Pr 128

[BrandtKruger]

Explain your changes

fix: correct singularization for user_identities and identities

Fix singularization bug that generated incorrect method names for
user_identities and identities endpoints. Add _singularize_resource()
helper to handle special cases and maintain backward compatibility.

Fixes: create_user_identitie → create_user_identity
get_identitie → get_identity
update_identitie → update_identity
delete_identitie → delete_identity

Checklist

• I have read the “Pull requests” section in the contributing guidelines.
• I agree to the terms within the code of conduct.

🛟 If you need help, consider asking for advice over in the Kinde community.

[coderabbitai]

Warning

Rate limit exceeded

@BrandtKruger has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 1 minutes and 2 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 8460d1d and d1e55e3.

📒 Files selected for processing (1)

• kinde_sdk/management/management_client.py

Walkthrough

Pluralized many ManagementClient API endpoints, added a _singularize_resource helper and wired it into dynamic method generation, replaced singular feature-flag get flows with a POST-based create_feature_flag, introduced identities/user_identities endpoints, and updated response-type mappings and related tests.

Changes

Cohort / File(s)	Summary
Management client core kinde_sdk/management/management_client.py	Reworked API_ENDPOINTS to use plural resource paths, adjusted HTTP verbs and RESPONSE_TYPES/status-code mappings, added _singularize_resource(self, resource: str) -> str, and updated dynamic API method generation to rely on the singularizer.
Resources: feature flags, identities, others kinde_sdk/management/management_client.py	Replaced several singular endpoints with plural variants (e.g., feature_flags, applications, api_applications, user_identities/identities, webhooks, properties, subscribers, roles/permissions resources), added listing/creation and CRUD flows for identities, changed some verbs (PATCH/PUT) and response codes for create/update endpoints.
Tests: management client testv2/testv2_management/test_management_client.py	Removed tests exercising removed methods (get_permission, get_feature_flag, update_api_application); added/updated tests to call create_feature_flag (POST to feature_flags) and adjusted expected request/response payload shapes and endpoint keys.

Sequence Diagram(s)

sequenceDiagram
    participant Client as ManagementClient
    participant Generator as _generate_methods()
    participant Singularizer as _singularize_resource()
    participant APIMethod as generated API method
    participant API as Kinde API

    Client->>Generator: initialize -> generate dynamic methods
    Generator->>Singularizer: singularize(resource_name)
    Singularizer-->>Generator: singular resource name
    Generator->>APIMethod: create API caller (path, verb, response mapping)
    Client->>APIMethod: call create_feature_flag(key,type,value)
    APIMethod->>API: POST /feature_flags with body {key,type,value}
    API-->>APIMethod: 200 + payload
    APIMethod-->>Client: return mapped response

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The PR title 'Pr 128' is vague and does not clearly describe the main change; it lacks specificity about fixing singularization logic.	Use a more descriptive title like 'Fix singularization for user_identities and identities endpoints' to clearly communicate the core change.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description clearly explains the singularization bug fix with specific examples of corrected method names and the addition of the _singularize_resource() helper.
Docstring Coverage	✅ Passed	Docstring coverage is 87.50% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

kinde_sdk/management/management_client.py (2)

387-408: Incomplete handling of -ies plural forms.

The method correctly handles user_identities and identities, but other resources ending in -ies would produce incorrect singular forms:

• industries → industrie (should be industry)
• properties → propertie (should be property)

Currently these resources only have list actions so no singular methods are generated, but this could break if singular actions are added later.

Consider a more robust approach:

     def _singularize_resource(self, resource: str) -> str:
         # Handle special cases
         if resource == 'business':
             return 'business'  # Don't remove 's' from 'business'
         elif resource == 'user_identities':
             return 'user_identity'  # Replace 'identities' with 'identity'
         elif resource == 'identities':
             return 'identity'  # Replace 'identities' with 'identity'
+        # Handle words ending in 'ies' -> 'y' (e.g., properties -> property)
+        elif resource.endswith('ies'):
+            return resource[:-3] + 'y'
         # Default: remove trailing 's' if present
         elif resource.endswith('s'):
             return resource[:-1]
         else:
             return resource

---

474-480: Dead code: manual query string construction is unused.

