@eudiplo/sdk-core 4.3.0 → 4.5.0

package/dist/{types.gen-DWk5kPkH.d.mts → types.gen-z3We9JHj.d.mts}

@@ -25,7 +25,7 @@ type RoleDto = {
     /**
      * OAuth2 roles
      */
-    role: "presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage";
+    role: 'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage';
 };
 type ClientCredentialsDto = {
     grant_type?: string;
@@ -37,6 +37,7 @@ type TokenResponse = {
     refresh_token?: string;
     token_type: string;
     expires_in: number;
+    state: string;
 };
 type ImportTenantDto = {
     /**
@@ -56,7 +57,7 @@ type SessionStorageConfig = {
     /**
      * Cleanup mode: 'full' deletes everything, 'anonymize' keeps metadata but removes PII.
      */
-    cleanupMode?: "full" | "anonymize";
+    cleanupMode?: 'full' | 'anonymize';
 };
 type StatusListConfig = {
     /**
@@ -138,7 +139,7 @@ type ClientEntity = {
     /**
      * The roles assigned to the client.
      */
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
     /**
      * The tenant that the client belongs to.
      */
@@ -165,7 +166,7 @@ type CreateTenantDto = {
      * Session storage configuration. Controls TTL and cleanup behavior.
      */
     sessionConfig?: SessionStorageConfig;
-    roles?: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles?: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
 };
 type UpdateTenantDto = {
     /**
@@ -184,7 +185,24 @@ type UpdateTenantDto = {
      * Session storage configuration. Controls TTL and cleanup behavior.
      */
     sessionConfig?: SessionStorageConfig;
-    roles?: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles?: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
+};
+type AuditLogResponseDto = {
+    id: string;
+    tenantId: string;
+    actionType: 'tenant_created' | 'tenant_updated' | 'tenant_deleted' | 'presentation_config_created' | 'presentation_config_updated' | 'presentation_config_deleted' | 'issuance_config_updated' | 'credential_config_created' | 'credential_config_updated' | 'credential_config_deleted' | 'status_list_config_updated' | 'status_list_config_reset' | 'webhook_endpoint_created' | 'webhook_endpoint_updated' | 'webhook_endpoint_deleted' | 'attribute_provider_created' | 'attribute_provider_updated' | 'attribute_provider_deleted';
+    actorType: 'user' | 'client' | 'system';
+    actorId?: string;
+    actorDisplay?: string;
+    changedFields?: Array<string>;
+    before?: {
+        [key: string]: unknown;
+    };
+    after?: {
+        [key: string]: unknown;
+    };
+    requestId?: string;
+    timestamp: string;
 };
 type ClientSecretResponseDto = {
     secret: string;
@@ -205,7 +223,7 @@ type UpdateClientDto = {
     /**
      * The roles assigned to the client.
      */
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
 };
 type CreateClientDto = {
     /**
@@ -231,7 +249,7 @@ type CreateClientDto = {
     /**
      * The roles assigned to the client.
      */
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
 };
 type StatusListImportDto = {
     /**
@@ -383,21 +401,21 @@ type OfferRequestDto = {
     /**
      * The type of response expected for the offer request.
      */
-    response_type: "uri" | "dc-api";
+    response_type: 'uri' | 'dc-api';
     /**
      * Credential claims configuration per credential. Keys must match credentialConfigurationIds.
      */
     credentialClaims?: {
-        additionalProperties?: {
-            type: "inline";
+        [key: string]: {
+            type: 'inline';
             claims: {
                 [key: string]: unknown;
             };
         } | {
-            type: "attributeProvider";
+            type: 'attributeProvider';
             attributeProviderId: string;
         } | {
-            type: "webhook";
+            type: 'webhook';
             webhook: {
                 url: string;
                 auth?: {
@@ -409,7 +427,7 @@ type OfferRequestDto = {
     /**
      * The flow type for the offer request.
      */
-    flow: "authorization_code" | "pre_authorized_code";
+    flow: 'authorization_code' | 'pre_authorized_code';
     /**
      * Transaction code for pre-authorized code flow.
      */
@@ -435,7 +453,7 @@ type WebHookAuthConfigNone = {
     /**
      * The type of authentication used for the webhook.
      */
-    type: "none";
+    type: 'none';
 };
 type ApiKeyConfig = {
     /**
@@ -451,7 +469,7 @@ type WebHookAuthConfigHeader = {
     /**
      * The type of authentication used for the webhook.
      */
-    type: "apiKey";
+    type: 'apiKey';
     /**
      * Configuration for API key authentication.
      * This is required if the type is 'apiKey'.
@@ -481,7 +499,7 @@ type Session = {
     /**
      * Status of the session.
      */
-    status: "active" | "fetched" | "completed" | "expired" | "failed";
+    status: 'active' | 'fetched' | 'completed' | 'expired' | 'failed';
     /**
      * Unique identifier for the session.
      */
@@ -638,6 +656,28 @@ type Session = {
      */
     consumedAt?: string;
 };
+type PaginatedSessionResponseDto = {
+    /**
+     * The sessions for the current page.
+     */
+    items: Array<Session>;
+    /**
+     * Total number of sessions matching the query
+     */
+    total: number;
+    /**
+     * Current page number (1-based)
+     */
+    page: number;
+    /**
+     * Number of items per page
+     */
+    pageSize: number;
+    /**
+     * Total number of pages
+     */
+    totalPages: number;
+};
 type SessionLogEntryResponseDto = {
     /**
      * Log entry ID
@@ -654,7 +694,7 @@ type SessionLogEntryResponseDto = {
     /**
      * Log level
      */
-    level: "info" | "warn" | "error";
+    level: 'info' | 'warn' | 'error';
     /**
      * Flow stage
      */
@@ -694,14 +734,14 @@ type UpdateSessionConfigDto = {
     /**
      * Cleanup mode: 'full' deletes everything, 'anonymize' keeps metadata but removes PII.
      */
-    cleanupMode?: "full" | "anonymize";
+    cleanupMode?: 'full' | 'anonymize';
 };
 type ManagedUserDto = {
     id: string;
     username: string;
     email?: string;
     enabled: boolean;
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
     tenantId?: string;
     /**
      * One-time temporary password returned only on user creation.
@@ -711,7 +751,7 @@ type ManagedUserDto = {
 type CreateUserDto = {
     username: string;
     email?: string;
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
     /**
      * One-time temporary password returned only on user creation.
      */
@@ -721,7 +761,7 @@ type CreateUserDto = {
 type UpdateUserDto = {
     username?: string;
     email?: string;
-    roles?: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles?: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
     /**
      * One-time temporary password returned only on user creation.
      */
@@ -730,7 +770,7 @@ type UpdateUserDto = {
     password?: string;
 };
 type AuthenticationMethodNone = {
-    method: "none";
+    method: 'none';
 };
 type AuthenticationUrlConfig = {
     /**
@@ -744,7 +784,7 @@ type AuthenticationUrlConfig = {
     webhook?: WebhookConfig;
 };
 type AuthenticationMethodAuth = {
-    method: "auth";
+    method: 'auth';
     config: AuthenticationUrlConfig;
 };
 type PresentationDuringIssuanceConfig = {
@@ -754,7 +794,7 @@ type PresentationDuringIssuanceConfig = {
     type: string;
 };
 type AuthenticationMethodPresentation = {
-    method: "presentationDuringIssuance";
+    method: 'presentationDuringIssuance';
     config: PresentationDuringIssuanceConfig;
 };
 type UpstreamOidcConfig = {
@@ -803,6 +843,42 @@ type ChainedAsConfig = {
      */
     requireDPoP?: boolean;
 };
+type FederationTrustAnchorConfig = {
+    /**
+     * Entity identifier (sub) of the federation trust anchor.
+     */
+    entityId: string;
+    /**
+     * Federation endpoint URL for the trust anchor entity configuration.
+     */
+    entityConfigurationUri: string;
+};
+type FederationConfig = {
+    /**
+     * Role this tenant plays in the OpenID Federation topology.
+     */
+    role?: 'trust_anchor' | 'intermediate' | 'leaf';
+    /**
+     * Trust decision strategy when both LoTE trust lists and OpenID Federation are configured.
+     */
+    mode?: 'federation-only' | 'hybrid';
+    /**
+     * Entity identifier of this issuer/verifier in the federation.
+     */
+    entityId?: string;
+    /**
+     * Whether federation checks are enforced for upstream metadata and signer trust decisions.
+     */
+    enforceSigningPolicy?: boolean;
+    /**
+     * Cache TTL in seconds for federation entity statements and trust chain results.
+     */
+    cacheTtlSeconds?: number;
+    /**
+     * Configured federation trust anchors.
+     */
+    trustAnchors: Array<FederationTrustAnchorConfig>;
+};
 type DisplayLogo = {
     uri: string;
     alt_text?: string;
@@ -823,6 +899,11 @@ type IssuanceConfig = {
      * to an upstream OIDC provider while issuing its own tokens with issuer_state.
      */
     chainedAs?: ChainedAsConfig;
+    /**
+     * Optional OpenID Federation configuration used for trust evaluation.
+     * When omitted, trust checks rely on existing LoTE trust-list behavior.
+     */
+    federation?: FederationConfig;
     /**
      * Whether refresh tokens should be issued for OID4VCI token responses.
      */
@@ -900,6 +981,11 @@ type IssuanceDto = {
      * to an upstream OIDC provider while issuing its own tokens with issuer_state.
      */
     chainedAs?: ChainedAsConfig;
+    /**
+     * Optional OpenID Federation configuration used for trust evaluation.
+     * When omitted, trust checks rely on existing LoTE trust-list behavior.
+     */
+    federation?: FederationConfig;
     /**
      * Whether refresh tokens should be issued for OID4VCI token responses.
      */
@@ -960,7 +1046,7 @@ type ClaimsQuery = {
     values?: Array<string>;
 };
 type TrustedAuthorityQuery = {
-    type: "aki" | "etsi_tl";
+    type: 'etsi_tl' | 'openid_federation';
     values: Array<string>;
 };
 type CredentialQuery = {
@@ -983,18 +1069,18 @@ type PolicyCredential = {
     credential_sets?: Array<CredentialSetQuery>;
 };
 type AttestationBasedPolicy = {
-    policy: "attestationBased";
+    policy: 'attestationBased';
     values: Array<PolicyCredential>;
 };
 type NoneTrustPolicy = {
-    policy: "none";
+    policy: 'none';
 };
 type AllowListPolicy = {
-    policy: "allowList";
+    policy: 'allowList';
     values: Array<string>;
 };
 type RootOfTrustPolicy = {
-    policy: "rootOfTrust";
+    policy: 'rootOfTrust';
     values: string;
 };
 type Vct = {
@@ -1002,15 +1088,15 @@ type Vct = {
     name?: string;
     description?: string;
     extends?: string;
-    "extends#integrity"?: string;
+    'extends#integrity'?: string;
     schema_uri?: string;
-    "schema_uri#integrity"?: string;
+    'schema_uri#integrity'?: string;
 };
 type IaeActionOpenid4VpPresentation = {
     /**
      * Action type discriminator
      */
-    type: "openid4vp_presentation";
+    type: 'openid4vp_presentation';
     /**
      * Optional label for this step (for display purposes)
      */
@@ -1024,7 +1110,7 @@ type IaeActionRedirectToWeb = {
     /**
      * Action type discriminator
      */
-    type: "redirect_to_web";
+    type: 'redirect_to_web';
     /**
      * Optional label for this step (for display purposes)
      */
@@ -1070,7 +1156,7 @@ type SchemaUriEntry = {
     /**
      * Schema-format specific metadata (for example { vct: 'urn:example:vct' } for dc+sd-jwt).
      */
-    metadata: {
+    meta: {
         [key: string]: unknown;
     };
 };
@@ -1082,7 +1168,7 @@ type TrustAuthorityEntry = {
     /**
      * Trust framework type (ignored when trustListId is set)
      */
-    frameworkType?: "aki" | "etsi_tl" | "openid_federation";
+    frameworkType?: 'aki' | 'etsi_tl' | 'openid_federation';
     /**
      * URI of the trust list or trust anchor (ignored when trustListId is set)
      */
@@ -1114,11 +1200,11 @@ type SchemaMetaConfig = {
     /**
      * Attestation Level of Security
      */
-    attestationLoS?: "iso_18045_high" | "iso_18045_moderate" | "iso_18045_enhanced-basic" | "iso_18045_basic";
+    attestationLoS?: 'iso_18045_high' | 'iso_18045_moderate' | 'iso_18045_enhanced-basic' | 'iso_18045_basic';
     /**
      * Cryptographic binding type
      */
-    bindingType?: "claim" | "key" | "biometric" | "none";
+    bindingType?: 'claim' | 'key' | 'biometric' | 'none';
     /**
      * Schema URIs per attestation format. When omitted, the format is derived from the credential config format field.
      */
@@ -1153,77 +1239,70 @@ type Display = {
     background_image?: DisplayImage;
     logo?: DisplayImage;
 };
-type ClaimDisplayInfo = {
+type IssuerMetadataCredentialConfig = {
     /**
-     * Human-readable name for the claim
+     * Key attestation requirements for JWT proofs for this credential.
+     * When set, this is published in proof_types_supported.jwt.key_attestations_required
+     * for this specific credential configuration.
      */
-    name?: string;
+    keyAttestationsRequired?: KeyAttestationsRequired;
+    format: 'mso_mdoc' | 'dc+sd-jwt';
+    display: Array<Display>;
+    scope?: string;
     /**
-     * Locale identifier (e.g., en-US, de-DE)
+     * Document type for mDOC credentials (e.g., "org.iso.18013.5.1.mDL").
+     * Only applicable when format is "mso_mdoc".
      */
-    locale?: string;
+    docType?: string;
 };
-type ClaimMetadata = {
+type FieldDisplayDto = {
     /**
-     * Path to the claim. For SD-JWT: JSONPath-like array. For mDOC: [namespace, claim_name]
+     * Locale code based on BCP47 (RFC 5646)
      */
-    path: Array<string>;
+    locale: string;
     /**
-     * Whether this claim must be disclosed
+     * Display name
      */
-    mandatory?: boolean;
+    name: string;
     /**
-     * Display information for the claim in different locales
+     * Optional display description
      */
-    display?: Array<ClaimDisplayInfo>;
+    description?: string;
 };
-type IssuerMetadataCredentialConfig = {
+type ClaimFieldDefinitionDto = {
     /**
-     * Key attestation requirements for JWT proofs for this credential.
-     * When set, this is published in proof_types_supported.jwt.key_attestations_required
-     * for this specific credential configuration.
+     * Path to claim value
      */
-    keyAttestationsRequired?: KeyAttestationsRequired;
-    format: "mso_mdoc" | "dc+sd-jwt";
-    display: Array<Display>;
-    scope?: string;
+    path: Array<string | number | null>;
     /**
-     * Document type for mDOC credentials (e.g., "org.iso.18013.5.1.mDL").
-     * Only applicable when format is "mso_mdoc".
+     * Claim value type
      */
-    docType?: string;
+    type: 'string' | 'number' | 'integer' | 'boolean' | 'object' | 'array' | 'date';
     /**
-     * Namespace for mDOC credentials (e.g., "org.iso.18013.5.1").
-     * Only applicable when format is "mso_mdoc".
-     * Used when claims are provided as a flat object.
+     * Default value
+     */
+    defaultValue?: string | number | boolean | {
+        [key: string]: unknown;
+    } | Array<unknown> | null;
+    /**
+     * Whether claim is mandatory
+     */
+    mandatory?: boolean;
+    /**
+     * Whether claim is disclosable in SD-JWT
+     */
+    disclosable?: boolean;
+    /**
+     * Namespace for mDOC field
      */
     namespace?: string;
+    display?: Array<FieldDisplayDto>;
     /**
-     * Claims organized by namespace for mDOC credentials.
-     * Allows specifying claims across multiple namespaces.
-     * Only applicable when format is "mso_mdoc".
