@cubist-labs/cubesigner-sdk 0.2.28 → 0.3.1

package/dist/src/schema.d.ts

@@ -2,6 +2,12 @@
  * This file was auto-generated by openapi-typescript.
  * Do not make direct changes to the file.
  */
+/** OneOf type helpers */
+type Without<T, U> = {
+    [P in Exclude<keyof T, keyof U>]?: never;
+};
+type XOR<T, U> = T | U extends object ? (Without<T, U> & U) | (Without<U, T> & T) : T | U;
+type OneOf<T extends any[]> = T extends [infer Only] ? Only : T extends [infer A, infer B, ...infer Rest] ? OneOf<[XOR<A, B>, ...Rest]> : never;
 export interface paths {
     "/v0/about_me": {
         /**
@@ -58,6 +64,15 @@ export interface paths {
          */
         put: operations["deriveKey"];
     };
+    "/v0/org/{org_id}/evm/eip191/sign/{pubkey}": {
+        /**
+         * Sign EIP-191 Data
+         * @description Sign EIP-191 Data
+         *
+         * Signs a message using EIP-191 personal_sign with a given Secp256k1 key.
+         */
+        post: operations["eip191Sign"];
+    };
     "/v0/org/{org_id}/evm/eip712/sign/{pubkey}": {
         /**
          * Sign EIP-712 Typed Data
@@ -272,14 +287,15 @@ export interface paths {
          * @description Delete Role
          *
          * Deletes a role in an organization.
-         * Only organization owners can perform this action.
+         * Only users in the role can perform this action.
          */
         delete: operations["deleteRole"];
         /**
          * Update Role
          * @description Update Role
          *
-         * Enables or disables a role.
+         * Enables or disables a role (this requires the `manage:role:update:enable` scope).
+         * Updates the role's policies (this requires the `manage:role:update:policy` scope).
          * The user must be in the role or an owner of the organization.
          */
         patch: operations["updateRole"];
@@ -387,7 +403,8 @@ export interface paths {
          * Create new user session (management and/or signing)
          * @description Create new user session (management and/or signing)
          *
-         * Create a new user session
+         * Creates a new user session, silently truncating requested session and auth lifetimes
+         * to be at most requestor's session and auth lifetime, respectively.
          */
         post: operations["createSession"];
         /**
@@ -771,7 +788,7 @@ export interface components {
             email: string;
             identity: components["schemas"]["OIDCIdentity"];
             /** @description Optional login MFA policy */
-            mfa_policy?: Record<string, unknown> | null;
+            mfa_policy?: unknown;
             role: components["schemas"]["MemberRole"];
         };
         AddThirdPartyUserResponse: {
@@ -987,6 +1004,19 @@ export interface components {
                 value: number;
             };
         };
+        /** @description Describes how to derive a WebAuthn challenge value. */
+        ChallengePieces: {
+            /**
+             * @description A base64url encoding of UTF8 JSON. The data in that JSON is endpoint specific, and describes what this FIDO challenge will be used for.
+             *
+             * Clients can use `preimage` along with `random_seed` to reconstruct the challenge like so:
+             *
+             * `challenge = HMAC-SHA256(key=random_seed, message=preimage)`
+             */
+            preimage: string;
+            /** @description A random seed that prevents replay attacks */
+            random_seed: string;
+        };
         /**
          * @description Session information sent to the client.
          * This struct works in tandem with its server-side counterpart [`SessionData`].
@@ -1089,7 +1119,7 @@ export interface components {
              */
             scopes: string[];
         };
-        CreateTokenRequest: components["schemas"]["RatchetConfig"] & ({
+        CreateTokenRequest: components["schemas"]["RatchetConfig"] & {
             /**
              * @description A human readable description of the purpose of the key
              * @example Validator Signing
@@ -1103,7 +1133,16 @@ export interface components {
              * ]
              */
             scopes?: string[] | null;
-        });
+        };
+        /**
+         * @description An extended form of `PublicKeyCredentialCreationOptions` that allows clients to derive the WebAuthn challenge
+         * from a structured preimage.
+         *
+         * This ensures that the webuathn signature can only be used for a specific purpose
+         */
+        CreationOptionsWithHash: components["schemas"]["ChallengePieces"] & {
+            options: components["schemas"]["PublicKeyCredentialCreationOptions"];
+        };
         CubeSignerUserInfo: {
             /** @description All multi-factor authentication methods configured for this user */
             configured_mfa: components["schemas"]["ConfiguredMfa"][];
@@ -1156,6 +1195,22 @@ export interface components {
              */
             mnemonic_id: string;
         };
+        Eip191Or712SignResponse: {
+            /**
+             * @description Hex-encoded signature comprising 65 bytes in the format required
+             * by ecrecover: 32-byte r, 32-byte s, and one-byte recovery-id v
+             * which is either 27 or 28.
