@eudiplo/sdk-core 4.4.0 → 4.5.0

package/dist/{types.gen-DpwDhqbe.d.ts → types.gen-z3We9JHj.d.ts}

@@ -25,7 +25,7 @@ type RoleDto = {
     /**
      * OAuth2 roles
      */
-    role: "presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage";
+    role: 'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage';
 };
 type ClientCredentialsDto = {
     grant_type?: string;
@@ -37,6 +37,7 @@ type TokenResponse = {
     refresh_token?: string;
     token_type: string;
     expires_in: number;
+    state: string;
 };
 type ImportTenantDto = {
     /**
@@ -56,7 +57,7 @@ type SessionStorageConfig = {
     /**
      * Cleanup mode: 'full' deletes everything, 'anonymize' keeps metadata but removes PII.
      */
-    cleanupMode?: "full" | "anonymize";
+    cleanupMode?: 'full' | 'anonymize';
 };
 type StatusListConfig = {
     /**
@@ -138,7 +139,7 @@ type ClientEntity = {
     /**
      * The roles assigned to the client.
      */
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
     /**
      * The tenant that the client belongs to.
      */
@@ -165,7 +166,7 @@ type CreateTenantDto = {
      * Session storage configuration. Controls TTL and cleanup behavior.
      */
     sessionConfig?: SessionStorageConfig;
-    roles?: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles?: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
 };
 type UpdateTenantDto = {
     /**
@@ -184,13 +185,13 @@ type UpdateTenantDto = {
      * Session storage configuration. Controls TTL and cleanup behavior.
      */
     sessionConfig?: SessionStorageConfig;
-    roles?: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles?: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
 };
 type AuditLogResponseDto = {
     id: string;
     tenantId: string;
-    actionType: "tenant_created" | "tenant_updated" | "tenant_deleted" | "presentation_config_created" | "presentation_config_updated" | "presentation_config_deleted" | "issuance_config_updated" | "credential_config_created" | "credential_config_updated" | "credential_config_deleted" | "status_list_config_updated" | "status_list_config_reset" | "webhook_endpoint_created" | "webhook_endpoint_updated" | "webhook_endpoint_deleted" | "attribute_provider_created" | "attribute_provider_updated" | "attribute_provider_deleted";
-    actorType: "user" | "client" | "system";
+    actionType: 'tenant_created' | 'tenant_updated' | 'tenant_deleted' | 'presentation_config_created' | 'presentation_config_updated' | 'presentation_config_deleted' | 'issuance_config_updated' | 'credential_config_created' | 'credential_config_updated' | 'credential_config_deleted' | 'status_list_config_updated' | 'status_list_config_reset' | 'webhook_endpoint_created' | 'webhook_endpoint_updated' | 'webhook_endpoint_deleted' | 'attribute_provider_created' | 'attribute_provider_updated' | 'attribute_provider_deleted';
+    actorType: 'user' | 'client' | 'system';
     actorId?: string;
     actorDisplay?: string;
     changedFields?: Array<string>;
@@ -222,7 +223,7 @@ type UpdateClientDto = {
     /**
      * The roles assigned to the client.
      */
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
 };
 type CreateClientDto = {
     /**
@@ -248,7 +249,7 @@ type CreateClientDto = {
     /**
      * The roles assigned to the client.
      */
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
 };
 type StatusListImportDto = {
     /**
@@ -400,21 +401,21 @@ type OfferRequestDto = {
     /**
      * The type of response expected for the offer request.
      */
-    response_type: "uri" | "dc-api";
+    response_type: 'uri' | 'dc-api';
     /**
      * Credential claims configuration per credential. Keys must match credentialConfigurationIds.
      */
     credentialClaims?: {
-        additionalProperties?: {
-            type: "inline";
+        [key: string]: {
+            type: 'inline';
             claims: {
                 [key: string]: unknown;
             };
         } | {
-            type: "attributeProvider";
+            type: 'attributeProvider';
             attributeProviderId: string;
         } | {
-            type: "webhook";
+            type: 'webhook';
             webhook: {
                 url: string;
                 auth?: {
@@ -426,7 +427,7 @@ type OfferRequestDto = {
     /**
      * The flow type for the offer request.
      */
-    flow: "authorization_code" | "pre_authorized_code";
+    flow: 'authorization_code' | 'pre_authorized_code';
     /**
      * Transaction code for pre-authorized code flow.
      */
@@ -452,7 +453,7 @@ type WebHookAuthConfigNone = {
     /**
      * The type of authentication used for the webhook.
      */
-    type: "none";
+    type: 'none';
 };
 type ApiKeyConfig = {
     /**
@@ -468,7 +469,7 @@ type WebHookAuthConfigHeader = {
     /**
      * The type of authentication used for the webhook.
      */
-    type: "apiKey";
+    type: 'apiKey';
     /**
      * Configuration for API key authentication.
