base44 · netanelgilad · Mar 18, 2026 · Mar 18, 2026 · Mar 18, 2026
diff --git a/skills/base44-sdk/SKILL.md b/skills/base44-sdk/SKILL.md
@@ -133,10 +133,11 @@ Base44 SDK has unique method names. Do NOT assume patterns from Firebase, Supaba
 | `agents` | AI conversations and messages | [base44-agents.md](references/base44-agents.md) |
 | `functions` | Backend function invocation | [functions.md](references/functions.md) |
 | `integrations` | AI, email, file uploads, custom APIs | [integrations.md](references/integrations.md) |
-| `connectors` | OAuth tokens (service role only) | [connectors.md](references/connectors.md) |
 | `analytics` | Track custom events and user activity | [analytics.md](references/analytics.md) |
 | `appLogs` | Log user activity in app | [app-logs.md](references/app-logs.md) |
 | `users` | Invite users to the app | [users.md](references/users.md) |
+| `asServiceRole.connectors` | App-scoped OAuth tokens (service role only) | [connectors.md](references/connectors.md) |
+| `asServiceRole.sso` | SSO token generation (service role only) | [sso.md](references/sso.md) |
 
 For client setup and authentication modes, see [client.md](references/client.md).
 
@@ -220,7 +221,7 @@ const base44 = createClient({
 - Send emails → `integrations.Core.SendEmail()`
 - Upload files → `integrations.Core.UploadFile()`
 - Custom APIs → `integrations.custom.call()`
-- OAuth tokens (Google, Slack) → `connectors` (backend only)
+- App-scoped OAuth (app builder's account) → `asServiceRole.connectors.getConnection()` (backend only)
 
 **Tracking and analytics?**
 - Track custom events → `analytics.track()`
@@ -292,11 +293,13 @@ const token = await base44.asServiceRole.connectors.getAccessToken("slack");
 | `auth` | Yes | Yes |
 | `agents` | Yes | Yes |
 | `functions.invoke()` | Yes | Yes |
+| `functions.fetch()` | Yes | Yes |
 | `integrations` | Yes | Yes |
 | `analytics` | Yes | Yes |
 | `appLogs` | Yes | Yes |
 | `users` | Yes | Yes |
 | `asServiceRole.*` | No | Yes |
-| `connectors` | No | Yes |
+| `asServiceRole.connectors` (app OAuth) | No | Yes |
+| `asServiceRole.sso` | No | Yes |
 
 Backend functions use `Deno.serve()` and `createClientFromRequest(req)` to get a properly authenticated client.
diff --git a/skills/base44-sdk/references/QUICK_REFERENCE.md b/skills/base44-sdk/references/QUICK_REFERENCE.md
@@ -35,10 +35,12 @@ list(sort?, limit?, skip?, fields?) → Promise<Pick<T, K>[]>
 filter(query, sort?, limit?, skip?, fields?) → Promise<Pick<T, K>[]>
 get(id) → Promise<T>
 update(id, data) → Promise<T>
+updateMany(query, mongoUpdateOp) → Promise<UpdateManyResult>   // e.g. { $set: { field: val } }
+bulkUpdate(dataArray) → Promise<T[]>                           // each item must have id
 delete(id) → Promise<DeleteResult>
 deleteMany(query) → Promise<DeleteManyResult>
-importEntities(file) → Promise<ImportResult<T>>   // frontend only
-subscribe(callback) → () => void                  // returns unsubscribe fn
+importEntities(file) → Promise<ImportResult<T>>                // frontend only
+subscribe(callback) → () => void                               // returns unsubscribe fn
 ```
 
 **Sort:** Use `SortField<T>`: `-fieldName` for descending (e.g., `-created_date`). Max 5,000 per request for list/filter.
@@ -49,6 +51,7 @@ subscribe(callback) → () => void                  // returns unsubscribe fn
 
 ```
 invoke(functionName, data?) → Promise<any>
+fetch(path, init?) → Promise<Response>   // low-level, for streaming/custom methods
 ```
 
 **Backend:** Use `base44.asServiceRole.functions.invoke()` for admin access.
@@ -89,6 +92,8 @@ track({eventName, properties?}) → void
 
 ```
 logUserInApp(pageName) → Promise<void>
+fetchLogs(params?) → Promise<any>
+getStats(params?) → Promise<any>
 ```
 
 ---
@@ -101,26 +106,38 @@ inviteUser(userEmail, role) → Promise<any>    // role: 'user' | 'admin'
 
 ---
 
-## Connectors (`base44.asServiceRole.connectors.*`)
+## Service Role Connectors (`base44.asServiceRole.connectors.*`)
 
-**Backend only, service role required.**
+**Backend only, service role required.** App-scoped (shared account).
 
