SDK Documentation

Complete TypeScript SDK reference for the Lifestream Vault API

Getting Started

Installation

npm install @lifestreamdynamics/vault-sdk

Quick Start

import { LifestreamVaultClient } from '@lifestreamdynamics/vault-sdk';

const client = new LifestreamVaultClient({
  baseUrl: 'https://your-vault-instance.com',
  apiKey: 'lsv_k_your_api_key',
});

// List vaults
const vaults = await client.vaults.list();

// Get a document
const doc = await client.documents.get(vaultId, 'path/to/doc.md');

// Search
const results = await client.search.search({ q: 'search terms' });

The SDK automatically prepends /api/v1 to all requests, so baseUrl should be the root URL of your server (e.g., https://vault.example.com), not the API prefix URL.

Authentication

The client requires either an API key or an access token. If neither is provided, the constructor throws an error.

API Key Authentication (Recommended for Server-to-Server)

const client = new LifestreamVaultClient({
  baseUrl: 'https://example.com',
  apiKey: 'lsv_k_...',
});

Access Token Authentication (For Browser/User Sessions)

const client = new LifestreamVaultClient({
  baseUrl: 'https://example.com',
  accessToken: 'eyJ...',
});

Automatic Token Refresh

const client = new LifestreamVaultClient({
  baseUrl: 'https://example.com',
  accessToken: 'eyJ...',
  refreshToken: 'eyJ...',
  onTokenRefresh: (tokens) => {
    // Persist new tokens
    saveTokens(tokens);
  },
});

Client Options

Constructor Parameters

The LifestreamVaultClient constructor accepts the following options:

Option	Type	Default	Description
`baseUrl`	`string`	-- (required)	Base URL of the Lifestream Vault API server
`apiKey`	`string`	--	API key (`lsv_k_` prefix)
`accessToken`	`string`	--	JWT access token
`refreshToken`	`string`	--	JWT refresh token for automatic renewal
`timeout`	`number`	`30000`	Request timeout in milliseconds
`refreshBufferMs`	`number`	`60000`	Milliseconds before token expiry to trigger proactive refresh
`onTokenRefresh`	`function`	--	Callback with new tokens after refresh
`enableRequestSigning`	`boolean`	`true` for API keys	Enable HMAC-SHA256 request signing
`enableAuditLogging`	`boolean`	`false`	Enable client-side audit logging
`auditLogPath`	`string`	`~/.lsvault/audit.log`	Path to the audit log file

Example

import { LifestreamVaultClient } from '@lifestreamdynamics/vault-sdk';

const client = new LifestreamVaultClient({
  baseUrl: 'https://vault.example.com',
  apiKey: 'lsv_k_your_api_key_here',
  timeout: 60000, // 60 seconds
  enableRequestSigning: true,
  enableAuditLogging: true,
  auditLogPath: '/var/log/lsvault-audit.log',
});

Error Handling

Error Classes

The SDK throws typed errors that can be caught and handled:

import {
  LifestreamVaultError,
  NotFoundError,
  ValidationError,
  AuthenticationError,
  AuthorizationError,
  RateLimitError,
  NetworkError,
} from '@lifestreamdynamics/vault-sdk';

try {
  const doc = await client.documents.get(vaultId, 'missing.md');
} catch (error) {
  if (error instanceof NotFoundError) {
    console.error('Document not found:', error.resource);
  } else if (error instanceof RateLimitError) {
    console.error('Rate limited, retry after:', error.retryAfter);
  } else if (error instanceof NetworkError) {
    console.error('Network issue:', error.message);
  }
}

Error Hierarchy

All errors extend LifestreamVaultError and include the following properties:

statusCode — HTTP status code (if applicable)
resource — The resource type that caused the error (e.g., 'document', 'vault')
resourceId — The ID of the specific resource (if applicable)

Error Types

Error Class	Description	Status Code
`LifestreamVaultError`	Base error class	varies
`NotFoundError`	Resource not found	404
`ValidationError`	Invalid request parameters	400
`AuthenticationError`	Authentication failed	401
`AuthorizationError`	Insufficient permissions	403
`RateLimitError`	Rate limit exceeded	429
`NetworkError`	Network connectivity issue	--

Utilities

The SDK includes several utility classes for advanced use cases:

TokenManager

Automatic JWT refresh with proactive renewal based on token expiry.

import { TokenManager } from '@lifestreamdynamics/vault-sdk';

const tokenManager = new TokenManager({
  baseUrl: 'https://vault.example.com',
  accessToken: 'eyJ...',
  refreshToken: 'eyJ...',
  refreshBufferMs: 60000, // Refresh 60s before expiry
  onTokenRefresh: (tokens) => {
    // Persist tokens securely (avoid localStorage — prefer httpOnly cookies or in-memory storage)
    saveTokensToYourSecureStorage(tokens);
  },
});

// Get current valid token (auto-refreshes if needed)
const token = await tokenManager.getToken();

Signature

HMAC-SHA256 request signing for API key authentication.

import { Signature } from '@lifestreamdynamics/vault-sdk';

const signature = Signature.sign(
  apiKey,
  method,
  path,
  timestamp,
  body
);

// Verify signature
const isValid = Signature.verify(
  apiKey,
  method,
  path,
  timestamp,
  body,
  receivedSignature
);

Encryption

AES-256-GCM encryption for vault data.

import { Encryption } from '@lifestreamdynamics/vault-sdk';

// Generate a new encryption key
const key = Encryption.generateKey();

// Encrypt data
const encrypted = Encryption.encrypt(key, 'sensitive data');

// Decrypt data
const decrypted = Encryption.decrypt(key, encrypted);