The final_path variable constructed here is never used. The actual query parameter handling is done by param_serialize at line 489, which receives query_params directly.

Consider removing this unused code block:

-            # FIXED: Use param_serialize to properly construct the full URL with host
-            # Handle query parameters by appending them to the path
-            final_path = formatted_path
-            if query_params and http_method in ('GET', 'DELETE'):
-                query_string = '&'.join([f"{k}={v}" for k, v in query_params.items() if v is not None])
-                if query_string:
-                    separator = '&' if '?' in final_path else '?'
-                    final_path = f"{final_path}{separator}{query_string}"
-            
             # Use param_serialize to get the proper URL with host

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7deb113 and 56d744f.

📒 Files selected for processing (1)

• kinde_sdk/management/management_client.py (11 hunks)

🧰 Additional context used

🪛 GitHub Actions: CI

kinde_sdk/management/management_client.py

[error] 1-1: Dynamic method generation missing 'get_permission' method. The ManagementClient should expose a 'get_permission' method for permissions API.

---

[error] 1-1: ManagementClient does not implement get_feature_flags; only has create_feature_flag as per tests.

🔇 Additional comments (3)

kinde_sdk/management/management_client.py (3)

207-215: LGTM! New identity endpoints correctly added.

The new user_identities and identities resources are properly structured with appropriate paths and HTTP methods. This addresses the PR objective of fixing the singularization bug for these endpoints.

---

348-356: LGTM!

Response type mappings for the new identity endpoints are correctly structured with appropriate status codes (201 for create, 200 for others).

---

410-434: LGTM!

The method generation logic correctly uses the centralized _singularize_resource helper, ensuring consistent singular form derivation for all dynamically generated method names.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

testv2/testv2_management/test_management_client.py (1)

491-533: Feature flag test now matches create‑via‑POST behavior

The test_feature_flags_api_calls update correctly models the new create_feature_flag flow: POST to /feature_flags with a {"key", "type", "value"} body and a single-flag response object, and the test wiring (token, deserialize, assertion) is consistent with other tests in this file.

If you want this test to guard more strongly against regressions, consider also asserting on mock_api_client_instance.param_serialize.call_args (HTTP method, URL, and body) rather than just assert_called_once(), but that’s optional given the existing patterns.

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 56d744f and 65f0413.

📒 Files selected for processing (1)

• testv2/testv2_management/test_management_client.py (4 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-07-04T07:09:21.430Z

Learnt from: brettchaldecott
Repo: kinde-oss/kinde-python-sdk PR: 83
File: kinde_sdk/auth/feature_flags.py:85-102
Timestamp: 2025-07-04T07:09:21.430Z
Learning: In the Kinde Python SDK v2, the maintainer (brettchaldecott) prefers to keep async keywords on methods in the feature flags module even when they don't currently perform await operations, as this approach has been tested and is preferred for the SDK's design.

Applied to files:

• testv2/testv2_management/test_management_client.py

📚 Learning: 2025-08-21T04:46:50.368Z

Learnt from: KomanRudden
Repo: kinde-oss/kinde-python-sdk PR: 101
File: kinde_sdk/auth/permissions.py:6-7
Timestamp: 2025-08-21T04:46:50.368Z
Learning: The kinde_sdk has both frontend and management API modules. The frontend permissions_api.py exists at kinde_sdk/frontend/api/permissions_api.py and contains PermissionsApi class. Using the management API instead of the frontend API for user permissions would be incorrect.

