From 063a950e3111a3ea560bbd8ae23b1062f9ddc646 Mon Sep 17 00:00:00 2001 From: "stainless-app[bot]" <142633134+stainless-app[bot]@users.noreply.github.com> Date: Sat, 7 Feb 2026 20:23:25 +0000 Subject: [PATCH 1/4] feat: Browser API endpoint grouping --- .stats.yml | 4 +-- src/resources/agents/auth/auth.ts | 4 +-- src/resources/auth/connections.ts | 42 +++++++++++++++---------------- 3 files changed, 25 insertions(+), 25 deletions(-) diff --git a/.stats.yml b/.stats.yml index ad62343..796d854 100644 --- a/.stats.yml +++ b/.stats.yml @@ -1,4 +1,4 @@ configured_endpoints: 108 -openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/kernel%2Fkernel-f967d3024897a6125d5d18c4577dbb2cc22d742d487e6a43165198685f992379.yml -openapi_spec_hash: e1c40ef0aee3a79168eb9cc854a9e403 +openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/kernel%2Fkernel-848817f2b20afb49a652952c814b99e27a94090e0770465e9a87748d27e227a7.yml +openapi_spec_hash: 91efb805e45cdd4c73cd8b0950bef019 config_hash: 3b1fbbb6bda0dac7e8b42e155cd7da56 diff --git a/src/resources/agents/auth/auth.ts b/src/resources/agents/auth/auth.ts index c812518..813aa17 100644 --- a/src/resources/agents/auth/auth.ts +++ b/src/resources/agents/auth/auth.ts @@ -277,7 +277,7 @@ export interface AuthAgent { can_reauth_reason?: string; /** - * Reference to credentials for managed auth. Use one of: + * Reference to credentials for the auth connection. Use one of: * * - { name } for Kernel credentials * - { provider, path } for external provider item @@ -310,7 +310,7 @@ export interface AuthAgent { export namespace AuthAgent { /** - * Reference to credentials for managed auth. Use one of: + * Reference to credentials for the auth connection. Use one of: * * - { name } for Kernel credentials * - { provider, path } for external provider item diff --git a/src/resources/auth/connections.ts b/src/resources/auth/connections.ts index 8925092..ff57711 100644 --- a/src/resources/auth/connections.ts +++ b/src/resources/auth/connections.ts @@ -12,8 +12,8 @@ import { path } from '../../internal/utils/path'; export class Connections extends APIResource { /** - * Creates managed authentication for a profile and domain combination. Returns 409 - * Conflict if managed auth already exists for the given profile and domain. + * Creates an auth connection for a profile and domain combination. Returns 409 + * Conflict if an auth connection already exists for the given profile and domain. * * @example * ```ts @@ -28,8 +28,8 @@ export class Connections extends APIResource { } /** - * Retrieve managed auth by its ID. Includes current flow state if a login is in - * progress. + * Retrieve an auth connection by its ID. Includes current flow state if a login is + * in progress. * * @example * ```ts @@ -43,7 +43,7 @@ export class Connections extends APIResource { } /** - * List managed auths with optional filters for profile_name and domain. + * List auth connections with optional filters for profile_name and domain. * * @example * ```ts @@ -61,9 +61,9 @@ export class Connections extends APIResource { } /** - * Deletes managed auth and terminates its workflow. This will: + * Deletes an auth connection and terminates its workflow. This will: * - * - Delete the managed auth record + * - Delete the auth connection record * - Terminate the Temporal workflow * - Cancel any in-progress login flows * @@ -98,8 +98,8 @@ export class Connections extends APIResource { } /** - * Starts a login flow for the managed auth. Returns immediately with a hosted URL - * for the user to complete authentication, or triggers automatic re-auth if + * Starts a login flow for the auth connection. Returns immediately with a hosted + * URL for the user to complete authentication, or triggers automatic re-auth if * credentials are stored. * * @example @@ -118,8 +118,8 @@ export class Connections extends APIResource { } /** - * Submits field values for the login form. Poll the managed auth to track progress - * and get results. + * Submits field values for the login form. Poll the auth connection to track + * progress and get results. * * @example * ```ts @@ -158,7 +158,7 @@ export interface LoginRequest { */ export interface LoginResponse { /** - * Managed auth ID + * Auth connection ID */ id: string; @@ -195,7 +195,7 @@ export interface LoginResponse { */ export interface ManagedAuth { /** - * Unique identifier for the managed auth + * Unique identifier for the auth connection */ id: string; @@ -205,7 +205,7 @@ export interface ManagedAuth { domain: string; /** - * Name of the profile associated with this managed auth + * Name of the profile associated with this auth connection */ profile_name: string; @@ -247,7 +247,7 @@ export interface ManagedAuth { can_reauth_reason?: string; /** - * Reference to credentials for managed auth. Use one of: + * Reference to credentials for the auth connection. Use one of: * * - { name } for Kernel credentials * - { provider, path } for external provider item @@ -350,7 +350,7 @@ export interface ManagedAuth { export namespace ManagedAuth { /** - * Reference to credentials for managed auth. Use one of: + * Reference to credentials for the auth connection. Use one of: * * - { name } for Kernel credentials * - { provider, path } for external provider item @@ -425,7 +425,7 @@ export namespace ManagedAuth { } /** - * Request to create managed auth for a profile and domain + * Request to create an auth connection for a profile and domain */ export interface ManagedAuthCreateRequest { /** @@ -460,7 +460,7 @@ export interface ManagedAuthCreateRequest { allowed_domains?: Array; /** - * Reference to credentials for managed auth. Use one of: + * Reference to credentials for the auth connection. Use one of: * * - { name } for Kernel credentials * - { provider, path } for external provider item @@ -489,7 +489,7 @@ export interface ManagedAuthCreateRequest { export namespace ManagedAuthCreateRequest { /** - * Reference to credentials for managed auth. Use one of: + * Reference to credentials for the auth connection. Use one of: * * - { name } for Kernel credentials * - { provider, path } for external provider item @@ -726,7 +726,7 @@ export interface ConnectionCreateParams { allowed_domains?: Array; /** - * Reference to credentials for managed auth. Use one of: + * Reference to credentials for the auth connection. Use one of: * * - { name } for Kernel credentials * - { provider, path } for external provider item @@ -755,7 +755,7 @@ export interface ConnectionCreateParams { export namespace ConnectionCreateParams { /** - * Reference to credentials for managed auth. Use one of: + * Reference to credentials for the auth connection. Use one of: * * - { name } for Kernel credentials * - { provider, path } for external provider item From 542fb99476037a1ecea69311a9364b0781fef9e1 Mon Sep 17 00:00:00 2001 From: "stainless-app[bot]" <142633134+stainless-app[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 19:24:44 +0000 Subject: [PATCH 2/4] codegen metadata --- .stats.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.stats.yml b/.stats.yml index 796d854..15c374f 100644 --- a/.stats.yml +++ b/.stats.yml @@ -1,4 +1,4 @@ configured_endpoints: 108 -openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/kernel%2Fkernel-848817f2b20afb49a652952c814b99e27a94090e0770465e9a87748d27e227a7.yml -openapi_spec_hash: 91efb805e45cdd4c73cd8b0950bef019 +openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/kernel%2Fkernel-13e82ae9e725e2c3ca19da7248a7a9c8696a0dfe088654cf26aea07c76d6567a.yml +openapi_spec_hash: 6d4151a6066a8474bc56923299aec18a config_hash: 3b1fbbb6bda0dac7e8b42e155cd7da56 From fd445dd9d345fb084758b7217a7d0af2232d3b51 Mon Sep 17 00:00:00 2001 From: "stainless-app[bot]" <142633134+stainless-app[bot]@users.noreply.github.com> Date: Tue, 10 Feb 2026 01:48:26 +0000 Subject: [PATCH 3/4] =?UTF-8?q?refactor(api):=20remove=20deprecated=20agen?= =?UTF-8?q?t-auth=20endpoints=20from=20stainless.=E2=80=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .stats.yml | 4 +- api.md | 34 - src/client.ts | 5 - src/resources/agents.ts | 3 - src/resources/agents/agents.ts | 39 -- src/resources/agents/auth.ts | 3 - src/resources/agents/auth/auth.ts | 599 ------------------ src/resources/agents/auth/index.ts | 22 - src/resources/agents/auth/invocations.ts | 137 ---- src/resources/agents/index.ts | 16 - src/resources/auth/connections.ts | 87 ++- src/resources/index.ts | 1 - tests/api-resources/agents/auth/auth.test.ts | 86 --- .../agents/auth/invocations.test.ts | 80 --- 14 files changed, 86 insertions(+), 1030 deletions(-) delete mode 100644 src/resources/agents.ts delete mode 100644 src/resources/agents/agents.ts delete mode 100644 src/resources/agents/auth.ts delete mode 100644 src/resources/agents/auth/auth.ts delete mode 100644 src/resources/agents/auth/index.ts delete mode 100644 src/resources/agents/auth/invocations.ts delete mode 100644 src/resources/agents/index.ts delete mode 100644 tests/api-resources/agents/auth/auth.test.ts delete mode 100644 tests/api-resources/agents/auth/invocations.test.ts diff --git a/.stats.yml b/.stats.yml index 15c374f..207d899 100644 --- a/.stats.yml +++ b/.stats.yml @@ -1,4 +1,4 @@ -configured_endpoints: 108 +configured_endpoints: 100 openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/kernel%2Fkernel-13e82ae9e725e2c3ca19da7248a7a9c8696a0dfe088654cf26aea07c76d6567a.yml openapi_spec_hash: 6d4151a6066a8474bc56923299aec18a -config_hash: 3b1fbbb6bda0dac7e8b42e155cd7da56 +config_hash: 82f0a04081a3ab7111d3a9c68cd3ff2b diff --git a/api.md b/api.md index 8037ef0..9c757f5 100644 --- a/api.md +++ b/api.md @@ -278,40 +278,6 @@ Methods: - client.browserPools.flush(idOrName) -> void - client.browserPools.release(idOrName, { ...params }) -> void -# Agents - -## Auth - -Types: - -- AgentAuthInvocationResponse -- AgentAuthSubmitResponse -- AuthAgent -- AuthAgentCreateRequest -- AuthAgentInvocationCreateRequest -- AuthAgentInvocationCreateResponse -- DiscoveredField - -Methods: - -- client.agents.auth.create({ ...params }) -> AuthAgent -- client.agents.auth.retrieve(id) -> AuthAgent -- client.agents.auth.list({ ...params }) -> AuthAgentsOffsetPagination -- client.agents.auth.delete(id) -> void - -### Invocations - -Types: - -- InvocationExchangeResponse - -Methods: - -- client.agents.auth.invocations.create({ ...params }) -> AuthAgentInvocationCreateResponse -- client.agents.auth.invocations.retrieve(invocationID) -> AgentAuthInvocationResponse -- client.agents.auth.invocations.exchange(invocationID, { ...params }) -> InvocationExchangeResponse -- client.agents.auth.invocations.submit(invocationID, { ...params }) -> AgentAuthSubmitResponse - # Credentials Types: diff --git a/src/client.ts b/src/client.ts index 5732b17..212b67c 100644 --- a/src/client.ts +++ b/src/client.ts @@ -97,7 +97,6 @@ import { ProxyListResponse, ProxyRetrieveResponse, } from './resources/proxies'; -import { Agents } from './resources/agents/agents'; import { Auth } from './resources/auth/auth'; import { BrowserCreateParams, @@ -898,7 +897,6 @@ export class Kernel { proxies: API.Proxies = new API.Proxies(this); extensions: API.Extensions = new API.Extensions(this); browserPools: API.BrowserPools = new API.BrowserPools(this); - agents: API.Agents = new API.Agents(this); credentials: API.Credentials = new API.Credentials(this); credentialProviders: API.CredentialProviders = new API.CredentialProviders(this); } @@ -912,7 +910,6 @@ Kernel.Auth = Auth; Kernel.Proxies = Proxies; Kernel.Extensions = Extensions; Kernel.BrowserPools = BrowserPools; -Kernel.Agents = Agents; Kernel.Credentials = Credentials; Kernel.CredentialProviders = CredentialProviders; @@ -1015,8 +1012,6 @@ export declare namespace Kernel { type BrowserPoolReleaseParams as BrowserPoolReleaseParams, }; - export { Agents as Agents }; - export { Credentials as Credentials, type CreateCredentialRequest as CreateCredentialRequest, diff --git a/src/resources/agents.ts b/src/resources/agents.ts deleted file mode 100644 index 0c43db0..0000000 --- a/src/resources/agents.ts +++ /dev/null @@ -1,3 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -export * from './agents/index'; diff --git a/src/resources/agents/agents.ts b/src/resources/agents/agents.ts deleted file mode 100644 index dd0955e..0000000 --- a/src/resources/agents/agents.ts +++ /dev/null @@ -1,39 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -import { APIResource } from '../../core/resource'; -import * as AuthAPI from './auth/auth'; -import { - AgentAuthInvocationResponse, - AgentAuthSubmitResponse, - Auth, - AuthAgent, - AuthAgentCreateRequest, - AuthAgentInvocationCreateRequest, - AuthAgentInvocationCreateResponse, - AuthAgentsOffsetPagination, - AuthCreateParams, - AuthListParams, - DiscoveredField, -} from './auth/auth'; - -export class Agents extends APIResource { - auth: AuthAPI.Auth = new AuthAPI.Auth(this._client); -} - -Agents.Auth = Auth; - -export declare namespace Agents { - export { - Auth as Auth, - type AgentAuthInvocationResponse as AgentAuthInvocationResponse, - type AgentAuthSubmitResponse as AgentAuthSubmitResponse, - type AuthAgent as AuthAgent, - type AuthAgentCreateRequest as AuthAgentCreateRequest, - type AuthAgentInvocationCreateRequest as AuthAgentInvocationCreateRequest, - type AuthAgentInvocationCreateResponse as AuthAgentInvocationCreateResponse, - type DiscoveredField as DiscoveredField, - type AuthAgentsOffsetPagination as AuthAgentsOffsetPagination, - type AuthCreateParams as AuthCreateParams, - type AuthListParams as AuthListParams, - }; -} diff --git a/src/resources/agents/auth.ts b/src/resources/agents/auth.ts deleted file mode 100644 index b64faa1..0000000 --- a/src/resources/agents/auth.ts +++ /dev/null @@ -1,3 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -export * from './auth/index'; diff --git a/src/resources/agents/auth/auth.ts b/src/resources/agents/auth/auth.ts deleted file mode 100644 index 813aa17..0000000 --- a/src/resources/agents/auth/auth.ts +++ /dev/null @@ -1,599 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -import { APIResource } from '../../../core/resource'; -import * as InvocationsAPI from './invocations'; -import { - InvocationCreateParams, - InvocationExchangeParams, - InvocationExchangeResponse, - InvocationSubmitParams, - Invocations, -} from './invocations'; -import { APIPromise } from '../../../core/api-promise'; -import { OffsetPagination, type OffsetPaginationParams, PagePromise } from '../../../core/pagination'; -import { buildHeaders } from '../../../internal/headers'; -import { RequestOptions } from '../../../internal/request-options'; -import { path } from '../../../internal/utils/path'; - -export class Auth extends APIResource { - invocations: InvocationsAPI.Invocations = new InvocationsAPI.Invocations(this._client); - - /** - * **Deprecated: Use POST /auth/connections instead.** Creates a new auth agent for - * the specified domain and profile combination, or returns an existing one if it - * already exists. This is idempotent - calling with the same domain and profile - * will return the same agent. Does NOT start an invocation - use POST - * /agents/auth/invocations to start an auth flow. - * - * @deprecated - */ - create(body: AuthCreateParams, options?: RequestOptions): APIPromise { - return this._client.post('/agents/auth', { body, ...options }); - } - - /** - * **Deprecated: Use GET /auth/connections/{id} instead.** Retrieve an auth agent - * by its ID. Returns the current authentication status of the managed profile. - * - * @deprecated - */ - retrieve(id: string, options?: RequestOptions): APIPromise { - return this._client.get(path`/agents/auth/${id}`, options); - } - - /** - * **Deprecated: Use GET /auth/connections instead.** List auth agents with - * optional filters for profile_name and domain. - * - * @deprecated - */ - list( - query: AuthListParams | null | undefined = {}, - options?: RequestOptions, - ): PagePromise { - return this._client.getAPIList('/agents/auth', OffsetPagination, { query, ...options }); - } - - /** - * **Deprecated: Use DELETE /auth/connections/{id} instead.** Deletes an auth agent - * and terminates its workflow. This will: - * - * - Soft delete the auth agent record - * - Gracefully terminate the agent's Temporal workflow - * - Cancel any in-progress invocations - * - * @deprecated - */ - delete(id: string, options?: RequestOptions): APIPromise { - return this._client.delete(path`/agents/auth/${id}`, { - ...options, - headers: buildHeaders([{ Accept: '*/*' }, options?.headers]), - }); - } -} - -export type AuthAgentsOffsetPagination = OffsetPagination; - -/** - * Response from get invocation endpoint - */ -export interface AgentAuthInvocationResponse { - /** - * App name (org name at time of invocation creation) - */ - app_name: string; - - /** - * Domain for authentication - */ - domain: string; - - /** - * When the handoff code expires - */ - expires_at: string; - - /** - * Invocation status - */ - status: 'IN_PROGRESS' | 'SUCCESS' | 'EXPIRED' | 'CANCELED' | 'FAILED'; - - /** - * Current step in the invocation workflow - */ - step: - | 'initialized' - | 'discovering' - | 'awaiting_input' - | 'awaiting_external_action' - | 'submitting' - | 'completed' - | 'expired'; - - /** - * The