@eudiplo/sdk-core 1.14.0-main.070d9f8

package/dist/types.gen-CxMpZyVO.d.mts

@@ -0,0 +1,3388 @@
+type ClientOptions = {
+    baseUrl: string;
+};
+type RoleDto = {
+    /**
+     * OAuth2 roles
+     */
+    role: "presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "tenants:manage" | "registrar:manage";
+};
+type ClientCredentialsDto = {
+    grant_type?: string;
+    client_id: string;
+    client_secret: string;
+};
+type TokenResponse = {
+    access_token: string;
+    refresh_token?: string;
+    token_type: string;
+    expires_in: number;
+};
+type ImportTenantDto = {
+    /**
+     * The name of the tenant.
+     */
+    name: string;
+    /**
+     * The description of the tenant.
+     */
+    description?: string;
+};
+type SessionStorageConfig = {
+    /**
+     * Time-to-live for sessions in seconds. If not set, uses global SESSION_TTL.
+     */
+    ttlSeconds?: number;
+    /**
+     * Cleanup mode: 'full' deletes everything, 'anonymize' keeps metadata but removes PII.
+     */
+    cleanupMode?: "full" | "anonymize";
+};
+type StatusListConfig = {
+    /**
+     * The capacity of the status list. If not set, uses global STATUS_CAPACITY.
+     */
+    capacity?: number;
+    /**
+     * Bits per status entry: 1 (valid/revoked), 2 (with suspended), 4/8 (extended). If not set, uses global STATUS_BITS.
+     */
+    bits?: 1 | 2 | 4 | 8;
+    /**
+     * TTL in seconds for the status list JWT. If not set, uses global STATUS_TTL.
+     */
+    ttl?: number;
+    /**
+     * If true, regenerate JWT immediately on status changes. If false (default), use lazy regeneration on TTL expiry.
+     */
+    immediateUpdate?: boolean;
+    /**
+     * If true, include aggregation_uri in status list JWTs for pre-fetching support (default: true).
+     */
+    enableAggregation?: boolean;
+};
+type TenantEntity = {
+    /**
+     * Session storage configuration for this tenant. Controls TTL and cleanup behavior.
+     */
+    sessionConfig?: SessionStorageConfig;
+    /**
+     * Status list configuration for this tenant. Only affects newly created status lists.
+     */
+    statusListConfig?: StatusListConfig;
+    /**
+     * The unique identifier for the tenant.
+     */
+    id: string;
+    /**
+     * The name of the tenant.
+     */
+    name: string;
+    /**
+     * The description of the tenant.
+     */
+    description?: string;
+    /**
+     * The current status of the tenant.
+     */
+    status: string;
+    /**
+     * The clients associated with the tenant.
+     */
+    clients: Array<ClientEntity>;
+};
+type ClientEntity = {
+    /**
+     * List of presentation config IDs this client can use. If empty/null, all configs are allowed.
+     */
+    allowedPresentationConfigs?: Array<string>;
+    /**
+     * List of issuance config IDs this client can use. If empty/null, all configs are allowed.
+     */
+    allowedIssuanceConfigs?: Array<string>;
+    /**
+     * The unique identifier for the client.
+     */
+    clientId: string;
+    /**
+     * The secret key for the client.
+     */
+    secret?: string;
+    /**
+     * The unique identifier for the tenant that the client belongs to. Only null for accounts that manage tenants, that do not belong to a client
+     */
+    tenantId?: string;
+    /**
+     * The description of the client.
+     */
+    description?: string;
+    /**
+     * The roles assigned to the client.
+     */
+    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "tenants:manage" | "registrar:manage">;
+    /**
+     * The tenant that the client belongs to.
+     */
+    tenant?: TenantEntity;
+};
+type CreateTenantDto = {
+    /**
+     * Status list configuration for this tenant. Only affects newly created status lists.
+     */
+    statusListConfig?: StatusListConfig;
+    /**
+     * Session storage configuration. Controls TTL and cleanup behavior.
+     */
+    sessionConfig?: SessionStorageConfig;
+    roles?: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "tenants:manage" | "registrar:manage">;
+    /**
+     * The unique identifier for the tenant.
+     */
+    id: string;
+    /**
+     * The name of the tenant.
+     */
+    name: string;
+    /**
+     * The description of the tenant.
+     */
+    description?: string;
+};
+type UpdateTenantDto = {
+    /**
+     * Status list configuration for this tenant. Only affects newly created status lists.
+     */
+    statusListConfig?: StatusListConfig;
+    /**
+     * Session storage configuration. Controls TTL and cleanup behavior.
+     */
+    sessionConfig?: SessionStorageConfig;
+    /**
+     * The name of the tenant.
+     */
+    name?: string;
+    /**
+     * The description of the tenant.
+     */
+    description?: string;
+    roles?: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "tenants:manage" | "registrar:manage">;
+};
+type ClientSecretResponseDto = {
+    secret: string;
+};
+type UpdateClientDto = {
+    /**
+     * List of presentation config IDs this client can use. If empty/null, all configs are allowed.
+     */
+    allowedPresentationConfigs?: Array<string>;
+    /**
+     * List of issuance config IDs this client can use. If empty/null, all configs are allowed.
+     */
+    allowedIssuanceConfigs?: Array<string>;
+    /**
+     * The description of the client.
+     */
+    description?: string;
+    /**
+     * The roles assigned to the client.
+     */
+    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "tenants:manage" | "registrar:manage">;
+};
+type CreateClientDto = {
+    /**
+     * List of presentation config IDs this client can use. If empty/null, all configs are allowed.
+     */
+    allowedPresentationConfigs?: Array<string>;
+    /**
+     * List of issuance config IDs this client can use. If empty/null, all configs are allowed.
+     */
+    allowedIssuanceConfigs?: Array<string>;
+    /**
+     * The unique identifier for the client.
+     */
+    clientId: string;
+    /**
+     * The secret key for the client.
+     */
+    secret?: string;
+    /**
+     * The description of the client.
+     */
+    description?: string;
+    /**
+     * The roles assigned to the client.
+     */
+    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "tenants:manage" | "registrar:manage">;
+};
+type CertUsageEntity = {
+    tenantId: string;
+    certId: string;
+    usage: "access" | "signing" | "trustList" | "statusList";
+    cert: CertEntity;
+};
+type KeyEntity = {
+    /**
+     * Unique identifier for the key.
+     */
+    id: string;
+    /**
+     * Description of the key.
+     */
+    description?: string;
+    /**
+     * Tenant ID for the key.
+     */
+    tenantId: string;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    /**
+     * The key material.
+     * Encrypted at rest using AES-256-GCM.
+     */
+    key: {
+        [key: string]: unknown;
+    };
+    /**
+     * The usage type of the key.
+     */
+    usage: {
+        [key: string]: unknown;
+    };
+    /**
+     * Certificates associated with this key.
+     */
+    certificates: Array<CertEntity>;
+    /**
+     * The timestamp when the key was created.
+     */
+    createdAt: string;
+    /**
+     * The timestamp when the key was last updated.
+     */
+    updatedAt: string;
+};
+type CertEntity = {
+    /**
+     * The key ID this certificate is associated with
+     */
+    keyId: string;
+    /**
+     * Unique identifier for the key.
+     */
+    id: string;
+    /**
+     * Tenant ID for the key.
+     */
+    tenantId: string;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    /**
+     * Certificate chain in PEM format (leaf first, then intermediates/CA).
+     */
+    crt: Array<string>;
+    usages: Array<CertUsageEntity>;
+    /**
+     * Description of the key.
+     */
+    description?: string;
+    key: KeyEntity;
+    /**
+     * The timestamp when the certificate was created.
+     */
+    createdAt: string;
+    /**
+     * The timestamp when the certificate was last updated.
+     */
+    updatedAt: string;
+};
+type Key = {
+    kty: string;
+    x: string;
+    y: string;
+    crv: string;
+    d: string;
+    alg: string;
+};
+type KeyImportDto = {
+    /**
+     * The private key in JWK format.
+     */
+    key: Key;
+    /**
+     * Unique identifier for the key.
+     */
+    id: string;
+    /**
+     * Description of the key.
+     */
+    description?: string;
+};
+type UpdateKeyDto = {
+    /**
+     * Unique identifier for the key.
+     */
+    id: string;
+    /**
+     * Description of the key.
+     */
+    description?: string;
+};
+type CertImportDto = {
+    /**
+     * The key ID this certificate is associated with
+     */
+    keyId: string;
+    id?: string;
+    /**
+     * Usage types for the certificate.
+     */
+    certUsageTypes: Array<"access" | "signing" | "trustList" | "statusList">;
+    /**
+     * Certificate chain in PEM format (leaf first, then intermediates/CA).
+     * If not provided, a self-signed certificate will be generated.
+     */
+    crt?: Array<string>;
+    /**
+     * Subject name (CN) for self-signed certificate generation.
+     * If not provided, the tenant name will be used.
+     */
+    subjectName?: string;
+    /**
+     * Description of the key.
+     */
+    description?: string;
+};
+type CertResponseDto = {
+    /**
+     * The ID of the created self-signed certificate.
+     */
+    id: string;
+};
+type CertUpdateDto = {
+    /**
+     * Usage types for the certificate.
+     */
+    certUsageTypes: Array<"access" | "signing" | "trustList" | "statusList">;
+    usages: Array<CertUsageEntity>;
+    /**
+     * Description of the key.
+     */
+    description?: string;
+};
+type StatusListImportDto = {
+    /**
+     * Unique identifier for the status list
+     */
+    id: string;
+    /**
+     * Credential configuration ID to bind this list exclusively to. Leave empty for a shared list.
+     */
+    credentialConfigurationId?: string;
+    /**
+     * Certificate ID to use for signing. Leave empty to use the tenant's default StatusList certificate.
+     */
+    certId?: string;
+    /**
+     * Capacity of the status list. If not provided, uses tenant or global defaults.
+     */
+    capacity?: number;
+    /**
+     * Bits per status value. If not provided, uses tenant or global defaults.
+     */
+    bits?: 1 | 2 | 4 | 8;
+};
+type StatusListAggregationDto = {
+    /**
+     * Array of status list token URIs
+     */
+    status_lists: Array<string>;
+};
+type UpdateStatusListConfigDto = {
+    /**
+     * The capacity of the status list. Set to null to reset to global default.
+     */
+    capacity?: number;
+    /**
+     * Bits per status entry. Set to null to reset to global default.
+     */
+    bits?: 1 | 2 | 4 | 8;
+    /**
+     * TTL in seconds for the status list JWT. Set to null to reset to global default.
+     */
+    ttl?: number;
+    /**
+     * If true, regenerate JWT on every status change. Set to null to reset to default (false).
+     */
+    immediateUpdate?: boolean;
+    /**
+     * If true, include aggregation_uri in status list JWTs for pre-fetching support. Set to null to reset to default (true).
+     */
+    enableAggregation?: boolean;
+};
+type StatusListResponseDto = {
+    /**
+     * Unique identifier for the status list
+     */
+    id: string;
+    /**
+     * The tenant ID
+     */
+    tenantId: string;
+    /**
+     * Credential configuration ID this list is bound to. Null means shared.
+     */
+    credentialConfigurationId?: string;
+    /**
+     * Certificate ID used for signing. Null means using the tenant's default.
+     */
+    certId?: string;
+    /**
+     * Bits per status value
+     */
+    bits: 1 | 2 | 4 | 8;
+    /**
+     * Total capacity of the status list
+     */
+    capacity: number;
+    /**
+     * Number of entries in use
+     */
+    usedEntries: number;
+    /**
+     * Number of available entries
+     */
+    availableEntries: number;
+    /**
+     * The public URI for this status list
+     */
+    uri: string;
+    /**
+     * Creation timestamp
+     */
+    createdAt: string;
+    /**
+     * JWT expiration timestamp. Null if JWT has not been generated yet.
+     */
+    expiresAt?: string;
+};
+type CreateStatusListDto = {
+    /**
+     * Credential configuration ID to bind this list exclusively to. Leave empty for a shared list.
+     */
+    credentialConfigurationId?: string;
+    /**
+     * Certificate ID to use for signing. Leave empty to use the tenant's default StatusList certificate.
+     */
+    certId?: string;
+    /**
+     * Bits per status value. More bits allow more status states. Defaults to tenant configuration.
+     */
+    bits?: 1 | 2 | 4 | 8;
+    /**
+     * Maximum number of credential status entries. Defaults to tenant configuration.
+     */
+    capacity?: number;
+};
+type UpdateStatusListDto = {
+    /**
+     * Credential configuration ID to bind this list exclusively to. Set to null to make this a shared list.
+     */
+    credentialConfigurationId?: string;
+    /**
+     * Certificate ID to use for signing. Set to null to use the tenant's default StatusList certificate.
+     */
+    certId?: string;
+};
+type AuthorizeQueries = {
+    issuer_state?: string;
+    response_type?: string;
+    client_id?: string;
+    redirect_uri?: string;
+    resource?: string;
+    scope?: string;
+    code_challenge?: string;
+    code_challenge_method?: string;
+    dpop_jkt?: string;
+    request_uri?: string;
+    auth_session?: string;
+    state?: string;
+};
+type WebHookAuthConfigNone = {
+    /**
+     * The type of authentication used for the webhook.
+     */
+    type: "none";
+};
+type ApiKeyConfig = {
+    /**
+     * The name of the header where the API key will be sent.
+     */
+    headerName: string;
+    /**
+     * The value of the API key to be sent in the header.
+     */
+    value: string;
+};
+type WebHookAuthConfigHeader = {
+    /**
+     * The type of authentication used for the webhook.
+     */
+    type: "apiKey";
+    /**
+     * Configuration for API key authentication.
+     * This is required if the type is 'apiKey'.
+     */
+    config: ApiKeyConfig;
+};
+type WebhookConfig = {
+    /**
+     * Optional authentication configuration for the webhook.
