@1mtx/did-api-contract 1.0.1 → 1.1.1

package/dist/index.js

@@ -25,24 +25,47 @@ __export(index_exports, {
   CheckinSubmitRequestSchema: () => CheckinSubmitRequestSchema,
   CheckinSubmitResponseSchema: () => CheckinSubmitResponseSchema,
   CreateEventSchema: () => CreateEventSchema,
+  CreateInvitationSchema: () => CreateInvitationSchema,
+  CreateOrganisationSchema: () => CreateOrganisationSchema,
   EventDetailResponseSchema: () => EventDetailResponseSchema,
+  EventDiscoverSchema: () => EventDiscoverSchema,
   EventPublicInfoSchema: () => EventPublicInfoSchema,
   EventResponseSchema: () => EventResponseSchema,
+  InvitationResponseSchema: () => InvitationResponseSchema,
+  IssueVCSchema: () => IssueVCSchema,
+  JoinInvitationSchema: () => JoinInvitationSchema,
+  MemberResponseSchema: () => MemberResponseSchema,
+  OrgDetailResponseSchema: () => OrgDetailResponseSchema,
+  OrgListItemSchema: () => OrgListItemSchema,
+  OrgResponseSchema: () => OrgResponseSchema,
   ParticipantSchema: () => ParticipantSchema,
   SUPPORTED_FIELDS: () => SUPPORTED_FIELDS,
+  TrackScanRequestSchema: () => TrackScanRequestSchema,
+  TrackScanResponseSchema: () => TrackScanResponseSchema,
   TurnCredentialsResponseSchema: () => TurnCredentialsResponseSchema,
   UpdateEventSchema: () => UpdateEventSchema,
+  UpdateMemberRoleSchema: () => UpdateMemberRoleSchema,
+  UpdateOrganisationSchema: () => UpdateOrganisationSchema,
+  UploadPresignedUrlSchema: () => UploadPresignedUrlSchema,
   VerifyRequestSchema: () => VerifyRequestSchema,
   VerifyResponseSchema: () => VerifyResponseSchema,
+  appConfigContract: () => appConfigContract,
   authContract: () => authContract,
   buildAuthMessage: () => buildAuthMessage,
   checkinContract: () => checkinContract,
   contract: () => contract,
   eventsContract: () => eventsContract,
-  turnContract: () => turnContract
+  orgCredentialsContract: () => orgCredentialsContract,
+  orgCrudContract: () => orgCrudContract,
+  orgInvitationsContract: () => orgInvitationsContract,
+  orgMembersContract: () => orgMembersContract,
+  organisationsContract: () => organisationsContract,
+  trackingContract: () => trackingContract,
+  turnContract: () => turnContract,
+  uploadsContract: () => uploadsContract
 });
 module.exports = __toCommonJS(index_exports);
-var import_core5 = require("@ts-rest/core");
+var import_core9 = require("@ts-rest/core");
 
 // src/v1/auth.ts
 var import_core = require("@ts-rest/core");
@@ -50,7 +73,7 @@ var import_zod = require("zod");
 var c = (0, import_core.initContract)();
 var AuthScheme = import_zod.z.enum(["eip191"]);
 var VerifyRequestSchema = import_zod.z.object({
-  did: import_zod.z.string().min(1).describe("DID of the authenticating user (e.g. `did:ethr:0xABC...`)"),
+  did: import_zod.z.string().min(1).describe("DID of the authenticating user (e.g. `did:ethr:0xABC...` or `did:vbsn:0xABC...`)"),
   signature: import_zod.z.string().min(1).describe(
     "Hex signature of the `message` string, produced by the scheme specified in the message"
   ),
@@ -83,7 +106,7 @@ var authContract = c.router({
       "|----------|-------|",
       '| **Signing scheme** | ECDSA secp256k1 (`scheme: "eip191"`) |',
       "| **Signature format** | [EIP-191](https://eips.ethereum.org/EIPS/eip-191) `personal_sign` (65-byte `r\u2016s\u2016v`, hex-encoded with `0x` prefix) |",
-      "| **DID method** | `did:ethr` \u2014 the Ethereum address in the DID must match the signer |",
+      "| **DID method** | `did:ethr` or `did:vbsn` \u2014 the Ethereum address in the DID must match the signer |",
       "| **Message encoding** | UTF-8 JSON string |",
       "",
       "### Steps",
@@ -129,28 +152,37 @@ var import_core2 = require("@ts-rest/core");
 var import_zod2 = require("zod");
 var c2 = (0, import_core2.initContract)();
 var SUPPORTED_FIELDS = [
+  "documentNumber",
   "fullName",