-     * Example:
-     * {
-     * "org.iso.18013.5.1": { "given_name": "John", "family_name": "Doe" },
-     * "org.iso.18013.5.1.aamva": { "DHS_compliance": "F" }
-     * }
+     * Additional JSON schema constraints for this field
      */
-    claimsByNamespace?: {
+    constraints?: {
         [key: string]: unknown;
     };
-    /**
-     * Claims metadata for wallet rendering.
-     * Follows the OID4VCI credential_metadata.claims specification.
-     * Each claim includes a path (JSONPath-like array), optional mandatory flag,
-     * and display information with multi-language support.
-     *
-     * Example:
-     * [
-     * { "path": ["given_name"], "mandatory": false, "display": [{ "name": "Given Name", "locale": "en-US" }] },
-     * { "path": ["address", "street_address"], "display": [{ "name": "Street Address", "locale": "en-US" }] }
-     * ]
-     */
-    claimsMetadata?: Array<ClaimMetadata>;
 };
 type AttributeProviderEntity = {
     auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
@@ -1255,11 +1334,11 @@ type KeyChainEntity = {
     /**
      * The purpose/role of this key chain in the system.
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * The usage type of the keys (sign or encrypt).
      */
-    usage: "sign" | "encrypt";
+    usage: 'sign' | 'encrypt';
     /**
      * The KMS provider used for this key chain.
      * References a configured KMS provider name.
@@ -1270,7 +1349,7 @@ type KeyChainEntity = {
      * This field stores the provider-specific key reference for the active signing key.
      */
     externalKeyId?: string;
-    rootKey?: {
+    rootJwk?: {
         [key: string]: unknown;
     };
     /**
@@ -1278,7 +1357,7 @@ type KeyChainEntity = {
      * Self-signed certificate for the root CA key.
      */
     rootCertificate?: string;
-    activeKey: {
+    activeJwk: {
         [key: string]: unknown;
     };
     /**
@@ -1299,7 +1378,7 @@ type KeyChainEntity = {
      * Timestamp of when the key was last rotated.
      */
     lastRotatedAt?: string;
-    previousKey?: {
+    previousJwk?: {
         [key: string]: unknown;
     };
     /**
@@ -1317,21 +1396,11 @@ type KeyChainEntity = {
      */
     updatedAt: string;
 };
-type SchemaResponse = {
-    $schema: string;
-    type: string;
-    properties: {
-        [key: string]: unknown;
-    };
-    required?: Array<string>;
-    title?: string;
-    description?: string;
-};
 type CredentialConfig = {
     /**
      * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
      */
-    vct?: string | Vct;
+    vct?: string | Vct | null;
     /**
      * List of IAE actions to execute before credential issuance
      */
@@ -1358,9 +1427,8 @@ type CredentialConfig = {
      */
     tenant: TenantEntity;
     config: IssuerMetadataCredentialConfig;
-    claims?: {
-        [key: string]: unknown;
-    };
+    configVersion: number;
+    fields: Array<ClaimFieldDefinitionDto>;
     /**
      * Reference to the attribute provider used for fetching claims.
      * Optional: if set, claims will be fetched from this provider during issuance.
@@ -1373,9 +1441,6 @@ type CredentialConfig = {
      */
     webhookEndpointId?: string;
     webhookEndpoint?: WebhookEndpointEntity;
-    disclosureFrame?: {
-        [key: string]: unknown;
-    };
     keyBinding?: boolean;
     /**
      * Reference to the key chain used for signing.
@@ -1384,14 +1449,19 @@ type CredentialConfig = {
     keyChainId?: string;
     keyChain?: KeyChainEntity;
     statusManagement?: boolean;
+    /**
+     * For SD-JWT credentials: determines whether to include certificate chain (x5c)
+     * or use federation-based trust (iss claim).
+     * Default: "x5c" (federation must be explicitly selected)
+     */
+    sdJwtTrustFormat?: 'x5c' | 'federation';
     lifeTime?: number;
-    schema?: SchemaResponse;
 };
 type CredentialConfigCreate = {
     /**
      * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
      */
-    vct?: string | Vct;
+    vct?: string | Vct | null;
     /**
      * List of IAE actions to execute before credential issuance
      */
@@ -1414,9 +1484,8 @@ type CredentialConfigCreate = {
     id: string;
     description?: string;
     config: IssuerMetadataCredentialConfig;
-    claims?: {
-        [key: string]: unknown;
-    };
+    configVersion: number;
+    fields: Array<ClaimFieldDefinitionDto>;
     /**
      * Reference to the attribute provider used for fetching claims.
      * Optional: if set, claims will be fetched from this provider during issuance.
@@ -1427,9 +1496,6 @@ type CredentialConfigCreate = {
      * Optional: if set, notifications will be sent to this endpoint.
      */
     webhookEndpointId?: string;
-    disclosureFrame?: {
-        [key: string]: unknown;
-    };
     keyBinding?: boolean;
     /**
      * Reference to the key chain used for signing.
@@ -1437,14 +1503,19 @@ type CredentialConfigCreate = {
      */
     keyChainId?: string;
     statusManagement?: boolean;
+    /**
+     * For SD-JWT credentials: determines whether to include certificate chain (x5c)
+     * or use federation-based trust (iss claim).
+     * Default: "x5c" (federation must be explicitly selected)
+     */
+    sdJwtTrustFormat?: 'x5c' | 'federation';
     lifeTime?: number;
-    schema?: SchemaResponse;
 };
 type CredentialConfigUpdate = {
     /**
      * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
      */
-    vct?: string | Vct;
+    vct?: string | Vct | null;
     /**
      * List of IAE actions to execute before credential issuance
      */
@@ -1467,9 +1538,8 @@ type CredentialConfigUpdate = {
     id?: string;
     description?: string;
     config?: IssuerMetadataCredentialConfig;
-    claims?: {
-        [key: string]: unknown;
-    };
+    configVersion?: number;
+    fields?: Array<ClaimFieldDefinitionDto>;
     /**
      * Reference to the attribute provider used for fetching claims.
      * Optional: if set, claims will be fetched from this provider during issuance.
@@ -1480,9 +1550,6 @@ type CredentialConfigUpdate = {
      * Optional: if set, notifications will be sent to this endpoint.
      */
     webhookEndpointId?: string;
-    disclosureFrame?: {
-        [key: string]: unknown;
-    };
     keyBinding?: boolean;
     /**
      * Reference to the key chain used for signing.
@@ -1490,8 +1557,13 @@ type CredentialConfigUpdate = {
      */
     keyChainId?: string;
     statusManagement?: boolean;
+    /**
+     * For SD-JWT credentials: determines whether to include certificate chain (x5c)
+     * or use federation-based trust (iss claim).
+     * Default: "x5c" (federation must be explicitly selected)
+     */
+    sdJwtTrustFormat?: 'x5c' | 'federation';
     lifeTime?: number;
-    schema?: SchemaResponse;
 };
 type SignSchemaMetaConfigDto = {
     /**
@@ -1517,141 +1589,334 @@ type SignVersionSchemaMetaConfigDto = {
      */
     keyChainId?: string;
 };
-type CreateAttributeProviderDto = {
-    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
-    id: string;
-    name: string;
-    description?: string;
-    url: string;
-};
-type UpdateAttributeProviderDto = {
-    auth?: WebHookAuthConfigNone | WebHookAuthConfigHeader;
-    id?: string;
-    name?: string;
-    description?: string;
-    url?: string;
-};
-type CreateWebhookEndpointDto = {
+type VocabularyEntryDto = {
     /**
-     * Unique identifier for the webhook endpoint
+     * Stable machine-readable value to submit in schema metadata category/tags fields.
      */
-    id: string;
-    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
-    name: string;
-    description?: string;
-    url: string;
-};
-type UpdateWebhookEndpointDto = {
+    code: string;
     /**
-     * Unique identifier for the webhook endpoint
+     * Display label for UI rendering.
      */
-    id?: string;
-    auth?: WebHookAuthConfigNone | WebHookAuthConfigHeader;
-    name?: string;
-    description?: string;
-    url?: string;
-};
-type TrustListEntityInfo = {
-    name: string;
-    lang?: string;
-    uri?: string;
-    country?: string;
-    locality?: string;
-    postalCode?: string;
-    streetAddress?: string;
-    contactUri?: string;
-};
-type InternalTrustListEntity = {
-    type: "internal";
-    issuerKeyChainId: string;
-    revocationKeyChainId: string;
-    info: TrustListEntityInfo;
-};
-type ExternalTrustListEntity = {
-    type: "external";
-    issuerCertPem: string;
-    revocationCertPem: string;
-    info: TrustListEntityInfo;
+    label: string;
+    /**
+     * Vocabulary lifecycle status.
+     */
+    status: 'active' | 'deprecated';
+    /**
+     * Replacement code when status is deprecated.
+     */
+    replacedBy?: string;
 };
-type TrustListCreateDto = {
-    description?: string;
+type SchemaMetadataVocabulariesDto = {
     /**
-     * The full trust list JSON (generated LoTE structure)
+     * Vocabulary publication version for cache invalidation.
      */
-    data?: {
-        [key: string]: unknown;
-    };
-    entities: Array<({
-        type: "internal";
-    } & InternalTrustListEntity) | ({
-        type: "external";
-    } & ExternalTrustListEntity)>;
-    id?: string;
-    keyChainId?: string;
+    version: string;
+    /**
+     * Allowed category values that can be used when updating schema metadata category.
+     */
+    categories: Array<VocabularyEntryDto>;
+    /**
+     * Allowed tag values that can be used when updating schema metadata tags.
+     */
+    tags: Array<VocabularyEntryDto>;
 };
-type TrustList = {
+type MetadataSchemaDto = {
     /**
-     * Unique identifier for the trust list
+     * Unique identifier for this schema entry
      */
     id: string;
-    description?: string;
     /**
-     * The tenant ID for which the VP request is made.
+     * The credential format identifier
      */
-    tenantId: string;
+    formatIdentifier: 'dc+sd-jwt' | 'mso_mdoc';
     /**
-     * The tenant that owns this object.
+     * URI to the schema definition
      */
-    tenant: TenantEntity;
-    keyChainId: string;
-    keyChain: KeyChainEntity;
+    uri?: string;
     /**
-     * The full trust list JSON (generated LoTE structure)
+     * Inline schema content (JSON Schema)
      */
-    data?: {
+    schemaContent?: {
         [key: string]: unknown;
     };
     /**
-     * The original entity configuration used to create this trust list.
-     * Stored for round-tripping when editing.
+     * Subresource Integrity hash for the schema
      */
-    entityConfig?: Array<{
-        [key: string]: unknown;
-    }>;
+    integrity?: string;
+};
+type TrustAuthorityDto = {
     /**
-     * The sequence number for versioning (incremented on updates)
+     * Unique identifier for this trust authority entry
      */
-    sequenceNumber: number;
+    id: string;
     /**
-     * The signed JWT representation of this trust list
+     * Type of trust framework
      */
-    jwt: string;
-    createdAt: string;
-    updatedAt: string;
-};
-type TrustListVersion = {
-    id: string;
-    trustListId: string;
-    trustList: TrustList;
-    tenantId: string;
+    frameworkType: 'etsi_tl';
     /**
-     * The sequence number at the time this version was created
+     * URI or identifier for the trust list / authority
      */
-    sequenceNumber: number;
+    value: string;
     /**
-     * The full trust list JSON at this version
+     * Verification method for the trust list signature (e.g., JWK)
      */
-    data: {
+    verificationMethod?: {
         [key: string]: unknown;
     };
+};
+type AccessCertificateRefDto = {
+    id: string;
+    relyingPartyId: string;
+    certificate: string;
+    revoked: string;
+    createdAt: string;
+};
+type SchemaMetadataResponseDto = {
     /**
-     * The entity configuration at this version
+     * The unique, server-assigned identifier (UUID) for the schema metadata
      */
-    entityConfig?: {
-        [key: string]: unknown;
-    };
+    id: string;
     /**
-     * The signed JWT at this version
+     * Version of this schema metadata (SemVer)
+     */
+    version: string;
+    /**
+     * URI of the human-readable Rulebook document
+     */
+    rulebookURI?: string;
+    /**
+     * Subresource Integrity hash for the rulebook URI
+     */
+    rulebookIntegrity?: string;
+    /**
+     * Level of security (LoS) of this attestation
+     */
+    attestationLoS: 'iso_18045_high' | 'iso_18045_moderate' | 'iso_18045_enhanced-basic' | 'iso_18045_basic';
+    /**
+     * Required binding type between attestation and holder
+     */
+    bindingType: 'claim' | 'key' | 'biometric' | 'none';
+    /**
+     * Credential formats in which this attestation is available
+     */
+    supportedFormats: Array<'dc+sd-jwt' | 'mso_mdoc'>;
+    /**
+     * Format-specific schema URIs for this schema metadata
+     */
+    schemaURIs: Array<MetadataSchemaDto>;
+    /**
+     * Trust frameworks / trust anchors applicable to this schema metadata
+     */
+    trustedAuthorities: Array<TrustAuthorityDto>;
+    /**
+     * Domain category for filtering
+     */
+    category?: 'identity' | 'health' | 'finance' | 'education' | 'mobility' | 'employment' | 'other';
+    /**
+     * Free-form tags for filtering and search
+     */
+    tags?: Array<string>;
+    /**
+     * The original signed JWT
+     */
+    signedJwt: string;
+    /**
+     * Issuer from the JWT (`iss` claim)
+     */
+    issuer: string;
+    /**
+     * Serial number of the access certificate that signed this schema metadata
+     */
+    signerCertificateSerial: string;
+    /**
+     * The access certificate used to sign this schema metadata
+     */
+    signerCertificate?: AccessCertificateRefDto;
+    /**
+     * Timestamp when the JWT was issued (from the `iat` claim)
+     */
+    issuedAt: string;
+    /**
+     * Server creation timestamp
+     */
+    createdAt: string;
+    /**
+     * Last update timestamp
+     */
+    updatedAt: string;
+    /**
+     * Whether this version is deprecated
+     */
+    deprecated?: boolean;
+    /**
+     * Deprecation message shown to consumers
+     */
+    deprecationMessage?: string;
+    /**
+     * The version that supersedes this one
+     */
+    supersededByVersion?: string;
+};
+type UpdateSchemaMetadataDto = {
+    /**
+     * Domain category for filtering
+     */
+    category?: 'identity' | 'health' | 'finance' | 'education' | 'mobility' | 'employment' | 'other';
+    /**
+     * Predefined tags for filtering and search
+     */
+    tags?: Array<'pid' | 'eudi' | 'kyc' | 'aml' | 'age-verification' | 'residency' | 'membership' | 'education' | 'employment' | 'mobility'>;
+};
+type DeprecateSchemaMetadataDto = {
+    /**
+     * Whether to mark this version as deprecated
+     */
+    deprecated: boolean;
+    /**
+     * Deprecation message shown to consumers
+     */
+    message?: string;
+    /**
+     * The version that supersedes this one
+     */
+    supersededByVersion?: string;
+};
+type CreateAttributeProviderDto = {
+    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    id: string;
+    name: string;
+    description?: string;
+    url: string;
+};
+type UpdateAttributeProviderDto = {
+    auth?: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    id?: string;
+    name?: string;
+    description?: string;
+    url?: string;
+};
+type CreateWebhookEndpointDto = {
+    /**
+     * Unique identifier for the webhook endpoint
+     */
+    id: string;
+    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    name: string;
+    description?: string;
+    url: string;
+};
+type UpdateWebhookEndpointDto = {
+    /**
+     * Unique identifier for the webhook endpoint
+     */
+    id?: string;
+    auth?: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    name?: string;
+    description?: string;
+    url?: string;
+};
+type TrustListEntityInfo = {
+    name: string;
+    lang?: string;
+    uri?: string;
+    country?: string;
+    locality?: string;
+    postalCode?: string;
+    streetAddress?: string;
+    contactUri?: string;
+};
+type InternalTrustListEntity = {
+    type: 'internal';
+    issuerKeyChainId: string;
+    revocationKeyChainId: string;
+    info: TrustListEntityInfo;
+};
+type ExternalTrustListEntity = {
+    type: 'external';
+    issuerCertPem: string;
+    revocationCertPem: string;
+    info: TrustListEntityInfo;
+};
+type TrustListCreateDto = {
+    description?: string;
+    /**
+     * The full trust list JSON (generated LoTE structure)
+     */
+    data?: {
+        [key: string]: unknown;
+    };
+    entities: Array<({
+        type: 'internal';
+    } & InternalTrustListEntity) | ({
+        type: 'external';
+    } & ExternalTrustListEntity)>;
+    id?: string;
+    keyChainId?: string;
+};
+type TrustList = {
+    /**
+     * Unique identifier for the trust list
+     */
+    id: string;
+    description?: string;
+    /**
+     * The tenant ID for which the VP request is made.
