@djangocfg/api 2.1.356 → 2.1.357

package/dist/clients.d.ts

@@ -49,6 +49,1682 @@ declare class APILogger {
     withTag(tag: string): ConsolaInstance;
 }
 
+type AuthToken = string | undefined;
+interface Auth {
+    /**
+     * Which part of the request do we use to send the auth?
+     *
+     * @default 'header'
+     */
+    in?: 'header' | 'query' | 'cookie';
+    /**
+     * Header or query parameter name.
+     *
+     * @default 'Authorization'
+     */
+    name?: string;
+    scheme?: 'basic' | 'bearer';
+    type: 'apiKey' | 'http';
+}
+
+interface SerializerOptions<T> {
+    /**
+     * @default true
+     */
+    explode: boolean;
+    style: T;
+}
+type ArrayStyle = 'form' | 'spaceDelimited' | 'pipeDelimited';
+type ObjectStyle = 'form' | 'deepObject';
+
+type QuerySerializer = (query: Record<string, unknown>) => string;
+type BodySerializer = (body: unknown) => unknown;
+type QuerySerializerOptionsObject = {
+    allowReserved?: boolean;
+    array?: Partial<SerializerOptions<ArrayStyle>>;
+    object?: Partial<SerializerOptions<ObjectStyle>>;
+};
+type QuerySerializerOptions = QuerySerializerOptionsObject & {
+    /**
+     * Per-parameter serialization overrides. When provided, these settings
+     * override the global array/object settings for specific parameter names.
+     */
+    parameters?: Record<string, QuerySerializerOptionsObject>;
+};
+
+type HttpMethod = 'connect' | 'delete' | 'get' | 'head' | 'options' | 'patch' | 'post' | 'put' | 'trace';
+type Client$1<RequestFn = never, Config = unknown, MethodFn = never, BuildUrlFn = never, SseFn = never> = {
+    /**
+     * Returns the final request URL.
+     */
+    buildUrl: BuildUrlFn;
+    getConfig: () => Config;
+    request: RequestFn;
+    setConfig: (config: Config) => Config;
+} & {
+    [K in HttpMethod]: MethodFn;
+} & ([SseFn] extends [never] ? {
+    sse?: never;
+} : {
+    sse: {
+        [K in HttpMethod]: SseFn;
+    };
+});
+interface Config$1 {
+    /**
+     * Auth token or a function returning auth token. The resolved value will be
+     * added to the request payload as defined by its `security` array.
+     */
+    auth?: ((auth: Auth) => Promise<AuthToken> | AuthToken) | AuthToken;
+    /**
+     * A function for serializing request body parameter. By default,
+     * {@link JSON.stringify()} will be used.
+     */
+    bodySerializer?: BodySerializer | null;
+    /**
+     * An object containing any HTTP headers that you want to pre-populate your
+     * `Headers` object with.
+     *
+     * {@link https://developer.mozilla.org/docs/Web/API/Headers/Headers#init See more}
+     */
+    headers?: RequestInit['headers'] | Record<string, string | number | boolean | (string | number | boolean)[] | null | undefined | unknown>;
+    /**
+     * The request method.
+     *
+     * {@link https://developer.mozilla.org/docs/Web/API/fetch#method See more}
+     */
+    method?: Uppercase<HttpMethod>;
+    /**
+     * A function for serializing request query parameters. By default, arrays
+     * will be exploded in form style, objects will be exploded in deepObject
+     * style, and reserved characters are percent-encoded.
+     *
+     * This method will have no effect if the native `paramsSerializer()` Axios
+     * API function is used.
+     *
+     * {@link https://swagger.io/docs/specification/serialization/#query View examples}
+     */
+    querySerializer?: QuerySerializer | QuerySerializerOptions;
+    /**
+     * A function validating request data. This is useful if you want to ensure
+     * the request conforms to the desired shape, so it can be safely sent to
+     * the server.
+     */
+    requestValidator?: (data: unknown) => Promise<unknown>;
+    /**
+     * A function transforming response data before it's returned. This is useful
+     * for post-processing data, e.g., converting ISO strings into Date objects.
+     */
+    responseTransformer?: (data: unknown) => Promise<unknown>;
+    /**
+     * A function validating response data. This is useful if you want to ensure
+     * the response conforms to the desired shape, so it can be safely passed to
+     * the transformers and returned to the user.
+     */
+    responseValidator?: (data: unknown) => Promise<unknown>;
+}
+
+type ServerSentEventsOptions<TData = unknown> = Omit<RequestInit, 'method'> & Pick<Config$1, 'method' | 'responseTransformer' | 'responseValidator'> & {
+    /**
+     * Fetch API implementation. You can use this option to provide a custom
+     * fetch instance.
+     *
+     * @default globalThis.fetch
+     */
+    fetch?: typeof fetch;
+    /**
+     * Implementing clients can call request interceptors inside this hook.
+     */
+    onRequest?: (url: string, init: RequestInit) => Promise<Request>;
+    /**
+     * Callback invoked when a network or parsing error occurs during streaming.
+     *
+     * This option applies only if the endpoint returns a stream of events.
+     *
+     * @param error The error that occurred.
+     */
+    onSseError?: (error: unknown) => void;
+    /**
+     * Callback invoked when an event is streamed from the server.
+     *
+     * This option applies only if the endpoint returns a stream of events.
+     *
+     * @param event Event streamed from the server.
+     * @returns Nothing (void).
+     */
+    onSseEvent?: (event: StreamEvent<TData>) => void;
+    serializedBody?: RequestInit['body'];
+    /**
+     * Default retry delay in milliseconds.
+     *
+     * This option applies only if the endpoint returns a stream of events.
+     *
+     * @default 3000
+     */
+    sseDefaultRetryDelay?: number;
+    /**
+     * Maximum number of retry attempts before giving up.
+     */
+    sseMaxRetryAttempts?: number;
+    /**
+     * Maximum retry delay in milliseconds.
+     *
+     * Applies only when exponential backoff is used.
+     *
+     * This option applies only if the endpoint returns a stream of events.
+     *
+     * @default 30000
+     */
+    sseMaxRetryDelay?: number;
+    /**
+     * Optional sleep function for retry backoff.
+     *
+     * Defaults to using `setTimeout`.
