Skip to content

feat: add projectId configuration, revokeDelegationForEndUser, and end user API's to TypeScript SDK#624

Merged
sammccord merged 5 commits intomainfrom
sammccord/cdpsdk-2350-add-revokedelegation-to-cdp-sdk
Mar 30, 2026
Merged

feat: add projectId configuration, revokeDelegationForEndUser, and end user API's to TypeScript SDK#624
sammccord merged 5 commits intomainfrom
sammccord/cdpsdk-2350-add-revokedelegation-to-cdp-sdk

Conversation

@sammccord
Copy link
Copy Markdown
Contributor

@sammccord sammccord commented Mar 18, 2026
edited
Loading

Description

Add projectId configuration and revokeDelegationForEndUser to the TypeScript SDK for delegated signing operations.

Changes

New: projectId configuration

  • Add projectId?: string to CdpClientOptions, reading from CDP_PROJECT_ID env var
  • CDPEndUserClient accepts projectId via constructor, validates at delegation call time with requireProjectId()
  • toEndUserAccount receives projectId through options, with its own requireProjectId() helper
  • All 14 delegation methods on both CDPEndUserClient and EndUserAccount now send the real project ID instead of a placeholder

New: revokeDelegationForEndUser

  • Expose revokeDelegationForEndUser on CDPEndUserClient (direct) and revokeDelegation on EndUserAccount
  • Wire through CdpOpenApiClient

Scope: TypeScript only — Python implementation deferred.

Tests

  • All 532 unit tests pass (pnpm test -- --run)
  • Lint clean (pnpm lint) aside from pre-existing no-console in cdpApiClient.ts
  • Updated ~25 toHaveBeenCalledWith assertions in endUser.test.ts to verify projectId is passed correctly

Checklist

  • Updated the typescript README if relevant
  • Updated the python README if relevant
  • Added a changelog entry
  • Added e2e tests if introducing new functionality

@linear
Copy link
Copy Markdown

linear bot commented Mar 18, 2026

CDPSDK-2350 Add revokeDelegation to cdp-sdk

@cb-heimdall
Copy link
Copy Markdown

cb-heimdall commented Mar 18, 2026
edited
Loading

✅ Heimdall Review Status

Requirement Status More Info
Reviews 2/1
Denominator calculation
Show calculation
1 if user is bot 0
1 if user is external 0
2 if repo is sensitive 0
From .codeflow.yml 1
Additional review requirements
Show calculation
Max 0
0
From CODEOWNERS 0
Global minimum 0
Max 1
1
1 if commit is unverified 0
Sum 1

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 18, 2026
edited
Loading

⚠️ Generated Client Files Have Been Modified

This pull request contains manual changes to generated client files. These files are automatically generated from the OpenAPI specification and should not be edited directly.

Please check the workflow logs for details on which files were modified.

To fix this issue:

  1. Revert any manual changes to files in:
    • typescript/src/openapi-client/generated/
    • python/cdp/openapi_client/
    • go/openapi/
    • java/src/main/java/com/coinbase/cdp/openapi/
  2. If you need to change the generated code, update the OpenAPI spec (openapi.yaml) instead
  3. Run the generation commands locally to update the generated files

This comment will be automatically removed once the issue is resolved.

@sammccord sammccord force-pushed the sammccord/cdpsdk-2350-add-revokedelegation-to-cdp-sdk branch from b413c2b to a2e7fa9 Compare March 26, 2026 19:06
@sammccord sammccord changed the title feat: add revokeDelegationForEndUser to TypeScript and Python SDKs feat: add revokeDelegationForEndUser to TypeScript SDK Mar 27, 2026
@sammccord sammccord changed the title feat: add revokeDelegationForEndUser to TypeScript SDK feat: add projectId configuration and revokeDelegationForEndUser to TypeScript SDK Mar 27, 2026
@sammccord sammccord requested a review from 0xRAG March 27, 2026 18:01
@sammccord sammccord changed the title feat: add projectId configuration and revokeDelegationForEndUser to TypeScript SDK feat: add projectId configuratio, revokeDelegationForEndUser, and end user API's to TypeScript SDK Mar 27, 2026
@sammccord sammccord marked this pull request as ready for review March 27, 2026 21:29
@sammccord sammccord changed the title feat: add projectId configuratio, revokeDelegationForEndUser, and end user API's to TypeScript SDK feat: add projectId configuration, revokeDelegationForEndUser, and end user API's to TypeScript SDK Mar 27, 2026
@sammccord sammccord requested review from kkuhnen and sddioulde March 30, 2026 01:48
@sammccord
Copy link
Copy Markdown
Contributor Author

sammccord commented Mar 30, 2026

generated clients are failing because orval is trying to import the sql alpha api which does not exist in the codegen output

