btrz-api-client 8.33.0 → 8.34.0

package/lib/endpoints/sales/cart.js

@@ -23,6 +23,13 @@ var _require = require("./../endpoints_helpers.js"),
  * @property {string} [internalId] - Internal id or code of the financing cost to match
  */
 
+/**
+ * Query params for DELETE /carts/:cartId/paid-in-items (btrz-api-sales delete-cart-paid-in-items-handler getSpec).
+ * @typedef {Object} CartDeletePaidInItemsQuery
+ * @property {string} [operationId] - Optional operation id to filter which paid-in items to remove
+ * @property {string} [productId] - Optional product id to filter which paid-in items to remove
+ */
+
 /**
  * Factory for cart API (btrz-api-sales).
  * @param {Object} deps
@@ -37,28 +44,24 @@ function cartFactory(_ref) {
       internalAuthTokenProvider = _ref.internalAuthTokenProvider;
 
   /**
-   * GET /cart/:id - get cart by id. Query: providerId, transactionStatus (per get-cart getSpec).
+   * GET /cart/:id - get cart by id.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} opts.id - Cart id
-   * @param {string} [opts.providerId] - Provider id (sent as query)
+   * @param {CartGetQuery} [opts.query] - Query params (providerId, transactionStatus)
    * @param {Object} [opts.headers] - Optional headers
    * @returns {Promise<import("axios").AxiosResponse>}
    */
   function get(_ref2) {
     var token = _ref2.token,
         id = _ref2.id,
-        providerId = _ref2.providerId,
+        _ref2$query = _ref2.query,
+        query = _ref2$query === undefined ? {} : _ref2$query,
         headers = _ref2.headers;
 
-    var url = "/cart/" + id;
-
-    if (providerId) {
-      url = url + "?providerId=" + providerId;
-    }
-
     return client({
-      url: url,
+      url: "/cart/" + id,
+      params: query,
       headers: authorizationHeaders({ token: token, internalAuthTokenProvider: internalAuthTokenProvider, headers: headers })
     });
   }
@@ -161,11 +164,11 @@ function cartFactory(_ref) {
   }
 
   /**
-   * DELETE /carts/:cartId/paid-in-items - delete paid-in items. Query forwarded via opts.params if provided.
+   * DELETE /carts/:cartId/paid-in-items - delete paid-in items.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} opts.cartId - Cart id
-   * @param {Object} opts.params - Query params (forwarded to API)
+   * @param {CartDeletePaidInItemsQuery} [opts.params] - Query params (operationId, productId)
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
    * @param {Object} [opts.headers] - Optional headers
    * @returns {Promise<import("axios").AxiosResponse>}
@@ -181,7 +184,7 @@ function cartFactory(_ref) {
       url: "/carts/" + cartId + "/paid-in-items",
       method: "delete",
       headers: authorizationHeaders({ token: token, jwtToken: jwtToken, internalAuthTokenProvider: internalAuthTokenProvider, headers: headers }),
-      params: params
+      params: params || {}
     });
   }
 
@@ -238,13 +241,13 @@ function cartFactory(_ref) {
 
   var partialDepositStatus = {
     /**
-     * GET /cart/:shiftId/partial-deposit-status - get partial deposit status. API does not accept query params.
+     * GET /cart/:shiftId/partial-deposit-status - get shift partial deposit status. API does not accept query params. Response: partialDeposit.
      * @param {Object} opts
      * @param {string} [opts.token] - API key
      * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-     * @param {string} opts.shiftId - Shift id
+     * @param {string} opts.shiftId - Shift id (24 hex characters)
      * @param {Object} [opts.headers] - Optional headers
-     * @returns {Promise<import("axios").AxiosResponse>}
+     * @returns {Promise<import("axios").AxiosResponse<{ partialDeposit: * }>>}
      */
     get: function get(_ref10) {
       var token = _ref10.token,
@@ -309,13 +312,13 @@ function cartFactory(_ref) {
 
