feat(accounts): multi-tenancy support — accounts module + dynamic active-account header

- Add `base44.accounts` module: getActiveAccountId, switchAccount, listMine,
  create, update, listMembers, invite, acceptInvite, changeMemberRole,
  removeMember, transferOwnership, and billing.{listPlans, startCheckout}
  mapping to the backend /api/apps/{appId}/accounts/... routes.
- Send X-Active-Account-Id per request, read from the URL path (the canonical
  account source) so account-scoped reads/writes stay isolated to the current
  tenant even after a client-side (Link/useNavigate) account switch. No-op for
  single-tenant apps / Node.
- Wire accounts into the client + Base44Client type; re-export account types.
- Add node-safe unit tests for the module's HTTP surface.

Co-authored-by: Cursor <cursoragent@cursor.com>

Author: felixkob

src/client.ts

@@ -12,6 +12,7 @@ import { createFunctionsModule } from "./modules/functions.js";
 import { createAgentsModule } from "./modules/agents.js";
 import { createAppLogsModule } from "./modules/app-logs.js";
 import { createUsersModule } from "./modules/users.js";
+import { createAccountsModule } from "./modules/accounts.js";
 import { RoomsSocket, RoomsSocketConfig } from "./utils/socket-utils.js";
 import type {
   Base44Client,
@@ -192,6 +193,7 @@ export function createClient(config: CreateClientConfig): Base44Client {
     }),
     appLogs: createAppLogsModule(axiosClient, appId),
     users: createUsersModule(axiosClient, appId),
+    accounts: createAccountsModule(axiosClient, appId),
     analytics: createAnalyticsModule({
       axiosClient,
       serverUrl,

src/client.types.ts

@@ -10,6 +10,7 @@ import type { FunctionsModule } from "./modules/functions.types.js";
 import type { AgentsModule } from "./modules/agents.types.js";
 import type { AppLogsModule } from "./modules/app-logs.types.js";
 import type { AnalyticsModule } from "./modules/analytics.types.js";
+import type { AccountsModule } from "./modules/accounts.types.js";
 
 /**
  * Options for creating a Base44 client.
@@ -85,6 +86,8 @@ export interface CreateClientConfig {
  * Provides access to all SDK modules for interacting with the app.
  */
 export interface Base44Client {
+  /** {@link AccountsModule | Accounts module} for multi-tenancy (accounts, members, billing). */
+  accounts: AccountsModule;
   /** {@link AgentsModule | Agents module} for managing AI agent conversations. */
   agents: AgentsModule;
   /** {@link AnalyticsModule | Analytics module} for tracking custom events in your app. */

src/index.ts

@@ -102,6 +102,19 @@ export type {
 
 export type { AppLogsModule } from "./modules/app-logs.types.js";
 
+export type {
+  AccountsModule,
+  Account,
+  AccountMembership,
+  AccountPlan,
+  AccountRole,
+  AssignableAccountRole,
+  AccountStatus,
+  AccountMembershipStatus,
+  MyAccountsResponse,
+  CheckoutSession,
+} from "./modules/accounts.types.js";
+
 export type { SsoModule, SsoAccessTokenResponse } from "./modules/sso.types.js";
 