+     */
+    tenantId: string;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    keyChainId: string;
+    keyChain: KeyChainEntity;
+    /**
+     * The full trust list JSON (generated LoTE structure)
+     */
+    data?: {
+        [key: string]: unknown;
+    };
+    /**
+     * The original entity configuration used to create this trust list.
+     * Stored for round-tripping when editing.
+     */
+    entityConfig?: Array<{
+        [key: string]: unknown;
+    }>;
+    /**
+     * The sequence number for versioning (incremented on updates)
+     */
+    sequenceNumber: number;
+    /**
+     * The signed JWT representation of this trust list
+     */
+    jwt: string;
+    createdAt: string;
+    updatedAt: string;
+};
+type TrustListVersion = {
+    id: string;
+    trustListId: string;
+    trustList: TrustList;
+    tenantId: string;
+    /**
+     * The sequence number at the time this version was created
+     */
+    sequenceNumber: number;
+    /**
+     * The full trust list JSON at this version
+     */
+    data: {
+        [key: string]: unknown;
+    };
+    /**
+     * The entity configuration at this version
+     */
+    entityConfig?: {
+        [key: string]: unknown;
+    };
+    /**
+     * The signed JWT at this version
      */
     jwt: string;
     createdAt: string;
@@ -1900,272 +2165,79 @@ type RegistrarConfigResponseDto = {
      */
     username: string;
     /**
-     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
-     */
-    registrationCertificateDefaults?: RegistrationCertificateDefaults;
-    /**
-     * Indicates whether a password is configured (actual password is never returned)
-     */
-    hasPassword: boolean;
-};
-type CreateRegistrarConfigDto = {
-    /**
-     * The base URL of the registrar API
-     */
-    registrarUrl: string;
-    /**
-     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
-     */
-    oidcUrl: string;
-    /**
-     * The OIDC client ID for the registrar
-     */
-    clientId: string;
-    /**
-     * The OIDC client secret (optional, for confidential clients)
-     */
-    clientSecret?: string;
-    /**
-     * The username for OIDC login
-     */
-    username: string;
-    /**
-     * The password for OIDC login (stored in plaintext)
-     */
-    password: string;
-    /**
-     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
-     */
-    registrationCertificateDefaults?: RegistrationCertificateDefaults;
-};
-type UpdateRegistrarConfigDto = {
-    /**
-     * The base URL of the registrar API
-     */
-    registrarUrl?: string;
-    /**
-     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
-     */
-    oidcUrl?: string;
-    /**
-     * The OIDC client ID for the registrar
-     */
-    clientId?: string;
-    /**
-     * The OIDC client secret (optional, for confidential clients)
-     */
-    clientSecret?: string;
-    /**
-     * The username for OIDC login
-     */
-    username?: string;
-    /**
-     * The password for OIDC login (stored in plaintext)
-     */
-    password?: string;
-    /**
-     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
-     */
-    registrationCertificateDefaults?: RegistrationCertificateDefaults;
-};
-type CreateAccessCertificateDto = {
-    /**
-     * The ID of the key to create an access certificate for
-     */
-    keyId: string;
-};
-type VocabularyEntryDto = {
-    /**
-     * Stable machine-readable value to submit in schema metadata category/tags fields.
-     */
-    code: string;
-    /**
-     * Display label for UI rendering.
-     */
-    label: string;
-    /**
-     * Vocabulary lifecycle status.
-     */
-    status: "active" | "deprecated";
-    /**
-     * Replacement code when status is deprecated.
-     */
-    replacedBy?: string;
-};
-type SchemaMetadataVocabulariesDto = {
-    /**
-     * Vocabulary publication version for cache invalidation.
-     */
-    version: string;
-    /**
-     * Allowed category values that can be used when updating schema metadata category.
-     */
-    categories: Array<VocabularyEntryDto>;
-    /**
-     * Allowed tag values that can be used when updating schema metadata tags.
-     */
-    tags: Array<VocabularyEntryDto>;
-};
-type MetadataSchemaDto = {
-    /**
-     * Unique identifier for this schema entry
-     */
-    id: string;
-    /**
-     * The credential format identifier
-     */
-    formatIdentifier: "dc+sd-jwt" | "mso_mdoc";
-    /**
-     * URI to the schema definition
-     */
-    uri?: string;
-    /**
-     * Inline schema content (JSON Schema)
-     */
-    schemaContent?: {
-        [key: string]: unknown;
-    };
-    /**
-     * Subresource Integrity hash for the schema
-     */
-    integrity?: string;
-};
-type TrustAuthorityDto = {
-    /**
-     * Unique identifier for this trust authority entry
-     */
-    id: string;
-    /**
-     * Type of trust framework
-     */
-    frameworkType: "etsi_tl";
-    /**
-     * URI or identifier for the trust list / authority
-     */
-    value: string;
-    /**
-     * Verification method for the trust list signature (e.g., JWK)
-     */
-    verificationMethod?: {
-        [key: string]: unknown;
-    };
-};
-type AccessCertificateRefDto = {
-    id: string;
-    relyingPartyId: string;
-    certificate: string;
-    revoked: string;
-    createdAt: string;
-};
-type SchemaMetadataResponseDto = {
-    /**
-     * The unique, server-assigned identifier (UUID) for the schema metadata
-     */
-    id: string;
-    /**
-     * Version of this schema metadata (SemVer)
-     */
-    version: string;
-    /**
-     * URI of the human-readable Rulebook document
-     */
-    rulebookURI?: string;
-    /**
-     * Subresource Integrity hash for the rulebook URI
-     */
-    rulebookIntegrity?: string;
-    /**
-     * Level of security (LoS) of this attestation
-     */
-    attestationLoS: "iso_18045_high" | "iso_18045_moderate" | "iso_18045_enhanced-basic" | "iso_18045_basic";
-    /**
-     * Required binding type between attestation and holder
-     */
-    bindingType: "claim" | "key" | "biometric" | "none";
-    /**
-     * Credential formats in which this attestation is available
-     */
-    supportedFormats: Array<"dc+sd-jwt" | "mso_mdoc">;
-    /**
-     * Format-specific schema URIs for this schema metadata
-     */
-    schemaURIs: Array<MetadataSchemaDto>;
-    /**
-     * Trust frameworks / trust anchors applicable to this schema metadata
-     */
-    trustedAuthorities: Array<TrustAuthorityDto>;
-    /**
-     * Domain category for filtering
+     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
      */
-    category?: "identity" | "health" | "finance" | "education" | "mobility" | "employment" | "other";
+    registrationCertificateDefaults?: RegistrationCertificateDefaults;
     /**
-     * Free-form tags for filtering and search
+     * Indicates whether a password is configured (actual password is never returned)
      */
-    tags?: Array<string>;
+    hasPassword: boolean;
+};
+type CreateRegistrarConfigDto = {
     /**
-     * The original signed JWT
+     * The base URL of the registrar API
      */
-    signedJwt: string;
+    registrarUrl: string;
     /**
-     * Issuer from the JWT (`iss` claim)
+     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
      */
-    issuer: string;
+    oidcUrl: string;
     /**
-     * Serial number of the access certificate that signed this schema metadata
+     * The OIDC client ID for the registrar
      */
-    signerCertificateSerial: string;
+    clientId: string;
     /**
-     * The access certificate used to sign this schema metadata
+     * The OIDC client secret (optional, for confidential clients)
      */
-    signerCertificate?: AccessCertificateRefDto;
+    clientSecret?: string;
     /**
-     * Timestamp when the JWT was issued (from the `iat` claim)
+     * The username for OIDC login
      */
-    issuedAt: string;
+    username: string;
     /**
-     * Server creation timestamp
+     * The password for OIDC login (stored in plaintext)
      */
-    createdAt: string;
+    password: string;
     /**
-     * Last update timestamp
+     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
      */
-    updatedAt: string;
+    registrationCertificateDefaults?: RegistrationCertificateDefaults;
+};
+type UpdateRegistrarConfigDto = {
     /**
-     * Whether this version is deprecated
+     * The base URL of the registrar API
      */
-    deprecated?: boolean;
+    registrarUrl?: string;
     /**
-     * Deprecation message shown to consumers
+     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
      */
-    deprecationMessage?: string;
+    oidcUrl?: string;
     /**
-     * The version that supersedes this one
+     * The OIDC client ID for the registrar
      */
-    supersededByVersion?: string;
-};
-type UpdateSchemaMetadataDto = {
+    clientId?: string;
     /**
-     * Domain category for filtering
+     * The OIDC client secret (optional, for confidential clients)
      */
-    category?: "identity" | "health" | "finance" | "education" | "mobility" | "employment" | "other";
+    clientSecret?: string;
     /**
-     * Predefined tags for filtering and search
+     * The username for OIDC login
      */
-    tags?: Array<"pid" | "eudi" | "kyc" | "aml" | "age-verification" | "residency" | "membership" | "education" | "employment" | "mobility">;
-};
-type DeprecateSchemaMetadataDto = {
+    username?: string;
     /**
-     * Whether to mark this version as deprecated
+     * The password for OIDC login (stored in plaintext)
      */
-    deprecated: boolean;
+    password?: string;
     /**
-     * Deprecation message shown to consumers
+     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
      */
-    message?: string;
+    registrationCertificateDefaults?: RegistrationCertificateDefaults;
+};
+type CreateAccessCertificateDto = {
     /**
-     * The version that supersedes this one
+     * The ID of the key to create an access certificate for
      */
-    supersededByVersion?: string;
+    keyId: string;
 };
 type DeferredCredentialRequestDto = {
     /**
@@ -2175,9 +2247,7 @@ type DeferredCredentialRequestDto = {
 };
 type NotificationRequestDto = {
     notification_id: string;
-    event: {
-        [key: string]: unknown;
-    };
+    event: 'credential_accepted' | 'credential_failure' | 'credential_deleted';
 };
 type Object$1 = {
     [key: string]: unknown;
@@ -2382,7 +2452,7 @@ type DeferredOperationResponse = {
     /**
      * The new status of the transaction
      */
-    status: "pending" | "ready" | "retrieved" | "expired" | "failed";
+    status: 'pending' | 'ready' | 'retrieved' | 'expired' | 'failed';
     /**
      * Optional message
      */
@@ -2455,6 +2525,14 @@ type KmsProviderCapabilitiesDto = {
      * Whether the provider supports deleting keys.
      */
     canDelete: boolean;
+    /**
+     * Signing algorithms supported by the provider.
+     */
+    supportedAlgs: Array<string>;
+    /**
+     * Default signing algorithm used when caller does not specify one.
+     */
+    defaultAlg: string;
 };
 type KmsProviderInfoDto = {
     /**
@@ -2554,11 +2632,11 @@ type KeyChainResponseDto = {
     /**
      * Usage type of the key chain.
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * Type of key chain (standalone or internalChain).
      */
-    type: "standalone" | "internalChain";
+    type: 'standalone' | 'internalChain';
     /**
      * Human-readable description.
      */
@@ -2660,7 +2738,7 @@ type KeyChainExportDto = {
     /**
      * Usage type for this key chain.
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * The private key in JWK format (EC).
      */
@@ -2696,11 +2774,11 @@ type KeyChainCreateDto = {
     /**
      * Usage type determines the purpose of this key chain (access, attestation, etc.).
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * Type of key chain to create.
      */
-    type: "standalone" | "internalChain";
+    type: 'standalone' | 'internalChain';
     /**
      * Human-readable description for the key chain.
      */
@@ -2753,7 +2831,7 @@ type KeyChainImportDto = {
     /**
      * Usage type for this key chain.
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * Certificate chain in PEM format (leaf first, then intermediates/CA).
      */
@@ -2799,7 +2877,7 @@ type PresentationRequest = {
     /**
      * The type of response expected from the presentation request.
      */
-    response_type: "uri" | "dc-api";
+    response_type: 'uri' | 'dc-api';
     /**
      * Identifier of the presentation configuration
      */
@@ -2814,6 +2892,11 @@ type PresentationRequest = {
      * You can use the `{sessionId}` placeholder in the URI, which will be replaced with the actual session ID.
      */
     redirectUri?: string;
+    /**
+     * Optional expected browser origin for DC API key-binding audience.
+     * Example: "http://localhost:8080"
+     */
+    expected_origin?: string;
     /**
      * Optional transaction data to include in the OID4VP request.
      * If provided, this will override the transaction_data from the presentation configuration.