+             * @example 0x4355c47d63924e8a72e509b65029052eb6c299d53a04e167c5775fd466751c9d07299936d304c153f6443dfa05f40ff007d72911b6f72307f996231605b915621c
+             */
+            signature: string;
+        };
+        Eip191SignRequest: {
+            /**
+             * @description EIP-191 data to sign as hex-encoded bytes.
+             * @example 0xdeadbeef13c0ffee
+             */
+            data: string;
+        };
         /**
          * @example {
          *   "chain_id": 1337,
@@ -1251,17 +1306,8 @@ export interface components {
             /** @description EIP-712 typed data. Refer to the JSON schema defined in EIP-712. */
             typed_data: Record<string, never>;
         };
-        Eip712SignResponse: {
-            /**
-             * @description Hex-encoded signature comprising 65 bytes in the format required
-             * by ecrecover: 32-byte r, 32-byte s, and one-byte recovery-id v
-             * which is either 27 or 28.
-             * @example 0x4355c47d63924e8a72e509b65029052eb6c299d53a04e167c5775fd466751c9d07299936d304c153f6443dfa05f40ff007d72911b6f72307f996231605b915621c
-             */
-            signature: string;
-        };
         /** @default null */
-        Empty: Record<string, unknown> | null;
+        Empty: unknown;
         EmptyImpl: {
             status: string;
         };
@@ -1363,10 +1409,11 @@ export interface components {
             challenge_id: string;
             credential: components["schemas"]["PublicKeyCredential"];
         };
-        FidoAssertChallenge: {
+        FidoAssertChallenge: (components["schemas"]["ChallengePieces"] & {
+            options: components["schemas"]["PublicKeyCredentialRequestOptions"];
+        }) & {
             /** @description The id of the challenge. Must be supplied when answering the challenge. */
             challenge_id: string;
-            options: components["schemas"]["PublicKeyCredentialRequestOptions"];
         };
         /** @description Sent from the client to the server to answer a fido challenge */
         FidoCreateChallengeAnswer: {
@@ -1378,10 +1425,11 @@ export interface components {
          * @description Sent by the server to the client. Contains the challenge data that must be
          * used to generate a new credential
          */
-        FidoCreateChallengeResponse: {
+        FidoCreateChallengeResponse: (components["schemas"]["ChallengePieces"] & {
+            options: components["schemas"]["PublicKeyCredentialCreationOptions"];
+        }) & {
             /** @description The id of the challenge. Must be supplied when answering the challenge. */
             challenge_id: string;
-            options: components["schemas"]["PublicKeyCredentialCreationOptions"];
         };
         /** @description Declares intent to register a new FIDO key */
         FidoCreateRequest: {
@@ -1456,6 +1504,8 @@ export interface components {
              * @description Number of requests currently being processed by cube3signer
              */
             current_num_requests_processing: number;
+            /** @description Do not record metric data from this heartbeat */
+            ignore?: boolean;
             /**
              * Format: int64
              * @description Number of new requests during this heartbeat period
@@ -1502,7 +1552,7 @@ export interface components {
          */
         HttpRequest: {
             /** @description HTTP request body */
-            body?: Record<string, unknown> | null;
+            body?: unknown;
             /** @description HTTP method of the request */
             method: string;
             /** @description HTTP path of the request (including host or not?) */
@@ -1512,7 +1562,7 @@ export interface components {
          * @description Proof that an end-user provided CubeSigner with a valid auth token
          * (either an OIDC token or a CubeSigner session token)
          */
-        IdentityProof: ({
+        IdentityProof: {
             /**
              * @description OIDC audience; set only if the proof was obtained by using OIDC token.
