permify 0.0.1 → 1.5.4

data/generator/openapi.json

@@ -0,0 +1,3699 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Permify API",
+    "description": "Permify is an open source authorization service for creating fine-grained and scalable authorization systems.",
+    "version": "v1.5.4",
+    "contact": {
+      "name": "API Support",
+      "url": "https://github.com/Permify/permify/issues",
+      "email": "hello@permify.co"
+    },
+    "license": {
+      "name": "AGPL-3.0 license",
+      "url": "https://github.com/Permify/permify/blob/master/LICENSE"
+    }
+  },
+  "tags": [
+    {
+      "name": "Permission"
+    },
+    {
+      "name": "Watch"
+    },
+    {
+      "name": "Schema"
+    },
+    {
+      "name": "Data"
+    },
+    {
+      "name": "Bundle"
+    },
+    {
+      "name": "Tenancy"
+    }
+  ],
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "paths": {
+    "/v1/tenants/create": {
+      "post": {
+        "summary": "create tenant",
+        "operationId": "tenants.create",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/TenantCreateResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "body",
+            "description": "TenantCreateRequest is the message used for the request to create a tenant.",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/TenantCreateRequest"
+            }
+          }
+        ],
+        "tags": [
+          "Tenancy"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Tenancy.Create(context.Background(), \u0026v1.TenantCreateRequest{\n    Id:   \"\",\n    Name: \"\"\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.tenancy.create({\n   id: \"\",\n   name: \"\"\n}).then((response) =\u003e {\n    // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'http://localhost:3476/v1/tenants/create' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"id\": \"\",\n    \"name\": \"\"\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/list": {
+      "post": {
+        "summary": "list tenants",
+        "operationId": "tenants.list",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/TenantListResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "body",
+            "description": "TenantListRequest is the message used for the request to list all tenants.",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/TenantListRequest"
+            }
+          }
+        ],
+        "tags": [
+          "Tenancy"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "cr, err := client.Tenancy.List(context.Background(), \u0026v1.TenantListRequest{\n    PageSize: 20,\n    ContinuousToken: \"\",\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "let res = client.tenancy.list({\n    pageSize: 20,\n    continuousToken: \"\",\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/list' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"page_size\": 20,\n    \"continuous_token\": \"\"\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{id}": {
+      "delete": {
+        "summary": "delete tenant",
+        "operationId": "tenants.delete",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/TenantDeleteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "id",
+            "description": "id is the unique identifier of the tenant to be deleted.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          }
+        ],
+        "tags": [
+          "Tenancy"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Tenancy.Delete(context.Background(), \u0026v1.TenantDeleteRequest{\n    Id: \"\"\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.tenancy.delete({\n   id: \"\",\n}).then((response) =\u003e {\n    // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request DELETE 'http://localhost:3476/v1/tenants/t1'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/bundle/delete": {
+      "post": {
+        "summary": "delete bundle",
+        "operationId": "bundle.delete",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/BundleDeleteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Bundle.DeleteBody"
+            }
+          }
+        ],
+        "tags": [
+          "Bundle"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Bundle.Delete(context.Background(), \u0026v1.BundleDeleteRequest{\n    TenantId: \"t1\",\n    Name:     \"organization_created\",\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.bundle.delete({\n    tenantId: \"t1\",\n    name: \"organization_created\",\n}).then((response) =\u003e {\n    // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/bundle/delete' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"name\": \"organization_created\"\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/bundle/read": {
+      "post": {
+        "summary": "read bundle",
+        "operationId": "bundle.read",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/BundleReadResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Bundle.ReadBody"
+            }
+          }
+        ],
+        "tags": [
+          "Bundle"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Bundle.Read(context.Background(), \u0026v1.BundleReadRequest{\n    TenantId: \"t1\",\n    Name:     \"organization_created\",\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.bundle.read({\n    tenantId: \"t1\",\n    name: \"organization_created\",\n}).then((response) =\u003e {\n    // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/bundle/read' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"name\": \"organization_created\"\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/bundle/write": {
+      "post": {
+        "summary": "write bundle",
+        "operationId": "bundle.write",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/BundleWriteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Bundle.WriteBody"
+            }
+          }
+        ],
+        "tags": [
+          "Bundle"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Bundle.Write(context.Background(), \u0026v1.BundleWriteRequest{\n    TenantId: \"t1\",\n    Bundles: []*v1.DataBundle{\n        {\n            Name: \"organization_created\",\n            Arguments: []string{\n                \"creatorID\",\n                \"organizationID\",\n            },\n            Operations: []*v1.Operation{\n                {\n                    RelationshipsWrite: []string{\n                        \"organization:{{.organizationID}}#admin@user:{{.creatorID}}\",\n                        \"organization:{{.organizationID}}#manager@user:{{.creatorID}}\",\n                    },\n                    AttributesWrite: []string{\n                        \"organization:{{.organizationID}}$public|boolean:false\",\n                    },\n                },\n            },\n        },\n    },\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.bundle.write({\n    tenantId: \"t1\",\n    bundles: [\n        {\n            name: \"organization_created\",\n            arguments: [\n                \"creatorID\",\n                \"organizationID\",\n            ],\n            operations: [\n                {\n                    relationships_write: [\n                        \"organization:{{.organizationID}}#admin@user:{{.creatorID}}\",\n                        \"organization:{{.organizationID}}#manager@user:{{.creatorID}}\",\n                    ],\n                    attributes_write: [\n                        \"organization:{{.organizationID}}$public|boolean:false\",\n                    ]\n                }\n            ]\n        }\n    ]\n}).then((response) =\u003e {\n    // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/bundle/write' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"bundles\": [\n        {\n            \"name\": \"organization_created\",\n            \"arguments\": [\n                \"creatorID\",\n                \"organizationID\"\n            ],\n            \"operations\": [\n                {\n                    \"relationships_write\": [\n                        \"organization:{{.organizationID}}#admin@user:{{.creatorID}}\",\n                        \"organization:{{.organizationID}}#manager@user:{{.creatorID}}\"\n                    ],\n                    \"attributes_write\": [\n                        \"organization:{{.organizationID}}$public|boolean:false\"\n                    ]\n                }\n            ]\n        }\n    ]\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/data/attributes/read": {
+      "post": {
+        "summary": "read attributes",
+        "operationId": "data.attributes.read",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/AttributeReadResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/ReadAttributesBody"
+            }
+          }
+        ],
+        "tags": [
+          "Data"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Data.ReadAttributes(context.Background(), \u0026v1.Data.AttributeReadRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.Data.AttributeReadRequestMetadata{\n        SnapToken: \"\",\n    },\n    Filter: \u0026v1.AttributeFilter{\n        Entity: \u0026v1.EntityFilter{\n            Type: \"organization\",\n            Ids: []string{\"1\"},\n        },\n        Attributes: []string{\"private\"},\n    },\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.data.readAttributes({\n  tenantId: \"t1\",\n  metadata: {\n    snap_token: \"\",\n  },\n  filter: {\n    entity: {\n      type: \"organization\",\n      ids: [\n        \"1\"\n      ]\n    },\n    attributes: [\n      \"private\"\n    ],\n  }\n}).then((response) =\u003e {\n  // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/data/attributes/read' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n  metadata: {\n    snap_token: \"\",\n  },\n  filter: {\n    entity: {\n      type: \"organization\",\n      ids: [\n        \"1\"\n      ]\n    },\n    attributes: [\n      \"private\"\n    ],\n  }\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/data/delete": {
+      "post": {
+        "summary": "delete data",
+        "operationId": "data.delete",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/DataDeleteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Data.DeleteBody"
+            }
+          }
+        ],
+        "tags": [
+          "Data"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Data.Delete(context.Background(), \u0026v1.DataDeleteRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.DataDeleteRequestMetadata{\n        SnapToken: \"\",\n    },\n    TupleFilter: \u0026v1.TupleFilter{\n        Entity: \u0026v1.EntityFilter{\n            Type: \"organization\",\n            Ids: []string{\"1\"},\n        },\n        Relation: \"admin\",\n        Subject: \u0026v1.SubjectFilter{\n            Type: \"user\",\n            Id: []string{\"1\"},\n            Relation: \"\"\n        }\n    }\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.data.delete({\n  tenantId: \"t1\",\n  metadata: {\n    snap_token: \"\",\n  },\n  tupleFilter: {\n    entity: {\n      type: \"organization\",\n      ids: [\n        \"1\"\n      ]\n    },\n    relation: \"admin\",\n    subject: {\n      type: \"user\",\n      ids: [\n        \"1\"\n      ],\n      relation: \"\"\n    }\n  }\n}).then((response) =\u003e {\n  // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/data/delete' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n  \"tuple_filter\": {\n    \"entity\": {\n      \"type\": \"organization\",\n      \"ids\": [\n        \"1\"\n      ]\n    },\n    \"relation\": \"admin\",\n    \"subject\": {\n      \"type\": \"user\",\n      \"ids\": [\n        \"1\"\n      ],\n      \"relation\": \"\"\n    }\n  },\n  \"attribute_filter\": {}\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/data/relationships/read": {
+      "post": {
+        "summary": "read relationships",
+        "operationId": "data.relationships.read",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/RelationshipReadResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/ReadRelationshipsBody"
+            }
+          }
+        ],
+        "tags": [
+          "Data"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Data.ReadRelationships(context.Background(), \u0026v1.Data.RelationshipReadRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.Data.RelationshipReadRequestMetadata{\n        SnapToken: \"\"\n    },\n    Filter: \u0026v1.TupleFilter{\n        Entity: \u0026v1.EntityFilter{\n            Type: \"organization\",\n            Ids: []string{\"1\"},\n        },\n        Relation: \"member\",\n        Subject: \u0026v1.SubjectFilter{\n            Type: \"\",\n            Id: []string{\"\"},\n            Relation: \"\"\n        }\n    }\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.data.readRelationships({\n  tenantId: \"t1\",\n  metadata: {\n    snap_token: \"\",\n  },\n  filter: {\n    entity: {\n      type: \"organization\",\n      ids: [\n        \"1\"\n      ]\n    },\n    relation: \"member\",\n    subject: {\n      type: \"\",\n      ids: [],\n      relation: \"\"\n    }\n  }\n}).then((response) =\u003e {\n  // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/data/relationships/read' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n  metadata: {\n    snap_token: \"\",\n  },\n  filter: {\n    entity: {\n      type: \"organization\",\n      ids: [\n        \"1\"\n      ]\n    },\n    relation: \"member\",\n    subject: {\n      type: \"\",\n      ids: [],\n      relation: \"\"\n    }\n  }\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/data/run-bundle": {
+      "post": {
+        "summary": "run bundle",
+        "operationId": "bundle.run",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/BundleRunResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/RunBundleBody"
+            }
+          }
+        ],
+        "tags": [
+          "Data"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "rr, err := client.Data.RunBundle(context.Background(), \u0026v1.BundleRunRequest{\n    TenantId: \"t1\",\n    Name:     \"organization_created\",\n    Arguments: map[string]string{\n        \"creatorID\":      \"564\",\n        \"organizationID\": \"789\",\n    },\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.data.runBundle({\n    tenantId: \"t1\",\n    name: \"organization_created\",\n    arguments: {\n        creatorID: \"564\",\n        organizationID: \"789\",\n    }\n}).then((response) =\u003e {\n    // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/data/run-bundle' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"name\": \"organization_created\",\n    \"arguments\": {\n        \"creatorID\": \"564\",\n        \"organizationID\": \"789\"\n    }\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/data/write": {
+      "post": {
+        "summary": "write data",
+        "operationId": "data.write",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/DataWriteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Data.WriteBody"
+            }
+          }
+        ],
+        "tags": [