+     * If not provided, no authentication will be used.
+     */
+    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    /**
+     * The URL to which the webhook will send notifications.
+     */
+    url: string;
+};
+type OfferRequestDto = {
+    /**
+     * The type of response expected for the offer request.
+     */
+    response_type: "uri" | "dc-api";
+    /**
+     * Credential claims configuration per credential. Keys must match credentialConfigurationIds.
+     */
+    credentialClaims?: {
+        additionalProperties?: {
+            type: "inline";
+            claims: {
+                [key: string]: unknown;
+            };
+        } | {
+            type: "webhook";
+            webhook: {
+                [key: string]: unknown;
+            };
+        };
+    };
+    /**
+     * The flow type for the offer request.
+     */
+    flow: "authorization_code" | "pre_authorized_code";
+    /**
+     * Transaction code for pre-authorized code flow.
+     */
+    tx_code?: string;
+    /**
+     * Description for the transaction code (e.g., "Please enter the PIN sent to your email").
+     */
+    tx_code_description?: string;
+    /**
+     * List of credential configuration ids to be included in the offer.
+     */
+    credentialConfigurationIds: Array<string>;
+    /**
+     * Optional authorization server to be used for this issuance flow.
+     */
+    authorization_server?: string;
+    /**
+     * Webhook to notify about the status of the issuance process.
+     */
+    notifyWebhook?: WebhookConfig;
+};
+type TransactionData = {
+    type: string;
+    credential_ids: Array<string>;
+};
+type Session = {
+    /**
+     * Status of the session.
+     */
+    status: "active" | "fetched" | "completed" | "expired" | "failed";
+    /**
+     * Unique identifier for the session.
+     */
+    id: string;
+    /**
+     * The timestamp when the request was created.
+     */
+    createdAt: string;
+    /**
+     * The timestamp when the request was last updated.
+     */
+    updatedAt: string;
+    /**
+     * The timestamp when the request is set to expire.
+     */
+    expiresAt?: string;
+    /**
+     * Flag indicating whether to use the DC API for the presentation request.
+     */
+    useDcApi: boolean;
+    /**
+     * Tenant ID for multi-tenancy support.
+     */
+    tenantId: string;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    authorization_code?: string;
+    /**
+     * Request URI from the authorization request.
+     */
+    request_uri?: string;
+    /**
+     * Authorization queries associated with the session.
+     * Encrypted at rest.
+     */
+    auth_queries?: AuthorizeQueries;
+    /**
+     * Credential offer object containing details about the credential offer or presentation request.
+     * Encrypted at rest.
+     */
+    offer?: {
+        [key: string]: unknown;
+    };
+    /**
+     * Offer URL for the credential offer.
+     */
+    offerUrl?: string;
+    /**
+     * Credential payload containing the offer request details.
+     * Encrypted at rest - may contain sensitive claim data.
+     */
+    credentialPayload?: OfferRequestDto;
+    /**
+     * Webhook configuration to send the result of the notification response.
+     */
+    notifyWebhook?: WebhookConfig;
+    /**
+     * Notifications associated with the session.
+     */
+    notifications: Array<{
+        [key: string]: unknown;
+    }>;
+    requestId?: string;
+    /**
+     * The URL of the presentation auth request.
+     */
+    requestUrl?: string;
+    /**
+     * Signed presentation auth request.
+     */
+    requestObject?: string;
+    /**
+     * Verified credentials from the presentation process.
+     * Encrypted at rest - contains personal information.
+     */
+    credentials?: Array<{
+        [key: string]: unknown;
+    }>;
+    /**
+     * Noncce from the Verifiable Presentation request.
+     */
+    vp_nonce?: string;
+    /**
+     * Client ID used in the OID4VP authorization request.
+     */
+    clientId?: string;
+    /**
+     * Response URI used in the OID4VP authorization request.
+     */
+    responseUri?: string;
+    /**
+     * Redirect URI to which the user-agent should be redirected after the presentation is completed.
+     */
+    redirectUri?: string;
+    /**
+     * Where to send the claims webhook response.
+     */
+    parsedWebhook?: WebhookConfig;
+    /**
+     * Transaction data to include in the OID4VP authorization request.
+     * Can be overridden per-request from the presentation configuration.
+     */
+    transaction_data?: Array<TransactionData>;
+    externalIssuer?: string;
+    /**
+     * The subject (sub) from the external authorization server token.
+     * Used to identify the user at the external AS.
+     */
+    externalSubject?: string;
+};
+type StatusUpdateDto = {
+    /**
+     * The session ID of the user
+     */
+    sessionId: string;
+    /**
+     * The ID of the credential configuration
+     * This is optional, if not provided, all credentials will be revoked of the session.
+     */
+    credentialConfigurationId?: string;
+    /**
+     * The status of the credential
+     * 0 = valid, 1 = revoked, 2 = suspended
+     */
+    status: number;
+};
+type UpdateSessionConfigDto = {
+    /**
+     * Time-to-live for sessions in seconds. Set to null to use global default.
+     */
+    ttlSeconds?: number;
+    /**
+     * Cleanup mode: 'full' deletes everything, 'anonymize' keeps metadata but removes PII.
+     */
+    cleanupMode?: "full" | "anonymize";
+};
+type AuthenticationMethodNone = {
+    method: "none";
+};
+type AuthenticationUrlConfig = {
+    /**
+     * The URL used in the OID4VCI authorized code flow.
+     * This URL is where users will be redirected for authentication.
+     */
+    url: string;
+    /**
+     * Optional webhook configuration for authentication callbacks
+     */
+    webhook?: WebhookConfig;
+};
+type AuthenticationMethodAuth = {
+    method: "auth";
+    config: AuthenticationUrlConfig;
+};
+type PresentationDuringIssuanceConfig = {
+    /**
+     * Link to the presentation configuration that is relevant for the issuance process
+     */
+    type: string;
+};
+type AuthenticationMethodPresentation = {
+    method: "presentationDuringIssuance";
+    config: PresentationDuringIssuanceConfig;
+};
+type UpstreamOidcConfig = {
+    /**
+     * The OIDC issuer URL of the upstream provider
+     */
+    issuer: string;
+    /**
+     * The client ID registered with the upstream provider
+     */
+    clientId: string;
+    /**
+     * The client secret for confidential clients
+     */
+    clientSecret?: string;
+    /**
+     * Scopes to request from the upstream provider
+     */
+    scopes?: Array<string>;
+};
+type ChainedAsTokenConfig = {
+    /**
+     * Access token lifetime in seconds
+     */
+    lifetimeSeconds?: number;
+    /**
+     * Key ID for token signing
+     */
+    signingKeyId?: string;
+};
+type ChainedAsConfig = {
+    /**
+     * Enable chained AS mode
+     */
+    enabled: boolean;
+    /**
+     * Upstream OIDC provider configuration
+     */
+    upstream?: UpstreamOidcConfig;
+    /**
+     * Token configuration
+     */
+    token?: ChainedAsTokenConfig;
+    /**
+     * Require DPoP binding for tokens
+     */
+    requireDPoP?: boolean;
+};
+type DisplayLogo = {
+    uri: string;
+    alt_text?: string;
+};
+type DisplayInfo = {
+    name?: string;
+    locale?: string;
+    logo?: DisplayLogo;
+};
+type IssuanceConfig = {
+    /**
+     * Configuration for Chained Authorization Server mode.
+     * When enabled, EUDIPLO acts as an OAuth AS facade, delegating user authentication
+     * to an upstream OIDC provider while issuing its own tokens with issuer_state.
+     */
+    chainedAs?: ChainedAsConfig;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    /**
+     * Authentication server URL for the issuance process.
+     */
+    authServers?: Array<string>;
+    /**
+     * Value to determine the amount of credentials that are issued in a batch.
+     * Default is 1.
+     */
+    batchSize?: number;
+    /**
+     * Indicates whether DPoP is required for the issuance process. Default value is true.
+     */
+    dPopRequired?: boolean;
+    /**
+     * Indicates whether wallet attestation is required for the token endpoint.
+     * When enabled, wallets must provide OAuth-Client-Attestation headers.
+     * Default value is false.
+     */
+    walletAttestationRequired?: boolean;
+    /**
+     * URLs of trust lists containing trusted wallet providers.
+     * The wallet attestation's X.509 certificate will be validated against these trust lists.
+     * If empty and walletAttestationRequired is true, all wallet providers are rejected.
+     */
+    walletProviderTrustLists?: Array<string>;
+    display: Array<DisplayInfo>;
+    /**
+     * The timestamp when the VP request was created.
+     */
+    createdAt: string;
+    /**
+     * The timestamp when the VP request was last updated.
+     */
+    updatedAt: string;
+};
+type IssuanceDto = {
+    /**
+     * Configuration for Chained Authorization Server mode.
+     * When enabled, EUDIPLO acts as an OAuth AS facade, delegating user authentication
+     * to an upstream OIDC provider while issuing its own tokens with issuer_state.
+     */
+    chainedAs?: ChainedAsConfig;
+    /**
+     * Authentication server URL for the issuance process.
+     */
+    authServers?: Array<string>;
+    /**
+     * Value to determine the amount of credentials that are issued in a batch.
+     * Default is 1.
+     */
+    batchSize?: number;
+    /**
+     * Indicates whether DPoP is required for the issuance process. Default value is true.
+     */
+    dPopRequired?: boolean;
+    /**
+     * Indicates whether wallet attestation is required for the token endpoint.
+     * When enabled, wallets must provide OAuth-Client-Attestation headers.
+     * Default value is false.
+     */
+    walletAttestationRequired?: boolean;
+    /**
+     * URLs of trust lists containing trusted wallet providers.
+     * The wallet attestation's X.509 certificate will be validated against these trust lists.
+     * If empty and walletAttestationRequired is true, all wallet providers are rejected.
+     */
+    walletProviderTrustLists?: Array<string>;
+    display: Array<DisplayInfo>;
+};
+type ClaimsQuery = {
+    id: string;
+    path: Array<string>;
+    values?: Array<{
+        [key: string]: unknown;
+    }>;
+};
+type Claim = {
+    path: Array<string>;
+};
+type TrustedAuthorityQuery = {
+    type: "aki" | "etsi_tl";
+    values: Array<string>;
+};
+type CredentialQuery = {
+    id: string;
+    format: string;
+    multiple?: boolean;
+    claims?: Array<Claim>;
+    meta: {
+        [key: string]: unknown;
+    };
+    trusted_authorities?: Array<TrustedAuthorityQuery>;
+};
+type CredentialSetQuery = {
+    options: Array<Array<string>>;
+    required?: boolean;
+};
+type PolicyCredential = {
+    claims?: Array<ClaimsQuery>;
+    credentials: Array<CredentialQuery>;
+    credential_sets?: Array<CredentialSetQuery>;
+};
+type AttestationBasedPolicy = {
+    policy: "attestationBased";
+    values: Array<PolicyCredential>;
+};
+type NoneTrustPolicy = {
+    policy: "none";
+};
+type AllowListPolicy = {
+    policy: "allowList";
+    values: Array<string>;
+};
+type RootOfTrustPolicy = {
+    policy: "rootOfTrust";
+    values: string;
+};
+type Vct = {
+    vct?: string;
+    name?: string;
+    description?: string;
+    extends?: string;
+    "extends#integrity"?: string;
+    schema_uri?: string;
+    "schema_uri#integrity"?: string;
+};
+type IaeActionOpenid4VpPresentation = {
+    /**
+     * Action type discriminator
+     */
+    type: "openid4vp_presentation";
+    /**
+     * Optional label for this step (for display purposes)
+     */
+    label?: string;
+    /**
+     * ID of the presentation configuration to use for this step
+     */
+    presentationConfigId: string;
+};
+type IaeActionRedirectToWeb = {
+    /**
+     * Action type discriminator
+     */
+    type: "redirect_to_web";
+    /**
+     * Optional label for this step (for display purposes)
+     */
+    label?: string;
+    /**
+     * URL to redirect the user to for web-based interaction
+     */
+    url: string;
+    /**
+     * URL where the external service should redirect back after completion. If not provided, the service must call back to the IAE endpoint.
+     */
+    callbackUrl?: string;
+    /**
+     * Description of what the user should do on the web page (for wallet display)
+     */
+    description?: string;
+};
+type EmbeddedDisclosurePolicy = {
+    policy: string;
+};
+type DisplayImage = {
+    uri: string;
+};
+type Display = {
+    name: string;
+    description: string;
+    locale: string;
+    background_color?: string;
+    text_color?: string;
+    background_image?: DisplayImage;
+    logo?: DisplayImage;
+};
+type IssuerMetadataCredentialConfig = {
+    format: "mso_mdoc" | "dc+sd-jwt";
+    display: Array<Display>;
+    scope?: string;
+    /**
+     * Document type for mDOC credentials (e.g., "org.iso.18013.5.1.mDL").
+     * Only applicable when format is "mso_mdoc".
+     */
+    docType?: string;
+    /**
+     * Namespace for mDOC credentials (e.g., "org.iso.18013.5.1").
+     * Only applicable when format is "mso_mdoc".
+     * Used when claims are provided as a flat object.
+     */
+    namespace?: string;
+    /**
+     * Claims organized by namespace for mDOC credentials.
+     * Allows specifying claims across multiple namespaces.
+     * Only applicable when format is "mso_mdoc".
+     * Example:
+     * {
+     * "org.iso.18013.5.1": { "given_name": "John", "family_name": "Doe" },
+     * "org.iso.18013.5.1.aamva": { "DHS_compliance": "F" }
+     * }
+     */
+    claimsByNamespace?: {
+        [key: string]: unknown;
+    };
+};
+type SchemaResponse = {
+    $schema: string;
+    type: string;
+    properties: {
+        [key: string]: unknown;
+    };
+    required?: Array<string>;
+    title?: string;
+    description?: string;
+};
+type CredentialConfig = {
+    /**
+     * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
+     */
+    vct?: string | Vct;
+    /**
+     * List of IAE actions to execute before credential issuance
+     */
+    iaeActions?: Array<IaeActionOpenid4VpPresentation | IaeActionRedirectToWeb>;
+    /**
+     * Embedded disclosure policy (discriminated union by `policy`).