AuditLogger

Client-side audit logging for security compliance.

import { AuditLogger } from '@lifestreamdynamics/vault-sdk/audit';

const logger = new AuditLogger({
  enabled: true,
  logPath: '/var/log/lsvault-audit.log',
});

// Log an operation
await logger.log({
  operation: 'document.read',
  userId: 'user-123',
  resourceType: 'document',
  resourceId: 'doc-456',
  timestamp: new Date(),
});

Guides

Common Patterns

Pagination

Many list methods support pagination via limit and offset parameters:

async function getAllDocuments(vaultId: string) {
  const allDocs = [];
  let offset = 0;
  const limit = 100;

  while (true) {
    const batch = await client.documents.list(vaultId, { limit, offset });
    allDocs.push(...batch);

    if (batch.length < limit) {
      break; // No more results
    }

    offset += limit;
  }

  return allDocs;
}

Error Handling Best Practices

import {
  NotFoundError,
  ValidationError,
  AuthenticationError,
  RateLimitError,
} from '@lifestreamdynamics/vault-sdk';

async function safeDocumentGet(vaultId: string, path: string) {
  try {
    return await client.documents.get(vaultId, path);
  } catch (error) {
    if (error instanceof NotFoundError) {
      console.log('Document does not exist');
      return null;
    } else if (error instanceof AuthenticationError) {
      // Token expired, refresh and retry
      await refreshAuthToken();
      return await client.documents.get(vaultId, path);
    } else if (error instanceof RateLimitError) {
      // Wait and retry
      await new Promise(resolve => setTimeout(resolve, error.retryAfter * 1000));
      return await client.documents.get(vaultId, path);
    } else if (error instanceof ValidationError) {
      console.error('Invalid parameters:', error.details);
      throw error;
    } else {
      // Unknown error
      console.error('Unexpected error:', error);
      throw error;
    }
  }
}

Batch Operations

// Upload multiple documents in parallel
async function uploadDocuments(vaultId: string, docs: Array<{ path: string; content: string }>) {
  const results = await Promise.allSettled(
    docs.map(doc => client.documents.put(vaultId, doc.path, doc.content))
  );

  const succeeded = results.filter(r => r.status === 'fulfilled').length;
  const failed = results.filter(r => r.status === 'rejected').length;

  console.log(`Uploaded ${succeeded} documents, ${failed} failed`);

  return results;
}

Webhook Verification

When receiving webhook payloads, verify the HMAC signature:

import crypto from 'crypto';

function verifyWebhookSignature(
  payload: string,
  signature: string,
  secret: string
): boolean {
  const hmac = crypto.createHmac('sha256', secret);
  hmac.update(payload);
  const computed = hmac.digest('hex');
  return crypto.timingSafeEqual(Buffer.from(computed), Buffer.from(signature));
}

// In your webhook handler
app.post('/webhook', (req, res) => {
  const signature = req.headers['x-lsvault-signature'];
  const isValid = verifyWebhookSignature(
    JSON.stringify(req.body),
    signature,
    webhookSecret
  );

  if (!isValid) {
    return res.status(401).send('Invalid signature');
  }

  // Process webhook event
  handleWebhookEvent(req.body);
  res.status(200).send('OK');
});

CI/CD Integration

GitHub Actions Example

name: Deploy Docs
on:
  push:
    branches: [main]

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
          node-version: '18'

      - name: Install SDK
        run: npm install @lifestreamdynamics/vault-sdk

      - name: Deploy documentation
        env:
          LSVAULT_API_KEY: ${{ secrets.LSVAULT_API_KEY }}
        run: |
          node scripts/deploy-docs.js

# scripts/deploy-docs.js
import { LifestreamVaultClient } from '@lifestreamdynamics/vault-sdk';
import fs from 'fs';

const client = new LifestreamVaultClient({
  baseUrl: process.env.LSVAULT_BASE_URL,
  apiKey: process.env.LSVAULT_API_KEY,
});

const vaultId = 'your-vault-id';
const docsDir = './docs';

for (const file of fs.readdirSync(docsDir)) {
  if (file.endsWith('.md')) {
    const content = fs.readFileSync(`${docsDir}/${file}`, 'utf-8');
    await client.documents.put(vaultId, file, content);
    console.log(`Uploaded ${file}`);
  }
}

Docker Example

FROM node:18-alpine

WORKDIR /app

RUN npm install @lifestreamdynamics/vault-sdk

COPY sync-script.js .

CMD ["node", "sync-script.js"]

Performance Tips

Use API keys for server-to-server — More efficient than JWT refresh cycles
Enable request signing — Adds security with minimal overhead
Batch operations with Promise.allSettled() — Parallel requests with error handling
Set appropriate timeout values — Default 30s works for most cases
Implement retry logic for rate limits — Use exponential backoff
Cache vault lists — Vaults change infrequently

Vaults

Manage vaults with the VaultsResource. The Vault type includes: id, name, slug, description (nullable), createdAt, updatedAt.

client.vaults

list

() => Promise<Vault[]>

List all vaults the authenticated user has access to.

Returns

Promise<Vault[]>

Example

const vaults = await client.vaults.list();
console.log(vaults);

get

(vaultId: string) => Promise<Vault>

Get a single vault by ID.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The unique identifier of the vault

Returns

Promise<Vault>

Example

const vault = await client.vaults.get('vault-123');
console.log('Vault name:', vault.name);

create

(params: { name: string; description?: string }) => Promise<Vault>

Create a new vault.