              *
@@ -1527,7 +1577,7 @@ export interface components {
             exp_epoch: components["schemas"]["EpochDateTime"];
             identity?: components["schemas"]["OIDCIdentity"] | null;
             user_info?: components["schemas"]["CubeSignerUserInfo"] | null;
-        }) & {
+        } & {
             /** @description An opaque identifier for the proof */
             id: string;
         };
@@ -1560,7 +1610,7 @@ export interface components {
              */
             email: string;
             /** @description Optional login MFA policy */
-            mfa_policy?: Record<string, unknown> | null;
+            mfa_policy?: unknown;
             /**
              * @description The user's full name
              * @example Alice Wonderland
@@ -1725,6 +1775,12 @@ export interface components {
              * @example 0x8e3484687e66cdd26cf04c3647633ab4f3570148
              */
             material_id: string;
+            /**
+             * @description User-defined metadata. When rendering (e.g., in the browser) you should treat
+             * it as untrusted user data (and avoid injecting metadata into HTML directly) if
+             * untrusted users can create/update keys (or their metadata).
+             */
+            metadata?: string;
             /**
              * @description Owner of the key
              * @example User#c3b9379c-4e8c-4216-bd0a-65ace53cf98f
@@ -1790,8 +1846,21 @@ export interface components {
             request: components["schemas"]["HttpRequest"];
             status: components["schemas"]["Status"];
         };
-        /** @enum {string} */
-        MfaType: "CubeSigner" | "Totp" | "Fido";
+        MfaType: OneOf<[
+            "CubeSigner",
+            "Totp",
+            "Fido",
+            {
+                /** @description Answer a FIDO challenge with a specific FIDO key */
+                FidoKey: {
+                    /**
+                     * @description The ID of the FIDO key that must be use to approve the request
+                     * @example FidoKey#EtDd...ZZc8=
+                     */
+                    key_id: string;
+                };
+            }
+        ]>;
         /**
          * @description Network name ('mainnet', 'prater', 'goerli')
          * @example goerli
@@ -1947,14 +2016,14 @@ export interface components {
          */
         PaginatedListKeysResponse: {
             keys: components["schemas"]["KeyInfo"][];
-        } & ({
+        } & {
             /**
              * @description If set, the content of `response` does not contain the entire result set.
              * To fetch the next page of the result set, call the same endpoint
              * but specify this value as the 'page.start' query parameter.
              */
             last_evaluated_key?: string | null;
-        });
+        };
         /**
          * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
          * value (which can the user pass back to use as a url query parameter to continue pagination).
@@ -1962,14 +2031,14 @@ export interface components {
         PaginatedListRoleKeysResponse: {
             /** @description All keys in a role */
             keys: components["schemas"]["KeyInRoleInfo"][];
-        } & ({
+        } & {
             /**
              * @description If set, the content of `response` does not contain the entire result set.
              * To fetch the next page of the result set, call the same endpoint
              * but specify this value as the 'page.start' query parameter.
              */
             last_evaluated_key?: string | null;
-        });
+        };
         /**
          * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
          * value (which can the user pass back to use as a url query parameter to continue pagination).
@@ -1977,14 +2046,14 @@ export interface components {
         PaginatedListRoleUsersResponse: {
             /** @description All users in a role */
             users: components["schemas"]["UserInRoleInfo"][];
-        } & ({
+        } & {
             /**
              * @description If set, the content of `response` does not contain the entire result set.
              * To fetch the next page of the result set, call the same endpoint
              * but specify this value as the 'page.start' query parameter.
              */
             last_evaluated_key?: string | null;
-        });
+        };
         /**
          * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
          * value (which can the user pass back to use as a url query parameter to continue pagination).
@@ -1992,14 +2061,14 @@ export interface components {
         PaginatedListRolesResponse: {
             /** @description All roles in an organization. */
             roles: components["schemas"]["RoleInfo"][];
-        } & ({
+        } & {
             /**
              * @description If set, the content of `response` does not contain the entire result set.
              * To fetch the next page of the result set, call the same endpoint
              * but specify this value as the 'page.start' query parameter.
              */
             last_evaluated_key?: string | null;
-        });
+        };
         /**
          * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
          * value (which can the user pass back to use as a url query parameter to continue pagination).
@@ -2007,28 +2076,28 @@ export interface components {
         PaginatedSessionsResponse: {
             /** @description The list of sessions */
             sessions: components["schemas"]["SessionInfo"][];
-        } & ({
+        } & {
             /**
              * @description If set, the content of `response` does not contain the entire result set.
              * To fetch the next page of the result set, call the same endpoint
              * but specify this value as the 'page.start' query parameter.
              */
             last_evaluated_key?: string | null;
-        });
+        };
         /**
          * @description Response type that wraps another type and adds base64url-encoded encrypted `last_evaluated_key`
          * value (which can the user pass back to use as a url query parameter to continue pagination).