      * This is required if the type is 'apiKey'.
@@ -498,7 +499,7 @@ type Session = {
     /**
      * Status of the session.
      */
-    status: "active" | "fetched" | "completed" | "expired" | "failed";
+    status: 'active' | 'fetched' | 'completed' | 'expired' | 'failed';
     /**
      * Unique identifier for the session.
      */
@@ -655,6 +656,28 @@ type Session = {
      */
     consumedAt?: string;
 };
+type PaginatedSessionResponseDto = {
+    /**
+     * The sessions for the current page.
+     */
+    items: Array<Session>;
+    /**
+     * Total number of sessions matching the query
+     */
+    total: number;
+    /**
+     * Current page number (1-based)
+     */
+    page: number;
+    /**
+     * Number of items per page
+     */
+    pageSize: number;
+    /**
+     * Total number of pages
+     */
+    totalPages: number;
+};
 type SessionLogEntryResponseDto = {
     /**
      * Log entry ID
@@ -671,7 +694,7 @@ type SessionLogEntryResponseDto = {
     /**
      * Log level
      */
-    level: "info" | "warn" | "error";
+    level: 'info' | 'warn' | 'error';
     /**
      * Flow stage
      */
@@ -711,14 +734,14 @@ type UpdateSessionConfigDto = {
     /**
      * Cleanup mode: 'full' deletes everything, 'anonymize' keeps metadata but removes PII.
      */
-    cleanupMode?: "full" | "anonymize";
+    cleanupMode?: 'full' | 'anonymize';
 };
 type ManagedUserDto = {
     id: string;
     username: string;
     email?: string;
     enabled: boolean;
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
     tenantId?: string;
     /**
      * One-time temporary password returned only on user creation.
@@ -728,7 +751,7 @@ type ManagedUserDto = {
 type CreateUserDto = {
     username: string;
     email?: string;
-    roles: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
     /**
      * One-time temporary password returned only on user creation.
      */
@@ -738,7 +761,7 @@ type CreateUserDto = {
 type UpdateUserDto = {
     username?: string;
     email?: string;
-    roles?: Array<"presentation:manage" | "presentation:request" | "issuance:manage" | "issuance:offer" | "clients:manage" | "users:manage" | "tenants:manage" | "registrar:manage">;
+    roles?: Array<'presentation:manage' | 'presentation:request' | 'issuance:manage' | 'issuance:offer' | 'clients:manage' | 'users:manage' | 'tenants:manage' | 'registrar:manage'>;
     /**
      * One-time temporary password returned only on user creation.
      */
@@ -747,7 +770,7 @@ type UpdateUserDto = {
     password?: string;
 };
 type AuthenticationMethodNone = {
-    method: "none";
+    method: 'none';
 };
 type AuthenticationUrlConfig = {
     /**
@@ -761,7 +784,7 @@ type AuthenticationUrlConfig = {
     webhook?: WebhookConfig;
 };
 type AuthenticationMethodAuth = {
-    method: "auth";
+    method: 'auth';
     config: AuthenticationUrlConfig;
 };
 type PresentationDuringIssuanceConfig = {
@@ -771,7 +794,7 @@ type PresentationDuringIssuanceConfig = {
     type: string;
 };
 type AuthenticationMethodPresentation = {
-    method: "presentationDuringIssuance";
+    method: 'presentationDuringIssuance';
     config: PresentationDuringIssuanceConfig;
 };
 type UpstreamOidcConfig = {
@@ -820,6 +843,42 @@ type ChainedAsConfig = {
      */
     requireDPoP?: boolean;
 };
+type FederationTrustAnchorConfig = {
+    /**
+     * Entity identifier (sub) of the federation trust anchor.
+     */
+    entityId: string;
+    /**
+     * Federation endpoint URL for the trust anchor entity configuration.
+     */
+    entityConfigurationUri: string;
+};
+type FederationConfig = {
+    /**
+     * Role this tenant plays in the OpenID Federation topology.
+     */
+    role?: 'trust_anchor' | 'intermediate' | 'leaf';
+    /**
+     * Trust decision strategy when both LoTE trust lists and OpenID Federation are configured.
+     */
+    mode?: 'federation-only' | 'hybrid';
+    /**
+     * Entity identifier of this issuer/verifier in the federation.
+     */
+    entityId?: string;
+    /**
+     * Whether federation checks are enforced for upstream metadata and signer trust decisions.
+     */
+    enforceSigningPolicy?: boolean;
+    /**
+     * Cache TTL in seconds for federation entity statements and trust chain results.
+     */
+    cacheTtlSeconds?: number;
+    /**
+     * Configured federation trust anchors.
+     */
+    trustAnchors: Array<FederationTrustAnchorConfig>;
+};
 type DisplayLogo = {
     uri: string;
     alt_text?: string;
@@ -840,6 +899,11 @@ type IssuanceConfig = {
      * to an upstream OIDC provider while issuing its own tokens with issuer_state.