+     */
+    sseSleepFn?: (ms: number) => Promise<void>;
+    url: string;
+};
+interface StreamEvent<TData = unknown> {
+    data: TData;
+    event?: string;
+    id?: string;
+    retry?: number;
+}
+type ServerSentEventsResult<TData = unknown, TReturn = void, TNext = unknown> = {
+    stream: AsyncGenerator<TData extends Record<string, unknown> ? TData[keyof TData] : TData, TReturn, TNext>;
+};
+
+type ErrInterceptor<Err, Res, Req, Options> = (error: Err, 
+/** response may be undefined due to a network error where no response object is produced */
+response: Res | undefined, 
+/** request may be undefined, because error may be from building the request object itself */
+request: Req | undefined, options: Options) => Err | Promise<Err>;
+type ReqInterceptor<Req, Options> = (request: Req, options: Options) => Req | Promise<Req>;
+type ResInterceptor<Res, Req, Options> = (response: Res, request: Req, options: Options) => Res | Promise<Res>;
+declare class Interceptors<Interceptor> {
+    fns: Array<Interceptor | null>;
+    clear(): void;
+    eject(id: number | Interceptor): void;
+    exists(id: number | Interceptor): boolean;
+    getInterceptorIndex(id: number | Interceptor): number;
+    update(id: number | Interceptor, fn: Interceptor): number | Interceptor | false;
+    use(fn: Interceptor): number;
+}
+interface Middleware<Req, Res, Err, Options> {
+    error: Interceptors<ErrInterceptor<Err, Res, Req, Options>>;
+    request: Interceptors<ReqInterceptor<Req, Options>>;
+    response: Interceptors<ResInterceptor<Res, Req, Options>>;
+}
+
+type ResponseStyle = 'data' | 'fields';
+interface Config<T extends ClientOptions = ClientOptions> extends Omit<RequestInit, 'body' | 'headers' | 'method'>, Config$1 {
+    /**
+     * Base URL for all requests made by this client.
+     */
+    baseUrl?: T['baseUrl'];
+    /**
+     * Fetch API implementation. You can use this option to provide a custom
+     * fetch instance.
+     *
+     * @default globalThis.fetch
+     */
+    fetch?: typeof fetch;
+    /**
+     * Please don't use the Fetch client for Next.js applications. The `next`
+     * options won't have any effect.
+     *
+     * Install {@link https://www.npmjs.com/package/@hey-api/client-next `@hey-api/client-next`} instead.
+     */
+    next?: never;
+    /**
+     * Return the response data parsed in a specified format. By default, `auto`
+     * will infer the appropriate method from the `Content-Type` response header.
+     * You can override this behavior with any of the {@link Body} methods.
+     * Select `stream` if you don't want to parse response data at all.
+     *
+     * @default 'auto'
+     */
+    parseAs?: 'arrayBuffer' | 'auto' | 'blob' | 'formData' | 'json' | 'stream' | 'text';
+    /**
+     * Should we return only data or multiple fields (data, error, response, etc.)?
+     *
+     * @default 'fields'
+     */
+    responseStyle?: ResponseStyle;
+    /**
+     * Throw an error instead of returning it in the response?
+     *
+     * @default false
+     */
+    throwOnError?: T['throwOnError'];
+}
+interface RequestOptions<TData = unknown, TResponseStyle extends ResponseStyle = 'fields', ThrowOnError extends boolean = boolean, Url extends string = string> extends Config<{
+    responseStyle: TResponseStyle;
+    throwOnError: ThrowOnError;
+}>, Pick<ServerSentEventsOptions<TData>, 'onRequest' | 'onSseError' | 'onSseEvent' | 'sseDefaultRetryDelay' | 'sseMaxRetryAttempts' | 'sseMaxRetryDelay'> {
+    /**
+     * Any body that you want to add to your request.
+     *
+     * {@link https://developer.mozilla.org/docs/Web/API/fetch#body}
+     */
+    body?: unknown;
+    path?: Record<string, unknown>;
+    query?: Record<string, unknown>;
+    /**
+     * Security mechanism(s) to use for the request.
+     */
+    security?: ReadonlyArray<Auth>;
+    url: Url;
+}
+interface ResolvedRequestOptions<TResponseStyle extends ResponseStyle = 'fields', ThrowOnError extends boolean = boolean, Url extends string = string> extends RequestOptions<unknown, TResponseStyle, ThrowOnError, Url> {
+    headers: Headers;
+    serializedBody?: string;
+}
+type RequestResult<TData = unknown, TError = unknown, ThrowOnError extends boolean = boolean, TResponseStyle extends ResponseStyle = 'fields'> = ThrowOnError extends true ? Promise<TResponseStyle extends 'data' ? TData extends Record<string, unknown> ? TData[keyof TData] : TData : {
+    data: TData extends Record<string, unknown> ? TData[keyof TData] : TData;
+    request: Request;
+    response: Response;
+}> : Promise<TResponseStyle extends 'data' ? (TData extends Record<string, unknown> ? TData[keyof TData] : TData) | undefined : ({
+    data: TData extends Record<string, unknown> ? TData[keyof TData] : TData;
+    error: undefined;
+} | {
+    data: undefined;
+    error: TError extends Record<string, unknown> ? TError[keyof TError] : TError;
+}) & {
+    /** request may be undefined, because error may be from building the request object itself */
+    request?: Request;
+    /** response may be undefined, because error may be from building the request object itself or from a network error */
+    response?: Response;
+}>;
+interface ClientOptions {
+    baseUrl?: string;
+    responseStyle?: ResponseStyle;
+    throwOnError?: boolean;
+}
+type MethodFn = <TData = unknown, TError = unknown, ThrowOnError extends boolean = false, TResponseStyle extends ResponseStyle = 'fields'>(options: Omit<RequestOptions<TData, TResponseStyle, ThrowOnError>, 'method'>) => RequestResult<TData, TError, ThrowOnError, TResponseStyle>;
+type SseFn = <TData = unknown, TError = unknown, ThrowOnError extends boolean = false, TResponseStyle extends ResponseStyle = 'fields'>(options: Omit<RequestOptions<never, TResponseStyle, ThrowOnError>, 'method'>) => Promise<ServerSentEventsResult<TData, TError>>;
+type RequestFn = <TData = unknown, TError = unknown, ThrowOnError extends boolean = false, TResponseStyle extends ResponseStyle = 'fields'>(options: Omit<RequestOptions<TData, TResponseStyle, ThrowOnError>, 'method'> & Pick<Required<RequestOptions<TData, TResponseStyle, ThrowOnError>>, 'method'>) => RequestResult<TData, TError, ThrowOnError, TResponseStyle>;
+type BuildUrlFn = <TData extends {
+    body?: unknown;
+    path?: Record<string, unknown>;
+    query?: Record<string, unknown>;
+    url: string;
+}>(options: TData & Options$1<TData>) => string;
+type Client = Client$1<RequestFn, Config, MethodFn, BuildUrlFn, SseFn> & {
+    interceptors: Middleware<Request, Response, unknown, ResolvedRequestOptions>;
+};
+interface TDataShape {
+    body?: unknown;
+    headers?: unknown;
+    path?: unknown;
+    query?: unknown;
+    url: string;
+}
+type OmitKeys<T, K> = Pick<T, Exclude<keyof T, K>>;
+type Options$1<TData extends TDataShape = TDataShape, ThrowOnError extends boolean = boolean, TResponse = unknown, TResponseStyle extends ResponseStyle = 'fields'> = OmitKeys<RequestOptions<TResponse, TResponseStyle, ThrowOnError>, 'body' | 'path' | 'query' | 'url'> & ([TData] extends [never] ? unknown : Omit<TData, 'url'>);
+
+/**
+ * Serializer for API key response (masked).