Parameters

Name	Type	Required	Description
params.name	`string`	Yes	The name of the vault
params.description	`string`	No	Optional description for the vault

Returns

Promise<Vault>

Example

const vault = await client.vaults.create({
  name: 'My Notes',
  description: 'Personal knowledge base',
});
console.log('Created vault:', vault.id);

update

(vaultId: string, params: { name?: string; description?: string | null }) => Promise<Vault>

Update a vault's name or description.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The unique identifier of the vault
params.name	`string`	No	New name for the vault
params.description	`string \| null`	No	New description (use null to clear)

Returns

Promise<Vault>

Example

const updated = await client.vaults.update('vault-123', {
  name: 'Updated Vault Name',
  description: null, // Clear description
});

delete

(vaultId: string) => Promise<void>

Delete a vault permanently.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The unique identifier of the vault to delete

Returns

Promise<void>

Example

await client.vaults.delete('vault-123');
console.log('Vault deleted');

Documents

Manage documents within vaults. The Document type includes: id, vaultId, path, title (nullable), contentHash, sizeBytes, tags, fileModifiedAt, createdAt, updatedAt.

client.documents

list

(vaultId: string, dirPath?: string) => Promise<DocumentListItem[]>

List documents in a vault, optionally filtered by directory.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
dirPath	`string`	No	Optional directory path to filter by

Returns

Promise<DocumentListItem[]>

Example

// List all documents
const docs = await client.documents.list('vault-123');

// List documents in a specific directory
const notes = await client.documents.list('vault-123', 'notes/');

get

(vaultId: string, docPath: string) => Promise<DocumentWithContent>

Get a document's metadata and content.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
docPath	`string`	Yes	The document path (e.g., "notes/hello.md")

Returns

Promise<DocumentWithContent>

Example

const result = await client.documents.get(
  'vault-123',
  'notes/hello.md'
);
console.log('Title:', result.document.title);
console.log('Content:', result.content);

put

(vaultId: string, docPath: string, content: string) => Promise<Document>

Create or update a document (upsert). Checks SHA-256 content hash to skip unchanged writes.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
docPath	`string`	Yes	The document path (must end with .md)
content	`string`	Yes	The markdown content

Returns

Promise<Document>

Example

const doc = await client.documents.put(
  'vault-123',
  'notes/hello.md',
  '# Hello World\n\nThis is my note.'
);
console.log('Document saved:', doc.path);

delete

(vaultId: string, docPath: string) => Promise<void>

Delete a document permanently.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
docPath	`string`	Yes	The document path

Returns

Promise<void>

Example

await client.documents.delete('vault-123', 'notes/old.md');
console.log('Document deleted');

move

(vaultId: string, sourcePath: string, destination: string, overwrite?: boolean) => Promise<{ message: string; source: string; destination: string }>

Move a document to a new path.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
sourcePath	`string`	Yes	Current document path
destination	`string`	Yes	New document path
overwrite	`boolean`	No(default: false)	Whether to overwrite if destination exists

Returns

Promise<{ message: string; source: string; destination: string }>

Example

const result = await client.documents.move(
  'vault-123',
  'drafts/post.md',
  'published/post.md',
  true // overwrite if exists
);
console.log(result.message);

copy

(vaultId: string, sourcePath: string, destination: string, overwrite?: boolean) => Promise<{ message: string; source: string; destination: string }>

Copy a document to a new path.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
sourcePath	`string`	Yes	Source document path
destination	`string`	Yes	Destination document path
overwrite	`boolean`	No(default: false)	Whether to overwrite if destination exists

Returns

Promise<{ message: string; source: string; destination: string }>

Example

const result = await client.documents.copy(
  'vault-123',
  'templates/meeting.md',
  'meetings/2024-02-14.md'
);
console.log(result.message);

Search

Full-text search across documents using PostgreSQL websearch_to_tsquery syntax. The SearchResponse includes: results (array of SearchResult objects), total count, and the executed query.

client.search

search

(params: { q: string; vault?: string; tags?: string; limit?: number; offset?: number }) => Promise<SearchResponse>

Search documents across all accessible vaults or within a specific vault.

Parameters

Name	Type	Required	Description
params.q	`string`	Yes	Search query (PostgreSQL websearch_to_tsquery syntax)
params.vault	`string`	No	Limit search to a specific vault ID
params.tags	`string`	No	Filter by tags (comma-separated)
params.limit	`number`	No	Maximum number of results to return
params.offset	`number`	No	Pagination offset

Returns

Promise<SearchResponse>

Example

// Basic search
const results = await client.search.search({
  q: 'typescript tutorial',
});

// Search within a vault with filters
const filtered = await client.search.search({
  q: 'api documentation',
  vault: 'vault-123',
  tags: 'backend,nodejs',
  limit: 20,
  offset: 0,
});

console.log(`Found ${filtered.total} results`);
filtered.results.forEach(result => {
  console.log(`${result.path}: ${result.snippet}`);
});

AI

AI features including chat sessions and document summarization. Requires a subscription tier that includes AI features. The AiChatSession type includes: id, title, vaultId (nullable), createdAt, updatedAt. The AiChatMessage type includes: id, role (user/assistant/system), content, tokensUsed, createdAt.

client.aiPro or higher

chat

(params: { message: string; sessionId?: string; vaultId?: string }) => Promise<{ sessionId: string; message: { role: string; content: string; sources: string[] }; tokensUsed: number }>

Send a chat message and receive an AI response with optional vault context.