Applied to files:

• testv2/testv2_management/test_management_client.py

🔇 Additional comments (1)

testv2/testv2_management/test_management_client.py (1)

98-120: Comment updates correctly capture removed management methods

The new notes about get_permission, get_feature_flags / get_feature_flag, and update_api_application being removed align with the updated ManagementClient surface and help future readers understand why those methods aren’t asserted here. No functional changes introduced in this block; looks good as-is.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

kinde_sdk/management/management_client.py (1)

77-83: permissions still lacks a get action / get_permission mapping

The permissions resource only defines list/create/update/delete and has no 'get' entry in either API_ENDPOINTS or RESPONSE_TYPES. A prior review noted this was causing a missing get_permission method and pipeline failures; that appears unchanged here. If your API and consumers expect a get_permission method, you’ll still need to add:

• "'get': ('GET', '/api/v1/permissions/{permission_id}')," under API_ENDPOINTS['permissions']
• A corresponding 'get' mapping under RESPONSE_TYPES['permissions'] using the appropriate single‑permission response model.

Also applies to: 258-263

🧹 Nitpick comments (1)

kinde_sdk/management/management_client.py (1)

174-178: Minor: update_business docstring suggests an ID param that the endpoint does not use

For the business resource, update is defined as PATCH /api/v1/business with no path parameter. The generic docstring generator for action == 'update' will still describe an ID argument (business_id), but the generated method accepts only *args, **kwargs and ignores any positional ID because the path has no {} placeholder. If you want the docs to match behavior, consider special‑casing this resource/action in the docstring generation or adjusting the wording to omit the ID parameter.

Also applies to: 327-330

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 65f0413 and dafb06b.

📒 Files selected for processing (2)

• kinde_sdk/management/management_client.py (12 hunks)
• testv2/testv2_management/test_management_client.py (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• testv2/testv2_management/test_management_client.py

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-08-21T04:46:50.368Z

Learnt from: KomanRudden
Repo: kinde-oss/kinde-python-sdk PR: 101
File: kinde_sdk/auth/permissions.py:6-7
Timestamp: 2025-08-21T04:46:50.368Z
Learning: The kinde_sdk has both frontend and management API modules. The frontend permissions_api.py exists at kinde_sdk/frontend/api/permissions_api.py and contains PermissionsApi class. Using the management API instead of the frontend API for user permissions would be incorrect.

Applied to files:

• kinde_sdk/management/management_client.py

📚 Learning: 2025-07-04T07:09:21.430Z

Learnt from: brettchaldecott
Repo: kinde-oss/kinde-python-sdk PR: 83
File: kinde_sdk/auth/feature_flags.py:85-102
Timestamp: 2025-07-04T07:09:21.430Z
Learning: In the Kinde Python SDK v2, the maintainer (brettchaldecott) prefers to keep async keywords on methods in the feature flags module even when they don't currently perform await operations, as this approach has been tested and is preferred for the SDK's design.

Applied to files:

• kinde_sdk/management/management_client.py

🔇 Additional comments (2)

kinde_sdk/management/management_client.py (2)

41-41: Pluralized create endpoints and new identity routes look coherent—please confirm against the Management API spec

The shifts to plural resource paths (organizations, roles, permissions, feature_flags, applications, apis, subscribers, properties) and the new user_identities / identities routes are consistent with the rest of the mapping and should generate the expected method names (e.g., create_user_identity, get_identity, update_identity, delete_identity). Please double‑check these paths and verbs (especially the PATCH→PUT changes) against the live Management API docs so the generated client stays in sync with the server.

Also applies to: 72-72, 80-80, 88-89, 97-97, 106-106, 114-114, 131-131, 177-178, 208-216

---

389-411: New _singularize_resource helper cleanly fixes the identitie method-name bug

Using _singularize_resource with explicit cases for business, user_identities, and identities ensures that dynamic methods are now correctly named (create_user_identity, get_identity, update_identity, delete_identity) while leaving existing resources’ method names stable. Reusing the same helper in _generate_methods and _create_api_method keeps docstrings and method names aligned. This directly addresses the prior singularization issue without introducing obvious regressions.

