@cubist-labs/cubesigner-sdk 0.3.28 → 0.3.29
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -6
- package/dist/cjs/package.json +1 -1
- package/dist/cjs/src/api.d.ts +2 -1
- package/dist/cjs/src/api.js +4 -2
- package/dist/cjs/src/client.d.ts +16 -11
- package/dist/cjs/src/client.js +4 -3
- package/dist/cjs/src/key.d.ts +3 -0
- package/dist/cjs/src/key.js +10 -1
- package/dist/cjs/src/org.d.ts +3 -3
- package/dist/cjs/src/schema.d.ts +970 -46
- package/dist/cjs/src/schema.js +1 -1
- package/dist/esm/package.json +1 -1
- package/dist/esm/src/api.d.ts +2 -1
- package/dist/esm/src/api.js +4 -2
- package/dist/esm/src/client.d.ts +16 -11
- package/dist/esm/src/client.js +4 -3
- package/dist/esm/src/key.d.ts +3 -0
- package/dist/esm/src/key.js +10 -1
- package/dist/esm/src/org.d.ts +3 -3
- package/dist/esm/src/schema.d.ts +970 -46
- package/dist/esm/src/schema.js +1 -1
- package/package.json +1 -1
- package/src/api.ts +7 -1
- package/src/client.ts +3 -2
- package/src/key.ts +9 -0
- package/src/schema.ts +1008 -44
- package/dist/cjs/src/org_event_processor.d.ts +0 -57
- package/dist/cjs/src/org_event_processor.js +0 -137
- package/dist/esm/src/org_event_processor.d.ts +0 -57
- package/dist/esm/src/org_event_processor.js +0 -133
- package/dist/package.json +0 -36
- package/dist/spec/env/beta.json +0 -9
- package/dist/spec/env/gamma.json +0 -9
- package/dist/spec/env/prod.json +0 -9
- package/dist/src/api.d.ts +0 -634
- package/dist/src/api.js +0 -1309
- package/dist/src/client.d.ts +0 -575
- package/dist/src/client.js +0 -381
- package/dist/src/env.d.ts +0 -15
- package/dist/src/env.js +0 -35
- package/dist/src/error.d.ts +0 -29
- package/dist/src/error.js +0 -36
- package/dist/src/events.d.ts +0 -84
- package/dist/src/events.js +0 -195
- package/dist/src/index.d.ts +0 -207
- package/dist/src/index.js +0 -308
- package/dist/src/key.d.ts +0 -152
- package/dist/src/key.js +0 -242
- package/dist/src/mfa.d.ts +0 -94
- package/dist/src/mfa.js +0 -169
- package/dist/src/org.d.ts +0 -99
- package/dist/src/org.js +0 -95
- package/dist/src/paginator.d.ts +0 -76
- package/dist/src/paginator.js +0 -99
- package/dist/src/response.d.ts +0 -101
- package/dist/src/response.js +0 -164
- package/dist/src/role.d.ts +0 -283
- package/dist/src/role.js +0 -253
- package/dist/src/schema.d.ts +0 -6209
- package/dist/src/schema.js +0 -7
- package/dist/src/schema_types.d.ts +0 -113
- package/dist/src/schema_types.js +0 -3
- package/dist/src/session/session_storage.d.ts +0 -47
- package/dist/src/session/session_storage.js +0 -76
- package/dist/src/session/signer_session_manager.d.ts +0 -125
- package/dist/src/session/signer_session_manager.js +0 -239
- package/dist/src/signer_session.d.ts +0 -41
- package/dist/src/signer_session.js +0 -77
- package/dist/src/user_export.d.ts +0 -52
- package/dist/src/user_export.js +0 -129
- package/dist/src/util.d.ts +0 -61
- package/dist/src/util.js +0 -97
package/dist/cjs/src/schema.d.ts
CHANGED
|
@@ -34,26 +34,69 @@ export interface paths {
|
|
|
34
34
|
*/
|
|
35
35
|
patch: operations["updateOrg"];
|
|
36
36
|
};
|
|
37
|
+
"/v0/org/{org_id}/ava/sign/{ava_chain}/{pubkey}": {
|
|
38
|
+
/**
|
|
39
|
+
* Sign a serialized Avalanche C/X/P-Chain Message
|
|
40
|
+
* @description Sign a serialized Avalanche C/X/P-Chain Message
|
|
41
|
+
*
|
|
42
|
+
* Signs an Avalanche message with a given SecpEth (C-Chain messages) or
|
|
43
|
+
* SecpAva (X- and P-Chain messages) key. Currently signing C-Chain messages
|
|
44
|
+
* with SecpEth key must also be explicitly allowed via `AllowRawBlobSigning`
|
|
45
|
+
* policy.
|
|
46
|
+
*
|
|
47
|
+
* This is a pre-release feature.
|
|
48
|
+
*/
|
|
49
|
+
post: operations["avaSerializedTxSign"];
|
|
50
|
+
};
|
|
37
51
|
"/v0/org/{org_id}/ava/sign/{pubkey}": {
|
|
38
52
|
/**
|
|
39
|
-
* Sign Avalanche X- or P-Chain Message
|
|
40
|
-
* @description Sign Avalanche X- or P-Chain Message
|
|
53
|
+
* Sign JSON-encoded Avalanche X- or P-Chain Message
|
|
54
|
+
* @description Sign JSON-encoded Avalanche X- or P-Chain Message
|
|
41
55
|
*
|
|
42
56
|
* Signs an Avalanche message with a given SecpAva key.
|
|
43
57
|
* This is a pre-release feature.
|
|
44
58
|
*/
|
|
45
59
|
post: operations["avaSign"];
|
|
46
60
|
};
|
|
61
|
+
"/v0/org/{org_id}/babylon/eots/nonces/{pubkey}": {
|
|
62
|
+
/**
|
|
63
|
+
* Create EOTS nonces
|
|
64
|
+
* @description Create EOTS nonces
|
|
65
|
+
*
|
|
66
|
+
* Generates a set of Babylon EOTS nonces for a specified chain-id, starting at a
|
|
67
|
+
* specified block height.
|
|
68
|
+
*/
|
|
69
|
+
post: operations["createEotsNonces"];
|
|
70
|
+
};
|
|
71
|
+
"/v0/org/{org_id}/babylon/eots/sign/{pubkey}": {
|
|
72
|
+
/**
|
|
73
|
+
* Create an EOTS signature
|
|
74
|
+
* @description Create an EOTS signature
|
|
75
|
+
*
|
|
76
|
+
* Generates an EOTS signature for the specified chain-id, block height, and message.
|
|
77
|
+
*/
|
|
78
|
+
post: operations["eotsSign"];
|
|
79
|
+
};
|
|
47
80
|
"/v0/org/{org_id}/btc/sign/{pubkey}": {
|
|
48
81
|
/**
|
|
49
|
-
* Sign Bitcoin Transaction
|
|
50
|
-
* @description Sign Bitcoin Transaction
|
|
82
|
+
* Sign Bitcoin Segwit Transaction
|
|
83
|
+
* @description Sign Bitcoin Segwit Transaction
|
|
51
84
|
*
|
|
52
|
-
* Signs a Bitcoin transaction with a given key.
|
|
85
|
+
* Signs a Bitcoin Segwit transaction with a given key.
|
|
53
86
|
* This is a pre-release feature.
|
|
54
87
|
*/
|
|
55
88
|
post: operations["btcSign"];
|
|
56
89
|
};
|
|
90
|
+
"/v0/org/{org_id}/btc/taproot/sign/{pubkey}": {
|
|
91
|
+
/**
|
|
92
|
+
* Sign Bitcoin Taproot Transaction
|
|
93
|
+
* @description Sign Bitcoin Taproot Transaction
|
|
94
|
+
*
|
|
95
|
+
* Signs a Bitcoin Taproot transaction with a given key.
|
|
96
|
+
* This is a pre-release feature.
|
|
97
|
+
*/
|
|
98
|
+
post: operations["btcTaprootSign"];
|
|
99
|
+
};
|
|
57
100
|
"/v0/org/{org_id}/derive_key": {
|
|
58
101
|
/**
|
|
59
102
|
* Derive Key From Long-Lived Mnemonic
|
|
@@ -64,6 +107,9 @@ export interface paths {
|
|
|
64
107
|
*/
|
|
65
108
|
put: operations["deriveKey"];
|
|
66
109
|
};
|
|
110
|
+
"/v0/org/{org_id}/emails/otp": {
|
|
111
|
+
put: operations["setEmailOtp"];
|
|
112
|
+
};
|
|
67
113
|
"/v0/org/{org_id}/evm/eip191/sign/{pubkey}": {
|
|
68
114
|
/**
|
|
69
115
|
* Sign EIP-191 Data
|
|
@@ -82,6 +128,23 @@ export interface paths {
|
|
|
82
128
|
*/
|
|
83
129
|
post: operations["eip712Sign"];
|
|
84
130
|
};
|
|
131
|
+
"/v0/org/{org_id}/identity": {
|
|
132
|
+
/**
|
|
133
|
+
* List associated OIDC identities with the current user.
|
|
134
|
+
* @description List associated OIDC identities with the current user.
|
|
135
|
+
*/
|
|
136
|
+
get: operations["listOidcIdentities"];
|
|
137
|
+
/**
|
|
138
|
+
* Associate an OIDC identity with the current user in org <session.org>.
|
|
139
|
+
* @description Associate an OIDC identity with the current user in org <session.org>.
|
|
140
|
+
*/
|
|
141
|
+
post: operations["addOidcIdentity"];
|
|
142
|
+
/**
|
|
143
|
+
* Remove an OIDC identity from the current user's account in org <session.org>.
|
|
144
|
+
* @description Remove an OIDC identity from the current user's account in org <session.org>.
|
|
145
|
+
*/
|
|
146
|
+
delete: operations["removeOidcIdentity"];
|
|
147
|
+
};
|
|
85
148
|
"/v0/org/{org_id}/identity/prove": {
|
|
86
149
|
/**
|
|
87
150
|
* Create [IdentityProof] from CubeSigner user session
|
|
@@ -177,7 +240,9 @@ export interface paths {
|
|
|
177
240
|
* @description Delete Key
|
|
178
241
|
*
|
|
179
242
|
* Deletes a key specified by its ID.
|
|
243
|
+
*
|
|
180
244
|
* Only the key owner and org owners are allowed to delete keys.
|
|
245
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
181
246
|
*/
|
|
182
247
|
delete: operations["deleteKey"];
|
|
183
248
|
/**
|
|
@@ -296,6 +361,23 @@ export interface paths {
|
|
|
296
361
|
*/
|
|
297
362
|
post: operations["oidcAuth"];
|
|
298
363
|
};
|
|
364
|
+
"/v0/org/{org_id}/oidc/email-otp": {
|
|
365
|
+
/**
|
|
366
|
+
* Initiate login via email token
|
|
367
|
+
* @description Initiate login via email token
|
|
368
|
+
*
|
|
369
|
+
* This endpoint sends an email to the provided address with an OIDC token encrypted with AES-GCM.
|
|
370
|
+
* The decryption parameters are returned immediately in the response.
|
|
371
|
+
* Once that token is decrypted, it can be used with the standard OIDC authentication flows
|
|
372
|
+
*
|
|
373
|
+
*
|
|
374
|
+
* > [!IMPORTANT]
|
|
375
|
+
* > For this endpoint to succeed, the org must be configured to:
|
|
376
|
+
* > 1. Allow the issuer `https://shim.oauth2.cubist.dev/email-otp` and client ID being the Org ID
|
|
377
|
+
* > 2. Have an email sender configured for OTPs
|
|
378
|
+
*/
|
|
379
|
+
post: operations["emailOtpAuth"];
|
|
380
|
+
};
|
|
299
381
|
"/v0/org/{org_id}/roles": {
|
|
300
382
|
/**
|
|
301
383
|
* List Roles
|
|
@@ -326,7 +408,9 @@ export interface paths {
|
|
|
326
408
|
* @description Delete Role
|
|
327
409
|
*
|
|
328
410
|
* Deletes a role in an organization.
|
|
411
|
+
*
|
|
329
412
|
* Only users in the role can perform this action.
|
|
413
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
330
414
|
*/
|
|
331
415
|
delete: operations["deleteRole"];
|
|
332
416
|
/**
|
|
@@ -335,7 +419,9 @@ export interface paths {
|
|
|
335
419
|
*
|
|
336
420
|
* Enables or disables a role (this requires the `manage:role:update:enable` scope).
|
|
337
421
|
* Updates the role's policies (this requires the `manage:role:update:policy` scope).
|
|
422
|
+
*
|
|
338
423
|
* The user must be in the role or an owner of the organization.
|
|
424
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
339
425
|
*/
|
|
340
426
|
patch: operations["updateRole"];
|
|
341
427
|
};
|
|
@@ -345,6 +431,9 @@ export interface paths {
|
|
|
345
431
|
* @description Add Keys
|
|
346
432
|
*
|
|
347
433
|
* Adds a list of existing keys to an existing role.
|
|
434
|
+
*
|
|
435
|
+
* Only the key owner can their key to a role.