+          "Data"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "// Convert the wrapped attribute value into Any proto message\nvalue, err := anypb.New(\u0026v1.BooleanValue{\n    Data: true,\n})\nif err != nil {\n    // Handle error\n}\n\ncr, err := client.Data.Write(context.Background(), \u0026v1.DataWriteRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.DataWriteRequestMetadata{\n        SchemaVersion: \"\",\n    },\n    Tuples: []*v1.Tuple{\n        {\n            Entity: \u0026v1.Entity{\n                Type: \"document\",\n                Id:   \"1\",\n            },\n            Relation: \"editor\",\n            Subject:  \u0026v1.Subject{\n                Type: \"user\",\n                Id:   \"1\",\n                Relation: \"\",\n            },\n        },\n    },\n    Attributes: []*v1.Attribute{\n        {\n            Entity: \u0026v1.Entity{\n                Type: \"document\",\n                Id:   \"1\",\n            },\n            Attribute: \"is_private\",\n            Value:     value,\n        },\n    },\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "const booleanValue = BooleanValue.fromJSON({ data: true });\n\nconst value = Any.fromJSON({\n    typeUrl: 'type.googleapis.com/base.v1.BooleanValue',\n    value: BooleanValue.encode(booleanValue).finish()\n});\n\nclient.data.write({\n    tenantId: \"t1\",\n    metadata: {\n        schemaVersion: \"\"\n    },\n    tuples: [{\n        entity: {\n            type: \"document\",\n            id: \"1\"\n        },\n        relation: \"editor\",\n        subject: {\n            type: \"user\",\n            id: \"1\"\n        }\n    }],\n    attributes: [{\n        entity: {\n            type: \"document\",\n            id: \"1\"\n        },\n        attribute: \"is_private\",\n        value: value,\n    }]\n}).then((response) =\u003e {\n    // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/data/write' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"metadata\": {\n        \"schema_version\": \"\"\n    },\n    \"tuples\": [\n        {\n            \"entity\": {\n                \"type\": \"document\",\n                \"id\": \"1\"\n            },\n            \"relation\": \"editor\",\n            \"subject\": {\n                \"type\": \"user\",\n                \"id\": \"1\"\n            }\n        }\n    ],\n    \"attributes\": [\n        {\n            \"entity\": {\n                \"type\": \"document\",\n                \"id\": \"1\"\n            },\n            \"attribute\": \"is_private\",\n            \"value\": {\n                \"@type\": \"type.googleapis.com/base.v1.BooleanValue\",\n                \"data\": true\n            }\n        }\n    ]\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/permissions/bulk-check": {
+      "post": {
+        "summary": "bulk check api",
+        "description": "Check multiple permissions in a single request. Maximum 100 requests allowed.",
+        "operationId": "permissions.bulk-check",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/PermissionBulkCheckResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/BulkCheckBody"
+            }
+          }
+        ],
+        "tags": [
+          "Permission"
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/permissions/check": {
+      "post": {
+        "summary": "check api",
+        "operationId": "permissions.check",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/PermissionCheckResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/CheckBody"
+            }
+          }
+        ],
+        "tags": [
+          "Permission"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "cr, err := client.Permission.Check(context.Background(), \u0026v1.PermissionCheckRequest {\n    TenantId: \"t1\",\n    Metadata: \u0026v1.PermissionCheckRequestMetadata {\n        SnapToken: \"\",\n        SchemaVersion: \"\",\n        Depth: 20,\n    },\n    Entity: \u0026v1.Entity {\n        Type: \"repository\",\n        Id: \"1\",\n    },\n    Permission: \"edit\",\n    Subject: \u0026v1.Subject {\n        Type: \"user\",\n        Id: \"1\",\n    },\n})\nif cr.Can == v1.PermissionCheckResponse_Result_RESULT_ALLOWED {\n    // RESULT_ALLOWED\n} else {\n    // RESULT_DENIED\n}"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.permission.check({\n    tenantId: \"t1\", \n    metadata: {\n        snapToken: \"\",\n        schemaVersion: \"\",\n        depth: 20\n    },\n    entity: {\n        type: \"repository\",\n        id: \"1\"\n    },\n    permission: \"edit\",\n    subject: {\n        type: \"user\",\n        id: \"1\"\n    }\n}).then((response) =\u003e {\n    if (response.can === PermissionCheckResponse_Result.RESULT_ALLOWED) {\n        console.log(\"RESULT_ALLOWED\")\n    } else {\n        console.log(\"RESULT_DENIED\")\n    }\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/permissions/check' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n  \"metadata\": {\n    \"snap_token\": \"\",\n    \"schema_version\": \"\",\n    \"depth\": 20\n  },\n  \"entity\": {\n    \"type\": \"repository\",\n    \"id\": \"1\"\n  },\n  \"permission\": \"edit\",\n  \"subject\": {\n    \"type\": \"user\",\n    \"id\": \"1\",\n    \"relation\": \"\"\n  }\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/permissions/expand": {
+      "post": {
+        "summary": "expand api",
+        "operationId": "permissions.expand",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/PermissionExpandResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Permission.ExpandBody"
+            }
+          }
+        ],
+        "tags": [
+          "Permission"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "cr, err := client.Permission.Expand(context.Background(), \u0026v1.PermissionExpandRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.PermissionExpandRequestMetadata{\n        SnapToken: \"\",\n        SchemaVersion: \"\",\n    },\n    Entity: \u0026v1.Entity{\n        Type: \"repository\",\n        Id: \"1\",\n    },\n    Permission: \"push\",\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.permission.expand({\n    tenantId: \"t1\",\n    metadata: {\n        snapToken: \"\",\n        schemaVersion: \"\"\n    },\n    entity: {\n        type: \"repository\",\n        id: \"1\"\n    },\n    permission: \"push\",\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/permissions/expand' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n  \"metadata\": {\n    \"schema_version\": \"\",\n    \"snap_token\": \"\"\n  },\n  \"entity\": {\n    \"type\": \"repository\",\n    \"id\": \"1\"\n  },\n  \"permission\": \"push\"\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/permissions/lookup-entity": {
+      "post": {
+        "summary": "lookup entity",
+        "operationId": "permissions.lookupEntity",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/PermissionLookupEntityResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/LookupEntityBody"
+            }
+          }
+        ],
+        "tags": [
+          "Permission"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "cr, err := client.Permission.LookupEntity(context.Background(), \u0026v1.PermissionLookupEntityRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.PermissionLookupEntityRequestMetadata{\n        SnapToken: \"\",\n        SchemaVersion: \"\",\n        Depth: 20,\n    },\n    EntityType: \"document\",\n    Permission: \"edit\",\n    Subject: \u0026v1.Subject{\n        Type: \"user\",\n        Id: \"1\",\n    }\n    PageSize: 20,\n    ContinuousToken: \"\",\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.permission.lookupEntity({\n    tenantId: \"t1\",\n    metadata: {\n        snapToken: \"\",\n        schemaVersion: \"\",\n        depth: 20\n    },\n    entity_type: \"document\",\n    permission: \"edit\",\n    subject: {\n        type: \"user\",\n        id: \"1\"\n    },\n    page_size: 20,\n    continuous_token: \"\"\n}).then((response) =\u003e {\n    console.log(response.entity_ids)\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/permissions/lookup-entity' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n  \"metadata\":{\n    \"snap_token\": \"\",\n    \"schema_version\": \"\",\n    \"depth\": 20\n  },\n  \"entity_type\": \"document\",\n  \"permission\": \"edit\",\n  \"subject\": {\n    \"type\":\"user\",\n    \"id\":\"1\"\n  },\n  \"page_size\": 20,\n  \"continuous_token\": \"\",\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/permissions/lookup-entity-stream": {
+      "post": {
+        "summary": "lookup entity stream",
+        "operationId": "permissions.lookupEntityStream",
+        "responses": {
+          "200": {
+            "description": "A successful response.(streaming responses)",
+            "schema": {
+              "type": "object",
+              "properties": {
+                "result": {
+                  "$ref": "#/definitions/PermissionLookupEntityStreamResponse"
+                },
+                "error": {
+                  "$ref": "#/definitions/Status"
+                }
+              },
+              "title": "Stream result of PermissionLookupEntityStreamResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/LookupEntityStreamBody"
+            }
+          }
+        ],
+        "tags": [
+          "Permission"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "str, err := client.Permission.LookupEntityStream(context.Background(), \u0026v1.PermissionLookupEntityRequest{\n    Metadata: \u0026v1.PermissionLookupEntityRequestMetadata{\n        SnapToken: \"\",\n        SchemaVersion: \"\",\n        Depth: 50,\n    },\n    EntityType: \"document\",\n    Permission: \"view\",\n    Subject: \u0026v1.Subject{\n        Type: \"user\",\n        Id: \"1\",\n    },\n    PageSize: 20,\n    ContinuousToken: \"\",\n})\n\n// handle stream response\nfor {\n    res, err := str.Recv()\n\n    if err == io.EOF {\n        break\n    }\n\n    // res.EntityId\n}"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "const permify = require(\"@permify/permify-node\");\nconst {PermissionLookupEntityStreamResponse} = require(\"@permify/permify-node/dist/src/grpc/generated/base/v1/service\");\n\nfunction main() {\n    const client = new permify.grpc.newClient({\n        endpoint: \"localhost:3478\",\n    });\n\n    let res = client.permission.lookupEntityStream({\n        metadata: {\n            snapToken: \"\",\n            schemaVersion: \"\",\n            depth: 20\n        },\n        entityType: \"document\",\n        permission: \"view\",\n        subject: {\n            type: \"user\",\n            id: \"1\"\n        },\n        page_size: 20,\n        continuous_token: \"\"\n    });\n\n    handle(res);\n}\n\nasync function handle(res: AsyncIterable\u003cPermissionLookupEntityStreamResponse\u003e) {\n    for await (const response of res) {\n        // response.entityId\n    }\n}"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/permissions/lookup-subject": {
+      "post": {
+        "summary": "lookup-subject",
+        "operationId": "permissions.lookupSubject",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/PermissionLookupSubjectResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/LookupSubjectBody"
+            }
+          }
+        ],
+        "tags": [
+          "Permission"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "cr, err := client.Permission.LookupSubject(context.Background(), \u0026v1.PermissionLookupSubjectRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.PermissionLookupSubjectRequestMetadata{\n        SnapToken: \"\",\n        SchemaVersion: \"\",\n        Depth: 20,\n    },\n    Entity: \u0026v1.Entity{\n        Type: \"document\",\n        Id: \"1\",\n    },\n    Permission: \"edit\",\n    SubjectReference: \u0026v1.RelationReference{\n        Type: \"user\",\n        Relation: \"\",\n    },\n    PageSize: 20,\n    ContinuousToken: \"\",\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.permission.lookupSubject({\n    tenantId: \"t1\",\n    metadata: {\n        snapToken: \"\",\n        schemaVersion: \"\",\n        depth: 20,\n    },\n    entity: {\n        type: \"document\",\n        id: \"1\",\n    },\n    permission: \"edit\",\n    subject_reference: {\n        type: \"user\",\n        relation: \"\"\n    },\n    page_size: 10,\n    continuous_token: \"\"\n}).then((response) =\u003e {\n    console.log(response.subject_ids)\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/permissions/lookup-subject' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n  \"metadata\":{\n    \"snap_token\": \"\",\n    \"schema_version\": \"\",\n    \"depth\": 20,\n  },\n  \"entity\": {\n    \"type\": \"document\",\n    \"id\": \"1\"\n  },\n  \"permission\": \"edit\",\n  \"subject_reference\": {\n    \"type\": \"user\",\n    \"relation\": \"\"\n  },\n   page_size: 20,\n   continuous_token: \"\"\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/permissions/subject-permission": {
+      "post": {
+        "summary": "subject permission",
+        "operationId": "permissions.subjectPermission",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/PermissionSubjectPermissionResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/SubjectPermissionBody"
+            }
+          }
+        ],
+        "tags": [
+          "Permission"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "cr, err := client.Permission.SubjectPermission(context.Background(), \u0026v1.PermissionSubjectPermissionRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.PermissionSubjectPermissionRequestMetadata{\n        SnapToken: \"\",\n        SchemaVersion: \"\",\n        OnlyPermission: false,\n        Depth: 20,\n    },\n    Entity: \u0026v1.Entity{\n        Type: \"repository\",\n        Id: \"1\",\n    },\n    Subject: \u0026v1.Subject{\n        Type: \"user\",\n        Id: \"1\",\n    },\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.permission.subjectPermission({\n    tenantId: \"t1\",\n    metadata: {\n        snapToken: \"\",\n        schemaVersion: \"\",\n        onlyPermission: true,\n        depth: 20\n    },\n    entity: {\n        type: \"repository\",\n        id: \"1\"\n    },\n    subject: {\n        type: \"user\",\n        id: \"1\"\n    }\n}).then((response) =\u003e {\n    console.log(response);\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/permissions/subject-permission' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n  \"metadata\":{\n    \"snap_token\": \"\",\n    \"schema_version\": \"\",\n    \"only_permission\": true,\n    \"depth\": 20\n  },\n  \"entity\": {\n    \"type\": \"repository\",\n    \"id\": \"1\"\n  },\n  \"subject\": {\n    \"type\": \"user\",\n    \"id\": \"1\",\n    \"relation\": \"\"\n  }\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/relationships/delete": {
+      "post": {
+        "summary": "delete relationships",
+        "operationId": "relationships.delete",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/RelationshipDeleteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/DeleteRelationshipsBody"
