feat: enhance type definitions and extend user identities support #128
Conversation
- Update response types for various endpoints - Add new endpoints for user identities management
WalkthroughThe pull request reorganizes API endpoints and response mappings in the ManagementClient, updating paths for existing resources (organizations, feature flags, properties, connected apps, api applications), adding new identity-related endpoints (user_identities, identities), and adjusting HTTP status code mappings across multiple resources. Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Rationale: Single-file changes with systematic, repetitive endpoint and response mapping updates across many resources. Review requires careful verification that all path/method/status-code changes align with API specifications and that new endpoints integrate correctly without breaking existing functionality. Possibly related PRs
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 0
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
kinde_sdk/management/management_client.py (1)
390-396: Fix singularization: identities/user_identities generate wrong method names (…_identitie).Naive
resource[:-1]yieldsidentitie; callers will getcreate_user_identitie,get_identitie, etc. This is a breaking DX bug.Apply this diff in both places to handle irregular plurals:
- if resource == 'business': - resource_singular = 'business' # Don't remove 's' from 'business' - else: - resource_singular = resource[:-1] if resource.endswith('s') else resource + irregular = { + 'business': 'business', + 'identities': 'identity', + 'user_identities': 'user_identity', + } + resource_singular = irregular.get(resource, resource[:-1] if resource.endswith('s') else resource)Repeat the same change in
_create_api_methodsingularization block.Also applies to: 430-435
🧹 Nitpick comments (7)
kinde_sdk/management/management_client.py (7)
437-446: Support named path params and validate missing placeholders.Current logic only consumes positional
*argsand silently leaves{}if not enough args. Prefer named kwargs first, then args; error if missing.Apply:
- formatted_path = path - if '{' in path and args: - param_values = list(args) - while '{' in formatted_path and param_values: - start_idx = formatted_path.find('{') - end_idx = formatted_path.find('}') - if start_idx >= 0 and end_idx >= 0: - formatted_path = formatted_path[:start_idx] + str(param_values.pop(0)) + formatted_path[end_idx + 1:] + formatted_path = path + # Fill placeholders from kwargs first, then from args; validate all placeholders resolved + arg_values = list(args) + while True: + start_idx = formatted_path.find('{') + end_idx = formatted_path.find('}', start_idx + 1) + if start_idx == -1 or end_idx == -1: + break + key = formatted_path[start_idx + 1:end_idx] + if key in kwargs: + value = kwargs.pop(key) + elif arg_values: + value = arg_values.pop(0) + else: + raise ValueError(f"Missing value for path parameter '{key}'") + formatted_path = f"{formatted_path[:start_idx]}{value}{formatted_path[end_idx + 1:]}"
458-466: Remove dead manual query-string assembly; rely on ApiClient.param_serialize.
final_pathand string-join block are unused;param_serializebuilds the URL withquery_paramsalready.Apply:
- # FIXED: Use param_serialize to properly construct the full URL with host - # Handle query parameters by appending them to the path - final_path = formatted_path - if query_params and http_method in ('GET', 'DELETE'): - query_string = '&'.join([f"{k}={v}" for k, v in query_params.items() if v is not None]) - if query_string: - separator = '&' if '?' in final_path else '?' - final_path = f"{final_path}{separator}{query_string}" + # Rely on ApiClient.param_serialize for full URL and query encoding
521-532: Docstring for GET should reflect query_keys when no path params (e.g., users.get expects ?id=).Currently shows
{resource}_id, which is misleading for endpoints like/api/v1/user.Apply:
- elif action == 'get': - param_name = path.split('{')[-1].split('}')[0] if '{' in path else f"{resource_singular}_id" + elif action == 'get': + if '{' in path: + param_name = path.split('{')[-1].split('}')[0] + elif query_keys: + param_name = " | ".join(query_keys) + else: + param_name = "query parameters" docstring = f""" Get a {resource_singular} by ID. Args: {param_name}: The ID of the {resource_singular} to get.Optionally, declare
query_keysfor the users GET endpoint to make this explicit (see separate suggestion).