@@ -2888,7 +2971,7 @@ type AppControllerGetVersionData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/version";
+    url: '/api/version';
 };
 type AppControllerGetVersionResponses = {
     /**
@@ -2900,7 +2983,7 @@ type AppControllerGetFrontendConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/frontend-config";
+    url: '/api/frontend-config';
 };
 type AppControllerGetFrontendConfigResponses = {
     /**
@@ -2909,11 +2992,30 @@ type AppControllerGetFrontendConfigResponses = {
     200: FrontendConfigResponseDto;
 };
 type AppControllerGetFrontendConfigResponse = AppControllerGetFrontendConfigResponses[keyof AppControllerGetFrontendConfigResponses];
+type AuthControllerGetOAuth2TokenData = {
+    body: ClientCredentialsDto;
+    path?: never;
+    query?: never;
+    url: '/api/oauth2/token';
+};
+type AuthControllerGetOAuth2TokenErrors = {
+    /**
+     * Invalid client credentials
+     */
+    401: unknown;
+};
+type AuthControllerGetOAuth2TokenResponses = {
+    /**
+     * OAuth2 token response
+     */
+    200: TokenResponse;
+};
+type AuthControllerGetOAuth2TokenResponse = AuthControllerGetOAuth2TokenResponses[keyof AuthControllerGetOAuth2TokenResponses];
 type TenantControllerGetTenantsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/tenant";
+    url: '/api/tenant';
 };
 type TenantControllerGetTenantsResponses = {
     200: Array<TenantEntity>;
@@ -2923,7 +3025,7 @@ type TenantControllerInitTenantData = {
     body: CreateTenantDto;
     path?: never;
     query?: never;
-    url: "/api/tenant";
+    url: '/api/tenant';
 };
 type TenantControllerInitTenantResponses = {
     201: {
@@ -2937,7 +3039,7 @@ type TenantControllerDeleteTenantData = {
         id: string;
     };
     query?: never;
-    url: "/api/tenant/{id}";
+    url: '/api/tenant/{id}';
 };
 type TenantControllerDeleteTenantResponses = {
     200: unknown;
@@ -2948,7 +3050,7 @@ type TenantControllerGetTenantData = {
         id: string;
     };
     query?: never;
-    url: "/api/tenant/{id}";
+    url: '/api/tenant/{id}';
 };
 type TenantControllerGetTenantResponses = {
     200: TenantEntity;
@@ -2960,17 +3062,32 @@ type TenantControllerUpdateTenantData = {
         id: string;
     };
     query?: never;
-    url: "/api/tenant/{id}";
+    url: '/api/tenant/{id}';
 };
 type TenantControllerUpdateTenantResponses = {
     200: TenantEntity;
 };
 type TenantControllerUpdateTenantResponse = TenantControllerUpdateTenantResponses[keyof TenantControllerUpdateTenantResponses];
+type AuditLogControllerGetAuditLogsData = {
+    body?: never;
+    path?: never;
+    query?: {
+        /**
+         * Maximum number of entries to return (1–500)
+         */
+        limit?: number;
+    };
+    url: '/api/admin/audit-logs';
+};
+type AuditLogControllerGetAuditLogsResponses = {
+    200: Array<AuditLogResponseDto>;
+};
+type AuditLogControllerGetAuditLogsResponse = AuditLogControllerGetAuditLogsResponses[keyof AuditLogControllerGetAuditLogsResponses];
 type ClientControllerGetClientsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/client";
+    url: '/api/client';
 };
 type ClientControllerGetClientsResponses = {
     200: Array<ClientEntity>;
@@ -2980,7 +3097,7 @@ type ClientControllerCreateClientData = {
     body: CreateClientDto;
     path?: never;
     query?: never;
-    url: "/api/client";
+    url: '/api/client';
 };
 type ClientControllerCreateClientResponses = {
     201: ClientEntity;
@@ -2992,7 +3109,7 @@ type ClientControllerDeleteClientData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}";
+    url: '/api/client/{id}';
 };
 type ClientControllerDeleteClientResponses = {
     200: unknown;
@@ -3003,7 +3120,7 @@ type ClientControllerGetClientData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}";
+    url: '/api/client/{id}';
 };
 type ClientControllerGetClientResponses = {
     200: ClientEntity;
@@ -3015,7 +3132,7 @@ type ClientControllerUpdateClientData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}";
+    url: '/api/client/{id}';
 };
 type ClientControllerUpdateClientResponses = {
     200: {
@@ -3029,7 +3146,7 @@ type ClientControllerGetClientSecretData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}/secret";
+    url: '/api/client/{id}/secret';
 };
 type ClientControllerGetClientSecretResponses = {
     200: ClientSecretResponseDto;
@@ -3041,7 +3158,7 @@ type ClientControllerRotateClientSecretData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}/rotate-secret";
+    url: '/api/client/{id}/rotate-secret';
 };
 type ClientControllerRotateClientSecretResponses = {
     201: ClientSecretResponseDto;
@@ -3051,7 +3168,7 @@ type StatusListConfigControllerResetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/status-list-config";
+    url: '/api/status-list-config';
 };
 type StatusListConfigControllerResetConfigResponses = {
     /**
@@ -3064,7 +3181,7 @@ type StatusListConfigControllerGetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/status-list-config";
+    url: '/api/status-list-config';
 };
 type StatusListConfigControllerGetConfigResponses = {
     /**
@@ -3077,7 +3194,7 @@ type StatusListConfigControllerUpdateConfigData = {
     body: UpdateStatusListConfigDto;
     path?: never;
     query?: never;
-    url: "/api/status-list-config";
+    url: '/api/status-list-config';
 };
 type StatusListConfigControllerUpdateConfigResponses = {
     /**
@@ -3090,7 +3207,7 @@ type StatusListManagementControllerGetListsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/status-lists";
+    url: '/api/status-lists';
 };
 type StatusListManagementControllerGetListsResponses = {
     /**
@@ -3103,7 +3220,7 @@ type StatusListManagementControllerCreateListData = {
     body: CreateStatusListDto;
     path?: never;
     query?: never;
-    url: "/api/status-lists";
+    url: '/api/status-lists';
 };
 type StatusListManagementControllerCreateListResponses = {
     /**
@@ -3121,7 +3238,7 @@ type StatusListManagementControllerDeleteListData = {
         listId: string;
     };
     query?: never;
-    url: "/api/status-lists/{listId}";
+    url: '/api/status-lists/{listId}';
 };
 type StatusListManagementControllerDeleteListResponses = {
     /**
@@ -3139,7 +3256,7 @@ type StatusListManagementControllerGetListData = {
         listId: string;
     };
     query?: never;
-    url: "/api/status-lists/{listId}";
+    url: '/api/status-lists/{listId}';
 };
 type StatusListManagementControllerGetListResponses = {
     /**
@@ -3157,7 +3274,7 @@ type StatusListManagementControllerUpdateListData = {
         listId: string;
     };
     query?: never;
-    url: "/api/status-lists/{listId}";
+    url: '/api/status-lists/{listId}';
 };
 type StatusListManagementControllerUpdateListResponses = {
     /**
@@ -3169,11 +3286,36 @@ type StatusListManagementControllerUpdateListResponse = StatusListManagementCont
 type SessionControllerGetAllSessionsData = {
     body?: never;
     path?: never;
-    query?: never;
-    url: "/api/session";
+    query?: {
+        /**
+         * Page number (1-based)
+         */
+        page?: number;
+        /**
+         * Number of items per page
+         */
+        pageSize?: number;
+        /**
+         * Filter by session status
+         */
+        status?: 'active' | 'fetched' | 'completed' | 'expired' | 'failed';
+        /**
+         * Filter by session type
+         */
+        type?: 'issuance' | 'presentation';
+        /**
+         * Field to sort by
+         */
+        sortBy?: 'id' | 'status' | 'createdAt' | 'requestId';
+        /**
+         * Sort direction
+         */
+        sortOrder?: 'asc' | 'desc';
+    };
+    url: '/api/session';
 };
 type SessionControllerGetAllSessionsResponses = {
-    200: Array<Session>;
+    200: PaginatedSessionResponseDto;
 };
 type SessionControllerGetAllSessionsResponse = SessionControllerGetAllSessionsResponses[keyof SessionControllerGetAllSessionsResponses];
 type SessionControllerDeleteSessionData = {
@@ -3182,7 +3324,7 @@ type SessionControllerDeleteSessionData = {
         id: string;
     };
     query?: never;
-    url: "/api/session/{id}";
+    url: '/api/session/{id}';
 };
 type SessionControllerDeleteSessionResponses = {
     200: unknown;
@@ -3196,7 +3338,7 @@ type SessionControllerGetSessionData = {
         id: string;
     };
     query?: never;
-    url: "/api/session/{id}";
+    url: '/api/session/{id}';
 };
 type SessionControllerGetSessionResponses = {
     200: Session;
@@ -3211,7 +3353,7 @@ type SessionControllerGetSessionLogsData = {
         id: string;
     };
     query?: never;
-    url: "/api/session/{id}/logs";
+    url: '/api/session/{id}/logs';
 };
 type SessionControllerGetSessionLogsResponses = {
     200: Array<SessionLogEntryResponseDto>;
@@ -3221,7 +3363,7 @@ type SessionControllerRevokeAllData = {
     body: StatusUpdateDto;
     path?: never;
     query?: never;
-    url: "/api/session/revoke";
+    url: '/api/session/revoke';
 };
 type SessionControllerRevokeAllResponses = {
     201: unknown;
@@ -3230,7 +3372,7 @@ type SessionConfigControllerResetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/session-config";
+    url: '/api/session-config';
 };
 type SessionConfigControllerResetConfigResponses = {
     /**
@@ -3242,7 +3384,7 @@ type SessionConfigControllerGetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/session-config";
+    url: '/api/session-config';
 };
 type SessionConfigControllerGetConfigResponses = {
     /**
@@ -3255,7 +3397,7 @@ type SessionConfigControllerUpdateConfigData = {
     body: UpdateSessionConfigDto;
     path?: never;
     query?: never;
-    url: "/api/session-config";
+    url: '/api/session-config';
 };
 type SessionConfigControllerUpdateConfigResponses = {
     /**
@@ -3278,7 +3420,7 @@ type SessionEventsControllerSubscribeToSessionEventsData = {
          */
         token: string;
     };
-    url: "/api/session/{id}/events";
+    url: '/api/session/{id}/events';
 };
 type SessionEventsControllerSubscribeToSessionEventsResponses = {
     200: unknown;
@@ -3287,7 +3429,7 @@ type UserControllerGetUsersData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/user";
+    url: '/api/user';
 };
 type UserControllerGetUsersResponses = {
     200: Array<ManagedUserDto>;
@@ -3297,7 +3439,7 @@ type UserControllerCreateUserData = {
     body: CreateUserDto;
     path?: never;
     query?: never;
-    url: "/api/user";
+    url: '/api/user';
 };
 type UserControllerCreateUserResponses = {
     201: ManagedUserDto;
@@ -3309,7 +3451,7 @@ type UserControllerDeleteUserData = {
         id: string;
     };
     query?: never;
-    url: "/api/user/{id}";
+    url: '/api/user/{id}';
 };
 type UserControllerDeleteUserResponses = {
     200: unknown;
@@ -3320,7 +3462,7 @@ type UserControllerGetUserData = {
         id: string;
     };
     query?: never;
-    url: "/api/user/{id}";
+    url: '/api/user/{id}';
 };
 type UserControllerGetUserResponses = {
     200: ManagedUserDto;
@@ -3332,7 +3474,7 @@ type UserControllerUpdateUserData = {
         id: string;
     };
     query?: never;
-    url: "/api/user/{id}";
+    url: '/api/user/{id}';
 };
 type UserControllerUpdateUserResponses = {
     200: ManagedUserDto;
@@ -3342,7 +3484,7 @@ type IssuanceConfigControllerGetIssuanceConfigurationsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/issuer/config";
+    url: '/api/issuer/config';
 };
 type IssuanceConfigControllerGetIssuanceConfigurationsResponses = {
     200: IssuanceConfig;
@@ -3352,7 +3494,7 @@ type IssuanceConfigControllerStoreIssuanceConfigurationData = {
     body: IssuanceDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/config";
+    url: '/api/issuer/config';
 };
 type IssuanceConfigControllerStoreIssuanceConfigurationResponses = {
     201: {
@@ -3364,7 +3506,7 @@ type CredentialConfigControllerGetConfigsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/issuer/credentials";
+    url: '/api/issuer/credentials';
 };
 type CredentialConfigControllerGetConfigsResponses = {
     200: Array<CredentialConfig>;
@@ -3374,7 +3516,7 @@ type CredentialConfigControllerStoreCredentialConfigurationData = {
     body: CredentialConfigCreate;
     path?: never;
     query?: never;
-    url: "/api/issuer/credentials";
+    url: '/api/issuer/credentials';
 };
 type CredentialConfigControllerStoreCredentialConfigurationResponses = {
     201: {
@@ -3388,7 +3530,7 @@ type CredentialConfigControllerDeleteIssuanceConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/credentials/{id}";
+    url: '/api/issuer/credentials/{id}';
 };
 type CredentialConfigControllerDeleteIssuanceConfigurationResponses = {
     200: {
@@ -3402,7 +3544,7 @@ type CredentialConfigControllerGetConfigByIdData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/credentials/{id}";
+    url: '/api/issuer/credentials/{id}';
 };
 type CredentialConfigControllerGetConfigByIdResponses = {
     200: CredentialConfig;
@@ -3414,7 +3556,7 @@ type CredentialConfigControllerUpdateCredentialConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/credentials/{id}";
+    url: '/api/issuer/credentials/{id}';
 };
 type CredentialConfigControllerUpdateCredentialConfigurationResponses = {
     200: {
@@ -3422,47 +3564,200 @@ type CredentialConfigControllerUpdateCredentialConfigurationResponses = {
     };
 };
 type CredentialConfigControllerUpdateCredentialConfigurationResponse = CredentialConfigControllerUpdateCredentialConfigurationResponses[keyof CredentialConfigControllerUpdateCredentialConfigurationResponses];
-type CredentialConfigControllerSignSchemaMetaConfigData = {
+type SchemaMetadataControllerSignSchemaMetaConfigData = {
     body: SignSchemaMetaConfigDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/credentials/schema-metadata/sign";
+    url: '/api/schema-metadata/sign';
 };
-type CredentialConfigControllerSignSchemaMetaConfigErrors = {
+type SchemaMetadataControllerSignSchemaMetaConfigErrors = {
     /**
      * Invalid schema metadata or missing certificate for signing
      */
     400: unknown;
 };
-type CredentialConfigControllerSignSchemaMetaConfigResponses = {
+type SchemaMetadataControllerSignSchemaMetaConfigResponses = {
     /**
      * Registrar metadata entry for the freshly submitted schema metadata.
      */
     201: unknown;
 };
-type CredentialConfigControllerSignVersionSchemaMetaConfigData = {
+type SchemaMetadataControllerSignVersionSchemaMetaConfigData = {
     body: SignVersionSchemaMetaConfigDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/credentials/schema-metadata/sign-version";
+    url: '/api/schema-metadata/sign-version';
 };
-type CredentialConfigControllerSignVersionSchemaMetaConfigErrors = {
+type SchemaMetadataControllerSignVersionSchemaMetaConfigErrors = {
     /**
      * config.id is required; or invalid schema metadata
      */
     400: unknown;
 };
-type CredentialConfigControllerSignVersionSchemaMetaConfigResponses = {
-    /**
-     * Registrar metadata entry for the newly submitted version.
-     */
-    201: unknown;
+type SchemaMetadataControllerSignVersionSchemaMetaConfigResponses = {
+    /**
+     * Registrar metadata entry for the newly submitted version.