+     * The discriminator makes class-transformer instantiate the right subclass,
+     * and then class-validator runs that subclass’s rules.
+     */
+    embeddedDisclosurePolicy?: EmbeddedDisclosurePolicy;
+    id: string;
+    description?: string;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    config: IssuerMetadataCredentialConfig;
+    claims?: {
+        [key: string]: unknown;
+    };
+    /**
+     * Webhook to receive claims for the issuance process.
+     */
+    claimsWebhook?: WebhookConfig;
+    /**
+     * Webhook to receive claims for the issuance process.
+     */
+    notificationWebhook?: WebhookConfig;
+    disclosureFrame?: {
+        [key: string]: unknown;
+    };
+    keyBinding?: boolean;
+    /**
+     * Reference to the certificate used for signing.
+     * Note: No DB-level FK constraint because CertEntity has a composite PK
+     * (id + tenantId) and SET NULL behavior cannot work when tenantId is
+     * part of this entity's own PK.
+     */
+    certId?: string;
+    cert?: CertEntity;
+    statusManagement?: boolean;
+    lifeTime?: number;
+    schema?: SchemaResponse;
+};
+type CredentialConfigCreate = {
+    /**
+     * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
+     */
+    vct?: string | Vct;
+    /**
+     * List of IAE actions to execute before credential issuance
+     */
+    iaeActions?: Array<IaeActionOpenid4VpPresentation | IaeActionRedirectToWeb>;
+    /**
+     * Embedded disclosure policy (discriminated union by `policy`).
+     * The discriminator makes class-transformer instantiate the right subclass,
+     * and then class-validator runs that subclass’s rules.
+     */
+    embeddedDisclosurePolicy?: EmbeddedDisclosurePolicy;
+    id: string;
+    description?: string;
+    config: IssuerMetadataCredentialConfig;
+    claims?: {
+        [key: string]: unknown;
+    };
+    /**
+     * Webhook to receive claims for the issuance process.
+     */
+    claimsWebhook?: WebhookConfig;
+    /**
+     * Webhook to receive claims for the issuance process.
+     */
+    notificationWebhook?: WebhookConfig;
+    disclosureFrame?: {
+        [key: string]: unknown;
+    };
+    keyBinding?: boolean;
+    /**
+     * Reference to the certificate used for signing.
+     * Note: No DB-level FK constraint because CertEntity has a composite PK
+     * (id + tenantId) and SET NULL behavior cannot work when tenantId is
+     * part of this entity's own PK.
+     */
+    certId?: string;
+    statusManagement?: boolean;
+    lifeTime?: number;
+    schema?: SchemaResponse;
+};
+type CredentialConfigUpdate = {
+    /**
+     * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
+     */
+    vct?: string | Vct;
+    /**
+     * List of IAE actions to execute before credential issuance
+     */
+    iaeActions?: Array<IaeActionOpenid4VpPresentation | IaeActionRedirectToWeb>;
+    /**
+     * Embedded disclosure policy (discriminated union by `policy`).
+     * The discriminator makes class-transformer instantiate the right subclass,
+     * and then class-validator runs that subclass’s rules.
+     */
+    embeddedDisclosurePolicy?: EmbeddedDisclosurePolicy;
+    id?: string;
+    description?: string;
+    config?: IssuerMetadataCredentialConfig;
+    claims?: {
+        [key: string]: unknown;
+    };
+    /**
+     * Webhook to receive claims for the issuance process.
+     */
+    claimsWebhook?: WebhookConfig;
+    /**
+     * Webhook to receive claims for the issuance process.
+     */
+    notificationWebhook?: WebhookConfig;
+    disclosureFrame?: {
+        [key: string]: unknown;
+    };
+    keyBinding?: boolean;
+    /**
+     * Reference to the certificate used for signing.
+     * Note: No DB-level FK constraint because CertEntity has a composite PK
+     * (id + tenantId) and SET NULL behavior cannot work when tenantId is
+     * part of this entity's own PK.
+     */
+    certId?: string;
+    statusManagement?: boolean;
+    lifeTime?: number;
+    schema?: SchemaResponse;
+};
+type Dcql = {
+    credentials: Array<CredentialQuery>;
+    credential_sets?: Array<CredentialSetQuery>;
+};
+type RegistrationCertificateRequest = {
+    /**
+     * The body of the registration certificate request containing the necessary details.
+     */
+    jwt: string;
+};
+type PresentationAttachment = {
+    format: string;
+    data: {
+        [key: string]: unknown;
+    };
+    credential_ids?: Array<string>;
+};
+type PresentationConfig = {
+    /**
+     * Unique identifier for the VP request.
+     */
+    id: string;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    /**
+     * Description of the presentation configuration.
+     */
+    description?: string;
+    /**
+     * Lifetime how long the presentation request is valid after creation, in seconds.
+     */
+    lifeTime?: number;
+    /**
+     * The DCQL query to be used for the VP request.
+     */
+    dcql_query: Dcql;
+    transaction_data?: Array<TransactionData>;
+    /**
+     * The registration certificate request containing the necessary details.
+     */
+    registrationCert?: RegistrationCertificateRequest;
+    /**
+     * Optional webhook URL to receive the response.
+     */
+    webhook?: WebhookConfig;
+    /**
+     * The timestamp when the VP request was created.
+     */
+    createdAt: string;
+    /**
+     * The timestamp when the VP request was last updated.
+     */
+    updatedAt: string;
+    /**
+     * Attestation that should be attached
+     */
+    attached?: Array<PresentationAttachment>;
+    /**
+     * Redirect URI to which the user-agent should be redirected after the presentation is completed.
+     * You can use the `{sessionId}` placeholder in the URI, which will be replaced with the actual session ID.
+     */
+    redirectUri?: string;
+    /**
+     * Optional ID of the access certificate to use for signing the presentation request.
+     * If not provided, the default access certificate for the tenant will be used.
+     *
+     * Note: This is intentionally NOT a TypeORM relationship because CertEntity uses
+     * a composite primary key (id + tenantId), and SQLite cannot create foreign keys
+     * that reference only part of a composite primary key. The relationship is handled
+     * at the application level in the service layer.
+     */
+    accessCertId?: string;
+};
+type PresentationConfigCreateDto = {
+    /**
+     * Unique identifier for the VP request.
+     */
+    id: string;
+    /**
+     * Description of the presentation configuration.
+     */
+    description?: string;
+    /**
+     * Lifetime how long the presentation request is valid after creation, in seconds.
+     */
+    lifeTime?: number;
+    /**
+     * The DCQL query to be used for the VP request.
+     */
+    dcql_query: Dcql;
+    transaction_data?: Array<TransactionData>;
+    /**
+     * The registration certificate request containing the necessary details.
+     */
+    registrationCert?: RegistrationCertificateRequest;
+    /**
+     * Optional webhook URL to receive the response.
+     */
+    webhook?: WebhookConfig;
+    /**
+     * Attestation that should be attached
+     */
+    attached?: Array<PresentationAttachment>;
+    /**
+     * Redirect URI to which the user-agent should be redirected after the presentation is completed.
+     * You can use the `{sessionId}` placeholder in the URI, which will be replaced with the actual session ID.
+     */
+    redirectUri?: string;
+    /**
+     * Optional ID of the access certificate to use for signing the presentation request.
+     * If not provided, the default access certificate for the tenant will be used.
+     *
+     * Note: This is intentionally NOT a TypeORM relationship because CertEntity uses
+     * a composite primary key (id + tenantId), and SQLite cannot create foreign keys
+     * that reference only part of a composite primary key. The relationship is handled
+     * at the application level in the service layer.
+     */
+    accessCertId?: string;
+};
+type PresentationConfigUpdateDto = {
+    /**
+     * Unique identifier for the VP request.
+     */
+    id?: string;
+    /**
+     * Description of the presentation configuration.
+     */
+    description?: string;
+    /**
+     * Lifetime how long the presentation request is valid after creation, in seconds.
+     */
+    lifeTime?: number;
+    /**
+     * The DCQL query to be used for the VP request.
+     */
+    dcql_query?: Dcql;
+    transaction_data?: Array<TransactionData>;
+    /**
+     * The registration certificate request containing the necessary details.
+     */
+    registrationCert?: RegistrationCertificateRequest;
+    /**
+     * Optional webhook URL to receive the response.
+     */
+    webhook?: WebhookConfig;
+    /**
+     * Attestation that should be attached
+     */
+    attached?: Array<PresentationAttachment>;
+    /**
+     * Redirect URI to which the user-agent should be redirected after the presentation is completed.
+     * You can use the `{sessionId}` placeholder in the URI, which will be replaced with the actual session ID.
+     */
+    redirectUri?: string;
+    /**
+     * Optional ID of the access certificate to use for signing the presentation request.
+     * If not provided, the default access certificate for the tenant will be used.
+     *
+     * Note: This is intentionally NOT a TypeORM relationship because CertEntity uses
+     * a composite primary key (id + tenantId), and SQLite cannot create foreign keys
+     * that reference only part of a composite primary key. The relationship is handled
+     * at the application level in the service layer.
+     */
+    accessCertId?: string;
+};
+type DeferredCredentialRequestDto = {
+    /**
+     * The transaction identifier previously returned by the Credential Endpoint
+     */
+    transaction_id: string;
+};
+type NotificationRequestDto = {
+    notification_id: string;
+    event: {
+        [key: string]: unknown;
+    };
+};
+type ParResponseDto = {
+    /**
+     * The request URI for the Pushed Authorization Request.
+     */
+    request_uri: string;
+    /**
+     * The expiration time for the request URI in seconds.
+     */
+    expires_in: number;
+};
+type InteractiveAuthorizationRequestDto = {
+    /**
+     * Response type (for initial request)
+     */
+    response_type?: string;
+    /**
+     * Client identifier (for initial request)
+     */
+    client_id?: string;
+    /**
+     * Comma-separated list of supported interaction types (for initial request)
+     */
+    interaction_types_supported?: string;
+    /**
+     * Redirect URI (for initial request)
+     */
+    redirect_uri?: string;
+    /**
+     * OAuth scope
+     */
+    scope?: string;
+    /**
+     * PKCE code challenge
+     */
+    code_challenge?: string;
+    /**
+     * PKCE code challenge method
+     */
+    code_challenge_method?: string;
+    /**
+     * Authorization details
+     */
+    authorization_details?: {
+        [key: string]: unknown;
+    };
+    /**
+     * State parameter
+     */
+    state?: string;
+    /**
+     * Issuer state from credential offer
+     */
+    issuer_state?: string;
+    /**
+     * Auth session identifier (for follow-up request)
+     */
+    auth_session?: string;
+    /**
+     * OpenID4VP response (for follow-up request)
+     */
+    openid4vp_response?: string;
+    /**
+     * PKCE code verifier (for follow-up request)
+     */
+    code_verifier?: string;
+    /**
+     * JAR request JWT (by value)
+     */
+    request?: string;
+    /**
+     * JAR request URI (by reference)
+     */
+    request_uri?: string;
+};
+type InteractiveAuthorizationCodeResponseDto = {
+    /**
+     * Response status
+     */
+    status: string;
+    /**
+     * Authorization code
+     */
+    code: string;
+};
+type InteractiveAuthorizationErrorResponseDto = {
+    /**
+     * OAuth error code
+     */
+    error: string;
+    /**
+     * Human-readable error description
+     */
+    error_description?: string;
+};
+type ChainedAsParRequestDto = {
+    /**
+     * OAuth response type (must be 'code')
+     */
+    response_type: string;
+    /**
+     * Client identifier (wallet identifier)
+     */
+    client_id: string;
+    /**
+     * URI to redirect the wallet after authorization
+     */
+    redirect_uri: string;
+    /**
+     * PKCE code challenge
+     */
+    code_challenge?: string;
+    /**
+     * PKCE code challenge method (e.g., S256)
+     */
+    code_challenge_method?: string;
+    /**
+     * State parameter (returned in redirect)
+     */
+    state?: string;
+    /**
+     * Scope requested
+     */
+    scope?: string;
+    /**
+     * Issuer state from credential offer
+     */
+    issuer_state?: string;
+    /**
+     * Authorization details (JSON array)
+     */
+    authorization_details?: Array<{
+        [key: string]: unknown;
+    }>;
+};
+type ChainedAsParResponseDto = {
+    /**
+     * The request URI to use at the authorization endpoint
+     */
+    request_uri: string;
+    /**
+     * The lifetime of the request URI in seconds
+     */
+    expires_in: number;
+};
+type ChainedAsErrorResponseDto = {
+    /**
+     * Error code
+     */
+    error: string;
+    /**
+     * Human-readable error description
+     */
+    error_description?: string;
+};
+type ChainedAsTokenRequestDto = {
+    /**
+     * Grant type (must be 'authorization_code')
+     */
+    grant_type: string;
+    /**
+     * Authorization code received in the callback
+     */
+    code: string;
+    /**
+     * Client identifier
+     */
+    client_id?: string;
+    /**
+     * Redirect URI (must match the one used in PAR)
+     */
+    redirect_uri?: string;
+    /**
+     * PKCE code verifier
+     */
+    code_verifier?: string;
+};
+type ChainedAsTokenResponseDto = {
+    /**
+     * The access token
+     */
+    access_token: string;
+    /**
+     * Token type (Bearer or DPoP)
+     */
+    token_type: string;
+    /**
+     * Token lifetime in seconds
+     */
+    expires_in: number;
+    /**
+     * Scope granted
+     */
+    scope?: string;
+    /**
+     * Authorized credential configurations
+     */
+    authorization_details?: Array<{
+        [key: string]: unknown;
+    }>;
+    /**
+     * C_NONCE for credential request
+     */
+    c_nonce?: string;
+    /**
+     * C_NONCE lifetime in seconds
+     */
+    c_nonce_expires_in?: number;
+};
+type OfferResponse = {
+    uri: string;
+    /**
+     * URI for cross-device flows (no redirect after completion)
+     */
+    crossDeviceUri?: string;
+    session: string;
+};
+type CompleteDeferredDto = {
+    [key: string]: unknown;
+};
+type DeferredOperationResponse = {
+    [key: string]: unknown;
+};
+type FailDeferredDto = {
+    [key: string]: unknown;
+};
+type EcPublic = {
+    /**
+     * The key type, which is always 'EC' for Elliptic Curve keys.