session type: - * - * - login: User-initiated authentication - * - reauth: System-triggered re-authentication (via health check) - */ - type: 'login' | 'reauth'; - - /** - * Error message explaining why the invocation failed (present when status=FAILED) - */ - error_message?: string | null; - - /** - * Instructions for user when external action is required (present when - * step=awaiting_external_action) - */ - external_action_message?: string | null; - - /** - * Browser live view URL for debugging the invocation - */ - live_view_url?: string | null; - - /** - * MFA method options to choose from (present when step=awaiting_input and MFA - * selection is required) - */ - mfa_options?: Array | null; - - /** - * Fields currently awaiting input (present when step=awaiting_input) - */ - pending_fields?: Array | null; - - /** - * SSO buttons available on the page (present when step=awaiting_input) - */ - pending_sso_buttons?: Array | null; - - /** - * SSO provider being used for authentication (e.g., google, github, microsoft) - */ - sso_provider?: string | null; - - /** - * Names of fields that have been submitted (present when step=submitting or later) - */ - submitted_fields?: Array | null; -} - -export namespace AgentAuthInvocationResponse { - /** - * An MFA method option for verification - */ - export interface MfaOption { - /** - * The visible option text - */ - label: string; - - /** - * The MFA delivery method type (includes password for auth method selection pages) - */ - type: 'sms' | 'call' | 'email' | 'totp' | 'push' | 'password'; - - /** - * Additional instructions from the site - */ - description?: string | null; - - /** - * The masked destination (phone/email) if shown - */ - target?: string | null; - } - - /** - * An SSO button for signing in with an external identity provider - */ - export interface PendingSSOButton { - /** - * Visible button text - */ - label: string; - - /** - * Identity provider name - */ - provider: string; - - /** - * XPath selector for the button - */ - selector: string; - } -} - -/** - * Response from submit endpoint - returns immediately after submission is accepted - */ -export interface AgentAuthSubmitResponse { - /** - * Whether the submission was accepted for processing - */ - accepted: boolean; -} - -/** - * An auth agent that manages authentication for a specific domain and profile - * combination - */ -export interface AuthAgent { - /** - * Unique identifier for the auth agent - */ - id: string; - - /** - * Target domain for authentication - */ - domain: string; - - /** - * Name of the profile associated with this auth agent - */ - profile_name: string; - - /** - * Current authentication status of the managed profile - */ - status: 'AUTHENTICATED' | 'NEEDS_AUTH'; - - /** - * Additional domains that are valid for this auth agent's authentication flow - * (besides the primary domain). Useful when login pages redirect to different - * domains. - * - * The following SSO/OAuth provider domains are automatically allowed by default - * and do not need to be specified: - * - * - Google: accounts.google.com - * - Microsoft/Azure AD: login.microsoftonline.com, login.live.com - * - Okta: _.okta.com, _.oktapreview.com - * - Auth0: _.auth0.com, _.us.auth0.com, _.eu.auth0.com, _.au.auth0.com - * - Apple: appleid.apple.com - * - GitHub: github.com - * - Facebook/Meta: www.facebook.com - * - LinkedIn: www.linkedin.com - * - Amazon Cognito: \*.amazoncognito.com - * - OneLogin: \*.onelogin.com - * - Ping Identity: _.pingone.com, _.pingidentity.com - */ - allowed_domains?: Array; - - /** - * Whether automatic re-authentication is possible (has credential_id, selectors, - * and login_url) - */ - can_reauth?: boolean; - - /** - * Reason why automatic re-authentication is or is not possible - */ - can_reauth_reason?: string; - - /** - * Reference to credentials for the auth connection. Use one of: - * - * - { name } for Kernel credentials - * - { provider, path } for external provider item - * - { provider, auto: true } for external provider domain lookup - */ - credential?: AuthAgent.Credential; - - /** - * ID of the linked Kernel credential for automatic re-authentication (deprecated, - * use credential) - */ - credential_id?: string; - - /** - * Whether this auth agent has stored selectors for deterministic re-authentication - */ - has_selectors?: boolean; - - /** - * When the last authentication check was performed - */ - last_auth_check_at?: string; - - /** - * URL where the browser landed after successful login. Query parameters and - * fragments are stripped for privacy. - */ - post_login_url?: string; -} - -export namespace AuthAgent { - /** - * Reference to credentials for the auth connection. Use one of: - * - * - { name } for Kernel credentials - * - { provider, path } for external provider item - * - { provider, auto: true } for external provider domain lookup - */ - export interface Credential { - /** - * If true, lookup by domain from the specified provider - */ - auto?: boolean; - - /** - * Kernel credential name - */ - name?: string; - - /** - * Provider-specific path (e.g., "VaultName/ItemName" for 1Password) - */ - path?: string; - - /** - * External provider name (e.g., "my-1p") - */ - provider?: string; - } -} - -/** - * Request to create or find an auth agent - */ -export interface AuthAgentCreateRequest { - /** - * Domain for authentication - */ - domain: string; - - /** - * Name of the profile to use for this auth agent - */ - profile_name: string; - - /** - * Additional domains that are valid for this auth agent's authentication flow - * (besides the primary domain). Useful when login pages redirect to different - * domains. - * - * The following SSO/OAuth provider domains are automatically