+     */
+    201: unknown;
+};
+type SchemaMetadataControllerGetVocabulariesData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/schema-metadata/vocabularies';
+};
+type SchemaMetadataControllerGetVocabulariesResponses = {
+    200: SchemaMetadataVocabulariesDto;
+};
+type SchemaMetadataControllerGetVocabulariesResponse = SchemaMetadataControllerGetVocabulariesResponses[keyof SchemaMetadataControllerGetVocabulariesResponses];
+type SchemaMetadataControllerFindAllData = {
+    body?: never;
+    path?: never;
+    query?: {
+        attestationId?: string;
+        version?: string;
+    };
+    url: '/api/schema-metadata';
+};
+type SchemaMetadataControllerFindAllResponses = {
+    200: Array<SchemaMetadataResponseDto>;
+};
+type SchemaMetadataControllerFindAllResponse = SchemaMetadataControllerFindAllResponses[keyof SchemaMetadataControllerFindAllResponses];
+type SchemaMetadataControllerFindOneData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}';
+};
+type SchemaMetadataControllerFindOneResponses = {
+    200: SchemaMetadataResponseDto;
+};
+type SchemaMetadataControllerFindOneResponse = SchemaMetadataControllerFindOneResponses[keyof SchemaMetadataControllerFindOneResponses];
+type SchemaMetadataControllerRemoveData = {
+    body?: never;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}';
+};
+type SchemaMetadataControllerRemoveResponses = {
+    /**
+     * Deleted
+     */
+    200: unknown;
+};
+type SchemaMetadataControllerUpdateData = {
+    body: UpdateSchemaMetadataDto;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}';
+};
+type SchemaMetadataControllerUpdateResponses = {
+    200: SchemaMetadataResponseDto;
+};
+type SchemaMetadataControllerUpdateResponse = SchemaMetadataControllerUpdateResponses[keyof SchemaMetadataControllerUpdateResponses];
+type SchemaMetadataControllerGetLatestData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/latest';
+};
+type SchemaMetadataControllerGetLatestResponses = {
+    200: SchemaMetadataResponseDto;
+};
+type SchemaMetadataControllerGetLatestResponse = SchemaMetadataControllerGetLatestResponses[keyof SchemaMetadataControllerGetLatestResponses];
+type SchemaMetadataControllerGetVersionsData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions';
+};
+type SchemaMetadataControllerGetVersionsResponses = {
+    200: Array<SchemaMetadataResponseDto>;
+};
+type SchemaMetadataControllerGetVersionsResponse = SchemaMetadataControllerGetVersionsResponses[keyof SchemaMetadataControllerGetVersionsResponses];
+type SchemaMetadataControllerGetJwtData = {
+    body?: never;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}/jwt';
+};
+type SchemaMetadataControllerGetJwtResponses = {
+    /**
+     * Compact-serialization JWS string
+     */
+    200: string;
+};
+type SchemaMetadataControllerGetJwtResponse = SchemaMetadataControllerGetJwtResponses[keyof SchemaMetadataControllerGetJwtResponses];
+type SchemaMetadataControllerExportData = {
+    body?: never;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}/export';
+};
+type SchemaMetadataControllerExportResponses = {
+    /**
+     * Registrar-defined catalog document
+     */
+    200: {
+        [key: string]: unknown;
+    };
+};
+type SchemaMetadataControllerExportResponse = SchemaMetadataControllerExportResponses[keyof SchemaMetadataControllerExportResponses];
+type SchemaMetadataControllerGetSchemaData = {
+    body?: never;
+    path: {
+        id: string;
+        version: string;
+        format: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}/schemas/{format}';
+};
+type SchemaMetadataControllerGetSchemaResponses = {
+    /**
+     * JSON Schema document for the requested format
+     */
+    200: {
+        [key: string]: unknown;
+    };
+};
+type SchemaMetadataControllerGetSchemaResponse = SchemaMetadataControllerGetSchemaResponses[keyof SchemaMetadataControllerGetSchemaResponses];
+type SchemaMetadataControllerDeprecateVersionData = {
+    body: DeprecateSchemaMetadataDto;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}/deprecation';
+};
+type SchemaMetadataControllerDeprecateVersionResponses = {
+    200: SchemaMetadataResponseDto;
 };
+type SchemaMetadataControllerDeprecateVersionResponse = SchemaMetadataControllerDeprecateVersionResponses[keyof SchemaMetadataControllerDeprecateVersionResponses];
 type AttributeProviderControllerGetAllData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/issuer/attribute-providers";
+    url: '/api/issuer/attribute-providers';
 };
 type AttributeProviderControllerGetAllResponses = {
     /**
@@ -3474,7 +3769,7 @@ type AttributeProviderControllerCreateData = {
     body: CreateAttributeProviderDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/attribute-providers";
+    url: '/api/issuer/attribute-providers';
 };
 type AttributeProviderControllerCreateResponses = {
     /**
@@ -3488,7 +3783,7 @@ type AttributeProviderControllerDeleteData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/attribute-providers/{id}";
+    url: '/api/issuer/attribute-providers/{id}';
 };
 type AttributeProviderControllerDeleteErrors = {
     /**
@@ -3508,7 +3803,7 @@ type AttributeProviderControllerGetByIdData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/attribute-providers/{id}";
+    url: '/api/issuer/attribute-providers/{id}';
 };
 type AttributeProviderControllerGetByIdErrors = {
     /**
@@ -3528,7 +3823,7 @@ type AttributeProviderControllerUpdateData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/attribute-providers/{id}";
+    url: '/api/issuer/attribute-providers/{id}';
 };
 type AttributeProviderControllerUpdateErrors = {
     /**
@@ -3546,7 +3841,7 @@ type WebhookEndpointControllerGetAllData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/issuer/webhook-endpoints";
+    url: '/api/issuer/webhook-endpoints';
 };
 type WebhookEndpointControllerGetAllResponses = {
     /**
@@ -3559,7 +3854,7 @@ type WebhookEndpointControllerCreateData = {
     body: CreateWebhookEndpointDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/webhook-endpoints";
+    url: '/api/issuer/webhook-endpoints';
 };
 type WebhookEndpointControllerCreateResponses = {
     /**
@@ -3573,7 +3868,7 @@ type WebhookEndpointControllerDeleteData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/webhook-endpoints/{id}";
+    url: '/api/issuer/webhook-endpoints/{id}';
 };
 type WebhookEndpointControllerDeleteErrors = {
     /**
@@ -3593,7 +3888,7 @@ type WebhookEndpointControllerGetByIdData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/webhook-endpoints/{id}";
+    url: '/api/issuer/webhook-endpoints/{id}';
 };
 type WebhookEndpointControllerGetByIdErrors = {
     /**
@@ -3613,7 +3908,7 @@ type WebhookEndpointControllerUpdateData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/webhook-endpoints/{id}";
+    url: '/api/issuer/webhook-endpoints/{id}';
 };
 type WebhookEndpointControllerUpdateErrors = {
     /**
@@ -3631,7 +3926,7 @@ type TrustListControllerGetAllTrustListsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/trust-list";
+    url: '/api/trust-list';
 };
 type TrustListControllerGetAllTrustListsResponses = {
     200: Array<TrustList>;
@@ -3641,7 +3936,7 @@ type TrustListControllerCreateTrustListData = {
     body: TrustListCreateDto;
     path?: never;
     query?: never;
-    url: "/api/trust-list";
+    url: '/api/trust-list';
 };
 type TrustListControllerCreateTrustListResponses = {
     201: TrustList;
@@ -3653,7 +3948,7 @@ type TrustListControllerDeleteTrustListData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}";
+    url: '/api/trust-list/{id}';
 };
 type TrustListControllerDeleteTrustListResponses = {
     200: unknown;
@@ -3664,7 +3959,7 @@ type TrustListControllerGetTrustListData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}";
+    url: '/api/trust-list/{id}';
 };
 type TrustListControllerGetTrustListResponses = {
     200: TrustList;
@@ -3676,7 +3971,7 @@ type TrustListControllerUpdateTrustListData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}";
+    url: '/api/trust-list/{id}';
 };
 type TrustListControllerUpdateTrustListResponses = {
     200: TrustList;
@@ -3688,7 +3983,7 @@ type TrustListControllerExportTrustListData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}/export";
+    url: '/api/trust-list/{id}/export';
 };
 type TrustListControllerExportTrustListResponses = {
     200: TrustListCreateDto;
@@ -3700,7 +3995,7 @@ type TrustListControllerGetTrustListVersionsData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}/versions";
+    url: '/api/trust-list/{id}/versions';
 };
 type TrustListControllerGetTrustListVersionsResponses = {
     200: Array<TrustListVersion>;
@@ -3713,17 +4008,68 @@ type TrustListControllerGetTrustListVersionData = {
         versionId: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}/versions/{versionId}";
+    url: '/api/trust-list/{id}/versions/{versionId}';
 };
 type TrustListControllerGetTrustListVersionResponses = {
     200: TrustListVersion;
 };
 type TrustListControllerGetTrustListVersionResponse = TrustListControllerGetTrustListVersionResponses[keyof TrustListControllerGetTrustListVersionResponses];
+type CacheControllerGetStatsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/cache/stats';
+};
+type CacheControllerGetStatsResponses = {
+    /**
+     * Cache statistics
+     */
+    200: unknown;
+};
+type CacheControllerClearAllCachesData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/cache';
+};
+type CacheControllerClearAllCachesResponses = {
+    /**
+     * All caches cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearAllCachesResponse = CacheControllerClearAllCachesResponses[keyof CacheControllerClearAllCachesResponses];
+type CacheControllerClearTrustListCacheData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/cache/trust-list';
+};
+type CacheControllerClearTrustListCacheResponses = {
+    /**
+     * Trust list cache cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearTrustListCacheResponse = CacheControllerClearTrustListCacheResponses[keyof CacheControllerClearTrustListCacheResponses];
+type CacheControllerClearStatusListCacheData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/cache/status-list';
+};
+type CacheControllerClearStatusListCacheResponses = {
+    /**
+     * Status list cache cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearStatusListCacheResponse = CacheControllerClearStatusListCacheResponses[keyof CacheControllerClearStatusListCacheResponses];
 type PresentationManagementControllerConfigurationData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/verifier/config";
+    url: '/api/verifier/config';
 };
 type PresentationManagementControllerConfigurationResponses = {
     200: Array<PresentationConfig>;
@@ -3733,7 +4079,7 @@ type PresentationManagementControllerStorePresentationConfigData = {
     body: PresentationConfigCreateDto;
     path?: never;
     query?: never;
-    url: "/api/verifier/config";
+    url: '/api/verifier/config';
 };
 type PresentationManagementControllerStorePresentationConfigResponses = {
     201: PresentationConfig;
@@ -3743,7 +4089,7 @@ type PresentationManagementControllerResolveIssuerMetadataData = {
     body: ResolveIssuerMetadataDto;
     path?: never;
     query?: never;
-    url: "/api/verifier/config/issuer-metadata/resolve";
+    url: '/api/verifier/config/issuer-metadata/resolve';
 };
 type PresentationManagementControllerResolveIssuerMetadataErrors = {
     /**
@@ -3761,7 +4107,7 @@ type PresentationManagementControllerResolveSchemaMetadataData = {
     body: ResolveSchemaMetadataDto;
     path?: never;
     query?: never;
-    url: "/api/verifier/config/schema-metadata/resolve";
+    url: '/api/verifier/config/schema-metadata/resolve';
 };
 type PresentationManagementControllerResolveSchemaMetadataErrors = {
     /**
@@ -3779,7 +4125,7 @@ type PresentationManagementControllerListSchemaMetadataCatalogData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/verifier/config/schema-metadata/catalog";
+    url: '/api/verifier/config/schema-metadata/catalog';
 };
 type PresentationManagementControllerListSchemaMetadataCatalogResponses = {
     /**
@@ -3793,7 +4139,7 @@ type PresentationManagementControllerDeleteConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/verifier/config/{id}";
+    url: '/api/verifier/config/{id}';
 };
 type PresentationManagementControllerDeleteConfigurationResponses = {
     200: unknown;
@@ -3804,7 +4150,7 @@ type PresentationManagementControllerGetConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/verifier/config/{id}";
+    url: '/api/verifier/config/{id}';
 };
 type PresentationManagementControllerGetConfigurationResponses = {
     200: PresentationConfig;
@@ -3816,7 +4162,7 @@ type PresentationManagementControllerUpdateConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/verifier/config/{id}";
+    url: '/api/verifier/config/{id}';
 };
 type PresentationManagementControllerUpdateConfigurationResponses = {
     200: PresentationConfig;
@@ -3828,7 +4174,7 @@ type PresentationManagementControllerReissueRegistrationCertificateData = {
         id: string;
     };
     query?: never;
-    url: "/api/verifier/config/{id}/registration-cert/reissue";
+    url: '/api/verifier/config/{id}/registration-cert/reissue';
 };
 type PresentationManagementControllerReissueRegistrationCertificateErrors = {
     /**
@@ -3842,62 +4188,11 @@ type PresentationManagementControllerReissueRegistrationCertificateResponses = {
      */
     200: unknown;
 };
-type CacheControllerGetStatsData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/cache/stats";
-};
-type CacheControllerGetStatsResponses = {
-    /**
-     * Cache statistics
-     */
-    200: unknown;
-};
-type CacheControllerClearAllCachesData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/cache";
-};
-type CacheControllerClearAllCachesResponses = {
-    /**
-     * All caches cleared successfully
-     */
-    204: void;
-};
-type CacheControllerClearAllCachesResponse = CacheControllerClearAllCachesResponses[keyof CacheControllerClearAllCachesResponses];
-type CacheControllerClearTrustListCacheData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/cache/trust-list";
-};
-type CacheControllerClearTrustListCacheResponses = {
-    /**
-     * Trust list cache cleared successfully
-     */
-    204: void;
-};
-type CacheControllerClearTrustListCacheResponse = CacheControllerClearTrustListCacheResponses[keyof CacheControllerClearTrustListCacheResponses];
-type CacheControllerClearStatusListCacheData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/cache/status-list";
-};
-type CacheControllerClearStatusListCacheResponses = {
-    /**
-     * Status list cache cleared successfully
-     */
-    204: void;
-};
-type CacheControllerClearStatusListCacheResponse = CacheControllerClearStatusListCacheResponses[keyof CacheControllerClearStatusListCacheResponses];
 type RegistrarControllerDeleteConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/registrar/config";
+    url: '/api/registrar/config';
 };
 type RegistrarControllerDeleteConfigResponses = {
     /**
@@ -3910,7 +4205,7 @@ type RegistrarControllerGetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/registrar/config";
+    url: '/api/registrar/config';
 };
 type RegistrarControllerGetConfigErrors = {
     /**
@@ -3929,7 +4224,7 @@ type RegistrarControllerUpdateConfigData = {
     body: UpdateRegistrarConfigDto;
     path?: never;
     query?: never;
-    url: "/api/registrar/config";
+    url: '/api/registrar/config';
 };
 type RegistrarControllerUpdateConfigErrors = {
     /**
@@ -3940,6 +4235,10 @@ type RegistrarControllerUpdateConfigErrors = {
      * No registrar configuration found
      */
     404: unknown;
+    /**
+     * Registrar OIDC endpoint unreachable — credentials could not be verified
+     */
+    503: unknown;
 };
 type RegistrarControllerUpdateConfigResponses = {
     /**
@@ -3952,13 +4251,17 @@ type RegistrarControllerCreateConfigData = {
     body: CreateRegistrarConfigDto;
     path?: never;
     query?: never;
-    url: "/api/registrar/config";
+    url: '/api/registrar/config';
 };
 type RegistrarControllerCreateConfigErrors = {
     /**
      * Invalid credentials
      */
     400: unknown;
+    /**
+     * Registrar OIDC endpoint unreachable — credentials could not be verified
+     */
+    503: unknown;
 };
 type RegistrarControllerCreateConfigResponses = {
     /**
@@ -3971,7 +4274,7 @@ type RegistrarControllerCreateAccessCertificateData = {
     body: CreateAccessCertificateDto;
     path?: never;
     query?: never;
-    url: "/api/registrar/access-certificate";
+    url: '/api/registrar/access-certificate';
 };
 type RegistrarControllerCreateAccessCertificateErrors = {
     /**
@@ -3999,164 +4302,11 @@ type RegistrarControllerCreateAccessCertificateResponses = {
     };
 };
 type RegistrarControllerCreateAccessCertificateResponse = RegistrarControllerCreateAccessCertificateResponses[keyof RegistrarControllerCreateAccessCertificateResponses];
-type SchemaMetadataControllerGetVocabulariesData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/schema-metadata/vocabularies";
-};
-type SchemaMetadataControllerGetVocabulariesResponses = {
-    200: SchemaMetadataVocabulariesDto;
-};
-type SchemaMetadataControllerGetVocabulariesResponse = SchemaMetadataControllerGetVocabulariesResponses[keyof SchemaMetadataControllerGetVocabulariesResponses];
-type SchemaMetadataControllerFindAllData = {
-    body?: never;
-    path?: never;
-    query?: {
-        attestationId?: string;
-        version?: string;
-    };
-    url: "/api/schema-metadata";
-};
-type SchemaMetadataControllerFindAllResponses = {
-    200: Array<SchemaMetadataResponseDto>;
-};
-type SchemaMetadataControllerFindAllResponse = SchemaMetadataControllerFindAllResponses[keyof SchemaMetadataControllerFindAllResponses];
-type SchemaMetadataControllerFindOneData = {
-    body?: never;
-    path: {
-        id: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}";
-};
-type SchemaMetadataControllerFindOneResponses = {
-    200: SchemaMetadataResponseDto;
-};
-type SchemaMetadataControllerFindOneResponse = SchemaMetadataControllerFindOneResponses[keyof SchemaMetadataControllerFindOneResponses];
-type SchemaMetadataControllerRemoveData = {
-    body?: never;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}";
-};
-type SchemaMetadataControllerRemoveResponses = {
-    /**
-     * Deleted
-     */
-    200: unknown;
-};
-type SchemaMetadataControllerUpdateData = {
-    body: UpdateSchemaMetadataDto;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}";
-};
-type SchemaMetadataControllerUpdateResponses = {
-    200: SchemaMetadataResponseDto;
-};
-type SchemaMetadataControllerUpdateResponse = SchemaMetadataControllerUpdateResponses[keyof SchemaMetadataControllerUpdateResponses];
-type SchemaMetadataControllerGetLatestData = {
-    body?: never;
-    path: {
-        id: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/latest";
-};
-type SchemaMetadataControllerGetLatestResponses = {
-    200: SchemaMetadataResponseDto;
-};
-type SchemaMetadataControllerGetLatestResponse = SchemaMetadataControllerGetLatestResponses[keyof SchemaMetadataControllerGetLatestResponses];
-type SchemaMetadataControllerGetVersionsData = {
-    body?: never;
-    path: {
-        id: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions";
-};
-type SchemaMetadataControllerGetVersionsResponses = {
-    200: Array<SchemaMetadataResponseDto>;
-};
-type SchemaMetadataControllerGetVersionsResponse = SchemaMetadataControllerGetVersionsResponses[keyof SchemaMetadataControllerGetVersionsResponses];
-type SchemaMetadataControllerGetJwtData = {
-    body?: never;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}/jwt";
-};
-type SchemaMetadataControllerGetJwtResponses = {
-    /**
-     * Compact-serialization JWS string
-     */
-    200: string;
-};
-type SchemaMetadataControllerGetJwtResponse = SchemaMetadataControllerGetJwtResponses[keyof SchemaMetadataControllerGetJwtResponses];
-type SchemaMetadataControllerExportData = {
-    body?: never;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}/export";
-};
-type SchemaMetadataControllerExportResponses = {
-    /**
-     * Registrar-defined catalog document
-     */
-    200: {
-        [key: string]: unknown;
-    };
-};
-type SchemaMetadataControllerExportResponse = SchemaMetadataControllerExportResponses[keyof SchemaMetadataControllerExportResponses];
-type SchemaMetadataControllerGetSchemaData = {
-    body?: never;
-    path: {
-        id: string;
-        version: string;
-        format: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}/schemas/{format}";
-};
-type SchemaMetadataControllerGetSchemaResponses = {
-    /**
-     * JSON Schema document for the requested format
-     */
-    200: {
-        [key: string]: unknown;
-    };
-};
-type SchemaMetadataControllerGetSchemaResponse = SchemaMetadataControllerGetSchemaResponses[keyof SchemaMetadataControllerGetSchemaResponses];
-type SchemaMetadataControllerDeprecateVersionData = {
-    body: DeprecateSchemaMetadataDto;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}/deprecation";
-};
-type SchemaMetadataControllerDeprecateVersionResponses = {
-    200: SchemaMetadataResponseDto;
-};
-type SchemaMetadataControllerDeprecateVersionResponse = SchemaMetadataControllerDeprecateVersionResponses[keyof SchemaMetadataControllerDeprecateVersionResponses];
 type CredentialOfferControllerGetOfferData = {
     body: OfferRequestDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/offer";
+    url: '/api/issuer/offer';
 };
 type CredentialOfferControllerGetOfferResponses = {
     /**
@@ -4171,7 +4321,7 @@ type DeferredControllerCompleteDeferredData = {
         transactionId: string;
     };
     query?: never;
-    url: "/api/issuer/deferred/{transactionId}/complete";
+    url: '/api/issuer/deferred/{transactionId}/complete';
 };
 type DeferredControllerCompleteDeferredErrors = {
     /**
@@ -4192,7 +4342,7 @@ type DeferredControllerFailDeferredData = {
         transactionId: string;
     };
     query?: never;
-    url: "/api/issuer/deferred/{transactionId}/fail";
+    url: '/api/issuer/deferred/{transactionId}/fail';
 };
 type DeferredControllerFailDeferredErrors = {
     /**
@@ -4211,7 +4361,7 @@ type KeyChainControllerGetProvidersData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/key-chain/providers";
+    url: '/api/key-chain/providers';
 };
 type KeyChainControllerGetProvidersResponses = {
     /**
@@ -4220,6 +4370,18 @@ type KeyChainControllerGetProvidersResponses = {
     200: KmsProvidersResponseDto;
 };
 type KeyChainControllerGetProvidersResponse = KeyChainControllerGetProvidersResponses[keyof KeyChainControllerGetProvidersResponses];
+type KeyChainControllerGetProvidersHealthData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/key-chain/providers/health';
+};
+type KeyChainControllerGetProvidersHealthResponses = {
+    /**
+     * Per-provider health result (ok, latencyMs, optional error).