+     */
+    kty: string;
+    /**
+     * The algorithm intended for use with the key, such as 'ES256'.
+     */
+    crv: string;
+    /**
+     * The x coordinate of the EC public key.
+     */
+    x: string;
+    /**
+     * The y coordinate of the EC public key.
+     */
+    y: string;
+};
+type JwksResponseDto = {
+    /**
+     * An array of EC public keys in JWK format.
+     */
+    keys: Array<EcPublic>;
+};
+type AuthorizationResponse = {
+    /**
+     * The response string containing the authorization details.
+     */
+    response: string;
+    /**
+     * When set to true, the authorization response will be sent to the client.
+     */
+    sendResponse?: boolean;
+};
+type RegistrarConfigEntity = {
+    /**
+     * The base URL of the registrar API
+     */
+    registrarUrl: string;
+    /**
+     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
+     */
+    oidcUrl: string;
+    /**
+     * The OIDC client ID for the registrar
+     */
+    clientId: string;
+    /**
+     * The OIDC client secret (optional, for confidential clients)
+     */
+    clientSecret?: string;
+    /**
+     * The username for OIDC login
+     */
+    username: string;
+    /**
+     * The password for OIDC login (stored in plaintext)
+     */
+    password: string;
+    /**
+     * The tenant ID this configuration belongs to.
+     */
+    tenantId: string;
+    /**
+     * The tenant that owns this configuration.
+     */
+    tenant: TenantEntity;
+};
+type CreateRegistrarConfigDto = {
+    /**
+     * The base URL of the registrar API
+     */
+    registrarUrl: string;
+    /**
+     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
+     */
+    oidcUrl: string;
+    /**
+     * The OIDC client ID for the registrar
+     */
+    clientId: string;
+    /**
+     * The OIDC client secret (optional, for confidential clients)
+     */
+    clientSecret?: string;
+    /**
+     * The username for OIDC login
+     */
+    username: string;
+    /**
+     * The password for OIDC login (stored in plaintext)
+     */
+    password: string;
+};
+type UpdateRegistrarConfigDto = {
+    /**
+     * The base URL of the registrar API
+     */
+    registrarUrl?: string;
+    /**
+     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
+     */
+    oidcUrl?: string;
+    /**
+     * The OIDC client ID for the registrar
+     */
+    clientId?: string;
+    /**
+     * The OIDC client secret (optional, for confidential clients)
+     */
+    clientSecret?: string;
+    /**
+     * The username for OIDC login
+     */
+    username?: string;
+    /**
+     * The password for OIDC login (stored in plaintext)
+     */
+    password?: string;
+};
+type CreateAccessCertificateDto = {
+    /**
+     * The ID of the key to create an access certificate for
+     */
+    keyId: string;
+};
+type TrustListCreateDto = {
+    id?: string;
+    certId?: string;
+    entities: Array<{
+        [key: string]: unknown;
+    }>;
+    description?: string;
+    /**
+     * The full trust list JSON (generated LoTE structure)
+     */
+    data?: {
+        [key: string]: unknown;
+    };
+};
+type TrustList = {
+    /**
+     * Unique identifier for the trust list
+     */
+    id: string;
+    description?: string;
+    /**
+     * The tenant ID for which the VP request is made.
+     */
+    tenantId: string;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    certId: string;
+    cert: CertEntity;
+    /**
+     * The full trust list JSON (generated LoTE structure)
+     */
+    data?: {
+        [key: string]: unknown;
+    };
+    /**
+     * The original entity configuration used to create this trust list.
+     * Stored for round-tripping when editing.
+     */
+    entityConfig?: Array<{
+        [key: string]: unknown;
+    }>;
+    /**
+     * The sequence number for versioning (incremented on updates)
+     */
+    sequenceNumber: number;
+    /**
+     * The signed JWT representation of this trust list
+     */
+    jwt: string;
+    createdAt: string;
+    updatedAt: string;
+};
+type TrustListVersion = {
+    id: string;
+    trustListId: string;
+    trustList: TrustList;
+    tenantId: string;
+    /**
+     * The sequence number at the time this version was created
+     */
+    sequenceNumber: number;
+    /**
+     * The full trust list JSON at this version
+     */
+    data: {
+        [key: string]: unknown;
+    };
+    /**
+     * The entity configuration at this version
+     */
+    entityConfig?: {
+        [key: string]: unknown;
+    };
+    /**
+     * The signed JWT at this version
+     */
+    jwt: string;
+    createdAt: string;
+};
+type PresentationRequest = {
+    /**
+     * The type of response expected from the presentation request.
+     */
+    response_type: "uri" | "dc-api";
+    /**
+     * Identifier of the presentation configuration
+     */
+    requestId: string;
+    /**
+     * Webhook configuration to receive the response.
+     * If not provided, the configured webhook from the configuration will be used.
+     */
+    webhook?: WebhookConfig;
+    /**
+     * Optional redirect URI to which the user-agent should be redirected after the presentation is completed.
+     * You can use the `{sessionId}` placeholder in the URI, which will be replaced with the actual session ID.
+     */
+    redirectUri?: string;
+    /**
+     * Optional transaction data to include in the OID4VP request.
+     * If provided, this will override the transaction_data from the presentation configuration.
+     */
+    transaction_data?: Array<TransactionData>;
+};
+type FileUploadDto = {
+    file: Blob | File;
+};
+type AppControllerMainData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/";
+};
+type AppControllerMainResponses = {
+    200: unknown;
+};
+type HealthControllerCheckData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/health";
+};
+type HealthControllerCheckErrors = {
+    /**
+     * The Health Check is not successful
+     */
+    503: {
+        status?: string;
+        info?: {
+            [key: string]: {
+                status: string;
+                [key: string]: unknown | string;
+            };
+        };
+        error?: {
+            [key: string]: {
+                status: string;
+                [key: string]: unknown | string;
+            };
+        };
+        details?: {
+            [key: string]: {
+                status: string;
+                [key: string]: unknown | string;
+            };
+        };
+    };
+};
+type HealthControllerCheckError = HealthControllerCheckErrors[keyof HealthControllerCheckErrors];
+type HealthControllerCheckResponses = {
+    /**
+     * The Health Check is successful
+     */
+    200: {
+        status?: string;
+        info?: {
+            [key: string]: {
+                status: string;
+                [key: string]: unknown | string;
+            };
+        };
+        error?: {
+            [key: string]: {
+                status: string;
+                [key: string]: unknown | string;
+            };
+        };
+        details?: {
+            [key: string]: {
+                status: string;
+                [key: string]: unknown | string;
+            };
+        };
+    };
+};
+type HealthControllerCheckResponse = HealthControllerCheckResponses[keyof HealthControllerCheckResponses];
+type AuthControllerGetOAuth2TokenData = {
+    body: ClientCredentialsDto;
+    path?: never;
+    query?: never;
+    url: "/oauth2/token";
+};
+type AuthControllerGetOAuth2TokenErrors = {
+    /**
+     * Invalid client credentials
+     */
+    401: unknown;
+};
+type AuthControllerGetOAuth2TokenResponses = {
+    /**
+     * OAuth2 token response
+     */
+    200: TokenResponse;
+    201: TokenResponse;
+};
+type AuthControllerGetOAuth2TokenResponse = AuthControllerGetOAuth2TokenResponses[keyof AuthControllerGetOAuth2TokenResponses];
+type AuthControllerGetOidcDiscoveryData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/.well-known/oauth-authorization-server";
+};
+type AuthControllerGetOidcDiscoveryResponses = {
+    /**
+     * OIDC Discovery Configuration
+     */
+    200: unknown;
+};
+type AuthControllerGetGlobalJwksData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/.well-known/jwks.json";
+};
+type AuthControllerGetGlobalJwksResponses = {
+    /**
+     * JSON Web Key Set
+     */
+    200: unknown;
+};
+type TenantControllerGetTenantsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/tenant";
+};
+type TenantControllerGetTenantsResponses = {
+    200: Array<TenantEntity>;
+};
+type TenantControllerGetTenantsResponse = TenantControllerGetTenantsResponses[keyof TenantControllerGetTenantsResponses];
+type TenantControllerInitTenantData = {
+    body: CreateTenantDto;
+    path?: never;
+    query?: never;
+    url: "/tenant";
+};
+type TenantControllerInitTenantResponses = {
+    201: {
+        [key: string]: unknown;
+    };
+};
+type TenantControllerInitTenantResponse = TenantControllerInitTenantResponses[keyof TenantControllerInitTenantResponses];
+type TenantControllerDeleteTenantData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/tenant/{id}";
+};
+type TenantControllerDeleteTenantResponses = {
+    200: unknown;
+};
+type TenantControllerGetTenantData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/tenant/{id}";
+};
+type TenantControllerGetTenantResponses = {
+    200: TenantEntity;
+};
+type TenantControllerGetTenantResponse = TenantControllerGetTenantResponses[keyof TenantControllerGetTenantResponses];
+type TenantControllerUpdateTenantData = {
+    body: UpdateTenantDto;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/tenant/{id}";
+};
+type TenantControllerUpdateTenantResponses = {
+    200: TenantEntity;
+};
+type TenantControllerUpdateTenantResponse = TenantControllerUpdateTenantResponses[keyof TenantControllerUpdateTenantResponses];
+type ClientControllerGetClientsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/client";
+};
+type ClientControllerGetClientsResponses = {
+    200: Array<ClientEntity>;
+};
+type ClientControllerGetClientsResponse = ClientControllerGetClientsResponses[keyof ClientControllerGetClientsResponses];
+type ClientControllerCreateClientData = {
+    body: CreateClientDto;
+    path?: never;
+    query?: never;
+    url: "/client";
+};
+type ClientControllerCreateClientResponses = {
+    201: ClientEntity;
+};
+type ClientControllerCreateClientResponse = ClientControllerCreateClientResponses[keyof ClientControllerCreateClientResponses];
+type ClientControllerDeleteClientData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/client/{id}";
+};
+type ClientControllerDeleteClientResponses = {
+    200: unknown;
+};
+type ClientControllerGetClientData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/client/{id}";
+};
+type ClientControllerGetClientResponses = {
+    200: ClientEntity;
+};
+type ClientControllerGetClientResponse = ClientControllerGetClientResponses[keyof ClientControllerGetClientResponses];
+type ClientControllerUpdateClientData = {
+    body: UpdateClientDto;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/client/{id}";
+};
+type ClientControllerUpdateClientResponses = {
+    200: {
+        [key: string]: unknown;
+    };
+};
+type ClientControllerUpdateClientResponse = ClientControllerUpdateClientResponses[keyof ClientControllerUpdateClientResponses];
+type ClientControllerGetClientSecretData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/client/{id}/secret";
+};
+type ClientControllerGetClientSecretResponses = {
+    200: ClientSecretResponseDto;
+};
+type ClientControllerGetClientSecretResponse = ClientControllerGetClientSecretResponses[keyof ClientControllerGetClientSecretResponses];
+type ClientControllerRotateClientSecretData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/client/{id}/rotate-secret";
+};
+type ClientControllerRotateClientSecretResponses = {
+    201: ClientSecretResponseDto;
+};
+type ClientControllerRotateClientSecretResponse = ClientControllerRotateClientSecretResponses[keyof ClientControllerRotateClientSecretResponses];
+type KeyControllerGetKeysData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/key";
+};
+type KeyControllerGetKeysResponses = {
+    200: Array<KeyEntity>;
+};
+type KeyControllerGetKeysResponse = KeyControllerGetKeysResponses[keyof KeyControllerGetKeysResponses];
+type KeyControllerAddKeyData = {
+    body: KeyImportDto;
+    path?: never;
+    query?: never;
+    url: "/key";
+};
+type KeyControllerAddKeyResponses = {
+    201: unknown;
+};
+type KeyControllerDeleteKeyData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/key/{id}";
+};
+type KeyControllerDeleteKeyResponses = {
+    200: unknown;
+};
+type KeyControllerGetKeyData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/key/{id}";
+};
+type KeyControllerGetKeyResponses = {
+    200: KeyEntity;
+};
+type KeyControllerGetKeyResponse = KeyControllerGetKeyResponses[keyof KeyControllerGetKeyResponses];
+type KeyControllerUpdateKeyData = {
+    body: UpdateKeyDto;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/key/{id}";
+};
+type KeyControllerUpdateKeyResponses = {
+    200: unknown;
+};
+type CertControllerGetCertificatesData = {
+    body?: never;
+    path?: never;
+    query?: {
+        keyId?: string;
+    };
+    url: "/certs";
+};
+type CertControllerGetCertificatesResponses = {
+    200: Array<CertEntity>;
+};
+type CertControllerGetCertificatesResponse = CertControllerGetCertificatesResponses[keyof CertControllerGetCertificatesResponses];
