factpulse 4.0.2 → 4.1.2

data/lib/factpulse/api/client_management_api.rb

@@ -1,12 +1,12 @@
 =begin
 #FactPulse REST API
 
-# REST API for electronic invoicing in France: Factur-X, AFNOR PDP/PA, electronic signatures.  ## 🎯 Main Features  ### 📄 Factur-X - Generation - **Formats**: XML only or PDF/A-3 with embedded XML - **Profiles**: MINIMUM, BASIC, EN16931, EXTENDED - **Standards**: EN 16931 (EU directive 2014/55), ISO 19005-3 (PDF/A-3), CII (UN/CEFACT) - **🆕 Simplified Format**: Generation from SIRET + auto-enrichment (Chorus Pro API + Business Search)  ### ✅ Factur-X - Validation - **XML Validation**: Schematron (45 to 210+ rules depending on profile) - **PDF Validation**: PDF/A-3, Factur-X XMP metadata - **VeraPDF**: Strict PDF/A validation (146+ ISO 19005-3 rules)  ### ✍️ Electronic Signature - **Standards**: PAdES-B-B, PAdES-B-T (RFC 3161 timestamping), PAdES-B-LT (long-term archival) - **eIDAS Levels**: SES (self-signed), AdES (commercial CA), QES (QTSP) - **Validation**: Cryptographic integrity and certificate verification  ### 📋 Flux 6 - Invoice Lifecycle (CDAR) - **CDAR Messages**: Acknowledgements, invoice statuses - **PPF Statuses**: REFUSED (210), PAID (212)  ### 📊 Flux 10 - E-Reporting - **Tax Declarations**: International B2B, B2C - **Flow Types**: 10.1 (B2B transactions), 10.2 (B2B payments), 10.3 (B2C transactions), 10.4 (B2C payments)  ### 📡 AFNOR PDP/PA (XP Z12-013) - **Flow Service**: Submit and search flows to PDPs - **Directory Service**: Company search (SIREN/SIRET) - **Multi-client**: Support for multiple PDP configs per user  ### 🏛️ Chorus Pro - **Public Sector Invoicing**: Complete API for Chorus Pro  ### ⏳ Async Tasks - **Celery**: Asynchronous generation, validation and signing - **Polling**: Status tracking via `/tasks/{task_id}/status` - **Webhooks**: Automatic notifications when tasks complete  ## 🔒 Authentication  All requests require a **JWT token** in the Authorization header: ``` Authorization: Bearer YOUR_JWT_TOKEN ```  ### How to obtain a JWT token?  #### 🔑 Method 1: `/api/token/` API (Recommended)  **URL:** `https://factpulse.fr/api/token/`  This method is **recommended** for integration in your applications and CI/CD workflows.  **Prerequisites:** Having set a password on your account  **For users registered via email/password:** - You already have a password, use it directly  **For users registered via OAuth (Google/GitHub):** - You must first set a password at: https://factpulse.fr/accounts/password/set/ - Once the password is created, you can use the API  **Request example:** ```bash curl -X POST https://factpulse.fr/api/token/ \\   -H \"Content-Type: application/json\" \\   -d '{     \"username\": \"your_email@example.com\",     \"password\": \"your_password\"   }' ```  **Optional `client_uid` parameter:**  To select credentials for a specific client (PA/PDP, Chorus Pro, signing certificates), add `client_uid`:  ```bash curl -X POST https://factpulse.fr/api/token/ \\   -H \"Content-Type: application/json\" \\   -d '{     \"username\": \"your_email@example.com\",     \"password\": \"your_password\",     \"client_uid\": \"550e8400-e29b-41d4-a716-446655440000\"   }' ```  The `client_uid` will be included in the JWT and allow the API to automatically use: - AFNOR/PDP credentials configured for this client - Chorus Pro credentials configured for this client - Electronic signature certificates configured for this client  **Response:** ```json {   \"access\": \"eyJ0eXAiOiJKV1QiLCJhbGc...\",  // Access token (validity: 30 min)   \"refresh\": \"eyJ0eXAiOiJKV1QiLCJhbGc...\"  // Refresh token (validity: 7 days) } ```  **Advantages:** - ✅ Full automation (CI/CD, scripts) - ✅ Programmatic token management - ✅ Refresh token support for automatic access renewal - ✅ Easy integration in any language/tool  #### 🖥️ Method 2: Dashboard Generation (Alternative)  **URL:** https://factpulse.fr/api/dashboard/  This method is suitable for quick tests or occasional use via the graphical interface.  **How it works:** - Log in to the dashboard - Use the \"Generate Test Token\" or \"Generate Production Token\" buttons - Works for **all** users (OAuth and email/password), without requiring a password  **Token types:** - **Test Token**: 24h validity, 1000 calls/day quota (free) - **Production Token**: 7 days validity, quota based on your plan  **Advantages:** - ✅ Quick for API testing - ✅ No password required - ✅ Simple visual interface  **Disadvantages:** - ❌ Requires manual action - ❌ No refresh token - ❌ Less suited for automation  ### 📚 Full Documentation  For more information on authentication and API usage: https://factpulse.fr/documentation-api/     