 export type {

src/modules/accounts.ts

@@ -0,0 +1,111 @@
+import { AxiosInstance } from "axios";
+
+import { getActiveAccountIdFromPath } from "../utils/common.js";
+import type {
+  Account,
+  AccountMembership,
+  AccountPlan,
+  AccountsModule,
+  AssignableAccountRole,
+  CheckoutSession,
+  MyAccountsResponse,
+} from "./accounts.types.js";
+
+/**
+ * Creates the accounts module (multi-tenancy) for the Base44 SDK.
+ *
+ * @param axios - Axios instance (responses are unwrapped to data).
+ * @param appId - Application ID.
+ * @returns The accounts module.
+ * @internal
+ */
+export function createAccountsModule(
+  axios: AxiosInstance,
+  appId: string
+): AccountsModule {
+  const base = `/apps/${appId}/accounts`;
+  const enc = encodeURIComponent;
+
+  return {
+    getActiveAccountId(): string | undefined {
+      return getActiveAccountIdFromPath();
+    },
+
+    switchAccount(accountId: string, subPath = ""): void {
+      if (typeof window === "undefined") return;
+      const clean = subPath.replace(/^\/+/, "");
+      window.location.assign(`/${accountId}${clean ? `/${clean}` : "/"}`);
+    },
+
+    async listMine(): Promise<MyAccountsResponse> {
+      return axios.get(`${base}/me`);
+    },
+
+    async create(params: {
+      name: string;
+      data?: Record<string, unknown>;
+    }): Promise<Account> {
+      return axios.post(base, params);
+    },
+
+    async update(
+      accountId: string,
+      params: { name?: string; data?: Record<string, unknown> }
+    ): Promise<Account> {
+      return axios.patch(`${base}/${accountId}`, params);
+    },
+
+    async listMembers(accountId: string): Promise<AccountMembership[]> {
+      return axios.get(`${base}/${accountId}/members`);
+    },
+
+    async invite(
+      accountId: string,
+      email: string,
+      role: AssignableAccountRole = "member"
+    ): Promise<AccountMembership> {
+      return axios.post(`${base}/${accountId}/invites`, { email, role });
+    },
+
+    async acceptInvite(accountId: string): Promise<AccountMembership> {
+      return axios.post(`${base}/${accountId}/accept`, {});
+    },
+
+    async changeMemberRole(
+      accountId: string,
+      email: string,
+      role: AssignableAccountRole
+    ): Promise<AccountMembership> {
+      return axios.patch(`${base}/${accountId}/members/${enc(email)}/role`, {
+        role,
+      });
+    },
+
+    async removeMember(
+      accountId: string,
+      email: string
+    ): Promise<{ removed: boolean }> {
+      return axios.delete(`${base}/${accountId}/members/${enc(email)}`);
+    },
+
+    async transferOwnership(
+      accountId: string,
+      email: string
+    ): Promise<{ transferred: boolean }> {
+      return axios.post(`${base}/${accountId}/transfer-ownership`, { email });
+    },
+
+    billing: {
+      async listPlans(accountId: string): Promise<AccountPlan[]> {
+        return axios.get(`${base}/${accountId}/billing/plans`);
+      },
+
+      async startCheckout(
+        accountId: string,
+        params: { plan_id: string; success_url: string; cancel_url: string }
+      ): Promise<CheckoutSession> {
+        return axios.post(`${base}/${accountId}/billing/checkout`, params);
+      },
+    },
+  };
+}