      */
     chainedAs?: ChainedAsConfig;
+    /**
+     * Optional OpenID Federation configuration used for trust evaluation.
+     * When omitted, trust checks rely on existing LoTE trust-list behavior.
+     */
+    federation?: FederationConfig;
     /**
      * Whether refresh tokens should be issued for OID4VCI token responses.
      */
@@ -917,6 +981,11 @@ type IssuanceDto = {
      * to an upstream OIDC provider while issuing its own tokens with issuer_state.
      */
     chainedAs?: ChainedAsConfig;
+    /**
+     * Optional OpenID Federation configuration used for trust evaluation.
+     * When omitted, trust checks rely on existing LoTE trust-list behavior.
+     */
+    federation?: FederationConfig;
     /**
      * Whether refresh tokens should be issued for OID4VCI token responses.
      */
@@ -977,7 +1046,7 @@ type ClaimsQuery = {
     values?: Array<string>;
 };
 type TrustedAuthorityQuery = {
-    type: "aki" | "etsi_tl";
+    type: 'etsi_tl' | 'openid_federation';
     values: Array<string>;
 };
 type CredentialQuery = {
@@ -1000,18 +1069,18 @@ type PolicyCredential = {
     credential_sets?: Array<CredentialSetQuery>;
 };
 type AttestationBasedPolicy = {
-    policy: "attestationBased";
+    policy: 'attestationBased';
     values: Array<PolicyCredential>;
 };
 type NoneTrustPolicy = {
-    policy: "none";
+    policy: 'none';
 };
 type AllowListPolicy = {
-    policy: "allowList";
+    policy: 'allowList';
     values: Array<string>;
 };
 type RootOfTrustPolicy = {
-    policy: "rootOfTrust";
+    policy: 'rootOfTrust';
     values: string;
 };
 type Vct = {
@@ -1019,15 +1088,15 @@ type Vct = {
     name?: string;
     description?: string;
     extends?: string;
-    "extends#integrity"?: string;
+    'extends#integrity'?: string;
     schema_uri?: string;
-    "schema_uri#integrity"?: string;
+    'schema_uri#integrity'?: string;
 };
 type IaeActionOpenid4VpPresentation = {
     /**
      * Action type discriminator
      */
-    type: "openid4vp_presentation";
+    type: 'openid4vp_presentation';
     /**
      * Optional label for this step (for display purposes)
      */
@@ -1041,7 +1110,7 @@ type IaeActionRedirectToWeb = {
     /**
      * Action type discriminator
      */
-    type: "redirect_to_web";
+    type: 'redirect_to_web';
     /**
      * Optional label for this step (for display purposes)
      */
@@ -1087,7 +1156,7 @@ type SchemaUriEntry = {
     /**
      * Schema-format specific metadata (for example { vct: 'urn:example:vct' } for dc+sd-jwt).
      */
-    metadata: {
+    meta: {
         [key: string]: unknown;
     };
 };
@@ -1099,7 +1168,7 @@ type TrustAuthorityEntry = {
     /**
      * Trust framework type (ignored when trustListId is set)
      */
-    frameworkType?: "aki" | "etsi_tl" | "openid_federation";
+    frameworkType?: 'aki' | 'etsi_tl' | 'openid_federation';
     /**
      * URI of the trust list or trust anchor (ignored when trustListId is set)
      */
@@ -1131,11 +1200,11 @@ type SchemaMetaConfig = {
     /**
      * Attestation Level of Security
      */
-    attestationLoS?: "iso_18045_high" | "iso_18045_moderate" | "iso_18045_enhanced-basic" | "iso_18045_basic";
+    attestationLoS?: 'iso_18045_high' | 'iso_18045_moderate' | 'iso_18045_enhanced-basic' | 'iso_18045_basic';
     /**
      * Cryptographic binding type
      */
-    bindingType?: "claim" | "key" | "biometric" | "none";
+    bindingType?: 'claim' | 'key' | 'biometric' | 'none';
     /**
      * Schema URIs per attestation format. When omitted, the format is derived from the credential config format field.
      */
@@ -1170,77 +1239,70 @@ type Display = {
     background_image?: DisplayImage;
     logo?: DisplayImage;
 };
-type ClaimDisplayInfo = {
+type IssuerMetadataCredentialConfig = {
     /**
-     * Human-readable name for the claim
+     * Key attestation requirements for JWT proofs for this credential.
+     * When set, this is published in proof_types_supported.jwt.key_attestations_required
+     * for this specific credential configuration.