+ */
+type ApiKey = {
+    /**
+     * Masked API key
+     */
+    key: string;
+    /**
+     * When the key was last regenerated
+     */
+    reissued_at: string | null;
+    /**
+     * When the key was created
+     */
+    created_at: string;
+};
+/**
+ * Serializer for API key regeneration response (full key shown once).
+ */
+type ApiKeyRegenerate = {
+    /**
+     * New API key (shown only once)
+     */
+    key: string;
+    /**
+     * When the key was regenerated
+     */
+    reissued_at: string;
+};
+/**
+ * Serializer for API key response (masked).
+ */
+type ApiKeyRequest = {
+    /**
+     * Masked API key
+     */
+    key: string;
+    /**
+     * When the key was last regenerated
+     */
+    reissued_at: string | null;
+    /**
+     * When the key was created
+     */
+    created_at: string;
+};
+/**
+ * Serializer for testing an API key.
+ */
+type ApiKeyTestRequest = {
+    /**
+     * API key to test
+     */
+    key: string;
+};
+/**
+ * Serializer for API key test result.
+ */
+type ApiKeyTestResult = {
+    /**
+     * Whether the key is valid
+     */
+    valid: boolean;
+    /**
+     * User ID if valid, null otherwise
+     */
+    user_id: string | null;
+};
+/**
+ * Response serializer for account deletion.
+ */
+type AccountDeleteResponse = {
+    /**
+     * Whether the account was successfully deleted
+     */
+    success: boolean;
+    /**
+     * Human-readable message about the deletion
+     */
+    message: string;
+};
+/**
+ * Serializer for regenerating backup codes.
+ */
+type BackupCodesRegenerateRequest = {
+    /**
+     * TOTP code for verification
+     */
+    code: string;
+};
+/**
+ * Response serializer for backup codes regeneration.
+ */
+type BackupCodesRegenerateResponse = {
+    /**
+     * List of new backup codes (save these!)
+     */
+    backup_codes: Array<string>;
+    /**
+     * Warning about previous codes being invalidated
+     */
+    warning: string;
+};
+/**
+ * Serializer for backup codes status.
+ */
+type BackupCodesStatus = {
+    /**
+     * Number of unused backup codes
+     */
+    remaining_count: number;
+    /**
+     * Total number of codes generated
+     */
+    total_generated: number;
+    /**
+     * Warning if running low on codes
+     */
+    warning?: string | null;
+};
+/**
+ * Nested serializer for Centrifugo WebSocket connection token.
+ */
+type CentrifugoToken = {
+    /**
+     * JWT token for Centrifugo WebSocket connection
+     */
+    token: string;
+    /**
+     * Centrifugo WebSocket URL
+     */
+    centrifugo_url: string;
+    /**
+     * Token expiration time (ISO 8601)
+     */
+    expires_at: string;
+    /**
+     * List of allowed channels for this user
+     */
+    channels: Array<string>;
+};
+/**
+ * Serializer for updating user profile.
+ */
+type CfgUserUpdateRequest = {
+    first_name?: string;
+    last_name?: string;
+    company?: string;
+    phone?: string;
+    position?: string;
+    language?: string;
+    /**
+     * IANA timezone name (e.g. 'Asia/Seoul'). Auto-detected from browser via X-Timezone header.
+     */
+    timezone?: string;
+};
+/**
+ * Serializer for confirming 2FA setup with first code.
+ */
+type ConfirmSetupRequest = {
+    /**
+     * Device ID from setup response
+     */
+    device_id: string;
+    /**
+     * 6-digit TOTP code from authenticator app
+     */
+    code: string;
+};
+/**
+ * Response serializer for setup confirmation.
+ */
+type ConfirmSetupResponse = {
+    message: string;
+    /**
+     * List of backup recovery codes (save these!)
+     */
+    backup_codes: Array<string>;
+    /**
+     * Warning message about backup codes
+     */
+    backup_codes_warning: string;
+};
+/**
+ * ConnectionTokenResponse
+ *
+ * Response model for Centrifugo connection token.
+ */
+type ConnectionTokenResponse = {
+    /**
+     * Token
+     *
+     * JWT token for Centrifugo connection
+     */
+    token: string;
+    /**
+     * Centrifugo Url
+     *
+     * Centrifugo WebSocket URL
+     */
+    centrifugo_url: string;
+    /**
+     * Expires At
+     *
+     * Token expiration time (ISO 8601)
+     */
+    expires_at: string;
+    /**
+     * Channels
+     *
+     * List of allowed channels
+     */
+    channels: Array<string>;
+};
+/**
+ * Serializer for listing TOTP devices.
+ */
+type DeviceList = {
+    readonly id: string;
+    /**
+     * Device name for identification
+     */
+    readonly name: string;
+    /**
+     * Primary device used for verification
+     */
+    readonly is_primary: boolean;
+    readonly status: DeviceStatusEnum;
+    readonly created_at: string;
+    /**
+     * When device setup was confirmed
+     */
+    readonly confirmed_at: string | null;
+    /**
+     * Last successful verification
+     */
+    readonly last_used_at: string | null;
+};
+/**
+ * Response serializer for device list endpoint.
+ */
+type DeviceListResponse = {
+    devices: Array<DeviceList>;
+    has_2fa_enabled: boolean;
+};
+/**
+ * * `pending` - Pending Confirmation
+ * * `active` - Active
+ * * `disabled` - Disabled
+ */
+declare enum DeviceStatusEnum {
+    PENDING = "pending",
+    ACTIVE = "active",
+    DISABLED = "disabled"
+}
+/**
+ * Serializer for completely disabling 2FA.
+ */
+type DisableRequest = {
+    /**
+     * TOTP code for verification
+     */
+    code: string;
+};
+/**
+ * Request to start OAuth flow.
+ */
+type OAuthAuthorizeRequestRequest = {
+    /**
+     * URL to redirect after OAuth authorization. If not provided, uses config's site_url + callback_path
+     */
+    redirect_uri?: string;
+    /**
+     * Optional source URL for registration tracking
+     */
+    source_url?: string;
+};
+/**
+ * Response with OAuth authorization URL.