+# REST API for electronic invoicing in France: Factur-X (CII), UBL 2.1, AFNOR PDP/PA, electronic signatures.  ## 🎯 Main Features  ### 📄 Invoice Generation - **Formats**: CII XML, UBL 2.1 XML, or Factur-X PDF/A-3 - **Profiles** (CII/PDF): MINIMUM, BASIC, EN16931, EXTENDED - **UBL**: Always EN16931 compliant - **Standards**: EN 16931 (EU directive 2014/55), ISO 19005-3 (PDF/A-3), CII (UN/CEFACT), UBL 2.1 (OASIS) - **Simplified Format**: Generation from SIRET + auto-enrichment (Chorus Pro API + Business Search)  ### ✅ Factur-X - Validation - **XML Validation**: Schematron (45 to 210+ rules depending on profile) - **PDF Validation**: PDF/A-3, Factur-X XMP metadata - **VeraPDF**: Strict PDF/A validation (146+ ISO 19005-3 rules)  ### ✍️ Electronic Signature - **Standards**: PAdES-B-B, PAdES-B-T (RFC 3161 timestamping), PAdES-B-LT (long-term archival) - **eIDAS Levels**: SES (self-signed), AdES (commercial CA), QES (QTSP) - **Validation**: Cryptographic integrity and certificate verification  ### 📋 Flux 6 - Invoice Lifecycle (CDAR) - **CDAR Messages**: Acknowledgements, invoice statuses - **PPF Statuses**: REFUSED (210), PAID (212)  ### 📊 Flux 10 - E-Reporting - **Tax Declarations**: International B2B, B2C - **Flow Types**: 10.1 (B2B transactions), 10.2 (B2B payments), 10.3 (B2C transactions), 10.4 (B2C payments)  ### 📡 AFNOR PDP/PA (XP Z12-013) - **Flow Service**: Submit and search flows to PDPs - **Directory Service**: Company search (SIREN/SIRET) - **Multi-client**: Support for multiple PDP configs per user  ### 🏛️ Chorus Pro - **Public Sector Invoicing**: Complete API for Chorus Pro  ### ⏳ Async Tasks - **Celery**: Asynchronous generation, validation and signing - **Polling**: Status tracking via `/tasks/{task_id}/status` - **Webhooks**: Automatic notifications when tasks complete  ## 🔒 Authentication  All requests require a **JWT token** in the Authorization header: ``` Authorization: Bearer YOUR_JWT_TOKEN ```  ### How to obtain a JWT token?  #### 🔑 Method 1: `/api/token/` API (Recommended)  **URL:** `https://factpulse.fr/api/token/`  This method is **recommended** for integration in your applications and CI/CD workflows.  **Prerequisites:** Having set a password on your account  **For users registered via email/password:** - You already have a password, use it directly  **For users registered via OAuth (Google/GitHub):** - You must first set a password at: https://factpulse.fr/accounts/password/set/ - Once the password is created, you can use the API  **Request example:** ```bash curl -X POST https://factpulse.fr/api/token/ \\   -H \"Content-Type: application/json\" \\   -d '{     \"username\": \"your_email@example.com\",     \"password\": \"your_password\"   }' ```  **Optional `client_uid` parameter:**  To select credentials for a specific client (PA/PDP, Chorus Pro, signing certificates), add `client_uid`:  ```bash curl -X POST https://factpulse.fr/api/token/ \\   -H \"Content-Type: application/json\" \\   -d '{     \"username\": \"your_email@example.com\",     \"password\": \"your_password\",     \"client_uid\": \"550e8400-e29b-41d4-a716-446655440000\"   }' ```  The `client_uid` will be included in the JWT and allow the API to automatically use: - AFNOR/PDP credentials configured for this client - Chorus Pro credentials configured for this client - Electronic signature certificates configured for this client  **Response:** ```json {   \"access\": \"eyJ0eXAiOiJKV1QiLCJhbGc...\",  // Access token (validity: 30 min)   \"refresh\": \"eyJ0eXAiOiJKV1QiLCJhbGc...\"  // Refresh token (validity: 7 days) } ```  **Advantages:** - ✅ Full automation (CI/CD, scripts) - ✅ Programmatic token management - ✅ Refresh token support for automatic access renewal - ✅ Easy integration in any language/tool  #### 🖥️ Method 2: Dashboard Generation (Alternative)  **URL:** https://factpulse.fr/api/dashboard/  This method is suitable for quick tests or occasional use via the graphical interface.  **How it works:** - Log in to the dashboard - Use the \"Generate Test Token\" or \"Generate Production Token\" buttons - Works for **all** users (OAuth and email/password), without requiring a password  **Token types:** - **Test Token**: 24h validity, 1000 calls/day quota (free) - **Production Token**: 7 days validity, quota based on your plan  **Advantages:** - ✅ Quick for API testing - ✅ No password required - ✅ Simple visual interface  **Disadvantages:** - ❌ Requires manual action - ❌ No refresh token - ❌ Less suited for automation  ### 📚 Full Documentation  For more information on authentication and API usage: https://factpulse.fr/documentation-api/     
 