+type CertControllerAddCertificateData = {
+    body: CertImportDto;
+    path?: never;
+    query?: never;
+    url: "/certs";
+};
+type CertControllerAddCertificateResponses = {
+    201: CertResponseDto;
+};
+type CertControllerAddCertificateResponse = CertControllerAddCertificateResponses[keyof CertControllerAddCertificateResponses];
+type CertControllerDeleteCertificateData = {
+    body?: never;
+    path: {
+        certId: string;
+    };
+    query?: never;
+    url: "/certs/{certId}";
+};
+type CertControllerDeleteCertificateResponses = {
+    200: unknown;
+};
+type CertControllerGetCertificateData = {
+    body?: never;
+    path: {
+        certId: string;
+    };
+    query?: never;
+    url: "/certs/{certId}";
+};
+type CertControllerGetCertificateResponses = {
+    200: CertEntity;
+};
+type CertControllerGetCertificateResponse = CertControllerGetCertificateResponses[keyof CertControllerGetCertificateResponses];
+type CertControllerUpdateCertificateData = {
+    body: CertUpdateDto;
+    path: {
+        certId: string;
+    };
+    query?: never;
+    url: "/certs/{certId}";
+};
+type CertControllerUpdateCertificateResponses = {
+    200: unknown;
+};
+type CertControllerExportConfigData = {
+    body?: never;
+    path: {
+        certId: string;
+    };
+    query?: never;
+    url: "/certs/{certId}/config";
+};
+type CertControllerExportConfigResponses = {
+    200: CertImportDto;
+};
+type CertControllerExportConfigResponse = CertControllerExportConfigResponses[keyof CertControllerExportConfigResponses];
+type StatusListControllerGetListData = {
+    body?: never;
+    path: {
+        tenantId: string;
+        listId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/status-management/status-list/{listId}";
+};
+type StatusListControllerGetListResponses = {
+    200: string;
+};
+type StatusListControllerGetListResponse = StatusListControllerGetListResponses[keyof StatusListControllerGetListResponses];
+type StatusListControllerGetStatusListAggregationData = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/status-management/status-list-aggregation";
+};
+type StatusListControllerGetStatusListAggregationResponses = {
+    /**
+     * List of status list URIs
+     */
+    200: StatusListAggregationDto;
+};
+type StatusListControllerGetStatusListAggregationResponse = StatusListControllerGetStatusListAggregationResponses[keyof StatusListControllerGetStatusListAggregationResponses];
+type StatusListConfigControllerResetConfigData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/status-list-config";
+};
+type StatusListConfigControllerResetConfigResponses = {
+    /**
+     * Configuration reset successfully
+     */
+    204: void;
+};
+type StatusListConfigControllerResetConfigResponse = StatusListConfigControllerResetConfigResponses[keyof StatusListConfigControllerResetConfigResponses];
+type StatusListConfigControllerGetConfigData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/status-list-config";
+};
+type StatusListConfigControllerGetConfigResponses = {
+    /**
+     * The status list configuration
+     */
+    200: StatusListConfig;
+};
+type StatusListConfigControllerGetConfigResponse = StatusListConfigControllerGetConfigResponses[keyof StatusListConfigControllerGetConfigResponses];
+type StatusListConfigControllerUpdateConfigData = {
+    body: UpdateStatusListConfigDto;
+    path?: never;
+    query?: never;
+    url: "/status-list-config";
+};
+type StatusListConfigControllerUpdateConfigResponses = {
+    /**
+     * The updated status list configuration
+     */
+    200: StatusListConfig;
+};
+type StatusListConfigControllerUpdateConfigResponse = StatusListConfigControllerUpdateConfigResponses[keyof StatusListConfigControllerUpdateConfigResponses];
+type StatusListManagementControllerGetListsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/status-lists";
+};
+type StatusListManagementControllerGetListsResponses = {
+    /**
+     * List of status lists
+     */
+    200: Array<StatusListResponseDto>;
+};
+type StatusListManagementControllerGetListsResponse = StatusListManagementControllerGetListsResponses[keyof StatusListManagementControllerGetListsResponses];
+type StatusListManagementControllerCreateListData = {
+    body: CreateStatusListDto;
+    path?: never;
+    query?: never;
+    url: "/status-lists";
+};
+type StatusListManagementControllerCreateListResponses = {
+    /**
+     * The created status list
+     */
+    201: StatusListResponseDto;
+};
+type StatusListManagementControllerCreateListResponse = StatusListManagementControllerCreateListResponses[keyof StatusListManagementControllerCreateListResponses];
+type StatusListManagementControllerDeleteListData = {
+    body?: never;
+    path: {
+        /**
+         * The status list ID
+         */
+        listId: string;
+    };
+    query?: never;
+    url: "/status-lists/{listId}";
+};
+type StatusListManagementControllerDeleteListResponses = {
+    /**
+     * Status list deleted successfully
+     */
+    204: void;
+};
+type StatusListManagementControllerDeleteListResponse = StatusListManagementControllerDeleteListResponses[keyof StatusListManagementControllerDeleteListResponses];
+type StatusListManagementControllerGetListData = {
+    body?: never;
+    path: {
+        /**
+         * The status list ID
+         */
+        listId: string;
+    };
+    query?: never;
+    url: "/status-lists/{listId}";
+};
+type StatusListManagementControllerGetListResponses = {
+    /**
+     * The status list
+     */
+    200: StatusListResponseDto;
+};
+type StatusListManagementControllerGetListResponse = StatusListManagementControllerGetListResponses[keyof StatusListManagementControllerGetListResponses];
+type StatusListManagementControllerUpdateListData = {
+    body: UpdateStatusListDto;
+    path: {
+        /**
+         * The status list ID
+         */
+        listId: string;
+    };
+    query?: never;
+    url: "/status-lists/{listId}";
+};
+type StatusListManagementControllerUpdateListResponses = {
+    /**
+     * The updated status list
+     */
+    200: StatusListResponseDto;
+};
+type StatusListManagementControllerUpdateListResponse = StatusListManagementControllerUpdateListResponses[keyof StatusListManagementControllerUpdateListResponses];
+type SessionControllerGetAllSessionsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/session";
+};
+type SessionControllerGetAllSessionsResponses = {
+    200: Array<Session>;
+};
+type SessionControllerGetAllSessionsResponse = SessionControllerGetAllSessionsResponses[keyof SessionControllerGetAllSessionsResponses];
+type SessionControllerDeleteSessionData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/session/{id}";
+};
+type SessionControllerDeleteSessionResponses = {
+    200: unknown;
+};
+type SessionControllerGetSessionData = {
+    body?: never;
+    path: {
+        /**
+         * The session ID
+         */
+        id: string;
+    };
+    query?: never;
+    url: "/session/{id}";
+};
+type SessionControllerGetSessionResponses = {
+    200: Session;
+};
+type SessionControllerGetSessionResponse = SessionControllerGetSessionResponses[keyof SessionControllerGetSessionResponses];
+type SessionControllerRevokeAllData = {
+    body: StatusUpdateDto;
+    path?: never;
+    query?: never;
+    url: "/session/revoke";
+};
+type SessionControllerRevokeAllResponses = {
+    201: unknown;
+};
+type SessionConfigControllerResetConfigData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/session-config";
+};
+type SessionConfigControllerResetConfigResponses = {
+    /**
+     * Configuration reset successfully
+     */
+    200: unknown;
+};
+type SessionConfigControllerGetConfigData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/session-config";
+};
+type SessionConfigControllerGetConfigResponses = {
+    /**
+     * The session storage configuration
+     */
+    200: SessionStorageConfig;
+};
+type SessionConfigControllerGetConfigResponse = SessionConfigControllerGetConfigResponses[keyof SessionConfigControllerGetConfigResponses];
+type SessionConfigControllerUpdateConfigData = {
+    body: UpdateSessionConfigDto;
+    path?: never;
+    query?: never;
+    url: "/session-config";
+};
+type SessionConfigControllerUpdateConfigResponses = {
+    /**
+     * The updated session storage configuration
+     */
+    200: SessionStorageConfig;
+};
+type SessionConfigControllerUpdateConfigResponse = SessionConfigControllerUpdateConfigResponses[keyof SessionConfigControllerUpdateConfigResponses];
+type SessionEventsControllerSubscribeToSessionEventsData = {
+    body?: never;
+    path: {
+        /**
+         * Session ID to subscribe to
+         */
+        id: string;
+    };
+    query: {
+        /**
+         * JWT access token for authentication
+         */
+        token: string;
+    };
+    url: "/session/{id}/events";
+};
+type SessionEventsControllerSubscribeToSessionEventsResponses = {
+    200: unknown;
+};
+type IssuanceConfigControllerGetIssuanceConfigurationsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/issuer/config";
+};
+type IssuanceConfigControllerGetIssuanceConfigurationsResponses = {
+    200: IssuanceConfig;
+};
+type IssuanceConfigControllerGetIssuanceConfigurationsResponse = IssuanceConfigControllerGetIssuanceConfigurationsResponses[keyof IssuanceConfigControllerGetIssuanceConfigurationsResponses];
+type IssuanceConfigControllerStoreIssuanceConfigurationData = {
+    body: IssuanceDto;
+    path?: never;
+    query?: never;
+    url: "/issuer/config";
+};
+type IssuanceConfigControllerStoreIssuanceConfigurationResponses = {
+    201: {
+        [key: string]: unknown;
+    };
+};
+type IssuanceConfigControllerStoreIssuanceConfigurationResponse = IssuanceConfigControllerStoreIssuanceConfigurationResponses[keyof IssuanceConfigControllerStoreIssuanceConfigurationResponses];
+type CredentialConfigControllerGetConfigsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/issuer/credentials";
+};
+type CredentialConfigControllerGetConfigsResponses = {
+    200: Array<CredentialConfig>;
+};
+type CredentialConfigControllerGetConfigsResponse = CredentialConfigControllerGetConfigsResponses[keyof CredentialConfigControllerGetConfigsResponses];
+type CredentialConfigControllerStoreCredentialConfigurationData = {
+    body: CredentialConfigCreate;
+    path?: never;
+    query?: never;
+    url: "/issuer/credentials";
+};
+type CredentialConfigControllerStoreCredentialConfigurationResponses = {
+    201: {
+        [key: string]: unknown;
+    };
+};
+type CredentialConfigControllerStoreCredentialConfigurationResponse = CredentialConfigControllerStoreCredentialConfigurationResponses[keyof CredentialConfigControllerStoreCredentialConfigurationResponses];
+type CredentialConfigControllerDeleteIssuanceConfigurationData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/issuer/credentials/{id}";
+};
+type CredentialConfigControllerDeleteIssuanceConfigurationResponses = {
+    200: unknown;
+};
+type CredentialConfigControllerGetConfigByIdData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/issuer/credentials/{id}";
+};
+type CredentialConfigControllerGetConfigByIdResponses = {
+    200: CredentialConfig;
+};
+type CredentialConfigControllerGetConfigByIdResponse = CredentialConfigControllerGetConfigByIdResponses[keyof CredentialConfigControllerGetConfigByIdResponses];
+type CredentialConfigControllerUpdateCredentialConfigurationData = {
+    body: CredentialConfigUpdate;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/issuer/credentials/{id}";
+};
+type CredentialConfigControllerUpdateCredentialConfigurationResponses = {
+    200: {
+        [key: string]: unknown;
+    };
+};
+type CredentialConfigControllerUpdateCredentialConfigurationResponse = CredentialConfigControllerUpdateCredentialConfigurationResponses[keyof CredentialConfigControllerUpdateCredentialConfigurationResponses];
+type PresentationManagementControllerConfigurationData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/verifier/config";
+};
+type PresentationManagementControllerConfigurationResponses = {
+    200: Array<PresentationConfig>;
+};
+type PresentationManagementControllerConfigurationResponse = PresentationManagementControllerConfigurationResponses[keyof PresentationManagementControllerConfigurationResponses];
+type PresentationManagementControllerStorePresentationConfigData = {
+    body: PresentationConfigCreateDto;
+    path?: never;
+    query?: never;
+    url: "/verifier/config";
+};
+type PresentationManagementControllerStorePresentationConfigResponses = {
+    201: {
+        [key: string]: unknown;
+    };
+};
+type PresentationManagementControllerStorePresentationConfigResponse = PresentationManagementControllerStorePresentationConfigResponses[keyof PresentationManagementControllerStorePresentationConfigResponses];
+type PresentationManagementControllerDeleteConfigurationData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/verifier/config/{id}";
+};
+type PresentationManagementControllerDeleteConfigurationResponses = {
+    200: unknown;
+};
+type PresentationManagementControllerGetConfigurationData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/verifier/config/{id}";
+};
+type PresentationManagementControllerGetConfigurationResponses = {
+    200: PresentationConfig;
+};
+type PresentationManagementControllerGetConfigurationResponse = PresentationManagementControllerGetConfigurationResponses[keyof PresentationManagementControllerGetConfigurationResponses];