src/modules/accounts.types.ts

@@ -0,0 +1,124 @@
+/**
+ * Types for the {@link AccountsModule | accounts} module (multi-tenancy).
+ *
+ * An Account groups the app's end-users into an isolated tenant (a company,
+ * team, or organization). Users join accounts via membership and act inside one
+ * active account at a time. Account-scoped entities are transparently isolated
+ * to the active account (carried by the `X-Active-Account-Id` header, derived
+ * from the `/<account_id>/...` URL path).
+ */
+
+/** Account-management role. Distinct from the app's business roles. */
+export type AccountRole = "owner" | "admin" | "member";
+
+/** Assignable (non-owner) role used for invites/role changes. */
+export type AssignableAccountRole = "admin" | "member";
+
+export type AccountStatus = "active" | "suspended";
+export type AccountMembershipStatus = "pending" | "active";
+
+/** An account (tenant) within the app. */
+export interface Account {
+  id: string;
+  app_id: string;
+  name: string;
+  status: AccountStatus;
+  plan_id?: string | null;
+  billing_status?: string;
+  /** The current user's role in this account (present on `listMine()` results). */
+  my_role?: AccountRole;
+  /** Builder-defined custom fields. */
+  data?: Record<string, unknown>;
+  created_date?: string;
+}
+
+/** The accounts the current user belongs to, plus the active one. */
+export interface MyAccountsResponse {
+  accounts: Account[];
+  active_account_id: string | null;
+}
+
+/** A user's membership in an account. */
+export interface AccountMembership {
+  id: string;
+  account_id: string;
+  email: string;
+  role: AccountRole;
+  status: AccountMembershipStatus;
+}
+
+/** A subscription plan/tier offered to accounts. */
+export interface AccountPlan {
+  id: string;
+  name: string;
+  description?: string | null;
+  price_amount: number;
+  currency: string;
+  interval: "month" | "year";
+  is_active: boolean;
+}
+
+/** A provider checkout session. */
+export interface CheckoutSession {
+  url: string;
+  session_id: string;
+}
+
+/**
+ * The accounts module — manage multi-tenancy ("Accounts") from inside the app.
+ *
+ * Access via `base44.accounts`. Available when the app has multi-tenancy enabled.
+ */
+export interface AccountsModule {
+  /** The active account id, read from the current URL path (or `undefined`). */
+  getActiveAccountId(): string | undefined;
+  /**
+   * Switch the active account by navigating to its folder (`/<accountId>/...`).
+   * A full navigation re-roots the app so all data follows the new account.
+   * @param accountId - The account to switch to.
+   * @param subPath - Optional in-account route to land on (defaults to the root).
+   */
+  switchAccount(accountId: string, subPath?: string): void;
+  /** List the accounts the current user belongs to, plus the active one. */
+  listMine(): Promise<MyAccountsResponse>;
+  /** Create a new account; the current user becomes its owner. */
+  create(params: { name: string; data?: Record<string, unknown> }): Promise<Account>;
+  /** Rename and/or update an account's custom fields (managers only). */
+  update(
+    accountId: string,
+    params: { name?: string; data?: Record<string, unknown> }
+  ): Promise<Account>;
+  /** List an account's members (any active member). */
+  listMembers(accountId: string): Promise<AccountMembership[]>;
+  /** Invite a user by email to an account (managers only). */
+  invite(
+    accountId: string,
+    email: string,
+    role?: AssignableAccountRole
+  ): Promise<AccountMembership>;
+  /** Accept a pending invite to an account for the current user. */
+  acceptInvite(accountId: string): Promise<AccountMembership>;
+  /** Change a member's role (managers only; not for the owner). */
+  changeMemberRole(
+    accountId: string,
+    email: string,
+    role: AssignableAccountRole
+  ): Promise<AccountMembership>;
+  /** Remove a member from an account (managers only; not the owner). */
+  removeMember(accountId: string, email: string): Promise<{ removed: boolean }>;
+  /** Transfer ownership to another active member (owner only). */
+  transferOwnership(
+    accountId: string,
+    email: string
+  ): Promise<{ transferred: boolean }>;
+  /** Per-account billing. */
+  billing: {
+    /** List the active plans available to this account. */
+    listPlans(accountId: string): Promise<AccountPlan[]>;
+    /** Start a subscription checkout session for a plan. */
+    startCheckout(
+      accountId: string,
+      params: { plan_id: string; success_url: string; cancel_url: string }
+    ): Promise<CheckoutSession>;
+  };
+}

src/utils/axios-client.ts

@@ -1,5 +1,5 @@
 import axios from "axios";
-import { isInIFrame } from "./common.js";
+import { getActiveAccountIdFromPath, isInIFrame } from "./common.js";
 import { v4 as uuidv4 } from "uuid";
 import type { Base44ErrorJSON } from "./axios-client.types.js";
 
@@ -176,6 +176,15 @@ export function createAxiosClient({
   client.interceptors.request.use((config) => {
     if (typeof window !== "undefined") {
       config.headers.set("X-Origin-URL", window.location.href);
+      // Multi-tenancy: forward the active account (from the URL path) per request
+      // so account-scoped reads/writes stay isolated to the current tenant even
+      // after a client-side account switch. The path is the canonical source, so
+      // it overrides any stale default header (e.g. one frozen at module load);
+      // no-op for single-tenant apps (no account segment in the path).
+      const activeAccountId = getActiveAccountIdFromPath();
+      if (activeAccountId) {
+        config.headers.set("X-Active-Account-Id", activeAccountId);
+      }
     }
     const requestId = uuidv4();
     (config as any).requestId = requestId;

src/utils/common.ts

@@ -1,6 +1,20 @@
 export const isNode = typeof window === "undefined";
 export const isInIFrame = !isNode && window.self !== window.top;
 