Parameters

Name	Type	Required	Description
params.message	`string`	Yes	The chat message to send
params.sessionId	`string`	No	Existing session ID (creates new if omitted)
params.vaultId	`string`	No	Vault ID for context-aware responses

Returns

Promise<{ sessionId: string; message: { role: string; content: string; sources: string[] }; tokensUsed: number }>

Example

const response = await client.ai.chat({
  message: 'Summarize my recent notes about TypeScript',
  vaultId: 'vault-123',
});

console.log('AI:', response.message.content);
console.log('Sources:', response.message.sources);
console.log('Session ID:', response.sessionId);

listSessions

() => Promise<AiChatSession[]>

List all AI chat sessions for the authenticated user.

Returns

Promise<AiChatSession[]>

Example

const sessions = await client.ai.listSessions();
sessions.forEach(session => {
  console.log(`${session.title} - ${session.createdAt}`);
});

getSession

(sessionId: string) => Promise<{ session: AiChatSession; messages: AiChatMessage[] }>

Get a chat session with its full message history.

Parameters

Name	Type	Required	Description
sessionId	`string`	Yes	The session ID

Returns

Promise<{ session: AiChatSession; messages: AiChatMessage[] }>

Example

const { session, messages } = await client.ai.getSession('session-123');
console.log('Session:', session.title);
messages.forEach(msg => {
  console.log(`${msg.role}: ${msg.content}`);
});

deleteSession

(sessionId: string) => Promise<void>

Delete a chat session and all its messages.

Parameters

Name	Type	Required	Description
sessionId	`string`	Yes	The session ID to delete

Returns

Promise<void>

Example

await client.ai.deleteSession('session-123');
console.log('Session deleted');

summarize

(vaultId: string, documentPath: string) => Promise<{ summary: string; keyTopics: string[]; tokensUsed: number }>

Generate an AI summary of a document with key topics.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
documentPath	`string`	Yes	The document path

Returns

Promise<{ summary: string; keyTopics: string[]; tokensUsed: number }>

Example

const result = await client.ai.summarize(
  'vault-123',
  'research/paper.md'
);

console.log('Summary:', result.summary);
console.log('Key Topics:', result.keyTopics.join(', '));
console.log('Tokens Used:', result.tokensUsed);

API Keys

Manage API keys for programmatic access. API keys use the lsv_k_ prefix and can be scoped to specific vaults and permissions.

client.apiKeys

list

() => Promise<ApiKey[]>

List all API keys for the authenticated user.

Returns

Promise<ApiKey[]>

Example

const keys = await client.apiKeys.list();
keys.forEach(key => {
  console.log(`${key.name}: ${key.prefix}... (active: ${key.isActive})`);
});

get

(keyId: string) => Promise<ApiKey>

Get a specific API key by ID.

Parameters

Name	Type	Required	Description
keyId	`string`	Yes	The API key ID

Returns

Promise<ApiKey>

Example

const key = await client.apiKeys.get('key-123');
console.log('Key name:', key.name);
console.log('Scopes:', key.scopes);

create

(params: CreateApiKeyParams) => Promise<ApiKeyWithSecret>

Create a new API key. The secret is returned only at creation time.

Parameters

Name	Type	Required	Description
params.name	`string`	Yes	A descriptive name for the key
params.scopes	`string[]`	Yes	Array of permission scopes (e.g., ["documents:read", "documents:write"])
params.vaultId	`string`	No	Limit key access to a specific vault
params.expiresAt	`Date \| string`	No	Optional expiration date

Returns

Promise<ApiKeyWithSecret>

Example

const key = await client.apiKeys.create({
  name: 'CI/CD Pipeline',
  scopes: ['documents:read', 'documents:write'],
  vaultId: 'vault-123',
  expiresAt: '2025-12-31',
});

console.log('API Key:', key.key);
console.log('Save this key securely - it cannot be retrieved again!');

update

(keyId: string, params: UpdateApiKeyParams) => Promise<ApiKey>

Update an API key's name or active status.

Parameters

Name	Type	Required	Description
keyId	`string`	Yes	The API key ID
params.name	`string`	No	New name for the key
params.isActive	`boolean`	No	Activate or deactivate the key

Returns

Promise<ApiKey>

Example

// Deactivate a key
const updated = await client.apiKeys.update('key-123', {
  isActive: false,
});

console.log('Key deactivated:', updated.name);

delete

(keyId: string) => Promise<void>

Delete an API key permanently.

Parameters

Name	Type	Required	Description
keyId	`string`	Yes	The API key ID to delete

Returns

Promise<void>

Example

await client.apiKeys.delete('key-123');
console.log('API key deleted');

User

Manage user profile and storage information.

client.user

me

() => Promise<User>

Get the authenticated user's profile information.

Returns

Promise<User>

Example

const user = await client.user.me();
console.log('Email:', user.email);
console.log('Name:', user.name);
console.log('Role:', user.role);
console.log('Tier:', user.subscriptionTier);

getStorage

() => Promise<StorageUsage>

Get storage usage breakdown per vault.

Returns

Promise<StorageUsage>

Example

const storage = await client.user.getStorage();
console.log('Total bytes:', storage.totalBytes);
console.log('Total MB:', (storage.totalBytes / 1024 / 1024).toFixed(2));

storage.vaults.forEach(vault => {
  console.log(`  ${vault.name}: ${vault.sizeBytes} bytes`);
});

Subscription

Manage subscription tiers, billing, and usage limits.

client.subscription

get

() => Promise<Subscription>

Get current subscription details and usage information.

Returns

Promise<Subscription>

Example

const subscription = await client.subscription.get();
console.log('Tier:', subscription.tier);
console.log('Active:', subscription.isActive);
console.log('Expires:', subscription.expiresAt);
console.log('Usage:', subscription.usage);

listPlans

() => Promise<Plan[]>

List available subscription plans with features and pricing.