+type PresentationManagementControllerUpdateConfigurationData = {
+    body: PresentationConfigUpdateDto;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/verifier/config/{id}";
+};
+type PresentationManagementControllerUpdateConfigurationResponses = {
+    200: {
+        [key: string]: unknown;
+    };
+};
+type PresentationManagementControllerUpdateConfigurationResponse = PresentationManagementControllerUpdateConfigurationResponses[keyof PresentationManagementControllerUpdateConfigurationResponses];
+type CacheControllerGetStatsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/cache/stats";
+};
+type CacheControllerGetStatsResponses = {
+    /**
+     * Cache statistics
+     */
+    200: unknown;
+};
+type CacheControllerClearAllCachesData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/cache";
+};
+type CacheControllerClearAllCachesResponses = {
+    /**
+     * All caches cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearAllCachesResponse = CacheControllerClearAllCachesResponses[keyof CacheControllerClearAllCachesResponses];
+type CacheControllerClearTrustListCacheData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/cache/trust-list";
+};
+type CacheControllerClearTrustListCacheResponses = {
+    /**
+     * Trust list cache cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearTrustListCacheResponse = CacheControllerClearTrustListCacheResponses[keyof CacheControllerClearTrustListCacheResponses];
+type CacheControllerClearStatusListCacheData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/cache/status-list";
+};
+type CacheControllerClearStatusListCacheResponses = {
+    /**
+     * Status list cache cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearStatusListCacheResponse = CacheControllerClearStatusListCacheResponses[keyof CacheControllerClearStatusListCacheResponses];
+type Oid4VciControllerCredentialData = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/vci/credential";
+};
+type Oid4VciControllerCredentialResponses = {
+    200: {
+        [key: string]: unknown;
+    };
+};
+type Oid4VciControllerCredentialResponse = Oid4VciControllerCredentialResponses[keyof Oid4VciControllerCredentialResponses];
+type Oid4VciControllerDeferredCredentialData = {
+    body: DeferredCredentialRequestDto;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/vci/deferred_credential";
+};
+type Oid4VciControllerDeferredCredentialResponses = {
+    200: unknown;
+};
+type Oid4VciControllerNotificationsData = {
+    body: NotificationRequestDto;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/vci/notification";
+};
+type Oid4VciControllerNotificationsResponses = {
+    201: unknown;
+};
+type Oid4VciControllerNonceData = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/vci/nonce";
+};
+type Oid4VciControllerNonceResponses = {
+    200: unknown;
+};
+type AuthorizeControllerAuthorizeData = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: {
+        issuer_state?: string;
+        response_type?: string;
+        client_id?: string;
+        redirect_uri?: string;
+        resource?: string;
+        scope?: string;
+        code_challenge?: string;
+        code_challenge_method?: string;
+        dpop_jkt?: string;
+        request_uri?: string;
+        auth_session?: string;
+        state?: string;
+    };
+    url: "/{tenantId}/authorize";
+};
+type AuthorizeControllerAuthorizeResponses = {
+    200: unknown;
+};
+type AuthorizeControllerParData = {
+    /**
+     * Pushed Authorization Request
+     */
+    body: AuthorizeQueries;
+    path?: never;
+    query?: never;
+    url: "/{tenantId}/authorize/par";
+};
+type AuthorizeControllerParResponses = {
+    201: ParResponseDto;
+};
+type AuthorizeControllerParResponse = AuthorizeControllerParResponses[keyof AuthorizeControllerParResponses];
+type AuthorizeControllerTokenData = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/authorize/token";
+};
+type AuthorizeControllerTokenResponses = {
+    201: {
+        [key: string]: unknown;
+    };
+};
+type AuthorizeControllerTokenResponse = AuthorizeControllerTokenResponses[keyof AuthorizeControllerTokenResponses];
+type InteractiveAuthorizationControllerInteractiveAuthorizationData = {
+    /**
+     * Interactive authorization request
+     */
+    body: InteractiveAuthorizationRequestDto;
+    headers: {
+        origin: string;
+    };
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/authorize/interactive";
+};
+type InteractiveAuthorizationControllerInteractiveAuthorizationErrors = {
+    /**
+     * Error response
+     */
+    400: InteractiveAuthorizationErrorResponseDto;
+};
+type InteractiveAuthorizationControllerInteractiveAuthorizationError = InteractiveAuthorizationControllerInteractiveAuthorizationErrors[keyof InteractiveAuthorizationControllerInteractiveAuthorizationErrors];
+type InteractiveAuthorizationControllerInteractiveAuthorizationResponses = {
+    /**
+     * Authorization code response (successful completion)
+     */
+    200: InteractiveAuthorizationCodeResponseDto;
+};
+type InteractiveAuthorizationControllerInteractiveAuthorizationResponse = InteractiveAuthorizationControllerInteractiveAuthorizationResponses[keyof InteractiveAuthorizationControllerInteractiveAuthorizationResponses];
+type InteractiveAuthorizationControllerCompleteWebAuthData = {
+    body?: never;
+    path: {
+        authSession: string;
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/authorize/interactive/complete-web-auth/{authSession}";
+};
+type InteractiveAuthorizationControllerCompleteWebAuthErrors = {
+    /**
+     * Auth session not found
+     */
+    404: unknown;
+};
+type InteractiveAuthorizationControllerCompleteWebAuthResponses = {
+    /**
+     * Web authorization marked as completed
+     */
+    200: unknown;
+};
+type ChainedAsControllerParData = {
+    body: ChainedAsParRequestDto;
+    headers?: {
+        /**
+         * DPoP proof JWT
+         */
+        DPoP?: string;
+    };
+    path: {
+        /**
+         * Tenant identifier
+         */
+        tenant: string;
+    };
+    query?: never;
+    url: "/{tenant}/chained-as/par";
+};
+type ChainedAsControllerParErrors = {
+    /**
+     * Invalid request
+     */
+    400: ChainedAsErrorResponseDto;
+};
+type ChainedAsControllerParError = ChainedAsControllerParErrors[keyof ChainedAsControllerParErrors];
+type ChainedAsControllerParResponses = {
+    /**
+     * PAR request accepted
+     */
+    201: ChainedAsParResponseDto;
+};
+type ChainedAsControllerParResponse = ChainedAsControllerParResponses[keyof ChainedAsControllerParResponses];
+type ChainedAsControllerAuthorizeData = {
+    body?: never;
+    path: {
+        /**
+         * Tenant identifier
+         */
+        tenant: string;
+    };
+    query: {
+        /**
+         * Client identifier
+         */
+        client_id: string;
+        /**
+         * Request URI from PAR response
+         */
+        request_uri: string;
+    };
+    url: "/{tenant}/chained-as/authorize";
+};
+type ChainedAsControllerAuthorizeErrors = {
+    /**
+     * Invalid request
+     */
+    400: ChainedAsErrorResponseDto;
+};
+type ChainedAsControllerAuthorizeError = ChainedAsControllerAuthorizeErrors[keyof ChainedAsControllerAuthorizeErrors];
+type ChainedAsControllerAuthorizeResponses = {
+    200: unknown;
+};
+type ChainedAsControllerCallbackData = {
+    body?: never;
+    path: {
+        /**
+         * Tenant identifier
+         */
+        tenant: string;
+    };
+    query: {
+        code: string;
+        state: string;
+        error: string;
+        error_description: string;
+    };
+    url: "/{tenant}/chained-as/callback";
+};
+type ChainedAsControllerCallbackErrors = {
+    /**
+     * Invalid callback
+     */
+    400: ChainedAsErrorResponseDto;
+};
+type ChainedAsControllerCallbackError = ChainedAsControllerCallbackErrors[keyof ChainedAsControllerCallbackErrors];
+type ChainedAsControllerCallbackResponses = {
+    200: unknown;
+};
+type ChainedAsControllerTokenData = {
+    body: ChainedAsTokenRequestDto;
+    headers?: {
+        /**
+         * DPoP proof JWT
+         */
+        DPoP?: string;
+    };
+    path: {
+        /**
+         * Tenant identifier
+         */
+        tenant: string;
+    };
+    query?: never;
+    url: "/{tenant}/chained-as/token";
+};
+type ChainedAsControllerTokenErrors = {
+    /**
+     * Invalid request
+     */
+    400: ChainedAsErrorResponseDto;
+    /**
+     * Invalid authorization code
+     */
+    401: ChainedAsErrorResponseDto;
+};
+type ChainedAsControllerTokenError = ChainedAsControllerTokenErrors[keyof ChainedAsControllerTokenErrors];
+type ChainedAsControllerTokenResponses = {
+    /**
+     * Token issued successfully
+     */
+    200: ChainedAsTokenResponseDto;
+};
+type ChainedAsControllerTokenResponse = ChainedAsControllerTokenResponses[keyof ChainedAsControllerTokenResponses];
+type ChainedAsControllerJwksData = {
+    body?: never;
+    path: {
+        /**
+         * Tenant identifier
+         */
+        tenant: string;
+    };
+    query?: never;
+    url: "/{tenant}/chained-as/.well-known/jwks.json";
+};
+type ChainedAsControllerJwksResponses = {
+    /**
+     * JWKS document
+     */
+    200: unknown;
+};
+type ChainedAsControllerGetMetadataData = {
+    body?: never;
+    path: {
+        /**
+         * Tenant identifier
+         */
+        tenant: string;
+    };
+    query?: never;
+    url: "/{tenant}/chained-as/.well-known/oauth-authorization-server";
+};
+type ChainedAsControllerGetMetadataResponses = {
+    /**
+     * OAuth AS metadata
+     */
+    200: unknown;
+};
+type CredentialOfferControllerGetOfferData = {
+    body: OfferRequestDto;
+    path?: never;
+    query?: never;
+    url: "/issuer/offer";
+};
+type CredentialOfferControllerGetOfferResponses = {
+    /**
+     * JSON response
+     */
+    201: OfferResponse;
+};
+type CredentialOfferControllerGetOfferResponse = CredentialOfferControllerGetOfferResponses[keyof CredentialOfferControllerGetOfferResponses];
+type DeferredControllerCompleteDeferredData = {
+    body: CompleteDeferredDto;
+    path: {
+        transactionId: string;
+    };
+    query?: never;
+    url: "/issuer/deferred/{transactionId}/complete";
+};
+type DeferredControllerCompleteDeferredErrors = {
+    /**
+     * Transaction not found
+     */
+    404: unknown;
+};
+type DeferredControllerCompleteDeferredResponses = {
+    /**
+     * Transaction completed successfully
+     */
+    200: DeferredOperationResponse;
+};
+type DeferredControllerCompleteDeferredResponse = DeferredControllerCompleteDeferredResponses[keyof DeferredControllerCompleteDeferredResponses];
+type DeferredControllerFailDeferredData = {
+    body?: FailDeferredDto;
+    path: {
+        transactionId: string;
+    };
+    query?: never;
+    url: "/issuer/deferred/{transactionId}/fail";
+};
+type DeferredControllerFailDeferredErrors = {
+    /**
+     * Transaction not found
+     */
+    404: unknown;
+};
+type DeferredControllerFailDeferredResponses = {
+    /**
+     * Transaction marked as failed
+     */
+    200: DeferredOperationResponse;
+};
+type DeferredControllerFailDeferredResponse = DeferredControllerFailDeferredResponses[keyof DeferredControllerFailDeferredResponses];
+type Oid4VciMetadataControllerVctData = {
+    body?: never;
+    path: {
+        id: string;
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/credentials-metadata/vct/{id}";
+};
+type Oid4VciMetadataControllerVctResponses = {
+    200: Vct;
+};
+type Oid4VciMetadataControllerVctResponse = Oid4VciMetadataControllerVctResponses[keyof Oid4VciMetadataControllerVctResponses];
+type WellKnownControllerIssuerMetadata0Data = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/.well-known/openid-credential-issuer/{tenantId}";
+};
+type WellKnownControllerIssuerMetadata0Responses = {
+    200: {
+        [key: string]: unknown;
+    };
+};
+type WellKnownControllerIssuerMetadata0Response = WellKnownControllerIssuerMetadata0Responses[keyof WellKnownControllerIssuerMetadata0Responses];
+type WellKnownControllerIssuerMetadata1Data = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/.well-known/openid-credential-issuer";
+};
+type WellKnownControllerIssuerMetadata1Responses = {
+    200: {
+        [key: string]: unknown;
+    };
+};
+type WellKnownControllerIssuerMetadata1Response = WellKnownControllerIssuerMetadata1Responses[keyof WellKnownControllerIssuerMetadata1Responses];
+type WellKnownControllerAuthzMetadata0Data = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/.well-known/oauth-authorization-server/{tenantId}";
+};
+type WellKnownControllerAuthzMetadata0Responses = {
+    200: unknown;
+};
+type WellKnownControllerAuthzMetadata1Data = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/.well-known/oauth-authorization-server";
+};
+type WellKnownControllerAuthzMetadata1Responses = {
+    200: unknown;
+};
+type WellKnownControllerGetJwks0Data = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/.well-known/jwks.json/{tenantId}";
+};
+type WellKnownControllerGetJwks0Responses = {
+    200: JwksResponseDto;
+};
+type WellKnownControllerGetJwks0Response = WellKnownControllerGetJwks0Responses[keyof WellKnownControllerGetJwks0Responses];
+type WellKnownControllerGetJwks1Data = {
+    body?: never;
+    path: {
+        tenantId: string;
+    };
+    query?: never;
+    url: "/{tenantId}/.well-known/jwks.json";
+};
+type WellKnownControllerGetJwks1Responses = {