      */
-    name?: string;
+    keyAttestationsRequired?: KeyAttestationsRequired;
+    format: 'mso_mdoc' | 'dc+sd-jwt';
+    display: Array<Display>;
+    scope?: string;
     /**
-     * Locale identifier (e.g., en-US, de-DE)
+     * Document type for mDOC credentials (e.g., "org.iso.18013.5.1.mDL").
+     * Only applicable when format is "mso_mdoc".
      */
-    locale?: string;
+    docType?: string;
 };
-type ClaimMetadata = {
+type FieldDisplayDto = {
     /**
-     * Path to the claim. For SD-JWT: JSONPath-like array. For mDOC: [namespace, claim_name]
+     * Locale code based on BCP47 (RFC 5646)
      */
-    path: Array<string>;
+    locale: string;
     /**
-     * Whether this claim must be disclosed
+     * Display name
      */
-    mandatory?: boolean;
+    name: string;
     /**
-     * Display information for the claim in different locales
+     * Optional display description
      */
-    display?: Array<ClaimDisplayInfo>;
+    description?: string;
 };
-type IssuerMetadataCredentialConfig = {
+type ClaimFieldDefinitionDto = {
     /**
-     * Key attestation requirements for JWT proofs for this credential.
-     * When set, this is published in proof_types_supported.jwt.key_attestations_required
-     * for this specific credential configuration.
+     * Path to claim value
      */
-    keyAttestationsRequired?: KeyAttestationsRequired;
-    format: "mso_mdoc" | "dc+sd-jwt";
-    display: Array<Display>;
-    scope?: string;
+    path: Array<string | number | null>;
     /**
-     * Document type for mDOC credentials (e.g., "org.iso.18013.5.1.mDL").
-     * Only applicable when format is "mso_mdoc".
+     * Claim value type
      */
-    docType?: string;
+    type: 'string' | 'number' | 'integer' | 'boolean' | 'object' | 'array' | 'date';
     /**
-     * Namespace for mDOC credentials (e.g., "org.iso.18013.5.1").
-     * Only applicable when format is "mso_mdoc".
-     * Used when claims are provided as a flat object.
+     * Default value
+     */
+    defaultValue?: string | number | boolean | {
+        [key: string]: unknown;
+    } | Array<unknown> | null;
+    /**
+     * Whether claim is mandatory
+     */
+    mandatory?: boolean;
+    /**
+     * Whether claim is disclosable in SD-JWT
+     */
+    disclosable?: boolean;
+    /**
+     * Namespace for mDOC field
      */
     namespace?: string;
+    display?: Array<FieldDisplayDto>;
     /**
-     * Claims organized by namespace for mDOC credentials.
-     * Allows specifying claims across multiple namespaces.
-     * Only applicable when format is "mso_mdoc".
-     * Example:
-     * {
-     * "org.iso.18013.5.1": { "given_name": "John", "family_name": "Doe" },
-     * "org.iso.18013.5.1.aamva": { "DHS_compliance": "F" }
-     * }
+     * Additional JSON schema constraints for this field
      */
-    claimsByNamespace?: {
+    constraints?: {
         [key: string]: unknown;
     };
-    /**
-     * Claims metadata for wallet rendering.
-     * Follows the OID4VCI credential_metadata.claims specification.
-     * Each claim includes a path (JSONPath-like array), optional mandatory flag,
-     * and display information with multi-language support.
-     *
-     * Example:
-     * [
-     * { "path": ["given_name"], "mandatory": false, "display": [{ "name": "Given Name", "locale": "en-US" }] },
-     * { "path": ["address", "street_address"], "display": [{ "name": "Street Address", "locale": "en-US" }] }
-     * ]
-     */
-    claimsMetadata?: Array<ClaimMetadata>;
 };
 type AttributeProviderEntity = {
     auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
@@ -1272,11 +1334,11 @@ type KeyChainEntity = {
     /**
      * The purpose/role of this key chain in the system.
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * The usage type of the keys (sign or encrypt).
      */
-    usage: "sign" | "encrypt";
+    usage: 'sign' | 'encrypt';
     /**
      * The KMS provider used for this key chain.
      * References a configured KMS provider name.
@@ -1287,7 +1349,7 @@ type KeyChainEntity = {
      * This field stores the provider-specific key reference for the active signing key.
      */
     externalKeyId?: string;
-    rootKey?: {
+    rootJwk?: {
         [key: string]: unknown;
     };
     /**
@@ -1295,7 +1357,7 @@ type KeyChainEntity = {
      * Self-signed certificate for the root CA key.
      */
     rootCertificate?: string;
-    activeKey: {
+    activeJwk: {
         [key: string]: unknown;
     };
     /**
@@ -1316,7 +1378,7 @@ type KeyChainEntity = {
      * Timestamp of when the key was last rotated.