|
|
436
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
348
437
|
*/
|
|
349
438
|
put: operations["addKeysToRole"];
|
|
350
439
|
};
|
|
@@ -354,7 +443,9 @@ export interface paths {
|
|
|
354
443
|
* @description Add User
|
|
355
444
|
*
|
|
356
445
|
* Adds an existing user to an existing role.
|
|
357
|
-
*
|
|
446
|
+
*
|
|
447
|
+
* Only users in the role or org owners can add users to a role.
|
|
448
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
358
449
|
*/
|
|
359
450
|
put: operations["addUserToRole"];
|
|
360
451
|
};
|
|
@@ -372,7 +463,10 @@ export interface paths {
|
|
|
372
463
|
* Remove Key
|
|
373
464
|
* @description Remove Key
|
|
374
465
|
*
|
|
375
|
-
* Removes a given key from a role
|
|
466
|
+
* Removes a given key from a role.
|
|
467
|
+
*
|
|
468
|
+
* Only users in the role or org owners can remove keys from a role.
|
|
469
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
376
470
|
*/
|
|
377
471
|
delete: operations["removeKeyFromRole"];
|
|
378
472
|
};
|
|
@@ -436,7 +530,9 @@ export interface paths {
|
|
|
436
530
|
* @description Remove User
|
|
437
531
|
*
|
|
438
532
|
* Removes an existing user from an existing role.
|
|
533
|
+
*
|
|
439
534
|
* Only users in the role or org owners can remove users from a role.
|
|
535
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
440
536
|
*/
|
|
441
537
|
delete: operations["removeUserFromRole"];
|
|
442
538
|
};
|
|
@@ -636,6 +732,22 @@ export interface paths {
|
|
|
636
732
|
*/
|
|
637
733
|
delete: operations["deleteOidcUser"];
|
|
638
734
|
};
|
|
735
|
+
"/v0/org/{org_id}/users/{user_id}": {
|
|
736
|
+
/**
|
|
737
|
+
* Remove a user from the org
|
|
738
|
+
* @description Remove a user from the org
|
|
739
|
+
*/
|
|
740
|
+
delete: operations["deleteUser"];
|
|
741
|
+
};
|
|
742
|
+
"/v0/org/{org_id}/users/{user_id}/membership": {
|
|
743
|
+
/**
|
|
744
|
+
* Update a user's membership in the org
|
|
745
|
+
* @description Update a user's membership in the org
|
|
746
|
+
*
|
|
747
|
+
* Currently allows just enabling/disabling a user in the org.
|
|
748
|
+
*/
|
|
749
|
+
patch: operations["updateUserMembership"];
|
|
750
|
+
};
|
|
639
751
|
"/v0/user/me/fido": {
|
|
640
752
|
/**
|
|
641
753
|
* Initiate registration of a FIDO key
|
|
@@ -690,13 +802,19 @@ export interface paths {
|
|
|
690
802
|
*/
|
|
691
803
|
post: operations["verifyTotpLegacy"];
|
|
692
804
|
};
|
|
805
|
+
"/v0/user/orgs": {
|
|
806
|
+
/**
|
|
807
|
+
* Retrieves all the orgs the user is a part of
|
|
808
|
+
* @description Retrieves all the orgs the user is a part of
|
|
809
|
+
*/
|
|
810
|
+
get: operations["userOrgs"];
|
|
811
|
+
};
|
|
693
812
|
"/v1/org/{org_id}/blob/sign/{key_id}": {
|
|
694
813
|
/**
|
|
695
814
|
* Sign Raw Blob
|
|
696
815
|
* @description Sign Raw Blob
|
|
697
816
|
*
|
|
698
817
|
* Signs an arbitrary blob with a given key.
|
|
699
|
-
* This is a pre-release feature.
|
|
700
818
|
*
|
|
701
819
|
* - ECDSA signatures are serialized as big-endian r and s plus recovery-id
|
|
702
820
|
* byte v, which can in general take any of the values 0, 1, 2, or 3.
|
|
@@ -795,6 +913,10 @@ export interface components {
|
|
|
795
913
|
};
|
|
796
914
|
/** @enum {string} */
|
|
797
915
|
AcceptedValueCode: "MfaRequired";
|
|
916
|
+
/** @description Request to add OIDC identity to an existing user account */
|
|
917
|
+
AddIdentityRequest: {
|
|
918
|
+
oidc_token: string;
|
|
919
|
+
};
|
|
798
920
|
AddKeysToRoleRequest: {
|
|
799
921
|
/**
|
|
800
922
|
* @description A list of keys to add to a role
|
|
@@ -981,7 +1103,12 @@ export interface components {
|
|
|
981
1103
|
* @enum {string}
|
|
982
1104
|
*/
|
|
983
1105
|
AuthenticatorTransport: "usb" | "nfc" | "ble" | "internal";
|
|
984
|
-
/** @description Request to sign
|
|
1106
|
+
/** @description Request to sign a serialized Avalanche transaction */
|
|
1107
|
+
AvaSerializedTxSignRequest: {
|
|
1108
|
+
/** @description Serialized transaction to sign */
|
|
1109
|
+
tx: string;
|
|
1110
|
+
};
|
|
1111
|
+
/** @description Request to sign an Avalanche transaction */
|
|
985
1112
|
AvaSignRequest: {
|
|
986
1113
|
/**
|
|
987
1114
|
* @description Transaction to sign.
|
|
@@ -1007,9 +1134,9 @@ export interface components {
|
|
|
1007
1134
|
/** @description Wrapper around a zeroizing 32-byte fixed-size array */
|
|
1008
1135
|
B32: string;
|
|
1009
1136
|
/** @enum {string} */
|
|
1010
|
-
BadGatewayErrorCode: "OAuthProviderError";
|
|
1137
|
+
BadGatewayErrorCode: "OAuthProviderError" | "OidcDisoveryFailed" | "OidcIssuerJwkEndpointUnavailable" | "SmtpServerUnavailable";
|
|
1011
1138
|
/** @enum {string} */
|
|
1012
|
-
BadRequestErrorCode: "GenericBadRequest" | "InvalidBody" | "TokenRequestError" | "InvalidMfaReceipt" | "InvalidMfaPolicyCount" | "InvalidMfaPolicyNumAuthFactors" | "InvalidMfaPolicyNumAllowedApprovers" | "InvalidMfaPolicyRedundantRule" | "InvalidCreateKeyCount" | "OrgInviteExistingUser" | "OrgNameTaken" | "RoleNameTaken" | "AddKeyToRoleCountTooHigh" | "InvalidKeyId" | "InvalidUpdate" | "InvalidMetadataLength" | "InvalidKeyMaterialId" | "KeyNotFound" | "UserExportDerivedKey" | "UserExportPublicKeyInvalid" | "UserExportInProgress" | "RoleNotFound" | "InvalidMfaReceiptOrgIdMissing" | "InvalidMfaReceiptInvalidOrgId" | "MfaRequestNotFound" | "InvalidKeyType" | "InvalidKeyMaterial" | "InvalidHexValue" | "InvalidBase32Value" | "InvalidBase58Value" | "InvalidForkVersionLength" | "InvalidEthAddress" | "InvalidStellarAddress" | "InvalidOrgNameOrId" | "InvalidStakeDeposit" | "InvalidBlobSignRequest" | "InvalidSolanaSignRequest" | "InvalidEip712SignRequest" | "InvalidEvmSignRequest" | "InvalidEth2SignRequest" | "InvalidDeriveKeyRequest" | "InvalidStakingAmount" | "CustomStakingAmountNotAllowedForWrapperContract" | "InvalidUnstakeRequest" | "InvalidCreateUserRequest" | "UserAlreadyExists" | "UserNotFound" | "PolicyRuleKeyMismatch" | "EmptyScopes" | "InvalidScopesForRoleSession" | "InvalidLifetime" | "NoSingleKeyForUser" | "InvalidOrgPolicyRule" | "SourceIpAllowlistEmpty" | "InvalidOrgPolicyRepeatedRule" | "AvaSignHashError" | "AvaSignError" | "BtcSegwitHashError" | "BtcSignError" | "Eip712SignError" | "InvalidMemberRoleInUserAdd" | "ThirdPartyUserAlreadyExists" | "ThirdPartyUserNotFound" | "DeleteOidcUserError" | "SessionRoleMismatch" | "InvalidOidcToken" | "OidcIssuerUnsupported" | "OidcIssuerNotAllowed" | "OidcIssuerNoApplicableJwk" | "FidoKeyAlreadyRegistered" | "FidoKeySignCountTooLow" | "FidoVerificationFailed" | "FidoChallengeMfaMismatch" | "UnsupportedLegacyCognitoSession" | "InvalidIdentityProof" | "PaginationDataExpired" | "ExistingKeysViolateExclusiveKeyAccess" | "ExportDelayTooShort" | "ExportWindowTooLong" | "InvalidTotpFailureLimit" | "InvalidEip191SignRequest" | "CannotResendUserInvitation" | "InvalidNotificationEndpointCount" | "CannotDeletePendingSubscription" | "InvalidNotificationUrlProtocol" | "EmptyOneOfOrgEventFilter" | "EmptyAllExceptOrgEventFilter";
|
|
1139
|
+
BadRequestErrorCode: "GenericBadRequest" | "InvalidBody" | "TokenRequestError" | "InvalidMfaReceipt" | "InvalidMfaPolicyCount" | "InvalidMfaPolicyNumAuthFactors" | "InvalidMfaPolicyNumAllowedApprovers" | "InvalidMfaPolicyRedundantRule" | "InvalidCreateKeyCount" | "OrgInviteExistingUser" | "OrgNameTaken" | "RoleNameTaken" | "AddKeyToRoleCountTooHigh" | "InvalidKeyId" | "InvalidTimeLockAlreadyInThePast" | "InvalidUpdate" | "InvalidMetadataLength" | "InvalidKeyMaterialId" | "KeyNotFound" | "UserExportDerivedKey" | "UserExportPublicKeyInvalid" | "UnableToAccessSmtpRelay" | "UserExportInProgress" | "RoleNotFound" | "InvalidMfaReceiptOrgIdMissing" | "InvalidMfaReceiptInvalidOrgId" | "MfaRequestNotFound" | "InvalidKeyType" | "InvalidKeyMaterial" | "InvalidHexValue" | "InvalidBase32Value" | "InvalidBase58Value" | "InvalidForkVersionLength" | "InvalidEthAddress" | "InvalidStellarAddress" | "InvalidOrgNameOrId" | "InvalidStakeDeposit" | "InvalidBlobSignRequest" | "InvalidSolanaSignRequest" | "InvalidEip712SignRequest" | "InvalidEvmSignRequest" | "InvalidEth2SignRequest" | "InvalidDeriveKeyRequest" | "InvalidStakingAmount" | "CustomStakingAmountNotAllowedForWrapperContract" | "InvalidUnstakeRequest" | "InvalidCreateUserRequest" | "UserAlreadyExists" | "UserNotFound" | "PolicyRuleKeyMismatch" | "EmptyScopes" | "InvalidScopesForRoleSession" | "InvalidLifetime" | "NoSingleKeyForUser" | "InvalidOrgPolicyRule" | "SourceIpAllowlistEmpty" | "InvalidOrgPolicyRepeatedRule" | "AvaSignHashError" | "AvaSignError" | "BtcSegwitHashError" | "BtcTaprootHashError" | "BtcSignError" | "TaprootSignError" | "Eip712SignError" | "InvalidMemberRoleInUserAdd" | "ThirdPartyUserAlreadyExists" | "OidcIdentityAlreadyExists" | "ThirdPartyUserNotFound" | "DeleteOidcUserError" | "DeleteUserError" | "SessionRoleMismatch" | "InvalidOidcToken" | "InvalidOidcIdentity" | "OidcIssuerUnsupported" | "OidcIssuerNotAllowed" | "OidcIssuerNoApplicableJwk" | "FidoKeyAlreadyRegistered" | "FidoKeySignCountTooLow" | "FidoVerificationFailed" | "FidoChallengeMfaMismatch" | "UnsupportedLegacyCognitoSession" | "InvalidIdentityProof" | "PaginationDataExpired" | "ExistingKeysViolateExclusiveKeyAccess" | "ExportDelayTooShort" | "ExportWindowTooLong" | "InvalidTotpFailureLimit" | "InvalidEip191SignRequest" | "CannotResendUserInvitation" | "InvalidNotificationEndpointCount" | "CannotDeletePendingSubscription" | "InvalidNotificationUrlProtocol" | "EmptyOneOfOrgEventFilter" | "EmptyAllExceptOrgEventFilter" | "InvalidTapNodeHash";
|
|
1013
1140
|
/**
|
|
1014
1141
|
* @example {
|
|
1015
1142
|
* "message_base64": "YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXoxMjM0NTYK"
|
|
@@ -1023,17 +1150,37 @@ export interface components {
|
|
|
1023
1150
|
* the message. For example, Secp256k1 keys require that the message is 32 bytes long.
|
|
1024
1151
|
*/
|
|
1025
1152
|
message_base64: string;
|
|
1153
|
+
/**
|
|
1154
|
+
* @description An optional tweak value for use *only* with Taproot keys. This field is ignored
|
|
1155
|
+
* for all other key types.