-  "age",
-  "portrait",
+  "dateOfBirth",
   "gender",
   "nationality",
+  "ethnicity",
+  "hometown",
   "permanentAddress",
-  "documentNumber"
+  "identifyingMarks",
+  "issueDate",
+  "expiryDate",
+  "fatherName",
+  "motherName",
+  "photo"
 ];
 var CreateEventSchema = import_zod2.z.object({
   name: import_zod2.z.string().min(1).max(255).describe("T\xEAn s\u1EF1 ki\u1EC7n"),
-  coverImageUrl: import_zod2.z.string().url().optional().describe("\u1EA2nh b\xECa s\u1EF1 ki\u1EC7n"),
+  coverImageId: import_zod2.z.string().optional().describe("ID \u1EA3nh b\xECa s\u1EF1 ki\u1EC7n"),
   description: import_zod2.z.string().optional().describe("M\xF4 t\u1EA3 s\u1EF1 ki\u1EC7n"),
   maxGuests: import_zod2.z.number().int().positive().describe("S\u1ED1 l\u01B0\u1EE3ng kh\xE1ch t\u1ED1i \u0111a"),
-  dateTime: import_zod2.z.string().datetime().describe("Th\u1EDDi gian di\u1EC5n ra s\u1EF1 ki\u1EC7n"),
+  startDateTime: import_zod2.z.string().datetime().describe("Th\u1EDDi gian b\u1EAFt \u0111\u1EA7u s\u1EF1 ki\u1EC7n"),
+  endDateTime: import_zod2.z.string().datetime().describe("Th\u1EDDi gian k\u1EBFt th\xFAc s\u1EF1 ki\u1EC7n"),
   requestedFields: import_zod2.z.array(import_zod2.z.enum(SUPPORTED_FIELDS)).min(1).describe("C\xE1c tr\u01B0\u1EDDng d\u1EEF li\u1EC7u y\xEAu c\u1EA7u x\xE1c th\u1EF1c")
 });
 var UpdateEventSchema = import_zod2.z.object({
   name: import_zod2.z.string().min(1).max(255).optional(),
-  coverImageUrl: import_zod2.z.string().nullable().optional(),
+  coverImageId: import_zod2.z.string().nullable().optional(),
   description: import_zod2.z.string().nullable().optional(),
   maxGuests: import_zod2.z.number().int().positive().optional(),
-  dateTime: import_zod2.z.string().datetime().optional(),
+  startDateTime: import_zod2.z.string().datetime().optional(),
+  endDateTime: import_zod2.z.string().datetime().optional(),
   status: import_zod2.z.enum(["ACTIVE", "CANCELLED", "COMPLETED"]).optional()
 });
 var ParticipantSchema = import_zod2.z.object({
@@ -163,9 +195,11 @@ var EventResponseSchema = import_zod2.z.object({
   id: import_zod2.z.string(),
   name: import_zod2.z.string(),
   coverImageUrl: import_zod2.z.string().nullable(),
+  thumbnailUrl: import_zod2.z.string().nullable(),
   description: import_zod2.z.string().nullable(),
   maxGuests: import_zod2.z.number(),
-  dateTime: import_zod2.z.string(),
+  startDateTime: import_zod2.z.string(),
+  endDateTime: import_zod2.z.string().nullable(),
   userId: import_zod2.z.string(),
   requestedFields: import_zod2.z.array(import_zod2.z.string()),
   status: import_zod2.z.enum(["ACTIVE", "CANCELLED", "COMPLETED"]),
@@ -177,8 +211,27 @@ var EventDetailResponseSchema = EventResponseSchema.extend({
   participants: import_zod2.z.array(ParticipantSchema),
   vpRequest: import_zod2.z.record(import_zod2.z.unknown())
 });
+var EventDiscoverSchema = import_zod2.z.object({
+  id: import_zod2.z.string(),
+  name: import_zod2.z.string(),
+  coverImageUrl: import_zod2.z.string().nullable(),
+  thumbnailUrl: import_zod2.z.string().nullable(),
+  description: import_zod2.z.string().nullable(),
+  startDateTime: import_zod2.z.string(),
+  endDateTime: import_zod2.z.string().nullable(),
+  participantCount: import_zod2.z.number()
+});
 var SECURITY = [{ bearerAuth: [] }];
 var eventsContract = c2.router({
+  discover: {
+    method: "GET",
+    path: "/v1/events/public/discover",
+    responses: {
+      200: import_zod2.z.array(EventDiscoverSchema)
+    },
+    summary: "List public events for discovery (public)",
+    metadata: { openApiTags: ["Events"], openApiSecurity: [] }
+  },
   create: {
     method: "POST",
     path: "/v1/events",
@@ -262,9 +315,11 @@ var EventPublicInfoSchema = import_zod3.z.object({
   id: import_zod3.z.string(),
   name: import_zod3.z.string(),
   coverImageUrl: import_zod3.z.string().nullable(),