          */
         PaginatedUserExportListResponse: {
             export_requests: components["schemas"]["UserExportInitResponse"][];
-        } & ({
+        } & {
             /**
              * @description If set, the content of `response` does not contain the entire result set.
              * To fetch the next page of the result set, call the same endpoint
              * but specify this value as the 'page.start' query parameter.
              */
             last_evaluated_key?: string | null;
-        });
+        };
         /**
          * @description This type represents a wire-encodable form of the PublicKeyCredential interface
          * Clients may need to manually encode into this format to communicate with the server
@@ -2053,7 +2122,7 @@ export interface components {
              * This operation returns the value of [[clientExtensionsResults]], which is a map containing extension identifier → client extension output entries produced by the extension’s client extension processing.
              * https://www.w3.org/TR/webauthn-2/#ref-for-dom-publickeycredential-getclientextensionresults
              */
-            clientExtensionResults?: Record<string, unknown> | null;
+            clientExtensionResults?: unknown;
             /**
              * @description This internal slot contains the credential ID, chosen by the
              * authenticator. The credential ID is used to look up credentials for use,
@@ -2104,7 +2173,7 @@ export interface components {
              *
              * https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialcreationoptions-extensions
              */
-            extensions?: Record<string, unknown> | null;
+            extensions?: unknown;
             /**
              * @description This member contains information about the desired properties of the
              * credential to be created. The sequence is ordered from most preferred to
@@ -2198,7 +2267,7 @@ export interface components {
              * https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialrequestoptions-challenge
              */
             challenge: string;
-            extensions?: Record<string, unknown> | null;
+            extensions?: unknown;
             /**
              * @description This OPTIONAL member specifies the relying party identifier claimed by
              * the caller. If omitted, its value will be the CredentialsContainer
@@ -2345,13 +2414,13 @@ export interface components {
             name: string;
         };
         RatchetConfig: {
-            /** @default 300 */
+            /** @default default_auth_lifetime */
             auth_lifetime?: components["schemas"]["Seconds"];
             /** @default default_grace_lifetime */
             grace_lifetime?: components["schemas"]["Seconds"];
-            /** @default 86400 */
+            /** @default default_refresh_lifetime */
             refresh_lifetime?: components["schemas"]["Seconds"];
-            /** @default 31536000 */
+            /** @default default_session_lifetime */
             session_lifetime?: components["schemas"]["Seconds"];
         };
         /** @description Receipt that an MFA request was approved. */
@@ -2365,6 +2434,15 @@ export interface components {
             final_approver: string;
             timestamp: components["schemas"]["EpochDateTime"];
         };
+        /**
+         * @description An extended form of `PublicKeyCredentialRequestOptions` that allows clients to derive the WebAuthn challenge
+         * from a structured preimage.
+         *
+         * This ensures that the webuathn signature can only be used for a specific purpose
+         */
+        RequestOptionsWithHash: components["schemas"]["ChallengePieces"] & {
+            options: components["schemas"]["PublicKeyCredentialRequestOptions"];
+        };
         /**
          * @description This enumeration’s values describe the Relying Party's requirements for
          * client-side discoverable credentials (formerly known as resident credentials
@@ -2614,6 +2692,11 @@ export interface components {
              * Once disabled, a key cannot be used for signing.
              */
             enabled?: boolean | null;
+            /**
+             * @description If set, update this key's metadata. Validation regex: ^[A-Za-z0-9_=+/ \-\.\,]{0,1024}$
+             * @example Contract admin key
+             */
+            metadata?: string | null;
             /**
              * @description If set, updates key's owner to this value.
              * The new owner must be an existing user who is a member of the same org.
