Module client 

Structs

ApiClient

HTTP client for the Socket Patch API.

ApiClientEnvOverrides

Explicit overrides for environment-based API client construction.

ApiClientOptions

Options for constructing an ApiClient.

Enums

ApiError

Errors returned by ApiClient methods.

Functions

build_proxy_fallback_client

Build a public-proxy ApiClient from the same overrides used by get_api_client_with_overrides, ignoring any API token.

get_api_client_from_env

Get an API client configured from environment variables.

get_api_client_with_overrides

Like get_api_client_from_env but with explicit overrides for every env-driven knob. Each Some(value) in overrides wins over the corresponding env var. Used by CLI commands that expose --api-url, --api-token, --org, --proxy-url flags via crate::utils in the CLI crate.

is_fallback_candidate

Classify an ApiError as a candidate for the auth → proxy fallback. We only re-route on 401/403 (the stale-credentials signals). Network errors, rate limits, 404s, and 5xx surface as-is so they remain visible to the operator.

looks_like_token_hash

Return true when the configured token value looks like an SRI-format hash (sha512-<base64> etc.) rather than a raw API token. The server stores tokens as this hash; the CLI sometimes gets configured with the storage representation by mistake (users copy what they see in the dashboard). Surfacing this as a hint short-circuits a confusing 401 round-trip.

validate_token_shape

Inspect a configured SOCKET_API_TOKEN value and return a human-readable warning when the value doesn’t match the canonical Socket API token shape (sktsec_<44 chars>_api). Returns None when the token looks valid, so the caller can ignore the result without checking length.