ibm-cloud-sdk-core 5.3.1 → 5.4.0

package/auth/token-managers/mcspv2-token-manager.js

@@ -0,0 +1,176 @@
+"use strict";
+/**
+ * (C) Copyright IBM Corp. 2025.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.McspV2TokenManager = void 0;
+var extend_1 = __importDefault(require("extend"));
+var helpers_1 = require("../utils/helpers");
+var build_user_agent_1 = require("../../lib/build-user-agent");
+var jwt_token_manager_1 = require("./jwt-token-manager");
+var logger_1 = __importDefault(require("../../lib/logger"));
+/**
+ * Token Manager for Multi-Cloud Saas Platform (MCSP) V2 authentication.
+ *
+ * The McspV2TokenManager will invoke the MCSP token service's 'POST /api/2.0/\{scopeCollectionType\}/\{scopeId\}/apikeys/token'
+ * operation to obtain an MCSP access token for an apikey.
+ */
+var McspV2TokenManager = /** @class */ (function (_super) {
+    __extends(McspV2TokenManager, _super);
+    /**
+     * Create a new McspV2TokenManager instance.
+     *
+     * @param options - Configuration options.
+     * This should be an object containing these fields:
+     * - url: (required) the endpoint URL for the CloudPakForData token service.
+     * - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified).
+     * - scopeCollectionType: (required) The scope collection type of item(s). Valid values are: "accounts", "subscriptions", "services".
+     * - scopeId: (required) the scope identifier of item(s).
+     * - includeBuiltinActions: (optional) a flag to include builtin actions in the "actions" claim in the MCSP access token (default: false).
+     * - includeCustomActions: (optional) a flag to include custom actions in the "actions" claim in the MCSP access token (default: false).
+     * - includeRoles: (optional) a flag to include the "roles" claim in the MCSP access token (default: true).
+     * - prefixRoles: (optional) a flag to add a prefix with the scope level where the role is defined in the "roles" claim (default: false).
+     * - callerExtClaim: (optional) a map (object) containing keys and values to be injected into the access token as the "callerExt" claim.
+     *     The keys used in this map must be enabled in the apikey by setting the "callerExtClaimNames" property when the apikey is created.
+     *     This property is typically only used in scenarios involving an apikey with identityType `SERVICEID`.
+     * - disableSslVerification: (optional) a flag to disable verification of the token server's SSL certificate; defaults to false.
+     * - headers: (optional) a set of HTTP headers to be sent with each request to the token service.
+     *
+     * @throws Error: the input configuration failed validation
+     */
+    function McspV2TokenManager(options) {
+        var _this = _super.call(this, options) || this;
+        _this.requiredOptions = ['apikey', 'url', 'scopeCollectionType', 'scopeId'];
+        // This is the path associated with the operation used to obtain
+        // an access token from the MCSP token service (v2).
+        // The path parameter references must match the keys used in pathParams below.
+        _this.PATH_TEMPLATE = '/api/2.0/{scopeCollectionType}/{scopeId}/apikeys/token';
+        // The name of the field (within the token-exchange operation's responseBody)
+        // that contains the access token.
+        _this.tokenName = 'token';
+        // Validate the required properties.
+        (0, helpers_1.validateInput)(options, _this.requiredOptions);
+        _this.url = options.url;
+        _this.apikey = options.apikey;
+        _this.scopeCollectionType = options.scopeCollectionType;
+        _this.scopeId = options.scopeId;
+        // Now parse/validate the optional properties.
+        _this.includeBuiltinActions = McspV2TokenManager.parseBoolean(options, 'includeBuiltinActions', false);
+        _this.includeCustomActions = McspV2TokenManager.parseBoolean(options, 'includeCustomActions', false);