+     */
+    200: unknown;
+};
 type KeyChainControllerGetAllData = {
     body?: never;
     path?: never;
@@ -4227,9 +4389,9 @@ type KeyChainControllerGetAllData = {
         /**
          * Optional usage type filter
          */
-        usageType?: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+        usageType?: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     };
-    url: "/api/key-chain";
+    url: '/api/key-chain';
 };
 type KeyChainControllerGetAllResponses = {
     /**
@@ -4242,7 +4404,7 @@ type KeyChainControllerCreateData = {
     body: KeyChainCreateDto;
     path?: never;
     query?: never;
-    url: "/api/key-chain";
+    url: '/api/key-chain';
 };
 type KeyChainControllerCreateResponses = {
     /**
@@ -4256,7 +4418,7 @@ type KeyChainControllerDeleteData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}";
+    url: '/api/key-chain/{id}';
 };
 type KeyChainControllerDeleteErrors = {
     /**
@@ -4276,7 +4438,7 @@ type KeyChainControllerGetByIdData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}";
+    url: '/api/key-chain/{id}';
 };
 type KeyChainControllerGetByIdErrors = {
     /**
@@ -4297,7 +4459,7 @@ type KeyChainControllerUpdateData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}";
+    url: '/api/key-chain/{id}';
 };
 type KeyChainControllerUpdateErrors = {
     /**
@@ -4317,7 +4479,7 @@ type KeyChainControllerExportData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}/export";
+    url: '/api/key-chain/{id}/export';
 };
 type KeyChainControllerExportErrors = {
     /**
@@ -4336,7 +4498,7 @@ type KeyChainControllerImportData = {
     body: KeyChainImportDto;
     path?: never;
     query?: never;
-    url: "/api/key-chain/import";
+    url: '/api/key-chain/import';
 };
 type KeyChainControllerImportResponses = {
     /**
@@ -4350,7 +4512,7 @@ type KeyChainControllerRotateData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}/rotate";
+    url: '/api/key-chain/{id}/rotate';
 };
 type KeyChainControllerRotateErrors = {
     /**
@@ -4368,7 +4530,7 @@ type VerifierOfferControllerGetOfferData = {
     body: PresentationRequest;
     path?: never;
     query?: never;
-    url: "/api/verifier/offer";
+    url: '/api/verifier/offer';
 };
 type VerifierOfferControllerGetOfferResponses = {
     /**
@@ -4381,7 +4543,7 @@ type StorageControllerUploadData = {
     body: FileUploadDto;
     path?: never;
     query?: never;
-    url: "/api/storage";
+    url: '/api/storage';
 };
 type StorageControllerUploadResponses = {
     201: {
@@ -4390,4 +4552,4 @@ type StorageControllerUploadResponses = {
 };
 type StorageControllerUploadResponse = StorageControllerUploadResponses[keyof StorageControllerUploadResponses];
 
-export type { ClientControllerCreateClientResponses as $, AccessCertificateRefDto as A, AuthorizationResponse as B, AuthorizeQueries as C, CacheControllerClearAllCachesData as D, CacheControllerClearAllCachesResponse as E, CacheControllerClearAllCachesResponses as F, CacheControllerClearStatusListCacheData as G, CacheControllerClearStatusListCacheResponse as H, CacheControllerClearStatusListCacheResponses as I, CacheControllerClearTrustListCacheData as J, CacheControllerClearTrustListCacheResponse as K, CacheControllerClearTrustListCacheResponses as L, CacheControllerGetStatsData as M, CacheControllerGetStatsResponses as N, CertificateInfoDto as O, ChainedAsConfig as P, ChainedAsErrorResponseDto as Q, ChainedAsParResponseDto as R, Session as S, ChainedAsTokenConfig as T, ChainedAsTokenRequestDto as U, ChainedAsTokenResponseDto as V, ClaimDisplayInfo as W, ClaimMetadata as X, ClaimsQuery as Y, ClientControllerCreateClientData as Z, ClientControllerCreateClientResponse as _, AllowListPolicy as a, DeferredControllerCompleteDeferredResponses as a$, ClientControllerDeleteClientData as a0, ClientControllerDeleteClientResponses as a1, ClientControllerGetClientData as a2, ClientControllerGetClientResponse as a3, ClientControllerGetClientResponses as a4, ClientControllerGetClientSecretData as a5, ClientControllerGetClientSecretResponse as a6, ClientControllerGetClientSecretResponses as a7, ClientControllerGetClientsData as a8, ClientControllerGetClientsResponse as a9, CredentialConfigControllerGetConfigByIdResponses as aA, CredentialConfigControllerGetConfigsData as aB, CredentialConfigControllerGetConfigsResponse as aC, CredentialConfigControllerGetConfigsResponses as aD, CredentialConfigControllerSignSchemaMetaConfigData as aE, CredentialConfigControllerSignSchemaMetaConfigErrors as aF, CredentialConfigControllerSignSchemaMetaConfigResponses as aG, CredentialConfigControllerSignVersionSchemaMetaConfigData as aH, CredentialConfigControllerSignVersionSchemaMetaConfigErrors as aI, CredentialConfigControllerSignVersionSchemaMetaConfigResponses as aJ, CredentialConfigControllerStoreCredentialConfigurationData as aK, CredentialConfigControllerStoreCredentialConfigurationResponse as aL, CredentialConfigControllerStoreCredentialConfigurationResponses as aM, CredentialConfigControllerUpdateCredentialConfigurationData as aN, CredentialConfigControllerUpdateCredentialConfigurationResponse as aO, CredentialConfigControllerUpdateCredentialConfigurationResponses as aP, CredentialConfigCreate as aQ, CredentialConfigUpdate as aR, CredentialOfferControllerGetOfferData as aS, CredentialOfferControllerGetOfferResponse as aT, CredentialOfferControllerGetOfferResponses as aU, CredentialQuery as aV, CredentialSetQuery as aW, Dcql as aX, DeferredControllerCompleteDeferredData as aY, DeferredControllerCompleteDeferredErrors as aZ, DeferredControllerCompleteDeferredResponse as a_, ClientControllerGetClientsResponses as aa, ClientControllerRotateClientSecretData as ab, ClientControllerRotateClientSecretResponse as ac, ClientControllerRotateClientSecretResponses as ad, ClientControllerUpdateClientData as ae, ClientControllerUpdateClientResponse as af, ClientControllerUpdateClientResponses as ag, ClientCredentialsDto as ah, ClientEntity as ai, ClientOptions as aj, ClientSecretResponseDto as ak, CompleteDeferredDto as al, CreateAccessCertificateDto as am, CreateAttributeProviderDto as an, CreateClientDto as ao, CreateRegistrarConfigDto as ap, CreateStatusListDto as aq, CreateTenantDto as ar, CreateUserDto as as, CreateWebhookEndpointDto as at, CredentialConfig as au, CredentialConfigControllerDeleteIssuanceConfigurationData as av, CredentialConfigControllerDeleteIssuanceConfigurationResponse as aw, CredentialConfigControllerDeleteIssuanceConfigurationResponses as ax, CredentialConfigControllerGetConfigByIdData as ay, CredentialConfigControllerGetConfigByIdResponse as az, ApiKeyConfig as b, KeyChainControllerUpdateData as b$, DeferredControllerFailDeferredData as b0, DeferredControllerFailDeferredErrors as b1, DeferredControllerFailDeferredResponse as b2, DeferredControllerFailDeferredResponses as b3, DeferredCredentialRequestDto as b4, DeferredOperationResponse as b5, DeprecateSchemaMetadataDto as b6, Display as b7, DisplayImage as b8, DisplayInfo as b9, IssuerMetadataCredentialConfig as bA, JwksResponseDto as bB, KeyAttestationsRequired as bC, KeyChainControllerCreateData as bD, KeyChainControllerCreateResponses as bE, KeyChainControllerDeleteData as bF, KeyChainControllerDeleteErrors as bG, KeyChainControllerDeleteResponses as bH, KeyChainControllerExportData as bI, KeyChainControllerExportErrors as bJ, KeyChainControllerExportResponse as bK, KeyChainControllerExportResponses as bL, KeyChainControllerGetAllData as bM, KeyChainControllerGetAllResponse as bN, KeyChainControllerGetAllResponses as bO, KeyChainControllerGetByIdData as bP, KeyChainControllerGetByIdErrors as bQ, KeyChainControllerGetByIdResponse as bR, KeyChainControllerGetByIdResponses as bS, KeyChainControllerGetProvidersData as bT, KeyChainControllerGetProvidersResponse as bU, KeyChainControllerGetProvidersResponses as bV, KeyChainControllerImportData as bW, KeyChainControllerImportResponses as bX, KeyChainControllerRotateData as bY, KeyChainControllerRotateErrors as bZ, KeyChainControllerRotateResponses as b_, DisplayLogo as ba, EcJwk as bb, EcPublic as bc, EmbeddedDisclosurePolicy as bd, ExportEcJwk as be, ExportRotationPolicyDto as bf, ExternalTrustListEntity as bg, FailDeferredDto as bh, FileUploadDto as bi, FrontendConfigResponseDto as bj, GrafanaConfigDto as bk, IaeActionOpenid4VpPresentation as bl, IaeActionRedirectToWeb as bm, ImportTenantDto as bn, InteractiveAuthorizationCodeResponseDto as bo, InteractiveAuthorizationErrorResponseDto as bp, InteractiveAuthorizationRequestDto as bq, InternalTrustListEntity as br, IssuanceConfig as bs, IssuanceConfigControllerGetIssuanceConfigurationsData as bt, IssuanceConfigControllerGetIssuanceConfigurationsResponse as bu, IssuanceConfigControllerGetIssuanceConfigurationsResponses as bv, IssuanceConfigControllerStoreIssuanceConfigurationData as bw, IssuanceConfigControllerStoreIssuanceConfigurationResponse as bx, IssuanceConfigControllerStoreIssuanceConfigurationResponses as by, IssuanceDto as bz, AppControllerGetFrontendConfigData as c, RegistrarControllerDeleteConfigData as c$, KeyChainControllerUpdateErrors as c0, KeyChainControllerUpdateResponses as c1, KeyChainCreateDto as c2, KeyChainEntity as c3, KeyChainExportDto as c4, KeyChainImportDto as c5, KeyChainResponseDto as c6, KeyChainUpdateDto as c7, KmsProviderCapabilitiesDto as c8, KmsProviderInfoDto as c9, PresentationManagementControllerListSchemaMetadataCatalogResponses as cA, PresentationManagementControllerReissueRegistrationCertificateData as cB, PresentationManagementControllerReissueRegistrationCertificateErrors as cC, PresentationManagementControllerReissueRegistrationCertificateResponses as cD, PresentationManagementControllerResolveIssuerMetadataData as cE, PresentationManagementControllerResolveIssuerMetadataErrors as cF, PresentationManagementControllerResolveIssuerMetadataResponses as cG, PresentationManagementControllerResolveSchemaMetadataData as cH, PresentationManagementControllerResolveSchemaMetadataErrors as cI, PresentationManagementControllerResolveSchemaMetadataResponses as cJ, PresentationManagementControllerStorePresentationConfigData as cK, PresentationManagementControllerStorePresentationConfigResponse as cL, PresentationManagementControllerStorePresentationConfigResponses as cM, PresentationManagementControllerUpdateConfigurationData as cN, PresentationManagementControllerUpdateConfigurationResponse as cO, PresentationManagementControllerUpdateConfigurationResponses as cP, PresentationRequest as cQ, PublicKeyInfoDto as cR, RegistrarConfigResponseDto as cS, RegistrarControllerCreateAccessCertificateData as cT, RegistrarControllerCreateAccessCertificateErrors as cU, RegistrarControllerCreateAccessCertificateResponse as cV, RegistrarControllerCreateAccessCertificateResponses as cW, RegistrarControllerCreateConfigData as cX, RegistrarControllerCreateConfigErrors as cY, RegistrarControllerCreateConfigResponse as cZ, RegistrarControllerCreateConfigResponses as c_, KmsProvidersResponseDto as ca, ManagedUserDto as cb, MetadataSchemaDto as cc, NoneTrustPolicy as cd, NotificationRequestDto as ce, Object$1 as cf, ObjectWritable as cg, OfferRequestDto as ch, OfferResponse as ci, ParResponseDto as cj, PolicyCredential as ck, PresentationAttachment as cl, PresentationConfig as cm, PresentationConfigCreateDto as cn, PresentationConfigUpdateDto as co, PresentationConfigWritable as cp, PresentationDuringIssuanceConfig as cq, PresentationManagementControllerConfigurationData as cr, PresentationManagementControllerConfigurationResponse as cs, PresentationManagementControllerConfigurationResponses as ct, PresentationManagementControllerDeleteConfigurationData as cu, PresentationManagementControllerDeleteConfigurationResponses as cv, PresentationManagementControllerGetConfigurationData as cw, PresentationManagementControllerGetConfigurationResponse as cx, PresentationManagementControllerGetConfigurationResponses as cy, PresentationManagementControllerListSchemaMetadataCatalogData as cz, AppControllerGetFrontendConfigResponse as d, SessionConfigControllerResetConfigData as d$, RegistrarControllerDeleteConfigResponse as d0, RegistrarControllerDeleteConfigResponses as d1, RegistrarControllerGetConfigData as d2, RegistrarControllerGetConfigErrors as d3, RegistrarControllerGetConfigResponse as d4, RegistrarControllerGetConfigResponses as d5, RegistrarControllerUpdateConfigData as d6, RegistrarControllerUpdateConfigErrors as d7, RegistrarControllerUpdateConfigResponse as d8, RegistrarControllerUpdateConfigResponses as d9, SchemaMetadataControllerGetJwtData as dA, SchemaMetadataControllerGetJwtResponse as dB, SchemaMetadataControllerGetJwtResponses as dC, SchemaMetadataControllerGetLatestData as dD, SchemaMetadataControllerGetLatestResponse as dE, SchemaMetadataControllerGetLatestResponses as dF, SchemaMetadataControllerGetSchemaData as dG, SchemaMetadataControllerGetSchemaResponse as dH, SchemaMetadataControllerGetSchemaResponses as dI, SchemaMetadataControllerGetVersionsData as dJ, SchemaMetadataControllerGetVersionsResponse as dK, SchemaMetadataControllerGetVersionsResponses as dL, SchemaMetadataControllerGetVocabulariesData as dM, SchemaMetadataControllerGetVocabulariesResponse as dN, SchemaMetadataControllerGetVocabulariesResponses as dO, SchemaMetadataControllerRemoveData as dP, SchemaMetadataControllerRemoveResponses as dQ, SchemaMetadataControllerUpdateData as dR, SchemaMetadataControllerUpdateResponse as dS, SchemaMetadataControllerUpdateResponses as dT, SchemaMetadataResponseDto as dU, SchemaMetadataVocabulariesDto as dV, SchemaResponse as dW, SchemaUriEntry as dX, SessionConfigControllerGetConfigData as dY, SessionConfigControllerGetConfigResponse as dZ, SessionConfigControllerGetConfigResponses as d_, RegistrationCertificateBody as da, RegistrationCertificateDefaults as db, RegistrationCertificatePurpose as dc, RegistrationCertificateRequest