   var taxExemptPaymentMethod = {
     /**
-     * POST /carts/:cartId/tax-exempt-payment-method - set tax exempt payment method. API does not accept query params.
+     * POST /carts/:cartId/tax-exempt-payment-method - recalculate taxes for a tax exempt payment method. Body: amountExempt (number).
      * @param {Object} opts
      * @param {string} [opts.token] - API key
      * @param {string} opts.cartId - Cart id
      * @param {string} [opts.jwtToken] - JWT or internal auth symbol
      * @param {Object} [opts.headers] - Optional headers
-     * @param {Object} [opts.data] - Request body
+     * @param {Object} opts.data - Request body; must include amountExempt (number, amount exempted of taxes)
      * @returns {Promise<import("axios").AxiosResponse>}
      */
     post: function post(_ref13) {

package/lib/endpoints/sales/flexpasses.js

@@ -18,11 +18,11 @@ function flexpassesEndpointsFactory(_ref) {
       internalAuthTokenProvider = _ref.internalAuthTokenProvider;
 
   /**
-   * GET /flexpasses/:flexpassId - get flexpass by id. API does not accept query params (btrz-api-sales).
+   * GET /flexpasses/:flexpassId - get flexpass by id. API does not accept query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-   * @param {string} opts.flexpassId - Flexpass id
+   * @param {string} opts.flexpassId - Flexpass id (24 hex characters)
    * @param {Object} [opts.headers] - Optional headers
    * @returns {Promise<import("axios").AxiosResponse>}
    */
@@ -30,13 +30,10 @@ function flexpassesEndpointsFactory(_ref) {
     var token = _ref2.token,
         jwtToken = _ref2.jwtToken,
         flexpassId = _ref2.flexpassId,
-        _ref2$query = _ref2.query,
-        query = _ref2$query === undefined ? {} : _ref2$query,
         headers = _ref2.headers;
 
     return client({
       url: "/flexpasses/" + flexpassId,
-      params: query,
       headers: authorizationHeaders({ token: token, jwtToken: jwtToken, internalAuthTokenProvider: internalAuthTokenProvider, headers: headers })
     });
   }

package/lib/endpoints/sales/order.js

@@ -17,12 +17,18 @@ var _require = require("./../endpoints_helpers.js"),
  * @property {string} [providerId] - Provider account id
  */
 
+/**
+ * Query params for PATCH /orders (btrz-api-sales patch-handler getSpec).
+ * @typedef {Object} OrderPatchQuery
+ * @property {string} [includePaidOrExpired] - 'true' or 'false'; whether to update when transaction is already paid or expired
+ */
+
 /**
  * Factory for order API (btrz-api-sales).
  * @param {Object} deps
  * @param {import("axios").AxiosInstance} deps.client
  * @param {{ getToken: function(): string }} [deps.internalAuthTokenProvider]
- * @returns {{ create: function, get: function, overwrite: function }}
+ * @returns {{ create: function, get: function, overwrite: function, patch: function }}
  */
 
 
@@ -31,10 +37,10 @@ function orderFactory(_ref) {
       internalAuthTokenProvider = _ref.internalAuthTokenProvider;
 
   /**
-   * POST /order - create order.
+   * POST /order - create order. Body: orderRequest (cartId, customerInfo, payments, channel, etc.).
    * @param {Object} opts
    * @param {string} [opts.token] - API key
-   * @param {Object} opts.order - Order payload
+   * @param {Object} opts.order - Order request body (orderRequest)
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
    * @param {Object} [opts.headers] - Optional headers
    * @returns {Promise<import("axios").AxiosResponse>}
@@ -77,11 +83,11 @@ function orderFactory(_ref) {
   }
 
