,OAAO,EACP,SAAS,EACT,SAAS,4CAA4C;AAC1D,CAAC;AAQM,IAAM,yBAAyB,aAAE,OAAO;AAAA,EAC7C,YAAY,aACT,OAAO,EACP,SAAS,+CAA+C;AAC7D,CAAC;","names":[]}

package/dist/v0/schemas/approvals.d.cts

@@ -0,0 +1,37 @@
+import { z } from 'zod';
+
+/**
+ * Shared approval schemas used by both route definitions and core models.
+ */
+/**
+ * Approval status enum
+ */
+declare const ApprovalStatusSchema: z.ZodEnum<{
+    pending_approval: "pending_approval";
+    approved: "approved";
+    denied: "denied";
+}>;
+/**
+ * Approval response shape returned by both the poll endpoint and the 202 proxy response.
+ */
+declare const ApprovalResponseSchema: z.ZodObject<{
+    status: z.ZodEnum<{
+        pending_approval: "pending_approval";
+        approved: "approved";
+        denied: "denied";
+    }>;
+    approval_id: z.ZodString;
+    approval_url: z.ZodOptional<z.ZodString>;
+    poll_url: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+type ApprovalStatus = z.infer<typeof ApprovalStatusSchema>;
+type ApprovalResponse = z.infer<typeof ApprovalResponseSchema>;
+/**
+ * Path parameters for get approval
+ */
+declare const GetApprovalParamSchema: z.ZodObject<{
+    approvalId: z.ZodString;
+}, z.core.$strip>;
+type GetApprovalParam = z.infer<typeof GetApprovalParamSchema>;
+
+export { type ApprovalResponse, ApprovalResponseSchema, type ApprovalStatus, ApprovalStatusSchema, type GetApprovalParam, GetApprovalParamSchema };

package/dist/v0/schemas/approvals.d.ts

@@ -0,0 +1,37 @@
+import { z } from 'zod';
+
+/**
+ * Shared approval schemas used by both route definitions and core models.
+ */
+/**
+ * Approval status enum
+ */
+declare const ApprovalStatusSchema: z.ZodEnum<{
+    pending_approval: "pending_approval";
+    approved: "approved";
+    denied: "denied";
+}>;
+/**
+ * Approval response shape returned by both the poll endpoint and the 202 proxy response.
+ */
+declare const ApprovalResponseSchema: z.ZodObject<{
+    status: z.ZodEnum<{
+        pending_approval: "pending_approval";
+        approved: "approved";
+        denied: "denied";
+    }>;
+    approval_id: z.ZodString;
+    approval_url: z.ZodOptional<z.ZodString>;
+    poll_url: z.ZodOptional<z.ZodString>;
+}, z.core.$strip>;
+type ApprovalStatus = z.infer<typeof ApprovalStatusSchema>;
+type ApprovalResponse = z.infer<typeof ApprovalResponseSchema>;
+/**
+ * Path parameters for get approval
+ */
+declare const GetApprovalParamSchema: z.ZodObject<{
+    approvalId: z.ZodString;
+}, z.core.$strip>;
+type GetApprovalParam = z.infer<typeof GetApprovalParamSchema>;
+
+export { type ApprovalResponse, ApprovalResponseSchema, type ApprovalStatus, ApprovalStatusSchema, type GetApprovalParam, GetApprovalParamSchema };

package/dist/v0/schemas/approvals.js

@@ -0,0 +1,18 @@
+// src/v0/schemas/approvals.ts
+import { z } from "zod";
+var ApprovalStatusSchema = z.enum(["pending_approval", "approved", "denied"]).describe("The current status of the approval request");
+var ApprovalResponseSchema = z.object({
+  status: ApprovalStatusSchema,
+  approval_id: z.string().describe("Unique identifier for the approval request"),
+  approval_url: z.string().optional().describe("URL for the user to visit and approve/deny the request"),
+  poll_url: z.string().optional().describe("URL for the SDK to poll for status changes")
+});
+var GetApprovalParamSchema = z.object({
+  approvalId: z.string().describe("The unique identifier of the approval request")
+});
+export {
+  ApprovalResponseSchema,
+  ApprovalStatusSchema,
+  GetApprovalParamSchema
+};
+//# sourceMappingURL=approvals.js.map