+        _this.includeRoles = McspV2TokenManager.parseBoolean(options, 'includeRoles', true);
+        _this.prefixRoles = McspV2TokenManager.parseBoolean(options, 'prefixRoles', false);
+        if ('callerExtClaim' in options) {
+            var value = options.callerExtClaim;
+            if (typeof value === 'string') {
+                try {
+                    _this.callerExtClaim = JSON.parse(value);
+                }
+                catch (err) {
+                    throw new Error("An error occurred while parsing the callerExtClaim value '".concat(value, "': ").concat(err.message));
+                }
+            }
+            else if (typeof value === 'object') {
+                _this.callerExtClaim = value;
+            }
+            else {
+                throw new Error("callerExtClaim must be a string or object, but was '".concat(typeof value, "'"));
+            }
+        }
+        _this.userAgent = (0, build_user_agent_1.buildUserAgent)('mcspv2-authenticator');
+        return _this;
+    }
+    McspV2TokenManager.prototype.requestToken = function () {
+        var requiredHeaders = {
+            Accept: 'application/json',
+            'Content-Type': 'application/json',
+            'User-Agent': this.userAgent,
+        };
+        var requestHeaders = (0, extend_1.default)(true, {}, this.headers, requiredHeaders);
+        // The keys used here must match the path parameter references in PATH_TEMPLATE above.
+        var pathParams = {
+            scopeCollectionType: this.scopeCollectionType,
+            scopeId: this.scopeId,
+        };
+        // The keys used here must match the operation's query parameter names.
+        var queryParams = {
+            includeBuiltinActions: this.includeBuiltinActions,
+            includeCustomActions: this.includeCustomActions,
+            includeRoles: this.includeRoles,
+            prefixRolesWithDefinitionScope: this.prefixRoles,
+        };
+        var requestBody = {
+            apikey: this.apikey,
+            callerExtClaim: this.callerExtClaim || undefined,
+        };
+        var request = {
+            options: {
+                method: 'POST',
+                url: this.url + this.PATH_TEMPLATE,
+                body: requestBody,
+                path: pathParams,
+                qs: queryParams,
+                headers: requestHeaders,
+                rejectUnauthorized: !this.disableSslVerification,
+            },
+        };
+        logger_1.default.debug("Invoking MCSP v2 token service operation: ".concat(request.options.url));
+        return this.requestWrapperInstance.sendRequest(request).then(function (response) {
+            logger_1.default.debug('Returned from MCSP v2 token service operation');
+            return response;
+        });
+    };
+    /**
+     * Parses the Options configuration property named by 'fieldName' as a boolean value.
+     * The value in the Options object could be either boolean or string and this function
+     * will do its best to parse it correctly.
+     * @param options - the Options object containing the configuration
+     * @param fieldName - the name of the field to parse as a boolean
+     * @param defaultValue - the default value to use in case the specified field is not present in Options
+     * @returns boolean the boolean value to be used for the configuration property
+     */
+    McspV2TokenManager.parseBoolean = function (options, fieldName, defaultValue) {
+        var result = defaultValue;
+        if (fieldName in options) {
+            var value = options[fieldName];
+            if (typeof value === 'boolean') {
+                result = value;
+            }
+            else if (typeof value === 'string') {
+                result = value.toLowerCase() === 'true';
+            }
+        }
+        return result;
+    };
+    return McspV2TokenManager;
+}(jwt_token_manager_1.JwtTokenManager));
+exports.McspV2TokenManager = McspV2TokenManager;