|
|
1156
|
+
*
|
|
1157
|
+
* If this field is not present or null, no tweak is applied. If the field is an
|
|
1158
|
+
* empty string, the key is tweaked with an unspendable script path per BIP0341.
|
|
1159
|
+
* Otherwise, this field must contain a 32-byte, base-64 encoded hex string
|
|
1160
|
+
* representing the Merkle root with which to tweak the key before signing.
|
|
1161
|
+
* @example F41HAy2q5Gn8laF2CuMsZbRAQTmD+4Ob3VUMZ7TBGK4=
|
|
1162
|
+
*/
|
|
1163
|
+
taproot_tweak?: string | null;
|
|
1026
1164
|
};
|
|
1027
1165
|
BlobSignResponse: {
|
|
1028
1166
|
/** @description The hex-encoded signature. */
|
|
1029
1167
|
signature: string;
|
|
1030
1168
|
};
|
|
1169
|
+
/** @description Leaf hash and code, as per BIP341 and https://github.com/rust-bitcoin/rust-bitcoin/blob/464202109d2b2c96e9b4867461bffe420dbd8177/bitcoin/src/crypto/sighash.rs#L691 */
|
|
1170
|
+
BtcLeafHashCodeSeparator: {
|
|
1171
|
+
/**
|
|
1172
|
+
* Format: int32
|
|
1173
|
+
* @description Code separator
|
|
1174
|
+
*/
|
|
1175
|
+
code_separator: number;
|
|
1176
|
+
/** @description Taproot-tagged hash with tag "TapLeaf". */
|
|
1177
|
+
leaf_hash: string;
|
|
1178
|
+
};
|
|
1031
1179
|
/** @enum {string} */
|
|
1032
1180
|
BtcSighashType: "All" | "None" | "Single" | "AllPlusAnyoneCanPay" | "NonePlusAnyoneCanPay" | "SinglePlusAnyoneCanPay";
|
|
1033
1181
|
BtcSignRequest: {
|
|
1034
1182
|
sig_kind: components["schemas"]["BtcSignatureKind"];
|
|
1035
|
-
|
|
1036
|
-
tx: Record<string, never>;
|
|
1183
|
+
tx: components["schemas"]["BtcTx"];
|
|
1037
1184
|
};
|
|
1038
1185
|
BtcSignResponse: {
|
|
1039
1186
|
/**
|
|
@@ -1064,6 +1211,16 @@ export interface components {
|
|
|
1064
1211
|
value: number;
|
|
1065
1212
|
};
|
|
1066
1213
|
};
|
|
1214
|
+
BtcTx: Record<string, never>;
|
|
1215
|
+
BtcTxOut: {
|
|
1216
|
+
/** @description The script which must be satisfied for the output to be spent. */
|
|
1217
|
+
script_pubkey: string;
|
|
1218
|
+
/**
|
|
1219
|
+
* Format: int64
|
|
1220
|
+
* @description The value of the output, in satoshis.
|
|
1221
|
+
*/
|
|
1222
|
+
value: number;
|
|
1223
|
+
};
|
|
1067
1224
|
/** @description Describes how to derive a WebAuthn challenge value. */
|
|
1068
1225
|
ChallengePieces: {
|
|
1069
1226
|
/**
|
|
@@ -1100,6 +1257,7 @@ export interface components {
|
|
|
1100
1257
|
/** @description Fields that are common to different types of resources such as keys */
|
|
1101
1258
|
CommonFields: {
|
|
1102
1259
|
created?: components["schemas"]["EpochDateTime"] | null;
|
|
1260
|
+
edit_policy?: components["schemas"]["EditPolicy"];
|
|
1103
1261
|
last_modified?: components["schemas"]["EpochDateTime"] | null;
|
|
1104
1262
|
/**
|
|
1105
1263
|
* @description User-defined metadata. When rendering (e.g., in the browser) you should treat
|
|
@@ -1113,6 +1271,13 @@ export interface components {
|
|
|
1113
1271
|
*/
|
|
1114
1272
|
version?: number;
|
|
1115
1273
|
};
|
|
1274
|
+
ConfigureEmailOtpRequest: {
|
|
1275
|
+
auth: {
|
|
1276
|
+
smtp: string;
|
|
1277
|
+
};
|
|
1278
|
+
/** @description The email address that OTP requests will come from */
|
|
1279
|
+
sender: string;
|
|
1280
|
+
};
|
|
1116
1281
|
ConfiguredMfa: {
|
|
1117
1282
|
/** @enum {string} */
|
|
1118
1283
|
type: "totp";
|
|
@@ -1125,6 +1290,7 @@ export interface components {
|
|
|
1125
1290
|
type: "fido";
|
|
1126
1291
|
};
|
|
1127
1292
|
CreateAndUpdateKeyProperties: {
|
|
1293
|
+
edit_policy?: components["schemas"]["EditPolicy"] | null;
|
|
1128
1294
|
/**
|
|
1129
1295
|
* @description Set this key's metadata. If this value is `null`, the metadata is erased. If the field is
|
|
1130
1296
|
* missing, the metadata remains unchanged.
|
|
@@ -1293,6 +1459,10 @@ export interface components {
|
|
|
1293
1459
|
*/
|
|
1294
1460
|
mnemonic_id: string;
|
|
1295
1461
|
};
|
|
1462
|
+
EditPolicy: {
|
|
1463
|
+
mfa?: components["schemas"]["MfaPolicy"] | null;
|
|
1464
|
+
time_lock_until?: components["schemas"]["EpochDateTime"] | null;
|
|
1465
|
+
};
|
|
1296
1466
|
Eip191Or712SignResponse: {
|
|
1297
1467
|
/**
|
|
1298
1468
|
* @description Hex-encoded signature comprising 65 bytes in the format required
|
|
@@ -1316,6 +1486,7 @@ export interface components {
|
|
|
1316
1486
|
* "domain": {
|
|
1317
1487
|
* "chainId": 1337,
|
|
1318
1488
|
* "name": "Ether Mail",
|
|
1489
|
+
* "salt": "0x0000000000000000000000000000000000000000000000000000000000000000",
|
|
1319
1490
|
* "verifyingContract": "0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC",
|
|
1320
1491
|
* "version": "1"
|
|
1321
1492
|
* },
|
|
@@ -1355,6 +1526,10 @@ export interface components {
|
|
|
1355
1526
|
* {
|
|
1356
1527
|
* "name": "verifyingContract",
|
|
1357
1528
|
* "type": "address"
|
|
1529
|
+
* },
|
|
1530
|
+
* {
|
|
1531
|
+
* "name": "salt",
|
|
1532
|
+
* "type": "bytes32"
|
|
1358
1533
|
* }
|
|
1359
1534
|
* ],
|
|
1360
1535
|
* "Group": [
|
|
@@ -1404,11 +1579,95 @@ export interface components {
|
|
|
1404
1579
|
/** @description EIP-712 typed data. Refer to the JSON schema defined in EIP-712. */
|
|
1405
1580
|
typed_data: Record<string, never>;
|
|
1406
1581
|
};
|
|
1582
|
+
/** @description The request users send to initiate email OTP */
|
|
1583
|
+
EmailOtpRequest: {
|
|
1584
|
+
/** @description The email which will receive the OTP */
|
|
1585
|
+
email: string;
|
|
1586
|
+
};
|
|
1587
|
+
/**
|
|
1588
|
+
* @description The HTTP response to an email OTP request.
|
|
1589
|
+
*
|
|
1590
|
+
* Users receive an encrypted OIDC token in their email inbox.
|
|
1591
|
+
* The values in this response can be used to decrypt that token
|
|
1592
|
+
* using AES-GCM. This ensures that clients need *both* the emailed token
|
|
1593
|
+
* and this response to complete OTP auth.
|
|
1594
|
+
*/
|
|
1595
|
+
EmailOtpResponse: {
|
|
1596
|
+
/**
|
|
1597
|
+
* Format: binary
|
|
1598
|
+
* @description Base64 URL encoded IV value for AES-GCM
|
|
1599
|
+
*/
|
|
1600
|
+
iv: string;
|
|
1601
|
+
/**
|
|
1602
|
+
* Format: binary
|
|
1603
|
+
* @description Base64 URL encoded key for AES-GCM
|
|
1604
|
+
*/
|
|
1605
|
+
key: string;
|
|
1606
|
+
};
|
|
1407
1607
|
/** @default null */
|
|
1408
1608
|
Empty: unknown;
|
|
1409
1609
|
EmptyImpl: {
|
|
1410
1610
|
status: string;
|
|
1411
1611
|
};
|
|
1612
|
+
/**
|
|
1613
|
+
* @description Request to create a set of EOTS nonces for a specified chain-id, starting
|
|
1614
|
+
* at a specified block height.
|
|
1615
|
+
*/
|
|
1616
|
+
EotsCreateNonceRequest: {
|
|
1617
|
+
/**
|
|
1618
|
+
* @description The chain id for which the nonces will be used, as a hex string
|
|
1619
|
+
* @example 0x11223344
|
|
1620
|
+
*/
|
|
1621
|
+
chain_id: string;
|
|
1622
|
+
/**
|
|
1623
|
+
* Format: int32
|
|
1624
|
+
* @description The number of nonces to generate
|
|
1625
|
+
* @example 16
|
|
1626
|
+
*/
|
|
1627
|
+
num: number;
|
|
1628
|
+
/**
|
|
1629
|
+
* @description The starting block height of the generated nonces (quoted decimal u64)
|
|
1630
|
+
* @example 31337
|
|
1631
|
+
*/
|
|
1632
|
+
start_height: string;
|
|
1633
|
+
};
|
|
1634
|
+
/** @description Response generated when creating EOTS nonces */
|
|
1635
|
+
EotsCreateNonceResponse: {
|
|
1636
|
+
/**
|
|
1637
|
+
* @description The generated nonces as an array of 0x-prefixed hex strings
|
|
1638
|
+
* @example [
|
|
1639
|
+
* "0xb393bf39e71a16d784853d58255a296222a99fd3c87aa7ca206c5230c188f1c7",
|
|
1640
|
+
* "0xe01936584b4f0c0e97f0d3018c4f9db2bf7de41395c6403a48fd0dff0ef7b40d"
|
|
1641
|
+
* ]
|
|
1642
|
+
*/
|
|
1643
|
+
nonces: string[];
|
|
1644
|
+
};
|
|
1645
|
+
/** @description Request for an EOTS signature on a specified message, chain-id, block-height triple */
|
|
1646
|
+
EotsSignRequest: {
|
|
1647
|
+
/**
|
|
1648
|
+
* @description The block height for the signature (quoted decimal u64)
|
|
1649
|
+
* @example 123456
|
|
1650
|
+
*/
|
|
1651
|
+
block_height: string;
|
|
1652
|
+
/**
|
|
1653
|
+
* @description The chain id for the signature
|
|
1654
|
+
* @example 0x11223344
|
|
1655
|
+
*/
|
|
1656
|
+
chain_id: string;
|
|
1657
|
+
/**
|
|
1658
|
+
* @description The message to sign
|
|
1659
|
+
* @example 0x5a2688faea09d42b9270fdb8de6fff6f192243a910ba66329073e12e0d0046a2
|
|
1660
|
+
*/
|
|
1661
|
+
message: string;
|
|
1662
|
+
};
|
|
1663
|
+
/** @description Response to an EOTS signing request */
|
|
1664
|
+
EotsSignResponse: {
|
|
1665
|
+
/**
|
|
1666
|
+
* @description The resulting signature, a hex-encoded 32-byte value
|
|
1667
|
+
* @example 0xd9804c04a696b522472c53bd3a3c664c4c3085a017927e45ffaed711d1613700
|
|
1668
|
+
*/
|
|
1669
|
+
signature: string;
|
|
1670
|
+
};
|
|
1412
1671
|
/**
|
|
1413
1672
|
* @description Epoch is a quoted `uint64`.