+            }
+          }
+        ],
+        "tags": [
+          "Data"
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/relationships/write": {
+      "post": {
+        "summary": "write relationships",
+        "operationId": "relationships.write",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/RelationshipWriteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/WriteRelationshipsBody"
+            }
+          }
+        ],
+        "tags": [
+          "Data"
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/schemas/list": {
+      "post": {
+        "summary": "list schema",
+        "operationId": "schemas.list",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/SchemaListResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Schema.ListBody"
+            }
+          }
+        ],
+        "tags": [
+          "Schema"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "sr, err := client.Schema.List(context.Background(), \u0026v1.SchemaListRequest{\n    TenantId: \"t1\",\n    PageSize: 20,\n    ContinuousToken: \"\",\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "let res = client.schema.list({\n    tenantId: \"t1\",\n    continuousToken: \"\"\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/schemas/list' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"page_size\": 20,\n    \"continuous_token\": \"\"\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/schemas/partial-write": {
+      "patch": {
+        "summary": "partially update your authorization model",
+        "operationId": "schemas.partial-write",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/SchemaPartialWriteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "tenant_id is a string that identifies the tenant. It must match the pattern \"[a-zA-Z0-9-,]+\",\nbe a maximum of 64 bytes, and must not be empty.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/PartialWriteBody"
+            }
+          }
+        ],
+        "tags": [
+          "Schema"
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/schemas/read": {
+      "post": {
+        "summary": "read schema",
+        "operationId": "schemas.read",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/SchemaReadResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Schema.ReadBody"
+            }
+          }
+        ],
+        "tags": [
+          "Schema"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "sr, err := client.Schema.Read(context.Background(), \u0026v1.SchemaReadRequest{\n    TenantId: \"t1\",\n    Metadata: \u0026v1.SchemaReadRequestMetadata{\n        SchemaVersion: \"cnbe6se5fmal18gpc66g\",\n    },\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "let res = client.schema.read({\n    tenantId: \"t1\",\n    metadata: {\n        schemaVersion: swResponse.schemaVersion,\n    },\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/schemas/read' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"metadata\": {\n        \"schema_version\": \"cnbe6se5fmal18gpc66g\"\n    }\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/schemas/write": {
+      "post": {
+        "summary": "write schema",
+        "operationId": "schemas.write",
+        "responses": {
+          "200": {
+            "description": "A successful response.",
+            "schema": {
+              "$ref": "#/definitions/SchemaWriteResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/Schema.WriteBody"
+            }
+          }
+        ],
+        "tags": [
+          "Schema"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "sr, err := client.Schema.Write(context.Background(), \u0026v1.SchemaWriteRequest{\n    TenantId: \"t1\",\n    Schema: `\n    entity user {}\n\n    entity organization {\n        relation admin @user\n        relation member @user\n\n        action create_repository = (admin or member)\n        action delete = admin\n    }\n\n    entity repository {\n        relation owner @user\n        relation parent @organization\n\n        action push = owner\n        action read = (owner and (parent.admin and parent.member))\n        action delete = (parent.member and (parent.admin or owner))\n    }\n    `,\n})"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "client.schema.write({\n    tenantId: \"t1\",\n    schema: `\n    entity user {}\n\n    entity organization {\n        relation admin @user\n        relation member @user\n\n        action create_repository = (admin or member)\n        action delete = admin\n    }\n\n    entity repository {\n        relation owner @user\n        relation parent @organization\n\n        action push = owner\n        action read = (owner and (parent.admin and parent.member))\n        action delete = (parent.member and (parent.admin or owner))\n    }\n    `\n}).then((response) =\u003e {\n    // handle response\n})"
+          },
+          {
+            "label": "cURL",
+            "lang": "curl",
+            "source": "curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/schemas/write' \\\n--header 'Content-Type: application/json' \\\n--data-raw '{\n    \"schema\": \"entity user {}\\n\\n    entity organization {\\n\\n        relation admin @user\\n        relation member @user\\n\\n        action create_repository = (admin or member)\\n        action delete = admin\\n    }\\n\\n    entity repository {\\n\\n        relation owner @user\\n        relation parent @organization\\n\\n        action push = owner\\n        action read = (owner and (parent.admin and parent.member))\\n        action delete = (parent.member and (parent.admin or owner))\\n }\"\n}'"
+          }
+        ]
+      }
+    },
+    "/v1/tenants/{tenant_id}/watch": {
+      "post": {
+        "summary": "watch changes",
+        "operationId": "watch.watch",
+        "responses": {
+          "200": {
+            "description": "A successful response.(streaming responses)",
+            "schema": {
+              "type": "object",
+              "properties": {
+                "result": {
+                  "$ref": "#/definitions/WatchResponse"
+                },
+                "error": {
+                  "$ref": "#/definitions/Status"
+                }
+              },
+              "title": "Stream result of WatchResponse"
+            }
+          },
+          "default": {
+            "description": "An unexpected error response.",
+            "schema": {
+              "$ref": "#/definitions/Status"
+            }
+          }
+        },
+        "parameters": [
+          {
+            "name": "tenant_id",
+            "description": "Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant \u003ccode\u003et1\u003c/code\u003e for this field. Required, and must match the pattern \\“[a-zA-Z0-9-,]+\\“, max 64 bytes.",
+            "in": "path",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/WatchBody"
+            }
+          }
+        ],
+        "tags": [
+          "Watch"
+        ],
+        "x-codeSamples": [
+          {
+            "label": "go",
+            "lang": "go",
+            "source": "cr, err := client.Watch.Watch(context.Background(), \u0026v1.WatchRequest{\n    TenantId:  \"t1\",\n    SnapToken: \"\",\n})\n// handle stream response\nfor {\n    res, err := cr.Recv()\n\n    if err == io.EOF {\n        break\n    }\n\n    // res.Changes\n}\n"
+          },
+          {
+            "label": "node",
+            "lang": "javascript",
+            "source": "const permify = require(\"@permify/permify-node\");\nconst {WatchResponse} = require(\"@permify/permify-node/dist/src/grpc/generated/base/v1/service\");\n\nfunction main() {\n    const client = new permify.grpc.newClient({\n        endpoint: \"localhost:3478\",\n    });\n\n    let res = client.watch.watch({\n        tenantId: \"t1\",\n        snapToken: \"\"\n    });\n\n    handle(res);\n}\n\nasync function handle(res: AsyncIterable\u003cWatchResponse\u003e) {\n    for await (const response of res) {\n        // response.changes\n    }\n}\n"
+          }
+        ]
+      }
+    }
+  },
+  "definitions": {
+    "AbstractType": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The fully qualified name of this abstract type."
+        },
+        "parameterTypes": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/v1alpha1.Type"
+          },
+          "description": "Parameter types for this abstract type."
+        }
+      },
+      "description": "Application defined abstract type."
+    },
+    "Any": {
+      "type": "object",
+      "properties": {
+        "@type": {
+          "type": "string",
+          "description": "A URL/resource name that uniquely identifies the type of the serialized\nprotocol buffer message. This string must contain at least\none \"/\" character. The last segment of the URL's path must represent\nthe fully qualified name of the type (as in\n`path/google.protobuf.Duration`). The name should be in a canonical form\n(e.g., leading \".\" is not accepted).\n\nIn practice, teams usually precompile into the binary all types that they\nexpect it to use in the context of Any. However, for URLs which use the\nscheme `http`, `https`, or no scheme, one can optionally set up a type\nserver that maps type URLs to message definitions as follows:\n\n* If no scheme is provided, `https` is assumed.\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\n  value in binary format, or produce an error.\n* Applications are allowed to cache lookup results based on the\n  URL, or have them precompiled into a binary to avoid any\n  lookup. Therefore, binary compatibility needs to be preserved\n  on changes to types. (Use versioned type names to manage\n  breaking changes.)\n\nNote: this functionality is not currently available in the official\nprotobuf release, and it is not used for type URLs beginning with\ntype.googleapis.com. As of May 2023, there are no widely used type server\nimplementations and no plans to implement one.\n\nSchemes other than `http`, `https` (or the empty scheme) might be\nused with implementation specific semantics."
+        }
+      },
+      "additionalProperties": {},
+      "description": "`Any` contains an arbitrary serialized protocol buffer message along with a\nURL that describes the type of the serialized message.\n\nProtobuf library provides support to pack/unpack Any values in the form\nof utility functions or additional generated methods of the Any type.\n\nExample 1: Pack and unpack a message in C++.\n\n    Foo foo = ...;\n    Any any;\n    any.PackFrom(foo);\n    ...\n    if (any.UnpackTo(\u0026foo)) {\n      ...\n    }\n\nExample 2: Pack and unpack a message in Java.\n\n    Foo foo = ...;\n    Any any = Any.pack(foo);\n    ...\n    if (any.is(Foo.class)) {\n      foo = any.unpack(Foo.class);\n    }\n    // or ...\n    if (any.isSameTypeAs(Foo.getDefaultInstance())) {\n      foo = any.unpack(Foo.getDefaultInstance());\n    }\n\n Example 3: Pack and unpack a message in Python.\n\n    foo = Foo(...)\n    any = Any()\n    any.Pack(foo)\n    ...\n    if any.Is(Foo.DESCRIPTOR):\n      any.Unpack(foo)\n      ...\n\n Example 4: Pack and unpack a message in Go\n\n     foo := \u0026pb.Foo{...}\n     any, err := anypb.New(foo)\n     if err != nil {\n       ...\n     }\n     ...\n     foo := \u0026pb.Foo{}\n     if err := any.UnmarshalTo(foo); err != nil {\n       ...\n     }\n\nThe pack methods provided by protobuf library will by default use\n'type.googleapis.com/full.type.name' as the type URL and the unpack\nmethods only use the fully qualified type name after the last '/'\nin the type URL, for example \"foo.bar.com/x/y.z\" will yield type\nname \"y.z\".\n\nJSON\n====\nThe JSON representation of an `Any` value uses the regular\nrepresentation of the deserialized, embedded message, with an\nadditional field `@type` which contains the type URL. Example:\n\n    package google.profile;\n    message Person {\n      string first_name = 1;\n      string last_name = 2;\n    }\n\n    {\n      \"@type\": \"type.googleapis.com/google.profile.Person\",\n      \"firstName\": \u003cstring\u003e,\n      \"lastName\": \u003cstring\u003e\n    }\n\nIf the embedded message type is well-known and has a custom JSON\nrepresentation, that representation will be embedded adding a field\n`value` which holds the custom JSON in addition to the `@type`\nfield. Example (for message [google.protobuf.Duration][]):\n\n    {\n      \"@type\": \"type.googleapis.com/google.protobuf.Duration\",\n      \"value\": \"1.212s\"\n    }"
+    },
+    "Argument": {
+      "type": "object",
+      "properties": {
+        "computedAttribute": {
+          "$ref": "#/definitions/ComputedAttribute"
+        }
+      },
+      "description": "Argument defines the type of argument in a Call. It can be either a ComputedAttribute or a ContextAttribute."
+    },
+    "Attribute": {
+      "type": "object",
+      "properties": {
+        "entity": {
+          "$ref": "#/definitions/Entity"
+        },
+        "attribute": {
+          "type": "string",
+          "title": "Name of the attribute"
+        },
+        "value": {
+          "$ref": "#/definitions/Any"
+        }
+      },
+      "description": "Attribute represents an attribute of an entity with a specific type and value."
+    },
+    "AttributeDefinition": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The name of the attribute, which follows a specific string pattern and has a maximum byte size."
+        },
+        "type": {
+          "$ref": "#/definitions/AttributeType",
+          "description": "The type of the attribute."
+        }
+      },
+      "description": "The AttributeDefinition message provides detailed information about a specific attribute."
+    },
+    "AttributeFilter": {
+      "type": "object",
+      "properties": {
+        "entity": {
+          "$ref": "#/definitions/EntityFilter"
+        },
+        "attributes": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "title": "Names of the attributes to be filtered"
+        }
+      },
+      "description": "AttributeFilter is used to filter attributes based on the entity and attribute names."
+    },
+    "AttributeReadRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)"
+        }
+      },
+      "description": "AttributeReadRequestMetadata defines the structure for the metadata of an attribute read request.\nIt includes the snap_token associated with a particular state of the database."
+    },
+    "AttributeReadResponse": {
+      "type": "object",
+      "properties": {
+        "attributes": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Attribute"
+          },
+          "description": "attributes is a list of the attributes retrieved in the read operation."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is used in the case of paginated reads to retrieve the next page of results."
+        }
+      },
+      "description": "AttributeReadResponse defines the structure of the response to an attribute read request.\nIt includes the attributes retrieved and a continuous token for handling result pagination."