      */
     lastRotatedAt?: string;
-    previousKey?: {
+    previousJwk?: {
         [key: string]: unknown;
     };
     /**
@@ -1334,21 +1396,11 @@ type KeyChainEntity = {
      */
     updatedAt: string;
 };
-type SchemaResponse = {
-    $schema: string;
-    type: string;
-    properties: {
-        [key: string]: unknown;
-    };
-    required?: Array<string>;
-    title?: string;
-    description?: string;
-};
 type CredentialConfig = {
     /**
      * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
      */
-    vct?: string | Vct;
+    vct?: string | Vct | null;
     /**
      * List of IAE actions to execute before credential issuance
      */
@@ -1375,9 +1427,8 @@ type CredentialConfig = {
      */
     tenant: TenantEntity;
     config: IssuerMetadataCredentialConfig;
-    claims?: {
-        [key: string]: unknown;
-    };
+    configVersion: number;
+    fields: Array<ClaimFieldDefinitionDto>;
     /**
      * Reference to the attribute provider used for fetching claims.
      * Optional: if set, claims will be fetched from this provider during issuance.
@@ -1390,9 +1441,6 @@ type CredentialConfig = {
      */
     webhookEndpointId?: string;
     webhookEndpoint?: WebhookEndpointEntity;
-    disclosureFrame?: {
-        [key: string]: unknown;
-    };
     keyBinding?: boolean;
     /**
      * Reference to the key chain used for signing.
@@ -1401,14 +1449,19 @@ type CredentialConfig = {
     keyChainId?: string;
     keyChain?: KeyChainEntity;
     statusManagement?: boolean;
+    /**
+     * For SD-JWT credentials: determines whether to include certificate chain (x5c)
+     * or use federation-based trust (iss claim).
+     * Default: "x5c" (federation must be explicitly selected)
+     */
+    sdJwtTrustFormat?: 'x5c' | 'federation';
     lifeTime?: number;
-    schema?: SchemaResponse;
 };
 type CredentialConfigCreate = {
     /**
      * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
      */
-    vct?: string | Vct;
+    vct?: string | Vct | null;
     /**
      * List of IAE actions to execute before credential issuance
      */
@@ -1431,9 +1484,8 @@ type CredentialConfigCreate = {
     id: string;
     description?: string;
     config: IssuerMetadataCredentialConfig;
-    claims?: {
-        [key: string]: unknown;
-    };
+    configVersion: number;
+    fields: Array<ClaimFieldDefinitionDto>;
     /**
      * Reference to the attribute provider used for fetching claims.
      * Optional: if set, claims will be fetched from this provider during issuance.
@@ -1444,9 +1496,6 @@ type CredentialConfigCreate = {
      * Optional: if set, notifications will be sent to this endpoint.
      */
     webhookEndpointId?: string;
-    disclosureFrame?: {
-        [key: string]: unknown;
-    };
     keyBinding?: boolean;
     /**
      * Reference to the key chain used for signing.
@@ -1454,14 +1503,19 @@ type CredentialConfigCreate = {
      */
     keyChainId?: string;
     statusManagement?: boolean;
+    /**
+     * For SD-JWT credentials: determines whether to include certificate chain (x5c)
+     * or use federation-based trust (iss claim).
+     * Default: "x5c" (federation must be explicitly selected)
+     */
+    sdJwtTrustFormat?: 'x5c' | 'federation';
     lifeTime?: number;
-    schema?: SchemaResponse;
 };
 type CredentialConfigUpdate = {
     /**
      * VCT as a URI string (e.g., urn:eudi:pid:de:1) or as an object for EUDIPLO-hosted VCT
      */
-    vct?: string | Vct;
+    vct?: string | Vct | null;
     /**
      * List of IAE actions to execute before credential issuance
      */
@@ -1484,9 +1538,8 @@ type CredentialConfigUpdate = {
     id?: string;
     description?: string;
     config?: IssuerMetadataCredentialConfig;
-    claims?: {
-        [key: string]: unknown;
-    };
+    configVersion?: number;
+    fields?: Array<ClaimFieldDefinitionDto>;
     /**
      * Reference to the attribute provider used for fetching claims.
      * Optional: if set, claims will be fetched from this provider during issuance.
@@ -1497,9 +1550,6 @@ type CredentialConfigUpdate = {
      * Optional: if set, notifications will be sent to this endpoint.
      */
     webhookEndpointId?: string;
-    disclosureFrame?: {
-        [key: string]: unknown;
-    };
     keyBinding?: boolean;
     /**
      * Reference to the key chain used for signing.
@@ -1507,8 +1557,13 @@ type CredentialConfigUpdate = {
      */
     keyChainId?: string;
     statusManagement?: boolean;
+    /**
+     * For SD-JWT credentials: determines whether to include certificate chain (x5c)
+     * or use federation-based trust (iss claim).