|
|
1414
1673
|
* @example 256
|
|
@@ -1541,7 +1800,7 @@ export interface components {
|
|
|
1541
1800
|
name: string;
|
|
1542
1801
|
};
|
|
1543
1802
|
/** @enum {string} */
|
|
1544
|
-
ForbiddenErrorCode: "FidoRequiredToRemoveTotp" | "MfaChallengeExpired" | "ChainIdNotAllowed" | "InvalidOrg" | "SessionForWrongOrg" | "OrgDisabled" | "OrgNotFound" | "OrgWithoutOwner" | "OrphanedUser" | "OidcUserNotFound" | "UserNotInOrg" | "UserNotOrgOwner" | "UserNotKeyOwner" | "InvalidRole" | "DisabledRole" | "KeyDisabled" | "RoleNotInOrg" | "KeyNotInRole" | "KeyNotInOrg" | "UserExportRequestNotInOrg" | "UserExportRequestInvalid" | "UserNotOriginalKeyOwner" | "UserNotInRole" | "MustBeFullMember" | "SessionExpired" | "SessionChanged" | "SessionRevoked" | "ExpectedUserSession" | "SessionRoleChanged" | "ScopedNameNotFound" | "SessionInvalidEpochToken" | "SessionInvalidRefreshToken" | "SessionRefreshTokenExpired" | "InvalidAuthHeader" | "SessionNotFound" | "InvalidArn" | "SessionInvalidAuthToken" | "SessionAuthTokenExpired" | "SessionPossiblyStolenToken" | "MfaDisallowedIdentity" | "MfaDisallowedApprover" | "MfaTypeNotAllowed" | "MfaNotApprovedYet" | "MfaConfirmationCodeMismatch" | "MfaHttpRequestMismatch" | "MfaRemoveBelowMin" | "TotpAlreadyConfigured" | "TotpConfigurationChanged" | "MfaTotpBadConfiguration" | "MfaTotpBadCode" | "MfaTotpRateLimit" | "ImproperSessionScope" | "FullSessionRequired" | "SessionWithoutAnyScopeUnder" | "UserRoleUnprivileged" | "MfaNotConfigured";
|
|
1803
|
+
ForbiddenErrorCode: "FidoRequiredToRemoveTotp" | "EmailOtpNotConfigured" | "MfaChallengeExpired" | "ChainIdNotAllowed" | "InvalidOrg" | "SessionForWrongOrg" | "SelfDelete" | "SelfDisable" | "UserHasNoMfa" | "UserDisabled" | "OrgDisabled" | "OrgNotFound" | "OrgWithoutOwner" | "OrphanedUser" | "OidcUserNotFound" | "UserNotInOrg" | "UserNotOrgOwner" | "UserNotKeyOwner" | "InvalidRole" | "DisabledRole" | "KeyDisabled" | "RoleNotInOrg" | "KeyNotInRole" | "KeyNotInOrg" | "UserExportRequestNotInOrg" | "UserExportRequestInvalid" | "UserNotOriginalKeyOwner" | "UserNotInRole" | "MustBeFullMember" | "SessionExpired" | "SessionChanged" | "SessionRevoked" | "ExpectedUserSession" | "SessionRoleChanged" | "ScopedNameNotFound" | "SessionInvalidEpochToken" | "SessionInvalidRefreshToken" | "SessionRefreshTokenExpired" | "InvalidAuthHeader" | "SessionNotFound" | "InvalidArn" | "SessionInvalidAuthToken" | "SessionAuthTokenExpired" | "SessionPossiblyStolenToken" | "MfaDisallowedIdentity" | "MfaDisallowedApprover" | "MfaTypeNotAllowed" | "MfaNotApprovedYet" | "MfaConfirmationCodeMismatch" | "MfaHttpRequestMismatch" | "MfaRemoveBelowMin" | "TotpAlreadyConfigured" | "TotpConfigurationChanged" | "MfaTotpBadConfiguration" | "MfaTotpBadCode" | "MfaTotpRateLimit" | "ImproperSessionScope" | "FullSessionRequired" | "SessionWithoutAnyScopeUnder" | "UserRoleUnprivileged" | "MfaNotConfigured";
|
|
1545
1804
|
/**
|
|
1546
1805
|
* @description Specifies a fork of the `BeaconChain`, to prevent replay attacks.
|
|
1547
1806
|
* The schema of `Fork` is defined in the [Beacon chain
|
|
@@ -1661,6 +1920,7 @@ export interface components {
|
|
|
1661
1920
|
/** @description HTTP path of the request (including host or not?) */
|
|
1662
1921
|
path: string;
|
|
1663
1922
|
};
|
|
1923
|
+
Id: string;
|
|
1664
1924
|
/**
|
|
1665
1925
|
* @description Proof that an end-user provided CubeSigner with a valid auth token
|
|
1666
1926
|
* (either an OIDC token or a CubeSigner session token)
|
|
@@ -1712,7 +1972,7 @@ export interface components {
|
|
|
1712
1972
|
salt: string;
|
|
1713
1973
|
};
|
|
1714
1974
|
/** @enum {string} */
|
|
1715
|
-
InternalErrorCode: "SystemTimeError" | "ReqwestError" | "DbQueryError" | "DbGetError" | "DbDeleteError" | "DbPutError" | "DbUpdateError" | "SerdeError" | "TestAndSetError" | "DbGetItemsError" | "DbWriteError" | "CubistSignerError" | "CwPutMetricDataError" | "KmsGenerateRandomError" | "MalformedTotpBytes" | "KmsGenerateRandomNoResponseError" | "CreateKeyError" | "ParseDerivationPathError" | "SplitSignerError" | "CreateImportKeyError" | "CognitoDeleteUserError" | "CognitoListUsersError" | "CognitoGetUserError" | "MissingUserEmail" | "CognitoResendUserInvitation" | "CognitoSetUserPasswordError" | "GenericInternalError" | "OidcAuthWithoutOrg" | "MissingKeyMetadata" | "KmsKeyWithoutId" | "KmsEnableKeyError" | "KmsDisableKeyError" | "SerializeEncryptedExportKeyError" | "DeserializeEncryptedExportKeyError" | "ReEncryptUserExport" | "S3UploadError" | "S3DownloadError" | "ManagedStateMissing" | "InternalHeaderMissing" | "InvalidInternalHeaderValue" | "RequestLocalStateAlreadySet" | "OidcOrgMismatch" | "OrphanedRoleKeyId" | "
|
|
1975
|
+
InternalErrorCode: "SystemTimeError" | "ReqwestError" | "EmailConstructionError" | "DbQueryError" | "DbGetError" | "DbDeleteError" | "DbPutError" | "DbUpdateError" | "SerdeError" | "TestAndSetError" | "DbGetItemsError" | "DbWriteError" | "CubistSignerError" | "CwPutMetricDataError" | "KmsGenerateRandomError" | "MalformedTotpBytes" | "KmsGenerateRandomNoResponseError" | "CreateKeyError" | "ParseDerivationPathError" | "SplitSignerError" | "CreateImportKeyError" | "CreateEotsNoncesError" | "EotsSignError" | "CognitoDeleteUserError" | "CognitoListUsersError" | "CognitoGetUserError" | "MissingUserEmail" | "CognitoResendUserInvitation" | "CognitoSetUserPasswordError" | "GenericInternalError" | "OidcAuthWithoutOrg" | "MissingKeyMetadata" | "KmsKeyWithoutId" | "KmsEnableKeyError" | "KmsDisableKeyError" | "SerializeEncryptedExportKeyError" | "DeserializeEncryptedExportKeyError" | "ReEncryptUserExport" | "S3UploadError" | "S3DownloadError" | "ManagedStateMissing" | "InternalHeaderMissing" | "InvalidInternalHeaderValue" | "RequestLocalStateAlreadySet" | "OidcOrgMismatch" | "OrphanedRoleKeyId" | "OidcIssuerInvalidJwk" | "InvalidPkForMaterialId" | "UncheckedOrg" | "AvaSignCredsMissing" | "AvaSignSignatureMissing" | "ExpectedRoleSession" | "InvalidThirdPartyIdentity" | "CognitoGetUser" | "SnsSubscribeError" | "SnsUnsubscribeError" | "SnsGetSubscriptionAttributesError" | "SnsSubscriptionAttributesMissing" | "SnsSetSubscriptionAttributesError" | "SnsPublishBatchError" | "InconsistentMultiValueTestAndSet";
|
|
1716
1976
|
InviteRequest: {
|
|
1717
1977
|
/**
|
|
1718
1978
|
* @description The user's email address
|
|
@@ -1926,7 +2186,7 @@ export interface components {
|
|
|
1926
2186
|
keys: components["schemas"]["KeyInfo"][];
|
|
1927
2187
|
};
|
|
1928
2188
|
/** @enum {string} */
|
|
1929
|
-
KeyType: "SecpEthAddr" | "SecpBtc" | "SecpBtcTest" | "SecpAvaAddr" | "SecpAvaTestAddr" | "BlsPub" | "BlsInactive" | "Ed25519SolanaAddr" | "Ed25519SuiAddr" | "Ed25519AptosAddr" | "Ed25519CardanoAddrVk" | "Ed25519StellarAddr" | "Mnemonic" | "Stark";
|
|
2189
|
+
KeyType: "SecpEthAddr" | "SecpBtc" | "SecpBtcTest" | "SecpAvaAddr" | "SecpAvaTestAddr" | "BlsPub" | "BlsInactive" | "Ed25519SolanaAddr" | "Ed25519SuiAddr" | "Ed25519AptosAddr" | "Ed25519CardanoAddrVk" | "Ed25519StellarAddr" | "Mnemonic" | "Stark" | "BabylonEots" | "TaprootBtc" | "TaprootBtcTest";
|
|
1930
2190
|
/**
|
|
1931
2191
|
* @description Wrapper around encrypted [UnencryptedLastEvalKey] bytes.
|
|
1932
2192
|
*
|
|
@@ -1934,6 +2194,10 @@ export interface components {
|
|
|
1934
2194
|
* so that they can pass this back to us as a url query parameter.
|
|
1935
2195
|
*/
|
|
1936
2196
|
LastEvalKey: string;
|
|
2197
|
+
/** @description Third-party identities associated with the user's account */
|
|
2198
|
+
ListIdentitiesResponse: {
|
|
2199
|
+
identities: components["schemas"]["OIDCIdentity"][];
|
|
2200
|
+
};
|
|
1937
2201
|
ListMfaResponse: {
|
|
1938
2202
|
/** @description All pending MFA requests */
|
|
1939
2203
|
mfa_requests: components["schemas"]["MfaRequestInfo"][];
|
|
@@ -1946,6 +2210,40 @@ export interface components {
|
|
|
1946
2210
|
* @enum {string}
|
|
1947
2211
|
*/
|
|
1948
2212
|
MemberRole: "Alien" | "Member" | "Owner";
|
|
2213
|
+
/** @enum {string} */
|
|
2214
|
+
MembershipStatus: "enabled" | "disabled";
|
|
2215
|
+
/**
|
|
2216
|
+
* @example {
|
|
2217
|
+
* "allowed_approvers": [
|
|
2218
|
+
* "User#fabc3f88-04e0-471b-9657-0ae12a3cd73e",
|
|
2219
|
+
* "User#d796c369-9974-473b-ab9e-e4a2418d2d07"
|
|
2220
|
+
* ],
|
|
2221
|
+
* "count": 2,
|
|
2222
|
+
* "lifetime": 900
|
|
2223
|
+
* }
|
|
2224
|
+
*/
|
|
2225
|
+
MfaPolicy: {
|
|
2226
|
+
/** @description Users who are allowed to approve. If empty at creation time, default to the current user. */
|
|
2227
|
+
allowed_approvers?: string[];
|
|
2228
|
+
/** @description Allowed approval types. When omitted, defaults to any. */
|
|
2229
|
+
allowed_mfa_types?: components["schemas"]["MfaType"][] | null;
|
|
2230
|
+
/**
|
|
2231
|
+
* Format: int32
|
|
2232
|
+
* @description How many users to require to approve (defaults to 1).
|
|
2233
|
+
*/
|
|
2234
|
+
count?: number;
|
|
2235
|
+
lifetime?: components["schemas"]["Seconds"];
|
|
2236
|
+
/**
|
|
2237
|
+
* Format: int32
|
|
2238
|
+
* @description How many auth factors to require per user (defaults to 1).
|
|
2239
|
+
*/
|
|
2240
|
+
num_auth_factors?: number;
|
|
2241
|
+
/**
|
|
2242
|
+
* @description CubeSigner operations to which this policy should apply.
|
|
2243
|
+
* When omitted, applies to all operations.
|
|
2244
|
+
*/
|
|
2245
|
+
restricted_operations?: components["schemas"]["OperationKind"][] | null;
|
|
2246
|
+
};
|
|
1949
2247
|
/** @description Returned as a response from multiple routes (e.g., 'get mfa', 'approve mfa', 'approve totp'). */
|
|
1950
2248
|
MfaRequestInfo: {
|
|
1951
2249
|
expires_at: components["schemas"]["EpochDateTime"];
|
|
@@ -1993,6 +2291,8 @@ export interface components {
|
|
|
1993
2291
|
*/
|
|
1994
2292
|
token: string;
|
|
1995
2293
|
};
|
|
2294
|
+
/** Format: binary */
|
|
2295
|
+
NonceValue: string;
|
|
1996
2296
|
/** @enum {string} */
|
|
1997
2297
|
NotFoundErrorCode: "UriSegmentMissing" | "UriSegmentInvalid" | "TotpNotConfigured" | "FidoKeyNotFound" | "FidoChallengeNotFound" | "TotpChallengeNotFound" | "UserExportRequestNotFound" | "UserExportCiphertextNotFound";
|
|
1998
2298
|
/** @description The configuration and status of a notification endpoint */
|
|
@@ -2019,7 +2319,7 @@ export interface components {
|
|
|
2019
2319
|
*/
|
|
2020
2320
|
OIDCIdentity: {
|
|
2021
2321
|
/**
|
|
2022
|
-
* @description The root-level issuer who administrates this user.