+    },
+    "AttributeType": {
+      "type": "string",
+      "enum": [
+        "ATTRIBUTE_TYPE_BOOLEAN",
+        "ATTRIBUTE_TYPE_BOOLEAN_ARRAY",
+        "ATTRIBUTE_TYPE_STRING",
+        "ATTRIBUTE_TYPE_STRING_ARRAY",
+        "ATTRIBUTE_TYPE_INTEGER",
+        "ATTRIBUTE_TYPE_INTEGER_ARRAY",
+        "ATTRIBUTE_TYPE_DOUBLE",
+        "ATTRIBUTE_TYPE_DOUBLE_ARRAY"
+      ],
+      "description": "Enumerates the types of attribute.\n\n - ATTRIBUTE_TYPE_BOOLEAN: A boolean attribute type.\n - ATTRIBUTE_TYPE_BOOLEAN_ARRAY: A boolean array attribute type.\n - ATTRIBUTE_TYPE_STRING: A string attribute type.\n - ATTRIBUTE_TYPE_STRING_ARRAY: A string array attribute type.\n - ATTRIBUTE_TYPE_INTEGER: An integer attribute type.\n - ATTRIBUTE_TYPE_INTEGER_ARRAY: An integer array attribute type.\n - ATTRIBUTE_TYPE_DOUBLE: A double attribute type.\n - ATTRIBUTE_TYPE_DOUBLE_ARRAY: A double array attribute type."
+    },
+    "BulkCheckBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/PermissionCheckRequestMetadata",
+          "description": "Metadata associated with this request, required."
+        },
+        "items": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/PermissionBulkCheckRequestItem"
+          },
+          "description": "List of permission check requests, maximum 100 items."
+        },
+        "context": {
+          "$ref": "#/definitions/Context",
+          "description": "Contextual data that can be dynamically added to permission check requests. See details on [Contextual Data](../../operations/contextual-tuples)"
+        },
+        "arguments": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Argument"
+          },
+          "description": "Additional arguments associated with this request."
+        }
+      },
+      "description": "PermissionBulkCheckRequest is the request message for the BulkCheck method in the Permission service."
+    },
+    "Bundle.DeleteBody": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "Name of the bundle to be deleted."
+        }
+      },
+      "description": "BundleDeleteRequest is used to request the deletion of a bundle.\nIt contains the tenant_id to specify the tenant and the name of the bundle to be deleted."
+    },
+    "Bundle.ReadBody": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string"
+        }
+      }
+    },
+    "Bundle.WriteBody": {
+      "type": "object",
+      "properties": {
+        "bundles": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/DataBundle"
+          },
+          "description": "Contains the bundle data to be written."
+        }
+      },
+      "description": "BundleWriteRequest is used to request the writing of a bundle.\nIt contains the tenant_id to identify the tenant and the Bundles object."
+    },
+    "BundleDeleteResponse": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string"
+        }
+      }
+    },
+    "BundleReadResponse": {
+      "type": "object",
+      "properties": {
+        "bundle": {
+          "$ref": "#/definitions/DataBundle"
+        }
+      }
+    },
+    "BundleRunResponse": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)"
+        }
+      },
+      "description": "BundleRunResponse is the response for a BundleRunRequest.\nIt includes a snap_token, which may be used for tracking the execution or its results."
+    },
+    "BundleWriteResponse": {
+      "type": "object",
+      "properties": {
+        "names": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "Identifier or acknowledgment of the written bundle."
+        }
+      },
+      "description": "BundleWriteResponse is the response for a BundleWriteRequest.\nIt includes a name which could be used as an identifier or acknowledgment."
+    },
+    "CheckBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/PermissionCheckRequestMetadata",
+          "description": "Metadata associated with this request, required."
+        },
+        "entity": {
+          "$ref": "#/definitions/Entity",
+          "example": "repository:1",
+          "description": "Entity on which the permission needs to be checked, required."
+        },
+        "permission": {
+          "type": "string",
+          "description": "The action the user wants to perform on the resource"
+        },
+        "subject": {
+          "$ref": "#/definitions/Subject",
+          "description": "Subject for which the permission needs to be checked, required."
+        },
+        "context": {
+          "$ref": "#/definitions/Context",
+          "description": "Contextual data that can be dynamically added to permission check requests. See details on [Contextual Data](../../operations/contextual-tuples)"
+        },
+        "arguments": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Argument"
+          },
+          "description": "Additional arguments associated with this request."
+        }
+      },
+      "description": "PermissionCheckRequest is the request message for the Check method in the Permission service."
+    },
+    "CheckResult": {
+      "type": "string",
+      "enum": [
+        "CHECK_RESULT_ALLOWED",
+        "CHECK_RESULT_DENIED"
+      ],
+      "description": "Enumerates results of a check operation.\n\n - CHECK_RESULT_ALLOWED: Represents a successful check (the check allowed the operation).\n - CHECK_RESULT_DENIED: Represents a failed check (the check denied the operation)."
+    },
+    "CheckedExpr": {
+      "type": "object",
+      "properties": {
+        "referenceMap": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/v1alpha1.Reference"
+          },
+          "description": "A map from expression ids to resolved references.\n\nThe following entries are in this table:\n\n- An Ident or Select expression is represented here if it resolves to a\n  declaration. For instance, if `a.b.c` is represented by\n  `select(select(id(a), b), c)`, and `a.b` resolves to a declaration,\n  while `c` is a field selection, then the reference is attached to the\n  nested select expression (but not to the id or or the outer select).\n  In turn, if `a` resolves to a declaration and `b.c` are field selections,\n  the reference is attached to the ident expression.\n- Every Call expression has an entry here, identifying the function being\n  called.\n- Every CreateStruct expression for a message has an entry, identifying\n  the message."
+        },
+        "typeMap": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/v1alpha1.Type"
+          },
+          "description": "A map from expression ids to types.\n\nEvery expression node which has a type different than DYN has a mapping\nhere. If an expression has type DYN, it is omitted from this map to save\nspace."
+        },
+        "sourceInfo": {
+          "$ref": "#/definitions/SourceInfo",
+          "description": "The source info derived from input that generated the parsed `expr` and\nany optimizations made during the type-checking pass."
+        },
+        "exprVersion": {
+          "type": "string",
+          "description": "The expr version indicates the major / minor version number of the `expr`\nrepresentation.\n\nThe most common reason for a version change will be to indicate to the CEL\nruntimes that transformations have been performed on the expr during static\nanalysis. In some cases, this will save the runtime the work of applying\nthe same or similar transformations prior to evaluation."
+        },
+        "expr": {
+          "$ref": "#/definitions/Expr",
+          "description": "The checked expression. Semantically equivalent to the parsed `expr`, but\nmay have structural differences."
+        }
+      },
+      "description": "A CEL expression which has been successfully type checked."
+    },
+    "Child": {
+      "type": "object",
+      "properties": {
+        "leaf": {
+          "$ref": "#/definitions/Leaf",
+          "description": "Leaf node in the permission tree."
+        },
+        "rewrite": {
+          "$ref": "#/definitions/Rewrite",
+          "description": "Rewrite operation in the permission tree."
+        }
+      },
+      "description": "Child represents a node in the permission tree."
+    },
+    "Component": {
+      "type": "string",
+      "enum": [
+        "COMPONENT_PARSER",
+        "COMPONENT_TYPE_CHECKER",
+        "COMPONENT_RUNTIME"
+      ],
+      "description": "CEL component specifier.\n\n - COMPONENT_PARSER: Parser. Converts a CEL string to an AST.\n - COMPONENT_TYPE_CHECKER: Type checker. Checks that references in an AST are defined and types\nagree.\n - COMPONENT_RUNTIME: Runtime. Evaluates a parsed and optionally checked CEL AST against a\ncontext."
+    },
+    "Comprehension": {
+      "type": "object",
+      "properties": {
+        "iterVar": {
+          "type": "string",
+          "description": "The name of the first iteration variable.\nWhen the iter_range is a list, this variable is the list element.\nWhen the iter_range is a map, this variable is the map entry key."
+        },
+        "iterVar2": {
+          "type": "string",
+          "description": "The name of the second iteration variable, empty if not set.\nWhen the iter_range is a list, this variable is the integer index.\nWhen the iter_range is a map, this variable is the map entry value.\nThis field is only set for comprehension v2 macros."
+        },
+        "iterRange": {
+          "$ref": "#/definitions/Expr",
+          "description": "The range over which the comprehension iterates."
+        },
+        "accuVar": {
+          "type": "string",
+          "description": "The name of the variable used for accumulation of the result."
+        },
+        "accuInit": {
+          "$ref": "#/definitions/Expr",
+          "description": "The initial value of the accumulator."
+        },
+        "loopCondition": {
+          "$ref": "#/definitions/Expr",
+          "description": "An expression which can contain iter_var, iter_var2, and accu_var.\n\nReturns false when the result has been computed and may be used as\na hint to short-circuit the remainder of the comprehension."
+        },
+        "loopStep": {
+          "$ref": "#/definitions/Expr",
+          "description": "An expression which can contain iter_var, iter_var2, and accu_var.\n\nComputes the next value of accu_var."
+        },
+        "result": {
+          "$ref": "#/definitions/Expr",
+          "description": "An expression which can contain accu_var.\n\nComputes the result."
+        }
+      },
+      "description": "A comprehension expression applied to a list or map.\n\nComprehensions are not part of the core syntax, but enabled with macros.\nA macro matches a specific call signature within a parsed AST and replaces\nthe call with an alternate AST block. Macro expansion happens at parse\ntime.\n\nThe following macros are supported within CEL:\n\nAggregate type macros may be applied to all elements in a list or all keys\nin a map:\n\n*  `all`, `exists`, `exists_one` -  test a predicate expression against\n   the inputs and return `true` if the predicate is satisfied for all,\n   any, or only one value `list.all(x, x \u003c 10)`.\n*  `filter` - test a predicate expression against the inputs and return\n   the subset of elements which satisfy the predicate:\n   `payments.filter(p, p \u003e 1000)`.\n*  `map` - apply an expression to all elements in the input and return the\n   output aggregate type: `[1, 2, 3].map(i, i * i)`.\n\nThe `has(m.x)` macro tests whether the property `x` is present in struct\n`m`. The semantics of this macro depend on the type of `m`. For proto2\nmessages `has(m.x)` is defined as 'defined, but not set`. For proto3, the\nmacro tests whether the property is set to its default. For map and struct\ntypes, the macro tests whether the property `x` is defined on `m`.\n\nComprehensions for the standard environment macros evaluation can be best\nvisualized as the following pseudocode:\n\n```\nlet `accu_var` = `accu_init`\nfor (let `iter_var` in `iter_range`) {\n  if (!`loop_condition`) {\n    break\n  }\n  `accu_var` = `loop_step`\n}\nreturn `result`\n```\n\nComprehensions for the optional V2 macros which support map-to-map\ntranslation differ slightly from the standard environment macros in that\nthey expose both the key or index in addition to the value for each list\nor map entry:\n\n```\nlet `accu_var` = `accu_init`\nfor (let `iter_var`, `iter_var2` in `iter_range`) {\n  if (!`loop_condition`) {\n    break\n  }\n  `accu_var` = `loop_step`\n}\nreturn `result`\n```"
+    },
+    "ComputedAttribute": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "title": "Name of the computed attribute"
+        }
+      },
+      "description": "ComputedAttribute defines a computed attribute which includes its name."
+    },
+    "ComputedUserSet": {
+      "type": "object",
+      "properties": {
+        "relation": {
+          "type": "string",
+          "title": "Relation name"
+        }
+      },
+      "description": "ComputedUserSet defines a set of computed users which includes the relation name."
+    },
+    "Constant": {
+      "type": "object",
+      "properties": {
+        "nullValue": {
+          "type": "string",
+          "description": "null value."
+        },
+        "boolValue": {
+          "type": "boolean",
+          "description": "boolean value."
+        },
+        "int64Value": {
+          "type": "string",
+          "format": "int64",
+          "description": "int64 value."
+        },
+        "uint64Value": {
+          "type": "string",
+          "format": "uint64",
+          "description": "uint64 value."
+        },
+        "doubleValue": {
+          "type": "number",
+          "format": "double",
+          "description": "double value."
+        },
+        "stringValue": {
+          "type": "string",
+          "description": "string value."
+        },
+        "bytesValue": {
+          "type": "string",
+          "format": "byte",
+          "description": "bytes value."
+        },
+        "durationValue": {
+          "type": "string",
+          "description": "protobuf.Duration value.\n\nDeprecated: duration is no longer considered a builtin cel type."
+        },
+        "timestampValue": {
+          "type": "string",
+          "format": "date-time",
+          "description": "protobuf.Timestamp value.\n\nDeprecated: timestamp is no longer considered a builtin cel type."
+        }
+      },
+      "description": "Represents a primitive literal.\n\nNamed 'Constant' here for backwards compatibility.\n\nThis is similar as the primitives supported in the well-known type\n`google.protobuf.Value`, but richer so it can represent CEL's full range of\nprimitives.\n\nLists and structs are not included as constants as these aggregate types may\ncontain [Expr][google.api.expr.v1alpha1.Expr] elements which require\nevaluation and are thus not constant.\n\nExamples of literals include: `\"hello\"`, `b'bytes'`, `1u`, `4.2`, `-2`,\n`true`, `null`."