 ```
-getAccessToken(integrationType) → Promise<string>
+getConnection(integrationType) → Promise<{accessToken, connectionConfig}>   // recommended
+getAccessToken(integrationType) → Promise<string>                           // deprecated
 ```
 
 **Types:** Run `npx base44 connectors list-available` to see all available integration types.
 
 ---
 
+## SSO (`base44.asServiceRole.sso.*`)
+
+**Backend only, service role required.**
+
+```
+getAccessToken(userId) → Promise<{access_token}>
+```
+
+---
+
 ## Service Role Access
 
 **Backend functions only.** Prefix any module with `asServiceRole` for admin access:
 
 ```javascript
 base44.asServiceRole.entities.Task.list()
 base44.asServiceRole.functions.invoke('name', data)
-base44.asServiceRole.connectors.getAccessToken('slack')
+base44.asServiceRole.connectors.getConnection('slack')
+base44.asServiceRole.sso.getAccessToken(userId)
 ```
 
 ---

diff --git a/skills/base44-sdk/references/app-logs.md b/skills/base44-sdk/references/app-logs.md
@@ -12,6 +12,8 @@ Log user activity in your app via `base44.appLogs`.
 | Method | Signature | Description |
 |--------|-----------|-------------|
 | `logUserInApp(pageName)` | `Promise<void>` | Log user activity on a page |
+| `fetchLogs(params?)` | `Promise<any>` | Fetch app logs with optional filter parameters |
+| `getStats(params?)` | `Promise<any>` | Get app usage statistics |
 
 ## Examples
 
@@ -57,6 +59,32 @@ function handleSettingsChange() {
 }
 ```
 
+### Fetch Logs
+
+```javascript
+// Fetch all logs
+const logs = await base44.appLogs.fetchLogs();
+
+// Fetch logs with filters
+const recentLogs = await base44.appLogs.fetchLogs({
+  limit: 50,
+  page: "/dashboard"
+});
+```
+
+### Get Stats
+
+```javascript
+// Get usage statistics for the app
+const stats = await base44.appLogs.getStats();
+
+// Get stats with date range params
+const weekStats = await base44.appLogs.getStats({
+  from: "2024-01-01",
+  to: "2024-01-07"
+});
+```
+
 ## Notes
 
 - Logs appear in the Analytics page of your app dashboard
@@ -74,5 +102,19 @@ interface AppLogsModule {
    * @returns Promise that resolves when the log is recorded.
    */
   logUserInApp(pageName: string): Promise<void>;
+
+  /**
+   * Fetch app logs with optional filter parameters.
+   * @param params - Optional filter parameters (e.g., limit, page name, date range).
+   * @returns Promise resolving to the logs data.
+   */
+  fetchLogs(params?: Record<string, any>): Promise<any>;
+
+  /**
+   * Get app usage statistics.
+   * @param params - Optional filter parameters (e.g., date range).
+   * @returns Promise resolving to the statistics data.
+   */
+  getStats(params?: Record<string, any>): Promise<any>;
 }
 ```
diff --git a/skills/base44-sdk/references/client.md b/skills/base44-sdk/references/client.md
@@ -131,6 +131,7 @@ base44.agents        // AI conversations
 base44.analytics     // Event tracking
 base44.appLogs       // App usage logging
 base44.auth          // Authentication
+base44.connectors    // Per-user OAuth flows (UserConnectorsModule)
 base44.entities      // CRUD operations
 base44.functions     // Backend function invocation
 base44.integrations  // Third-party services
@@ -139,10 +140,11 @@ base44.users         // User invitations
 // Service role only (backend)
 base44.asServiceRole.agents
 base44.asServiceRole.appLogs
-base44.asServiceRole.connectors
+base44.asServiceRole.connectors  // App-scoped OAuth tokens (ConnectorsModule)
 base44.asServiceRole.entities
 base44.asServiceRole.functions
 base44.asServiceRole.integrations
+base44.asServiceRole.sso         // SSO token generation
 ```
 
 ## Client Methods
@@ -243,14 +245,20 @@ interface Base44Client {
   /** Sets a new authentication token for all subsequent requests. */
   setToken(newToken: string): void;
 
+  /** Per-user OAuth flows. Each end user has their own connection. */
+  connectors: UserConnectorsModule;
+
   /** Provides access to modules with elevated service role permissions (backend only). */
   readonly asServiceRole: {
     agents: AgentsModule;
     appLogs: AppLogsModule;
+    /** App-scoped OAuth tokens. All users share the same connected account. */
     connectors: ConnectorsModule;
     entities: EntitiesModule;
     functions: FunctionsModule;
     integrations: IntegrationsModule;
+    /** SSO token generation for users. */
+    sso: SsoModule;
     cleanup(): void;
   };
 }