0.10.0 (2024-02-23)
[Breaking]
Changed:
Auth0FgaApi
andAuth0FgaClient
are now just simple wrappers on top ofOpenFgaFgaApi
andOpenFgaFgaClient
Chore:
- chore(ci): enable dependabot
- chore(deps): update dependencies
Note: As of this point this SDK is deprecated and should no longer be used. Please use @openfga/sdk instead.
We strongly recommend you use the @openfga/sdk
directly instead with the following configuration:
For US1 (Production US) environment, use the following values:
- API URL:
https://api.us1.fga.dev
- Credential Method: ClientCredentials
- API Token Issuer:
fga.us.auth0.com
- API Audience:
https://api.us1.fga.dev/
You can get the rest of the necessary variables from the FGA Dashboard. See here.
const { CredentialsMethod, OpenFgaClient } = require('@openfga/sdk'); // OR import { CredentialsMethod, OpenFgaClient } from '@openfga/sdk';
const fgaClient = new OpenFgaClient({
apiUrl: "https://api.us1.fga.dev",
storeId: process.env.FGA_STORE_ID,
authorizationModelId: process.env.FGA_MODEL_ID,
credentials: {
method: CredentialsMethod.ClientCredentials,
config: {
apiTokenIssuer: "fga.us.auth0.com",
apiAudience: "https://api.us1.fga.dev/",
clientId: process.env.FGA_CLIENT_ID,
clientSecret: process.env.FGA_CLIENT_SECRET,
},
}
});
0.9.1 (2023-01-23)
Fixes:
- fix(deps): update
@openfga/sdk
tov0.2.2
to resolve an issue with caching the client credentials token
Chore:
- chore(deps): update dev dependencies
0.9.0 (2022-12-16)
Changes:
- [BREAKING] feat(list-objects)!: response has been changed to include the object type
e.g. response that was
{"object_ids":["roadmap"]}
, will now be{"objects":["document:roadmap"]}
- feat(configuration): expose environment configurations
Fixes:
- [BREAKING] fix(models)!: update interfaces that had incorrectly optional fields to make them required
Chore:
- chore(deps): update
@openfga/sdk
tov0.2.0
- chore(deps): update dev dependencies
0.8.0 (2022-10-13)
-
BREAKING: exported type
TypeDefinitions
is nowWriteAuthorizationModelRequest
Note: This is only a breaking change on the SDK, not the API. -
Support ListObjects Support for ListObjects API
You call the API and receive the list of object ids from a particular type that the user has a certain relation with.
For example, to find the list of documents that Anne can read:
const response = await auth0FgaApi.listObjects({ user: "user:anne", relation: "can_read", type: "document" }); // response.object_ids = ["roadmap"]
-
Use OpenFGA JS SDK as the base SDK
-
bump dependencies
0.7.0 (2022-06-07)
-
feat!: ReadAuthorizationModels now returns an array of Authorization Models instead of IDs [BREAKING CHANGE]
The response will become similar to:
{ "authorization_models": [ { "id": (string), "type_definitions": [...] } ] }
-
feat!: drop support for all settings endpoints [BREAKING CHANGE]
-
feat!: Simplify error prefix to
Fga
[BREAKING CHANGE]Possible Errors:
FgaError
: All errors thrown by the SDK extend this errorFgaApiError
: All errors returned by the API extend this errorFgaApiValidationError
: 400 and 422 Validation Errors returned by the APIFgaApiNotFoundError
: 404 errors returned by the APIFgaApiRateLimitExceededError
: 429 errors returned by the APIFgaApiInternalError
: 5xx errors returned by the APIFgaApiAuthenticationError
: Error during authenticationFgaValidationError
: Error thrown by the SDK when validating inputFgaRequiredParamError
: Error thrown by the SDK when a required parameter is not providedFgaInvalidEnvironmentError
: Error thrown by the SDK when the provided environment is invalid
-
feat!: drop
Params
postfix from the name of the request interface [BREAKING CHANGE]e.g.