 The version of the OpenAPI document: 1.0.0
 Contact: contact@factpulse.fr
 Generated by: https://openapi-generator.tech
-Generator version: 7.20.0-SNAPSHOT
+Generator version: 7.21.0-SNAPSHOT
 
 =end
 
@@ -21,7 +21,7 @@ module FactPulse
     end
     # Activate a client
     # Activate a deactivated client.  **Scope**: Client level (JWT with client_uid that must match {uid})
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param [Hash] opts the optional parameters
     # @return [ClientActivateResponse]
     def activate_client_api_v1_clients_uid_activer_post(uid, opts = {})
@@ -31,7 +31,7 @@ module FactPulse
 
     # Activate a client
     # Activate a deactivated client.  **Scope**: Client level (JWT with client_uid that must match {uid})
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param [Hash] opts the optional parameters
     # @return [Array<(ClientActivateResponse, Integer, Hash)>] ClientActivateResponse data, response status code and response headers
     def activate_client_api_v1_clients_uid_activer_post_with_http_info(uid, opts = {})
@@ -63,7 +63,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'ClientActivateResponse'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"ClientManagementApi.activate_client_api_v1_clients_uid_activer_post",
@@ -131,7 +131,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'ClientDetail'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"ClientManagementApi.create_client_api_v1_clients_post",
@@ -152,7 +152,7 @@ module FactPulse
 
     # Deactivate a client
     # Deactivate an active client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Note**: A deactivated client cannot be used for API calls (AFNOR, Chorus Pro, etc.).
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param [Hash] opts the optional parameters
     # @return [ClientActivateResponse]
     def deactivate_client_api_v1_clients_uid_desactiver_post(uid, opts = {})
@@ -162,7 +162,7 @@ module FactPulse
 
     # Deactivate a client
     # Deactivate an active client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Note**: A deactivated client cannot be used for API calls (AFNOR, Chorus Pro, etc.).
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param [Hash] opts the optional parameters
     # @return [Array<(ClientActivateResponse, Integer, Hash)>] ClientActivateResponse data, response status code and response headers
     def deactivate_client_api_v1_clients_uid_desactiver_post_with_http_info(uid, opts = {})
@@ -194,7 +194,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'ClientActivateResponse'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"ClientManagementApi.deactivate_client_api_v1_clients_uid_desactiver_post",
@@ -213,9 +213,135 @@ module FactPulse
       return data, status_code, headers
     end
 
+    # Delete webhook secret
+    # Delete the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **After deletion**: Webhooks for this client will use the global server key for HMAC signature instead of a client-specific key.
+    # @param uid [String] Client unique identifier (UUID)
+    # @param [Hash] opts the optional parameters
+    # @return [WebhookSecretDeleteResponse]
+    def delete_webhook_secret_api_v1_clients_uid_webhook_secret_delete(uid, opts = {})
+      data, _status_code, _headers = delete_webhook_secret_api_v1_clients_uid_webhook_secret_delete_with_http_info(uid, opts)
+      data
+    end
+
+    # Delete webhook secret
+    # Delete the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **After deletion**: Webhooks for this client will use the global server key for HMAC signature instead of a client-specific key.
+    # @param uid [String] Client unique identifier (UUID)
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(WebhookSecretDeleteResponse, Integer, Hash)>] WebhookSecretDeleteResponse data, response status code and response headers
+    def delete_webhook_secret_api_v1_clients_uid_webhook_secret_delete_with_http_info(uid, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ClientManagementApi.delete_webhook_secret_api_v1_clients_uid_webhook_secret_delete ...'
+      end
+      # verify the required parameter 'uid' is set
+      if @api_client.config.client_side_validation && uid.nil?
+        fail ArgumentError, "Missing the required parameter 'uid' when calling ClientManagementApi.delete_webhook_secret_api_v1_clients_uid_webhook_secret_delete"
+      end
+      # resource path
+      local_var_path = '/api/v1/clients/{uid}/webhook-secret'.sub('{' + 'uid' + '}', CGI.escape(uid.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'WebhookSecretDeleteResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ClientManagementApi.delete_webhook_secret_api_v1_clients_uid_webhook_secret_delete",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ClientManagementApi#delete_webhook_secret_api_v1_clients_uid_webhook_secret_delete\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Generate webhook secret
+    # Generate or regenerate the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Important**: Save the returned secret immediately - it will never be shown again. The secret is used to sign webhooks sent by the server (HMAC-SHA256).  **If a secret already exists**: It will be replaced by the new one.
+    # @param uid [String] Client unique identifier (UUID)
+    # @param [Hash] opts the optional parameters
+    # @return [WebhookSecretGenerateResponse]
+    def generate_webhook_secret_api_v1_clients_uid_webhook_secret_generate_post(uid, opts = {})
+      data, _status_code, _headers = generate_webhook_secret_api_v1_clients_uid_webhook_secret_generate_post_with_http_info(uid, opts)
+      data
+    end
+
+    # Generate webhook secret
+    # Generate or regenerate the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Important**: Save the returned secret immediately - it will never be shown again. The secret is used to sign webhooks sent by the server (HMAC-SHA256).  **If a secret already exists**: It will be replaced by the new one.
+    # @param uid [String] Client unique identifier (UUID)
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(WebhookSecretGenerateResponse, Integer, Hash)>] WebhookSecretGenerateResponse data, response status code and response headers
+    def generate_webhook_secret_api_v1_clients_uid_webhook_secret_generate_post_with_http_info(uid, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ClientManagementApi.generate_webhook_secret_api_v1_clients_uid_webhook_secret_generate_post ...'
+      end
+      # verify the required parameter 'uid' is set
+      if @api_client.config.client_side_validation && uid.nil?
+        fail ArgumentError, "Missing the required parameter 'uid' when calling ClientManagementApi.generate_webhook_secret_api_v1_clients_uid_webhook_secret_generate_post"
+      end
+      # resource path
+      local_var_path = '/api/v1/clients/{uid}/webhook-secret/generate'.sub('{' + 'uid' + '}', CGI.escape(uid.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'WebhookSecretGenerateResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ClientManagementApi.generate_webhook_secret_api_v1_clients_uid_webhook_secret_generate_post",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ClientManagementApi#generate_webhook_secret_api_v1_clients_uid_webhook_secret_generate_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Get client details
     # Get details of a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Security**: If the JWT contains a client_uid, it must match the {uid} in the URL, otherwise a 403 error is returned.
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param [Hash] opts the optional parameters
     # @return [ClientDetail]
     def get_client_api_v1_clients_uid_get(uid, opts = {})
@@ -225,7 +351,7 @@ module FactPulse
 