Returns

Promise<Plan[]>

Example

const plans = await client.subscription.listPlans();
plans.forEach(plan => {
  console.log(`${plan.name}: $${plan.priceMonthly}/month`);
  console.log('Features:', plan.features);
});

createCheckoutSession

(tier: string, returnUrl: string) => Promise<CheckoutSession>

Create a checkout session for upgrading to a new tier.

Parameters

Name	Type	Required	Description
tier	`string`	Yes	The target tier (e.g., "pro", "business")
returnUrl	`string`	Yes	URL to redirect to after checkout

Returns

Promise<CheckoutSession>

Example

const session = await client.subscription.createCheckoutSession(
  'pro',
  'https://myapp.com/settings/subscription'
);

// Redirect user to checkout URL
window.location.href = session.url;

cancel

(reason?: string) => Promise<void>

Cancel the current subscription.

Parameters

Name	Type	Required	Description
reason	`string`	No	Optional cancellation reason for feedback

Returns

Promise<void>

Example

await client.subscription.cancel('Switching to self-hosted');
console.log('Subscription cancelled');

createPortalSession

(returnUrl: string) => Promise<PortalSession>

Create a billing portal session for managing payment methods and invoices.

Parameters

Name	Type	Required	Description
returnUrl	`string`	Yes	URL to redirect to after portal session

Returns

Promise<PortalSession>

Example

const portal = await client.subscription.createPortalSession(
  'https://myapp.com/settings/subscription'
);

// Redirect to billing portal
window.location.href = portal.url;

listInvoices

() => Promise<Invoice[]>

List all invoices for the subscription.

Returns

Promise<Invoice[]>

Example

const invoices = await client.subscription.listInvoices();
invoices.forEach(invoice => {
  console.log(`${invoice.date}: $${invoice.amount} - ${invoice.status}`);
});

Teams

Manage teams, members, invitations, and team vaults. Teams enable collaboration with role-based access control (owner, admin, member).

client.teams

list

() => Promise<Team[]>

List teams the authenticated user belongs to.

Returns

Promise<Team[]>

Example

const teams = await client.teams.list();
teams.forEach(team => {
  console.log(`${team.name} - Role: ${team.myRole}`);
});

get

(teamId: string) => Promise<Team>

Get a team by ID.

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID

Returns

Promise<Team>

Example

const team = await client.teams.get('team-123');
console.log('Team:', team.name);
console.log('Description:', team.description);

create

(params: { name: string; description?: string }) => Promise<Team>

Create a new team. The creator becomes the owner.

Parameters

Name	Type	Required	Description
params.name	`string`	Yes	Team name
params.description	`string`	No	Team description

Returns

Promise<Team>

Example

const team = await client.teams.create({
  name: 'Engineering',
  description: 'Backend engineering team',
});
console.log('Team created:', team.id);

update

(teamId: string, params: UpdateTeamParams) => Promise<Team>

Update a team's name or description (requires admin or owner role).

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID
params.name	`string`	No	New team name
params.description	`string`	No	New team description

Returns

Promise<Team>

Example

const updated = await client.teams.update('team-123', {
  description: 'Updated team description',
});

delete

(teamId: string) => Promise<void>

Delete a team (owner only).

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID to delete

Returns

Promise<void>

Example

await client.teams.delete('team-123');
console.log('Team deleted');

listMembers

(teamId: string) => Promise<TeamMember[]>

List all members of a team.

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID

Returns

Promise<TeamMember[]>

Example

const members = await client.teams.listMembers('team-123');
members.forEach(member => {
  console.log(`${member.name} (${member.email}) - ${member.role}`);
});

updateMemberRole

(teamId: string, userId: string, role: "admin" | "member") => Promise<TeamMember>

Update a team member's role (requires admin or owner).

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID
userId	`string`	Yes	The user ID
role	`"admin" \| "member"`	Yes	The new role

Returns

Promise<TeamMember>

Example

const member = await client.teams.updateMemberRole(
  'team-123',
  'user-456',
  'admin'
);
console.log('Updated role to:', member.role);

removeMember

(teamId: string, userId: string) => Promise<void>

Remove a member from the team (requires admin or owner).

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID
userId	`string`	Yes	The user ID to remove

Returns

Promise<void>

Example

await client.teams.removeMember('team-123', 'user-456');
console.log('Member removed');

leave

(teamId: string) => Promise<void>

Leave a team (cannot leave if you are the only owner).

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID to leave

Returns

Promise<void>

Example

await client.teams.leave('team-123');
console.log('Left team');

inviteMember

(teamId: string, email: string, role: "admin" | "member") => Promise<TeamInvitation>

Invite a user to the team (requires admin or owner).

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID
email	`string`	Yes	Email address to invite
role	`"admin" \| "member"`	Yes	Role for the invited user

Returns

Promise<TeamInvitation>

Example

const invitation = await client.teams.inviteMember(
  'team-123',
  'alice@example.com',
  'member'
);
console.log('Invitation sent:', invitation.id);

listInvitations

(teamId: string) => Promise<TeamInvitation[]>

List pending invitations for a team.

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID

Returns

Promise<TeamInvitation[]>

Example

const invitations = await client.teams.listInvitations('team-123');
invitations.forEach(inv => {
  console.log(`${inv.email} - ${inv.status}`);
});

revokeInvitation

(teamId: string, invitationId: string) => Promise<void>

Revoke a pending invitation.

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID
invitationId	`string`	Yes	The invitation ID

Returns

Promise<void>

Example

await client.teams.revokeInvitation('team-123', 'inv-456');
console.log('Invitation revoked');

createVault

(teamId: string, params: { name: string; description?: string }) => Promise<Record<string, unknown>>

Create a vault under the team scope.