+ */
+type OAuthAuthorizeResponse = {
+    /**
+     * Full URL to redirect user to OAuth provider
+     */
+    authorization_url: string;
+    /**
+     * State token for CSRF protection. Store this and verify on callback.
+     */
+    state: string;
+};
+/**
+ * Request to complete OAuth flow (callback handler).
+ */
+type OAuthCallbackRequestRequest = {
+    /**
+     * Authorization code from OAuth provider callback
+     */
+    code: string;
+    /**
+     * State token for CSRF verification (from authorize response)
+     */
+    state: string;
+    /**
+     * Same redirect_uri used in authorize request. If not provided, uses config's site_url + callback_path
+     */
+    redirect_uri?: string;
+};
+/**
+ * Serializer for OAuth connection info (user-facing).
+ */
+type OAuthConnection = {
+    readonly id: number;
+    /**
+     * OAuth provider name (github, google, etc.)
+     *
+     * * `github` - GitHub
+     */
+    readonly provider: OAuthProviderEnum;
+    readonly provider_display: string;
+    /**
+     * Username on the OAuth provider platform
+     */
+    readonly provider_username: string;
+    /**
+     * Email from OAuth provider (may differ from user.email)
+     */
+    readonly provider_email: string;
+    /**
+     * Avatar URL from OAuth provider
+     */
+    readonly provider_avatar_url: string;
+    /**
+     * When this OAuth connection was created
+     */
+    readonly connected_at: string;
+    /**
+     * Last time this OAuth connection was used for login
+     */
+    readonly last_login_at: string;
+};
+/**
+ * Request to disconnect OAuth provider.
+ */
+type OAuthDisconnectRequestRequest = {
+    /**
+     * OAuth provider to disconnect
+     *
+     * * `github` - GitHub
+     */
+    provider: OAuthProviderEnum;
+};
+/**
+ * Error response for OAuth endpoints.
+ */
+type OAuthError = {
+    /**
+     * Error code
+     */
+    error: string;
+    /**
+     * Human-readable error description
+     */
+    error_description?: string;
+};
+/**
+ * * `github` - GitHub
+ */
+declare enum OAuthProviderEnum {
+    GITHUB = "github"
+}
+/**
+ * Response with available OAuth providers.
+ */
+type OAuthProvidersResponse = {
+    /**
+     * List of available OAuth providers
+     */
+    providers: Array<{
+        [key: string]: unknown;
+    }>;
+};
+/**
+ * Response with JWT tokens after OAuth authentication.
+ *
+ * When 2FA is required:
+ * - requires_2fa: True
+ * - session_id: UUID of 2FA verification session
+ * - access/refresh/user: null
+ *
+ * When 2FA is not required:
+ * - requires_2fa: False
+ * - session_id: null
+ * - access/refresh/user: populated
+ */
+type OAuthTokenResponse = {
+    /**
+     * True if 2FA verification is required
+     */
+    requires_2fa?: boolean;
+    /**
+     * 2FA session ID (only when requires_2fa=True)
+     */
+    session_id?: string | null;
+    /**
+     * JWT access token (null when requires_2fa=True)
+     */
+    access?: string | null;
+    /**
+     * JWT refresh token (null when requires_2fa=True)
+     */
+    refresh?: string | null;
+    /**
+     * Authenticated user info (null when requires_2fa=True)
+     */
+    user?: {
+        [key: string]: unknown;
+    } | null;
+    /**
+     * True if a new user was created during this OAuth flow
+     */
+    is_new_user: boolean;
+    /**
+     * True if a new OAuth connection was created
+     */
+    is_new_connection: boolean;
+    /**
+     * True if user should be prompted to enable 2FA
+     */
+    should_prompt_2fa?: boolean;
+};
+/**
+ * Typed error response for OTP operations.
+ *
+ * error_code values:
+ * - invalid_identifier   — malformed email
+ * - cooldown             — too soon after last request (retry_after = seconds)
+ * - hourly_limit         — hourly quota exceeded   (retry_after = seconds until reset)
+ * - daily_limit          — daily quota exceeded    (retry_after = seconds until reset)
+ * - rate_limited         — IP-level rate limit hit (no retry_after)
+ * - user_creation_failed — internal error creating account
+ * - send_failed          — transport error (email / SMS)
+ * - internal_error       — unexpected server error
+ */
+type OtpErrorResponse = {
+    /**
+     * Human-readable error message
+     */
+    error: string;
+    /**
+     * Machine-readable error code
+     */
+    error_code?: string | null;
+    /**
+     * Seconds until the client may retry (present only for rate-limit errors)
+     */
+    retry_after?: number | null;
+};
+/**
+ * Serializer for OTP request.
+ */
+type OtpRequestRequest = {
+    /**
+     * Email address for OTP delivery
+     */
+    identifier: string;
+    /**
+     * Source URL for tracking registration (e.g., https://my.djangocfg.com)
+     */
+    source_url?: string;
+};
+/**
+ * OTP request response.
+ */
+type OtpRequestResponse = {
+    /**
+     * Success message
+     */
+    message: string;
+};
+/**
+ * Serializer for OTP verification.
+ */
+type OtpVerifyRequest = {
+    /**
+     * Email address used for OTP request
+     */
+    identifier: string;
+    otp: string;
+    /**
+     * Source URL for tracking login (e.g., https://my.djangocfg.com)
+     */
+    source_url?: string;
+};
+/**
+ * OTP verification response.
+ *
+ * When 2FA is required:
+ * - requires_2fa: True
+ * - session_id: UUID of 2FA verification session
+ * - refresh/access/user: null
+ *
+ * When 2FA is not required:
+ * - requires_2fa: False
+ * - session_id: null
+ * - refresh/access/user: populated
+ */
+type OtpVerifyResponse = {
+    /**
+     * Whether 2FA verification is required
+     */
+    requires_2fa?: boolean;
+    /**
+     * 2FA session ID (if requires_2fa is True)
+     */
+    session_id?: string | null;
+    /**
+     * JWT refresh token (if requires_2fa is False)
+     */
+    refresh?: string | null;
+    /**
+     * JWT access token (if requires_2fa is False)
+     */
+    access?: string | null;
+    /**
+     * User information (if requires_2fa is False)
+     */
+    user?: User | null;
+    /**
+     * Whether user should be prompted to enable 2FA
+     */
+    should_prompt_2fa?: boolean;
+};
+/**
+ * Serializer for updating user profile.
+ */
+type PatchedCfgUserUpdateRequest = {
+    first_name?: string;
+    last_name?: string;
+    company?: string;
+    phone?: string;
+    position?: string;
+    language?: string;
+    /**
+     * IANA timezone name (e.g. 'Asia/Seoul'). Auto-detected from browser via X-Timezone header.