allowed by default - * and do not need to be specified: - * - * - Google: accounts.google.com - * - Microsoft/Azure AD: login.microsoftonline.com, login.live.com - * - Okta: _.okta.com, _.oktapreview.com - * - Auth0: _.auth0.com, _.us.auth0.com, _.eu.auth0.com, _.au.auth0.com - * - Apple: appleid.apple.com - * - GitHub: github.com - * - Facebook/Meta: www.facebook.com - * - LinkedIn: www.linkedin.com - * - Amazon Cognito: \*.amazoncognito.com - * - OneLogin: \*.onelogin.com - * - Ping Identity: _.pingone.com, _.pingidentity.com - */ - allowed_domains?: Array; - - /** - * Optional name of an existing credential to use for this auth agent. If provided, - * the credential will be linked to the agent and its values will be used to - * auto-fill the login form on invocation. - */ - credential_name?: string; - - /** - * Optional login page URL. If provided, will be stored on the agent and used to - * skip discovery in future invocations. - */ - login_url?: string; - - /** - * Optional proxy configuration - */ - proxy?: AuthAgentCreateRequest.Proxy; -} - -export namespace AuthAgentCreateRequest { - /** - * Optional proxy configuration - */ - export interface Proxy { - /** - * ID of the proxy to use - */ - proxy_id?: string; - } -} - -/** - * Request to create an invocation for an existing auth agent - */ -export interface AuthAgentInvocationCreateRequest { - /** - * ID of the auth agent to create an invocation for - */ - auth_agent_id: string; - - /** - * If provided, saves the submitted credentials under this name upon successful - * login. The credential will be linked to the auth agent for automatic - * re-authentication. - */ - save_credential_as?: string; -} - -/** - * Response from creating an invocation. Always returns an invocation_id. - */ -export interface AuthAgentInvocationCreateResponse { - /** - * When the handoff code expires. - */ - expires_at: string; - - /** - * One-time code for handoff. - */ - handoff_code: string; - - /** - * URL to redirect user to. - */ - hosted_url: string; - - /** - * Unique identifier for the invocation. - */ - invocation_id: string; - - /** - * The session type: - * - * - login: User-initiated authentication - * - reauth: System-triggered re-authentication (via health check) - */ - type: 'login' | 'reauth'; -} - -/** - * A discovered form field - */ -export interface DiscoveredField { - /** - * Field label - */ - label: string; - - /** - * Field name - */ - name: string; - - /** - * CSS selector for the field - */ - selector: string; - - /** - * Field type - */ - type: 'text' | 'email' | 'password' | 'tel' | 'number' | 'url' | 'code' | 'totp'; - - /** - * If this field is associated with an MFA option, the type of that option (e.g., - * password field linked to "Enter password" option) - */ - linked_mfa_type?: 'sms' | 'call' | 'email' | 'totp' | 'push' | 'password' | null; - - /** - * Field placeholder - */ - placeholder?: string; - - /** - * Whether field is required - */ - required?: boolean; -} - -export interface AuthCreateParams { - /** - * Domain for authentication - */ - domain: string; - - /** - * Name of the profile to use for this auth agent - */ - profile_name: string; - - /** - * Additional domains that are valid for this auth agent's authentication flow - * (besides the primary domain). Useful when login pages redirect to different - * domains. - * - * The following SSO/OAuth provider domains are automatically allowed by default - * and do not need to be specified: - * - * - Google: accounts.google.com - * - Microsoft/Azure AD: login.microsoftonline.com, login.live.com - * - Okta: _.okta.com, _.oktapreview.com - * - Auth0: _.auth0.com, _.us.auth0.com, _.eu.auth0.com, _.au.auth0.com - * - Apple: appleid.apple.com - * - GitHub: github.com - * - Facebook/Meta: www.facebook.com - * - LinkedIn: www.linkedin.com - * - Amazon Cognito: \*.amazoncognito.com - * - OneLogin: \*.onelogin.com - * - Ping Identity: _.pingone.com, _.pingidentity.com - */ - allowed_domains?: Array; - - /** - * Optional name of an existing credential to use for this auth agent. If provided, - * the credential will be linked to the agent and its values will be used to - * auto-fill the login form on invocation. - */ - credential_name?: string; - - /** - * Optional login page URL. If provided, will be stored on the agent and used to - * skip discovery in future invocations. - */ - login_url?: string; - - /** - * Optional proxy configuration - */ - proxy?: AuthCreateParams.Proxy; -} - -export namespace AuthCreateParams { - /** - * Optional proxy configuration - */ - export interface Proxy { - /** - * ID of the proxy to use - */ - proxy_id?: string; - } -} - -export interface AuthListParams extends OffsetPaginationParams { - /** - * Filter by domain - */ - domain?: string; - - /** - * Filter by profile name - */ - profile_name?: string; -} - -Auth.Invocations = Invocations; - -export declare namespace Auth { - export { - type AgentAuthInvocationResponse as AgentAuthInvocationResponse, - type AgentAuthSubmitResponse as AgentAuthSubmitResponse, - type AuthAgent as AuthAgent, - type AuthAgentCreateRequest as AuthAgentCreateRequest, - type AuthAgentInvocationCreateRequest as AuthAgentInvocationCreateRequest, - type AuthAgentInvocationCreateResponse as AuthAgentInvocationCreateResponse, - type DiscoveredField as DiscoveredField, - type AuthAgentsOffsetPagination as AuthAgentsOffsetPagination, - type AuthCreateParams as AuthCreateParams, - type AuthListParams as AuthListParams, - }; - - export { - Invocations as Invocations, - type InvocationExchangeResponse as InvocationExchangeResponse, - type InvocationCreateParams as InvocationCreateParams, - type InvocationExchangeParams as InvocationExchangeParams, - type InvocationSubmitParams