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID
params.name	`string`	Yes	Vault name
params.description	`string`	No	Vault description

Returns

Promise<Record<string, unknown>>

Example

const vault = await client.teams.createVault('team-123', {
  name: 'Shared Documentation',
  description: 'Team knowledge base',
});
console.log('Team vault created:', vault);

listVaults

(teamId: string) => Promise<Record<string, unknown>[]>

List all vaults belonging to the team.

Parameters

Name	Type	Required	Description
teamId	`string`	Yes	The team ID

Returns

Promise<Record<string, unknown>[]>

Example

const vaults = await client.teams.listVaults('team-123');
console.log('Team vaults:', vaults);

Token-based document sharing with optional password protection, expiry, and view limits.

client.shares

list

(vaultId: string, documentPath: string) => Promise<ShareLink[]>

List share links for a specific document.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
documentPath	`string`	Yes	The document path

Returns

Promise<ShareLink[]>

Example

const shares = await client.shares.list('vault-123', 'notes/doc.md');
shares.forEach(share => {
  console.log(`Token: ${share.token}, Views: ${share.viewCount}/${share.maxViews ?? '∞'}`);
});

create

(vaultId: string, documentPath: string, params?: CreateShareLinkParams) => Promise<CreateShareLinkResponse>

Create a share link for a document. The token is returned only at creation.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
documentPath	`string`	Yes	The document path
params.permission	`"view" \| "edit"`	No(default: "view")	Permission level
params.password	`string`	No	Optional password protection
params.expiresAt	`Date \| string`	No	Optional expiration date
params.maxViews	`number`	No	Maximum number of views

Returns

Promise<CreateShareLinkResponse>

Example

const share = await client.shares.create(
  'vault-123',
  'notes/doc.md',
  {
    permission: 'view',
    password: 'secret123',
    expiresAt: '2025-12-31',
    maxViews: 10,
  }
);

console.log('Share URL:', `https://vault.example.com/share/${share.token}`);

revoke

(vaultId: string, shareId: string) => Promise<void>

Revoke a share link.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
shareId	`string`	Yes	The share link ID

Returns

Promise<void>

Example

await client.shares.revoke('vault-123', 'share-456');
console.log('Share link revoked');

Publish

Public document publishing with SEO metadata. Published documents appear at /:profileSlug/:docSlug with custom title, description, and OG image.

client.publish

listMine

(vaultId: string) => Promise<PublishedDocumentWithMeta[]>

List the authenticated user's published documents.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID

Returns

Promise<PublishedDocumentWithMeta[]>

Example

const published = await client.publish.listMine('vault-123');
published.forEach(doc => {
  console.log(`${doc.slug}: ${doc.seoTitle}`);
  console.log(`  URL: https://vault.example.com/${doc.profileSlug}/${doc.slug}`);
});

create

(vaultId: string, documentPath: string, params: PublishDocumentParams) => Promise<PublishedDocument>

Publish a document with SEO settings.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
documentPath	`string`	Yes	The document path
params.slug	`string`	Yes	URL slug for the published document
params.seoTitle	`string`	No	SEO title (falls back to document title)
params.seoDescription	`string`	No	SEO description
params.ogImage	`string`	No	Open Graph image URL

Returns

Promise<PublishedDocument>

Example

const published = await client.publish.create(
  'vault-123',
  'blog/my-post.md',
  {
    slug: 'my-first-post',
    seoTitle: 'My First Blog Post',
    seoDescription: 'An introduction to my blog',
    ogImage: 'https://example.com/og-image.png',
  }
);

console.log('Published at:', `/${published.profileSlug}/${published.slug}`);

update

(vaultId: string, documentPath: string, params: UpdatePublishParams) => Promise<PublishedDocument>

Update publish settings for a document.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
documentPath	`string`	Yes	The document path
params	`UpdatePublishParams`	Yes	Fields to update

Returns

Promise<PublishedDocument>

Example

const updated = await client.publish.update(
  'vault-123',
  'blog/my-post.md',
  {
    seoTitle: 'Updated Title',
    seoDescription: 'Updated description',
  }
);

delete

(vaultId: string, documentPath: string) => Promise<void>

Unpublish a document.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
documentPath	`string`	Yes	The document path

Returns

Promise<void>

Example

await client.publish.delete('vault-123', 'blog/my-post.md');
console.log('Document unpublished');

Connectors

External service integration for bidirectional sync (Google Drive, etc.). Managed by BullMQ workers with sync logging.

client.connectorsRequires connectors plan feature

list

(vaultId?: string) => Promise<Connector[]>

List connectors, optionally filtered by vault.

Parameters

Name	Type	Required	Description
vaultId	`string`	No	Optional vault ID to filter by

Returns

Promise<Connector[]>

Example

// List all connectors
const connectors = await client.connectors.list();

// List connectors for a specific vault
const vaultConnectors = await client.connectors.list('vault-123');

connectors.forEach(conn => {
  console.log(`${conn.name} (${conn.provider}): ${conn.direction}`);
});

get

(connectorId: string) => Promise<Connector>

Get a connector by ID.

Parameters

Name	Type	Required	Description
connectorId	`string`	Yes	The connector ID

Returns

Promise<Connector>

Example

const connector = await client.connectors.get('conn-123');
console.log('Provider:', connector.provider);
console.log('Direction:', connector.direction);
console.log('Last sync:', connector.lastSyncAt);

create

(params: CreateConnectorParams) => Promise<Connector>

Create a new connector.