   /**
-   * POST /orders/:orderId/payments - overwrite order payments.
+   * POST /orders/:orderId/payments - overwrite order payments. Body must include payments (array). Endpoint is internal (hideInDocumentation).
    * @param {Object} opts
    * @param {string} [opts.token] - API key
-   * @param {string} opts.orderId - Order id
-   * @param {Object} opts.payments - Payments payload
+   * @param {string} opts.orderId - Order (transaction) id
+   * @param {Object} opts.payments - Request body; must include property payments (array of payment objects)
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
    * @param {Object} [opts.headers] - Optional headers
    * @param {OrderPaymentsQuery} [opts.query] - Query params (channel, providerId)
@@ -105,10 +111,38 @@ function orderFactory(_ref) {
     });
   }
 
+  /**
+   * PATCH /orders - complete order creation after referenced payment (e.g. waitForPaymentCompletion). Body: operation (name, data with transactionId, paymentResult). Query: includePaidOrExpired.
+   * @param {Object} opts
+   * @param {string} [opts.token] - API key
+   * @param {string} [opts.jwtToken] - JWT or internal auth symbol
+   * @param {Object} [opts.headers] - Optional headers
+   * @param {Object} opts.operation - Operation object: { name, data: { transactionId, paymentResult } }
+   * @param {OrderPatchQuery} [opts.query] - Query params (includePaidOrExpired)
+   * @returns {Promise<import("axios").AxiosResponse>}
+   */
+  function patch(_ref5) {
+    var token = _ref5.token,
+        jwtToken = _ref5.jwtToken,
+        headers = _ref5.headers,
+        operation = _ref5.operation,
+        _ref5$query = _ref5.query,
+        query = _ref5$query === undefined ? {} : _ref5$query;
+
+    return client({
+      url: "/orders",
+      method: "patch",
+      headers: authorizationHeaders({ token: token, jwtToken: jwtToken, internalAuthTokenProvider: internalAuthTokenProvider, headers: headers }),
+      data: { operation: operation },
+      params: query
+    });
+  }
+
   return {
     create: create,
     get: get,
-    overwrite: overwrite
+    overwrite: overwrite,
+    patch: patch
   };
 }
 

package/lib/endpoints/sales/parcel-quotes.js

@@ -18,10 +18,10 @@ function parcelQuotesFactory(_ref) {
       internalAuthTokenProvider = _ref.internalAuthTokenProvider;
 
   /**
-   * POST /parcel-quotes - get parcel quote. API does not accept query params.
+   * POST /parcel-quotes - request a parcel quote. Body: parcelQuoteData (fromId, toId, productId, channel, parcels). API does not accept query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
-   * @param {Object} opts.parcelQuoteData - Parcel quote request payload
+   * @param {Object} opts.parcelQuoteData - Parcel quote request: fromId, toId, productId, channel, parcels (array of { fareId, weight, measure })
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
    * @param {Object} [opts.headers] - Optional headers
    * @returns {Promise<import("axios").AxiosResponse>}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "btrz-api-client",
-  "version": "8.33.0",
+  "version": "8.34.0",
   "description": "Api client for Betterez endpoints",
   "main": "index.js",
   "scripts": {

package/src/client.js

@@ -134,15 +134,16 @@ function createInventory({baseURL, headers, timeout, overrideFn, internalAuthTok
 }
 
 /**
- * Creates the trips API client (trips, segmentsInformationTables). Uses inventory base path.
+ * Creates the trips API client (trips, tripIds, segmentsInformationTables). Uses inventory base path.
  * @param {CreateModuleOptions} opts - Client options
- * @returns {Object} Object with trips and segmentsInformationTables endpoint namespaces and __test_trips.client
+ * @returns {Object} Object with trips, tripIds, segmentsInformationTables endpoint namespaces and __test_trips.client
  */
 function createTrips({baseURL, headers, timeout, overrideFn, internalAuthTokenProvider, agents}) {
   const client = clientFactory({baseURL, headers, timeout, overrideFn, agents});
 
   return {
     trips: require("./endpoints/inventory/trips.js")({client, internalAuthTokenProvider}),
+    tripIds: require("./endpoints/inventory/trip-ids.js")({client, internalAuthTokenProvider}),
     segmentsInformationTables: require("./endpoints/inventory/segments-information-tables.js")({client, internalAuthTokenProvider}),
     __test_trips: {
       client
@@ -444,6 +445,8 @@ function createBtrzPay({baseURL, headers, timeout, overrideFn, internalAuthToken
   const client = clientFactory({baseURL, headers, timeout, overrideFn, agents});
 