31-33: Declare query_keys for users.get to document theidquery parameter.This aligns docs and usage.
Apply:
- 'get': ('GET', '/api/v1/user'), + 'get': ('GET', '/api/v1/user', ['id']),
253-255: roles.update response code mapped to 201; include 200 to avoid deserialization errors.Updates typically return 200/204. Including 200 is safer across environments.
Apply:
- 'update': {'201': 'SuccessResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '404': 'ErrorResponse', '429': 'ErrorResponse'}, + 'update': {'200': 'SuccessResponse', '201': 'SuccessResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '404': 'ErrorResponse', '429': 'ErrorResponse'},Please confirm the latest Kinde API status code for PATCH /api/v1/roles/{role_id}.
359-376: Add optional request timeout to avoid hanging requests.All network calls pass
_request_timeout=None. Provide a client-level default and forward it.Apply:
-def __init__(self, domain: str, client_id: str, client_secret: str): +def __init__(self, domain: str, client_id: str, client_secret: str, request_timeout: Optional[Union[float, tuple]] = None): @@ - self.token_manager = ManagementTokenManager(domain, client_id, client_secret) + self.token_manager = ManagementTokenManager(domain, client_id, client_secret) + self.request_timeout = request_timeout- _request_timeout=None + _request_timeout=self.request_timeoutOptionally, surface a per-call override via a special kwarg (e.g.,
_timeout) you pop fromkwargs.Also applies to: 495-496
580-603: Remove dead “backwards compatibility methods” block.The loop is a no-op (
pass) and doesn’t alias anything. Safe to delete or implement actual aliases with deprecation warnings.Apply:
-# Add backwards compatibility methods for common operations -# These will be deprecated in future versions -for method_name, new_name in [ - ('get_users', 'get_users'), - ('get_user', 'get_user'), - ('create_user', 'create_user'), - ('update_user', 'update_user'), - ('delete_user', 'delete_user'), - ('get_organizations', 'get_organizations'), - ('get_organization', 'get_organization'), - ('create_organization', 'create_organization'), - ('update_organization', 'update_organization'), - ('delete_organization', 'delete_organization'), - ('get_roles', 'get_roles'), - ('get_role', 'get_role'), - ('create_role', 'create_role'), - ('update_role', 'update_role'), - ('delete_role', 'delete_role'), - ('get_feature_flags', 'get_feature_flags'), - ('create_feature_flag', 'create_feature_flag'), - ('update_feature_flag', 'update_feature_flag'), - ('delete_feature_flag', 'delete_feature_flag'), -]: - pass # These methods will be created dynamically +# (removed dead back-compat placeholder)
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
kinde_sdk/management/management_client.py(9 hunks)
🔇 Additional comments (3)
kinde_sdk/management/management_client.py (3)
207-215: LGTM on adding identities/user_identities endpoints and response maps.Paths and type names look consistent with the new resources. Singularization fix above will ensure method names are ergonomic.
If the API returns 204 on delete, consider adding '204': 'SuccessResponse' to
identities.delete.Also applies to: 348-356
42-44: Code is correct—no changes needed.Kinde Management API uses PATCH for updating organizations at the endpoint PATCH /api/v1/organization/{org_code}, which matches the implementation in the code. The PR summary's reference to "PUT where required" does not apply to this endpoint.
223-224: The review comment recommendation is incorrect—Kinde create endpoints return 200 OK, not 201.Official Kinde documentation confirms all four create endpoints (POST /api/v1/user, POST /api/v1/organization, POST /api/v1/webhooks, and POST /api/v1/apis) return 200 OK as the success response, not 201. The suggested diff additions for 201 status codes would be unnecessary and potentially incorrect, as the API never returns this status code. No changes are required.
Likely an incorrect or invalid review comment.
BrandtKruger
left a comment
BrandtKruger
left a comment
There was a problem hiding this comment.