+    200: JwksResponseDto;
+};
+type WellKnownControllerGetJwks1Response = WellKnownControllerGetJwks1Responses[keyof WellKnownControllerGetJwks1Responses];
+type Oid4VpControllerGetRequestWithSessionData = {
+    body?: never;
+    path: {
+        session: string;
+    };
+    query?: never;
+    url: "/{session}/oid4vp/request";
+};
+type Oid4VpControllerGetRequestWithSessionResponses = {
+    200: string;
+};
+type Oid4VpControllerGetRequestWithSessionResponse = Oid4VpControllerGetRequestWithSessionResponses[keyof Oid4VpControllerGetRequestWithSessionResponses];
+type Oid4VpControllerGetPostRequestWithSessionData = {
+    body?: never;
+    path: {
+        session: string;
+    };
+    query?: never;
+    url: "/{session}/oid4vp/request";
+};
+type Oid4VpControllerGetPostRequestWithSessionResponses = {
+    201: string;
+};
+type Oid4VpControllerGetPostRequestWithSessionResponse = Oid4VpControllerGetPostRequestWithSessionResponses[keyof Oid4VpControllerGetPostRequestWithSessionResponses];
+type Oid4VpControllerGetRequestNoRedirectWithSessionData = {
+    body?: never;
+    path: {
+        session: string;
+    };
+    query?: never;
+    url: "/{session}/oid4vp/request/no-redirect";
+};
+type Oid4VpControllerGetRequestNoRedirectWithSessionResponses = {
+    200: string;
+};
+type Oid4VpControllerGetRequestNoRedirectWithSessionResponse = Oid4VpControllerGetRequestNoRedirectWithSessionResponses[keyof Oid4VpControllerGetRequestNoRedirectWithSessionResponses];
+type Oid4VpControllerGetResponseData = {
+    body: AuthorizationResponse;
+    path: {
+        session: string;
+    };
+    query?: never;
+    url: "/{session}/oid4vp";
+};
+type Oid4VpControllerGetResponseResponses = {
+    200: {
+        [key: string]: unknown;
+    };
+};
+type Oid4VpControllerGetResponseResponse = Oid4VpControllerGetResponseResponses[keyof Oid4VpControllerGetResponseResponses];
+type RegistrarControllerDeleteConfigData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/registrar/config";
+};
+type RegistrarControllerDeleteConfigResponses = {
+    /**
+     * Configuration deleted successfully
+     */
+    204: void;
+};
+type RegistrarControllerDeleteConfigResponse = RegistrarControllerDeleteConfigResponses[keyof RegistrarControllerDeleteConfigResponses];
+type RegistrarControllerGetConfigData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/registrar/config";
+};
+type RegistrarControllerGetConfigErrors = {
+    /**
+     * No registrar configuration found
+     */
+    404: unknown;
+};
+type RegistrarControllerGetConfigResponses = {
+    /**
+     * The registrar configuration
+     */
+    200: RegistrarConfigEntity;
+};
+type RegistrarControllerGetConfigResponse = RegistrarControllerGetConfigResponses[keyof RegistrarControllerGetConfigResponses];
+type RegistrarControllerUpdateConfigData = {
+    body: UpdateRegistrarConfigDto;
+    path?: never;
+    query?: never;
+    url: "/registrar/config";
+};
+type RegistrarControllerUpdateConfigErrors = {
+    /**
+     * Invalid credentials
+     */
+    400: unknown;
+    /**
+     * No registrar configuration found
+     */
+    404: unknown;
+};
+type RegistrarControllerUpdateConfigResponses = {
+    /**
+     * Configuration updated successfully
+     */
+    200: RegistrarConfigEntity;
+};
+type RegistrarControllerUpdateConfigResponse = RegistrarControllerUpdateConfigResponses[keyof RegistrarControllerUpdateConfigResponses];
+type RegistrarControllerCreateConfigData = {
+    body: CreateRegistrarConfigDto;
+    path?: never;
+    query?: never;
+    url: "/registrar/config";
+};
+type RegistrarControllerCreateConfigErrors = {
+    /**
+     * Invalid credentials
+     */
+    400: unknown;
+};
+type RegistrarControllerCreateConfigResponses = {
+    /**
+     * Configuration created successfully
+     */
+    201: RegistrarConfigEntity;
+};
+type RegistrarControllerCreateConfigResponse = RegistrarControllerCreateConfigResponses[keyof RegistrarControllerCreateConfigResponses];
+type RegistrarControllerCreateAccessCertificateData = {
+    body: CreateAccessCertificateDto;
+    path?: never;
+    query?: never;
+    url: "/registrar/access-certificate";
+};
+type RegistrarControllerCreateAccessCertificateErrors = {
+    /**
+     * No relying party found at registrar or failed to create certificate
+     */
+    400: unknown;
+    /**
+     * No registrar configuration found or key not found
+     */
+    404: unknown;
+};
+type RegistrarControllerCreateAccessCertificateResponses = {
+    /**
+     * Access certificate created successfully
+     */
+    201: {
+        /**
+         * The certificate ID at the registrar
+         */
+        id?: string;
+        /**
+         * The certificate in PEM format
+         */
+        crt?: string;
+    };
+};
+type RegistrarControllerCreateAccessCertificateResponse = RegistrarControllerCreateAccessCertificateResponses[keyof RegistrarControllerCreateAccessCertificateResponses];
+type TrustListControllerGetAllTrustListsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: "/trust-list";
+};
+type TrustListControllerGetAllTrustListsResponses = {
+    200: Array<TrustList>;
+};
+type TrustListControllerGetAllTrustListsResponse = TrustListControllerGetAllTrustListsResponses[keyof TrustListControllerGetAllTrustListsResponses];
+type TrustListControllerCreateTrustListData = {
+    body: TrustListCreateDto;
+    path?: never;
+    query?: never;
+    url: "/trust-list";
+};
+type TrustListControllerCreateTrustListResponses = {
+    201: TrustList;
+};
+type TrustListControllerCreateTrustListResponse = TrustListControllerCreateTrustListResponses[keyof TrustListControllerCreateTrustListResponses];
+type TrustListControllerDeleteTrustListData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/trust-list/{id}";
+};
+type TrustListControllerDeleteTrustListResponses = {
+    200: unknown;
+};
+type TrustListControllerGetTrustListData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/trust-list/{id}";
+};
+type TrustListControllerGetTrustListResponses = {
+    200: TrustList;
+};
+type TrustListControllerGetTrustListResponse = TrustListControllerGetTrustListResponses[keyof TrustListControllerGetTrustListResponses];
+type TrustListControllerUpdateTrustListData = {
+    body: TrustListCreateDto;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/trust-list/{id}";
+};
+type TrustListControllerUpdateTrustListResponses = {
+    200: TrustList;
+};
+type TrustListControllerUpdateTrustListResponse = TrustListControllerUpdateTrustListResponses[keyof TrustListControllerUpdateTrustListResponses];
+type TrustListControllerExportTrustListData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/trust-list/{id}/export";
+};
+type TrustListControllerExportTrustListResponses = {
+    200: TrustListCreateDto;
+};
+type TrustListControllerExportTrustListResponse = TrustListControllerExportTrustListResponses[keyof TrustListControllerExportTrustListResponses];
+type TrustListControllerGetTrustListVersionsData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: "/trust-list/{id}/versions";
+};
+type TrustListControllerGetTrustListVersionsResponses = {
+    200: Array<TrustListVersion>;
+};
+type TrustListControllerGetTrustListVersionsResponse = TrustListControllerGetTrustListVersionsResponses[keyof TrustListControllerGetTrustListVersionsResponses];
+type TrustListControllerGetTrustListVersionData = {
+    body?: never;
+    path: {
+        id: string;
+        versionId: string;
+    };
+    query?: never;
+    url: "/trust-list/{id}/versions/{versionId}";
+};
+type TrustListControllerGetTrustListVersionResponses = {
+    200: TrustListVersion;
+};
+type TrustListControllerGetTrustListVersionResponse = TrustListControllerGetTrustListVersionResponses[keyof TrustListControllerGetTrustListVersionResponses];
+type TrustListPublicControllerGetTrustListJwtData = {
+    body?: never;
+    path: {
+        tenantId: string;
+        id: string;
+    };
+    query?: never;
+    url: "/{tenantId}/trust-list/{id}";
+};
+type TrustListPublicControllerGetTrustListJwtResponses = {
+    200: string;
+};
+type TrustListPublicControllerGetTrustListJwtResponse = TrustListPublicControllerGetTrustListJwtResponses[keyof TrustListPublicControllerGetTrustListJwtResponses];
+type VerifierOfferControllerGetOfferData = {
+    body: PresentationRequest;
+    path?: never;
+    query?: never;
+    url: "/verifier/offer";
+};
+type VerifierOfferControllerGetOfferResponses = {
+    /**
+     * JSON response
+     */
+    201: OfferResponse;
+};
+type VerifierOfferControllerGetOfferResponse = VerifierOfferControllerGetOfferResponses[keyof VerifierOfferControllerGetOfferResponses];
+type StorageControllerUploadData = {
+    /**
+     * List of cats
+     */
+    body: FileUploadDto;
+    path?: never;
+    query?: never;
+    url: "/storage";
+};
+type StorageControllerUploadResponses = {
+    201: {
+        [key: string]: unknown;
+    };
+};
+type StorageControllerUploadResponse = StorageControllerUploadResponses[keyof StorageControllerUploadResponses];
+type StorageControllerDownloadData = {
+    body?: never;
+    path: {
+        key: string;
+    };
+    query?: never;
+    url: "/storage/{key}";
+};
+type StorageControllerDownloadResponses = {
+    200: unknown;
+};
+
+export type { CertControllerGetCertificatesResponse as $, AllowListPolicy as A, AuthorizeQueries as B, CacheControllerClearAllCachesData as C, CacheControllerClearAllCachesResponse as D, CacheControllerClearAllCachesResponses as E, CacheControllerClearStatusListCacheData as F, CacheControllerClearStatusListCacheResponse as G, HealthControllerCheckResponse as H, CacheControllerClearStatusListCacheResponses as I, CacheControllerClearTrustListCacheData as J, CacheControllerClearTrustListCacheResponse as K, CacheControllerClearTrustListCacheResponses as L, CacheControllerGetStatsData as M, CacheControllerGetStatsResponses as N, CertControllerAddCertificateData as O, CertControllerAddCertificateResponse as P, CertControllerAddCertificateResponses as Q, CertControllerDeleteCertificateData as R, Session as S, CertControllerDeleteCertificateResponses as T, CertControllerExportConfigData as U, CertControllerExportConfigResponse as V, CertControllerExportConfigResponses as W, CertControllerGetCertificateData as X, CertControllerGetCertificateResponse as Y, CertControllerGetCertificateResponses as Z, CertControllerGetCertificatesData as _, HealthControllerCheckError as a, CompleteDeferredDto as a$, CertControllerGetCertificatesResponses as a0, CertControllerUpdateCertificateData as a1, CertControllerUpdateCertificateResponses as a2, CertEntity as a3, CertImportDto as a4, CertResponseDto as a5, CertUpdateDto as a6, CertUsageEntity as a7, ChainedAsConfig as a8, ChainedAsControllerAuthorizeData as a9, ChainedAsTokenResponseDto as aA, Claim as aB, ClaimsQuery as aC, ClientControllerCreateClientData as aD, ClientControllerCreateClientResponse as aE, ClientControllerCreateClientResponses as aF, ClientControllerDeleteClientData as aG, ClientControllerDeleteClientResponses as aH, ClientControllerGetClientData as aI, ClientControllerGetClientResponse as aJ, ClientControllerGetClientResponses as aK, ClientControllerGetClientSecretData as aL, ClientControllerGetClientSecretResponse as aM, ClientControllerGetClientSecretResponses as aN, ClientControllerGetClientsData as aO, ClientControllerGetClientsResponse as aP, ClientControllerGetClientsResponses as aQ, ClientControllerRotateClientSecretData as aR, ClientControllerRotateClientSecretResponse as aS, ClientControllerRotateClientSecretResponses as aT, ClientControllerUpdateClientData as aU, ClientControllerUpdateClientResponse as aV, ClientControllerUpdateClientResponses as aW, ClientCredentialsDto as aX, ClientEntity as aY, ClientOptions as aZ, ClientSecretResponseDto as a_, ChainedAsControllerAuthorizeError as aa, ChainedAsControllerAuthorizeErrors as ab, ChainedAsControllerAuthorizeResponses as ac, ChainedAsControllerCallbackData as ad, ChainedAsControllerCallbackError as ae, ChainedAsControllerCallbackErrors as af, ChainedAsControllerCallbackResponses as ag, ChainedAsControllerGetMetadataData as ah, ChainedAsControllerGetMetadataResponses as ai, ChainedAsControllerJwksData as aj, ChainedAsControllerJwksResponses as ak, ChainedAsControllerParData as al, ChainedAsControllerParError as am, ChainedAsControllerParErrors as an, ChainedAsControllerParResponse as ao, ChainedAsControllerParResponses as ap, ChainedAsControllerTokenData as aq, ChainedAsControllerTokenError as ar, ChainedAsControllerTokenErrors as as, ChainedAsControllerTokenResponse as at, ChainedAsControllerTokenResponses as au, ChainedAsErrorResponseDto as av, ChainedAsParRequestDto as aw, ChainedAsParResponseDto as ax, ChainedAsTokenConfig as ay, ChainedAsTokenRequestDto as az, ApiKeyConfig as b, IssuanceConfig as b$, CreateAccessCertificateDto as b0, CreateClientDto as b1, CreateRegistrarConfigDto as b2, CreateStatusListDto as b3, CreateTenantDto as b4, CredentialConfig as b5, CredentialConfigControllerDeleteIssuanceConfigurationData as b6, CredentialConfigControllerDeleteIssuanceConfigurationResponses as b7, CredentialConfigControllerGetConfigByIdData as b8, CredentialConfigControllerGetConfigByIdResponse as b9, DeferredCredentialRequestDto as bA, DeferredOperationResponse as bB, Display as bC, DisplayImage as bD, DisplayInfo as bE, DisplayLogo as bF, EcPublic as bG, EmbeddedDisclosurePolicy as bH, FailDeferredDto as bI, FileUploadDto as