+    },
+    "Context": {
+      "type": "object",
+      "properties": {
+        "tuples": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Tuple"
+          },
+          "description": "A repeated field of tuples involved in the operation."
+        },
+        "attributes": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Attribute"
+          },
+          "description": "A repeated field of attributes associated with the operation."
+        },
+        "data": {
+          "type": "object",
+          "description": "Additional data associated with the context."
+        }
+      },
+      "description": "Context encapsulates the information related to a single operation,\nincluding the tuples involved and the associated attributes."
+    },
+    "CreateList": {
+      "type": "object",
+      "properties": {
+        "elements": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Expr"
+          },
+          "description": "The elements part of the list."
+        },
+        "optionalIndices": {
+          "type": "array",
+          "items": {
+            "type": "integer",
+            "format": "int32"
+          },
+          "description": "The indices within the elements list which are marked as optional\nelements.\n\nWhen an optional-typed value is present, the value it contains\nis included in the list. If the optional-typed value is absent, the list\nelement is omitted from the CreateList result."
+        }
+      },
+      "description": "A list creation expression.\n\nLists may either be homogenous, e.g. `[1, 2, 3]`, or heterogeneous, e.g.\n`dyn([1, 'hello', 2.0])`"
+    },
+    "CreateStruct": {
+      "type": "object",
+      "properties": {
+        "messageName": {
+          "type": "string",
+          "description": "The type name of the message to be created, empty when creating map\nliterals."
+        },
+        "entries": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Entry"
+          },
+          "description": "The entries in the creation expression."
+        }
+      },
+      "description": "A map or message creation expression.\n\nMaps are constructed as `{'key_name': 'value'}`. Message construction is\nsimilar, but prefixed with a type name and composed of field ids:\n`types.MyType{field_id: 'value'}`."
+    },
+    "Data.DeleteBody": {
+      "type": "object",
+      "properties": {
+        "tuple_filter": {
+          "$ref": "#/definitions/TupleFilter",
+          "description": "tuple_filter specifies the criteria used to select the tuples that should be deleted."
+        },
+        "attribute_filter": {
+          "$ref": "#/definitions/AttributeFilter",
+          "description": "attribute_filter specifies the criteria used to select the attributes that should be deleted."
+        }
+      },
+      "description": "DataDeleteRequest defines the structure of a request to delete data.\nIt includes the tenant_id and filters for selecting tuples and attributes to be deleted."
+    },
+    "Data.WriteBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/DataWriteRequestMetadata",
+          "description": "metadata holds additional data related to the request."
+        },
+        "tuples": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Tuple"
+          },
+          "description": "tuples contains the list of tuples (entity-relation-entity triples) that need to be written."
+        },
+        "attributes": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Attribute"
+          },
+          "description": "attributes contains the list of attributes (entity-attribute-value triples) that need to be written."
+        }
+      },
+      "description": "DataWriteRequest defines the structure of a request for writing data.\nIt contains the necessary information such as tenant_id, metadata,\ntuples and attributes for the write operation."
+    },
+    "DataBundle": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "'name' is a simple string field representing the name of the DataBundle."
+        },
+        "arguments": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "'arguments' is a repeated field, which means it can contain multiple strings.\nThese are used to store a list of arguments related to the DataBundle."
+        },
+        "operations": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/v1.Operation"
+          },
+          "description": "'operations' is a repeated field containing multiple Operation messages.\nEach Operation represents a specific action or set of actions to be performed."
+        }
+      },
+      "description": "DataBundle is a message representing a bundle of data, which includes a name,\na list of arguments, and a series of operations."
+    },
+    "DataChange": {
+      "type": "object",
+      "properties": {
+        "operation": {
+          "$ref": "#/definitions/DataChange.Operation",
+          "description": "The operation type."
+        },
+        "tuple": {
+          "$ref": "#/definitions/Tuple",
+          "description": "If the change is a tuple."
+        },
+        "attribute": {
+          "$ref": "#/definitions/Attribute",
+          "description": "If the change is an attribute."
+        }
+      },
+      "description": "DataChange represents a single change in data, with an operation type and the actual change which could be a tuple or an attribute."
+    },
+    "DataChange.Operation": {
+      "type": "string",
+      "enum": [
+        "OPERATION_CREATE",
+        "OPERATION_DELETE"
+      ],
+      "description": " - OPERATION_CREATE: Creation operation.\n - OPERATION_DELETE: Deletion operation."
+    },
+    "DataChanges": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snapshot token."
+        },
+        "data_changes": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/DataChange"
+          },
+          "description": "The list of data changes."
+        }
+      },
+      "description": "DataChanges represent changes in data with a snap token and a list of data change objects."
+    },
+    "DataDeleteResponse": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)"
+        }
+      },
+      "description": "DataDeleteResponse defines the structure of the response to a data delete request.\nIt includes a snap_token representing the state of the database after the deletion."
+    },
+    "DataWriteRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "schema_version represents the version of the schema for the data being written."
+        }
+      },
+      "description": "DataWriteRequestMetadata defines the structure of metadata for a write request.\nIt includes the schema version of the data to be written."
+    },
+    "DataWriteResponse": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)."
+        }
+      },
+      "description": "DataWriteResponse defines the structure of the response after writing data.\nIt contains the snap_token generated after the write operation."
+    },
+    "DeleteRelationshipsBody": {
+      "type": "object",
+      "properties": {
+        "filter": {
+          "$ref": "#/definitions/TupleFilter"
+        }
+      },
+      "title": "RelationshipDeleteRequest"
+    },
+    "Entity": {
+      "type": "object",
+      "properties": {
+        "type": {
+          "type": "string"
+        },
+        "id": {
+          "type": "string"
+        }
+      },
+      "description": "Entity represents an entity with a type and an identifier."
+    },
+    "EntityDefinition": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The name of the entity, which follows a specific string pattern and has a maximum byte size."
+        },
+        "relations": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/RelationDefinition"
+          },
+          "description": "Map of relation definitions within this entity. The key is the relation name, and the value is the RelationDefinition."
+        },
+        "permissions": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/PermissionDefinition"
+          },
+          "description": "Map of permission definitions within this entity. The key is the permission name, and the value is the PermissionDefinition."
+        },
+        "attributes": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/AttributeDefinition"
+          },
+          "description": "Map of attribute definitions within this entity. The key is the attribute name, and the value is the AttributeDefinition."
+        },
+        "references": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/EntityDefinition.Reference"
+          },
+          "description": "Map of references indicating whether a string pertains to a relation, permission, or attribute."
+        }
+      },
+      "description": "The EntityDefinition message provides detailed information about a specific entity."
+    },
+    "EntityDefinition.Reference": {
+      "type": "string",
+      "enum": [
+        "REFERENCE_RELATION",
+        "REFERENCE_PERMISSION",
+        "REFERENCE_ATTRIBUTE"
+      ],
+      "description": "The Reference enum specifies whether a name pertains to a relation, permission, or attribute.\n\n - REFERENCE_RELATION: Indicates that the name refers to a relation.\n - REFERENCE_PERMISSION: Indicates that the name refers to a permission.\n - REFERENCE_ATTRIBUTE: Indicates that the name refers to an attribute."
+    },
+    "EntityFilter": {
+      "type": "object",
+      "properties": {
+        "type": {
+          "type": "string",
+          "title": "Type of the entity"
+        },
+        "ids": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "title": "List of entity IDs"
+        }
+      },
+      "description": "EntityFilter is used to filter entities based on the type and ids."
+    },
+    "Entry": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string",
+          "format": "int64",
+          "description": "Required. An id assigned to this node by the parser which is unique\nin a given expression tree. This is used to associate type\ninformation and other attributes to the node."
+        },
+        "fieldKey": {
+          "type": "string",
+          "description": "The field key for a message creator statement."
+        },
+        "mapKey": {
+          "$ref": "#/definitions/Expr",
+          "description": "The key expression for a map creation statement."
+        },
+        "value": {
+          "$ref": "#/definitions/Expr",
+          "description": "Required. The value assigned to the key.\n\nIf the optional_entry field is true, the expression must resolve to an\noptional-typed value. If the optional value is present, the key will be\nset; however, if the optional value is absent, the key will be unset."
+        },
+        "optionalEntry": {
+          "type": "boolean",
+          "description": "Whether the key-value pair is optional."
+        }
+      },
+      "description": "Represents an entry."
+    },
+    "ExpandLeaf": {
+      "type": "object",
+      "properties": {
+        "subjects": {
+          "$ref": "#/definitions/Subjects",
+          "description": "subjects are used when the leaf is a set of subjects."
+        },
+        "values": {
+          "$ref": "#/definitions/Values",
+          "description": "values are used when the leaf node is a set of values."
+        },
+        "value": {
+          "$ref": "#/definitions/Any",
+          "description": "value is used when the leaf node is a single value."
+        }
+      },
+      "description": "ExpandLeaf is the leaf node of an Expand tree and can be either a set of Subjects or a set of Values."
+    },
+    "ExpandTreeNode": {
+      "type": "object",
+      "properties": {
+        "operation": {
+          "$ref": "#/definitions/ExpandTreeNode.Operation",
+          "title": "Operation to be applied on this tree node"
+        },
+        "children": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/v1.Expand"
+          },
+          "title": "The children of this tree node"
+        }
+      },
+      "description": "ExpandTreeNode represents a node in an expansion tree with a specific operation and its children."
+    },
+    "ExpandTreeNode.Operation": {
+      "type": "string",
+      "enum": [
+        "OPERATION_UNION",
+        "OPERATION_INTERSECTION",
+        "OPERATION_EXCLUSION"
+      ],
+      "description": "Operation is an enum representing the type of operation to be applied on the tree node."
+    },
+    "Expr": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string",
+          "format": "int64",
+          "description": "Required. An id assigned to this node by the parser which is unique in a\ngiven expression tree. This is used to associate type information and other\nattributes to a node in the parse tree."
+        },
+        "constExpr": {
+          "$ref": "#/definitions/Constant",
+          "description": "A literal expression."
+        },
+        "identExpr": {
+          "$ref": "#/definitions/Ident",
+          "description": "An identifier expression."
+        },
+        "selectExpr": {
+          "$ref": "#/definitions/Select",
+          "description": "A field selection expression, e.g. `request.auth`."
+        },
+        "callExpr": {
+          "$ref": "#/definitions/Expr.Call",
+          "description": "A call expression, including calls to predefined functions and operators."
+        },
+        "listExpr": {
+          "$ref": "#/definitions/CreateList",
+          "description": "A list creation expression."
+        },
+        "structExpr": {
+          "$ref": "#/definitions/CreateStruct",
+          "description": "A map or message creation expression."
+        },
+        "comprehensionExpr": {
+          "$ref": "#/definitions/Comprehension",
+          "description": "A comprehension expression."
+        }
+      },
+      "description": "An abstract representation of a common expression.\n\nExpressions are abstractly represented as a collection of identifiers,\nselect statements, function calls, literals, and comprehensions. All\noperators with the exception of the '.' operator are modelled as function\ncalls. This makes it easy to represent new operators into the existing AST.\n\nAll references within expressions must resolve to a\n[Decl][google.api.expr.v1alpha1.Decl] provided at type-check for an\nexpression to be valid. A reference may either be a bare identifier `name` or\na qualified identifier `google.api.name`. References may either refer to a\nvalue or a function declaration.\n\nFor example, the expression `google.api.name.startsWith('expr')` references\nthe declaration `google.api.name` within a\n[Expr.Select][google.api.expr.v1alpha1.Expr.Select] expression, and the\nfunction declaration `startsWith`."
+    },
+    "Expr.Call": {
+      "type": "object",
+      "properties": {
+        "target": {
+          "$ref": "#/definitions/Expr",
+          "description": "The target of an method call-style expression. For example, `x` in\n`x.f()`."
+        },
+        "function": {
+          "type": "string",
+          "description": "Required. The name of the function or method being called."
+        },
+        "args": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Expr"
+          },
+          "description": "The arguments."
+        }
+      },
+      "description": "A call expression, including calls to predefined functions and operators.\n\nFor example, `value == 10`, `size(map_value)`."
+    },
+    "Extension": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string",
+          "title": "Identifier for the extension. Example: constant_folding"
+        },
+        "affectedComponents": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Component"
+          },
+          "description": "If set, the listed components must understand the extension for the\nexpression to evaluate correctly.\n\nThis field has set semantics, repeated values should be deduplicated."
+        },
+        "version": {
+          "$ref": "#/definitions/Version",
+          "description": "Version info. May be skipped if it isn't meaningful for the extension.\n(for example constant_folding might always be v0.0)."
+        }
+      },
+      "description": "An extension that was requested for the source expression."
+    },
+    "FunctionType": {
+      "type": "object",
+      "properties": {
+        "resultType": {
+          "$ref": "#/definitions/v1alpha1.Type",
+          "description": "Result type of the function."