+     * Default: "x5c" (federation must be explicitly selected)
+     */
+    sdJwtTrustFormat?: 'x5c' | 'federation';
     lifeTime?: number;
-    schema?: SchemaResponse;
 };
 type SignSchemaMetaConfigDto = {
     /**
@@ -1534,138 +1589,331 @@ type SignVersionSchemaMetaConfigDto = {
      */
     keyChainId?: string;
 };
-type CreateAttributeProviderDto = {
-    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
-    id: string;
-    name: string;
-    description?: string;
-    url: string;
+type VocabularyEntryDto = {
+    /**
+     * Stable machine-readable value to submit in schema metadata category/tags fields.
+     */
+    code: string;
+    /**
+     * Display label for UI rendering.
+     */
+    label: string;
+    /**
+     * Vocabulary lifecycle status.
+     */
+    status: 'active' | 'deprecated';
+    /**
+     * Replacement code when status is deprecated.
+     */
+    replacedBy?: string;
 };
-type UpdateAttributeProviderDto = {
-    auth?: WebHookAuthConfigNone | WebHookAuthConfigHeader;
-    id?: string;
-    name?: string;
-    description?: string;
-    url?: string;
+type SchemaMetadataVocabulariesDto = {
+    /**
+     * Vocabulary publication version for cache invalidation.
+     */
+    version: string;
+    /**
+     * Allowed category values that can be used when updating schema metadata category.
+     */
+    categories: Array<VocabularyEntryDto>;
+    /**
+     * Allowed tag values that can be used when updating schema metadata tags.
+     */
+    tags: Array<VocabularyEntryDto>;
 };
-type CreateWebhookEndpointDto = {
+type MetadataSchemaDto = {
     /**
-     * Unique identifier for the webhook endpoint
+     * Unique identifier for this schema entry
      */
     id: string;
-    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
-    name: string;
-    description?: string;
-    url: string;
-};
-type UpdateWebhookEndpointDto = {
     /**
-     * Unique identifier for the webhook endpoint
+     * The credential format identifier
+     */
+    formatIdentifier: 'dc+sd-jwt' | 'mso_mdoc';
+    /**
+     * URI to the schema definition
      */
-    id?: string;
-    auth?: WebHookAuthConfigNone | WebHookAuthConfigHeader;
-    name?: string;
-    description?: string;
-    url?: string;
-};
-type TrustListEntityInfo = {
-    name: string;
-    lang?: string;
     uri?: string;
-    country?: string;
-    locality?: string;
-    postalCode?: string;
-    streetAddress?: string;
-    contactUri?: string;
-};
-type InternalTrustListEntity = {
-    type: "internal";
-    issuerKeyChainId: string;
-    revocationKeyChainId: string;
-    info: TrustListEntityInfo;
-};
-type ExternalTrustListEntity = {
-    type: "external";
-    issuerCertPem: string;
-    revocationCertPem: string;
-    info: TrustListEntityInfo;
-};
-type TrustListCreateDto = {
-    description?: string;
     /**
-     * The full trust list JSON (generated LoTE structure)
+     * Inline schema content (JSON Schema)
      */
-    data?: {
+    schemaContent?: {
         [key: string]: unknown;
     };
-    entities: Array<({
-        type: "internal";
-    } & InternalTrustListEntity) | ({
-        type: "external";
-    } & ExternalTrustListEntity)>;
-    id?: string;
-    keyChainId?: string;
+    /**
+     * Subresource Integrity hash for the schema
+     */
+    integrity?: string;
 };
-type TrustList = {
+type TrustAuthorityDto = {
     /**
-     * Unique identifier for the trust list
+     * Unique identifier for this trust authority entry
      */
     id: string;
-    description?: string;
     /**
-     * The tenant ID for which the VP request is made.
+     * Type of trust framework
      */
-    tenantId: string;
+    frameworkType: 'etsi_tl';
     /**
-     * The tenant that owns this object.
+     * URI or identifier for the trust list / authority
      */
-    tenant: TenantEntity;
-    keyChainId: string;
-    keyChain: KeyChainEntity;
+    value: string;
     /**
-     * The full trust list JSON (generated LoTE structure)
+     * Verification method for the trust list signature (e.g., JWK)
      */
-    data?: {
+    verificationMethod?: {
         [key: string]: unknown;
     };
+};
+type AccessCertificateRefDto = {
+    id: string;
+    relyingPartyId: string;
+    certificate: string;
+    revoked: string;
+    createdAt: string;
+};
+type SchemaMetadataResponseDto = {
     /**
-     * The original entity configuration used to create this trust list.
-     * Stored for round-tripping when editing.