+// Multi-tenancy: apps are served under `/<account_id>/<route>` where the first
+// path segment is a 24-hex Mongo ObjectId. Read it at request time so the active
+// account is always current — even after client-side (Link/useNavigate) account
+// switches that don't reload the module.
+const ACCOUNT_ID_RE = /^[a-f0-9]{24}$/;
+
+export function getActiveAccountIdFromPath(): string | undefined {
+  if (isNode) return undefined;
+  const firstSegment = window.location.pathname.split("/").filter(Boolean)[0];
+  return firstSegment && ACCOUNT_ID_RE.test(firstSegment)
+    ? firstSegment
+    : undefined;
+}
+
 export const generateUuid = () => {
   return (
     Math.random().toString(36).substring(2, 15) +

tests/unit/accounts.test.ts

@@ -0,0 +1,58 @@
+import { describe, test, expect, beforeEach, afterEach } from "vitest";
+import nock from "nock";
+import { createClient } from "../../src/index.ts";
+
+describe("Accounts module", () => {
+  const appId = "test-app-id";
+  const serverUrl = "https://base44.app";
+  const ACCT = "a".repeat(24);
+  let base44: ReturnType<typeof createClient>;
+  let scope: nock.Scope;
+
+  beforeEach(() => {
+    base44 = createClient({ serverUrl, appId });
+    scope = nock(serverUrl);
+  });
+
+  afterEach(() => {
+    nock.cleanAll();
+  });
+
+  test("listMine GETs /accounts/me", async () => {
+    const payload = { accounts: [{ id: ACCT, name: "Acme", my_role: "owner" }], active_account_id: ACCT };
+    scope.get(`/api/apps/${appId}/accounts/me`).reply(200, payload);
+    const res = await base44.accounts.listMine();
+    expect(res).toEqual(payload);
+    expect(scope.isDone()).toBe(true);
+  });
+
+  test("create POSTs the account name", async () => {
+    scope.post(`/api/apps/${appId}/accounts`, { name: "Acme" }).reply(200, { id: ACCT, name: "Acme" });
+    const res = await base44.accounts.create({ name: "Acme" });
+    expect(res.id).toBe(ACCT);
+    expect(scope.isDone()).toBe(true);
+  });
+
+  test("invite POSTs email + role and url-encodes member email on role change", async () => {
+    scope.post(`/api/apps/${appId}/accounts/${ACCT}/invites`, { email: "a@b.com", role: "admin" }).reply(200, {});
+    await base44.accounts.invite(ACCT, "a@b.com", "admin");
+    scope.patch(`/api/apps/${appId}/accounts/${ACCT}/members/a%2Bx%40b.com/role`, { role: "member" }).reply(200, {});
+    await base44.accounts.changeMemberRole(ACCT, "a+x@b.com", "member");
+    expect(scope.isDone()).toBe(true);
+  });
+
+  test("billing.listPlans GETs the account plans", async () => {
+    scope.get(`/api/apps/${appId}/accounts/${ACCT}/billing/plans`).reply(200, []);
+    const res = await base44.accounts.billing.listPlans(ACCT);
+    expect(res).toEqual([]);
+    expect(scope.isDone()).toBe(true);
+  });
+
+  // The active-account behavior (getActiveAccountId + the per-request
+  // X-Active-Account-Id header) is browser-only — `getActiveAccountIdFromPath`
+  // is gated on a module-load `typeof window` check, so it is exercised in the
+  // browser/app context, not this node-environment test suite.
+  test("getActiveAccountId returns undefined outside a browser", () => {
+    expect(base44.accounts.getActiveAccountId()).toBeUndefined();
+  });
+});