R #128 validation summary
Changes applied
This PR updates the ManagementClient to align with the current Kinde Management API. Major changes:
Endpoint path updates:
Users: /api/v1/users/{user_id} → /api/v1/user (with id query parameter)
Organizations: /api/v1/organizations/{org_code} → /api/v1/organization/{org_code} (singular)
Feature flags: removed list and get endpoints
Properties: removed get endpoints
Permissions: removed get endpoint
Connected apps: /api/v1/application → /api/v1/applications (plural)
API applications: /api/v1/api → /api/v1/apis (plural), removed update
Subscribers: added create endpoint
Business: added update endpoint
HTTP method changes:
Feature flags: PATCH → PUT for updates
Properties: PATCH → PUT for updates
Response type mappings:
Many create operations: 201 → 200 (aligns with actual API responses)
Organization operations: 201 → 200 for add operations
New endpoints:
user_identities: list and create operations
identities: get, update, and delete operations
Validation results
Endpoint configuration:
Endpoint paths are correctly configured
HTTP methods match the API
Query parameters are properly specified (e.g., users.update uses ['id'])
Response types:
Response type mappings are correctly configured
New endpoints have appropriate response types
Method generation:
Methods are generated dynamically
Note: singularization bug affects user_identities and identities:
create_user_identitie (should be create_user_identity)
get_identitie (should be get_identity)
update_identitie (should be update_identity)
delete_identitie (should be delete_identity)
This is a pre-existing bug in the singularization logic, not introduced by this PR
Tests:
Management token manager tests pass (25/25)
No regressions detected
Breaking changes
Users API:
get_user(user_id) → get_user(id=user_id) (now uses query parameter)
update_user(user_id, ...) → update_user(id=user_id, ...) (now uses query parameter)
delete_user(user_id) → delete_user(id=user_id) (now uses query parameter)
Organizations API:
Path changed from /api/v1/organizations/{org_code} to /api/v1/organization/{org_code}
Feature flags:
Removed get_feature_flags() and get_feature_flag(key) methods
update_feature_flag() now uses PUT instead of PATCH
Properties:
Removed get_property(property_id) method
update_property() now uses PUT instead of PATCH
Permissions:
Removed get_permission(permission_id) method
API applications:
Removed update_api_application() method
Recommendations
Merge with caution:
This PR introduces breaking changes that will affect existing code
Users will need to update their code to use the new endpoint patterns
Documentation:
Update documentation to reflect the new endpoint patterns
Document the breaking changes in the CHANGELOG
Singularization bug:
Consider fixing the singularization logic to handle user_identities and identities correctly
This could be done in a follow-up PR
Testing:
Test with real API calls to verify the endpoint paths and methods are correct
Test the new user_identities and identities endpoints
Overall assessment
Status: Validated — changes align with the Kinde Management API
Breaking changes: Yes — existing code will need updates
Tests: Pass — no regressions detected
Recommendation: Approve with documentation of breaking changes
The PR correctly updates the SDK to match the current Kinde Management API. The breaking changes are necessary to align with the API, but should be documented clearly for users.
Fix the singularization bug that was generating incorrect method names: - create_user_identitie → create_user_identity - get_identitie → get_identity - update_identitie → update_identity - delete_identitie → delete_identity Changes: - Add _singularize_resource() helper method to centralize singularization logic - Handle special cases: user_identities → user_identity, identities → identity - Update both _generate_methods() and _create_api_method() to use the helper - Maintains existing behavior for other resources (users, organizations, etc.) This fixes a pre-existing bug that was exposed by PR kinde-oss#128's addition of user_identities and identities endpoints.
Update test assertions to reflect removed endpoints: - Remove get_permission assertion (permissions no longer has get endpoint) - Remove get_feature_flags and get_feature_flag assertions (removed in PR #128) - Remove update_api_application assertion (removed in PR #128) - Update test_feature_flags_api_calls to test create_feature_flag instead These changes align tests with the updated Management API endpoints introduced in PR #128.
2 participants
Explain your changes
Checklist
🛟 If you need help, consider asking for advice over in the Kinde community.