     # Get client details
     # Get details of a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Security**: If the JWT contains a client_uid, it must match the {uid} in the URL, otherwise a 403 error is returned.
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param [Hash] opts the optional parameters
     # @return [Array<(ClientDetail, Integer, Hash)>] ClientDetail data, response status code and response headers
     def get_client_api_v1_clients_uid_get_with_http_info(uid, opts = {})
@@ -257,7 +383,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'ClientDetail'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"ClientManagementApi.get_client_api_v1_clients_uid_get",
@@ -278,7 +404,7 @@ module FactPulse
 
     # Get client PDP configuration
     # Get the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Security**: The client secret is never returned. Only a status (`secretStatus`) indicates whether a secret is configured.  **Response**: - If configured: all config details (URLs, client_id, secret status) - If not configured: `isConfigured: false` with a message
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param [Hash] opts the optional parameters
     # @return [PDPConfigResponse]
     def get_pdp_config_api_v1_clients_uid_pdp_config_get(uid, opts = {})
@@ -288,7 +414,7 @@ module FactPulse
 
     # Get client PDP configuration
     # Get the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Security**: The client secret is never returned. Only a status (&#x60;secretStatus&#x60;) indicates whether a secret is configured.  **Response**: - If configured: all config details (URLs, client_id, secret status) - If not configured: &#x60;isConfigured: false&#x60; with a message
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param [Hash] opts the optional parameters
     # @return [Array<(PDPConfigResponse, Integer, Hash)>] PDPConfigResponse data, response status code and response headers
     def get_pdp_config_api_v1_clients_uid_pdp_config_get_with_http_info(uid, opts = {})
@@ -320,7 +446,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'PDPConfigResponse'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"ClientManagementApi.get_pdp_config_api_v1_clients_uid_pdp_config_get",
@@ -339,6 +465,69 @@ module FactPulse
       return data, status_code, headers
     end
 
+    # Get webhook secret status
+    # Check if a webhook secret is configured for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Response**: - `hasSecret`: Whether a webhook secret is configured - `createdAt`: When the secret was created (if exists)  **Note**: The secret value is never returned, only its status.
+    # @param uid [String] Client unique identifier (UUID)
+    # @param [Hash] opts the optional parameters
+    # @return [WebhookSecretStatusResponse]
+    def get_webhook_secret_status_api_v1_clients_uid_webhook_secret_status_get(uid, opts = {})
+      data, _status_code, _headers = get_webhook_secret_status_api_v1_clients_uid_webhook_secret_status_get_with_http_info(uid, opts)
+      data
+    end
+
+    # Get webhook secret status
+    # Check if a webhook secret is configured for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Response**: - &#x60;hasSecret&#x60;: Whether a webhook secret is configured - &#x60;createdAt&#x60;: When the secret was created (if exists)  **Note**: The secret value is never returned, only its status.
+    # @param uid [String] Client unique identifier (UUID)
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(WebhookSecretStatusResponse, Integer, Hash)>] WebhookSecretStatusResponse data, response status code and response headers
+    def get_webhook_secret_status_api_v1_clients_uid_webhook_secret_status_get_with_http_info(uid, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ClientManagementApi.get_webhook_secret_status_api_v1_clients_uid_webhook_secret_status_get ...'
+      end
+      # verify the required parameter 'uid' is set
+      if @api_client.config.client_side_validation && uid.nil?
+        fail ArgumentError, "Missing the required parameter 'uid' when calling ClientManagementApi.get_webhook_secret_status_api_v1_clients_uid_webhook_secret_status_get"
+      end
+      # resource path
+      local_var_path = '/api/v1/clients/{uid}/webhook-secret/status'.sub('{' + 'uid' + '}', CGI.escape(uid.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'WebhookSecretStatusResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ClientManagementApi.get_webhook_secret_status_api_v1_clients_uid_webhook_secret_status_get",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ClientManagementApi#get_webhook_secret_status_api_v1_clients_uid_webhook_secret_status_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # List clients
     # Paginated list of clients for the account.  **Scope**: Account level (JWT without client_uid)  **Pagination**: - `page`: Page number (default: 1) - `pageSize`: Page size (default: 20, max: 100)
     # @param [Hash] opts the optional parameters
@@ -395,7 +584,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'ClientListResponse'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"ClientManagementApi.list_clients_api_v1_clients_get",
@@ -414,9 +603,83 @@ module FactPulse
       return data, status_code, headers
     end
 