package/auth/token-managers/token-manager.d.ts

@@ -1,6 +1,6 @@
 /// <reference types="node" />
 /**
- * (C) Copyright IBM Corp. 2020, 2024.
+ * (C) Copyright IBM Corp. 2020, 2025.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

package/auth/token-managers/token-manager.js

@@ -141,7 +141,7 @@ var TokenManager = /** @class */ (function () {
      * @returns Promise
      */
     TokenManager.prototype.requestToken = function () {
-        var errMsg = '`requestToken` MUST be overridden by a subclass of TokenManagerV1.';
+        var errMsg = '`requestToken` MUST be overridden by a subclass of TokenManager.';
         var err = new Error(errMsg);
         logger_1.default.error(errMsg);
         return Promise.reject(err);

package/auth/utils/get-authenticator-from-environment.d.ts

@@ -1,5 +1,5 @@
 /**
- * (C) Copyright IBM Corp. 2019, 2022.
+ * (C) Copyright IBM Corp. 2019, 2025.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

package/auth/utils/get-authenticator-from-environment.js

@@ -1,6 +1,6 @@
 "use strict";
 /**
- * (C) Copyright IBM Corp. 2019, 2022.
+ * (C) Copyright IBM Corp. 2019, 2025.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -93,6 +93,9 @@ function getAuthenticatorFromEnvironment(serviceName) {
     else if (authType === authenticators_1.Authenticator.AUTHTYPE_MCSP.toLowerCase()) {
         authenticator = new authenticators_1.McspAuthenticator(credentials);
     }
+    else if (authType === authenticators_1.Authenticator.AUTHTYPE_MCSPV2.toLowerCase()) {
+        authenticator = new authenticators_1.McspV2Authenticator(credentials);
+    }
     else {
         throw new Error("Invalid value for AUTH_TYPE: ".concat(authType));
     }