+     */
+    timezone?: string;
+};
+/**
+ * Serializer for starting 2FA setup.
+ */
+type SetupRequest = {
+    /**
+     * Device name for identification (e.g., 'My iPhone')
+     */
+    device_name?: string;
+};
+/**
+ * Response serializer for setup initiation.
+ */
+type SetupResponse = {
+    /**
+     * Device ID to use for confirmation
+     */
+    device_id: string;
+    /**
+     * Base32-encoded TOTP secret (for manual entry)
+     */
+    secret: string;
+    /**
+     * otpauth:// URI for QR code generation
+     */
+    provisioning_uri: string;
+    /**
+     * Base64-encoded QR code image (data URI)
+     */
+    qr_code_base64: string;
+    /**
+     * Seconds until setup expires (typically 600 = 10 minutes)
+     */
+    expires_in: number;
+};
+type TokenRefresh = {
+    readonly access: string;
+    refresh: string;
+};
+type TokenRefreshRequest = {
+    refresh: string;
+};
+/**
+ * User data returned after 2FA verification.
+ */
+type TotpVerifyUser = {
+    readonly id: number;
+    readonly email: string;
+    first_name?: string;
+    last_name?: string;
+    /**
+     * Get user's full name.
+     */
+    readonly full_name: string;
+    /**
+     * Get user's initials for avatar fallback.
+     */
+    readonly initials: string;
+    /**
+     * Get formatted username for display.
+     */
+    readonly display_username: string;
+    company?: string;
+    phone?: string;
+    position?: string;
+    language?: string;
+    /**
+     * IANA timezone name (e.g. 'Asia/Seoul'). Auto-detected from browser via X-Timezone header.
+     */
+    timezone?: string;
+    readonly avatar: string | null;
+    /**
+     * Staff status
+     *
+     * Designates whether the user can log into this admin site.
+     */
+    readonly is_staff: boolean;
+    /**
+     * Superuser status
+     *
+     * Designates that this user has all permissions without explicitly assigning them.
+     */
+    readonly is_superuser: boolean;
+    readonly date_joined: string;
+    readonly last_login: string | null;
+    readonly unanswered_messages_count: number;
+    readonly api_key: string | null;
+};
+/**
+ * Serializer for user details.
+ */
+type User = {
+    readonly id: number;
+    readonly email: string;
+    first_name?: string;
+    last_name?: string;
+    /**
+     * Get user's full name.
+     */
+    readonly full_name: string;
+    /**
+     * Get user's initials for avatar fallback.
+     */
+    readonly initials: string;
+    /**
+     * Get formatted username for display.
+     */
+    readonly display_username: string;
+    company?: string;
+    phone?: string;
+    position?: string;
+    language?: string;
+    /**
+     * IANA timezone name (e.g. 'Asia/Seoul'). Auto-detected from browser via X-Timezone header.
+     */
+    timezone?: string;
+    readonly avatar: string | null;
+    /**
+     * Staff status
+     *
+     * Designates whether the user can log into this admin site.
+     */
+    readonly is_staff: boolean;
+    /**
+     * Superuser status
+     *
+     * Designates that this user has all permissions without explicitly assigning them.
+     */
+    readonly is_superuser: boolean;
+    readonly date_joined: string;
+    readonly last_login: string | null;
+    readonly unanswered_messages_count: number;
+    readonly centrifugo: CentrifugoToken | null;
+    readonly api_key: string | null;
+};
+/**
+ * Serializer for backup code verification during login.
+ */
+type VerifyBackupRequest = {
+    /**
+     * 2FA session ID from login response
+     */
+    session_id: string;
+    /**
+     * 8-character backup recovery code
+     */
+    backup_code: string;
+};
+/**
+ * Serializer for TOTP code verification during login.
+ */
+type VerifyRequest = {
+    /**
+     * 2FA session ID from login response
+     */
+    session_id: string;
+    /**
+     * 6-digit TOTP code from authenticator app
+     */
+    code: string;
+};
+/**
+ * Response serializer for successful 2FA verification.
+ */
+type VerifyResponse = {
+    message: string;
+    /**
+     * JWT access token
+     */
+    access_token: string;
+    /**
+     * JWT refresh token
+     */
+    refresh_token: string;
+    /**
+     * User profile data
+     */
+    user: TotpVerifyUser;
+    /**
+     * Number of remaining backup codes (if backup code was used)
+     */
+    remaining_backup_codes?: number;
+    /**
+     * Warning message (e.g., low backup codes)
+     */
+    warning?: string;
+};
+type CfgAccountsOauthConnectionsResponse200AutoRef = Array<OAuthConnection>;
+type CfgAccountsOauthDisconnectResponse200AutoRef = {
+    message?: string;
+};
+/**
+ * 2FA disabled successfully
+ */
+type CfgTotpDisableResponse200AutoRef = unknown;
+type CfgAccountsApiKeyRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/api-key/';
+};
+type CfgAccountsApiKeyRetrieveErrors = {
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsApiKeyRetrieveResponses = {
+    200: ApiKey;
+};
+type CfgAccountsApiKeyRegenerateCreateData = {
+    body: ApiKeyRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/api-key/regenerate/';
+};
+type CfgAccountsApiKeyRegenerateCreateErrors = {
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsApiKeyRegenerateCreateResponses = {
+    200: ApiKeyRegenerate;
+};
+type CfgAccountsApiKeyTestCreateData = {
+    body: ApiKeyTestRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/api-key/test/';
+};
+type CfgAccountsApiKeyTestCreateResponses = {
+    200: ApiKeyTestResult;
+};
+type CfgAccountsOauthConnectionsListData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/oauth/connections/';
+};
+type CfgAccountsOauthConnectionsListResponses = {
+    200: CfgAccountsOauthConnectionsResponse200AutoRef;
+};
+type CfgAccountsOauthDisconnectCreateData = {
+    body: OAuthDisconnectRequestRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/oauth/disconnect/';
+};
+type CfgAccountsOauthDisconnectCreateErrors = {
+    400: OAuthError;
+    404: OAuthError;
+};
+type CfgAccountsOauthDisconnectCreateResponses = {
+    200: CfgAccountsOauthDisconnectResponse200AutoRef;
+};
+type CfgAccountsOauthGithubAuthorizeCreateData = {
+    body?: OAuthAuthorizeRequestRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/oauth/github/authorize/';
+};
+type CfgAccountsOauthGithubAuthorizeCreateErrors = {
+    503: OAuthError;
+};
+type CfgAccountsOauthGithubAuthorizeCreateResponses = {
+    200: OAuthAuthorizeResponse;
+};
+type CfgAccountsOauthGithubCallbackCreateData = {
+    body: OAuthCallbackRequestRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/oauth/github/callback/';
+};
+type CfgAccountsOauthGithubCallbackCreateErrors = {
+    400: OAuthError;
+};
+type CfgAccountsOauthGithubCallbackCreateResponses = {
+    200: OAuthTokenResponse;
+};
+type CfgAccountsOauthProvidersRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/oauth/providers/';
+};
+type CfgAccountsOauthProvidersRetrieveResponses = {
+    200: OAuthProvidersResponse;
+};
+type CfgAccountsOtpRequestCreateData = {
+    body: OtpRequestRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/otp/request/';
+};
+type CfgAccountsOtpRequestCreateErrors = {
+    400: OtpErrorResponse;
+    429: OtpErrorResponse;
+    500: OtpErrorResponse;
+};
+type CfgAccountsOtpRequestCreateResponses = {
+    200: OtpRequestResponse;
+};
+type CfgAccountsOtpVerifyCreateData = {
+    body: OtpVerifyRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/otp/verify/';
+};
+type CfgAccountsOtpVerifyCreateErrors = {
+    401: OtpErrorResponse;
+    429: OtpErrorResponse;
+};
+type CfgAccountsOtpVerifyCreateResponses = {
+    200: OtpVerifyResponse;
+};
+type CfgAccountsProfileRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/profile/';
+};
+type CfgAccountsProfileRetrieveErrors = {
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsProfileRetrieveResponses = {
+    200: User;
+};
+type CfgAccountsProfileAvatarCreateData = {
+    body?: {
+        /**
+         * Avatar image file (JPEG, PNG, GIF, WebP, max 5MB)
+         */
+        avatar: Blob | File;
+    };
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/profile/avatar/';
+};
+type CfgAccountsProfileAvatarCreateErrors = {
+    /**
+     * Invalid file or validation error.