+    # Rotate client encryption key
+    # Rotate the client encryption key for all secrets in double encryption mode.  **Scope**: Client level (JWT with client_uid that must match {uid})  **What this does**: 1. Decrypts all secrets (PDP, Chorus Pro) using the old key 2. Re-encrypts them using the new key 3. Saves to database  **Important notes**: - Both keys must be base64-encoded AES-256 keys (32 bytes each) - The old key becomes invalid immediately after rotation - Only secrets encrypted with `encryptionMode: \"double\"` are affected - If the client has no double-encrypted secrets, returns 404  **Security**: - The old key must be valid (decryption is verified) - If decryption fails, rotation is aborted (atomic operation) - Neither key is logged or stored by the server
+    # @param uid [String] Client unique identifier (UUID)
+    # @param key_rotation_request [KeyRotationRequest] 
+    # @param [Hash] opts the optional parameters
+    # @return [KeyRotationResponse]
+    def rotate_encryption_key_api_v1_clients_uid_rotate_encryption_key_post(uid, key_rotation_request, opts = {})
+      data, _status_code, _headers = rotate_encryption_key_api_v1_clients_uid_rotate_encryption_key_post_with_http_info(uid, key_rotation_request, opts)
+      data
+    end
+
+    # Rotate client encryption key
+    # Rotate the client encryption key for all secrets in double encryption mode.  **Scope**: Client level (JWT with client_uid that must match {uid})  **What this does**: 1. Decrypts all secrets (PDP, Chorus Pro) using the old key 2. Re-encrypts them using the new key 3. Saves to database  **Important notes**: - Both keys must be base64-encoded AES-256 keys (32 bytes each) - The old key becomes invalid immediately after rotation - Only secrets encrypted with &#x60;encryptionMode: \&quot;double\&quot;&#x60; are affected - If the client has no double-encrypted secrets, returns 404  **Security**: - The old key must be valid (decryption is verified) - If decryption fails, rotation is aborted (atomic operation) - Neither key is logged or stored by the server
+    # @param uid [String] Client unique identifier (UUID)
+    # @param key_rotation_request [KeyRotationRequest] 
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(KeyRotationResponse, Integer, Hash)>] KeyRotationResponse data, response status code and response headers
+    def rotate_encryption_key_api_v1_clients_uid_rotate_encryption_key_post_with_http_info(uid, key_rotation_request, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ClientManagementApi.rotate_encryption_key_api_v1_clients_uid_rotate_encryption_key_post ...'
+      end
+      # verify the required parameter 'uid' is set
+      if @api_client.config.client_side_validation && uid.nil?
+        fail ArgumentError, "Missing the required parameter 'uid' when calling ClientManagementApi.rotate_encryption_key_api_v1_clients_uid_rotate_encryption_key_post"
+      end
+      # verify the required parameter 'key_rotation_request' is set
+      if @api_client.config.client_side_validation && key_rotation_request.nil?
+        fail ArgumentError, "Missing the required parameter 'key_rotation_request' when calling ClientManagementApi.rotate_encryption_key_api_v1_clients_uid_rotate_encryption_key_post"
+      end
+      # resource path
+      local_var_path = '/api/v1/clients/{uid}/rotate-encryption-key'.sub('{' + 'uid' + '}', CGI.escape(uid.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+          header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(key_rotation_request)
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'KeyRotationResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
+
+      new_options = opts.merge(
+        :operation => :"ClientManagementApi.rotate_encryption_key_api_v1_clients_uid_rotate_encryption_key_post",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ClientManagementApi#rotate_encryption_key_api_v1_clients_uid_rotate_encryption_key_post\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Update a client
     # Update client information (partial update).  **Scope**: Client level (JWT with client_uid that must match {uid})  **Updatable fields**: - `name`: Client name - `description`: Description - `siret`: SIRET (14 digits)  Only provided fields are updated.
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param client_update_request [ClientUpdateRequest] 
     # @param [Hash] opts the optional parameters
     # @return [ClientDetail]
@@ -427,7 +690,7 @@ module FactPulse
 
     # Update a client
     # Update client information (partial update).  **Scope**: Client level (JWT with client_uid that must match {uid})  **Updatable fields**: - &#x60;name&#x60;: Client name - &#x60;description&#x60;: Description - &#x60;siret&#x60;: SIRET (14 digits)  Only provided fields are updated.
-    # @param uid [String] 
+    # @param uid [String] Client unique identifier (UUID)
     # @param client_update_request [ClientUpdateRequest] 
     # @param [Hash] opts the optional parameters
     # @return [Array<(ClientDetail, Integer, Hash)>] ClientDetail data, response status code and response headers
@@ -469,7 +732,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'ClientDetail'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"ClientManagementApi.update_client_api_v1_clients_uid_patch",
@@ -489,10 +752,11 @@ module FactPulse
     end
 
     # Configure client PDP
-    # Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false)  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
-    # @param uid [String] 
+    # Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false) - `encryptionMode`: Encryption mode (default: \"fernet\")   - \"fernet\": Server-side encryption only   - \"double\": Client AES-256-GCM + Server Fernet (requires X-Encryption-Key header)  **Double Encryption Mode**: When `encryptionMode` is set to \"double\", you MUST also provide the `X-Encryption-Key` header containing a base64-encoded AES-256 key (32 bytes). This key is used to encrypt the `clientSecret` on the client side before the server encrypts it again with Fernet. The server cannot decrypt the secret without the client key.  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
+    # @param uid [String] Client unique identifier (UUID)
     # @param pdp_config_update_request [PDPConfigUpdateRequest] 
     # @param [Hash] opts the optional parameters
+    # @option opts [String] :x_encryption_key Client encryption key for double encryption mode. Must be a base64-encoded AES-256 key (32 bytes). Required only when accessing resources encrypted with encryption_mode&#x3D;&#39;double&#39;.
     # @return [PDPConfigResponse]
     def update_pdp_config_api_v1_clients_uid_pdp_config_put(uid, pdp_config_update_request, opts = {})
       data, _status_code, _headers = update_pdp_config_api_v1_clients_uid_pdp_config_put_with_http_info(uid, pdp_config_update_request, opts)
@@ -500,10 +764,11 @@ module FactPulse
     end
 