+        },
+        "argTypes": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/v1alpha1.Type"
+          },
+          "description": "Argument types of the function."
+        }
+      },
+      "description": "Function type with result and arg types."
+    },
+    "Ident": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "Required. Holds a single, unqualified identifier, possibly preceded by a\n'.'.\n\nQualified names are represented by the\n[Expr.Select][google.api.expr.v1alpha1.Expr.Select] expression."
+        }
+      },
+      "description": "An identifier expression. e.g. `request`."
+    },
+    "Leaf": {
+      "type": "object",
+      "properties": {
+        "computedUserSet": {
+          "$ref": "#/definitions/ComputedUserSet",
+          "description": "A computed set of users."
+        },
+        "tupleToUserSet": {
+          "$ref": "#/definitions/TupleToUserSet",
+          "description": "A tuple to user set conversion."
+        },
+        "computedAttribute": {
+          "$ref": "#/definitions/ComputedAttribute",
+          "description": "A computed attribute."
+        },
+        "call": {
+          "$ref": "#/definitions/v1.Call",
+          "description": "A call to a function or method."
+        }
+      },
+      "description": "Leaf represents a leaf node in the permission tree."
+    },
+    "ListType": {
+      "type": "object",
+      "properties": {
+        "elemType": {
+          "$ref": "#/definitions/v1alpha1.Type",
+          "description": "The element type."
+        }
+      },
+      "description": "List type with typed elements, e.g. `list\u003cexample.proto.MyMessage\u003e`."
+    },
+    "LookupEntityBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/PermissionLookupEntityRequestMetadata",
+          "description": "Metadata associated with this request, required."
+        },
+        "entity_type": {
+          "type": "string",
+          "description": "Type of the entity to lookup, required, must start with a letter and can include alphanumeric and underscore, max 64 bytes."
+        },
+        "permission": {
+          "type": "string",
+          "description": "Name of the permission to check, required, must start with a letter and can include alphanumeric and underscore, max 64 bytes."
+        },
+        "subject": {
+          "$ref": "#/definitions/Subject",
+          "description": "Subject for which to check the permission, required."
+        },
+        "context": {
+          "$ref": "#/definitions/Context",
+          "description": "Context associated with this request."
+        },
+        "scope": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/StringArrayValue"
+          },
+          "description": "Scope: A map that associates entity types with lists of identifiers. Each entry\nhelps filter requests by specifying which entities are relevant to the operation."
+        },
+        "page_size": {
+          "type": "integer",
+          "format": "int64",
+          "description": "page_size is the number of entities to be returned in the response.\nThe value should be between 1 and 100."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is an optional parameter used for pagination.\nIt should be the value received in the previous response."
+        }
+      },
+      "description": "PermissionLookupEntityRequest is the request message for the LookupEntity method in the Permission service."
+    },
+    "LookupEntityStreamBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/PermissionLookupEntityRequestMetadata",
+          "description": "Metadata associated with this request, required."
+        },
+        "entity_type": {
+          "type": "string",
+          "description": "Type of the entity to lookup, required, must start with a letter and can include alphanumeric and underscore, max 64 bytes."
+        },
+        "permission": {
+          "type": "string",
+          "description": "Name of the permission to check, required, must start with a letter and can include alphanumeric and underscore, max 64 bytes."
+        },
+        "subject": {
+          "$ref": "#/definitions/Subject",
+          "description": "Subject for which to check the permission, required."
+        },
+        "context": {
+          "$ref": "#/definitions/Context",
+          "description": "Context associated with this request."
+        },
+        "scope": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/StringArrayValue"
+          },
+          "description": "Scope: A map that associates entity types with lists of identifiers. Each entry\nhelps filter requests by specifying which entities are relevant to the operation."
+        },
+        "page_size": {
+          "type": "integer",
+          "format": "int64",
+          "description": "page_size is the number of entities to be returned in the response.\nThe value should be between 1 and 100."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is an optional parameter used for pagination.\nIt should be the value received in the previous response."
+        }
+      },
+      "description": "PermissionLookupEntityRequest is the request message for the LookupEntity method in the Permission service."
+    },
+    "LookupSubjectBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/PermissionLookupSubjectRequestMetadata",
+          "description": "Metadata associated with this request, required."
+        },
+        "entity": {
+          "$ref": "#/definitions/Entity",
+          "description": "Entity for which to check the permission, required."
+        },
+        "permission": {
+          "type": "string",
+          "description": "Permission to be checked, can be a permission or relation. Required, and must match the pattern \"^([a-zA-Z][a-zA-Z0-9_]{1,62}[a-zA-Z0-9])$\", max 64 bytes."
+        },
+        "subject_reference": {
+          "$ref": "#/definitions/RelationReference",
+          "description": "Reference to the subject to lookup."
+        },
+        "context": {
+          "$ref": "#/definitions/Context",
+          "description": "Context associated with this request."
+        },
+        "arguments": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Argument"
+          },
+          "description": "Additional arguments associated with this request."
+        },
+        "page_size": {
+          "type": "integer",
+          "format": "int64",
+          "description": "page_size is the number of subjects to be returned in the response.\nThe value should be between 1 and 100."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is an optional parameter used for pagination.\nIt should be the value received in the previous response."
+        }
+      },
+      "description": "PermissionLookupSubjectRequest is the request message for the LookupSubject method in the Permission service."
+    },
+    "MapType": {
+      "type": "object",
+      "properties": {
+        "keyType": {
+          "$ref": "#/definitions/v1alpha1.Type",
+          "description": "The type of the key."
+        },
+        "valueType": {
+          "$ref": "#/definitions/v1alpha1.Type",
+          "description": "The type of the value."
+        }
+      },
+      "description": "Map type with parameterized key and value types, e.g. `map\u003cstring, int\u003e`."
+    },
+    "NullValue": {
+      "type": "string",
+      "description": "`NullValue` is a singleton enumeration to represent the null value for the\n`Value` type union.\n\nThe JSON representation for `NullValue` is JSON `null`."
+    },
+    "PartialWriteBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/SchemaPartialWriteRequestMetadata",
+          "description": "metadata is the additional information needed for the Partial Write request."
+        },
+        "partials": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/Partials"
+          },
+          "title": "Map of entity name with the values needed to be updated"
+        }
+      },
+      "title": "It contains the tenant_id to identify the tenant and metadata of the schema to be edited,\nwith the corresponding edits to various entities"
+    },
+    "Partials": {
+      "type": "object",
+      "properties": {
+        "write": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "delete": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "update": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      },
+      "title": "Partials contains the write, update and delete definitions"
+    },
+    "Permission.ExpandBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/PermissionExpandRequestMetadata",
+          "description": "Metadata associated with this request, required."
+        },
+        "entity": {
+          "$ref": "#/definitions/Entity",
+          "description": "Entity on which the permission needs to be expanded, required."
+        },
+        "permission": {
+          "type": "string",
+          "description": "Name of the permission to be expanded, not required, must start with a letter and can include alphanumeric and underscore, max 64 bytes."
+        },
+        "context": {
+          "$ref": "#/definitions/Context",
+          "description": "Context associated with this request."
+        },
+        "arguments": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Argument"
+          },
+          "description": "Additional arguments associated with this request."
+        }
+      },
+      "description": "PermissionExpandRequest is the request message for the Expand method in the Permission service."
+    },
+    "PermissionBulkCheckRequestItem": {
+      "type": "object",
+      "properties": {
+        "entity": {
+          "$ref": "#/definitions/Entity",
+          "example": "repository:1",
+          "description": "Entity on which the permission needs to be checked, required."
+        },
+        "permission": {
+          "type": "string",
+          "description": "The action the user wants to perform on the resource"
+        },
+        "subject": {
+          "$ref": "#/definitions/Subject",
+          "description": "Subject for which the permission needs to be checked, required."
+        }
+      },
+      "title": "BULK CHECK"
+    },
+    "PermissionBulkCheckResponse": {
+      "type": "object",
+      "properties": {
+        "results": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/PermissionCheckResponse"
+          },
+          "description": "List of permission check responses corresponding to each request."
+        }
+      },
+      "description": "PermissionBulkCheckResponse is the response message for the BulkCheck method in the Permission service."
+    },
+    "PermissionCheckRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "Version of the schema."
+        },
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)"
+        },
+        "depth": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Query limit when if recursive database queries got in loop"
+        }
+      },
+      "description": "PermissionCheckRequestMetadata metadata for the PermissionCheckRequest."
+    },
+    "PermissionCheckResponse": {
+      "type": "object",
+      "properties": {
+        "can": {
+          "$ref": "#/definitions/CheckResult",
+          "description": "Result of the permission check."
+        },
+        "metadata": {
+          "$ref": "#/definitions/PermissionCheckResponseMetadata",
+          "description": "Metadata associated with this response."
+        }
+      },
+      "description": "PermissionCheckResponse is the response message for the Check method in the Permission service."
+    },
+    "PermissionCheckResponseMetadata": {
+      "type": "object",
+      "properties": {
+        "check_count": {
+          "type": "integer",
+          "format": "int32",
+          "description": "The count of the checks performed."
+        }
+      },
+      "description": "PermissionCheckResponseMetadata metadata for the PermissionCheckResponse."
+    },
+    "PermissionDefinition": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The name of the permission, which follows a specific string pattern and has a maximum byte size."
+        },
+        "child": {
+          "$ref": "#/definitions/Child",
+          "description": "The child related to this permission."
+        }
+      },
+      "description": "The PermissionDefinition message provides detailed information about a specific permission."
+    },
+    "PermissionExpandRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "Version of the schema."
+        },
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)."
+        }
+      },
+      "description": "PermissionExpandRequestMetadata metadata for the PermissionExpandRequest."
+    },
+    "PermissionExpandResponse": {
+      "type": "object",
+      "properties": {
+        "tree": {
+          "$ref": "#/definitions/v1.Expand",
+          "description": "Expansion tree."
+        }
+      },
+      "description": "PermissionExpandResponse is the response message for the Expand method in the Permission service."
+    },
+    "PermissionLookupEntityRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "Version of the schema."
+        },
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)."
+        },
+        "depth": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Query limit when if recursive database queries got in loop."
+        }
+      },
+      "description": "PermissionLookupEntityRequestMetadata metadata for the PermissionLookupEntityRequest."
+    },
+    "PermissionLookupEntityResponse": {
+      "type": "object",
+      "properties": {
+        "entity_ids": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "List of identifiers for entities that match the lookup."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is a string that can be used to paginate and retrieve the next set of results."
+        }
+      },
+      "description": "PermissionLookupEntityResponse is the response message for the LookupEntity method in the Permission service."
+    },
+    "PermissionLookupEntityStreamResponse": {
+      "type": "object",
+      "properties": {
+        "entity_id": {
+          "type": "string",
+          "description": "Identifier for an entity that matches the lookup."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is a string that can be used to paginate and retrieve the next set of results."
+        }
+      },
+      "description": "PermissionLookupEntityStreamResponse is the response message for the LookupEntityStream method in the Permission service."
+    },
+    "PermissionLookupSubjectRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "Version of the schema."
+        },
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)."
+        },
+        "depth": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Query limit when if recursive database queries got in loop."
+        }
+      },
+      "description": "PermissionLookupSubjectRequestMetadata metadata for the PermissionLookupSubjectRequest."
+    },
+    "PermissionLookupSubjectResponse": {
+      "type": "object",
+      "properties": {
+        "subject_ids": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "List of identifiers for subjects that match the lookup."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is a string that can be used to paginate and retrieve the next set of results."
+        }
+      },
+      "description": "PermissionLookupSubjectResponse is the response message for the LookupSubject method in the Permission service."
+    },
+    "PermissionSubjectPermissionRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "Version of the schema."
+        },
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)."
+        },
+        "only_permission": {
+          "type": "boolean",
+          "description": "Whether to only check permissions."
+        },
+        "depth": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Query limit when if recursive database queries got in loop."
+        }
+      },
+      "description": "PermissionSubjectPermissionRequestMetadata metadata for the PermissionSubjectPermissionRequest."
+    },
+    "PermissionSubjectPermissionResponse": {
+      "type": "object",
+      "properties": {
+        "results": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/CheckResult"
+          },
+          "description": "Map of results for each permission check."
+        }
+      },
+      "description": "PermissionSubjectPermissionResponse is the response message for the SubjectPermission method in the Permission service."
+    },
+    "PrimitiveType": {
+      "type": "string",
+      "enum": [
+        "BOOL",
+        "INT64",
+        "UINT64",
+        "DOUBLE",
+        "STRING",
+        "BYTES"
+      ],
+      "description": "CEL primitive types.\n\n - BOOL: Boolean type.\n - INT64: Int64 type.\n\nProto-based integer values are widened to int64.\n - UINT64: Uint64 type.\n\nProto-based unsigned integer values are widened to uint64.\n - DOUBLE: Double type.\n\nProto-based float values are widened to double values.\n - STRING: String type.\n - BYTES: Bytes type."