@sammccord sammccord force-pushed the sammccord/cdpsdk-2350-add-revokedelegation-to-cdp-sdk branch from 01b6557 to 9730aaf Compare March 30, 2026 21:23
0xRAG
0xRAG reviewed Mar 30, 2026
View reviewed changes
examples/typescript/end-users/signSolanaMessage.ts
Comment on lines +20 to +24
const result = await cdp.endUser.signSolanaMessage({
userId: endUser.userId,
address: endUser.solanaAccountObjects[0].address,
message: Buffer.from("Hello, World!").toString("base64"),
});
Copy link
Copy Markdown
Contributor

@0xRAG 0xRAG Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This assumes the user has granted delegation to the developer, right? Would be good to document that in the script instructions

Copy link
Copy Markdown
Contributor Author

@sammccord sammccord Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

documented at the top

@sammccord sammccord force-pushed the sammccord/cdpsdk-2350-add-revokedelegation-to-cdp-sdk branch from 9730aaf to 9fe6cc1 Compare March 30, 2026 22:29
@sammccord sammccord requested a review from 0xRAG March 30, 2026 22:40
jazz-cb
jazz-cb reviewed Mar 30, 2026
View reviewed changes
typescript/src/client/end-user/endUser.test.ts
// ─── Delegated Sign/Send Operations ───

describe("signEvmHash", () => {
const mockResult = { signature: "0xsig123" };
Copy link
Copy Markdown
Contributor

@jazz-cb jazz-cb Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also add a unit test for the scenario where projectID isnt set?

Copy link
Copy Markdown
Contributor Author

@sammccord sammccord Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added

sddioulde
sddioulde previously approved these changes Mar 30, 2026
View reviewed changes
@cb-heimdall
Copy link
Copy Markdown

cb-heimdall commented Mar 30, 2026

Review Error for sddioulde @ 2026-03-30 22:58:31 UTC
User failed mfa authentication, either user does not exist or public email is not set on your github profile. \ see go/mfa-help

0xRAG
0xRAG reviewed Mar 30, 2026
View reviewed changes
typescript/src/openapi-client/generated/end-user-accounts/end-user-accounts.ts
@@ -1,5 +1,5 @@
/**
* Generated by orval v7.6.0 🍺
* Generated by orval v7.21.0 🍺
Copy link
Copy Markdown
Contributor

@0xRAG 0xRAG Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

did you want to bump orval?

Copy link
Copy Markdown
Contributor Author

@sammccord sammccord Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

according to our package.json, this is the correct version #622

0xRAG
0xRAG reviewed Mar 30, 2026
View reviewed changes
typescript/src/openapi-client/cdpApiClient.ts
Comment on lines +90 to +96
* Delegated routing interceptor.
* Registered after withAuth so it runs BEFORE the auth interceptor (LIFO order).
* This rewrites the URL first, then the auth interceptor computes JWT headers
* (Authorization and X-Wallet-Auth) against the rewritten URL path, ensuring
* the `uris` claim matches the actual request URL.
* The API gateway validates the JWT, strips the /delegated prefix, and forwards
* to the backend.
Copy link
Copy Markdown
Contributor

@0xRAG 0xRAG Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is this needed? would be good to document the why

Copy link
Copy Markdown
Contributor Author

@sammccord sammccord Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

prefixed comment with explainer

@sammccord @claude
test: add requireProjectId error tests for end user delegation operat…
e183324 
…ions

Verifies that all delegation operations on CDPEndUserClient throw
UserInputValidationError when project ID is not configured.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@sammccord sammccord merged commit 0c0c1c8 into main Mar 30, 2026
49 of 51 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@0xRAG 0xRAG 0xRAG left review comments

@kkuhnen kkuhnen kkuhnen approved these changes

@jazz-cb jazz-cb jazz-cb approved these changes

@sddioulde sddioulde sddioulde left review comments

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@sammccord @cb-heimdall @kkuhnen @sddioulde @0xRAG @jazz-cb