     # Configure client PDP
-    # Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - &#x60;flowServiceUrl&#x60;: PDP Flow Service URL - &#x60;tokenUrl&#x60;: PDP OAuth token URL - &#x60;oauthClientId&#x60;: OAuth Client ID - &#x60;clientSecret&#x60;: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - &#x60;isActive&#x60;: Enable/disable the config (default: true) - &#x60;modeSandbox&#x60;: Sandbox mode (default: false)  **Security**: The &#x60;clientSecret&#x60; is stored encrypted on Django side and is never returned in API responses.
-    # @param uid [String] 
+    # Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - &#x60;flowServiceUrl&#x60;: PDP Flow Service URL - &#x60;tokenUrl&#x60;: PDP OAuth token URL - &#x60;oauthClientId&#x60;: OAuth Client ID - &#x60;clientSecret&#x60;: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - &#x60;isActive&#x60;: Enable/disable the config (default: true) - &#x60;modeSandbox&#x60;: Sandbox mode (default: false) - &#x60;encryptionMode&#x60;: Encryption mode (default: \&quot;fernet\&quot;)   - \&quot;fernet\&quot;: Server-side encryption only   - \&quot;double\&quot;: Client AES-256-GCM + Server Fernet (requires X-Encryption-Key header)  **Double Encryption Mode**: When &#x60;encryptionMode&#x60; is set to \&quot;double\&quot;, you MUST also provide the &#x60;X-Encryption-Key&#x60; header containing a base64-encoded AES-256 key (32 bytes). This key is used to encrypt the &#x60;clientSecret&#x60; on the client side before the server encrypts it again with Fernet. The server cannot decrypt the secret without the client key.  **Security**: The &#x60;clientSecret&#x60; is stored encrypted on Django side and is never returned in API responses.
+    # @param uid [String] Client unique identifier (UUID)
     # @param pdp_config_update_request [PDPConfigUpdateRequest] 
     # @param [Hash] opts the optional parameters
+    # @option opts [String] :x_encryption_key Client encryption key for double encryption mode. Must be a base64-encoded AES-256 key (32 bytes). Required only when accessing resources encrypted with encryption_mode&#x3D;&#39;double&#39;.
     # @return [Array<(PDPConfigResponse, Integer, Hash)>] PDPConfigResponse data, response status code and response headers
     def update_pdp_config_api_v1_clients_uid_pdp_config_put_with_http_info(uid, pdp_config_update_request, opts = {})
       if @api_client.config.debugging
@@ -532,6 +797,7 @@ module FactPulse
       if !content_type.nil?
           header_params['Content-Type'] = content_type
       end
+      header_params[:'X-Encryption-Key'] = opts[:'x_encryption_key'] if !opts[:'x_encryption_key'].nil?
 
       # form parameters
       form_params = opts[:form_params] || {}
@@ -543,7 +809,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'PDPConfigResponse'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"ClientManagementApi.update_pdp_config_api_v1_clients_uid_pdp_config_put",