|
|
2322
|
+
* @description The root-level issuer who administrates this user. From the OIDC spec:
|
|
2023
2323
|
* Issuer Identifier for the Issuer of the response. The iss
|
|
2024
2324
|
* value is a case sensitive URL using the https scheme that contains
|
|
2025
2325
|
* scheme, host, and optionally, port number and path components and
|
|
@@ -2051,6 +2351,23 @@ export interface components {
|
|
|
2051
2351
|
scopes: string[];
|
|
2052
2352
|
tokens?: components["schemas"]["RatchetConfig"];
|
|
2053
2353
|
};
|
|
2354
|
+
/**
|
|
2355
|
+
* @description All different kinds of sensitive operations
|
|
2356
|
+
* @enum {string}
|
|
2357
|
+
*/
|
|
2358
|
+
OperationKind: "AvaSign" | "AvaChainTxSign" | "BlobSign" | "BtcSign" | "TaprootSign" | "Eip191Sign" | "Eip712Sign" | "EotsNonces" | "EotsSign" | "Eth1Sign" | "Eth2Sign" | "Eth2Stake" | "Eth2Unstake" | "SolanaSign";
|
|
2359
|
+
OrgData: {
|
|
2360
|
+
/**
|
|
2361
|
+
* @description The id of the org
|
|
2362
|
+
* @example Org#123...
|
|
2363
|
+
*/
|
|
2364
|
+
org_id: string;
|
|
2365
|
+
/**
|
|
2366
|
+
* @description The human-readable name for the org
|
|
2367
|
+
* @example my_org_name
|
|
2368
|
+
*/
|
|
2369
|
+
org_name?: string | null;
|
|
2370
|
+
};
|
|
2054
2371
|
/**
|
|
2055
2372
|
* @description Auto-generated discriminant enum variants
|
|
2056
2373
|
* @enum {string}
|
|
@@ -2286,10 +2603,32 @@ export interface components {
|
|
|
2286
2603
|
};
|
|
2287
2604
|
PolicyErrorCode: components["schemas"]["PolicyErrorOwnCodes"] | components["schemas"]["EvmTxDepositErrorCode"];
|
|
2288
2605
|
/** @enum {string} */
|
|
2289
|
-
PolicyErrorOwnCodes: "EvmTxReceiverMismatch" | "EvmTxSenderMismatch" | "PolicyDisjunctionError" | "PolicyNegationError" | "Eth2ExceededMaxUnstake" | "Eth2ConcurrentUnstaking" | "NotInIpv4Allowlist" | "NotInOriginAllowlist" | "InvalidSourceIp" | "RawSigningNotAllowed" | "Eip712SigningNotAllowed" | "OidcSourceNotAllowed" | "NoOidcAuthSourcesDefined" | "AddKeyToRoleDisallowed" | "KeysAlreadyInRole" | "KeyInMultipleRoles" | "KeyAccessError" | "Eip191SigningNotAllowed";
|
|
2606
|
+
PolicyErrorOwnCodes: "EvmTxReceiverMismatch" | "EvmTxSenderMismatch" | "PolicyDisjunctionError" | "PolicyNegationError" | "Eth2ExceededMaxUnstake" | "Eth2ConcurrentUnstaking" | "NotInIpv4Allowlist" | "NotInOriginAllowlist" | "InvalidSourceIp" | "RawSigningNotAllowed" | "Eip712SigningNotAllowed" | "OidcSourceNotAllowed" | "NoOidcAuthSourcesDefined" | "AddKeyToRoleDisallowed" | "KeysAlreadyInRole" | "KeyInMultipleRoles" | "KeyAccessError" | "Eip191SigningNotAllowed" | "TimeLocked";
|
|
2290
2607
|
PreconditionErrorCode: components["schemas"]["PreconditionErrorOwnCodes"] | components["schemas"]["PolicyErrorCode"];
|
|
2291
2608
|
/** @enum {string} */
|
|
2292
2609
|
PreconditionErrorOwnCodes: "Eth2ProposerSlotTooLow" | "Eth2AttestationSourceEpochTooLow" | "Eth2AttestationTargetEpochTooLow" | "Eth2ConcurrentBlockSigning" | "Eth2ConcurrentAttestationSigning" | "Eth2MultiDepositToNonGeneratedKey" | "Eth2MultiDepositUnknownInitialDeposit" | "Eth2MultiDepositWithdrawalAddressMismatch";
|
|
2610
|
+
/** @description Contains outputs of previous transactions. */
|
|
2611
|
+
PrevOutputs: OneOf<[
|
|
2612
|
+
{
|
|
2613
|
+
/**
|
|
2614
|
+
* @description `One` variant allows provision of the single previous output needed. It's useful,
|
|
2615
|
+
* for example, when modifier `SIGHASH_ANYONECANPAY` is provided, only previous output
|
|
2616
|
+
* of the current input is needed. The first `index` argument is the input index
|
|
2617
|
+
* this output is referring to.
|
|
2618
|
+
*/
|
|
2619
|
+
One: {
|
|
2620
|
+
index: number;
|
|
2621
|
+
tx_out: components["schemas"]["BtcTxOut"];
|
|
2622
|
+
};
|
|
2623
|
+
},
|
|
2624
|
+
{
|
|
2625
|
+
/**
|
|
2626
|
+
* @description When `SIGHASH_ANYONECANPAY` is not provided, or when the caller is giving all
|
|
2627
|
+
* previous outputs so the same variable can be used for multiple inputs.
|
|
2628
|
+
*/
|
|
2629
|
+
All: components["schemas"]["BtcTxOut"][];
|
|
2630
|
+
}
|
|
2631
|
+
]>;
|
|
2293
2632
|
/**
|
|
2294
2633
|
* @description This type represents a wire-encodable form of the PublicKeyCredential interface
|
|
2295
2634
|
* Clients may need to manually encode into this format to communicate with the server
|
|
@@ -2651,7 +2990,7 @@ export interface components {
|
|
|
2651
2990
|
/** @description Tokens that were revoked. */
|
|
2652
2991
|
revoked: components["schemas"]["TokenInfo"][];
|
|
2653
2992
|
};
|
|
2654
|
-
RoleInfo: {
|
|
2993
|
+
RoleInfo: components["schemas"]["CommonFields"] & {
|
|
2655
2994
|
/**
|
|
2656
2995
|
* @description Whether the role is enabled
|
|
2657
2996
|
* @example true
|
|
@@ -2790,6 +3129,49 @@ export interface components {
|
|
|
2790
3129
|
* @enum {string}
|
|
2791
3130
|
*/
|
|
2792
3131
|
SubscriptionStatus: "Confirmed" | "Pending";
|
|
3132
|
+
TaprootSignRequest: {
|
|
3133
|
+
sig_kind: components["schemas"]["TaprootSignatureKind"];
|
|
3134
|
+
tx: components["schemas"]["BtcTx"];
|
|
3135
|
+
};
|
|
3136
|
+
TaprootSignResponse: {
|
|
3137
|
+
/**
|
|
3138
|
+
* @description The 64-byte signature, encoded as defined in BIP0340.
|
|
3139
|
+
* @example 0x14110b79e65f90f70cd3ff5adf29bed9c9fcc035772240990fb51d25a10c9667669bba0c3b335163f65d1b9d8569cf22dd8210084cd24d83cc4bb396d979e10d
|
|
3140
|
+
*/
|
|
3141
|
+
signature: string;
|
|
3142
|
+
};
|
|
3143
|
+
TaprootSignatureKind: {
|
|
3144
|
+
/** @description Optional annex, as per BIP341 */
|
|
3145
|
+
annex?: string | null;
|
|
3146
|
+
/**
|
|
3147
|
+
* @description Transaction input index
|
|
3148
|
+
* @example 0
|
|
3149
|
+
*/
|
|
3150
|
+
input_index: number;
|
|
3151
|
+
leaf_hash_code_separator?: components["schemas"]["BtcLeafHashCodeSeparator"] | null;
|
|
3152
|
+
/**
|
|
3153
|
+
* @description If this field is not present or null, no tweak is applied. If the field is an
|
|
3154
|
+
* empty string, the key is tweaked with an unspendable script path per BIP0341.
|
|
3155
|
+
* Otherwise, this field must contain a 32-byte, base-64 encoded hex string
|
|
3156
|
+
* representing the Merkle root with which to tweak the key before signing.
|
|
3157
|
+
* @example F41HAy2q5Gn8laF2CuMsZbRAQTmD+4Ob3VUMZ7TBGK4=
|
|
3158
|
+
*/
|
|
3159
|
+
merkle_root?: string | null;
|
|
3160
|
+
prevouts: components["schemas"]["PrevOutputs"];
|
|
3161
|
+
/**
|
|
3162
|
+
* @description Hash type of an input's signature, encoded in the last byte of the signature.
|
|
3163
|
+
* Possible values:
|
|
3164
|
+
* - SIGHASH_ALL
|
|
3165
|
+
* - SIGHASH_ALL|SIGHASH_ANYONECANPAY
|
|
3166
|
+
* - SIGHASH_DEFAULT
|
|
3167
|
+
* - SIGHASH_NONE
|
|
3168
|
+
* - SIGHASH_NONE|SIGHASH_ANYONECANPAY
|
|
3169
|
+
* - SIGHASH_SINGLE
|
|
3170
|
+
* - SIGHASH_SINGLE|SIGHASH_ANYONECANPAY
|
|
3171
|
+
* @example SIGHASH_ALL
|
|
3172
|
+
*/
|
|
3173
|
+
sighash_type: string;
|
|
3174
|
+
};
|
|
2793
3175
|
TokenInfo: {
|
|
2794
3176
|
/** @description Session ID. Use it to revoke a session. Cannot be used for auth. */
|
|
2795
3177
|
hash: string;
|
|
@@ -3058,6 +3440,7 @@ export interface components {
|
|
|
3058
3440
|
user_export_window?: number | null;
|
|
3059
3441
|
};
|
|
3060
3442
|
UpdateRoleRequest: {
|
|
3443
|
+
edit_policy?: components["schemas"]["EditPolicy"] | null;
|
|
3061
3444
|
/**
|
|
3062
3445
|
* @description If set, updates the role's `enabled` property to this value.
|
|
3063
3446
|
* Once disabled, a role cannot be used; and it's tokens cannot be used for signing.
|
|
@@ -3076,6 +3459,11 @@ export interface components {
|
|
|
3076
3459
|
*/
|
|
3077
3460
|
policy?: Record<string, never>[] | null;
|
|
3078
3461
|
};
|
|
3462
|
+
/** @description Request to update an existing user */
|
|
3463
|
+
UpdateUserMembershipRequest: {
|
|
3464
|
+
/** @description Enable or disable user */
|
|
3465
|
+
disabled?: boolean | null;
|
|
3466
|
+
};
|
|
3079
3467
|
/** @description A request to complete a user export */
|
|
3080
3468
|
UserExportCompleteRequest: {
|
|
3081
3469
|
/**
|
|
@@ -3183,6 +3571,7 @@ export interface components {
|
|
|
3183
3571
|
membership: components["schemas"]["MemberRole"];
|
|
3184
3572
|
/** @description Optional user name. */
|
|
3185
3573
|
name?: string | null;
|
|
3574
|
+
status: components["schemas"]["MembershipStatus"];
|
|
3186
3575
|
};
|
|
3187
3576
|
/**
|
|
3188
3577
|
* @description Information about a user's membership in an organization
|
|
@@ -3195,6 +3584,7 @@ export interface components {
|
|
|
3195
3584
|
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
3196
3585
|
*/
|
|
3197
3586
|
org_id: string;
|
|
3587
|
+
status: components["schemas"]["MembershipStatus"];
|
|
3198
3588
|
};
|
|
3199
3589
|
UserInRoleInfo: {
|
|
3200
3590
|
user_id: string;
|
|
@@ -3230,6 +3620,11 @@ export interface components {
|
|
|
3230
3620
|
*/
|
|
3231
3621
|
user_id: string;
|
|
3232
3622
|
};
|
|
3623
|
+
/** @description The response to the user/orgs endpoint */
|
|
3624
|
+
UserOrgsResponse: {
|
|
3625
|
+
/** @description The list of orgs this user is a member of */
|
|
3626
|
+
orgs: components["schemas"]["OrgData"][];
|
|
3627
|
+
};
|
|
3233
3628
|
/**
|
|
3234
3629
|
* @description A WebAuthn Relying Party may require user verification for some of its
|
|
3235
3630
|
* operations but not for others, and may use this type to express its needs.
|
|
@@ -3342,6 +3737,30 @@ export interface components {
|
|
|
3342
3737
|
};
|
|
3343
3738
|
};
|
|
3344
3739
|
};
|
|
3740
|
+
/**
|
|
3741
|
+
* @description The HTTP response to an email OTP request.
|
|
3742
|
+
*
|
|
3743
|
+
* Users receive an encrypted OIDC token in their email inbox.
|
|
3744
|
+
* The values in this response can be used to decrypt that token
|
|
3745
|
+
* using AES-GCM. This ensures that clients need *both* the emailed token
|
|
3746
|
+
* and this response to complete OTP auth.