Parameters

Name	Type	Required	Description
params.provider	`string`	Yes	Provider type (e.g., "google_drive")
params.name	`string`	Yes	Connector name
params.vaultId	`string`	Yes	Target vault ID
params.direction	`string`	Yes	Sync direction ("pull", "push", "bidirectional")
params.config	`object`	Yes	Provider-specific configuration

Returns

Promise<Connector>

Example

const connector = await client.connectors.create({
  provider: 'google_drive',
  name: 'My Google Drive',
  vaultId: 'vault-123',
  direction: 'bidirectional',
  config: {
    folderId: 'google-folder-id-here',
    credentials: { /* OAuth tokens */ },
  },
});

console.log('Connector created:', connector.id);

update

(connectorId: string, params: UpdateConnectorParams) => Promise<Connector>

Update a connector's configuration or active status.

Parameters

Name	Type	Required	Description
connectorId	`string`	Yes	The connector ID
params	`UpdateConnectorParams`	Yes	Fields to update

Returns

Promise<Connector>

Example

const updated = await client.connectors.update('conn-123', {
  name: 'Updated Connector Name',
  isActive: true,
});

delete

(connectorId: string) => Promise<void>

Delete a connector.

Parameters

Name	Type	Required	Description
connectorId	`string`	Yes	The connector ID

Returns

Promise<void>

Example

await client.connectors.delete('conn-123');
console.log('Connector deleted');

test

(connectorId: string) => Promise<TestConnectionResult>

Test a connector's connection to the external service.

Parameters

Name	Type	Required	Description
connectorId	`string`	Yes	The connector ID

Returns

Promise<TestConnectionResult>

Example

const result = await client.connectors.test('conn-123');
if (result.success) {
  console.log('Connection successful');
} else {
  console.error('Connection failed:', result.error);
}

sync

(connectorId: string) => Promise<TriggerSyncResult>

Trigger a manual sync for a connector.

Parameters

Name	Type	Required	Description
connectorId	`string`	Yes	The connector ID

Returns

Promise<TriggerSyncResult>

Example

const result = await client.connectors.sync('conn-123');
console.log('Sync triggered:', result.jobId);

logs

(connectorId: string) => Promise<ConnectorSyncLog[]>

List recent sync logs for a connector.

Parameters

Name	Type	Required	Description
connectorId	`string`	Yes	The connector ID

Returns

Promise<ConnectorSyncLog[]>

Example

const logs = await client.connectors.logs('conn-123');
logs.forEach(log => {
  console.log(`${log.startedAt}: ${log.status}`);
  console.log(`  Added: ${log.itemsAdded}, Updated: ${log.itemsUpdated}, Failed: ${log.itemsFailed}`);
  if (log.error) console.log(`  Error: ${log.error}`);
});

Hooks

Internal event handlers (auto-tag, template, etc.) configured per vault and executed automatically on document events.

client.hooksPro or higher

list

(vaultId: string) => Promise<Hook[]>

List hooks configured for a vault.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID

Returns

Promise<Hook[]>

Example

const hooks = await client.hooks.list('vault-123');
hooks.forEach(hook => {
  console.log(`${hook.name}: ${hook.event} -> ${hook.action}`);
});

create

(vaultId: string, params: CreateHookParams) => Promise<Hook>

Create a new hook for automatic event handling.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
params.name	`string`	Yes	Hook name
params.event	`string`	Yes	Event type (e.g., "document.create")
params.action	`string`	Yes	Action to perform (e.g., "auto-tag")
params.config	`object`	Yes	Hook-specific configuration

Returns

Promise<Hook>

Example

const hook = await client.hooks.create('vault-123', {
  name: 'Auto-tag new docs',
  event: 'document.create',
  action: 'auto-tag',
  config: { tags: ['new', 'unreviewed'] },
});
console.log('Hook created:', hook.id);

update

(vaultId: string, hookId: string, params: UpdateHookParams) => Promise<Hook>

Update a hook's configuration or active status.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
hookId	`string`	Yes	The hook ID
params	`UpdateHookParams`	Yes	Fields to update

Returns

Promise<Hook>

Example

const updated = await client.hooks.update('vault-123', 'hook-456', {
  isActive: false,
});
console.log('Hook deactivated');

delete

(vaultId: string, hookId: string) => Promise<void>

Delete a hook.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
hookId	`string`	Yes	The hook ID

Returns

Promise<void>

Example

await client.hooks.delete('vault-123', 'hook-456');
console.log('Hook deleted');

listExecutions

(vaultId: string, hookId: string) => Promise<HookExecution[]>

List recent executions of a hook.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
hookId	`string`	Yes	The hook ID

Returns

Promise<HookExecution[]>

Example

const executions = await client.hooks.listExecutions('vault-123', 'hook-456');
executions.forEach(exec => {
  console.log(`${exec.createdAt}: ${exec.status}`);
  if (exec.error) console.log('Error:', exec.error);
});

Webhooks

Outbound HTTP notifications with retry logic for vault events. Webhooks are delivered to external URLs with HMAC signature verification.

client.webhooksPro or higher

list

(vaultId: string) => Promise<Webhook[]>

List webhooks configured for a vault.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID

Returns

Promise<Webhook[]>

Example

const webhooks = await client.webhooks.list('vault-123');
webhooks.forEach(webhook => {
  console.log(`${webhook.url}: ${webhook.events.join(', ')}`);
});

create

(vaultId: string, params: CreateWebhookParams) => Promise<WebhookWithSecret>

Create a webhook. The signing secret is returned only at creation time.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
params.url	`string`	Yes	The webhook URL
params.events	`string[]`	Yes	Event types to subscribe to
params.description	`string`	No	Optional description