+     */
+    400: unknown;
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsProfileAvatarCreateResponses = {
+    200: User;
+};
+type CfgAccountsProfileDeleteCreateData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/profile/delete/';
+};
+type CfgAccountsProfileDeleteCreateErrors = {
+    /**
+     * Account is already deleted.
+     */
+    400: unknown;
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsProfileDeleteCreateResponses = {
+    200: AccountDeleteResponse;
+};
+type CfgAccountsProfilePartialPartialUpdateData = {
+    body?: PatchedCfgUserUpdateRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/profile/partial/';
+};
+type CfgAccountsProfilePartialPartialUpdateErrors = {
+    /**
+     * Invalid data provided.
+     */
+    400: unknown;
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsProfilePartialPartialUpdateResponses = {
+    200: User;
+};
+type CfgAccountsProfilePartialUpdateData = {
+    body?: CfgUserUpdateRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/profile/partial/';
+};
+type CfgAccountsProfilePartialUpdateErrors = {
+    /**
+     * Invalid data provided.
+     */
+    400: unknown;
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsProfilePartialUpdateResponses = {
+    200: User;
+};
+type CfgAccountsProfileUpdatePartialUpdateData = {
+    body?: PatchedCfgUserUpdateRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/profile/update/';
+};
+type CfgAccountsProfileUpdatePartialUpdateErrors = {
+    /**
+     * Invalid data provided.
+     */
+    400: unknown;
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsProfileUpdatePartialUpdateResponses = {
+    200: User;
+};
+type CfgAccountsProfileUpdateUpdateData = {
+    body?: CfgUserUpdateRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/profile/update/';
+};
+type CfgAccountsProfileUpdateUpdateErrors = {
+    /**
+     * Invalid data provided.
+     */
+    400: unknown;
+    /**
+     * Authentication credentials were not provided.
+     */
+    401: unknown;
+};
+type CfgAccountsProfileUpdateUpdateResponses = {
+    200: User;
+};
+type CfgAccountsTokenRefreshCreateData = {
+    body: TokenRefreshRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/accounts/token/refresh/';
+};
+type CfgAccountsTokenRefreshCreateResponses = {
+    200: TokenRefresh;
+};
+type CfgCentrifugoAuthTokenRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/centrifugo/auth/token/';
+};
+type CfgCentrifugoAuthTokenRetrieveErrors = {
+    /**
+     * Unauthorized - authentication required
+     */
+    401: unknown;
+    /**
+     * Server error
+     */
+    500: unknown;
+};
+type CfgCentrifugoAuthTokenRetrieveResponses = {
+    200: ConnectionTokenResponse;
+};
+type CfgTotpBackupCodesRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/backup-codes/';
+};
+type CfgTotpBackupCodesRetrieveResponses = {
+    200: BackupCodesStatus;
+};
+type CfgTotpBackupCodesRegenerateCreateData = {
+    body: BackupCodesRegenerateRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/backup-codes/regenerate/';
+};
+type CfgTotpBackupCodesRegenerateCreateErrors = {
+    /**
+     * Invalid code or 2FA not enabled
+     */
+    400: unknown;
+};
+type CfgTotpBackupCodesRegenerateCreateResponses = {
+    200: BackupCodesRegenerateResponse;
+};
+type CfgTotpDevicesRetrieveData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/devices/';
+};
+type CfgTotpDevicesRetrieveResponses = {
+    200: DeviceListResponse;
+};
+type CfgTotpDevicesDestroyData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: '/cfg/totp/devices/{id}/';
+};
+type CfgTotpDevicesDestroyResponses = {
+    /**
+     * No response body
+     */
+    204: void;
+};
+type CfgTotpDisableCreateData = {
+    body: DisableRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/disable/';
+};
+type CfgTotpDisableCreateErrors = {
+    /**
+     * Invalid code
+     */
+    400: unknown;
+};
+type CfgTotpDisableCreateResponses = {
+    200: CfgTotpDisableResponse200AutoRef;
+};
+type CfgTotpSetupCreateData = {
+    body?: SetupRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/setup/';
+};
+type CfgTotpSetupCreateErrors = {
+    /**
+     * 2FA already enabled or invalid request
+     */
+    400: unknown;
+};
+type CfgTotpSetupCreateResponses = {
+    200: SetupResponse;
+};
+type CfgTotpSetupConfirmCreateData = {
+    body: ConfirmSetupRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/setup/confirm/';
+};
+type CfgTotpSetupConfirmCreateErrors = {
+    /**
+     * Invalid code or setup expired
+     */
+    400: unknown;
+};
+type CfgTotpSetupConfirmCreateResponses = {
+    200: ConfirmSetupResponse;
+};
+type CfgTotpVerifyCreateData = {
+    body: VerifyRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/verify/';
+};
+type CfgTotpVerifyCreateErrors = {
+    /**
+     * Invalid code or session
+     */
+    400: unknown;
+    /**
+     * Too many attempts
+     */
+    403: unknown;
+};
+type CfgTotpVerifyCreateResponses = {
+    200: VerifyResponse;
+};
+type CfgTotpVerifyBackupCreateData = {
+    body: VerifyBackupRequest;
+    path?: never;
+    query?: never;
+    url: '/cfg/totp/verify/backup/';
+};
+type CfgTotpVerifyBackupCreateErrors = {
+    /**
+     * Invalid backup code or session
+     */
+    400: unknown;
+};
+type CfgTotpVerifyBackupCreateResponses = {
+    200: VerifyResponse;
+};
+
+type Options<TData extends TDataShape = TDataShape, ThrowOnError extends boolean = boolean, TResponse = unknown> = Options$1<TData, ThrowOnError, TResponse> & {
+    /**
+     * You can provide a client instance returned by `createClient()` instead of
+     * individual options. This might be also useful if you want to implement a
+     * custom client.