|
|
3747
|
+
*/
|
|
3748
|
+
EmailOtpResponse: {
|
|
3749
|
+
content: {
|
|
3750
|
+
"application/json": {
|
|
3751
|
+
/**
|
|
3752
|
+
* Format: binary
|
|
3753
|
+
* @description Base64 URL encoded IV value for AES-GCM
|
|
3754
|
+
*/
|
|
3755
|
+
iv: string;
|
|
3756
|
+
/**
|
|
3757
|
+
* Format: binary
|
|
3758
|
+
* @description Base64 URL encoded key for AES-GCM
|
|
3759
|
+
*/
|
|
3760
|
+
key: string;
|
|
3761
|
+
};
|
|
3762
|
+
};
|
|
3763
|
+
};
|
|
3345
3764
|
EmptyImpl: {
|
|
3346
3765
|
content: {
|
|
3347
3766
|
"application/json": {
|
|
@@ -3349,6 +3768,33 @@ export interface components {
|
|
|
3349
3768
|
};
|
|
3350
3769
|
};
|
|
3351
3770
|
};
|
|
3771
|
+
/** @description Response generated when creating EOTS nonces */
|
|
3772
|
+
EotsCreateNonceResponse: {
|
|
3773
|
+
content: {
|
|
3774
|
+
"application/json": {
|
|
3775
|
+
/**
|
|
3776
|
+
* @description The generated nonces as an array of 0x-prefixed hex strings
|
|
3777
|
+
* @example [
|
|
3778
|
+
* "0xb393bf39e71a16d784853d58255a296222a99fd3c87aa7ca206c5230c188f1c7",
|
|
3779
|
+
* "0xe01936584b4f0c0e97f0d3018c4f9db2bf7de41395c6403a48fd0dff0ef7b40d"
|
|
3780
|
+
* ]
|
|
3781
|
+
*/
|
|
3782
|
+
nonces: string[];
|
|
3783
|
+
};
|
|
3784
|
+
};
|
|
3785
|
+
};
|
|
3786
|
+
/** @description Response to an EOTS signing request */
|
|
3787
|
+
EotsSignResponse: {
|
|
3788
|
+
content: {
|
|
3789
|
+
"application/json": {
|
|
3790
|
+
/**
|
|
3791
|
+
* @description The resulting signature, a hex-encoded 32-byte value
|
|
3792
|
+
* @example 0xd9804c04a696b522472c53bd3a3c664c4c3085a017927e45ffaed711d1613700
|
|
3793
|
+
*/
|
|
3794
|
+
signature: string;
|
|
3795
|
+
};
|
|
3796
|
+
};
|
|
3797
|
+
};
|
|
3352
3798
|
Eth1SignResponse: {
|
|
3353
3799
|
content: {
|
|
3354
3800
|
"application/json": {
|
|
@@ -3526,6 +3972,14 @@ export interface components {
|
|
|
3526
3972
|
};
|
|
3527
3973
|
};
|
|
3528
3974
|
};
|
|
3975
|
+
/** @description Third-party identities associated with the user's account */
|
|
3976
|
+
ListIdentitiesResponse: {
|
|
3977
|
+
content: {
|
|
3978
|
+
"application/json": {
|
|
3979
|
+
identities: components["schemas"]["OIDCIdentity"][];
|
|
3980
|
+
};
|
|
3981
|
+
};
|
|
3982
|
+
};
|
|
3529
3983
|
ListMfaResponse: {
|
|
3530
3984
|
content: {
|
|
3531
3985
|
"application/json": {
|
|
@@ -3789,7 +4243,7 @@ export interface components {
|
|
|
3789
4243
|
};
|
|
3790
4244
|
RoleInfo: {
|
|
3791
4245
|
content: {
|
|
3792
|
-
"application/json": {
|
|
4246
|
+
"application/json": components["schemas"]["CommonFields"] & {
|
|
3793
4247
|
/**
|
|
3794
4248
|
* @description Whether the role is enabled
|
|
3795
4249
|
* @example true
|
|
@@ -3873,6 +4327,17 @@ export interface components {
|
|
|
3873
4327
|
};
|
|
3874
4328
|
};
|
|
3875
4329
|
};
|
|
4330
|
+
TaprootSignResponse: {
|
|
4331
|
+
content: {
|
|
4332
|
+
"application/json": {
|
|
4333
|
+
/**
|
|
4334
|
+
* @description The 64-byte signature, encoded as defined in BIP0340.
|
|
4335
|
+
* @example 0x14110b79e65f90f70cd3ff5adf29bed9c9fcc035772240990fb51d25a10c9667669bba0c3b335163f65d1b9d8569cf22dd8210084cd24d83cc4bb396d979e10d
|
|
4336
|
+
*/
|
|
4337
|
+
signature: string;
|
|
4338
|
+
};
|
|
4339
|
+
};
|
|
4340
|
+
};
|
|
3876
4341
|
TokenInfo: {
|
|
3877
4342
|
content: {
|
|
3878
4343
|
"application/json": {
|
|
@@ -4026,6 +4491,26 @@ export interface components {
|
|
|
4026
4491
|
};
|
|
4027
4492
|
};
|
|
4028
4493
|
};
|
|
4494
|
+
UserInOrgInfo: {
|
|
4495
|
+
content: {
|
|
4496
|
+
"application/json": {
|
|
4497
|
+
/**
|
|
4498
|
+
* @description The user's email (optional)
|
|
4499
|
+
* @example alice@example.com
|
|
4500
|
+
*/
|
|
4501
|
+
email?: string | null;
|
|
4502
|
+
/**
|
|
4503
|
+
* @description The id of the user
|
|
4504
|
+
* @example User#c3b9379c-4e8c-4216-bd0a-65ace53cf98f
|
|
4505
|
+
*/
|
|
4506
|
+
id: string;
|
|
4507
|
+
membership: components["schemas"]["MemberRole"];
|
|
4508
|
+
/** @description Optional user name. */
|
|
4509
|
+
name?: string | null;
|
|
4510
|
+
status: components["schemas"]["MembershipStatus"];
|
|
4511
|
+
};
|
|
4512
|
+
};
|
|
4513
|
+
};
|
|
4029
4514
|
UserInfo: {
|
|
4030
4515
|
content: {
|
|
4031
4516
|
"application/json": {
|
|
@@ -4061,6 +4546,15 @@ export interface components {
|
|
|
4061
4546
|
};
|
|
4062
4547
|
};
|
|
4063
4548
|
};
|
|
4549
|
+
/** @description The response to the user/orgs endpoint */
|
|
4550
|
+
UserOrgsResponse: {
|
|
4551
|
+
content: {
|
|
4552
|
+
"application/json": {
|
|
4553
|
+
/** @description The list of orgs this user is a member of */
|
|
4554
|
+
orgs: components["schemas"]["OrgData"][];
|
|
4555
|
+
};
|
|
4556
|
+
};
|
|
4557
|
+
};
|
|
4064
4558
|
};
|
|
4065
4559
|
parameters: never;
|
|
4066
4560
|
requestBodies: never;
|
|
@@ -4142,13 +4636,17 @@ export interface operations {
|
|
|
4142
4636
|
};
|
|
4143
4637
|
};
|
|
4144
4638
|
/**
|
|
4145
|
-
* Sign Avalanche X
|
|
4146
|
-
* @description Sign Avalanche X
|
|
4639
|
+
* Sign a serialized Avalanche C/X/P-Chain Message
|
|
4640
|
+
* @description Sign a serialized Avalanche C/X/P-Chain Message
|
|
4641
|
+
*
|
|
4642
|
+
* Signs an Avalanche message with a given SecpEth (C-Chain messages) or
|
|
4643
|
+
* SecpAva (X- and P-Chain messages) key. Currently signing C-Chain messages
|
|
4644
|
+
* with SecpEth key must also be explicitly allowed via `AllowRawBlobSigning`
|
|
4645
|
+
* policy.
|
|
4147
4646
|
*
|
|
4148
|
-
* Signs an Avalanche message with a given SecpAva key.
|
|
4149
4647
|
* This is a pre-release feature.
|
|
4150
4648
|
*/
|
|
4151
|
-
|
|
4649
|
+
avaSerializedTxSign: {
|
|
4152
4650
|
parameters: {
|
|
4153
4651
|
path: {
|
|
4154
4652
|
/**
|
|
@@ -4157,15 +4655,20 @@ export interface operations {
|
|
|
4157
4655
|
*/
|
|
4158
4656
|
org_id: string;
|
|
4159
4657
|
/**
|
|
4160
|
-
* @description Avalanche
|
|
4161
|
-
* @example
|
|
4658
|
+
* @description Avalanche chain
|
|
4659
|
+
* @example P
|
|
4660
|
+
*/
|
|
4661
|
+
ava_chain: string;
|
|
4662
|
+
/**
|
|
4663
|
+
* @description Avalanche address in bech32 or ETH format
|
|
4664
|
+
* @example 0xB31f66AA3C1e785363F0875A1B74E27b85FD66c7
|
|
4162
4665
|
*/
|
|
4163
4666
|
pubkey: string;
|
|
4164
4667
|
};
|
|
4165
4668
|
};
|
|
4166
4669
|
requestBody: {
|
|
4167
4670
|
content: {
|
|
4168
|
-
"application/json": components["schemas"]["
|
|
4671
|
+
"application/json": components["schemas"]["AvaSerializedTxSignRequest"];
|
|
4169
4672
|
};
|
|
4170
4673
|
};
|
|
4171
4674
|
responses: {
|
|
@@ -4183,13 +4686,13 @@ export interface operations {
|
|
|
4183
4686
|
};
|
|
4184
4687
|
};
|
|
4185
4688
|
/**
|
|
4186
|
-
* Sign
|
|
4187
|
-
* @description Sign
|
|
4689
|
+
* Sign JSON-encoded Avalanche X- or P-Chain Message
|
|
4690
|
+
* @description Sign JSON-encoded Avalanche X- or P-Chain Message
|
|
4188
4691
|
*
|
|
4189
|
-
* Signs
|
|
4692
|
+
* Signs an Avalanche message with a given SecpAva key.
|
|
4190
4693
|
* This is a pre-release feature.
|
|
4191
4694
|
*/
|
|
4192
|
-
|
|
4695
|
+
avaSign: {
|
|
4193
4696
|
parameters: {
|
|
4194
4697
|
path: {
|
|
4195
4698
|
/**
|
|
@@ -4198,19 +4701,19 @@ export interface operations {
|
|
|
4198
4701
|
*/
|
|
4199
4702
|
org_id: string;
|
|
4200
4703
|
/**
|
|
4201
|
-
* @description bech32
|
|
4202
|
-
* @example
|
|
4704
|
+
* @description Avalanche bech32 address format without the chain prefix
|
|
4705
|
+
* @example avax1am4w6hfrvmh3akduzkjthrtgtqafalce6an8cr
|
|
4203
4706
|
*/
|
|
4204
4707
|
pubkey: string;
|
|
4205
4708
|
};
|
|
4206
4709
|
};
|
|
4207
4710
|
requestBody: {
|
|
4208
4711
|
content: {
|
|
4209
|
-
"application/json": components["schemas"]["
|
|
4712
|
+
"application/json": components["schemas"]["AvaSignRequest"];
|
|
4210
4713
|
};
|
|
4211
4714
|
};
|
|
4212
4715
|
responses: {
|
|
4213
|
-
200: components["responses"]["
|
|
4716
|
+
200: components["responses"]["AvaSignResponse"];
|
|
4214
4717
|
202: {
|
|
4215
4718
|
content: {
|
|
4216
4719
|
"application/json": components["schemas"]["AcceptedResponse"];
|
|
@@ -4224,13 +4727,13 @@ export interface operations {
|
|
|
4224
4727
|
};
|
|
4225
4728
|
};
|
|
4226
4729
|
/**
|
|
4227
|
-
*
|
|
4228
|
-
* @description
|
|
4730
|
+
* Create EOTS nonces
|
|
4731
|
+
* @description Create EOTS nonces
|
|
4229
4732
|
*
|
|
4230
|
-
*
|
|
4231
|
-
*
|
|
4733
|
+
* Generates a set of Babylon EOTS nonces for a specified chain-id, starting at a
|
|
4734
|
+
* specified block height.