data/lib/factpulse/api/downloads_api.rb

@@ -1,12 +1,12 @@
 =begin
 #FactPulse REST API
 
-# REST API for electronic invoicing in France: Factur-X, AFNOR PDP/PA, electronic signatures.  ## 🎯 Main Features  ### 📄 Factur-X - Generation - **Formats**: XML only or PDF/A-3 with embedded XML - **Profiles**: MINIMUM, BASIC, EN16931, EXTENDED - **Standards**: EN 16931 (EU directive 2014/55), ISO 19005-3 (PDF/A-3), CII (UN/CEFACT) - **🆕 Simplified Format**: Generation from SIRET + auto-enrichment (Chorus Pro API + Business Search)  ### ✅ Factur-X - Validation - **XML Validation**: Schematron (45 to 210+ rules depending on profile) - **PDF Validation**: PDF/A-3, Factur-X XMP metadata - **VeraPDF**: Strict PDF/A validation (146+ ISO 19005-3 rules)  ### ✍️ Electronic Signature - **Standards**: PAdES-B-B, PAdES-B-T (RFC 3161 timestamping), PAdES-B-LT (long-term archival) - **eIDAS Levels**: SES (self-signed), AdES (commercial CA), QES (QTSP) - **Validation**: Cryptographic integrity and certificate verification  ### 📋 Flux 6 - Invoice Lifecycle (CDAR) - **CDAR Messages**: Acknowledgements, invoice statuses - **PPF Statuses**: REFUSED (210), PAID (212)  ### 📊 Flux 10 - E-Reporting - **Tax Declarations**: International B2B, B2C - **Flow Types**: 10.1 (B2B transactions), 10.2 (B2B payments), 10.3 (B2C transactions), 10.4 (B2C payments)  ### 📡 AFNOR PDP/PA (XP Z12-013) - **Flow Service**: Submit and search flows to PDPs - **Directory Service**: Company search (SIREN/SIRET) - **Multi-client**: Support for multiple PDP configs per user  ### 🏛️ Chorus Pro - **Public Sector Invoicing**: Complete API for Chorus Pro  ### ⏳ Async Tasks - **Celery**: Asynchronous generation, validation and signing - **Polling**: Status tracking via `/tasks/{task_id}/status` - **Webhooks**: Automatic notifications when tasks complete  ## 🔒 Authentication  All requests require a **JWT token** in the Authorization header: ``` Authorization: Bearer YOUR_JWT_TOKEN ```  ### How to obtain a JWT token?  #### 🔑 Method 1: `/api/token/` API (Recommended)  **URL:** `https://factpulse.fr/api/token/`  This method is **recommended** for integration in your applications and CI/CD workflows.  **Prerequisites:** Having set a password on your account  **For users registered via email/password:** - You already have a password, use it directly  **For users registered via OAuth (Google/GitHub):** - You must first set a password at: https://factpulse.fr/accounts/password/set/ - Once the password is created, you can use the API  **Request example:** ```bash curl -X POST https://factpulse.fr/api/token/ \\   -H \"Content-Type: application/json\" \\   -d '{     \"username\": \"your_email@example.com\",     \"password\": \"your_password\"   }' ```  **Optional `client_uid` parameter:**  To select credentials for a specific client (PA/PDP, Chorus Pro, signing certificates), add `client_uid`:  ```bash curl -X POST https://factpulse.fr/api/token/ \\   -H \"Content-Type: application/json\" \\   -d '{     \"username\": \"your_email@example.com\",     \"password\": \"your_password\",     \"client_uid\": \"550e8400-e29b-41d4-a716-446655440000\"   }' ```  The `client_uid` will be included in the JWT and allow the API to automatically use: - AFNOR/PDP credentials configured for this client - Chorus Pro credentials configured for this client - Electronic signature certificates configured for this client  **Response:** ```json {   \"access\": \"eyJ0eXAiOiJKV1QiLCJhbGc...\",  // Access token (validity: 30 min)   \"refresh\": \"eyJ0eXAiOiJKV1QiLCJhbGc...\"  // Refresh token (validity: 7 days) } ```  **Advantages:** - ✅ Full automation (CI/CD, scripts) - ✅ Programmatic token management - ✅ Refresh token support for automatic access renewal - ✅ Easy integration in any language/tool  #### 🖥️ Method 2: Dashboard Generation (Alternative)  **URL:** https://factpulse.fr/api/dashboard/  This method is suitable for quick tests or occasional use via the graphical interface.  **How it works:** - Log in to the dashboard - Use the \"Generate Test Token\" or \"Generate Production Token\" buttons - Works for **all** users (OAuth and email/password), without requiring a password  **Token types:** - **Test Token**: 24h validity, 1000 calls/day quota (free) - **Production Token**: 7 days validity, quota based on your plan  **Advantages:** - ✅ Quick for API testing - ✅ No password required - ✅ Simple visual interface  **Disadvantages:** - ❌ Requires manual action - ❌ No refresh token - ❌ Less suited for automation  ### 📚 Full Documentation  For more information on authentication and API usage: https://factpulse.fr/documentation-api/     
+# REST API for electronic invoicing in France: Factur-X (CII), UBL 2.1, AFNOR PDP/PA, electronic signatures.  ## 🎯 Main Features  ### 📄 Invoice Generation - **Formats**: CII XML, UBL 2.1 XML, or Factur-X PDF/A-3 - **Profiles** (CII/PDF): MINIMUM, BASIC, EN16931, EXTENDED - **UBL**: Always EN16931 compliant - **Standards**: EN 16931 (EU directive 2014/55), ISO 19005-3 (PDF/A-3), CII (UN/CEFACT), UBL 2.1 (OASIS) - **Simplified Format**: Generation from SIRET + auto-enrichment (Chorus Pro API + Business Search)  ### ✅ Factur-X - Validation - **XML Validation**: Schematron (45 to 210+ rules depending on profile) - **PDF Validation**: PDF/A-3, Factur-X XMP metadata - **VeraPDF**: Strict PDF/A validation (146+ ISO 19005-3 rules)  ### ✍️ Electronic Signature - **Standards**: PAdES-B-B, PAdES-B-T (RFC 3161 timestamping), PAdES-B-LT (long-term archival) - **eIDAS Levels**: SES (self-signed), AdES (commercial CA), QES (QTSP) - **Validation**: Cryptographic integrity and certificate verification  ### 📋 Flux 6 - Invoice Lifecycle (CDAR) - **CDAR Messages**: Acknowledgements, invoice statuses - **PPF Statuses**: REFUSED (210), PAID (212)  ### 📊 Flux 10 - E-Reporting - **Tax Declarations**: International B2B, B2C - **Flow Types**: 10.1 (B2B transactions), 10.2 (B2B payments), 10.3 (B2C transactions), 10.4 (B2C payments)  ### 📡 AFNOR PDP/PA (XP Z12-013) - **Flow Service**: Submit and search flows to PDPs - **Directory Service**: Company search (SIREN/SIRET) - **Multi-client**: Support for multiple PDP configs per user  ### 🏛️ Chorus Pro - **Public Sector Invoicing**: Complete API for Chorus Pro  ### ⏳ Async Tasks - **Celery**: Asynchronous generation, validation and signing - **Polling**: Status tracking via `/tasks/{task_id}/status` - **Webhooks**: Automatic notifications when tasks complete  ## 🔒 Authentication  All requests require a **JWT token** in the Authorization header: ``` Authorization: Bearer YOUR_JWT_TOKEN ```  ### How to obtain a JWT token?  #### 🔑 Method 1: `/api/token/` API (Recommended)  **URL:** `https://factpulse.fr/api/token/`  This method is **recommended** for integration in your applications and CI/CD workflows.  **Prerequisites:** Having set a password on your account  **For users registered via email/password:** - You already have a password, use it directly  **For users registered via OAuth (Google/GitHub):** - You must first set a password at: https://factpulse.fr/accounts/password/set/ - Once the password is created, you can use the API  **Request example:** ```bash curl -X POST https://factpulse.fr/api/token/ \\   -H \"Content-Type: application/json\" \\   -d '{     \"username\": \"your_email@example.com\",     \"password\": \"your_password\"   }' ```  **Optional `client_uid` parameter:**  To select credentials for a specific client (PA/PDP, Chorus Pro, signing certificates), add `client_uid`:  ```bash curl -X POST https://factpulse.fr/api/token/ \\   -H \"Content-Type: application/json\" \\   -d '{     \"username\": \"your_email@example.com\",     \"password\": \"your_password\",     \"client_uid\": \"550e8400-e29b-41d4-a716-446655440000\"   }' ```  The `client_uid` will be included in the JWT and allow the API to automatically use: - AFNOR/PDP credentials configured for this client - Chorus Pro credentials configured for this client - Electronic signature certificates configured for this client  **Response:** ```json {   \"access\": \"eyJ0eXAiOiJKV1QiLCJhbGc...\",  // Access token (validity: 30 min)   \"refresh\": \"eyJ0eXAiOiJKV1QiLCJhbGc...\"  // Refresh token (validity: 7 days) } ```  **Advantages:** - ✅ Full automation (CI/CD, scripts) - ✅ Programmatic token management - ✅ Refresh token support for automatic access renewal - ✅ Easy integration in any language/tool  #### 🖥️ Method 2: Dashboard Generation (Alternative)  **URL:** https://factpulse.fr/api/dashboard/  This method is suitable for quick tests or occasional use via the graphical interface.  **How it works:** - Log in to the dashboard - Use the \"Generate Test Token\" or \"Generate Production Token\" buttons - Works for **all** users (OAuth and email/password), without requiring a password  **Token types:** - **Test Token**: 24h validity, 1000 calls/day quota (free) - **Production Token**: 7 days validity, quota based on your plan  **Advantages:** - ✅ Quick for API testing - ✅ No password required - ✅ Simple visual interface  **Disadvantages:** - ❌ Requires manual action - ❌ No refresh token - ❌ Less suited for automation  ### 📚 Full Documentation  For more information on authentication and API usage: https://factpulse.fr/documentation-api/     
 
