Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@typeform/api-client
Advanced tools
JS Client wrapper for Typeform API
# install with yarn
yarn add @typeform/api-client
# install with npm
npm install @typeform/api-client --save
// If using ESM syntax
import { createClient } from '@typeform/api-client'
// If using CJS syntax
const { createClient } = require('@typeform/api-client')
const typeformAPI = createClient({ token: '<your token>' })
// will retrieve all forms
typeformAPI
.forms
.list()
.then(response => {
// do what do you want with your typeforms
})
createClient({token})
const typeformClient = createClient({ token: '<your token>' })
// If what you are trying to acces doesn't require a token, you can construct the client without any argument
const typeformAPI = createClient()
Client returns the following properties:
forms
images
teams
workspaces
themes
responses
webhooks
Each one of them encapsulates the operations related to it (like listing, updating, deleting the resource).
forms.list({ page: 1, pageSize = 10, search = '', page })
forms.get({ uid })
forms.create({ data = {} })
forms.update({ uid, data = {}, override = false })
forms.delete({ uid })
forms.messages.get({ uid })
forms.messages.update({ uid })
images.list()
images.get({ id, size, backgroundSize, choiceSize })
size
: default, thumbnail, mobilebackgroundSize
: default, thumbnail, mobile, tabletchoiceSize
: default, thumbnail, supersize, supermobile, supersizefit, supermobilefitimages.add({ image, url, fileName })
image
: Base64 code for the image. Note that base64 encoders may add descriptors to the code (such as data:image/png;base64,
). Do not include these descriptors in your image string---include only the base64 code. Use this or url
(below)url
: URL of the image. Use this or image
(above)fileName
: File name for the imageimages.delete({ id })
teams.get({ id })
teams.addMembers({ id, members })
members
: string
or an array
and should be the email for the userteams.removeMembers({ id, members })
members
: string
or an array
and should be the email for the userthemes.list({ page, pageSize })
page
: default 1
pageSize: default
10`themes.get({ id })
themes.create({ background, colors, font, hasTransparentButton, name })
themes.update({ background, colors, font, hasTransparentButton, name })
themes.delete({ id })
workspaces.add({ name })
name
: Name of the new workspace.workspaces.addMembers({ id, members })
id
: Unique ID for the workspace.members
: string
or an array
that should be the email of the userworkspaces.delete({ id })
id
: Unique ID for the workspace.workspaces.get({ id })
id
: Unique ID for the workspace.workspaces.list({ page, pageSize, search })
page
: The page of results to retrieve. Default 1
is the first page of results.pageSize
: Number of results to retrieve per page. Default is 10. Maximum is 200.search
: Returns items that contain the specified string.workspaces.removeMembers({ id, members })
members
: string
or an array
that should be the email of the userworkspaces.update({ id, data })
id
: Unique ID for the workspace.data
: Patch operation to perform in an array structure. See more details in the documentationresponses.delete({ uid, ids })
uid
: Unique ID for the form.ids
: Tokens of the responses to delete. You can list up to 1000 tokens. Accepts either a string or an array of strings.responses.list({ uid, pageSize, since, until, after, before, ids, completed, sort, query, fields })
uid
: Unique ID for the form.pageSize
: Maximum number of responses. Default value is 25. Maximum value is 1000.since
: Limit request to responses submitted since the specified date and time. In ISO 8601 format, UTC time, to the second, with T as a delimiter between the date and time.until
: Limit request to responses submitted until the specified date and time. In ISO 8601 format, UTC time, to the second, with T as a delimiter between the date and time.after
: Limit request to responses submitted after the specified token. If you use the after
parameter, the responses will be sorted in the order that our system processed them (instead of the default order, submitted_at
).before
: Limit request to responses submitted before the specified token. If you use the before
parameter, the responses will be sorted in the order that our system processed them (instead of the default order, submitted_at
).ids
: Limit request to the specified ids. Accepts either a string or an array of strings.completed
: true
if form was submitted. Otherwise, false
.sort
: Order of responses. Currently, responses are automatically sorted by submitted_at,desc
---the date they were submitted, from newest to oldest. We plan to add more options for sort order soon.query
: Limit request to only responses that that include the specified string. You can specify any string as the query
value. The string will be escaped, and the query will include Hidden Fields.fields
: Limit request to only responses for the specified fields. Accepts either a string or an array of strings.webhooks.create({ uid, tag, url, enable = false, secret, verifySSL })
uid
: Unique ID for the form.tag
: Unique name you want to use for the webhook.url
: Webhook URL.enabled
: true
if you want to send responses to the webhook immediately. Otherwise, false
.secret
: If specified, will be used to sign the webhook payload with HMAC SHA256, so that you can verify that it came from Typeform. (Recommended to add security)verifySSL
: true
if you want Typeform to verify SSL certificates when delivering payloads.webhooks.delete({ uid, tag })
uid
: Unique ID for the form.tag
: Unique name of the webhook.webhooks.get({ uid, tag })
uid
: Unique ID for the form.tag
: tag of the webhook createdwebhooks.list({ uid })
uid
: Unique ID for the form.webhooks.update({ uid, tag, url, enable = false, secret, verifySSL })
uid
: Unique ID for the form.tag
: Unique name you want to use for the webhook.url
: Webhook URL.enabled
: true
if you want to send responses to the webhook immediately. Otherwise, false
.secret
: If specified, will be used to sign the webhook payload with HMAC SHA256, so that you can verify that it came from Typeform.verifySSL
: true
if you want Typeform to verify SSL certificates when delivering payloads. typeformClient
.forms
.update({
uid: 'asdf',
data: [
{
"op": "replace",
"path": "/title",
"value": 'new title'
}
]
})
.then(response => {
//...
})
typeformClient
.forms
.update({
uid: 'asdf',
override: true,
data: {
"title": newTitle,
"theme": {
"href": "https://api.typeform.com/themes/6lPNE6"
}
}
})
.then(response => {
//...
})
Note:
The theme property applies a theme
to the form. If you don't specify a value for the 'theme' property, Typeform applies a new copy of the default theme to the form, even if you already have a copy of the default theme applied to this form.
typeformClient
.images
.add({
image: "bGRqZmxzZGpmbHNoZmtoc2RrZmpoc2tqZA==",
mediaType: "image/gif",
fileName: "newimage.gif"
})
.then(response => {
//...
})
typeformClient
.images
.get({ id: 'asdf', size: 'thumbnail' })
.then(response => {
//...
})
To run unit tests.
yarn install
# Runs unit tests
yarn test:unit
Fill out this conversation 🙂
FAQs
JS SDK for Typeform API
The npm package @typeform/api-client receives a total of 10,368 weekly downloads. As such, @typeform/api-client popularity was classified as popular.
We found that @typeform/api-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.