package/docs/ibm-cloud-sdk-core.api.json

@@ -1,7 +1,7 @@
 {
   "metadata": {
     "toolPackage": "@microsoft/api-extractor",
-    "toolVersion": "7.43.1",
+    "toolVersion": "7.52.8",
     "schemaVersion": 1011,
     "oldestForwardsCompatibleVersion": 1001,
     "tsdocConfig": {
@@ -597,6 +597,36 @@
               "isProtected": false,
               "isAbstract": false
             },
+            {
+              "kind": "Property",
+              "canonicalReference": "ibm-cloud-sdk-core!Authenticator.AUTHTYPE_MCSPV2:member",
+              "docComment": "",
+              "excerptTokens": [
+                {
+                  "kind": "Content",
+                  "text": "static AUTHTYPE_MCSPV2: "
+                },
+                {
+                  "kind": "Content",
+                  "text": "string"
+                },
+                {
+                  "kind": "Content",
+                  "text": ";"
+                }
+              ],
+              "isReadonly": false,
+              "isOptional": false,
+              "releaseTag": "Public",
+              "name": "AUTHTYPE_MCSPV2",
+              "propertyTypeTokenRange": {
+                "startIndex": 1,
+                "endIndex": 2
+              },
+              "isStatic": true,
+              "isProtected": false,
+              "isAbstract": false
+            },
             {
               "kind": "Property",
               "canonicalReference": "ibm-cloud-sdk-core!Authenticator.AUTHTYPE_NOAUTH:member",
@@ -4006,7 +4036,7 @@
                 {
                   "kind": "Reference",
                   "text": "Options",
-                  "canonicalReference": "ibm-cloud-sdk-core!~Options_14:interface"
+                  "canonicalReference": "ibm-cloud-sdk-core!~Options_16:interface"
                 },
                 {
                   "kind": "Content",
@@ -4133,7 +4163,7 @@
                 {
                   "kind": "Reference",
                   "text": "Options",
-                  "canonicalReference": "ibm-cloud-sdk-core!~Options_13:interface"
+                  "canonicalReference": "ibm-cloud-sdk-core!~Options_15:interface"
                 },
                 {
                   "kind": "Content",
@@ -6112,7 +6142,7 @@
             {
               "kind": "Constructor",
               "canonicalReference": "ibm-cloud-sdk-core!McspAuthenticator:constructor(1)",
-              "docComment": "/**\n * Create a new McspAuthenticator instance.\n *\n * @param options - Configuration options for CloudPakForData authentication. This should be an object containing these fields: - url: (required) the endpoint URL for the CloudPakForData token service - username: (required) the username used to obtain a bearer token - password: (optional) the password used to obtain a bearer token (required if apikey is not specified) - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified) - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate should be disabled or not - headers: (optional) a set of HTTP headers to be sent with each request to the token service\n *\n * @throws\n *\n * Error: the username, password, and/or url are not valid, or unspecified, for Cloud Pak For Data token requests.\n */\n",
+              "docComment": "/**\n * Create a new McspAuthenticator instance.\n *\n * @param options - Configuration options for CloudPakForData authentication. This should be an object containing these fields: - url: (required) the endpoint URL for the CloudPakForData token service - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified) - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate should be disabled or not - headers: (optional) a set of HTTP headers to be sent with each request to the token service\n *\n * @throws\n *\n * Error: the username, password, and/or url are not valid, or unspecified, for Cloud Pak For Data token requests.\n */\n",
               "excerptTokens": [
                 {
                   "kind": "Content",
@@ -6145,7 +6175,7 @@
             {
               "kind": "Method",
               "canonicalReference": "ibm-cloud-sdk-core!McspAuthenticator#authenticationType:member(1)",
-              "docComment": "/**\n * Returns the authenticator's type ('cp4d').\n *\n * @returns a string that indicates the authenticator's type\n */\n",
+              "docComment": "/**\n * Returns the authenticator's type ('mcsp').\n *\n * @returns a string that indicates the authenticator's type\n */\n",
               "excerptTokens": [
                 {
                   "kind": "Content",
@@ -6372,6 +6402,264 @@
           },
           "implementsTokenRanges": []
         },
+        {
+          "kind": "Class",
+          "canonicalReference": "ibm-cloud-sdk-core!McspV2Authenticator:class",
+          "docComment": "/**\n * The McspV2Authenticator invokes the MCSP v2 token-exchange operation (POST /api/2.0/\\{scopeCollectionType\\}/\\{scopeId\\}/apikeys/token) to obtain an access token for an apikey, and adds the access token to requests via an Authorization header of the form: \"Authorization: Bearer <access-token>\"\n */\n",
+          "excerptTokens": [
+            {
+              "kind": "Content",
+              "text": "export declare class McspV2Authenticator extends "
+            },
+            {
+              "kind": "Reference",
+              "text": "TokenRequestBasedAuthenticator",
+              "canonicalReference": "ibm-cloud-sdk-core!TokenRequestBasedAuthenticator:class"
+            },
+            {
+              "kind": "Content",
+              "text": " "
+            }
+          ],
+          "fileUrlPath": "dist/es/auth/authenticators/mcspv2-authenticator.d.ts",
+          "releaseTag": "Public",
+          "isAbstract": false,
+          "name": "McspV2Authenticator",