Returns

Promise<WebhookWithSecret>

Example

const webhook = await client.webhooks.create('vault-123', {
  url: 'https://example.com/webhook',
  events: ['document.create', 'document.update', 'document.delete'],
  description: 'Sync to external system',
});

console.log('Webhook URL:', webhook.url);
console.log('Secret (save securely):', webhook.secret);

update

(vaultId: string, webhookId: string, params: UpdateWebhookParams) => Promise<Webhook>

Update a webhook's URL, events, or active status.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
webhookId	`string`	Yes	The webhook ID
params	`UpdateWebhookParams`	Yes	Fields to update

Returns

Promise<Webhook>

Example

const updated = await client.webhooks.update('vault-123', 'webhook-456', {
  events: ['document.create', 'document.update'],
  isActive: true,
});

delete

(vaultId: string, webhookId: string) => Promise<void>

Delete a webhook.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
webhookId	`string`	Yes	The webhook ID

Returns

Promise<void>

Example

await client.webhooks.delete('vault-123', 'webhook-456');
console.log('Webhook deleted');

listDeliveries

(vaultId: string, webhookId: string) => Promise<WebhookDelivery[]>

List recent delivery attempts for a webhook.

Parameters

Name	Type	Required	Description
vaultId	`string`	Yes	The vault ID
webhookId	`string`	Yes	The webhook ID

Returns

Promise<WebhookDelivery[]>

Example

const deliveries = await client.webhooks.listDeliveries('vault-123', 'webhook-456');
deliveries.forEach(delivery => {
  console.log(`${delivery.createdAt}: ${delivery.status} (${delivery.statusCode})`);
  if (delivery.error) console.log('Error:', delivery.error);
});

Admin

System administration endpoints for statistics, user management, and health monitoring. Requires admin role.

client.adminAdmin role required

getStats

() => Promise<SystemStats>

Get system-wide statistics.

Returns

Promise<SystemStats>

Example

const stats = await client.admin.getStats();
console.log('Total users:', stats.totalUsers);
console.log('Total documents:', stats.totalDocuments);
console.log('Total storage (GB):', (stats.totalStorageBytes / 1024 / 1024 / 1024).toFixed(2));

getTimeseries

(metric: string, period: string) => Promise<TimeseriesResponse>

Get timeseries data for a specific metric and period.

Parameters

Name	Type	Required	Description
metric	`string`	Yes	Metric name ("signups", "documents", "storage")
period	`string`	Yes	Time period ("7d", "30d", "90d")

Returns

Promise<TimeseriesResponse>

Example

const data = await client.admin.getTimeseries('signups', '30d');
data.dataPoints.forEach(point => {
  console.log(`${point.date}: ${point.value}`);
});

listUsers

(params?: AdminUserListParams) => Promise<AdminUserListResponse>

List users with filtering and pagination.

Parameters

Name	Type	Required	Description
params.search	`string`	No	Search by email or name
params.tier	`string`	No	Filter by subscription tier
params.role	`string`	No	Filter by role
params.limit	`number`	No	Page size
params.offset	`number`	No	Pagination offset

Returns

Promise<AdminUserListResponse>

Example

const result = await client.admin.listUsers({
  tier: 'pro',
  limit: 50,
  offset: 0,
});

console.log(`Found ${result.total} pro users`);
result.users.forEach(user => {
  console.log(`${user.email} - ${user.subscriptionTier}`);
});

getUser

(userId: string) => Promise<AdminUserDetail>

Get detailed user information.

Parameters

Name	Type	Required	Description
userId	`string`	Yes	The user ID

Returns

Promise<AdminUserDetail>

Example

const user = await client.admin.getUser('user-123');
console.log('Email:', user.email);
console.log('Role:', user.role);
console.log('Tier:', user.subscriptionTier);
console.log('Storage:', user.storageUsage);

updateUser

(userId: string, params: AdminUpdateUserParams) => Promise<AdminUser>

Update user role, status, or subscription tier.

Parameters

Name	Type	Required	Description
userId	`string`	Yes	The user ID
params.role	`string`	No	New role (user/admin)
params.subscriptionTier	`string`	No	New subscription tier
params.isActive	`boolean`	No	Activate or deactivate account

Returns

Promise<AdminUser>

Example

const updated = await client.admin.updateUser('user-123', {
  role: 'admin',
  subscriptionTier: 'business',
});

console.log('User updated:', updated.email);

getActivity

(limit?: number) => Promise<ActivityEntry[]>

Get recent system-wide activity.

Parameters

Name	Type	Required	Description
limit	`number`	No(default: 100)	Maximum number of entries to return

Returns

Promise<ActivityEntry[]>

Example

const activity = await client.admin.getActivity(50);
activity.forEach(entry => {
  console.log(`${entry.timestamp}: ${entry.action} by ${entry.userEmail}`);
});

getSubscriptionSummary

() => Promise<SubscriptionSummary>

Get per-tier user counts and revenue summary.

Returns

Promise<SubscriptionSummary>

Example

const summary = await client.admin.getSubscriptionSummary();
console.log('Free users:', summary.tiers.free);
console.log('Pro users:', summary.tiers.pro);
console.log('Business users:', summary.tiers.business);
console.log('Total MRR:', summary.totalMRR);

getHealth

() => Promise<SystemHealth>

Check database and Redis health status.

Returns

Promise<SystemHealth>

Example

const health = await client.admin.getHealth();
console.log('Database:', health.database.status);
console.log('Redis:', health.redis.status);
console.log('Overall:', health.status);