   return {
+    adyen: require("./endpoints/btrzpay/adyen.js")({client, internalAuthTokenProvider}),
+    cybersource3ds: require("./endpoints/btrzpay/cybersource3ds.js")({client, internalAuthTokenProvider}),
     docs: require("./endpoints/btrzpay/docs.js")({client}),
     cardpointeTerminals: require("./endpoints/btrzpay/cardpointe.js").cardpointeTerminalsFactory({client, internalAuthTokenProvider}),
     paymentMethods: require("./endpoints/btrzpay/payment-methods.js")({client, internalAuthTokenProvider}),
@@ -459,6 +462,7 @@ function createBtrzPay({baseURL, headers, timeout, overrideFn, internalAuthToken
     prismaTerminals: require("./endpoints/btrzpay/prismaTerminals.js")({client, internalAuthTokenProvider}),
     terminalPayments: require("./endpoints/btrzpay/terminalPayments.js")({client, internalAuthTokenProvider}),
     stripeTerminals: require("./endpoints/btrzpay/stripe-terminals.js")({client, internalAuthTokenProvider}),
+    stripe3ds: require("./endpoints/btrzpay/stripe3ds.js")({client, internalAuthTokenProvider}),
     __test: {
       client
     }

package/src/endpoints/btrzpay/adyen.js

@@ -0,0 +1,44 @@
+/* eslint-disable max-len */
+/* eslint-disable import/extensions */
+const {authorizationHeaders} = require("../endpoints_helpers.js");
+
+/**
+ * Query params for GET /adyen-payment-methods (btrz-api-payments). See getAdyenPaymentMethods getSpec().
+ * @typedef {Object} AdyenPaymentMethodsQuery
+ * @property {string} [countryCode] - Two-letter ISO country code to filter allowed payment methods
+ * @property {string} [currencyCode] - Three-letter ISO currency code to filter allowed payment methods
+ * @property {number} [amount] - Amount used to determine allowed payment methods
+ * @property {string} [transactionId] - Transaction identifier for the payment session
+ */
+
+/**
+ * Factory for Adyen API (btrz-api-payments).
+ * @param {Object} deps
+ * @param {import("axios").AxiosInstance} deps.client
+ * @param {{ getToken: function(): string }} [deps.internalAuthTokenProvider]
+ * @returns {{ getPaymentMethods: function }}
+ */
+function adyenFactory({client, internalAuthTokenProvider}) {
+  /**
+   * GET /adyen-payment-methods - returns allowed Adyen payment methods for the account.
+   * @param {Object} opts
+   * @param {string} [opts.token] - API key
+   * @param {string} [opts.jwtToken] - JWT or internal auth symbol
+   * @param {AdyenPaymentMethodsQuery} [opts.query] - Query params (countryCode, currencyCode, amount, transactionId)
+   * @param {Object} [opts.headers] - Optional request headers
+   * @returns {Promise<import("axios").AxiosResponse<{ AdyenPaymentMethods: Array<{ name: string, type: string, brands?: string[] }> }>>}
+   *   Resolves with GetAdyenPaymentMethodsResponse. Rejects with 400 (INVALID_*), 404 (ADYEN_PAYMENT_METHODS_NOT_FOUND, PROVIDER_NOT_FOUND, PAYMENT_METHOD_NOT_FOUND).
+   */
+  function getPaymentMethods({token, jwtToken, query = {}, headers}) {
+    return client.get("/adyen-payment-methods", {
+      params: query,
+      headers: authorizationHeaders({token, jwtToken, internalAuthTokenProvider, headers})
+    });
+  }
+
+  return {
+    getPaymentMethods
+  };
+}
+
+module.exports = adyenFactory;