+          "preserveMemberOrder": false,
+          "members": [
+            {
+              "kind": "Constructor",
+              "canonicalReference": "ibm-cloud-sdk-core!McspV2Authenticator:constructor(1)",
+              "docComment": "/**\n * Create a new McspV2Authenticator instance.\n *\n * @param options - Configuration options for MCSP v2 authentication. This should be an object containing these fields: - url: (required) the endpoint URL for the CloudPakForData token service. - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified). - scopeCollectionType: (required) The scope collection type of item(s). Valid values are: \"accounts\", \"subscriptions\", \"services\". - scopeId: (required) the scope identifier of item(s). - includeBuiltinActions: (optional) a flag to include builtin actions in the \"actions\" claim in the MCSP access token (default: false). - includeCustomActions: (optional) a flag to include custom actions in the \"actions\" claim in the MCSP access token (default: false). - includeRoles: (optional) a flag to include the \"roles\" claim in the MCSP access token (default: true). - prefixRoles: (optional) a flag to add a prefix with the scope level where the role is defined in the \"roles\" claim (default: false). - callerExtClaim: (optional) a map (object) containing keys and values to be injected into the access token as the \"callerExt\" claim. The keys used in this map must be enabled in the apikey by setting the \"callerExtClaimNames\" property when the apikey is created. This property is typically only used in scenarios involving an apikey with identityType `SERVICEID`. - disableSslVerification: (optional) a flag to disable verification of the token server's SSL certificate; defaults to false. - headers: (optional) a set of HTTP headers to be sent with each request to the token service.\n *\n * @throws\n *\n * Error: the input configuration failed validation\n */\n",
+              "excerptTokens": [
+                {
+                  "kind": "Content",
+                  "text": "constructor(options: "
+                },
+                {
+                  "kind": "Reference",
+                  "text": "Options",
+                  "canonicalReference": "ibm-cloud-sdk-core!~Options_14:interface"
+                },
+                {
+                  "kind": "Content",
+                  "text": ");"
+                }
+              ],
+              "releaseTag": "Public",
+              "isProtected": false,
+              "overloadIndex": 1,
+              "parameters": [
+                {
+                  "parameterName": "options",
+                  "parameterTypeTokenRange": {
+                    "startIndex": 1,
+                    "endIndex": 2
+                  },
+                  "isOptional": false
+                }
+              ]
+            },
+            {
+              "kind": "Method",
+              "canonicalReference": "ibm-cloud-sdk-core!McspV2Authenticator#authenticationType:member(1)",
+              "docComment": "/**\n * Returns the authenticator's type ('mcspv2').\n *\n * @returns a string that indicates the authenticator's type\n */\n",
+              "excerptTokens": [
+                {
+                  "kind": "Content",
+                  "text": "authenticationType(): "
+                },
+                {
+                  "kind": "Content",
+                  "text": "string"
+                },
+                {
+                  "kind": "Content",
+                  "text": ";"
+                }
+              ],
+              "isStatic": false,
+              "returnTypeTokenRange": {
+                "startIndex": 1,
+                "endIndex": 2
+              },
+              "releaseTag": "Public",
+              "isProtected": false,
+              "overloadIndex": 1,
+              "parameters": [],
+              "isOptional": false,
+              "isAbstract": false,
+              "name": "authenticationType"
+            },
+            {
+              "kind": "Property",
+              "canonicalReference": "ibm-cloud-sdk-core!McspV2Authenticator#tokenManager:member",
+              "docComment": "",
+              "excerptTokens": [
+                {
+                  "kind": "Content",
+                  "text": "protected tokenManager: "
+                },
+                {
+                  "kind": "Reference",
+                  "text": "McspV2TokenManager",
+                  "canonicalReference": "ibm-cloud-sdk-core!McspV2TokenManager:class"
+                },
+                {
+                  "kind": "Content",
+                  "text": ";"
+                }
+              ],
+              "isReadonly": false,
+              "isOptional": false,
+              "releaseTag": "Public",
+              "name": "tokenManager",
+              "propertyTypeTokenRange": {
+                "startIndex": 1,
+                "endIndex": 2
+              },
+              "isStatic": false,
+              "isProtected": true,
+              "isAbstract": false
+            }
+          ],
+          "extendsTokenRange": {
+            "startIndex": 1,
+            "endIndex": 2
+          },
+          "implementsTokenRanges": []
+        },
+        {
+          "kind": "Class",
+          "canonicalReference": "ibm-cloud-sdk-core!McspV2TokenManager:class",
+          "docComment": "/**\n * Token Manager for Multi-Cloud Saas Platform (MCSP) V2 authentication.\n *\n * The McspV2TokenManager will invoke the MCSP token service's 'POST /api/2.0/\\{scopeCollectionType\\}/\\{scopeId\\}/apikeys/token' operation to obtain an MCSP access token for an apikey.\n */\n",
+          "excerptTokens": [
+            {
+              "kind": "Content",
+              "text": "export declare class McspV2TokenManager extends "