+     */
+    client?: Client;
+    /**
+     * You can pass arbitrary values through the `meta` object. This can be
+     * used to access values that aren't defined as part of the SDK function.
+     */
+    meta?: Record<string, unknown>;
+};
+declare class CfgAccountsApiKey {
+    /**
+     * Get API key details
+     *
+     * Retrieve the current user's API key (masked) and metadata.
+     */
+    static cfgAccountsApiKeyRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsApiKeyRetrieveData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRetrieveResponses, CfgAccountsApiKeyRetrieveErrors, ThrowOnError, "fields">;
+    /**
+     * Regenerate API key
+     *
+     * Generate a new API key. The full key is returned only once.
+     */
+    static cfgAccountsApiKeyRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyRegenerateCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyRegenerateCreateResponses, CfgAccountsApiKeyRegenerateCreateErrors, ThrowOnError, "fields">;
+    /**
+     * Test API key
+     *
+     * Test whether an API key is valid without consuming it.
+     */
+    static cfgAccountsApiKeyTestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsApiKeyTestCreateData, ThrowOnError>): RequestResult<CfgAccountsApiKeyTestCreateResponses, unknown, ThrowOnError, "fields">;
+}
+declare class CfgAccountsOauth {
+    /**
+     * List OAuth connections
+     *
+     * Get all OAuth connections for the current user.
+     */
+    static cfgAccountsOauthConnectionsList<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthConnectionsListData, ThrowOnError>): RequestResult<CfgAccountsOauthConnectionsListResponses, unknown, ThrowOnError, "fields">;
+    /**
+     * Disconnect OAuth provider
+     *
+     * Remove OAuth connection for the specified provider.
+     */
+    static cfgAccountsOauthDisconnectCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthDisconnectCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthDisconnectCreateResponses, CfgAccountsOauthDisconnectCreateErrors, ThrowOnError, "fields">;
+    /**
+     * Start GitHub OAuth
+     *
+     * Generate GitHub OAuth authorization URL. Redirect user to this URL to start authentication.
+     */
+    static cfgAccountsOauthGithubAuthorizeCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthGithubAuthorizeCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubAuthorizeCreateResponses, CfgAccountsOauthGithubAuthorizeCreateErrors, ThrowOnError, "fields">;
+    /**
+     * Complete GitHub OAuth
+     *
+     * Exchange authorization code for JWT tokens. Call this after GitHub redirects back with code.
+     */
+    static cfgAccountsOauthGithubCallbackCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOauthGithubCallbackCreateData, ThrowOnError>): RequestResult<CfgAccountsOauthGithubCallbackCreateResponses, CfgAccountsOauthGithubCallbackCreateErrors, ThrowOnError, "fields">;
+    /**
+     * List OAuth providers
+     *
+     * Get list of available OAuth providers for authentication.
+     */
+    static cfgAccountsOauthProvidersRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsOauthProvidersRetrieveData, ThrowOnError>): RequestResult<CfgAccountsOauthProvidersRetrieveResponses, unknown, ThrowOnError, "fields">;
+}
+declare class CfgAccounts {
+    /**
+     * Request OTP code to email.
+     */
+    static cfgAccountsOtpRequestCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpRequestCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpRequestCreateResponses, CfgAccountsOtpRequestCreateErrors, ThrowOnError, "fields">;
+    /**
+     * Verify OTP code and return JWT tokens or 2FA session.
+     *
+     * If user has 2FA enabled:
+     * - Returns requires_2fa=True with session_id
+     * - Client must complete 2FA verification at /cfg/totp/verify/
+     *
+     * If user has no 2FA:
+     * - Returns JWT tokens and user data directly
+     */
+    static cfgAccountsOtpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsOtpVerifyCreateData, ThrowOnError>): RequestResult<CfgAccountsOtpVerifyCreateResponses, CfgAccountsOtpVerifyCreateErrors, ThrowOnError, "fields">;
+}
+declare class CfgAccountsProfile {
+    /**
+     * Get current user profile
+     *
+     * Retrieve the current authenticated user's profile information.
+     */
+    static cfgAccountsProfileRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileRetrieveData, ThrowOnError>): RequestResult<CfgAccountsProfileRetrieveResponses, CfgAccountsProfileRetrieveErrors, ThrowOnError, "fields">;
+    /**
+     * Upload user avatar
+     *
+     * Upload avatar image for the current authenticated user. Accepts multipart/form-data with 'avatar' field.
+     */
+    static cfgAccountsProfileAvatarCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileAvatarCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileAvatarCreateResponses, CfgAccountsProfileAvatarCreateErrors, ThrowOnError, "fields">;
+    /**
+     * Delete user account
+     *
+     *
+     * Permanently delete the current user's account.
+     *
+     * This operation:
+     * - Deactivates the account (user cannot log in)
+     * - Anonymizes personal data (GDPR compliance)
+     * - Frees up the email address for re-registration
+     * - Preserves audit trail
+     *
+     * The account can be restored by an administrator if needed.
+     *
+     */
+    static cfgAccountsProfileDeleteCreate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileDeleteCreateData, ThrowOnError>): RequestResult<CfgAccountsProfileDeleteCreateResponses, CfgAccountsProfileDeleteCreateErrors, ThrowOnError, "fields">;
+    /**
+     * Partial update user profile
+     *
+     * Partially update the current authenticated user's profile information. Supports avatar upload.
+     */
+    static cfgAccountsProfilePartialPartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialPartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialPartialUpdateResponses, CfgAccountsProfilePartialPartialUpdateErrors, ThrowOnError, "fields">;
+    /**
+     * Partial update user profile
+     *
+     * Partially update the current authenticated user's profile information. Supports avatar upload.
+     */
+    static cfgAccountsProfilePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfilePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfilePartialUpdateResponses, CfgAccountsProfilePartialUpdateErrors, ThrowOnError, "fields">;
+    /**
+     * Update user profile
+     *
+     * Update the current authenticated user's profile information.