 The version of the OpenAPI document: 1.0.0
 Contact: contact@factpulse.fr
 Generated by: https://openapi-generator.tech
-Generator version: 7.20.0-SNAPSHOT
+Generator version: 7.21.0-SNAPSHOT
 
 =end
 
@@ -21,7 +21,7 @@ module FactPulse
     end
     # Check if a file exists
     # Check if a temporary file exists and get its metadata without downloading.  Useful for: - Verifying a download URL is still valid - Getting file size before downloading - Checking expiration time  **Security**: Requires authentication, only file owner can check.
-    # @param download_id [String] 
+    # @param download_id [String] Unique identifier of the temporary file to check
     # @param [Hash] opts the optional parameters
     # @return [Object]
     def check_file_api_v1_download_download_id_head(download_id, opts = {})
@@ -31,7 +31,7 @@ module FactPulse
 
     # Check if a file exists
     # Check if a temporary file exists and get its metadata without downloading.  Useful for: - Verifying a download URL is still valid - Getting file size before downloading - Checking expiration time  **Security**: Requires authentication, only file owner can check.
-    # @param download_id [String] 
+    # @param download_id [String] Unique identifier of the temporary file to check
     # @param [Hash] opts the optional parameters
     # @return [Array<(Object, Integer, Hash)>] Object data, response status code and response headers
     def check_file_api_v1_download_download_id_head_with_http_info(download_id, opts = {})
@@ -63,7 +63,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'Object'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"DownloadsApi.check_file_api_v1_download_download_id_head",
@@ -84,7 +84,7 @@ module FactPulse
 
     # Download a temporary file
     # Download a file stored temporarily after asynchronous processing.  **Usage**: - This URL is provided in webhook notifications when using `webhook_mode: \"download_url\"` - Files are automatically deleted after 1 hour - Each file can only be downloaded until it expires  **Security**: - Requires a valid JWT token - Only the user who initiated the task can download the file
-    # @param download_id [String] 
+    # @param download_id [String] Unique identifier of the temporary file to download
     # @param [Hash] opts the optional parameters
     # @option opts [Boolean] :delete_after If true, delete the file after download (one-time download) (default to false)
     # @return [Object]
@@ -95,7 +95,7 @@ module FactPulse
 
     # Download a temporary file
     # Download a file stored temporarily after asynchronous processing.  **Usage**: - This URL is provided in webhook notifications when using &#x60;webhook_mode: \&quot;download_url\&quot;&#x60; - Files are automatically deleted after 1 hour - Each file can only be downloaded until it expires  **Security**: - Requires a valid JWT token - Only the user who initiated the task can download the file
-    # @param download_id [String] 
+    # @param download_id [String] Unique identifier of the temporary file to download
     # @param [Hash] opts the optional parameters
     # @option opts [Boolean] :delete_after If true, delete the file after download (one-time download) (default to false)
     # @return [Array<(Object, Integer, Hash)>] Object data, response status code and response headers
@@ -129,7 +129,7 @@ module FactPulse
       return_type = opts[:debug_return_type] || 'Object'
 
       # auth_names
-      auth_names = opts[:debug_auth_names] || ['HTTPBearer']
+      auth_names = opts[:debug_auth_names] || ['APIKeyHeader', 'HTTPBearer']
 
       new_options = opts.merge(
         :operation => :"DownloadsApi.download_file_api_v1_download_download_id_get",