package/src/endpoints/btrzpay/cardpointe.js

@@ -51,7 +51,7 @@ function cardpointeTerminalsFactory({client, internalAuthTokenProvider}) {
      * @param {Object} opts
      * @param {string} [opts.token] - API key
      * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-     * @param {string} opts.readCardResultId - Read card result id
+     * @param {string} opts.readCardResultId - Read card result id (UUID v4)
      * @param {Object} [opts.headers] - Optional headers
      * @returns {Promise<import("axios").AxiosResponse>}
      */
@@ -62,19 +62,21 @@ function cardpointeTerminalsFactory({client, internalAuthTokenProvider}) {
       });
     },
     /**
-     * POST /cardpointe-terminals/read-card - create read card. API does not accept query params.
+     * POST /cardpointe-terminals/read-card - start read card session. API accepts optional query providerId.
      * @param {Object} opts
      * @param {string} [opts.token] - API key
      * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-     * @param {Object} opts.readCard - Read card payload
+     * @param {Object} opts.readCard - Read card payload (merchantId, terminalId, amount)
+     * @param {string} [opts.providerId] - Provider (payment method) ID; if omitted, account ID is used
      * @param {Object} [opts.headers] - Optional headers
      * @returns {Promise<import("axios").AxiosResponse>}
      */
     // eslint-disable-next-line no-shadow
-    create({token, jwtToken, readCard, headers}) {
+    create({token, jwtToken, readCard, providerId, headers}) {
       return client({
         url: "/cardpointe-terminals/read-card",
         method: "post",
+        params: providerId != null ? {providerId} : {},
         headers: authorizationHeaders({token, jwtToken, internalAuthTokenProvider, headers}),
         data: {readCard}
       });

package/src/endpoints/btrzpay/customerCards.js

@@ -9,15 +9,15 @@ const {authorizationHeaders} = require("../endpoints_helpers.js");
  */
 function customerCardsFactory({client, internalAuthTokenProvider}) {
   /**
-   * GET /payment-methods/:paymentMethodId/customers/:customerId/cards/:customerCardId - get card. API does not accept query params.
+   * GET .../cards/:customerCardId - get one card by id. No query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-   * @param {string} opts.paymentMethodId - Payment method id
-   * @param {string} opts.customerId - Customer id
-   * @param {string} opts.customerCardId - Customer card id
+   * @param {string} opts.paymentMethodId - Payment method ID (UUID v4)
+   * @param {string} opts.customerId - Customer ID (object ID)
+   * @param {string} opts.customerCardId - Card ID (UUID v4)
    * @param {Object} [opts.headers] - Optional headers
-   * @returns {Promise<import("axios").AxiosResponse>}
+   * @returns {Promise<import("axios").AxiosResponse<{ customerCard: Object }>>}
    */
   function get({token, jwtToken, paymentMethodId, customerId, customerCardId, headers}) {
     return client.get(`/payment-methods/${paymentMethodId}/customers/${customerId}/cards/${customerCardId}`, {
@@ -27,14 +27,14 @@ function customerCardsFactory({client, internalAuthTokenProvider}) {
   }
 
   /**
-   * GET /payment-methods/:paymentMethodId/customers/:customerId/cards - list cards. API does not accept query params.
+   * GET .../cards - list all cards for customer. No query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-   * @param {string} opts.paymentMethodId - Payment method id
-   * @param {string} opts.customerId - Customer id
+   * @param {string} opts.paymentMethodId - Payment method ID (UUID v4)
+   * @param {string} opts.customerId - Customer ID (object ID)
    * @param {Object} [opts.headers] - Optional headers
-   * @returns {Promise<import("axios").AxiosResponse>}
+   * @returns {Promise<import("axios").AxiosResponse<{ customerCards: Array<Object> }>>}
    */
   function all({token, jwtToken, paymentMethodId, customerId, headers}) {
     return client.get(`/payment-methods/${paymentMethodId}/customers/${customerId}/cards`, {
@@ -44,15 +44,15 @@ function customerCardsFactory({client, internalAuthTokenProvider}) {
   }
 