+     */
+    static cfgAccountsProfileUpdatePartialUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdatePartialUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdatePartialUpdateResponses, CfgAccountsProfileUpdatePartialUpdateErrors, ThrowOnError, "fields">;
+    /**
+     * Update user profile
+     *
+     * Update the current authenticated user's profile information.
+     */
+    static cfgAccountsProfileUpdateUpdate<ThrowOnError extends boolean = false>(options?: Options<CfgAccountsProfileUpdateUpdateData, ThrowOnError>): RequestResult<CfgAccountsProfileUpdateUpdateResponses, CfgAccountsProfileUpdateUpdateErrors, ThrowOnError, "fields">;
+}
+declare class CfgAccountsAuth {
+    /**
+     * Refresh JWT token.
+     */
+    static cfgAccountsTokenRefreshCreate<ThrowOnError extends boolean = false>(options: Options<CfgAccountsTokenRefreshCreateData, ThrowOnError>): RequestResult<CfgAccountsTokenRefreshCreateResponses, unknown, ThrowOnError, "fields">;
+}
+declare class CfgCentrifugo {
+    /**
+     * Get Centrifugo connection token
+     *
+     * Generate JWT token for WebSocket connection to Centrifugo. Token includes user's allowed channels based on their permissions. Requires authentication.
+     */
+    static cfgCentrifugoAuthTokenRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgCentrifugoAuthTokenRetrieveData, ThrowOnError>): RequestResult<CfgCentrifugoAuthTokenRetrieveResponses, CfgCentrifugoAuthTokenRetrieveErrors, ThrowOnError, "fields">;
+}
+declare class CfgTotpBackupCodes {
+    /**
+     * Get backup codes status for user.
+     */
+    static cfgTotpBackupCodesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpBackupCodesRetrieveData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRetrieveResponses, unknown, ThrowOnError, "fields">;
+    /**
+     * Regenerate backup codes.
+     *
+     * Requires TOTP code for verification.
+     * Invalidates all existing codes.
+     */
+    static cfgTotpBackupCodesRegenerateCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpBackupCodesRegenerateCreateData, ThrowOnError>): RequestResult<CfgTotpBackupCodesRegenerateCreateResponses, CfgTotpBackupCodesRegenerateCreateErrors, ThrowOnError, "fields">;
+}
+declare class CfgTotp {
+    /**
+     * List all TOTP devices for user.
+     */
+    static cfgTotpDevicesRetrieve<ThrowOnError extends boolean = false>(options?: Options<CfgTotpDevicesRetrieveData, ThrowOnError>): RequestResult<CfgTotpDevicesRetrieveResponses, unknown, ThrowOnError, "fields">;
+    /**
+     * Delete a TOTP device.
+     *
+     * Requires verification code if removing the last/primary device.
+     */
+    static cfgTotpDevicesDestroy<ThrowOnError extends boolean = false>(options: Options<CfgTotpDevicesDestroyData, ThrowOnError>): RequestResult<CfgTotpDevicesDestroyResponses, unknown, ThrowOnError, "fields">;
+    /**
+     * Completely disable 2FA for account.
+     *
+     * Requires verification code.
+     */
+    static cfgTotpDisableCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpDisableCreateData, ThrowOnError>): RequestResult<CfgTotpDisableCreateResponses, CfgTotpDisableCreateErrors, ThrowOnError, "fields">;
+}
+declare class CfgTotpSetup {
+    /**
+     * Start 2FA setup process.
+     *
+     * Creates a new TOTP device and returns QR code for scanning.
+     */
+    static cfgTotpSetupCreate<ThrowOnError extends boolean = false>(options?: Options<CfgTotpSetupCreateData, ThrowOnError>): RequestResult<CfgTotpSetupCreateResponses, CfgTotpSetupCreateErrors, ThrowOnError, "fields">;
+    /**
+     * Confirm 2FA setup with first valid code.
+     *
+     * Activates the device and generates backup codes.
+     */
+    static cfgTotpSetupConfirmCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpSetupConfirmCreateData, ThrowOnError>): RequestResult<CfgTotpSetupConfirmCreateResponses, CfgTotpSetupConfirmCreateErrors, ThrowOnError, "fields">;
+}
+declare class CfgTotpVerify {
+    /**
+     * Verify TOTP code for 2FA session.
+     *
+     * Completes authentication and returns JWT tokens on success.
+     */
+    static cfgTotpVerifyCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyCreateResponses, CfgTotpVerifyCreateErrors, ThrowOnError, "fields">;
+    /**
+     * Verify backup recovery code for 2FA session.
+     *
+     * Alternative verification method when TOTP device unavailable.
+     */
+    static cfgTotpVerifyBackupCreate<ThrowOnError extends boolean = false>(options: Options<CfgTotpVerifyBackupCreateData, ThrowOnError>): RequestResult<CfgTotpVerifyBackupCreateResponses, CfgTotpVerifyBackupCreateErrors, ThrowOnError, "fields">;
+}
+
 interface APIOptions$2 {
     /** Logger config (defaults to dev-only). */
     logger?: Partial<LoggerConfig>;
@@ -71,6 +1747,11 @@ interface APIOptions$2 {
  */
 declare class API$2 {
     readonly logger: APILogger;
+    readonly cfgAccountsApiKey: typeof CfgAccountsApiKey;
+    readonly cfgAccountsOauth: typeof CfgAccountsOauth;
+    readonly cfgAccounts: typeof CfgAccounts;
+    readonly cfgAccountsProfile: typeof CfgAccountsProfile;
+    readonly cfgAccountsAuth: typeof CfgAccountsAuth;
     constructor(_baseUrl?: string, opts?: APIOptions$2);
     getBaseUrl(): string;
     setBaseUrl(url: string): void;
@@ -115,6 +1796,7 @@ interface APIOptions$1 {
  */
 declare class API$1 {
     readonly logger: APILogger;
+    readonly cfgCentrifugo: typeof CfgCentrifugo;
     constructor(_baseUrl?: string, opts?: APIOptions$1);
     getBaseUrl(): string;
     setBaseUrl(url: string): void;
@@ -159,6 +1841,10 @@ interface APIOptions {
  */
 declare class API {
     readonly logger: APILogger;
+    readonly cfgTotpBackupCodes: typeof CfgTotpBackupCodes;
+    readonly cfgTotp: typeof CfgTotp;
+    readonly cfgTotpSetup: typeof CfgTotpSetup;
+    readonly cfgTotpVerify: typeof CfgTotpVerify;
     constructor(_baseUrl?: string, opts?: APIOptions);
     getBaseUrl(): string;
     setBaseUrl(url: string): void;