bJ, HealthControllerCheckData as bK, HealthControllerCheckErrors as bL, HealthControllerCheckResponses as bM, IaeActionOpenid4VpPresentation as bN, IaeActionRedirectToWeb as bO, ImportTenantDto as bP, InteractiveAuthorizationCodeResponseDto as bQ, InteractiveAuthorizationControllerCompleteWebAuthData as bR, InteractiveAuthorizationControllerCompleteWebAuthErrors as bS, InteractiveAuthorizationControllerCompleteWebAuthResponses as bT, InteractiveAuthorizationControllerInteractiveAuthorizationData as bU, InteractiveAuthorizationControllerInteractiveAuthorizationError as bV, InteractiveAuthorizationControllerInteractiveAuthorizationErrors as bW, InteractiveAuthorizationControllerInteractiveAuthorizationResponse as bX, InteractiveAuthorizationControllerInteractiveAuthorizationResponses as bY, InteractiveAuthorizationErrorResponseDto as bZ, InteractiveAuthorizationRequestDto as b_, CredentialConfigControllerGetConfigByIdResponses as ba, CredentialConfigControllerGetConfigsData as bb, CredentialConfigControllerGetConfigsResponse as bc, CredentialConfigControllerGetConfigsResponses as bd, CredentialConfigControllerStoreCredentialConfigurationData as be, CredentialConfigControllerStoreCredentialConfigurationResponse as bf, CredentialConfigControllerStoreCredentialConfigurationResponses as bg, CredentialConfigControllerUpdateCredentialConfigurationData as bh, CredentialConfigControllerUpdateCredentialConfigurationResponse as bi, CredentialConfigControllerUpdateCredentialConfigurationResponses as bj, CredentialConfigCreate as bk, CredentialConfigUpdate as bl, CredentialOfferControllerGetOfferData as bm, CredentialOfferControllerGetOfferResponse as bn, CredentialOfferControllerGetOfferResponses as bo, CredentialQuery as bp, CredentialSetQuery as bq, Dcql as br, DeferredControllerCompleteDeferredData as bs, DeferredControllerCompleteDeferredErrors as bt, DeferredControllerCompleteDeferredResponse as bu, DeferredControllerCompleteDeferredResponses as bv, DeferredControllerFailDeferredData as bw, DeferredControllerFailDeferredErrors as bx, DeferredControllerFailDeferredResponse as by, DeferredControllerFailDeferredResponses as bz, AppControllerMainData as c, PresentationManagementControllerDeleteConfigurationResponses as c$, IssuanceConfigControllerGetIssuanceConfigurationsData as c0, IssuanceConfigControllerGetIssuanceConfigurationsResponse as c1, IssuanceConfigControllerGetIssuanceConfigurationsResponses as c2, IssuanceConfigControllerStoreIssuanceConfigurationData as c3, IssuanceConfigControllerStoreIssuanceConfigurationResponse as c4, IssuanceConfigControllerStoreIssuanceConfigurationResponses as c5, IssuanceDto as c6, IssuerMetadataCredentialConfig as c7, JwksResponseDto as c8, Key as c9, Oid4VciControllerNotificationsResponses as cA, Oid4VciMetadataControllerVctData as cB, Oid4VciMetadataControllerVctResponse as cC, Oid4VciMetadataControllerVctResponses as cD, Oid4VpControllerGetPostRequestWithSessionData as cE, Oid4VpControllerGetPostRequestWithSessionResponse as cF, Oid4VpControllerGetPostRequestWithSessionResponses as cG, Oid4VpControllerGetRequestNoRedirectWithSessionData as cH, Oid4VpControllerGetRequestNoRedirectWithSessionResponse as cI, Oid4VpControllerGetRequestNoRedirectWithSessionResponses as cJ, Oid4VpControllerGetRequestWithSessionData as cK, Oid4VpControllerGetRequestWithSessionResponse as cL, Oid4VpControllerGetRequestWithSessionResponses as cM, Oid4VpControllerGetResponseData as cN, Oid4VpControllerGetResponseResponse as cO, Oid4VpControllerGetResponseResponses as cP, ParResponseDto as cQ, PolicyCredential as cR, PresentationAttachment as cS, PresentationConfig as cT, PresentationConfigCreateDto as cU, PresentationConfigUpdateDto as cV, PresentationDuringIssuanceConfig as cW, PresentationManagementControllerConfigurationData as cX, PresentationManagementControllerConfigurationResponse as cY, PresentationManagementControllerConfigurationResponses as cZ, PresentationManagementControllerDeleteConfigurationData as c_, KeyControllerAddKeyData as ca, KeyControllerAddKeyResponses as cb, KeyControllerDeleteKeyData as cc, KeyControllerDeleteKeyResponses as cd, KeyControllerGetKeyData as ce, KeyControllerGetKeyResponse as cf, KeyControllerGetKeyResponses as cg, KeyControllerGetKeysData as ch, KeyControllerGetKeysResponse as ci, KeyControllerGetKeysResponses as cj, KeyControllerUpdateKeyData as ck, KeyControllerUpdateKeyResponses as cl, KeyEntity as cm, KeyImportDto as cn, NoneTrustPolicy as co, NotificationRequestDto as cp, OfferRequestDto as cq, OfferResponse as cr, Oid4VciControllerCredentialData as cs, Oid4VciControllerCredentialResponse as ct, Oid4VciControllerCredentialResponses as cu, Oid4VciControllerDeferredCredentialData as cv, Oid4VciControllerDeferredCredentialResponses as cw, Oid4VciControllerNonceData as cx, Oid4VciControllerNonceResponses as cy, Oid4VciControllerNotificationsData as cz, AppControllerMainResponses as d, StatusListConfigControllerResetConfigResponses as d$, PresentationManagementControllerGetConfigurationData as d0, PresentationManagementControllerGetConfigurationResponse as d1, PresentationManagementControllerGetConfigurationResponses as d2, PresentationManagementControllerStorePresentationConfigData as d3, PresentationManagementControllerStorePresentationConfigResponse as d4, PresentationManagementControllerStorePresentationConfigResponses as d5, PresentationManagementControllerUpdateConfigurationData as d6, PresentationManagementControllerUpdateConfigurationResponse as d7, PresentationManagementControllerUpdateConfigurationResponses as d8, PresentationRequest as d9, SessionConfigControllerGetConfigResponse as dA, SessionConfigControllerGetConfigResponses as dB, SessionConfigControllerResetConfigData as dC, SessionConfigControllerResetConfigResponses as dD, SessionConfigControllerUpdateConfigData as dE, SessionConfigControllerUpdateConfigResponse as dF, SessionConfigControllerUpdateConfigResponses as dG, SessionControllerDeleteSessionData as dH, SessionControllerDeleteSessionResponses as dI, SessionControllerGetAllSessionsData as dJ, SessionControllerGetAllSessionsResponse as dK, SessionControllerGetAllSessionsResponses as dL, SessionControllerGetSessionData as dM, SessionControllerGetSessionResponse as dN, SessionControllerGetSessionResponses as dO, SessionControllerRevokeAllData as dP, SessionControllerRevokeAllResponses as dQ, SessionEventsControllerSubscribeToSessionEventsData as dR, SessionEventsControllerSubscribeToSessionEventsResponses as dS, SessionStorageConfig as dT, StatusListAggregationDto as dU, StatusListConfig as dV, StatusListConfigControllerGetConfigData as dW, StatusListConfigControllerGetConfigResponse as dX, StatusListConfigControllerGetConfigResponses as dY, StatusListConfigControllerResetConfigData as dZ, StatusListConfigControllerResetConfigResponse as d_, RegistrarConfigEntity as da, RegistrarControllerCreateAccessCertificateData as db, RegistrarControllerCreateAccessCertificateErrors as dc, RegistrarControllerCreateAccessCertificateResponse as dd, RegistrarControllerCreateAccessCertificateResponses as de, RegistrarControllerCreateConfigData as df, RegistrarControllerCreateConfigErrors as dg, RegistrarControllerCreateConfigResponse as dh, RegistrarControllerCreateConfigResponses as di, RegistrarControllerDeleteConfigData as dj, RegistrarControllerDeleteConfigResponse as dk, RegistrarControllerDeleteConfigResponses as dl, RegistrarControllerGetConfigData as dm, RegistrarControllerGetConfigErrors as dn, RegistrarControllerGetConfigResponse as dp, RegistrarControllerGetConfigResponses as dq, RegistrarControllerUpdateConfigData as dr, RegistrarControllerUpdateConfigErrors as ds, RegistrarControllerUpdateConfigResponse as dt, RegistrarControllerUpdateConfigResponses as du, RegistrationCertificateRequest as dv, RoleDto as dw, RootOfTrustPolicy as dx, SchemaResponse as dy, SessionConfigControllerGetConfigData as dz, AttestationBasedPolicy as e, TrustListControllerGetTrustListResponses as e$, StatusListConfigControllerUpdateConfigData as e0, StatusListConfigControllerUpdateConfigResponse as e1, StatusListConfigControllerUpdateConfigResponses as e2, StatusListControllerGetListData as e3, StatusListControllerGetListResponse as e4, StatusListControllerGetListResponses as e5, StatusListControllerGetStatusListAggregationData as e6, StatusListControllerGetStatusListAggregationResponse as e7, StatusListControllerGetStatusListAggregationResponses as e8, StatusListImportDto as e9, TenantControllerGetTenantResponses as eA, TenantControllerGetTenantsData as eB, TenantControllerGetTenantsResponse as eC, TenantControllerGetTenantsResponses as eD, TenantControllerInitTenantData as eE, TenantControllerInitTenantResponse as eF, TenantControllerInitTenantResponses as eG, TenantControllerUpdateTenantData as eH, TenantControllerUpdateTenantResponse as eI, TenantControllerUpdateTenantResponses as eJ, TenantEntity as eK, TokenResponse as eL, TransactionData as eM, TrustList as eN, TrustListControllerCreateTrustListData as eO, TrustListControllerCreateTrustListResponse as eP, TrustListControllerCreateTrustListResponses as eQ, TrustListControllerDeleteTrustListData as eR, TrustListControllerDeleteTrustListResponses as eS, TrustListControllerExportTrustListData as eT, TrustListControllerExportTrustListResponse as eU, TrustListControllerExportTrustListResponses as eV, TrustListControllerGetAllTrustListsData as eW, TrustListControllerGetAllTrustListsResponse as eX, TrustListControllerGetAllTrustListsResponses as eY, TrustListControllerGetTrustListData as eZ, TrustListControllerGetTrustListResponse as e_, StatusListManagementControllerCreateListData as ea, StatusListManagementControllerCreateListResponse as eb, StatusListManagementControllerCreateListResponses as ec, StatusListManagementControllerDeleteListData as ed, StatusListManagementControllerDeleteListResponse as ee, StatusListManagementControllerDeleteListResponses as ef, StatusListManagementControllerGetListData as eg, StatusListManagementControllerGetListResponse as eh, StatusListManagementControllerGetListResponses as ei, StatusListManagementControllerGetListsData as ej, StatusListManagementControllerGetListsResponse as ek, StatusListManagementControllerGetListsResponses as el, StatusListManagementControllerUpdateListData as em, StatusListManagementControllerUpdateListResponse as en, StatusListManagementControllerUpdateListResponses as eo, StatusListResponseDto as ep, StatusUpdateDto as eq, StorageControllerDownloadData as er, StorageControllerDownloadResponses as es, StorageControllerUploadData as et, StorageControllerUploadResponse as eu, StorageControllerUploadResponses as ev, TenantControllerDeleteTenantData as ew, TenantControllerDeleteTenantResponses as ex, TenantControllerGetTenantData as ey, TenantControllerGetTenantResponse as ez, AuthControllerGetGlobalJwksData as f, TrustListControllerGetTrustListVersionData as f0, TrustListControllerGetTrustListVersionResponse as f1, TrustListControllerGetTrustListVersionResponses as f2, TrustListControllerGetTrustListVersionsData as f3, TrustListControllerGetTrustListVersionsResponse as f4, TrustListControllerGetTrustListVersionsResponses as f5, TrustListControllerUpdateTrustListData as f6, TrustListControllerUpdateTrustListResponse as f7, TrustListControllerUpdateTrustListResponses as f8, TrustListCreateDto as f9, WellKnownControllerGetJwks0Responses as fA, WellKnownControllerGetJwks1Data as fB, WellKnownControllerGetJwks1Response as fC, WellKnownControllerGetJwks1Responses as fD, WellKnownControllerIssuerMetadata0Data as fE, WellKnownControllerIssuerMetadata0Response as fF, WellKnownControllerIssuerMetadata0Responses as fG, WellKnownControllerIssuerMetadata1Data as fH, WellKnownControllerIssuerMetadata1Response as fI, WellKnownControllerIssuerMetadata1Responses as fJ, TrustListPublicControllerGetTrustListJwtData as fa, TrustListPublicControllerGetTrustListJwtResponse as fb, TrustListPublicControllerGetTrustListJwtResponses as fc, TrustListVersion as fd, TrustedAuthorityQuery as fe, UpdateClientDto as ff, UpdateKeyDto as fg, UpdateRegistrarConfigDto as fh, UpdateSessionConfigDto as fi, UpdateStatusListConfigDto as fj, UpdateStatusListDto as fk, UpdateTenantDto as fl, UpstreamOidcConfig as fm, Vct as fn, VerifierOfferControllerGetOfferData as fo, VerifierOfferControllerGetOfferResponse as fp, VerifierOfferControllerGetOfferResponses as fq, WebHookAuthConfigHeader as fr, WebHookAuthConfigNone as fs, WebhookConfig as ft, WellKnownControllerAuthzMetadata0Data as fu, WellKnownControllerAuthzMetadata0Responses as fv, WellKnownControllerAuthzMetadata1Data as fw, WellKnownControllerAuthzMetadata1Responses as fx, WellKnownControllerGetJwks0Data as fy, WellKnownControllerGetJwks0Response as fz, AuthControllerGetGlobalJwksResponses as g, AuthControllerGetOAuth2TokenData as h, AuthControllerGetOAuth2TokenErrors as i, AuthControllerGetOAuth2TokenResponse as j, AuthControllerGetOAuth2TokenResponses as k, AuthControllerGetOidcDiscoveryData as l, AuthControllerGetOidcDiscoveryResponses as m, AuthenticationMethodAuth as n, AuthenticationMethodNone as o, AuthenticationMethodPresentation as p, AuthenticationUrlConfig as q, AuthorizationResponse as r, AuthorizeControllerAuthorizeData as s, AuthorizeControllerAuthorizeResponses as t, AuthorizeControllerParData as u, AuthorizeControllerParResponse as v, AuthorizeControllerParResponses as w, AuthorizeControllerTokenData as x, AuthorizeControllerTokenResponse as y, AuthorizeControllerTokenResponses as z };