   /**
-   * POST /payment-methods/:paymentMethodId/customers/:customerId/cards - create card. API does not accept query params.
+   * POST .../cards - create stored card. Body: { customerCard }. No query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-   * @param {string} opts.paymentMethodId - Payment method id
-   * @param {string} opts.customerId - Customer id
-   * @param {Object} opts.customerCard - Customer card payload
+   * @param {string} opts.paymentMethodId - Payment method ID (UUID v4)
+   * @param {string} opts.customerId - Customer ID (object ID)
+   * @param {Object} opts.customerCard - Card payload (see PostCustomerCardRequest)
    * @param {Object} [opts.headers] - Optional headers
-   * @returns {Promise<import("axios").AxiosResponse>}
+   * @returns {Promise<import("axios").AxiosResponse<{ customerCard: Object }>>}
    */
   function create({token, jwtToken, paymentMethodId, customerId, customerCard, headers}) {
     return client({
@@ -64,15 +64,15 @@ function customerCardsFactory({client, internalAuthTokenProvider}) {
   }
 
   /**
-   * DELETE /payment-methods/:paymentMethodId/customers/:customerId/cards/:customerCardId - remove card. API does not accept query params.
+   * DELETE .../cards/:customerCardId - remove stored card. No query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-   * @param {string} opts.paymentMethodId - Payment method id
-   * @param {string} opts.customerId - Customer id
-   * @param {string} opts.customerCardId - Customer card id
+   * @param {string} opts.paymentMethodId - Payment method ID (UUID v4)
+   * @param {string} opts.customerId - Customer ID (object ID)
+   * @param {string} opts.customerCardId - Card ID (UUID v4)
    * @param {Object} [opts.headers] - Optional headers
-   * @returns {Promise<import("axios").AxiosResponse>}
+   * @returns {Promise<import("axios").AxiosResponse<{ success: boolean }>>}
    */
   function remove({token, jwtToken, paymentMethodId, customerId, customerCardId, headers}) {
     return client({

package/src/endpoints/btrzpay/customers.js

@@ -1,7 +1,7 @@
 const {authorizationHeaders} = require("../endpoints_helpers.js");
 
 /**
- * Factory for payment-method customers API (btrz-api-payments).
+ * Factory for payment-method customers API (btrz-api-payments). Path: payment-methods/{id}/customers.
  * @param {Object} deps
  * @param {import("axios").AxiosInstance} deps.client
  * @param {{ getToken: function(): string }} [deps.internalAuthTokenProvider]
@@ -9,14 +9,14 @@ const {authorizationHeaders} = require("../endpoints_helpers.js");
  */
 function customersFactory({client, internalAuthTokenProvider}) {
   /**
-   * GET /payment-methods/:paymentMethodId/customers/:customerId - get customer. API does not accept query params.
+   * GET .../customers/:customerId - get customer. No query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-   * @param {string} opts.paymentMethodId - Payment method id
-   * @param {string} opts.customerId - Customer id
+   * @param {string} opts.paymentMethodId - Payment method ID (UUID v4)
+   * @param {string} opts.customerId - Customer ID (object ID)
    * @param {Object} [opts.headers] - Optional headers
-   * @returns {Promise<import("axios").AxiosResponse>}
+   * @returns {Promise<import("axios").AxiosResponse<{ customer: Object }>>}
    */
   function get({token, jwtToken, paymentMethodId, customerId, headers}) {
     return client.get(`/payment-methods/${paymentMethodId}/customers/${customerId}`, {
@@ -26,14 +26,14 @@ function customersFactory({client, internalAuthTokenProvider}) {
   }
 