+     * The unique, server-assigned identifier (UUID) for the schema metadata
      */
-    entityConfig?: Array<{
-        [key: string]: unknown;
-    }>;
+    id: string;
     /**
-     * The sequence number for versioning (incremented on updates)
+     * Version of this schema metadata (SemVer)
      */
-    sequenceNumber: number;
+    version: string;
     /**
-     * The signed JWT representation of this trust list
+     * URI of the human-readable Rulebook document
      */
-    jwt: string;
-    createdAt: string;
-    updatedAt: string;
-};
-type TrustListVersion = {
-    id: string;
-    trustListId: string;
-    trustList: TrustList;
-    tenantId: string;
+    rulebookURI?: string;
     /**
-     * The sequence number at the time this version was created
+     * Subresource Integrity hash for the rulebook URI
      */
-    sequenceNumber: number;
+    rulebookIntegrity?: string;
     /**
-     * The full trust list JSON at this version
+     * Level of security (LoS) of this attestation
      */
-    data: {
-        [key: string]: unknown;
-    };
+    attestationLoS: 'iso_18045_high' | 'iso_18045_moderate' | 'iso_18045_enhanced-basic' | 'iso_18045_basic';
     /**
-     * The entity configuration at this version
+     * Required binding type between attestation and holder
      */
-    entityConfig?: {
-        [key: string]: unknown;
+    bindingType: 'claim' | 'key' | 'biometric' | 'none';
+    /**
+     * Credential formats in which this attestation is available
+     */
+    supportedFormats: Array<'dc+sd-jwt' | 'mso_mdoc'>;
+    /**
+     * Format-specific schema URIs for this schema metadata
+     */
+    schemaURIs: Array<MetadataSchemaDto>;
+    /**
+     * Trust frameworks / trust anchors applicable to this schema metadata
+     */
+    trustedAuthorities: Array<TrustAuthorityDto>;
+    /**
+     * Domain category for filtering
+     */
+    category?: 'identity' | 'health' | 'finance' | 'education' | 'mobility' | 'employment' | 'other';
+    /**
+     * Free-form tags for filtering and search
+     */
+    tags?: Array<string>;
+    /**
+     * The original signed JWT
+     */
+    signedJwt: string;
+    /**
+     * Issuer from the JWT (`iss` claim)
+     */
+    issuer: string;
+    /**
+     * Serial number of the access certificate that signed this schema metadata
+     */
+    signerCertificateSerial: string;
+    /**
+     * The access certificate used to sign this schema metadata
+     */
+    signerCertificate?: AccessCertificateRefDto;
+    /**
+     * Timestamp when the JWT was issued (from the `iat` claim)
+     */
+    issuedAt: string;
+    /**
+     * Server creation timestamp
+     */
+    createdAt: string;
+    /**
+     * Last update timestamp
+     */
+    updatedAt: string;
+    /**
+     * Whether this version is deprecated
+     */
+    deprecated?: boolean;
+    /**
+     * Deprecation message shown to consumers
+     */
+    deprecationMessage?: string;
+    /**
+     * The version that supersedes this one
+     */
+    supersededByVersion?: string;
+};
+type UpdateSchemaMetadataDto = {
+    /**
+     * Domain category for filtering
+     */
+    category?: 'identity' | 'health' | 'finance' | 'education' | 'mobility' | 'employment' | 'other';
+    /**
+     * Predefined tags for filtering and search
+     */
+    tags?: Array<'pid' | 'eudi' | 'kyc' | 'aml' | 'age-verification' | 'residency' | 'membership' | 'education' | 'employment' | 'mobility'>;
+};
+type DeprecateSchemaMetadataDto = {
+    /**
+     * Whether to mark this version as deprecated
+     */
+    deprecated: boolean;
+    /**
+     * Deprecation message shown to consumers
+     */
+    message?: string;
+    /**
+     * The version that supersedes this one
+     */
+    supersededByVersion?: string;
+};
+type CreateAttributeProviderDto = {
+    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    id: string;
+    name: string;
+    description?: string;
+    url: string;
+};
+type UpdateAttributeProviderDto = {
+    auth?: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    id?: string;
+    name?: string;
+    description?: string;
+    url?: string;
+};
+type CreateWebhookEndpointDto = {
+    /**
+     * Unique identifier for the webhook endpoint
+     */
+    id: string;
+    auth: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    name: string;
+    description?: string;
+    url: string;
+};
+type UpdateWebhookEndpointDto = {
+    /**
+     * Unique identifier for the webhook endpoint
+     */
+    id?: string;
+    auth?: WebHookAuthConfigNone | WebHookAuthConfigHeader;
+    name?: string;
+    description?: string;
+    url?: string;
+};
+type TrustListEntityInfo = {
+    name: string;
+    lang?: string;
+    uri?: string;
+    country?: string;
+    locality?: string;
+    postalCode?: string;
+    streetAddress?: string;
+    contactUri?: string;
+};
+type InternalTrustListEntity = {
+    type: 'internal';
+    issuerKeyChainId: string;
+    revocationKeyChainId: string;
+    info: TrustListEntityInfo;
+};
+type ExternalTrustListEntity = {
+    type: 'external';
+    issuerCertPem: string;
+    revocationCertPem: string;
+    info: TrustListEntityInfo;
+};
+type TrustListCreateDto = {
+    description?: string;
+    /**
+     * The full trust list JSON (generated LoTE structure)
+     */
+    data?: {
+        [key: string]: unknown;
+    };
+    entities: Array<({
+        type: 'internal';
+    } & InternalTrustListEntity) | ({
+        type: 'external';
+    } & ExternalTrustListEntity)>;
+    id?: string;
+    keyChainId?: string;
+};
+type TrustList = {
+    /**
+     * Unique identifier for the trust list
+     */
+    id: string;
+    description?: string;
+    /**
+     * The tenant ID for which the VP request is made.