|
|
4232
4735
|
*/
|
|
4233
|
-
|
|
4736
|
+
createEotsNonces: {
|
|
4234
4737
|
parameters: {
|
|
4235
4738
|
path: {
|
|
4236
4739
|
/**
|
|
@@ -4238,15 +4741,20 @@ export interface operations {
|
|
|
4238
4741
|
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
4239
4742
|
*/
|
|
4240
4743
|
org_id: string;
|
|
4744
|
+
/**
|
|
4745
|
+
* @description Hex-encoded public key of the EOTS key
|
|
4746
|
+
* @example 0x457f0f24cfb06c3c35874bbd1f59b57180a5a9d7e1f6929280839c830f5c147f
|
|
4747
|
+
*/
|
|
4748
|
+
pubkey: string;
|
|
4241
4749
|
};
|
|
4242
4750
|
};
|
|
4243
4751
|
requestBody: {
|
|
4244
4752
|
content: {
|
|
4245
|
-
"application/json": components["schemas"]["
|
|
4753
|
+
"application/json": components["schemas"]["EotsCreateNonceRequest"];
|
|
4246
4754
|
};
|
|
4247
4755
|
};
|
|
4248
4756
|
responses: {
|
|
4249
|
-
200: components["responses"]["
|
|
4757
|
+
200: components["responses"]["EotsCreateNonceResponse"];
|
|
4250
4758
|
default: {
|
|
4251
4759
|
content: {
|
|
4252
4760
|
"application/json": components["schemas"]["ErrorResponse"];
|
|
@@ -4255,7 +4763,184 @@ export interface operations {
|
|
|
4255
4763
|
};
|
|
4256
4764
|
};
|
|
4257
4765
|
/**
|
|
4258
|
-
*
|
|
4766
|
+
* Create an EOTS signature
|
|
4767
|
+
* @description Create an EOTS signature
|
|
4768
|
+
*
|
|
4769
|
+
* Generates an EOTS signature for the specified chain-id, block height, and message.
|
|
4770
|
+
*/
|
|
4771
|
+
eotsSign: {
|
|
4772
|
+
parameters: {
|
|
4773
|
+
path: {
|
|
4774
|
+
/**
|
|
4775
|
+
* @description Name or ID of the desired Org
|
|
4776
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
4777
|
+
*/
|
|
4778
|
+
org_id: string;
|
|
4779
|
+
/**
|
|
4780
|
+
* @description Hex-encoded public key of the EOTS key
|
|
4781
|
+
* @example 0x457f0f24cfb06c3c35874bbd1f59b57180a5a9d7e1f6929280839c830f5c147f
|
|
4782
|
+
*/
|
|
4783
|
+
pubkey: string;
|
|
4784
|
+
};
|
|
4785
|
+
};
|
|
4786
|
+
requestBody: {
|
|
4787
|
+
content: {
|
|
4788
|
+
"application/json": components["schemas"]["EotsSignRequest"];
|
|
4789
|
+
};
|
|
4790
|
+
};
|
|
4791
|
+
responses: {
|
|
4792
|
+
200: components["responses"]["EotsSignResponse"];
|
|
4793
|
+
202: {
|
|
4794
|
+
content: {
|
|
4795
|
+
"application/json": components["schemas"]["AcceptedResponse"];
|
|
4796
|
+
};
|
|
4797
|
+
};
|
|
4798
|
+
default: {
|
|
4799
|
+
content: {
|
|
4800
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
4801
|
+
};
|
|
4802
|
+
};
|
|
4803
|
+
};
|
|
4804
|
+
};
|
|
4805
|
+
/**
|
|
4806
|
+
* Sign Bitcoin Segwit Transaction
|
|
4807
|
+
* @description Sign Bitcoin Segwit Transaction
|
|
4808
|
+
*
|
|
4809
|
+
* Signs a Bitcoin Segwit transaction with a given key.
|
|
4810
|
+
* This is a pre-release feature.
|
|
4811
|
+
*/
|
|
4812
|
+
btcSign: {
|
|
4813
|
+
parameters: {
|
|
4814
|
+
path: {
|
|
4815
|
+
/**
|
|
4816
|
+
* @description Name or ID of the desired Org
|
|
4817
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
4818
|
+
*/
|
|
4819
|
+
org_id: string;
|
|
4820
|
+
/**
|
|
4821
|
+
* @description bech32 encoding of the public key
|
|
4822
|
+
* @example bc1q5p5qkae77ly80kr4pyfytdqm7rf08ddhdejl9g
|
|
4823
|
+
*/
|
|
4824
|
+
pubkey: string;
|
|
4825
|
+
};
|
|
4826
|
+
};
|
|
4827
|
+
requestBody: {
|
|
4828
|
+
content: {
|
|
4829
|
+
"application/json": components["schemas"]["BtcSignRequest"];
|
|
4830
|
+
};
|
|
4831
|
+
};
|
|
4832
|
+
responses: {
|
|
4833
|
+
200: components["responses"]["BtcSignResponse"];
|
|
4834
|
+
202: {
|
|
4835
|
+
content: {
|
|
4836
|
+
"application/json": components["schemas"]["AcceptedResponse"];
|
|
4837
|
+
};
|
|
4838
|
+
};
|
|
4839
|
+
default: {
|
|
4840
|
+
content: {
|
|
4841
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
4842
|
+
};
|
|
4843
|
+
};
|
|
4844
|
+
};
|
|
4845
|
+
};
|
|
4846
|
+
/**
|
|
4847
|
+
* Sign Bitcoin Taproot Transaction
|
|
4848
|
+
* @description Sign Bitcoin Taproot Transaction
|
|
4849
|
+
*
|
|
4850
|
+
* Signs a Bitcoin Taproot transaction with a given key.
|
|
4851
|
+
* This is a pre-release feature.
|
|
4852
|
+
*/
|
|
4853
|
+
btcTaprootSign: {
|
|
4854
|
+
parameters: {
|
|
4855
|
+
path: {
|
|
4856
|
+
/**
|
|
4857
|
+
* @description Name or ID of the desired Org
|
|
4858
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
4859
|
+
*/
|
|
4860
|
+
org_id: string;
|
|
4861
|
+
/**
|
|
4862
|
+
* @description bech32 encoding of the public key
|
|
4863
|
+
* @example bc1p2wsldez5mud2yam29q22wgfh9439spgduvct83k3pm50fcxa5dps59h4z5
|
|
4864
|
+
*/
|
|
4865
|
+
pubkey: string;
|
|
4866
|
+
};
|
|
4867
|
+
};
|
|
4868
|
+
requestBody: {
|
|
4869
|
+
content: {
|
|
4870
|
+
"application/json": components["schemas"]["TaprootSignRequest"];
|
|
4871
|
+
};
|
|
4872
|
+
};
|
|
4873
|
+
responses: {
|
|
4874
|
+
200: components["responses"]["TaprootSignResponse"];
|
|
4875
|
+
202: {
|
|
4876
|
+
content: {
|
|
4877
|
+
"application/json": components["schemas"]["AcceptedResponse"];
|
|
4878
|
+
};
|
|
4879
|
+
};
|
|
4880
|
+
default: {
|
|
4881
|
+
content: {
|
|
4882
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
4883
|
+
};
|
|
4884
|
+
};
|
|
4885
|
+
};
|
|
4886
|
+
};
|
|
4887
|
+
/**
|
|
4888
|
+
* Derive Key From Long-Lived Mnemonic
|
|
4889
|
+
* @description Derive Key From Long-Lived Mnemonic
|
|
4890
|
+
*
|
|
4891
|
+
* Derives a key of a specified type using a supplied derivation path and an
|
|
4892
|
+
* existing long-lived mnemonic.
|
|
4893
|
+
*/
|
|
4894
|
+
deriveKey: {
|
|
4895
|
+
parameters: {
|
|
4896
|
+
path: {
|
|
4897
|
+
/**
|
|
4898
|
+
* @description Name or ID of the desired Org
|
|
4899
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
4900
|
+
*/
|
|
4901
|
+
org_id: string;
|
|
4902
|
+
};
|
|
4903
|
+
};
|
|
4904
|
+
requestBody: {
|
|
4905
|
+
content: {
|
|
4906
|
+
"application/json": components["schemas"]["DeriveKeyRequest"];
|
|
4907
|
+
};
|
|
4908
|
+
};
|
|
4909
|
+
responses: {
|
|
4910
|
+
200: components["responses"]["CreateKeyResponse"];
|
|
4911
|
+
default: {
|
|
4912
|
+
content: {
|
|
4913
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
4914
|
+
};
|
|
4915
|
+
};
|
|
4916
|
+
};
|
|
4917
|
+
};
|
|
4918
|
+
setEmailOtp: {
|
|
4919
|
+
parameters: {
|
|
4920
|
+
path: {
|
|
4921
|
+
/**
|
|
4922
|
+
* @description Name or ID of the desired Org
|
|
4923
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
4924
|
+
*/
|
|
4925
|
+
org_id: string;
|
|
4926
|
+
};
|
|
4927
|
+
};
|
|
4928
|
+
requestBody: {
|
|
4929
|
+
content: {
|
|
4930
|
+
"application/json": components["schemas"]["ConfigureEmailOtpRequest"];
|
|
4931
|
+
};
|
|
4932
|
+
};
|
|
4933
|
+
responses: {
|
|
4934
|
+
200: components["responses"]["EmptyImpl"];
|
|
4935
|
+
default: {
|
|
4936
|
+
content: {
|
|
4937
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
4938
|
+
};
|
|
4939
|
+
};
|
|
4940
|
+
};
|
|
4941
|
+
};
|
|
4942
|
+
/**
|
|
4943
|
+
* Sign EIP-191 Data
|
|
4259
4944
|
* @description Sign EIP-191 Data
|
|
4260
4945
|
*
|
|
4261
4946
|
* Signs a message using EIP-191 personal_sign with a given Secp256k1 key.
|
|
@@ -4334,6 +5019,85 @@ export interface operations {
|
|
|
4334
5019
|
};
|
|
4335
5020
|
};
|
|
4336
5021
|
};
|
|
5022
|
+
/**
|
|
5023
|
+
* List associated OIDC identities with the current user.
|
|
5024
|
+
* @description List associated OIDC identities with the current user.
|
|
5025
|
+
*/
|
|
5026
|
+
listOidcIdentities: {
|
|
5027
|
+
parameters: {
|
|
5028
|
+
path: {
|
|
5029
|
+
/**
|
|
5030
|
+
* @description Name or ID of the desired Org
|
|
5031
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
5032
|
+
*/
|
|
5033
|
+
org_id: string;
|
|
5034
|
+
};
|
|
5035
|
+
};
|
|
5036
|
+
responses: {
|
|
5037
|
+
200: components["responses"]["ListIdentitiesResponse"];
|
|
5038
|
+
default: {
|
|
5039
|
+
content: {
|
|
5040
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
5041
|
+
};
|
|
5042
|
+
};
|
|
5043
|
+
};
|
|
5044
|
+
};
|
|
5045
|
+
/**
|
|
5046
|
+
* Associate an OIDC identity with the current user in org <session.org>.
|
|
5047
|
+
* @description Associate an OIDC identity with the current user in org <session.org>.
|
|
5048
|
+
*/
|
|
5049
|
+
addOidcIdentity: {
|
|
5050
|
+
parameters: {
|
|
5051
|
+
path: {
|
|
5052
|
+
/**
|
|
5053
|
+
* @description Name or ID of the desired Org
|
|
5054
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
5055
|
+
*/
|
|
5056
|
+
org_id: string;
|
|
5057
|
+
};
|
|
5058
|
+
};
|
|
5059
|
+
requestBody: {
|
|
5060
|
+
content: {
|
|
5061
|
+
"application/json": components["schemas"]["AddIdentityRequest"];
|
|
5062
|
+
};
|
|
5063
|
+
};
|
|
5064
|
+
responses: {
|
|
5065
|
+
200: components["responses"]["EmptyImpl"];
|
|
5066
|
+
default: {
|
|
5067
|
+
content: {
|
|
5068
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
5069
|
+
};
|
|
5070
|
+
};
|
|
5071
|
+
};
|
|
5072
|
+
};
|
|
5073
|
+
/**
|
|
5074
|
+
* Remove an OIDC identity from the current user's account in org <session.org>.
|
|
5075
|
+
* @description Remove an OIDC identity from the current user's account in org <session.org>.
|
|
5076
|
+
*/
|
|
5077
|
+
removeOidcIdentity: {
|
|
5078
|
+
parameters: {
|
|
5079
|
+
path: {
|
|
5080
|
+
/**
|
|
5081
|
+
* @description Name or ID of the desired Org
|
|
5082
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
5083
|
+
*/
|
|
5084
|
+
org_id: string;
|
|
5085
|
+
};
|
|
5086
|
+
};
|
|
5087
|
+
requestBody: {
|
|
5088
|
+
content: {
|
|
5089
|
+
"application/json": components["schemas"]["OIDCIdentity"];
|
|
5090
|
+
};
|
|
5091
|
+
};
|
|
5092
|
+
responses: {
|
|
5093
|
+
200: components["responses"]["EmptyImpl"];
|
|
5094
|
+
default: {
|
|
5095
|
+
content: {
|
|
5096
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
5097
|
+
};
|
|
5098
|
+
};
|
|
5099
|
+
};
|
|
5100
|
+
};
|
|
4337
5101
|
/**
|
|
4338
5102
|
* Create [IdentityProof] from CubeSigner user session
|
|
4339
5103
|
* @description Create [IdentityProof] from CubeSigner user session
|
|
@@ -4533,6 +5297,11 @@ export interface operations {
|
|
|
4533
5297
|
* @example SecpEthAddr
|
|
4534
5298
|
*/
|
|
4535
5299
|
key_type?: components["schemas"]["KeyType"] | null;
|
|
5300
|
+
/**
|
|
5301
|
+
* @description Filter by key owner
|
|
5302
|
+
* @example User#5269c579-b4f9-4620-9e90-e46a5a0ffb4d
|
|
5303
|
+
*/
|
|
5304
|
+
key_owner?: components["schemas"]["Id"] | null;
|
|
4536
5305
|
};
|
|
4537
5306
|
path: {
|
|
4538
5307
|
/**
|
|
@@ -4616,7 +5385,9 @@ export interface operations {
|
|
|
4616
5385
|
* @description Delete Key
|
|
4617
5386
|
*
|
|
4618
5387
|
* Deletes a key specified by its ID.