+  thumbnailUrl: import_zod3.z.string().nullable(),
   description: import_zod3.z.string().nullable(),
   maxGuests: import_zod3.z.number(),
-  dateTime: import_zod3.z.string(),
+  startDateTime: import_zod3.z.string(),
+  endDateTime: import_zod3.z.string().nullable(),
   currentGuests: import_zod3.z.number(),
   status: import_zod3.z.enum(["ACTIVE", "CANCELLED", "COMPLETED"])
 });
@@ -298,11 +353,12 @@ var checkinContract = c3.router({
     responses: {
       200: CheckinSubmitResponseSchema,
       400: import_zod3.z.object({ message: import_zod3.z.string(), errors: import_zod3.z.array(import_zod3.z.string()).optional() }),
+      401: import_zod3.z.object({ message: import_zod3.z.string() }),
       404: import_zod3.z.object({ message: import_zod3.z.string() }),
       409: import_zod3.z.object({ message: import_zod3.z.string() })
     },
-    summary: "Submit VP for event check-in \u2014 issues participation VC on success (public)",
-    metadata: { openApiTags: ["Check-in"], openApiSecurity: [] }
+    summary: "Submit VP for event check-in \u2014 issues participation VC on success",
+    metadata: { openApiTags: ["Check-in"], openApiSecurity: [{ bearerAuth: [] }] }
   },
   myCheckins: {
     method: "GET",
@@ -313,6 +369,7 @@ var checkinContract = c3.router({
           id: import_zod3.z.string(),
           eventId: import_zod3.z.string(),
           checkedInAt: import_zod3.z.string(),
+          disclosedFields: import_zod3.z.record(import_zod3.z.unknown()),
           event: EventPublicInfoSchema
         })
       ),
@@ -349,14 +406,401 @@ var turnContract = c4.router({
   }
 });
 
-// src/index.ts
+// src/v1/uploads.ts
+var import_core5 = require("@ts-rest/core");
+var import_zod5 = require("zod");
 var c5 = (0, import_core5.initContract)();
-var contract = c5.router({
-  v1: c5.router({
+var UploadPresignedUrlSchema = import_zod5.z.object({
+  fileId: import_zod5.z.string(),
+  original: import_zod5.z.object({
+    uploadUrl: import_zod5.z.string(),
+    key: import_zod5.z.string(),
+    publicUrl: import_zod5.z.string()
+  }),
+  resize: import_zod5.z.object({
+    uploadUrl: import_zod5.z.string(),
+    key: import_zod5.z.string(),
+    publicUrl: import_zod5.z.string()
+  })
+});
+var uploadsContract = c5.router(
+  {
+    generatePresignedUrls: {
+      method: "POST",
+      path: "/urls",
+      body: import_zod5.z.object({}),
+      responses: {
+        201: UploadPresignedUrlSchema
+      },
+      summary: "Generate pre-signed URLs for event image upload",
+      metadata: { openApiTags: ["Uploads"], openApiSecurity: [{ bearerAuth: [] }] }
+    }
+  },
+  {
+    pathPrefix: "/v1/uploads"
+  }
+);
+
+// src/v1/tracking.ts
+var import_core6 = require("@ts-rest/core");
+var import_zod6 = require("zod");
+var c6 = (0, import_core6.initContract)();
+var TrackScanRequestSchema = import_zod6.z.object({
+  platform: import_zod6.z.string(),
+  appVersion: import_zod6.z.string().optional()
+});
+var TrackScanResponseSchema = import_zod6.z.object({
+  id: import_zod6.z.string()
+});
+var trackingContract = c6.router({
+  scan: {
+    method: "POST",
+    path: "/v1/tracking/scan",
+    body: TrackScanRequestSchema,
+    responses: {
+      201: TrackScanResponseSchema,
+      401: import_zod6.z.object({ message: import_zod6.z.string() })
+    },
+    summary: "Record a successful NFC scan event",
+    metadata: { openApiTags: ["Tracking"], openApiSecurity: [{ bearerAuth: [] }] }
+  }
+});
+
+// src/v1/config.ts
+var import_core7 = require("@ts-rest/core");
+var import_zod7 = require("zod");
+var c7 = (0, import_core7.initContract)();
+var appConfigContract = c7.router({
+  appConfig: {
+    method: "GET",
+    path: "/v1/config/app",
+    responses: {
+      200: import_zod7.z.object({
+        demoMode: import_zod7.z.object({ enabled: import_zod7.z.boolean() }),