ReadRequestParams
will becomeReadRequest
-
feat: add support for contextual tuples in the Check request
You can call them like so:
const { allowed } = await fgaClient.check({ tuple_key: { user: 'anne', relation: 'can_view', object: 'transaction:A', }, contextual_tuples: { tuple_keys: [ { user: "anne", relation: "user", object: "ip-address-range:10.0.0.0/16" }, { user: "anne", relation: "user", object: "timeslot:18_19" } ] }});
-
chore: upgrade dependencies
-
chore: internal refactor
0.6.4 (2022-03-17)
- chore: upgrade dependencies
resolves CVE-2021-44906 in the
minimist
dev dependency
0.6.3 (2022-03-17)
- chore: send user agent header in non-browser environments
- feat: add support for the Watch API
- fix: rename invalid "this" in tuple key to "this"
0.6.2 (2022-03-09)
- fix: fix for return types on 204 no content
- chore: enable ci publish and release
0.6.1 (2022-03-07)
- feat(error-handling): expose new api error codes
0.6.0 (2022-02-09)
- feat: update interfaces for latest api breaking changes
- chore(deps): update dependencies
0.5.2 (2022-01-05)
-
feat: expose better errors Errors thrown will be one of: Auth0FgaError, Auth0FgaApiError, Auth0FgaApiValidationError, Auth0FgaApiRateLimitExceededError, Auth0FgaApiInternalError, Auth0FgaAuthenticationError, Auth0FgaValidationError, Auth0FgaRequiredParamError, Auth0FgaInvalidEnvironmentError
You can then check if the error is of a particular instance and handle it accordingly:
import { Auth0FgaApiRateLimitExceededError } from '@auth0/fga'; try { const { allowed } = await auth0Fga.check(...); } catch (err) { if (err instanceof Auth0FgaApiRateLimitExceededError) { /* do something */ } /* do something else */ }
0.5.1 (2021-12-13)
- fix: update playground api url
- chore: update license
0.5.0 (2021-12-10)
- Auth0Fga prefixes have been removed from the interfaces
0.4.1 (2021-12-03)
- rename package
@auth0/fga
Old package is no longer supported, please install the latest package from @auth0/fga
0.4.0 (2021-12-02)
- Package and Type prefixes have been renamed from Sandcastle to Auth0Fga
- Support Assertions API
- Support us environment
0.3.1 (2021-11-16)
- feat: add support for the
poc
environment
0.3.0 (2021-11-12)
Note: Previous versions of the SDK will no longer work with the API
-
feat!: rename namespaces configurations
namespaces
are nowtypes
/namespace-configurations
endpoint is now/authorization-models
- Some methods were renamed:
readNamespaceConfigurations
is nowreadAuthzModels
readNamespaceConfiguration
is nowreadAuthzModel
writeNamespaceConfiguration
is nowwriteAuthzModel
-
feat!: support pagination
- Some methods now support passing
authorization_model_id
to run against a specific version of the model- This is supported by the
read
,write
,expand
andcheck
methods
- This is supported by the
readNamespaceConfigurations
allows passing inpageSize
andcontinuationToken
for pagination- rename
readAllNamespaceConfigurations
toreadNamespaceConfigurations
- Some methods now support passing
0.2.0 (2021-10-04)
-
feat!: drop zookies, lowercase params & update exported methods
- drop references to Zookies
- lowercase all parameters
- in
check
andexpand
requests,tupleKey
becomestuple_key
- in
write
andread
requeststupleKeys
becomestuple_keys
- in
- remove
sandcastle
prefixes on methods (sandcastleCheck
becomescheck
) - the methods now return the response body directly
-
feat!: require passing
storeId
instead oftenant
0.1.2 (2021-09-28)
- fix: update endpoint paths, remove
/v1
- fix: regenerate sdk from latest API definition
0.1.1 (2021-09-24)
- feat: rename
tenant
tostore
0.1.0 (2021-09-13)
- feat: require specifying environment when initializing the SDK [BREAKING CHANGE]
- deps: bump axios to 0.21.4 to fix CVE-2021-3749
0.0.4 (2021-07-28)
- feat: allow specifying the sandcastle deployment id
0.0.3 (2021-07-22)
- docs: remove package version from readme
0.0.2 (2021-07-22)
First public release
- chore: update readme
- feat: add sdk
Internal Release