+    },
+    "ReadAttributesBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/AttributeReadRequestMetadata",
+          "description": "metadata holds additional information related to the request."
+        },
+        "filter": {
+          "$ref": "#/definitions/AttributeFilter",
+          "description": "filter specifies the criteria used to select the attributes that should be returned."
+        },
+        "page_size": {
+          "type": "integer",
+          "format": "int64",
+          "description": "page_size specifies the number of results to return in a single page.\nIf more results are available, a continuous_token is included in the response."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is used in case of paginated reads to get the next page of results."
+        }
+      },
+      "description": "AttributeReadRequest defines the structure of a request for reading attributes.\nIt includes the tenant_id, metadata, attribute filter, page size for pagination, and a continuous token for multi-page results."
+    },
+    "ReadRelationshipsBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/RelationshipReadRequestMetadata",
+          "description": "metadata holds additional data related to the request."
+        },
+        "filter": {
+          "$ref": "#/definitions/TupleFilter",
+          "description": "filter is used to specify criteria for the data that needs to be read."
+        },
+        "page_size": {
+          "type": "integer",
+          "format": "int64",
+          "description": "page_size specifies the number of results to return in a single page.\nIf more results are available, a continuous_token is included in the response."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is used in case of paginated reads to get the next page of results."
+        }
+      },
+      "description": "RelationshipReadRequest defines the structure of a request for reading relationships.\nIt contains the necessary information such as tenant_id, metadata, and filter for the read operation."
+    },
+    "RelationDefinition": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The name of the relation, which follows a specific string pattern and has a maximum byte size."
+        },
+        "relationReferences": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/RelationReference"
+          },
+          "description": "A list of references to other relations."
+        }
+      },
+      "description": "The RelationDefinition message provides detailed information about a specific relation."
+    },
+    "RelationReference": {
+      "type": "object",
+      "properties": {
+        "type": {
+          "type": "string",
+          "description": "The type of the referenced entity, which follows a specific string pattern and has a maximum byte size."
+        },
+        "relation": {
+          "type": "string",
+          "description": "The name of the referenced relation, which follows a specific string pattern and has a maximum byte size."
+        }
+      },
+      "description": "The RelationReference message provides a reference to a specific relation."
+    },
+    "RelationshipDeleteResponse": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)"
+        }
+      },
+      "title": "RelationshipDeleteResponse"
+    },
+    "RelationshipReadRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)"
+        }
+      },
+      "description": "RelationshipReadRequestMetadata defines the structure of the metadata for a read request focused on relationships.\nIt includes the snap_token associated with a particular state of the database."
+    },
+    "RelationshipReadResponse": {
+      "type": "object",
+      "properties": {
+        "tuples": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Tuple"
+          },
+          "description": "tuples is a list of the relationships retrieved in the read operation, represented as entity-relation-entity triples."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is used in the case of paginated reads to retrieve the next page of results."
+        }
+      },
+      "description": "RelationshipReadResponse defines the structure of the response after reading relationships.\nIt includes the tuples representing the relationships and a continuous token for handling result pagination."
+    },
+    "RelationshipWriteRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string"
+        }
+      },
+      "title": "RelationshipWriteRequestMetadata"
+    },
+    "RelationshipWriteResponse": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)"
+        }
+      },
+      "title": "RelationshipWriteResponse"
+    },
+    "Rewrite": {
+      "type": "object",
+      "properties": {
+        "rewriteOperation": {
+          "$ref": "#/definitions/Rewrite.Operation",
+          "description": "The type of rewrite operation to be performed."
+        },
+        "children": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Child"
+          },
+          "description": "A list of children that are operated upon by the rewrite operation."
+        }
+      },
+      "description": "The Rewrite message represents a specific rewrite operation.\nThis operation could be one of the following: union, intersection, or exclusion."
+    },
+    "Rewrite.Operation": {
+      "type": "string",
+      "enum": [
+        "OPERATION_UNION",
+        "OPERATION_INTERSECTION",
+        "OPERATION_EXCLUSION"
+      ],
+      "description": "Operation enum includes potential rewrite operations.\nOPERATION_UNION: Represents a union operation.\nOPERATION_INTERSECTION: Represents an intersection operation.\nOPERATION_EXCLUSION: Represents an exclusion operation.\n\n - OPERATION_UNION: Represents a union operation.\n - OPERATION_INTERSECTION: Represents an intersection operation.\n - OPERATION_EXCLUSION: Represents an exclusion operation."
+    },
+    "RuleDefinition": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The name of the rule, which follows a specific string pattern and has a maximum byte size."
+        },
+        "arguments": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/AttributeType"
+          },
+          "description": "Map of arguments for this rule. The key is the attribute name, and the value is the AttributeType."
+        },
+        "expression": {
+          "$ref": "#/definitions/CheckedExpr",
+          "description": "The expression for this rule in the form of a google.api.expr.v1alpha1.CheckedExpr."
+        }
+      },
+      "description": "The RuleDefinition message provides detailed information about a specific rule."
+    },
+    "RunBundleBody": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "Name of the bundle to be executed."
+        },
+        "arguments": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Additional key-value pairs for execution arguments."
+        }
+      },
+      "description": "BundleRunRequest is used to request the execution of a bundle.\nIt includes tenant_id, the name of the bundle, and additional arguments for execution."
+    },
+    "Schema.ListBody": {
+      "type": "object",
+      "properties": {
+        "page_size": {
+          "type": "integer",
+          "format": "int64",
+          "description": "page_size is the number of schemas to be returned in the response.\nThe value should be between 1 and 100."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is an optional parameter used for pagination.\nIt should be the value received in the previous response."
+        }
+      },
+      "description": "SchemaListRequest is the request message for the List method in the Schema service.\nIt contains tenant_id for which the schemas are to be listed."
+    },
+    "Schema.ReadBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/SchemaReadRequestMetadata",
+          "description": "metadata is the additional information needed for the Read request."
+        }
+      },
+      "description": "SchemaReadRequest is the request message for the Read method in the Schema service.\nIt contains tenant_id and metadata about the schema to be read."
+    },
+    "Schema.WriteBody": {
+      "type": "object",
+      "properties": {
+        "schema": {
+          "type": "string",
+          "description": "schema is the string representation of the schema to be written."
+        }
+      },
+      "description": "SchemaWriteRequest is the request message for the Write method in the Schema service.\nIt contains tenant_id and the schema to be written."
+    },
+    "SchemaDefinition": {
+      "type": "object",
+      "properties": {
+        "entityDefinitions": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/EntityDefinition"
+          },
+          "description": "Map of entity definitions. The key is the entity name, and the value is the corresponding EntityDefinition."
+        },
+        "ruleDefinitions": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/RuleDefinition"
+          },
+          "description": "Map of rule definitions. The key is the rule name, and the value is the corresponding RuleDefinition."
+        },
+        "references": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/SchemaDefinition.Reference"
+          },
+          "description": "Map of references to signify whether a string refers to an entity or a rule."
+        }
+      },
+      "description": "The SchemaDefinition message provides definitions for entities and rules,\nand includes references to clarify whether a name refers to an entity or a rule."
+    },
+    "SchemaDefinition.Reference": {
+      "type": "string",
+      "enum": [
+        "REFERENCE_ENTITY",
+        "REFERENCE_RULE"
+      ],
+      "description": "The Reference enum helps distinguish whether a name corresponds to an entity or a rule.\n\n - REFERENCE_ENTITY: Indicates that the name refers to an entity.\n - REFERENCE_RULE: Indicates that the name refers to a rule."
+    },
+    "SchemaList": {
+      "type": "object",
+      "properties": {
+        "version": {
+          "type": "string"
+        },
+        "created_at": {
+          "type": "string"
+        }
+      },
+      "title": "SchemaList provides a list of schema versions with their corresponding creation timestamps"
+    },
+    "SchemaListResponse": {
+      "type": "object",
+      "properties": {
+        "head": {
+          "type": "string",
+          "title": "head of the schemas is the latest version available for the tenant"
+        },
+        "schemas": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/SchemaList"
+          },
+          "title": "list of schema versions with creation timestamps"
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is a string that can be used to paginate and retrieve the next set of results."
+        }
+      },
+      "title": "SchemaListResponse is the response message for the List method in the Schema service.\nIt returns a paginated list of schemas"
+    },
+    "SchemaPartialWriteRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "schema_version is the string that identifies the version of the schema to be read."
+        }
+      },
+      "description": "SchemaPartialWriteRequestMetadata provides additional information for the Schema Partial Write request.\nIt contains schema_version to specify which version of the schema should be read."
+    },
+    "SchemaPartialWriteResponse": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "schema_version is the string that identifies the version of the written schema."
+        }
+      },
+      "description": "SchemaPartialWriteResponse is the response message for the Parietal Write method in the Schema service.\nIt returns the requested schema."
+    },
+    "SchemaReadRequestMetadata": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "schema_version is the string that identifies the version of the schema to be read."
+        }
+      },
+      "description": "SchemaReadRequestMetadata provides additional information for the Schema Read request.\nIt contains schema_version to specify which version of the schema should be read."
+    },
+    "SchemaReadResponse": {
+      "type": "object",
+      "properties": {
+        "schema": {
+          "$ref": "#/definitions/SchemaDefinition",
+          "description": "schema is the SchemaDefinition that represents the read schema."
+        }
+      },
+      "description": "SchemaReadResponse is the response message for the Read method in the Schema service.\nIt returns the requested schema."
+    },
+    "SchemaWriteResponse": {
+      "type": "object",
+      "properties": {
+        "schema_version": {
+          "type": "string",
+          "description": "schema_version is the string that identifies the version of the written schema."
+        }
+      },
+      "description": "SchemaWriteResponse is the response message for the Write method in the Schema service.\nIt returns the version of the written schema."
+    },
+    "Select": {
+      "type": "object",
+      "properties": {
+        "operand": {
+          "$ref": "#/definitions/Expr",
+          "description": "Required. The target of the selection expression.\n\nFor example, in the select expression `request.auth`, the `request`\nportion of the expression is the `operand`."
+        },
+        "field": {
+          "type": "string",
+          "description": "Required. The name of the field to select.\n\nFor example, in the select expression `request.auth`, the `auth` portion\nof the expression would be the `field`."
+        },
+        "testOnly": {
+          "type": "boolean",
+          "description": "Whether the select is to be interpreted as a field presence test.\n\nThis results from the macro `has(request.auth)`."
+        }
+      },
+      "description": "A field selection expression. e.g. `request.auth`."
+    },
+    "SourceInfo": {
+      "type": "object",
+      "properties": {
+        "syntaxVersion": {
+          "type": "string",
+          "description": "The syntax version of the source, e.g. `cel1`."
+        },
+        "location": {
+          "type": "string",
+          "description": "The location name. All position information attached to an expression is\nrelative to this location.\n\nThe location could be a file, UI element, or similar. For example,\n`acme/app/AnvilPolicy.cel`."
+        },
+        "lineOffsets": {
+          "type": "array",
+          "items": {
+            "type": "integer",
+            "format": "int32"
+          },
+          "description": "Monotonically increasing list of code point offsets where newlines\n`\\n` appear.\n\nThe line number of a given position is the index `i` where for a given\n`id` the `line_offsets[i] \u003c id_positions[id] \u003c line_offsets[i+1]`. The\ncolumn may be derivd from `id_positions[id] - line_offsets[i]`."
+        },
+        "positions": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "integer",
+            "format": "int32"
+          },
+          "description": "A map from the parse node id (e.g. `Expr.id`) to the code point offset\nwithin the source."
+        },
+        "macroCalls": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/Expr"
+          },
+          "description": "A map from the parse node id where a macro replacement was made to the\ncall `Expr` that resulted in a macro expansion.\n\nFor example, `has(value.field)` is a function call that is replaced by a\n`test_only` field selection in the AST. Likewise, the call\n`list.exists(e, e \u003e 10)` translates to a comprehension expression. The key\nin the map corresponds to the expression id of the expanded macro, and the\nvalue is the call `Expr` that was replaced."
+        },
+        "extensions": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Extension"
+          },
+          "description": "A list of tags for extensions that were used while parsing or type checking\nthe source expression. For example, optimizations that require special\nruntime support may be specified.\n\nThese are used to check feature support between components in separate\nimplementations. This can be used to either skip redundant work or\nreport an error if the extension is unsupported."
+        }
+      },
+      "description": "Source information collected at parse time."