+        publicEvents: import_zod7.z.object({ enabled: import_zod7.z.boolean() })
+      })
+    },
+    summary: "Get app configuration (public)",
+    metadata: { openApiTags: ["Config"], openApiSecurity: [] }
+  }
+});
+
+// src/v1/organisations.ts
+var import_core8 = require("@ts-rest/core");
+var import_zod8 = require("zod");
+var c8 = (0, import_core8.initContract)();
+var SECURITY2 = [{ bearerAuth: [] }];
+var CreateOrganisationSchema = import_zod8.z.object({
+  name: import_zod8.z.string().min(1).max(255),
+  description: import_zod8.z.string().optional(),
+  verifiablePresentation: import_zod8.z.record(import_zod8.z.unknown())
+});
+var UpdateOrganisationSchema = import_zod8.z.object({
+  name: import_zod8.z.string().min(1).max(255).optional(),
+  description: import_zod8.z.string().nullable().optional(),
+  avatarUrl: import_zod8.z.string().nullable().optional()
+});
+var OrgResponseSchema = import_zod8.z.object({
+  id: import_zod8.z.string(),
+  name: import_zod8.z.string(),
+  description: import_zod8.z.string().nullable(),
+  avatarUrl: import_zod8.z.string().nullable(),
+  didUri: import_zod8.z.string().nullable(),
+  memberCount: import_zod8.z.number(),
+  createdAt: import_zod8.z.string(),
+  updatedAt: import_zod8.z.string()
+});
+var OrgListItemSchema = OrgResponseSchema.extend({
+  role: import_zod8.z.enum(["OWNER", "ADMIN", "ISSUER", "MEMBER"])
+});
+var OrgDetailResponseSchema = OrgListItemSchema.extend({
+  members: import_zod8.z.array(import_zod8.z.object({
+    id: import_zod8.z.string(),
+    userId: import_zod8.z.string(),
+    displayName: import_zod8.z.string().nullable(),
+    role: import_zod8.z.enum(["OWNER", "ADMIN", "ISSUER", "MEMBER"]),
+    joinedAt: import_zod8.z.string()
+  }))
+});
+var MemberResponseSchema = import_zod8.z.object({
+  id: import_zod8.z.string(),
+  userId: import_zod8.z.string(),
+  displayName: import_zod8.z.string().nullable(),
+  role: import_zod8.z.enum(["OWNER", "ADMIN", "ISSUER", "MEMBER"]),
+  joinedAt: import_zod8.z.string()
+});
+var UpdateMemberRoleSchema = import_zod8.z.object({
+  role: import_zod8.z.enum(["ADMIN", "ISSUER", "MEMBER"])
+});
+var CreateInvitationSchema = import_zod8.z.object({
+  expiresInDays: import_zod8.z.number().int().positive().default(7).optional()
+});
+var InvitationResponseSchema = import_zod8.z.object({
+  id: import_zod8.z.string(),
+  orgId: import_zod8.z.string(),
+  orgName: import_zod8.z.string(),
+  token: import_zod8.z.string(),
+  status: import_zod8.z.enum(["PENDING", "SUBMITTED", "ACCEPTED", "DECLINED", "EXPIRED"]),
+  inviteeDisplayName: import_zod8.z.string().nullable(),
+  createdAt: import_zod8.z.string(),
+  expiresAt: import_zod8.z.string()
+});
+var JoinInvitationSchema = import_zod8.z.object({
+  verifiablePresentation: import_zod8.z.record(import_zod8.z.unknown())
+});
+var IssueVCSchema = import_zod8.z.object({
+  holderDid: import_zod8.z.string(),
+  credentialSubject: import_zod8.z.record(import_zod8.z.unknown()),
+  type: import_zod8.z.array(import_zod8.z.string()).optional()
+});
+var ErrorSchema = import_zod8.z.object({ message: import_zod8.z.string() });
+var VpRequestResponseSchema = import_zod8.z.object({
+  vpRequest: import_zod8.z.record(import_zod8.z.unknown()),
+  expiresAt: import_zod8.z.string()
+});
+var orgCrudContract = c8.router({
+  createVpRequest: {
+    method: "POST",
+    path: "/v1/organisations/vp-request",
+    body: import_zod8.z.object({}),
+    responses: {
+      200: VpRequestResponseSchema,
+      401: ErrorSchema
+    },
+    summary: "Get VP request for creating an organisation",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  create: {
+    method: "POST",
+    path: "/v1/organisations",
+    body: CreateOrganisationSchema,
+    responses: {
+      201: OrgResponseSchema,
+      400: ErrorSchema,
+      401: ErrorSchema
+    },