|
|
5388
|
+
*
|
|
4619
5389
|
* Only the key owner and org owners are allowed to delete keys.
|
|
5390
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
4620
5391
|
*/
|
|
4621
5392
|
deleteKey: {
|
|
4622
5393
|
parameters: {
|
|
@@ -4633,6 +5404,11 @@ export interface operations {
|
|
|
4633
5404
|
key_id: string;
|
|
4634
5405
|
};
|
|
4635
5406
|
};
|
|
5407
|
+
requestBody: {
|
|
5408
|
+
content: {
|
|
5409
|
+
"application/json": components["schemas"]["Empty"];
|
|
5410
|
+
};
|
|
5411
|
+
};
|
|
4636
5412
|
responses: {
|
|
4637
5413
|
200: components["responses"]["EmptyImpl"];
|
|
4638
5414
|
default: {
|
|
@@ -5014,6 +5790,44 @@ export interface operations {
|
|
|
5014
5790
|
};
|
|
5015
5791
|
};
|
|
5016
5792
|
};
|
|
5793
|
+
/**
|
|
5794
|
+
* Initiate login via email token
|
|
5795
|
+
* @description Initiate login via email token
|
|
5796
|
+
*
|
|
5797
|
+
* This endpoint sends an email to the provided address with an OIDC token encrypted with AES-GCM.
|
|
5798
|
+
* The decryption parameters are returned immediately in the response.
|
|
5799
|
+
* Once that token is decrypted, it can be used with the standard OIDC authentication flows
|
|
5800
|
+
*
|
|
5801
|
+
*
|
|
5802
|
+
* > [!IMPORTANT]
|
|
5803
|
+
* > For this endpoint to succeed, the org must be configured to:
|
|
5804
|
+
* > 1. Allow the issuer `https://shim.oauth2.cubist.dev/email-otp` and client ID being the Org ID
|
|
5805
|
+
* > 2. Have an email sender configured for OTPs
|
|
5806
|
+
*/
|
|
5807
|
+
emailOtpAuth: {
|
|
5808
|
+
parameters: {
|
|
5809
|
+
path: {
|
|
5810
|
+
/**
|
|
5811
|
+
* @description Name or ID of the desired Org
|
|
5812
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
5813
|
+
*/
|
|
5814
|
+
org_id: string;
|
|
5815
|
+
};
|
|
5816
|
+
};
|
|
5817
|
+
requestBody: {
|
|
5818
|
+
content: {
|
|
5819
|
+
"application/json": components["schemas"]["EmailOtpRequest"];
|
|
5820
|
+
};
|
|
5821
|
+
};
|
|
5822
|
+
responses: {
|
|
5823
|
+
200: components["responses"]["EmailOtpResponse"];
|
|
5824
|
+
default: {
|
|
5825
|
+
content: {
|
|
5826
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
5827
|
+
};
|
|
5828
|
+
};
|
|
5829
|
+
};
|
|
5830
|
+
};
|
|
5017
5831
|
/**
|
|
5018
5832
|
* List Roles
|
|
5019
5833
|
* @description List Roles
|
|
@@ -5123,7 +5937,9 @@ export interface operations {
|
|
|
5123
5937
|
* @description Delete Role
|
|
5124
5938
|
*
|
|
5125
5939
|
* Deletes a role in an organization.
|
|
5940
|
+
*
|
|
5126
5941
|
* Only users in the role can perform this action.
|
|
5942
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
5127
5943
|
*/
|
|
5128
5944
|
deleteRole: {
|
|
5129
5945
|
parameters: {
|
|
@@ -5140,6 +5956,11 @@ export interface operations {
|
|
|
5140
5956
|
role_id: string;
|
|
5141
5957
|
};
|
|
5142
5958
|
};
|
|
5959
|
+
requestBody: {
|
|
5960
|
+
content: {
|
|
5961
|
+
"application/json": components["schemas"]["Empty"];
|
|
5962
|
+
};
|
|
5963
|
+
};
|
|
5143
5964
|
responses: {
|
|
5144
5965
|
200: components["responses"]["EmptyImpl"];
|
|
5145
5966
|
default: {
|
|
@@ -5155,7 +5976,9 @@ export interface operations {
|
|
|
5155
5976
|
*
|
|
5156
5977
|
* Enables or disables a role (this requires the `manage:role:update:enable` scope).
|
|
5157
5978
|
* Updates the role's policies (this requires the `manage:role:update:policy` scope).
|
|
5979
|
+
*
|
|
5158
5980
|
* The user must be in the role or an owner of the organization.
|
|
5981
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
5159
5982
|
*/
|
|
5160
5983
|
updateRole: {
|
|
5161
5984
|
parameters: {
|
|
@@ -5191,6 +6014,9 @@ export interface operations {
|
|
|
5191
6014
|
* @description Add Keys
|
|
5192
6015
|
*
|
|
5193
6016
|
* Adds a list of existing keys to an existing role.
|
|
6017
|
+
*
|
|
6018
|
+
* Only the key owner can their key to a role.
|
|
6019
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
5194
6020
|
*/
|
|
5195
6021
|
addKeysToRole: {
|
|
5196
6022
|
parameters: {
|
|
@@ -5219,7 +6045,9 @@ export interface operations {
|
|
|
5219
6045
|
* @description Add User
|
|
5220
6046
|
*
|
|
5221
6047
|
* Adds an existing user to an existing role.
|
|
5222
|
-
*
|
|
6048
|
+
*
|
|
6049
|
+
* Only users in the role or org owners can add users to a role.
|
|
6050
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
5223
6051
|
*/
|
|
5224
6052
|
addUserToRole: {
|
|
5225
6053
|
parameters: {
|
|
@@ -5241,6 +6069,11 @@ export interface operations {
|
|
|
5241
6069
|
user_id: string;
|
|
5242
6070
|
};
|
|
5243
6071
|
};
|
|
6072
|
+
requestBody: {
|
|
6073
|
+
content: {
|
|
6074
|
+
"application/json": components["schemas"]["Empty"];
|
|
6075
|
+
};
|
|
6076
|
+
};
|
|
5244
6077
|
responses: {};
|
|
5245
6078
|
};
|
|
5246
6079
|
/**
|
|
@@ -5292,7 +6125,10 @@ export interface operations {
|
|
|
5292
6125
|
* Remove Key
|
|
5293
6126
|
* @description Remove Key
|
|
5294
6127
|
*
|
|
5295
|
-
* Removes a given key from a role
|
|
6128
|
+
* Removes a given key from a role.
|
|
6129
|
+
*
|
|
6130
|
+
* Only users in the role or org owners can remove keys from a role.
|
|
6131
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
5296
6132
|
*/
|
|
5297
6133
|
removeKeyFromRole: {
|
|
5298
6134
|
parameters: {
|
|
@@ -5314,6 +6150,11 @@ export interface operations {
|
|
|
5314
6150
|
key_id: string;
|
|
5315
6151
|
};
|
|
5316
6152
|
};
|
|
6153
|
+
requestBody: {
|
|
6154
|
+
content: {
|
|
6155
|
+
"application/json": components["schemas"]["Empty"];
|
|
6156
|
+
};
|
|
6157
|
+
};
|
|
5317
6158
|
responses: {};
|
|
5318
6159
|
};
|
|
5319
6160
|
/**
|
|
@@ -5509,7 +6350,9 @@ export interface operations {
|
|
|
5509
6350
|
* @description Remove User
|
|
5510
6351
|
*
|
|
5511
6352
|
* Removes an existing user from an existing role.
|
|
6353
|
+
*
|
|
5512
6354
|
* Only users in the role or org owners can remove users from a role.
|
|
6355
|
+
* Additionally, the role's edit policy (if set) must permit the update.
|
|
5513
6356
|
*/
|
|
5514
6357
|
removeUserFromRole: {
|
|
5515
6358
|
parameters: {
|
|
@@ -5531,6 +6374,11 @@ export interface operations {
|
|
|
5531
6374
|
user_id: string;
|
|
5532
6375
|
};
|
|
5533
6376
|
};
|
|
6377
|
+
requestBody: {
|
|
6378
|
+
content: {
|
|
6379
|
+
"application/json": components["schemas"]["Empty"];
|
|
6380
|
+
};
|
|
6381
|
+
};
|
|
5534
6382
|
responses: {};
|
|
5535
6383
|
};
|
|
5536
6384
|
/**
|
|
@@ -6293,6 +7141,69 @@ export interface operations {
|
|
|
6293
7141
|
};
|
|
6294
7142
|
};
|
|
6295
7143
|
};
|
|
7144
|
+
/**
|
|
7145
|
+
* Remove a user from the org
|
|
7146
|
+
* @description Remove a user from the org
|
|
7147
|
+
*/
|
|
7148
|
+
deleteUser: {
|
|
7149
|
+
parameters: {
|
|
7150
|
+
path: {
|
|
7151
|
+
/**
|
|
7152
|
+
* @description Name or ID of the desired Org
|
|
7153
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
7154
|
+
*/
|
|
7155
|
+
org_id: string;
|
|
7156
|
+
/**
|
|
7157
|
+
* @description ID of the desired User
|
|
7158
|
+
* @example User#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
7159
|
+
*/
|
|
7160
|
+
user_id: string;
|
|
7161
|
+
};
|
|
7162
|
+
};
|
|
7163
|
+
responses: {
|
|
7164
|
+
200: components["responses"]["EmptyImpl"];
|
|
7165
|
+
default: {
|
|
7166
|
+
content: {
|
|
7167
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
7168
|
+
};
|
|
7169
|
+
};
|
|
7170
|
+
};
|
|
7171
|
+
};
|
|
7172
|
+
/**
|
|
7173
|
+
* Update a user's membership in the org
|
|
7174
|
+
* @description Update a user's membership in the org
|
|
7175
|
+
*
|
|
7176
|
+
* Currently allows just enabling/disabling a user in the org.
|
|
7177
|
+
*/
|
|
7178
|
+
updateUserMembership: {
|
|
7179
|
+
parameters: {
|
|
7180
|
+
path: {
|
|
7181
|
+
/**
|
|
7182
|
+
* @description Name or ID of the desired Org
|
|
7183
|
+
* @example Org#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
7184
|
+
*/
|
|
7185
|
+
org_id: string;
|
|
7186
|
+
/**
|
|
7187
|
+
* @description ID of the desired User
|
|
7188
|
+
* @example User#124dfe3e-3bbd-487d-80c0-53c55e8ab87a
|
|
7189
|
+
*/
|
|
7190
|
+
user_id: string;
|
|
7191
|
+
};
|
|
7192
|
+
};
|
|
7193
|
+
requestBody: {
|
|
7194
|
+
content: {
|
|
7195
|
+
"application/json": components["schemas"]["UpdateUserMembershipRequest"];
|
|
7196
|
+
};
|
|
7197
|
+
};
|
|
7198
|
+
responses: {
|
|
7199
|
+
200: components["responses"]["UserInOrgInfo"];
|
|
7200
|
+
default: {
|
|
7201
|
+
content: {
|
|
7202
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
7203
|
+
};
|
|
7204
|
+
};
|
|
7205
|
+
};
|
|
7206
|
+
};
|
|
6296
7207
|
/**
|
|
6297
7208
|
* Initiate registration of a FIDO key
|
|
6298
7209
|
* @deprecated
|
|
@@ -6421,12 +7332,25 @@ export interface operations {
|
|
|
6421
7332
|
};
|
|
6422
7333
|
};
|
|
6423
7334
|
};
|
|
7335
|
+
/**
|
|
7336
|
+
* Retrieves all the orgs the user is a part of
|
|
7337
|
+
* @description Retrieves all the orgs the user is a part of
|
|
7338
|
+
*/
|
|
7339
|
+
userOrgs: {
|
|
7340
|
+
responses: {
|
|
7341
|
+
200: components["responses"]["UserOrgsResponse"];
|
|
7342
|
+
default: {
|
|
7343
|
+
content: {
|
|
7344
|
+
"application/json": components["schemas"]["ErrorResponse"];
|
|
7345
|
+
};
|
|
7346
|
+
};
|
|
7347
|
+
};
|
|
7348
|
+
};
|
|
6424
7349
|
/**
|
|
6425
7350
|
* Sign Raw Blob
|
|
6426
7351
|
* @description Sign Raw Blob
|
|
6427
7352
|
*
|
|
6428
7353
|
* Signs an arbitrary blob with a given key.
|
|
6429
|
-
* This is a pre-release feature.
|
|
6430
7354
|
*
|
|
6431
7355
|
* - ECDSA signatures are serialized as big-endian r and s plus recovery-id
|
|
6432
7356
|
* byte v, which can in general take any of the values 0, 1, 2, or 3.
|