as dd, ResolveIssuerMetadataDto as de, ResolveSchemaMetadataDto as df, RoleDto as dg, RootOfTrustPolicy as dh, RotationPolicyCreateDto as di, RotationPolicyImportDto as dj, RotationPolicyResponseDto as dk, RotationPolicyUpdateDto as dl, SchemaMetaConfig as dm, SchemaMetadataControllerDeprecateVersionData as dn, SchemaMetadataControllerDeprecateVersionResponse as dp, SchemaMetadataControllerDeprecateVersionResponses as dq, SchemaMetadataControllerExportData as dr, SchemaMetadataControllerExportResponse as ds, SchemaMetadataControllerExportResponses as dt, SchemaMetadataControllerFindAllData as du, SchemaMetadataControllerFindAllResponse as dv, SchemaMetadataControllerFindAllResponses as dw, SchemaMetadataControllerFindOneData as dx, SchemaMetadataControllerFindOneResponse as dy, SchemaMetadataControllerFindOneResponses as dz, AppControllerGetFrontendConfigResponses as e, TenantControllerInitTenantData as e$, SessionConfigControllerResetConfigResponses as e0, SessionConfigControllerUpdateConfigData as e1, SessionConfigControllerUpdateConfigResponse as e2, SessionConfigControllerUpdateConfigResponses as e3, SessionControllerDeleteSessionData as e4, SessionControllerDeleteSessionResponses as e5, SessionControllerGetAllSessionsData as e6, SessionControllerGetAllSessionsResponse as e7, SessionControllerGetAllSessionsResponses as e8, SessionControllerGetSessionData as e9, StatusListManagementControllerCreateListResponse as eA, StatusListManagementControllerCreateListResponses as eB, StatusListManagementControllerDeleteListData as eC, StatusListManagementControllerDeleteListResponse as eD, StatusListManagementControllerDeleteListResponses as eE, StatusListManagementControllerGetListData as eF, StatusListManagementControllerGetListResponse as eG, StatusListManagementControllerGetListResponses as eH, StatusListManagementControllerGetListsData as eI, StatusListManagementControllerGetListsResponse as eJ, StatusListManagementControllerGetListsResponses as eK, StatusListManagementControllerUpdateListData as eL, StatusListManagementControllerUpdateListResponse as eM, StatusListManagementControllerUpdateListResponses as eN, StatusListResponseDto as eO, StatusUpdateDto as eP, StorageControllerUploadData as eQ, StorageControllerUploadResponse as eR, StorageControllerUploadResponses as eS, TenantControllerDeleteTenantData as eT, TenantControllerDeleteTenantResponses as eU, TenantControllerGetTenantData as eV, TenantControllerGetTenantResponse as eW, TenantControllerGetTenantResponses as eX, TenantControllerGetTenantsData as eY, TenantControllerGetTenantsResponse as eZ, TenantControllerGetTenantsResponses as e_, SessionControllerGetSessionLogsData as ea, SessionControllerGetSessionLogsResponse as eb, SessionControllerGetSessionLogsResponses as ec, SessionControllerGetSessionResponse as ed, SessionControllerGetSessionResponses as ee, SessionControllerRevokeAllData as ef, SessionControllerRevokeAllResponses as eg, SessionEventsControllerSubscribeToSessionEventsData as eh, SessionEventsControllerSubscribeToSessionEventsResponses as ei, SessionLogEntryResponseDto as ej, SessionStorageConfig as ek, SignSchemaMetaConfigDto as el, SignVersionSchemaMetaConfigDto as em, StatusListAggregationDto as en, StatusListConfig as eo, StatusListConfigControllerGetConfigData as ep, StatusListConfigControllerGetConfigResponse as eq, StatusListConfigControllerGetConfigResponses as er, StatusListConfigControllerResetConfigData as es, StatusListConfigControllerResetConfigResponse as et, StatusListConfigControllerResetConfigResponses as eu, StatusListConfigControllerUpdateConfigData as ev, StatusListConfigControllerUpdateConfigResponse as ew, StatusListConfigControllerUpdateConfigResponses as ex, StatusListImportDto as ey, StatusListManagementControllerCreateListData as ez, AppControllerGetVersionData as f, Vct as f$, TenantControllerInitTenantResponse as f0, TenantControllerInitTenantResponses as f1, TenantControllerUpdateTenantData as f2, TenantControllerUpdateTenantResponse as f3, TenantControllerUpdateTenantResponses as f4, TenantEntity as f5, TokenResponse as f6, TransactionData as f7, TrustAuthorityDto as f8, TrustAuthorityEntry as f9, TrustListVersion as fA, TrustedAuthorityQuery as fB, UpdateAttributeProviderDto as fC, UpdateClientDto as fD, UpdateRegistrarConfigDto as fE, UpdateSchemaMetadataDto as fF, UpdateSessionConfigDto as fG, UpdateStatusListConfigDto as fH, UpdateStatusListDto as fI, UpdateTenantDto as fJ, UpdateUserDto as fK, UpdateWebhookEndpointDto as fL, UpstreamOidcConfig as fM, UserControllerCreateUserData as fN, UserControllerCreateUserResponse as fO, UserControllerCreateUserResponses as fP, UserControllerDeleteUserData as fQ, UserControllerDeleteUserResponses as fR, UserControllerGetUserData as fS, UserControllerGetUserResponse as fT, UserControllerGetUserResponses as fU, UserControllerGetUsersData as fV, UserControllerGetUsersResponse as fW, UserControllerGetUsersResponses as fX, UserControllerUpdateUserData as fY, UserControllerUpdateUserResponse as fZ, UserControllerUpdateUserResponses as f_, TrustList as fa, TrustListControllerCreateTrustListData as fb, TrustListControllerCreateTrustListResponse as fc, TrustListControllerCreateTrustListResponses as fd, TrustListControllerDeleteTrustListData as fe, TrustListControllerDeleteTrustListResponses as ff, TrustListControllerExportTrustListData as fg, TrustListControllerExportTrustListResponse as fh, TrustListControllerExportTrustListResponses as fi, TrustListControllerGetAllTrustListsData as fj, TrustListControllerGetAllTrustListsResponse as fk, TrustListControllerGetAllTrustListsResponses as fl, TrustListControllerGetTrustListData as fm, TrustListControllerGetTrustListResponse as fn, TrustListControllerGetTrustListResponses as fo, TrustListControllerGetTrustListVersionData as fp, TrustListControllerGetTrustListVersionResponse as fq, TrustListControllerGetTrustListVersionResponses as fr, TrustListControllerGetTrustListVersionsData as fs, TrustListControllerGetTrustListVersionsResponse as ft, TrustListControllerGetTrustListVersionsResponses as fu, TrustListControllerUpdateTrustListData as fv, TrustListControllerUpdateTrustListResponse as fw, TrustListControllerUpdateTrustListResponses as fx, TrustListCreateDto as fy, TrustListEntityInfo as fz, AppControllerGetVersionResponses as g, VerifierOfferControllerGetOfferData as g0, VerifierOfferControllerGetOfferResponse as g1, VerifierOfferControllerGetOfferResponses as g2, VocabularyEntryDto as g3, WebHookAuthConfigHeader as g4, WebHookAuthConfigNone as g5, WebhookConfig as g6, WebhookEndpointControllerCreateData as g7, WebhookEndpointControllerCreateResponses as g8, WebhookEndpointControllerDeleteData as g9, WebhookEndpointControllerDeleteErrors as ga, WebhookEndpointControllerDeleteResponses as gb, WebhookEndpointControllerGetAllData as gc, WebhookEndpointControllerGetAllResponse as gd, WebhookEndpointControllerGetAllResponses as ge, WebhookEndpointControllerGetByIdData as gf, WebhookEndpointControllerGetByIdErrors as gg, WebhookEndpointControllerGetByIdResponses as gh, WebhookEndpointControllerUpdateData as gi, WebhookEndpointControllerUpdateErrors as gj, WebhookEndpointControllerUpdateResponses as gk, WebhookEndpointEntity as gl, AttestationBasedPolicy as h, AttributeProviderControllerCreateData as i, AttributeProviderControllerCreateResponses as j, AttributeProviderControllerDeleteData as k, AttributeProviderControllerDeleteErrors as l, AttributeProviderControllerDeleteResponses as m, AttributeProviderControllerGetAllData as n, AttributeProviderControllerGetAllResponses as o, AttributeProviderControllerGetByIdData as p, AttributeProviderControllerGetByIdErrors as q, AttributeProviderControllerGetByIdResponses as r, AttributeProviderControllerUpdateData as s, AttributeProviderControllerUpdateErrors as t, AttributeProviderControllerUpdateResponses as u, AttributeProviderEntity as v, AuthenticationMethodAuth as w, AuthenticationMethodNone as x, AuthenticationMethodPresentation as y, AuthenticationUrlConfig as z };
+export type { ChainedAsParResponseDto as $, AccessCertificateRefDto as A, AuthControllerGetOAuth2TokenData as B, ClientOptions as C, AuthControllerGetOAuth2TokenErrors as D, AuthControllerGetOAuth2TokenResponse as E, AuthControllerGetOAuth2TokenResponses as F, AuthenticationMethodAuth as G, AuthenticationMethodNone as H, AuthenticationMethodPresentation as I, AuthenticationUrlConfig as J, AuthorizationResponse as K, AuthorizeQueries as L, CacheControllerClearAllCachesData as M, CacheControllerClearAllCachesResponse as N, CacheControllerClearAllCachesResponses as O, CacheControllerClearStatusListCacheData as P, CacheControllerClearStatusListCacheResponse as Q, CacheControllerClearStatusListCacheResponses as R, Session as S, CacheControllerClearTrustListCacheData as T, CacheControllerClearTrustListCacheResponse as U, CacheControllerClearTrustListCacheResponses as V, CacheControllerGetStatsData as W, CacheControllerGetStatsResponses as X, CertificateInfoDto as Y, ChainedAsConfig as Z, ChainedAsErrorResponseDto as _, AllowListPolicy as a, DeferredControllerCompleteDeferredResponse as a$, ChainedAsTokenConfig as a0, ChainedAsTokenRequestDto as a1, ChainedAsTokenResponseDto as a2, ClaimFieldDefinitionDto as a3, ClaimsQuery as a4, ClientControllerCreateClientData as a5, ClientControllerCreateClientResponse as a6, ClientControllerCreateClientResponses as a7, ClientControllerDeleteClientData as a8, ClientControllerDeleteClientResponses as a9, CreateWebhookEndpointDto as aA, CredentialConfig as aB, CredentialConfigControllerDeleteIssuanceConfigurationData as aC, CredentialConfigControllerDeleteIssuanceConfigurationResponse as aD, CredentialConfigControllerDeleteIssuanceConfigurationResponses as aE, CredentialConfigControllerGetConfigByIdData as aF, CredentialConfigControllerGetConfigByIdResponse as aG, CredentialConfigControllerGetConfigByIdResponses as aH, CredentialConfigControllerGetConfigsData as aI, CredentialConfigControllerGetConfigsResponse as aJ, CredentialConfigControllerGetConfigsResponses as aK, CredentialConfigControllerStoreCredentialConfigurationData as aL, CredentialConfigControllerStoreCredentialConfigurationResponse as aM, CredentialConfigControllerStoreCredentialConfigurationResponses as aN, CredentialConfigControllerUpdateCredentialConfigurationData as aO, CredentialConfigControllerUpdateCredentialConfigurationResponse as aP, CredentialConfigControllerUpdateCredentialConfigurationResponses as aQ, CredentialConfigCreate as aR, CredentialConfigUpdate as aS, CredentialOfferControllerGetOfferData as aT, CredentialOfferControllerGetOfferResponse as aU, CredentialOfferControllerGetOfferResponses as aV, CredentialQuery as aW, CredentialSetQuery as aX, Dcql as aY, DeferredControllerCompleteDeferredData as aZ, DeferredControllerCompleteDeferredErrors as a_, ClientControllerGetClientData as aa, ClientControllerGetClientResponse as ab, ClientControllerGetClientResponses as ac, ClientControllerGetClientSecretData as ad, ClientControllerGetClientSecretResponse as ae, ClientControllerGetClientSecretResponses as af, ClientControllerGetClientsData as ag, ClientControllerGetClientsResponse as ah, ClientControllerGetClientsResponses as ai, ClientControllerRotateClientSecretData as aj, ClientControllerRotateClientSecretResponse as ak, ClientControllerRotateClientSecretResponses as al, ClientControllerUpdateClientData as am, ClientControllerUpdateClientResponse as an, ClientControllerUpdateClientResponses as ao, ClientCredentialsDto as ap, ClientEntity as aq, ClientSecretResponseDto as ar, CompleteDeferredDto as as, CreateAccessCertificateDto as at, CreateAttributeProviderDto as au, CreateClientDto as av, CreateRegistrarConfigDto as aw, CreateStatusListDto as ax, CreateTenantDto as ay, CreateUserDto as az, ApiKeyConfig as b, KeyChainControllerGetProvidersResponses as b$, DeferredControllerCompleteDeferredResponses as b0, DeferredControllerFailDeferredData as b1, DeferredControllerFailDeferredErrors as b2, DeferredControllerFailDeferredResponse as b3, DeferredControllerFailDeferredResponses as b4, DeferredCredentialRequestDto as b5, DeferredOperationResponse as b6, DeprecateSchemaMetadataDto as b7, Display as b8, DisplayImage as b9, IssuanceConfigControllerStoreIssuanceConfigurationData as bA, IssuanceConfigControllerStoreIssuanceConfigurationResponse as bB, IssuanceConfigControllerStoreIssuanceConfigurationResponses as bC, IssuanceDto as bD, IssuerMetadataCredentialConfig as bE, JwksResponseDto as bF, KeyAttestationsRequired as bG, KeyChainControllerCreateData as bH, KeyChainControllerCreateResponses as bI, KeyChainControllerDeleteData as bJ, KeyChainControllerDeleteErrors as bK, KeyChainControllerDeleteResponses as bL, KeyChainControllerExportData as bM, KeyChainControllerExportErrors as bN, KeyChainControllerExportResponse as bO, KeyChainControllerExportResponses as bP, KeyChainControllerGetAllData as bQ, KeyChainControllerGetAllResponse as bR, KeyChainControllerGetAllResponses as bS, KeyChainControllerGetByIdData as bT, KeyChainControllerGetByIdErrors as bU, KeyChainControllerGetByIdResponse as bV, KeyChainControllerGetByIdResponses as bW, KeyChainControllerGetProvidersData as bX, KeyChainControllerGetProvidersHealthData as bY, KeyChainControllerGetProvidersHealthResponses as bZ, KeyChainControllerGetProvidersResponse as b_, DisplayInfo as ba, DisplayLogo as bb, EcJwk as bc, EcPublic as bd, EmbeddedDisclosurePolicy as be, ExportEcJwk as bf, ExportRotationPolicyDto as bg, ExternalTrustListEntity as bh, FailDeferredDto as bi, FederationConfig as bj, FederationTrustAnchorConfig as bk, FieldDisplayDto as bl, FileUploadDto as bm, FrontendConfigResponseDto as bn, GrafanaConfigDto as bo, IaeActionOpenid4VpPresentation as bp, IaeActionRedirectToWeb as bq, ImportTenantDto as br, InteractiveAuthorizationCodeResponseDto as bs, InteractiveAuthorizationErrorResponseDto