+            },
+            {
+              "kind": "Reference",
+              "text": "JwtTokenManager",
+              "canonicalReference": "ibm-cloud-sdk-core!JwtTokenManager:class"
+            },
+            {
+              "kind": "Content",
+              "text": " "
+            }
+          ],
+          "fileUrlPath": "dist/es/auth/token-managers/mcspv2-token-manager.d.ts",
+          "releaseTag": "Public",
+          "isAbstract": false,
+          "name": "McspV2TokenManager",
+          "preserveMemberOrder": false,
+          "members": [
+            {
+              "kind": "Constructor",
+              "canonicalReference": "ibm-cloud-sdk-core!McspV2TokenManager:constructor(1)",
+              "docComment": "/**\n * Create a new McspV2TokenManager instance.\n *\n * @param options - Configuration options. This should be an object containing these fields: - url: (required) the endpoint URL for the CloudPakForData token service. - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified). - scopeCollectionType: (required) The scope collection type of item(s). Valid values are: \"accounts\", \"subscriptions\", \"services\". - scopeId: (required) the scope identifier of item(s). - includeBuiltinActions: (optional) a flag to include builtin actions in the \"actions\" claim in the MCSP access token (default: false). - includeCustomActions: (optional) a flag to include custom actions in the \"actions\" claim in the MCSP access token (default: false). - includeRoles: (optional) a flag to include the \"roles\" claim in the MCSP access token (default: true). - prefixRoles: (optional) a flag to add a prefix with the scope level where the role is defined in the \"roles\" claim (default: false). - callerExtClaim: (optional) a map (object) containing keys and values to be injected into the access token as the \"callerExt\" claim. The keys used in this map must be enabled in the apikey by setting the \"callerExtClaimNames\" property when the apikey is created. This property is typically only used in scenarios involving an apikey with identityType `SERVICEID`. - disableSslVerification: (optional) a flag to disable verification of the token server's SSL certificate; defaults to false. - headers: (optional) a set of HTTP headers to be sent with each request to the token service.\n *\n * @throws\n *\n * Error: the input configuration failed validation\n */\n",
+              "excerptTokens": [
+                {
+                  "kind": "Content",
+                  "text": "constructor(options: "
+                },
+                {
+                  "kind": "Reference",
+                  "text": "Options",
+                  "canonicalReference": "ibm-cloud-sdk-core!~Options_13:interface"
+                },
+                {
+                  "kind": "Content",
+                  "text": ");"
+                }
+              ],
+              "releaseTag": "Public",
+              "isProtected": false,
+              "overloadIndex": 1,
+              "parameters": [
+                {
+                  "parameterName": "options",
+                  "parameterTypeTokenRange": {
+                    "startIndex": 1,
+                    "endIndex": 2
+                  },
+                  "isOptional": false
+                }
+              ]
+            },
+            {
+              "kind": "Method",
+              "canonicalReference": "ibm-cloud-sdk-core!McspV2TokenManager#requestToken:member(1)",
+              "docComment": "",
+              "excerptTokens": [
+                {
+                  "kind": "Content",
+                  "text": "protected requestToken(): "
+                },
+                {
+                  "kind": "Reference",
+                  "text": "Promise",
+                  "canonicalReference": "!Promise:interface"
+                },
+                {
+                  "kind": "Content",
+                  "text": "<any>"
+                },
+                {
+                  "kind": "Content",
+                  "text": ";"
+                }
+              ],
+              "isStatic": false,
+              "returnTypeTokenRange": {
+                "startIndex": 1,
+                "endIndex": 3
+              },
+              "releaseTag": "Public",
+              "isProtected": true,
+              "overloadIndex": 1,
+              "parameters": [],
+              "isOptional": false,
+              "isAbstract": false,
+              "name": "requestToken"
+            },
+            {
+              "kind": "Property",
+              "canonicalReference": "ibm-cloud-sdk-core!McspV2TokenManager#requiredOptions:member",
+              "docComment": "",
+              "excerptTokens": [
+                {
+                  "kind": "Content",
+                  "text": "protected requiredOptions: "
+                },
+                {
+                  "kind": "Content",
+                  "text": "string[]"
+                },
+                {
+                  "kind": "Content",
+                  "text": ";"
+                }
+              ],
+              "isReadonly": false,
+              "isOptional": false,
+              "releaseTag": "Public",
+              "name": "requiredOptions",
+              "propertyTypeTokenRange": {
+                "startIndex": 1,
+                "endIndex": 2
+              },
+              "isStatic": false,
+              "isProtected": true,
+              "isAbstract": false
+            }
+          ],
+          "extendsTokenRange": {
+            "startIndex": 1,
+            "endIndex": 2
+          },
+          "implementsTokenRanges": []
+        },
         {
           "kind": "Class",
           "canonicalReference": "ibm-cloud-sdk-core!NoAuthAuthenticator:class",