as InvocationSubmitParams, - }; -} diff --git a/src/resources/agents/auth/index.ts b/src/resources/agents/auth/index.ts deleted file mode 100644 index 490ad25..0000000 --- a/src/resources/agents/auth/index.ts +++ /dev/null @@ -1,22 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -export { - Auth, - type AgentAuthInvocationResponse, - type AgentAuthSubmitResponse, - type AuthAgent, - type AuthAgentCreateRequest, - type AuthAgentInvocationCreateRequest, - type AuthAgentInvocationCreateResponse, - type DiscoveredField, - type AuthCreateParams, - type AuthListParams, - type AuthAgentsOffsetPagination, -} from './auth'; -export { - Invocations, - type InvocationExchangeResponse, - type InvocationCreateParams, - type InvocationExchangeParams, - type InvocationSubmitParams, -} from './invocations'; diff --git a/src/resources/agents/auth/invocations.ts b/src/resources/agents/auth/invocations.ts deleted file mode 100644 index b41ea8e..0000000 --- a/src/resources/agents/auth/invocations.ts +++ /dev/null @@ -1,137 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -import { APIResource } from '../../../core/resource'; -import * as AuthAPI from './auth'; -import { APIPromise } from '../../../core/api-promise'; -import { RequestOptions } from '../../../internal/request-options'; -import { path } from '../../../internal/utils/path'; - -export class Invocations extends APIResource { - /** - * **Deprecated: Use POST /auth/connections/{id}/login instead.** Creates a new - * authentication invocation for the specified auth agent. This starts the auth - * flow and returns a hosted URL for the user to complete authentication. - * - * @deprecated - */ - create( - body: InvocationCreateParams, - options?: RequestOptions, - ): APIPromise { - return this._client.post('/agents/auth/invocations', { body, ...options }); - } - - /** - * **Deprecated: Use GET /auth/connections/{id} instead.** Returns invocation - * details including status, app_name, and domain. Supports both API key and JWT - * (from exchange endpoint) authentication. - * - * @deprecated - */ - retrieve(invocationID: string, options?: RequestOptions): APIPromise { - return this._client.get(path`/agents/auth/invocations/${invocationID}`, options); - } - - /** - * **Deprecated: Use POST /auth/connections/{id}/exchange instead.** Validates the - * handoff code and returns a JWT token for subsequent requests. No authentication - * required (the handoff code serves as the credential). - * - * @deprecated - */ - exchange( - invocationID: string, - body: InvocationExchangeParams, - options?: RequestOptions, - ): APIPromise { - return this._client.post(path`/agents/auth/invocations/${invocationID}/exchange`, { body, ...options }); - } - - /** - * **Deprecated: Use POST /auth/connections/{id}/submit instead.** Submits field - * values for the discovered login form. Returns immediately after submission is - * accepted. Poll the invocation endpoint to track progress and get results. - * - * @deprecated - */ - submit( - invocationID: string, - body: InvocationSubmitParams, - options?: RequestOptions, - ): APIPromise { - return this._client.post(path`/agents/auth/invocations/${invocationID}/submit`, { body, ...options }); - } -} - -/** - * Response from exchange endpoint - */ -export interface InvocationExchangeResponse { - /** - * Invocation ID - */ - invocation_id: string; - - /** - * JWT token with invocation_id claim (30 minute TTL) - */ - jwt: string; -} - -export interface InvocationCreateParams { - /** - * ID of the auth agent to create an invocation for - */ - auth_agent_id: string; - - /** - * If provided, saves the submitted credentials under this name upon successful - * login. The credential will be linked to the auth agent for automatic - * re-authentication. - */ - save_credential_as?: string; -} - -export interface InvocationExchangeParams { - /** - * Handoff code from start endpoint - */ - code: string; -} - -export type InvocationSubmitParams = - | InvocationSubmitParams.Variant0 - | InvocationSubmitParams.Variant1 - | InvocationSubmitParams.Variant2; - -export declare namespace InvocationSubmitParams { - export interface Variant0 { - /** - * Values for the discovered login fields - */ - field_values: { [key: string]: string }; - } - - export interface Variant1 { - /** - * Selector of SSO button to click - */ - sso_button: string; - } - - export interface Variant2 { - /** - * The MFA delivery method type (includes password for auth method selection pages) - */ - selected_mfa_type: 'sms' | 'call' | 'email' | 'totp' | 'push' | 'password'; - } -} - -export declare namespace Invocations { - export { - type InvocationExchangeResponse as InvocationExchangeResponse, - type InvocationCreateParams as InvocationCreateParams, - type InvocationExchangeParams as InvocationExchangeParams, - type InvocationSubmitParams as InvocationSubmitParams, - }; -} diff --git a/src/resources/agents/index.ts b/src/resources/agents/index.ts deleted file mode 100644 index 65bd5a4..0000000 --- a/src/resources/agents/index.ts +++ /dev/null @@ -1,16 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -export { Agents } from './agents'; -export { - Auth, - type AgentAuthInvocationResponse, - type AgentAuthSubmitResponse, - type AuthAgent, - type AuthAgentCreateRequest, - type AuthAgentInvocationCreateRequest, - type AuthAgentInvocationCreateResponse, - type DiscoveredField, - type AuthCreateParams, - type AuthListParams, - type AuthAgentsOffsetPagination, -} from './auth/index'; diff --git a/src/resources/auth/connections.ts b/src/resources/auth/connections.ts index ff57711..bb0190a 100644 --- a/src/resources/auth/connections.ts +++ b/src/resources/auth/connections.ts @@ -2,7 +2,6 @@ import { APIResource } from '../../core/resource'; import * as Shared from '../shared'; -import * as AuthAPI from '../agents/auth/auth'; import { APIPromise } from '../../core/api-promise'; import { OffsetPagination, type OffsetPaginationParams, PagePromise } from '../../core/pagination'; import { Stream } from '../../core/streaming'; @@ -258,7 +257,7 @@ export interface ManagedAuth { /** * Fields awaiting input (present when flow_step=awaiting_input) */ - discovered_fields?: Array | null; + discovered_fields?: Array | null; /** * Error message (present when flow_status=failed) @@ -378,6 +377,47 @@ export namespace ManagedAuth { provider?: string; } + /** + * A discovered form field + */ + export interface DiscoveredField { + /** + * Field label + */ + label: string; + + /** + * Field name + */ + name: string; + + /** + * CSS selector for the field + */ + selector: string; + + /** + * Field type + */ + type: 'text' | 'email' | 'password' | 'tel' | 'number' | 'url' | 'code' | 'totp'; + + /** + * If this field is associated with an MFA option, the type of that option (e.g., + * password field linked to "Enter password" option) + */ + linked_mfa_type?: 'sms' | 'call' | 'email' | 'totp' | 'push' | 'password' | null; + + /** + * Field placeholder + */ + placeholder?: string; + + /** + * Whether field is required + */ + required?: boolean; + } + /** * An MFA method option for verification */ @@ -594,7 +634,7 @@ export namespace ConnectionFollowResponse { /** * Fields awaiting input (present when flow_step=AWAITING_INPUT). */ - discovered_fields?: Array; + discovered_fields?: Array; /** * Error message (present when flow_status=FAILED). @@ -646,6 +686,47 @@ export namespace ConnectionFollowResponse { } export namespace ManagedAuthStateEvent { + /** + * A discovered form field + */ + export interface DiscoveredField { + /** + * Field label + */ + label: string; + + /** + * Field name + */ + name: string; + + /** + * CSS selector for the field + */ + selector: string; + + /** + * Field type + */ + type: 'text' | 'email' | 'password' | 'tel' | 'number' | 'url' | 'code' | 'totp'; + + /** + * If this field is associated with an MFA option, the type of that option (e.g., + * password field linked to "Enter password" option) + */ + linked_mfa_type?: 'sms' | 'call' | 'email' | 'totp' | 'push' | 'password' | null; + + /** + * Field placeholder + */ + placeholder?: string; + + /** + * Whether field is required + */ + required?: boolean; + } + /** * An MFA method option for verification */ diff --git a/src/resources/index.ts b/src/resources/index.ts index d29baae..da81cec 100644 --- a/src/resources/index.ts +++ b/src/resources/index.ts @@ -1,7 +1,6 @@ // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. export * from './shared'; -export { Agents } from './agents/agents'; export { Apps, type AppListResponse, diff --git a/tests/api-resources/agents/auth/auth.test.ts b/tests/api-resources/agents/auth/auth.test.ts deleted file mode 100644 index 1f8a923..0000000 --- a/tests/api-resources/agents/auth/auth.test.ts +++ /dev/null @@ -1,86 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -import Kernel from '@onkernel/sdk'; - -const client = new Kernel({ - apiKey: 'My API Key', - baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010', -}); - -describe('resource auth', () => { - // Prism tests are disabled - test.skip('create: only required params', async () => { - const responsePromise = client.agents.auth.create({ domain: 'netflix.com', profile_name: 'user-123' }); - const rawResponse = await responsePromise.asResponse(); - expect(rawResponse).toBeInstanceOf(Response); - const response = await responsePromise; - expect(response).not.toBeInstanceOf(Response); - const dataAndResponse = await responsePromise.withResponse(); - expect(dataAndResponse.data).toBe(response); - expect(dataAndResponse.response).toBe(rawResponse); - }); - - // Prism tests are disabled - test.skip('create: required and optional params', async () => { - const response = await client.agents.auth.create({ - domain: 'netflix.com', - profile_name: 'user-123', - allowed_domains: ['login.netflix.com', 'auth.netflix.com'], - credential_name: 'my-netflix-login', - login_url: 'https://netflix.com/login', - proxy: { proxy_id: 'proxy_id' }, - }); - }); - - // Prism tests are disabled - test.skip('retrieve', async () => { - const responsePromise = client.agents.auth.retrieve('id'); - const rawResponse = await responsePromise.asResponse(); - expect(rawResponse).toBeInstanceOf(Response); - const response = await responsePromise; - expect(response).not.toBeInstanceOf(Response); - const dataAndResponse = await responsePromise.withResponse(); - expect(dataAndResponse.data).toBe(response); - expect(dataAndResponse.response).toBe(rawResponse); - }); - - // Prism tests are disabled - test.skip('list', async () => { - const responsePromise = client.agents.auth.list(); - const rawResponse = await responsePromise.asResponse(); - expect(rawResponse).toBeInstanceOf(Response); - const response = await responsePromise; - expect(response).not.toBeInstanceOf(Response); - const dataAndResponse = await responsePromise.withResponse(); - expect(dataAndResponse.data).toBe(response); - expect(dataAndResponse.response).toBe(rawResponse); - }); - - // Prism tests are disabled - test.skip('list: request options and params are passed correctly', async () => { - // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error - await expect( - client.agents.auth.list( - { - domain: 'domain', - limit: 100, - offset: 0, - profile_name: 'profile_name', - }, - { path: '/_stainless_unknown_path' }, - ), - ).rejects.toThrow(Kernel.NotFoundError); - }); - - // Prism tests are disabled - test.skip('delete', async () => { - const responsePromise = client.agents.auth.delete('id'); - const rawResponse = await responsePromise.asResponse(); - expect(rawResponse).toBeInstanceOf(Response); - const response = await responsePromise; - expect(response).not.toBeInstanceOf(Response); - const dataAndResponse = await responsePromise.withResponse(); - expect(dataAndResponse.data).toBe(response); - expect(dataAndResponse.response).toBe(rawResponse); - }); -}); diff --git a/tests/api-resources/agents/auth/invocations.test.ts b/tests/api-resources/agents/auth/invocations.test.ts deleted file mode 100644 index b30496c..0000000 --- a/tests/api-resources/agents/auth/invocations.test.ts +++ /dev/null @@ -1,80 +0,0 @@ -// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details. - -import Kernel from '@onkernel/sdk'; - -const client = new Kernel({ - apiKey: 'My API Key', - baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010', -}); - -describe('resource invocations', () => { - // Prism tests are disabled - test.skip('create: only required params', async () => { - const responsePromise = client.agents.auth.invocations.create({ auth_agent_id: 'abc123xyz' }); - const rawResponse = await responsePromise.asResponse(); - expect(rawResponse).toBeInstanceOf(Response); - const response = await responsePromise; - expect(response).not.toBeInstanceOf(Response); - const dataAndResponse = await responsePromise.withResponse(); - expect(dataAndResponse.data).toBe(response); - expect(dataAndResponse.response).toBe(rawResponse); - }); - - // Prism tests are disabled - test.skip('create: required and optional params', async () => { - const response = await client.agents.auth.invocations.create({ - auth_agent_id: 'abc123xyz', - save_credential_as: 'my-netflix-login', - }); - }); - - // Prism tests are disabled - test.skip('retrieve', async () => { - const responsePromise = client.agents.auth.invocations.retrieve('invocation_id'); - const rawResponse = await responsePromise.asResponse(); - expect(rawResponse).toBeInstanceOf(Response); - const response = await responsePromise; - expect(response).not.toBeInstanceOf(Response); - const dataAndResponse = await responsePromise.withResponse(); - expect(dataAndResponse.data).toBe(response); - expect(dataAndResponse.response).toBe(rawResponse); - }); - - // Prism tests are disabled - test.skip('exchange: only required params', async () => { - const responsePromise = client.agents.auth.invocations.exchange('invocation_id', { code: 'abc123xyz' }); - const rawResponse = await responsePromise.asResponse(); - expect(rawResponse).toBeInstanceOf(Response); - const response = await responsePromise; - expect(response).not.toBeInstanceOf(Response); - const dataAndResponse = await responsePromise.withResponse(); - expect(dataAndResponse.data).toBe(response); - expect(dataAndResponse.response).toBe(rawResponse); - }); - - // Prism tests are disabled - test.skip('exchange: required and optional params', async () => { - const response = await client.agents.auth.invocations.exchange('invocation_id', { code: 'abc123xyz' }); - }); - - // Prism tests are disabled - test.skip('submit: only required params', async () => { - const responsePromise = client.agents.auth.invocations.submit('invocation_id', { - field_values: { email: 'user@example.com', password: '********' }, - }); - const rawResponse = await responsePromise.asResponse(); - expect(rawResponse).toBeInstanceOf(Response); - const response = await responsePromise; - expect(response).not.toBeInstanceOf(Response); - const dataAndResponse = await responsePromise.withResponse(); - expect(dataAndResponse.data).toBe(response); - expect(dataAndResponse.response).toBe(rawResponse); - }); - - // Prism tests are disabled - test.skip('submit: required and optional params', async () => { - const response = await client.agents.auth.invocations.submit('invocation_id', { - field_values: { email: 'user@example.com', password: '********' }, - }); - }); -}); From 8271d855d83fd311a20335012ab8cce302519064 Mon Sep 17 00:00:00 2001 From: "stainless-app[bot]" <142633134+stainless-app[bot]@users.noreply.github.com> Date: Tue, 10 Feb 2026 01:48:43 +0000 Subject: [PATCH 4/4] release: 0.33.0 --- .release-please-manifest.json | 2 +- CHANGELOG.md | 13 +++++++++++++ package.json | 2 +- src/version.ts | 2 +- 4 files changed, 16 insertions(+), 3 deletions(-) diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 4758222..53ecb86 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "0.32.0" + ".": "0.33.0" } diff --git a/CHANGELOG.md b/CHANGELOG.md index a4620f5..be7246d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,18 @@ # Changelog +## 0.33.0 (2026-02-10) + +Full Changelog: [v0.32.0...v0.33.0](https://github.com/kernel/kernel-node-sdk/compare/v0.32.0...v0.33.0) + +### Features + +* Browser API endpoint grouping ([063a950](https://github.com/kernel/kernel-node-sdk/commit/063a950e3111a3ea560bbd8ae23b1062f9ddc646)) + + +### Refactors + +* **api:** remove deprecated agent-auth endpoints from stainless.… ([fd445dd](https://github.com/kernel/kernel-node-sdk/commit/fd445dd9d345fb084758b7217a7d0af2232d3b51)) + ## 0.32.0 (2026-02-07) Full Changelog: [v0.31.2...v0.32.0](https://github.com/kernel/kernel-node-sdk/compare/v0.31.2...v0.32.0) diff --git a/package.json b/package.json index 6409714..77382fa 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@onkernel/sdk", - "version": "0.32.0", + "version": "0.33.0", "description": "The official TypeScript library for the Kernel API", "author": "Kernel <>", "types": "dist/index.d.ts", diff --git a/src/version.ts b/src/version.ts index b413d15..dc173dd 100644 --- a/src/version.ts +++ b/src/version.ts @@ -1 +1 @@ -export const VERSION = '0.32.0'; // x-release-please-version +export const VERSION = '0.33.0'; // x-release-please-version