as bt, InteractiveAuthorizationRequestDto as bu, InternalTrustListEntity as bv, IssuanceConfig as bw, IssuanceConfigControllerGetIssuanceConfigurationsData as bx, IssuanceConfigControllerGetIssuanceConfigurationsResponse as by, IssuanceConfigControllerGetIssuanceConfigurationsResponses as bz, AppControllerGetFrontendConfigData as c, RegistrarControllerCreateAccessCertificateErrors as c$, KeyChainControllerImportData as c0, KeyChainControllerImportResponses as c1, KeyChainControllerRotateData as c2, KeyChainControllerRotateErrors as c3, KeyChainControllerRotateResponses as c4, KeyChainControllerUpdateData as c5, KeyChainControllerUpdateErrors as c6, KeyChainControllerUpdateResponses as c7, KeyChainCreateDto as c8, KeyChainEntity as c9, PresentationManagementControllerConfigurationResponses as cA, PresentationManagementControllerDeleteConfigurationData as cB, PresentationManagementControllerDeleteConfigurationResponses as cC, PresentationManagementControllerGetConfigurationData as cD, PresentationManagementControllerGetConfigurationResponse as cE, PresentationManagementControllerGetConfigurationResponses as cF, PresentationManagementControllerListSchemaMetadataCatalogData as cG, PresentationManagementControllerListSchemaMetadataCatalogResponses as cH, PresentationManagementControllerReissueRegistrationCertificateData as cI, PresentationManagementControllerReissueRegistrationCertificateErrors as cJ, PresentationManagementControllerReissueRegistrationCertificateResponses as cK, PresentationManagementControllerResolveIssuerMetadataData as cL, PresentationManagementControllerResolveIssuerMetadataErrors as cM, PresentationManagementControllerResolveIssuerMetadataResponses as cN, PresentationManagementControllerResolveSchemaMetadataData as cO, PresentationManagementControllerResolveSchemaMetadataErrors as cP, PresentationManagementControllerResolveSchemaMetadataResponses as cQ, PresentationManagementControllerStorePresentationConfigData as cR, PresentationManagementControllerStorePresentationConfigResponse as cS, PresentationManagementControllerStorePresentationConfigResponses as cT, PresentationManagementControllerUpdateConfigurationData as cU, PresentationManagementControllerUpdateConfigurationResponse as cV, PresentationManagementControllerUpdateConfigurationResponses as cW, PresentationRequest as cX, PublicKeyInfoDto as cY, RegistrarConfigResponseDto as cZ, RegistrarControllerCreateAccessCertificateData as c_, KeyChainExportDto as ca, KeyChainImportDto as cb, KeyChainResponseDto as cc, KeyChainUpdateDto as cd, KmsProviderCapabilitiesDto as ce, KmsProviderInfoDto as cf, KmsProvidersResponseDto as cg, ManagedUserDto as ch, MetadataSchemaDto as ci, NoneTrustPolicy as cj, NotificationRequestDto as ck, Object$1 as cl, ObjectWritable as cm, OfferRequestDto as cn, OfferResponse as co, PaginatedSessionResponseDto as cp, ParResponseDto as cq, PolicyCredential as cr, PresentationAttachment as cs, PresentationConfig as ct, PresentationConfigCreateDto as cu, PresentationConfigUpdateDto as cv, PresentationConfigWritable as cw, PresentationDuringIssuanceConfig as cx, PresentationManagementControllerConfigurationData as cy, PresentationManagementControllerConfigurationResponse as cz, AppControllerGetFrontendConfigResponse as d, SchemaMetadataControllerSignVersionSchemaMetaConfigData as d$, RegistrarControllerCreateAccessCertificateResponse as d0, RegistrarControllerCreateAccessCertificateResponses as d1, RegistrarControllerCreateConfigData as d2, RegistrarControllerCreateConfigErrors as d3, RegistrarControllerCreateConfigResponse as d4, RegistrarControllerCreateConfigResponses as d5, RegistrarControllerDeleteConfigData as d6, RegistrarControllerDeleteConfigResponse as d7, RegistrarControllerDeleteConfigResponses as d8, RegistrarControllerGetConfigData as d9, SchemaMetadataControllerExportResponses as dA, SchemaMetadataControllerFindAllData as dB, SchemaMetadataControllerFindAllResponse as dC, SchemaMetadataControllerFindAllResponses as dD, SchemaMetadataControllerFindOneData as dE, SchemaMetadataControllerFindOneResponse as dF, SchemaMetadataControllerFindOneResponses as dG, SchemaMetadataControllerGetJwtData as dH, SchemaMetadataControllerGetJwtResponse as dI, SchemaMetadataControllerGetJwtResponses as dJ, SchemaMetadataControllerGetLatestData as dK, SchemaMetadataControllerGetLatestResponse as dL, SchemaMetadataControllerGetLatestResponses as dM, SchemaMetadataControllerGetSchemaData as dN, SchemaMetadataControllerGetSchemaResponse as dO, SchemaMetadataControllerGetSchemaResponses as dP, SchemaMetadataControllerGetVersionsData as dQ, SchemaMetadataControllerGetVersionsResponse as dR, SchemaMetadataControllerGetVersionsResponses as dS, SchemaMetadataControllerGetVocabulariesData as dT, SchemaMetadataControllerGetVocabulariesResponse as dU, SchemaMetadataControllerGetVocabulariesResponses as dV, SchemaMetadataControllerRemoveData as dW, SchemaMetadataControllerRemoveResponses as dX, SchemaMetadataControllerSignSchemaMetaConfigData as dY, SchemaMetadataControllerSignSchemaMetaConfigErrors as dZ, SchemaMetadataControllerSignSchemaMetaConfigResponses as d_, RegistrarControllerGetConfigErrors as da, RegistrarControllerGetConfigResponse as db, RegistrarControllerGetConfigResponses as dc, RegistrarControllerUpdateConfigData as dd, RegistrarControllerUpdateConfigErrors as de, RegistrarControllerUpdateConfigResponse as df, RegistrarControllerUpdateConfigResponses as dg, RegistrationCertificateBody as dh, RegistrationCertificateDefaults as di, RegistrationCertificatePurpose as dj, RegistrationCertificateRequest as dk, ResolveIssuerMetadataDto as dl, ResolveSchemaMetadataDto as dm, RoleDto as dn, RootOfTrustPolicy as dp, RotationPolicyCreateDto as dq, RotationPolicyImportDto as dr, RotationPolicyResponseDto as ds, RotationPolicyUpdateDto as dt, SchemaMetaConfig as du, SchemaMetadataControllerDeprecateVersionData as dv, SchemaMetadataControllerDeprecateVersionResponse as dw, SchemaMetadataControllerDeprecateVersionResponses as dx, SchemaMetadataControllerExportData as dy, SchemaMetadataControllerExportResponse as dz, AppControllerGetFrontendConfigResponses as e, StatusUpdateDto as e$, SchemaMetadataControllerSignVersionSchemaMetaConfigErrors as e0, SchemaMetadataControllerSignVersionSchemaMetaConfigResponses as e1, SchemaMetadataControllerUpdateData as e2, SchemaMetadataControllerUpdateResponse as e3, SchemaMetadataControllerUpdateResponses as e4, SchemaMetadataResponseDto as e5, SchemaMetadataVocabulariesDto as e6, SchemaUriEntry as e7, SessionConfigControllerGetConfigData as e8, SessionConfigControllerGetConfigResponse as e9, StatusListConfig as eA, StatusListConfigControllerGetConfigData as eB, StatusListConfigControllerGetConfigResponse as eC, StatusListConfigControllerGetConfigResponses as eD, StatusListConfigControllerResetConfigData as eE, StatusListConfigControllerResetConfigResponse as eF, StatusListConfigControllerResetConfigResponses as eG, StatusListConfigControllerUpdateConfigData as eH, StatusListConfigControllerUpdateConfigResponse as eI, StatusListConfigControllerUpdateConfigResponses as eJ, StatusListImportDto as eK, StatusListManagementControllerCreateListData as eL, StatusListManagementControllerCreateListResponse as eM, StatusListManagementControllerCreateListResponses as eN, StatusListManagementControllerDeleteListData as eO, StatusListManagementControllerDeleteListResponse as eP, StatusListManagementControllerDeleteListResponses as eQ, StatusListManagementControllerGetListData as eR, StatusListManagementControllerGetListResponse as eS, StatusListManagementControllerGetListResponses as eT, StatusListManagementControllerGetListsData as eU, StatusListManagementControllerGetListsResponse as eV, StatusListManagementControllerGetListsResponses as eW, StatusListManagementControllerUpdateListData as eX, StatusListManagementControllerUpdateListResponse as eY, StatusListManagementControllerUpdateListResponses as eZ, StatusListResponseDto as e_, SessionConfigControllerGetConfigResponses as ea, SessionConfigControllerResetConfigData as eb, SessionConfigControllerResetConfigResponses as ec, SessionConfigControllerUpdateConfigData as ed, SessionConfigControllerUpdateConfigResponse as ee, SessionConfigControllerUpdateConfigResponses as ef, SessionControllerDeleteSessionData as eg, SessionControllerDeleteSessionResponses as eh, SessionControllerGetAllSessionsData as ei, SessionControllerGetAllSessionsResponse as ej, SessionControllerGetAllSessionsResponses as ek, SessionControllerGetSessionData as el, SessionControllerGetSessionLogsData as em, SessionControllerGetSessionLogsResponse as en, SessionControllerGetSessionLogsResponses as eo, SessionControllerGetSessionResponse as ep, SessionControllerGetSessionResponses as eq, SessionControllerRevokeAllData as er, SessionControllerRevokeAllResponses as es, SessionEventsControllerSubscribeToSessionEventsData as et, SessionEventsControllerSubscribeToSessionEventsResponses as eu, SessionLogEntryResponseDto as ev, SessionStorageConfig as ew, SignSchemaMetaConfigDto as ex, SignVersionSchemaMetaConfigDto as ey, StatusListAggregationDto as ez, AppControllerGetVersionData as f, UserControllerCreateUserResponses as f$, StorageControllerUploadData as f0, StorageControllerUploadResponse as f1, StorageControllerUploadResponses as f2, TenantControllerDeleteTenantData as f3, TenantControllerDeleteTenantResponses as f4, TenantControllerGetTenantData as f5, TenantControllerGetTenantResponse as f6, TenantControllerGetTenantResponses as f7, TenantControllerGetTenantsData as f8, TenantControllerGetTenantsResponse as f9, TrustListControllerGetTrustListResponses as fA, TrustListControllerGetTrustListVersionData as fB, TrustListControllerGetTrustListVersionResponse as fC, TrustListControllerGetTrustListVersionResponses as fD, TrustListControllerGetTrustListVersionsData as fE, TrustListControllerGetTrustListVersionsResponse as fF, TrustListControllerGetTrustListVersionsResponses as fG, TrustListControllerUpdateTrustListData as fH, TrustListControllerUpdateTrustListResponse as fI, TrustListControllerUpdateTrustListResponses as fJ, TrustListCreateDto as fK, TrustListEntityInfo as fL, TrustListVersion as fM, TrustedAuthorityQuery as fN, UpdateAttributeProviderDto as fO, UpdateClientDto as fP, UpdateRegistrarConfigDto as fQ, UpdateSchemaMetadataDto as fR, UpdateSessionConfigDto as fS, UpdateStatusListConfigDto as fT, UpdateStatusListDto as fU, UpdateTenantDto as fV, UpdateUserDto as fW, UpdateWebhookEndpointDto as fX, UpstreamOidcConfig as fY, UserControllerCreateUserData as fZ, UserControllerCreateUserResponse as f_, TenantControllerGetTenantsResponses as fa, TenantControllerInitTenantData as fb, TenantControllerInitTenantResponse as fc, TenantControllerInitTenantResponses as fd, TenantControllerUpdateTenantData as fe, TenantControllerUpdateTenantResponse as ff, TenantControllerUpdateTenantResponses as fg, TenantEntity as fh, TokenResponse as fi, TransactionData as fj, TrustAuthorityDto as fk, TrustAuthorityEntry as fl, TrustList as fm, TrustListControllerCreateTrustListData as fn, TrustListControllerCreateTrustListResponse as fo, TrustListControllerCreateTrustListResponses as fp, TrustListControllerDeleteTrustListData as fq, TrustListControllerDeleteTrustListResponses as fr, TrustListControllerExportTrustListData as fs, TrustListControllerExportTrustListResponse as ft, TrustListControllerExportTrustListResponses as fu, TrustListControllerGetAllTrustListsData as fv, TrustListControllerGetAllTrustListsResponse as fw, TrustListControllerGetAllTrustListsResponses as fx, TrustListControllerGetTrustListData as fy, TrustListControllerGetTrustListResponse as fz, AppControllerGetVersionResponses as g, UserControllerDeleteUserData as g0, UserControllerDeleteUserResponses as g1, UserControllerGetUserData as g2, UserControllerGetUserResponse as g3, UserControllerGetUserResponses as g4, UserControllerGetUsersData as g5, UserControllerGetUsersResponse as g6, UserControllerGetUsersResponses as g7, UserControllerUpdateUserData as g8, UserControllerUpdateUserResponse as g9, UserControllerUpdateUserResponses as ga, Vct as gb, VerifierOfferControllerGetOfferData as gc, VerifierOfferControllerGetOfferResponse as gd, VerifierOfferControllerGetOfferResponses as ge, VocabularyEntryDto as gf, WebHookAuthConfigHeader as gg, WebHookAuthConfigNone as gh, WebhookConfig as gi, WebhookEndpointControllerCreateData as gj, WebhookEndpointControllerCreateResponses as gk, WebhookEndpointControllerDeleteData as gl, WebhookEndpointControllerDeleteErrors as gm, WebhookEndpointControllerDeleteResponses as gn, WebhookEndpointControllerGetAllData as go, WebhookEndpointControllerGetAllResponse as gp, WebhookEndpointControllerGetAllResponses as gq, WebhookEndpointControllerGetByIdData as gr, WebhookEndpointControllerGetByIdErrors as gs, WebhookEndpointControllerGetByIdResponses as gt, WebhookEndpointControllerUpdateData as gu, WebhookEndpointControllerUpdateErrors as gv, WebhookEndpointControllerUpdateResponses as gw, WebhookEndpointEntity as gx, AttestationBasedPolicy as h, AttributeProviderControllerCreateData as i, AttributeProviderControllerCreateResponses as j, AttributeProviderControllerDeleteData as k, AttributeProviderControllerDeleteErrors as l, AttributeProviderControllerDeleteResponses as m, AttributeProviderControllerGetAllData as n, AttributeProviderControllerGetAllResponses as o, AttributeProviderControllerGetByIdData as p, AttributeProviderControllerGetByIdErrors as q, AttributeProviderControllerGetByIdResponses as r, AttributeProviderControllerUpdateData as s, AttributeProviderControllerUpdateErrors as t, AttributeProviderControllerUpdateResponses as u, AttributeProviderEntity as v, AuditLogControllerGetAuditLogsData as w, AuditLogControllerGetAuditLogsResponse as x, AuditLogControllerGetAuditLogsResponses as y, AuditLogResponseDto as z };