package/es/auth/authenticators/authenticator.d.ts

@@ -1,5 +1,5 @@
 /**
- * (C) Copyright IBM Corp. 2019, 2023.
+ * (C) Copyright IBM Corp. 2019, 2025.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -31,6 +31,7 @@ export declare class Authenticator implements AuthenticatorInterface {
     static AUTHTYPE_NOAUTH: string;
     static AUTHTYPE_VPC: string;
     static AUTHTYPE_MCSP: string;
+    static AUTHTYPE_MCSPV2: string;
     static AUTHTYPE_UNKNOWN: string;
     /**
      * Create a new Authenticator instance.

package/es/auth/authenticators/authenticator.js

@@ -51,4 +51,5 @@ Authenticator.AUTHTYPE_CP4D = 'cp4d';
 Authenticator.AUTHTYPE_NOAUTH = 'noAuth';
 Authenticator.AUTHTYPE_VPC = 'vpc';
 Authenticator.AUTHTYPE_MCSP = 'mcsp';
+Authenticator.AUTHTYPE_MCSPV2 = 'mcspv2';
 Authenticator.AUTHTYPE_UNKNOWN = 'unknown';

package/es/auth/authenticators/index.d.ts

@@ -39,7 +39,8 @@
  *   IAMAssumeAuthenticator: Authenticator for passing IAM authentication information to service endpoint, assuming a trusted profile.
  *   ContainerAuthenticator: Authenticator for passing IAM authentication to a service, based on a token living on the container.
  *   VpcInstanceAuthenticator: Authenticator that uses the VPC Instance Metadata Service API to retrieve an IAM token.
- *   McspAuthenticator: Authenticator for passing MCSP authentication to a service endpoint.
+ *   McspAuthenticator: Authenticator for passing MCSP v1 authentication to a service endpoint.
+ *   McspV2Authenticator: Authenticator for passing MCSP v2 authentication to a service endpoint.
  *   NoAuthAuthenticator: Performs no authentication. Useful for testing purposes.
  */
 export { AuthenticatorInterface } from './authenticator-interface';
@@ -54,4 +55,5 @@ export { IamRequestBasedAuthenticator } from './iam-request-based-authenticator'
 export { TokenRequestBasedAuthenticator } from './token-request-based-authenticator';
 export { VpcInstanceAuthenticator } from './vpc-instance-authenticator';
 export { McspAuthenticator } from './mcsp-authenticator';
+export { McspV2Authenticator } from './mcspv2-authenticator';
 export { IamAssumeAuthenticator } from './iam-assume-authenticator';

package/es/auth/authenticators/index.js

@@ -24,4 +24,5 @@ export { IamRequestBasedAuthenticator } from './iam-request-based-authenticator'
 export { TokenRequestBasedAuthenticator } from './token-request-based-authenticator';
 export { VpcInstanceAuthenticator } from './vpc-instance-authenticator';
 export { McspAuthenticator } from './mcsp-authenticator';
+export { McspV2Authenticator } from './mcspv2-authenticator';
 export { IamAssumeAuthenticator } from './iam-assume-authenticator';

package/es/auth/authenticators/mcsp-authenticator.d.ts

@@ -1,5 +1,5 @@
 /**
- * (C) Copyright IBM Corp. 2023.
+ * (C) Copyright IBM Corp. 2023, 2025.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -38,8 +38,6 @@ export declare class McspAuthenticator extends TokenRequestBasedAuthenticator {
      * @param options - Configuration options for CloudPakForData authentication.
      * This should be an object containing these fields:
      * - url: (required) the endpoint URL for the CloudPakForData token service
-     * - username: (required) the username used to obtain a bearer token
-     * - password: (optional) the password used to obtain a bearer token (required if apikey is not specified)
      * - apikey: (optional) the API key used to obtain a bearer token (required if password is not specified)
      * - disableSslVerification: (optional) a flag that indicates whether verification of the token server's SSL certificate
      * should be disabled or not
@@ -49,7 +47,7 @@ export declare class McspAuthenticator extends TokenRequestBasedAuthenticator {
      */
     constructor(options: Options);
     /**
-     * Returns the authenticator's type ('cp4d').
+     * Returns the authenticator's type ('mcsp').
      *
      * @returns a string that indicates the authenticator's type
      */