@@ -2861,7 +2944,7 @@ export interface components {
             /** @description All multi-factor authentication methods configured for this user */
             mfa: components["schemas"]["ConfiguredMfa"][];
             /** @description MFA policy, applies before logging in and other sensitive operations */
-            mfa_policy?: Record<string, unknown> | null;
+            mfa_policy?: unknown;
             /**
              * @description All organizations the user belongs to
              * @example [
@@ -2974,7 +3057,7 @@ export interface components {
                 };
             };
         };
-        Eip712SignResponse: {
+        Eip191Or712SignResponse: {
             content: {
                 "application/json": {
                     /**
@@ -3018,10 +3101,11 @@ export interface components {
         };
         FidoAssertChallenge: {
             content: {
-                "application/json": {
+                "application/json": (components["schemas"]["ChallengePieces"] & {
+                    options: components["schemas"]["PublicKeyCredentialRequestOptions"];
+                }) & {
                     /** @description The id of the challenge. Must be supplied when answering the challenge. */
                     challenge_id: string;
-                    options: components["schemas"]["PublicKeyCredentialRequestOptions"];
                 };
             };
         };
@@ -3031,10 +3115,11 @@ export interface components {
          */
         FidoCreateChallengeResponse: {
             content: {
-                "application/json": {
+                "application/json": (components["schemas"]["ChallengePieces"] & {
+                    options: components["schemas"]["PublicKeyCredentialCreationOptions"];
+                }) & {
                     /** @description The id of the challenge. Must be supplied when answering the challenge. */
                     challenge_id: string;
-                    options: components["schemas"]["PublicKeyCredentialCreationOptions"];
                 };
             };
         };
@@ -3052,7 +3137,7 @@ export interface components {
          */
         IdentityProof: {
             content: {
-                "application/json": ({
+                "application/json": {
                     /**
                      * @description OIDC audience; set only if the proof was obtained by using OIDC token.
                      *
@@ -3067,7 +3152,7 @@ export interface components {
                     exp_epoch: components["schemas"]["EpochDateTime"];
                     identity?: components["schemas"]["OIDCIdentity"] | null;
                     user_info?: components["schemas"]["CubeSignerUserInfo"] | null;
-                }) & {
+                } & {
                     /** @description An opaque identifier for the proof */
                     id: string;
                 };
@@ -3123,6 +3208,12 @@ export interface components {
                      * @example 0x8e3484687e66cdd26cf04c3647633ab4f3570148
                      */
                     material_id: string;
+                    /**
+                     * @description User-defined metadata. When rendering (e.g., in the browser) you should treat
+                     * it as untrusted user data (and avoid injecting metadata into HTML directly) if
+                     * untrusted users can create/update keys (or their metadata).
+                     */
+                    metadata?: string;
                     /**
                      * @description Owner of the key
                      * @example User#c3b9379c-4e8c-4216-bd0a-65ace53cf98f
@@ -3283,14 +3374,14 @@ export interface components {
             content: {
                 "application/json": {
                     keys: components["schemas"]["KeyInfo"][];
-                } & ({
+                } & {
                     /**
                      * @description If set, the content of `response` does not contain the entire result set.
                      * To fetch the next page of the result set, call the same endpoint
                      * but specify this value as the 'page.start' query parameter.
                      */
                     last_evaluated_key?: string | null;
-                });
+                };
             };
         };
         PaginatedListRoleKeysResponse: {
@@ -3298,14 +3389,14 @@ export interface components {
                 "application/json": {
                     /** @description All keys in a role */
                     keys: components["schemas"]["KeyInRoleInfo"][];
-                } & ({
+                } & {
                     /**
                      * @description If set, the content of `response` does not contain the entire result set.
                      * To fetch the next page of the result set, call the same endpoint
                      * but specify this value as the 'page.start' query parameter.
                      */
                     last_evaluated_key?: string | null;
-                });
+                };
             };
         };
         PaginatedListRoleUsersResponse: {
@@ -3313,14 +3404,14 @@ export interface components {
                 "application/json": {
                     /** @description All users in a role */
                     users: components["schemas"]["UserInRoleInfo"][];
-                } & ({
+                } & {
                     /**
                      * @description If set, the content of `response` does not contain the entire result set.
                      * To fetch the next page of the result set, call the same endpoint
                      * but specify this value as the 'page.start' query parameter.
                      */
                     last_evaluated_key?: string | null;
-                });
+                };
             };
         };
         PaginatedListRolesResponse: {
@@ -3328,14 +3419,14 @@ export interface components {
                 "application/json": {
                     /** @description All roles in an organization. */
                     roles: components["schemas"]["RoleInfo"][];
-                } & ({
+                } & {
                     /**
                      * @description If set, the content of `response` does not contain the entire result set.
                      * To fetch the next page of the result set, call the same endpoint
                      * but specify this value as the 'page.start' query parameter.
                      */
                     last_evaluated_key?: string | null;
-                });
+                };
             };
         };
         PaginatedSessionsResponse: {
@@ -3343,28 +3434,28 @@ export interface components {
                 "application/json": {
                     /** @description The list of sessions */
                     sessions: components["schemas"]["SessionInfo"][];
-                } & ({
+                } & {
                     /**
                      * @description If set, the content of `response` does not contain the entire result set.