+    summary: "Create a new organisation (requires CCCD VP)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  list: {
+    method: "GET",
+    path: "/v1/organisations",
+    responses: {
+      200: import_zod8.z.array(OrgListItemSchema),
+      401: ErrorSchema
+    },
+    summary: "List user's organisations",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  getById: {
+    method: "GET",
+    path: "/v1/organisations/:orgId",
+    responses: {
+      200: OrgDetailResponseSchema,
+      401: ErrorSchema,
+      403: ErrorSchema,
+      404: ErrorSchema
+    },
+    summary: "Get organisation details (members only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  update: {
+    method: "PATCH",
+    path: "/v1/organisations/:orgId",
+    body: UpdateOrganisationSchema,
+    responses: {
+      200: OrgResponseSchema,
+      400: ErrorSchema,
+      401: ErrorSchema,
+      403: ErrorSchema,
+      404: ErrorSchema
+    },
+    summary: "Update organisation details (owner/admin only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  delete: {
+    method: "DELETE",
+    path: "/v1/organisations/:orgId",
+    body: c8.noBody(),
+    responses: {
+      204: import_zod8.z.undefined(),
+      401: ErrorSchema,
+      403: ErrorSchema,
+      404: ErrorSchema
+    },
+    summary: "Delete organisation (owner only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  }
+});
+var orgMembersContract = c8.router({
+  listMembers: {
+    method: "GET",
+    path: "/v1/organisations/:orgId/members",
+    responses: {
+      200: import_zod8.z.array(MemberResponseSchema),
+      401: ErrorSchema,
+      403: ErrorSchema
+    },
+    summary: "List organisation members",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  updateMemberRole: {
+    method: "PATCH",
+    path: "/v1/organisations/:orgId/members/:memberId",
+    body: UpdateMemberRoleSchema,
+    responses: {
+      200: MemberResponseSchema,
+      400: ErrorSchema,
+      401: ErrorSchema,
+      403: ErrorSchema,
+      404: ErrorSchema
+    },
+    summary: "Update member role (owner/admin only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  removeMember: {
+    method: "DELETE",
+    path: "/v1/organisations/:orgId/members/:memberId",
+    body: c8.noBody(),
+    responses: {
+      204: import_zod8.z.undefined(),
+      400: ErrorSchema,
+      401: ErrorSchema,
+      403: ErrorSchema,
+      404: ErrorSchema
+    },
+    summary: "Remove member from organisation (owner/admin only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  }
+});
+var orgInvitationsContract = c8.router({
+  createInvitation: {
+    method: "POST",
+    path: "/v1/organisations/:orgId/invitations",
+    body: CreateInvitationSchema,
+    responses: {
+      201: InvitationResponseSchema,
+      401: ErrorSchema,
+      403: ErrorSchema
+    },
+    summary: "Create invitation (owner/admin only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  listInvitations: {
+    method: "GET",
+    path: "/v1/organisations/:orgId/invitations",
+    responses: {
+      200: import_zod8.z.array(InvitationResponseSchema),
+      401: ErrorSchema,
+      403: ErrorSchema
+    },
+    summary: "List pending invitations (owner/admin only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  joinVpRequest: {
+    method: "POST",
+    path: "/v1/organisations/invitations/:token/vp-request",
+    body: import_zod8.z.object({}),
+    responses: {
+      200: VpRequestResponseSchema,
+      401: ErrorSchema,
+      404: ErrorSchema,
+      410: ErrorSchema
+    },
+    summary: "Get VP request for joining via invitation",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  joinInvitation: {
+    method: "POST",
+    path: "/v1/organisations/invitations/:token/join",
+    body: JoinInvitationSchema,
+    responses: {
+      200: import_zod8.z.object({ message: import_zod8.z.string() }),
+      400: ErrorSchema,