Also applies to: 415-415, 451-451, 208-216, 354-357

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@kinde_sdk/management/management_client.py`:
- Around line 389-410: The _singularize_resource function currently only strips
a trailing "s" and thus turns words ending in "ies" into incorrect forms (e.g.,
properties → propertie); update _singularize_resource to detect tokens that end
with "ies" (including compound names like "user_properties" and
"organization_properties") and convert that suffix to "y" (e.g., "properties" →
"property", "user_properties" → "user_property") before falling back to the
existing special cases and the single-letter "s" removal; keep the existing
special-case branches for 'business', 'user_identities', and 'identities' and
apply the "ies"→"y" rule prior to the generic .endswith('s') branch so functions
such as create_property / update_user_property are generated correctly.
- Around line 85-91: The feature_flags mapping uses the wrong HTTP verb for the
update operation: change the 'update' entry in the 'feature_flags' dict from
using 'PUT' to 'PATCH' so the ManagementClient will call PATCH for feature flag
updates (update in the 'feature_flags' mapping, the tuple's first element should
be 'PATCH' instead of 'PUT').

♻️ Duplicate comments (1)

kinde_sdk/management/management_client.py (1)

77-83: Missing get endpoint for permissions.

The permissions resource still lacks a get action to retrieve a single permission by ID, which was previously flagged.

🧹 Nitpick comments (2)

kinde_sdk/management/management_client.py (2)

476-483: Manual query string construction bypasses URL encoding.

The query string is built using simple string concatenation without URL encoding. Special characters in parameter values could break the URL or cause injection issues.

♻️ Suggested fix using urllib.parse.urlencode

+from urllib.parse import urlencode
+
 # Handle query parameters by appending them to the path
 final_path = formatted_path
 if query_params and http_method in ('GET', 'DELETE'):
-    query_string = '&'.join([f"{k}={v}" for k, v in query_params.items() if v is not None])
-    if query_string:
-        separator = '&' if '?' in final_path else '?'
-        final_path = f"{final_path}{separator}{query_string}"
+    query_string = urlencode({k: v for k, v in query_params.items() if v is not None})
+    if query_string:
+        separator = '&' if '?' in final_path else '?'
+        final_path = f"{final_path}{separator}{query_string}"

---

597-620: Dead code: backward compatibility loop does nothing.

This loop iterates over method name pairs but only executes pass. The comment indicates these methods are created dynamically, which happens in _generate_methods(). This entire block can be removed.

🧹 Remove dead code

-# Add backwards compatibility methods for common operations
-# These will be deprecated in future versions
-for method_name, new_name in [
-    ('get_users', 'get_users'),
-    ('get_user', 'get_user'),
-    ('create_user', 'create_user'),
-    ('update_user', 'update_user'),
-    ('delete_user', 'delete_user'),
-    ('get_organizations', 'get_organizations'),
-    ('get_organization', 'get_organization'),
-    ('create_organization', 'create_organization'),
-    ('update_organization', 'update_organization'),
-    ('delete_organization', 'delete_organization'),
-    ('get_roles', 'get_roles'),
-    ('get_role', 'get_role'),
-    ('create_role', 'create_role'),
-    ('update_role', 'update_role'),
-    ('delete_role', 'delete_role'),
-    ('get_feature_flags', 'get_feature_flags'),
-    ('create_feature_flag', 'create_feature_flag'),
-    ('update_feature_flag', 'update_feature_flag'),
-    ('delete_feature_flag', 'delete_feature_flag'),
-]:
-    pass  # These methods will be created dynamically

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@kinde_sdk/management/management_client.py`:
- Around line 127-133: Update the Properties API mapping to use PATCH instead of
PUT for the update operation: change the 'properties' dict entry for 'update' in
management_client.py (the tuple currently ('PUT',
'/api/v1/properties/{property_id}')) to use the PATCH HTTP method so the mapping
becomes ('PATCH', '/api/v1/properties/{property_id}'), ensuring requests to the
update route use PATCH and avoid 405 errors.

♻️ Duplicate comments (2)

kinde_sdk/management/management_client.py (2)

220-257: Validate create/update status code mappings against actual API responses.

response_deserialize is status-code sensitive; a 200/201 mismatch will drop data to None. Please confirm the create/update codes for these resources.

Kinde Management API create/update endpoint response status codes (users, roles, permissions, feature flags, subscribers, apis, applications)

Also applies to: 264-286

---

77-83: Add missing get_permission mapping to avoid absent method generation.

