Coming soon.
@wardin/sdk is not yet published to npm — the interface
documented here is final and ships with the v1 launch. Until then npm install @wardin/sdk won’t resolve.wardin.receipts.list()). Every path, parameter, and
response is generated from the same OpenAPI spec that powers the
API Reference — so the client can’t drift from the
contract.
Install
fetch). The package is
ESM-only (import, not require).
Quickstart
Authentication
Pass a secret API key (wardin_sk_...); it’s sent as
Authorization: Bearer. Create one with
POST /v1/keys or in the Console. Treat it as a
secret — server-side only, never ship it to a browser.
Configuration
Resources
Every method is fully typed (request body, params, response). On a non-2xx response a method throwsWardinApiError; on success it returns the parsed
body. Each method maps to a REST endpoint in the
API Reference.
| Resource | Methods |
|---|---|
wardin.keys | list() · create(body) · delete(id) · setLimits(id, body) · assign(id, body) |
wardin.budgets | list() · update(id, body) |
wardin.policies | list() · create(body) · delete(id) |
wardin.providers | list() · test(provider) |
wardin.receipts | list(query?) · get(id) · verifyChain(id, query) · export(query?) → string |
wardin.compliance | frameworks() · coverage(framework) · evidenceBundle(query?) |
keys.create with budgetUsd) — there
is no standalone create, so budgets exposes only list + update.
receipts.export(query?) returns the matched set as a raw JSONL/CSV string
(pass { format: 'jsonl' | 'csv' } plus the same filters as receipts.list).
Common operations
Create a virtual key with a monthly budget and rate limit:Pagination
receipts.list is cursor-paginated, newest first. Each response returns
nextCursor for the following page (absent once you reach the end) — loop until
it’s gone:
from, to, actor, provider, model, check,
upstreamStatus) apply to every page. For a large historical pull, prefer
receipts.export() — it streams the whole matched set in one call.
Error handling
Escape hatch — any endpoint
Any endpoint not wrapped as a resource method is reachable onwardin.raw,
the underlying openapi-fetch client. It
returns { data, error } (it does not throw) and is fully typed:
Offline evidence verification
This SDK drives the control plane. To verify a tenant’s signed receipt chain offline, without trusting Wardin, export an Evidence Bundle (wardin.compliance.evidenceBundle()) and check it with the open-source
wardin-verify CLI — see Offline Verification.
Versioning
The SDK follows semantic versioning. Its types are generated from the committed OpenAPI spec (app DTOs →openapi.json → SDK), and a CI gate fails on any drift,
so a published version always matches the contract it was built against. Breaking
changes to the /v1 contract ship as a new major with release notes.