   /**
-   * POST /payment-methods/:paymentMethodId/customers - create customer. API does not accept query params.
+   * POST .../customers - create customer. Body: { customer } (PostCustomerRequest: channel, customer.id/number/email). No query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-   * @param {string} opts.paymentMethodId - Payment method id
-   * @param {Object} opts.customer - Customer payload
+   * @param {string} opts.paymentMethodId - Payment method ID (UUID v4)
+   * @param {Object} opts.customer - PostCustomerRequest (channel, customer with id, number, email)
    * @param {Object} [opts.headers] - Optional headers
-   * @returns {Promise<import("axios").AxiosResponse>}
+   * @returns {Promise<import("axios").AxiosResponse<{ customer: Object }>>}
    */
   function create({token, jwtToken, paymentMethodId, customer, headers}) {
     return client({
@@ -45,14 +45,14 @@ function customersFactory({client, internalAuthTokenProvider}) {
   }
 
   /**
-   * DELETE /payment-methods/:paymentMethodId/customers/:customerId - remove customer. API does not accept query params.
+   * DELETE .../customers/:customerId - remove customer (and saved cards). No query params.
    * @param {Object} opts
    * @param {string} [opts.token] - API key
    * @param {string} [opts.jwtToken] - JWT or internal auth symbol
-   * @param {string} opts.paymentMethodId - Payment method id
-   * @param {string} opts.customerId - Customer id
+   * @param {string} opts.paymentMethodId - Payment method ID (UUID v4)
+   * @param {string} opts.customerId - Customer ID (object ID)
    * @param {Object} [opts.headers] - Optional headers
-   * @returns {Promise<import("axios").AxiosResponse>}
+   * @returns {Promise<import("axios").AxiosResponse<{ success: boolean }>>}
    */
   function remove({token, jwtToken, paymentMethodId, customerId, headers}) {
     return client({