Without a get action here (and its response type), the dynamic client won’t generate get_permission, which is likely expected by callers.

🛠️ Proposed fix

         'permissions': {
             'list': ('GET', '/api/v1/permissions'),
+            'get': ('GET', '/api/v1/permissions/{permission_id}'),
             'create': ('POST', '/api/v1/permissions'),
             'update': ('PATCH', '/api/v1/permissions/{permission_id}'),
             'delete': ('DELETE', '/api/v1/permissions/{permission_id}'),
         },

         'permissions': {
             'list': {'200': 'GetPermissionsResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '429': 'ErrorResponse'},
+            'get': {'200': 'GetPermissionResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '404': 'ErrorResponse', '429': 'ErrorResponse'},
             'create': {'201': 'SuccessResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '429': 'ErrorResponse'},
             'update': {'200': 'SuccessResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '404': 'ErrorResponse', '429': 'ErrorResponse'},
             'delete': {'200': 'SuccessResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '404': 'ErrorResponse', '429': 'ErrorResponse'},
         },

Also applies to: 258-263

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

kinde_sdk/management/management_client.py (1)

136-145: Change user_properties.update and organization_properties.update HTTP methods from PUT to PATCH.

The Kinde Management API documentation specifies PATCH /api/v1/users/{user_id}/properties/{property_key} and PATCH /api/v1/organizations/{org_code}/properties/{property_key} for updating properties. Using PUT will cause HTTP errors. This is also inconsistent with the main properties.update endpoint (line 131), which correctly uses PATCH.

🤖 Fix all issues with AI agents

In `@kinde_sdk/management/management_client.py`:
- Around line 354-358: The identities response mapping in management_client.py
is missing 404 handling for not-found cases; update the 'identities' entry for
the 'get', 'update', and 'delete' operations to include "'404': 'ErrorResponse'"
in each mapping so they match other resources (e.g., users.get, roles.get).
Locate the 'identities' dict (keys 'get', 'update', 'delete') and add the 404 ->
ErrorResponse mapping to each operation's response map.

♻️ Duplicate comments (1)

kinde_sdk/management/management_client.py (1)

77-83: Missing get endpoint for permissions.

The permissions resource lacks a get action, so get_permission method won't be generated. Add the missing endpoint:

         'permissions': {
             'list': ('GET', '/api/v1/permissions'),
+            'get': ('GET', '/api/v1/permissions/{permission_id}'),
             'create': ('POST', '/api/v1/permissions'),

Also add the corresponding entry in RESPONSE_TYPES['permissions']:

         'permissions': {
             'list': {'200': 'GetPermissionsResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '429': 'ErrorResponse'},
+            'get': {'200': 'GetPermissionResponse', '400': 'ErrorResponse', '403': 'ErrorResponse', '404': 'ErrorResponse', '429': 'ErrorResponse'},
             'create': {'201': 'SuccessResponse', ...

🧹 Nitpick comments (1)

kinde_sdk/management/management_client.py (1)

605-628: Dead code: backwards compatibility loop does nothing.

This loop iterates over method name pairs but only executes pass. The comment claims methods will be created dynamically, but they're already generated in _generate_methods(). This entire block is dead code.

Either remove this section or implement actual backwards-compatibility aliases with deprecation warnings if needed:

🔧 Option 1: Remove dead code

-# Add backwards compatibility methods for common operations
-# These will be deprecated in future versions
-for method_name, new_name in [
-    ('get_users', 'get_users'),
-    ('get_user', 'get_user'),
-    ...
-]:
-    pass  # These methods will be created dynamically

🔧 Option 2: Implement deprecation aliases (if old method names differ)

import warnings

def _create_deprecated_alias(cls, old_name: str, new_name: str):
    def deprecated_method(self, *args, **kwargs):
        warnings.warn(
            f"{old_name} is deprecated, use {new_name} instead",
            DeprecationWarning,
            stacklevel=2
        )
        return getattr(self, new_name)(*args, **kwargs)
    return deprecated_method