                      * To fetch the next page of the result set, call the same endpoint
                      * but specify this value as the 'page.start' query parameter.
                      */
                     last_evaluated_key?: string | null;
-                });
+                };
             };
         };
         PaginatedUserExportListResponse: {
             content: {
                 "application/json": {
                     export_requests: components["schemas"]["UserExportInitResponse"][];
-                } & ({
+                } & {
                     /**
                      * @description If set, the content of `response` does not contain the entire result set.
                      * To fetch the next page of the result set, call the same endpoint
                      * but specify this value as the 'page.start' query parameter.
                      */
                     last_evaluated_key?: string | null;
-                });
+                };
             };
         };
         RevokeTokenResponse: {
@@ -3601,7 +3692,7 @@ export interface components {
                     /** @description All multi-factor authentication methods configured for this user */
                     mfa: components["schemas"]["ConfiguredMfa"][];
                     /** @description MFA policy, applies before logging in and other sensitive operations */
-                    mfa_policy?: Record<string, unknown> | null;
+                    mfa_policy?: unknown;
                     /**
                      * @description All organizations the user belongs to
                      * @example [
@@ -3810,6 +3901,46 @@ export interface operations {
             };
         };
     };
+    /**
+     * Sign EIP-191 Data
+     * @description Sign EIP-191 Data
+     *
+     * Signs a message using EIP-191 personal_sign with a given Secp256k1 key.
+     */
+    eip191Sign: {
+        parameters: {
+            path: {
+                /**
+                 * @description Name or ID of the desired Org
+                 * @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
+                 */
+                org_id: string;
+                /**
+                 * @description Hex-encoded EVM address of the Secp256k1 key
+                 * @example 0x49011adbCC3bC9c0307BB07F37Dda1a1a9c69d2E
+                 */
+                pubkey: string;
+            };
+        };
+        requestBody: {
+            content: {
+                "application/json": components["schemas"]["Eip191SignRequest"];
+            };
+        };
+        responses: {
+            200: components["responses"]["Eip191Or712SignResponse"];
+            202: {
+                content: {
+                    "application/json": components["schemas"]["AcceptedResponse"];
+                };
+            };
+            default: {
+                content: {
+                    "application/json": components["schemas"]["ErrorResponse"];
+                };
+            };
+        };
+    };
     /**
      * Sign EIP-712 Typed Data
      * @description Sign EIP-712 Typed Data
@@ -3825,7 +3956,7 @@ export interface operations {
                  */
                 org_id: string;
                 /**
-                 * @description Hex-encoded ethereum address of the secp key
+                 * @description Hex-encoded EVM address of the Secp256k1 key
                  * @example 0x49011adbCC3bC9c0307BB07F37Dda1a1a9c69d2E
                  */
                 pubkey: string;
@@ -3837,7 +3968,7 @@ export interface operations {
             };
         };
         responses: {
-            200: components["responses"]["Eip712SignResponse"];
+            200: components["responses"]["Eip191Or712SignResponse"];
             202: {
                 content: {
                     "application/json": components["schemas"]["AcceptedResponse"];
@@ -4532,7 +4663,7 @@ export interface operations {
      * @description Delete Role
      *
      * Deletes a role in an organization.
-     * Only organization owners can perform this action.
+     * Only users in the role can perform this action.
      */
     deleteRole: {
         parameters: {
@@ -4562,7 +4693,8 @@ export interface operations {
      * Update Role
      * @description Update Role
      *
-     * Enables or disables a role.
+     * Enables or disables a role (this requires the `manage:role:update:enable` scope).
+     * Updates the role's policies (this requires the `manage:role:update:policy` scope).
      * The user must be in the role or an owner of the organization.
      */
     updateRole: {
@@ -4961,7 +5093,8 @@ export interface operations {
      * Create new user session (management and/or signing)
      * @description Create new user session (management and/or signing)
      *
-     * Create a new user session
+     * Creates a new user session, silently truncating requested session and auth lifetimes
+     * to be at most requestor's session and auth lifetime, respectively.
      */
     createSession: {
         parameters: {
@@ -5863,9 +5996,9 @@ export interface operations {
                 org_id: string;
             };
         };
-        requestBody: {
+        requestBody?: {
             content: {
-                "application/json": components["schemas"]["HeartbeatRequest"];
+                "application/json": components["schemas"]["HeartbeatRequest"] | null;
             };
         };
         responses: {
@@ -6073,3 +6206,4 @@ export interface operations {
         };
     };
 }
+export {};