+      401: ErrorSchema,
+      410: ErrorSchema
+    },
+    summary: "Invitee submits CCCD VP to join",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  acceptInvitation: {
+    method: "POST",
+    path: "/v1/organisations/:orgId/invitations/:invitationId/accept",
+    body: import_zod8.z.object({}),
+    responses: {
+      200: import_zod8.z.object({ message: import_zod8.z.string(), memberId: import_zod8.z.string() }),
+      401: ErrorSchema,
+      403: ErrorSchema,
+      409: ErrorSchema
+    },
+    summary: "Accept invitation (owner/admin only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  declineInvitation: {
+    method: "POST",
+    path: "/v1/organisations/:orgId/invitations/:invitationId/decline",
+    body: import_zod8.z.object({}),
+    responses: {
+      200: import_zod8.z.object({ message: import_zod8.z.string() }),
+      401: ErrorSchema,
+      403: ErrorSchema,
+      409: ErrorSchema
+    },
+    summary: "Decline invitation (owner/admin only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  }
+});
+var orgCredentialsContract = c8.router({
+  issueVC: {
+    method: "POST",
+    path: "/v1/organisations/:orgId/credentials/issue",
+    body: IssueVCSchema,
+    responses: {
+      201: import_zod8.z.record(import_zod8.z.unknown()),
+      400: ErrorSchema,
+      401: ErrorSchema,
+      403: ErrorSchema
+    },
+    summary: "Issue VC on behalf of organisation (owner/admin/issuer)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  },
+  listIssuedCredentials: {
+    method: "GET",
+    path: "/v1/organisations/:orgId/credentials",
+    responses: {
+      200: import_zod8.z.array(import_zod8.z.object({
+        id: import_zod8.z.string(),
+        holderDid: import_zod8.z.string(),
+        issuingMemberId: import_zod8.z.string(),
+        credentialJson: import_zod8.z.record(import_zod8.z.unknown()),
+        issuedAt: import_zod8.z.string()
+      })),
+      401: ErrorSchema,
+      403: ErrorSchema
+    },
+    summary: "List issued credentials (owner/admin only)",
+    metadata: { openApiTags: ["Organisations"], openApiSecurity: SECURITY2 }
+  }
+});
+var organisationsContract = c8.router({
+  crud: orgCrudContract,
+  members: orgMembersContract,
+  invitations: orgInvitationsContract,
+  credentials: orgCredentialsContract
+});
+
+// src/index.ts
+var c9 = (0, import_core9.initContract)();
+var contract = c9.router({
+  v1: c9.router({
     auth: authContract,
     events: eventsContract,
     checkin: checkinContract,
-    turn: turnContract
+    turn: turnContract,
+    uploads: uploadsContract,
+    tracking: trackingContract,
+    config: appConfigContract,
+    organisations: organisationsContract
   })
 });
 // Annotate the CommonJS export names for ESM import in node:
@@ -366,20 +810,43 @@ var contract = c5.router({
   CheckinSubmitRequestSchema,
   CheckinSubmitResponseSchema,
   CreateEventSchema,
+  CreateInvitationSchema,
+  CreateOrganisationSchema,
   EventDetailResponseSchema,
+  EventDiscoverSchema,
   EventPublicInfoSchema,
   EventResponseSchema,
+  InvitationResponseSchema,
+  IssueVCSchema,
+  JoinInvitationSchema,
+  MemberResponseSchema,
+  OrgDetailResponseSchema,
+  OrgListItemSchema,
+  OrgResponseSchema,
   ParticipantSchema,
   SUPPORTED_FIELDS,
+  TrackScanRequestSchema,
+  TrackScanResponseSchema,
   TurnCredentialsResponseSchema,
   UpdateEventSchema,
+  UpdateMemberRoleSchema,
+  UpdateOrganisationSchema,
+  UploadPresignedUrlSchema,
   VerifyRequestSchema,
   VerifyResponseSchema,
+  appConfigContract,
   authContract,
   buildAuthMessage,
   checkinContract,
   contract,
   eventsContract,
-  turnContract
+  orgCredentialsContract,
+  orgCrudContract,
+  orgInvitationsContract,
+  orgMembersContract,
+  organisationsContract,
+  trackingContract,
+  turnContract,
+  uploadsContract
 });
 //# sourceMappingURL=index.js.map