+    },
+    "Status": {
+      "type": "object",
+      "properties": {
+        "code": {
+          "type": "integer",
+          "format": "int32"
+        },
+        "message": {
+          "type": "string"
+        },
+        "details": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Any"
+          }
+        }
+      }
+    },
+    "StringArrayValue": {
+      "type": "object",
+      "properties": {
+        "data": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "The array of strings."
+        }
+      },
+      "description": "Wrapper for an array of strings."
+    },
+    "Subject": {
+      "type": "object",
+      "properties": {
+        "type": {
+          "type": "string"
+        },
+        "id": {
+          "type": "string"
+        },
+        "relation": {
+          "type": "string"
+        }
+      },
+      "description": "Subject represents an entity subject with a type, an identifier, and a relation."
+    },
+    "SubjectFilter": {
+      "type": "object",
+      "properties": {
+        "type": {
+          "type": "string",
+          "title": "Type of the subject"
+        },
+        "ids": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "title": "List of subject IDs"
+        },
+        "relation": {
+          "type": "string"
+        }
+      },
+      "description": "SubjectFilter is used to filter subjects based on the type, ids and relation."
+    },
+    "SubjectPermissionBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/PermissionSubjectPermissionRequestMetadata",
+          "description": "Metadata associated with this request, required."
+        },
+        "entity": {
+          "$ref": "#/definitions/Entity",
+          "description": "Entity for which to check the permission, required."
+        },
+        "subject": {
+          "$ref": "#/definitions/Subject",
+          "description": "Subject for which to check the permission, required."
+        },
+        "context": {
+          "$ref": "#/definitions/Context",
+          "description": "Context associated with this request."
+        }
+      },
+      "description": "PermissionSubjectPermissionRequest is the request message for the SubjectPermission method in the Permission service."
+    },
+    "Subjects": {
+      "type": "object",
+      "properties": {
+        "subjects": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Subject"
+          },
+          "description": "A list of subjects."
+        }
+      },
+      "description": "Subjects holds a repeated field of Subject type."
+    },
+    "Tenant": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "The ID of the tenant."
+        },
+        "name": {
+          "type": "string",
+          "description": "The name of the tenant."
+        },
+        "created_at": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The time at which the tenant was created."
+        }
+      },
+      "description": "Tenant represents a tenant with an id, a name, and a timestamp indicating when it was created."
+    },
+    "TenantCreateRequest": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "id is a unique identifier for the tenant."
+        },
+        "name": {
+          "type": "string",
+          "description": "name is the name of the tenant."
+        }
+      },
+      "description": "TenantCreateRequest is the message used for the request to create a tenant."
+    },
+    "TenantCreateResponse": {
+      "type": "object",
+      "properties": {
+        "tenant": {
+          "$ref": "#/definitions/Tenant",
+          "description": "tenant is the created tenant information."
+        }
+      },
+      "description": "TenantCreateResponse is the message returned from the request to create a tenant."
+    },
+    "TenantDeleteResponse": {
+      "type": "object",
+      "properties": {
+        "tenant_id": {
+          "type": "string",
+          "description": "tenant_id is the tenant id that was deleted."
+        }
+      },
+      "description": "TenantDeleteResponse is the message returned from the request to delete a tenant."
+    },
+    "TenantListRequest": {
+      "type": "object",
+      "properties": {
+        "page_size": {
+          "type": "integer",
+          "format": "int64",
+          "description": "page_size is the number of tenants to be returned in the response.\nThe value should be between 1 and 100."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is an optional parameter used for pagination.\nIt should be the value received in the previous response."
+        }
+      },
+      "description": "TenantListRequest is the message used for the request to list all tenants."
+    },
+    "TenantListResponse": {
+      "type": "object",
+      "properties": {
+        "tenants": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Tenant"
+          },
+          "description": "tenants is a list of tenants."
+        },
+        "continuous_token": {
+          "type": "string",
+          "description": "continuous_token is a string that can be used to paginate and retrieve the next set of results."
+        }
+      },
+      "description": "TenantListResponse is the message returned from the request to list all tenants."
+    },
+    "Tuple": {
+      "type": "object",
+      "properties": {
+        "entity": {
+          "$ref": "#/definitions/Entity"
+        },
+        "relation": {
+          "type": "string"
+        },
+        "subject": {
+          "$ref": "#/definitions/Subject"
+        }
+      },
+      "description": "Tuple is a structure that includes an entity, a relation, and a subject."
+    },
+    "TupleFilter": {
+      "type": "object",
+      "properties": {
+        "entity": {
+          "$ref": "#/definitions/EntityFilter"
+        },
+        "relation": {
+          "type": "string"
+        },
+        "subject": {
+          "$ref": "#/definitions/SubjectFilter",
+          "title": "The subject filter"
+        }
+      },
+      "description": "TupleFilter is used to filter tuples based on the entity, relation and the subject."
+    },
+    "TupleSet": {
+      "type": "object",
+      "properties": {
+        "relation": {
+          "type": "string"
+        }
+      },
+      "description": "TupleSet represents a set of tuples associated with a specific relation."
+    },
+    "TupleToUserSet": {
+      "type": "object",
+      "properties": {
+        "tupleSet": {
+          "$ref": "#/definitions/TupleSet",
+          "title": "The tuple set"
+        },
+        "computed": {
+          "$ref": "#/definitions/ComputedUserSet",
+          "title": "The computed user set"
+        }
+      },
+      "description": "TupleToUserSet defines a mapping from tuple sets to computed user sets."
+    },
+    "Values": {
+      "type": "object",
+      "properties": {
+        "values": {
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/Any"
+          }
+        }
+      }
+    },
+    "Version": {
+      "type": "object",
+      "properties": {
+        "major": {
+          "type": "string",
+          "format": "int64",
+          "description": "Major version changes indicate different required support level from\nthe required components."
+        },
+        "minor": {
+          "type": "string",
+          "format": "int64",
+          "description": "Minor version changes must not change the observed behavior from\nexisting implementations, but may be provided informationally."
+        }
+      },
+      "title": "Version"
+    },
+    "WatchBody": {
+      "type": "object",
+      "properties": {
+        "snap_token": {
+          "type": "string",
+          "description": "The snap token to avoid stale cache, see more details on [Snap Tokens](../../operations/snap-tokens)."
+        }
+      },
+      "description": "WatchRequest is the request message for the Watch RPC. It contains the\ndetails needed to establish a watch stream."
+    },
+    "WatchResponse": {
+      "type": "object",
+      "properties": {
+        "changes": {
+          "$ref": "#/definitions/DataChanges",
+          "description": "Changes in the data."
+        }
+      },
+      "description": "WatchResponse is the response message for the Watch RPC. It contains the\nchanges in the data that are being watched."
+    },
+    "WellKnownType": {
+      "type": "string",
+      "enum": [
+        "ANY",
+        "TIMESTAMP",
+        "DURATION"
+      ],
+      "description": "Well-known protobuf types treated with first-class support in CEL.\n\n - ANY: Well-known protobuf.Any type.\n\nAny types are a polymorphic message type. During type-checking they are\ntreated like `DYN` types, but at runtime they are resolved to a specific\nmessage type specified at evaluation time.\n - TIMESTAMP: Well-known protobuf.Timestamp type, internally referenced as `timestamp`.\n - DURATION: Well-known protobuf.Duration type, internally referenced as `duration`."
+    },
+    "WriteRelationshipsBody": {
+      "type": "object",
+      "properties": {
+        "metadata": {
+          "$ref": "#/definitions/RelationshipWriteRequestMetadata",
+          "description": "Metadata for the request. It's required."
+        },
+        "tuples": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Tuple"
+          },
+          "description": "List of tuples for the request. Must have between 1 and 100 items."
+        }
+      },
+      "description": "Represents a request to write relationship data."
+    },
+    "v1.Call": {
+      "type": "object",
+      "properties": {
+        "ruleName": {
+          "type": "string",
+          "title": "Name of the rule"
+        },
+        "arguments": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Argument"
+          },
+          "title": "Arguments passed to the rule"
+        }
+      },
+      "description": "Call represents a call to a rule. It includes the name of the rule and the arguments passed to it."
+    },
+    "v1.Expand": {
+      "type": "object",
+      "properties": {
+        "entity": {
+          "$ref": "#/definitions/Entity",
+          "description": "entity is the entity for which the hierarchical structure is defined."
+        },
+        "permission": {
+          "type": "string",
+          "description": "permission is the permission applied to the entity."
+        },
+        "arguments": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/Argument"
+          },
+          "description": "arguments are the additional information or context used to evaluate permissions."
+        },
+        "expand": {
+          "$ref": "#/definitions/ExpandTreeNode",
+          "description": "expand contains another hierarchical structure."
+        },
+        "leaf": {
+          "$ref": "#/definitions/ExpandLeaf",
+          "description": "leaf contains a set of subjects."
+        }
+      },
+      "description": "Expand is used to define a hierarchical structure for permissions.\nIt has an entity, permission, and arguments. The node can be either another hierarchical structure or a set of subjects."
+    },
+    "v1.Operation": {
+      "type": "object",
+      "properties": {
+        "relationships_write": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "'relationships_write' is a repeated string field for storing relationship keys\nthat are to be written or created."
+        },
+        "relationships_delete": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "'relationships_delete' is a repeated string field for storing relationship keys\nthat are to be deleted or removed."
+        },
+        "attributes_write": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "'attributes_write' is a repeated string field for storing attribute keys\nthat are to be written or created."
+        },
+        "attributes_delete": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "'attributes_delete' is a repeated string field for storing attribute keys\nthat are to be deleted or removed."
+        }
+      },
+      "description": "Operation is a message representing a series of operations that can be performed.\nIt includes fields for writing and deleting relationships and attributes."
+    },
+    "v1alpha1.Reference": {
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The fully qualified name of the declaration."
+        },
+        "overloadId": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "For references to functions, this is a list of `Overload.overload_id`\nvalues which match according to typing rules.\n\nIf the list has more than one element, overload resolution among the\npresented candidates must happen at runtime because of dynamic types. The\ntype checker attempts to narrow down this list as much as possible.\n\nEmpty if this is not a reference to a\n[Decl.FunctionDecl][google.api.expr.v1alpha1.Decl.FunctionDecl]."
+        },
+        "value": {
+          "$ref": "#/definitions/Constant",
+          "description": "For references to constants, this may contain the value of the\nconstant if known at compile time."
+        }
+      },
+      "description": "Describes a resolved reference to a declaration."
+    },
+    "v1alpha1.Type": {
+      "type": "object",
+      "properties": {
+        "dyn": {
+          "type": "object",
+          "properties": {},
+          "description": "Dynamic type."
+        },
+        "null": {
+          "type": "string",
+          "description": "Null value."
+        },
+        "primitive": {
+          "$ref": "#/definitions/PrimitiveType",
+          "description": "Primitive types: `true`, `1u`, `-2.0`, `'string'`, `b'bytes'`."
+        },
+        "wrapper": {
+          "$ref": "#/definitions/PrimitiveType",
+          "description": "Wrapper of a primitive type, e.g. `google.protobuf.Int64Value`."
+        },
+        "wellKnown": {
+          "$ref": "#/definitions/WellKnownType",
+          "description": "Well-known protobuf type such as `google.protobuf.Timestamp`."
+        },
+        "listType": {
+          "$ref": "#/definitions/ListType",
+          "description": "Parameterized list with elements of `list_type`, e.g. `list\u003ctimestamp\u003e`."
+        },
+        "mapType": {
+          "$ref": "#/definitions/MapType",
+          "description": "Parameterized map with typed keys and values."
+        },
+        "function": {
+          "$ref": "#/definitions/FunctionType",
+          "description": "Function type."
+        },
+        "messageType": {
+          "type": "string",
+          "description": "Protocol buffer message type.\n\nThe `message_type` string specifies the qualified message type name. For\nexample, `google.plus.Profile`."
+        },
+        "typeParam": {
+          "type": "string",
+          "description": "Type param type.\n\nThe `type_param` string specifies the type parameter name, e.g. `list\u003cE\u003e`\nwould be a `list_type` whose element type was a `type_param` type\nnamed `E`."
+        },
+        "type": {
+          "$ref": "#/definitions/v1alpha1.Type",
+          "description": "Type type.\n\nThe `type` value specifies the target type. e.g. int is type with a\ntarget type of `Primitive.INT`."
+        },
+        "error": {
+          "type": "object",
+          "properties": {},
+          "description": "Error type.\n\nDuring type-checking if an expression is an error, its type is propagated\nas the `ERROR` type. This permits the type-checker to discover other\nerrors present in the expression."
+        },
+        "abstractType": {
+          "$ref": "#/definitions/AbstractType",
+          "description": "Abstract, application defined type."
+        }
+      },
+      "description": "Represents a CEL type."
+    }
+  },
+  "securityDefinitions": {
+    "ApiKeyAuth": {
+      "type": "apiKey",
+      "name": "Authorization",
+      "in": "header"
+    }
+  }
+}