package/dist/v0/schemas/approvals.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/v0/schemas/approvals.ts"],"sourcesContent":["import { z } from \"zod\";\n\n/**\n * Shared approval schemas used by both route definitions and core models.\n */\n\n/**\n * Approval status enum\n */\nexport const ApprovalStatusSchema = z\n  .enum([\"pending_approval\", \"approved\", \"denied\"])\n  .describe(\"The current status of the approval request\");\n\n/**\n * Approval response shape returned by both the poll endpoint and the 202 proxy response.\n */\nexport const ApprovalResponseSchema = z.object({\n  status: ApprovalStatusSchema,\n  approval_id: z\n    .string()\n    .describe(\"Unique identifier for the approval request\"),\n  approval_url: z\n    .string()\n    .optional()\n    .describe(\"URL for the user to visit and approve/deny the request\"),\n  poll_url: z\n    .string()\n    .optional()\n    .describe(\"URL for the SDK to poll for status changes\"),\n});\n\nexport type ApprovalStatus = z.infer<typeof ApprovalStatusSchema>;\nexport type ApprovalResponse = z.infer<typeof ApprovalResponseSchema>;\n\n/**\n * Path parameters for get approval\n */\nexport const GetApprovalParamSchema = z.object({\n  approvalId: z\n    .string()\n    .describe(\"The unique identifier of the approval request\"),\n});\n\nexport type GetApprovalParam = z.infer<typeof GetApprovalParamSchema>;\n"],"mappings":";AAAA,SAAS,SAAS;AASX,IAAM,uBAAuB,EACjC,KAAK,CAAC,oBAAoB,YAAY,QAAQ,CAAC,EAC/C,SAAS,4CAA4C;AAKjD,IAAM,yBAAyB,EAAE,OAAO;AAAA,EAC7C,QAAQ;AAAA,EACR,aAAa,EACV,OAAO,EACP,SAAS,4CAA4C;AAAA,EACxD,cAAc,EACX,OAAO,EACP,SAAS,EACT,SAAS,wDAAwD;AAAA,EACpE,UAAU,EACP,OAAO,EACP,SAAS,EACT,SAAS,4CAA4C;AAC1D,CAAC;AAQM,IAAM,yBAAyB,EAAE,OAAO;AAAA,EAC7C,YAAY,EACT,OAAO,EACP,SAAS,+CAA+C;AAC7D,CAAC;","names":[]}