package/src/endpoints/btrzpay/cybersource3ds.js

@@ -0,0 +1,114 @@
+/* eslint-disable max-len */
+const {authorizationHeaders} = require("../endpoints_helpers.js");
+
+/**
+ * Query params for GET /cbs-token (btrz-api-payments). See getSpec() in get-token-handler.
+ * @typedef {Object} Cybersource3dsTokenQuery
+ * @property {string} transactionId - Transaction ID for which to create the 3DS token (required). ObjectId format.
+ * @property {string} [operatingCompanyId] - Operating company ID when Cybersource uses overrides by operating company. ObjectId format.
+ */
+
+/**
+ * Request body for POST /cbs-evaluate-risk. RiskEvaluationPostData.
+ * @typedef {Object} RiskEvaluationPostData
+ * @property {Object} paymentData - Payment information (required)
+ * @property {Object} [cartPayload] - Cart information (CartData)
+ * @property {string} [operatingCompanyId] - Operating company ID
+ * @property {string} [providerName] - Provider name (e.g. "cybersource")
+ */
+
+/**
+ * Request body for POST /cbs-pa-enrollment. PayerAuthenticationPostData.
+ * @typedef {Object} PayerAuthenticationPostData
+ * @property {Object} paymentData - Payment information (required)
+ * @property {string} [operatingCompanyId] - Operating company ID
+ * @property {string} [providerName] - Provider name (e.g. "cybersource")
+ */
+
+/**
+ * Request body for POST /cbs-validate-pa-enrollment. ValidateAuthenticationPostData.
+ * @typedef {Object} ValidateAuthenticationPostData
+ * @property {Object} paymentData - Payment information (required)
+ * @property {string} processorTransactionId - Processor transaction ID from payer authentication enrollment (required)
+ * @property {string} [operatingCompanyId] - Operating company ID
+ * @property {string} [providerName] - Provider name (e.g. "cybersource")
+ */
+
+/**
+ * Factory for Cybersource 3DS API (btrz-api-payments): Cardinal/Cybersource token, evaluate risk, payer auth enrollment, validate enrollment.
+ * @param {Object} deps
+ * @param {import("axios").AxiosInstance} deps.client
+ * @param {{ getToken: function(): string }} [deps.internalAuthTokenProvider]
+ * @returns {{ getToken: function, evaluateRisk: function, payerAuthenticationEnrollment: function, validatePayerAuthenticationEnrollment: function }}
+ */
+function cybersource3dsFactory({client, internalAuthTokenProvider}) {
+  /**
+   * GET /cbs-token - returns JWT to use with Cardinal (3DS).
+   * @param {Object} opts
+   * @param {string} [opts.token] - API key
+   * @param {string} [opts.jwtToken] - JWT or internal auth symbol
+   * @param {Cybersource3dsTokenQuery} opts.query - transactionId (required), optional operatingCompanyId
+   * @param {Object} [opts.headers] - Optional request headers
+   * @returns {Promise<import("axios").AxiosResponse<{ token: string }>>} ThreeDSTokenResponse. Rejects with 400 (WRONG_DATA, INVALID_TRANSACTION_ID, PROVIDER_NOT_FOUND, PAYMENT_METHOD_NOT_FOUND), 401, 500.
+   */
+  function getToken({token, jwtToken, query, headers}) {
+    return client.get("/cbs-token", {
+      params: query,
+      headers: authorizationHeaders({token, jwtToken, internalAuthTokenProvider, headers})
+    });
+  }
+
+  /**
+   * POST /cbs-evaluate-risk - evaluate fraud risk (Decision Manager).
+   * @param {Object} opts
+   * @param {string} [opts.token] - API key
+   * @param {string} [opts.jwtToken] - JWT or internal auth symbol
+   * @param {RiskEvaluationPostData} opts.riskEvaluation - paymentData (required), optional cartPayload, operatingCompanyId
+   * @param {Object} [opts.headers] - Optional request headers
+   * @returns {Promise<import("axios").AxiosResponse<RiskEvaluationResponse>>} RiskEvaluationResponse. Rejects with 400 (EVAL_RISK_*), 401, 409 (CYBERSOURCE_AUTH_FAILED), 500.
+   */
+  function evaluateRisk({token, jwtToken, riskEvaluation, headers}) {
+    return client.post("/cbs-evaluate-risk", riskEvaluation, {
+      headers: authorizationHeaders({token, jwtToken, internalAuthTokenProvider, headers})
+    });
+  }
+
+  /**
+   * POST /cbs-pa-enrollment - check payer authentication enrollment.
+   * @param {Object} opts
+   * @param {string} [opts.token] - API key
+   * @param {string} [opts.jwtToken] - JWT or internal auth symbol
+   * @param {PayerAuthenticationPostData} opts.body - paymentData (required), optional operatingCompanyId
+   * @param {Object} [opts.headers] - Optional request headers
+   * @returns {Promise<import("axios").AxiosResponse<PAEnrollmentResponse>>} PAEnrollmentResponse. Rejects with 400 (PAENROLL_*, PROVIDER_NOT_FOUND, PAYMENT_METHOD_NOT_FOUND), 401, 500.
+   */
+  function payerAuthenticationEnrollment({token, jwtToken, body, headers}) {
+    return client.post("/cbs-pa-enrollment", body, {
+      headers: authorizationHeaders({token, jwtToken, internalAuthTokenProvider, headers})
+    });
+  }
+
+  /**
+   * POST /cbs-validate-pa-enrollment - validate payer authentication challenge response.
+   * @param {Object} opts
+   * @param {string} [opts.token] - API key
+   * @param {string} [opts.jwtToken] - JWT or internal auth symbol
+   * @param {ValidateAuthenticationPostData} opts.body - paymentData and processorTransactionId (required)
+   * @param {Object} [opts.headers] - Optional request headers
+   * @returns {Promise<import("axios").AxiosResponse<ValidatePAEnrollmentResponse>>} ValidatePAEnrollmentResponse. Rejects with 400 (VALIDATE_PAENROLL_*), 401, 500.
+   */
+  function validatePayerAuthenticationEnrollment({token, jwtToken, body, headers}) {
+    return client.post("/cbs-validate-pa-enrollment", body, {
+      headers: authorizationHeaders({token, jwtToken, internalAuthTokenProvider, headers})
+    });
+  }
+
+  return {
+    getToken,
+    evaluateRisk,
+    payerAuthenticationEnrollment,
+    validatePayerAuthenticationEnrollment
+  };
+}
+
+module.exports = cybersource3dsFactory;