package/openapi.yaml

@@ -25,6 +25,8 @@ tags:
     description: Deduplication-related routes
   - name: Documentation
     description: Documentation-related routes
+  - name: Approvals
+    description: Approval request management routes
 components:
   schemas:
     ErrorCode:
@@ -201,6 +203,139 @@ components:
       required:
         - dedupe_key
         - parameters
+    ApprovalResponse:
+      type: object
+      properties:
+        status:
+          type: string
+          enum:
+            - pending_approval
+            - approved
+            - denied
+          description: The current status of the approval request
+        approval_id:
+          type: string
+          description: Unique identifier for the approval request
+        approval_url:
+          type: string
+          description: URL for the user to visit and approve/deny the request
+        poll_url:
+          type: string
+          description: URL for the SDK to poll for status changes
+      required:
+        - status
+        - approval_id
+    ParsedUrl:
+      type: object
+      properties:
+        scheme:
+          type: string
+          description: URL scheme (e.g. https)
+        host:
+          type: string
+          description: Hostname
+        port:
+          type: number
+          description: Port number
+        path:
+          type: string
+          description: URL path
+        query:
+          type: object
+          additionalProperties:
+            type: array
+            items:
+              type: string
+          description: Query parameters
+      required:
+        - scheme
+        - host
+        - port
+        - path
+        - query
+      description: Parsed URL components
+    HttpRequestContext:
+      type: object
+      properties:
+        request_type:
+          type: string
+          enum:
+            - http_request
+          description: Context type discriminator
+        method:
+          type: string
+          description: HTTP method
+        url:
+          $ref: "#/components/schemas/ParsedUrl"
+        headers:
+          type: object
+          additionalProperties:
+            type: string
+          description: Filtered headers (IGNORED_HEADERS excluded, keys lowercased)
+        body:
+          type:
+            - string
+            - "null"
+          description: Raw body string
+        body_json:
+          description: Parsed JSON body
+        connection_id:
+          type: string
+          description: Zapier connection ID used for this request
+        reason:
+          type: string
+          description: Human-readable reason
+      required:
+        - request_type
+        - method
+        - url
+        - headers
+        - body
+    ActionRunContext:
+      type: object
+      properties:
+        request_type:
+          type: string
+          enum:
+            - action_run
+          description: Context type discriminator
+        selected_api:
+          type: string
+          description: Selected API identifier
+        action_type:
+          type: string
+          description: Action type
+        action_key:
+          type: string
+          description: Action key
+        connection_id:
+          type: string
+          description: Zapier connection ID
+        inputs:
+          description: Action input parameters
+        reason:
+          type: string
+          description: Human-readable reason
+      required:
+        - request_type
+        - selected_api
+        - action_type
+        - action_key
+    CreateApprovalBody:
+      type: object
+      properties:
+        context:
+          oneOf:
+            - $ref: "#/components/schemas/HttpRequestContext"
+            - $ref: "#/components/schemas/ActionRunContext"
+          discriminator:
+            propertyName: request_type
+            mapping:
+              http_request: "#/components/schemas/HttpRequestContext"
+              action_run: "#/components/schemas/ActionRunContext"
+          description: The request context for the approval — either an HTTP request context or an action run context
+      required:
+        - context
     CreateClientCredentialsResponse:
       type: object
       properties:
@@ -1244,6 +1379,49 @@ paths:
             application/json: &a7
               schema:
                 $ref: "#/components/schemas/ErrorsResponse"
+  /api/v0/approvals:
+    post:
+      summary: Create an approval request
+      description: Creates an approval request for the authenticated user. The SDK calls this when it decides to proceed with an approval flow after receiving an approval-required error.
+      tags:
+        - Approvals
+      operationId: v0_create_approval
+      security:
+        - userJwt: []
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/CreateApprovalBody"
+      responses:
+        "202":
+          description: Approval request created
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ApprovalResponse"
+        "400":
+          description: Bad Request
+          content:
+            application/json: *a1
+        "401":
+          description: Unauthorized
+          content:
+            application/json: *a2
+        "429":
+          description: Too Many Requests
+          headers: *a3
+          content:
+            application/json: *a4
+        "500":
+          description: Server Error
+          content:
+            application/json: *a5
+        "503":
+          description: Service Unavailable
+          headers: *a6
+          content:
+            application/json: *a7
   /api/v0/client-credentials:
     post:
       summary: Create client credentials
@@ -1455,6 +1633,58 @@ paths:
           headers: *a6
           content:
             application/json: *a7
+  /api/v0/approvals/{approvalId}:
+    get:
+      summary: Get approval status
+      description: Returns the current status of an approval request. Used by the SDK to poll for approval resolution.
+      tags:
+        - Approvals
+      operationId: v0_get_approval
+      security:
+        - userJwt: []
+      parameters:
+        - schema:
+            type: string
+            description: The unique identifier of the approval request
+          required: true
+          description: The unique identifier of the approval request
+          name: approvalId
+          in: path
+      responses:
+        "200":
+          description: Success
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ApprovalResponse"
+        "400":
+          description: Bad Request
+          content:
+            application/json: *a1
+        "401":
+          description: Unauthorized
+          content:
+            application/json: *a2
+        "404":
+          description: Approval not found
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorsResponse"
+        "429":
+          description: Too Many Requests
+          headers: *a3
+          content:
+            application/json: *a4
+        "500":
+          description: Server Error
+          content:
+            application/json: *a5
+        "503":
+          description: Service Unavailable
+          headers: *a6
+          content:
+            application/json: *a7
   /api/v0/authentications/{authenticationId}:
     get:
       summary: Get an authentication

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zapier/zapier-sdk-core",
-  "version": "0.10.0",
+  "version": "0.12.0",
   "description": "Core schemas and TypeScript types for the Zapier SDK API",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Zapier, Inc.",
@@ -61,6 +61,11 @@
       "import": "./dist/v0/schemas/client-credentials.js",
       "require": "./dist/v0/schemas/client-credentials.cjs"
     },
+    "./v0/schemas/approvals": {
+      "types": "./dist/v0/schemas/approvals.d.ts",
+      "import": "./dist/v0/schemas/approvals.js",
+      "require": "./dist/v0/schemas/approvals.cjs"
+    },
     "./v0/common/responses": {
       "types": "./dist/v0/common/responses.d.ts",
       "import": "./dist/v0/common/responses.js",