+     */
+    tenantId: string;
+    /**
+     * The tenant that owns this object.
+     */
+    tenant: TenantEntity;
+    keyChainId: string;
+    keyChain: KeyChainEntity;
+    /**
+     * The full trust list JSON (generated LoTE structure)
+     */
+    data?: {
+        [key: string]: unknown;
+    };
+    /**
+     * The original entity configuration used to create this trust list.
+     * Stored for round-tripping when editing.
+     */
+    entityConfig?: Array<{
+        [key: string]: unknown;
+    }>;
+    /**
+     * The sequence number for versioning (incremented on updates)
+     */
+    sequenceNumber: number;
+    /**
+     * The signed JWT representation of this trust list
+     */
+    jwt: string;
+    createdAt: string;
+    updatedAt: string;
+};
+type TrustListVersion = {
+    id: string;
+    trustListId: string;
+    trustList: TrustList;
+    tenantId: string;
+    /**
+     * The sequence number at the time this version was created
+     */
+    sequenceNumber: number;
+    /**
+     * The full trust list JSON at this version
+     */
+    data: {
+        [key: string]: unknown;
+    };
+    /**
+     * The entity configuration at this version
+     */
+    entityConfig?: {
+        [key: string]: unknown;
     };
     /**
      * The signed JWT at this version
@@ -1897,292 +2145,99 @@ type RegistrationCertificateDefaults = {
 };
 type RegistrarConfigResponseDto = {
     /**
-     * The base URL of the registrar API
-     */
-    registrarUrl: string;
-    /**
-     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
-     */
-    oidcUrl: string;
-    /**
-     * The OIDC client ID for the registrar
-     */
-    clientId: string;
-    /**
-     * The OIDC client secret (optional, for confidential clients)
-     */
-    clientSecret?: string;
-    /**
-     * The username for OIDC login
-     */
-    username: string;
-    /**
-     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
-     */
-    registrationCertificateDefaults?: RegistrationCertificateDefaults;
-    /**
-     * Indicates whether a password is configured (actual password is never returned)
-     */
-    hasPassword: boolean;
-};
-type CreateRegistrarConfigDto = {
-    /**
-     * The base URL of the registrar API
-     */
-    registrarUrl: string;
-    /**
-     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
-     */
-    oidcUrl: string;
-    /**
-     * The OIDC client ID for the registrar
-     */
-    clientId: string;
-    /**
-     * The OIDC client secret (optional, for confidential clients)
-     */
-    clientSecret?: string;
-    /**
-     * The username for OIDC login
-     */
-    username: string;
-    /**
-     * The password for OIDC login (stored in plaintext)
-     */
-    password: string;
-    /**
-     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
-     */
-    registrationCertificateDefaults?: RegistrationCertificateDefaults;
-};
-type UpdateRegistrarConfigDto = {
-    /**
-     * The base URL of the registrar API
-     */
-    registrarUrl?: string;
-    /**
-     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
-     */
-    oidcUrl?: string;
-    /**
-     * The OIDC client ID for the registrar
-     */
-    clientId?: string;
-    /**
-     * The OIDC client secret (optional, for confidential clients)
-     */
-    clientSecret?: string;
-    /**
-     * The username for OIDC login
-     */
-    username?: string;
-    /**
-     * The password for OIDC login (stored in plaintext)
-     */
-    password?: string;
-    /**
-     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
-     */
-    registrationCertificateDefaults?: RegistrationCertificateDefaults;
-};
-type CreateAccessCertificateDto = {
-    /**
-     * The ID of the key to create an access certificate for
-     */
-    keyId: string;
-};
-type VocabularyEntryDto = {
-    /**
-     * Stable machine-readable value to submit in schema metadata category/tags fields.
-     */
-    code: string;
-    /**
-     * Display label for UI rendering.
-     */
-    label: string;
-    /**
-     * Vocabulary lifecycle status.
-     */
-    status: "active" | "deprecated";
-    /**
-     * Replacement code when status is deprecated.
-     */
-    replacedBy?: string;
-};
-type SchemaMetadataVocabulariesDto = {
-    /**
-     * Vocabulary publication version for cache invalidation.
-     */
-    version: string;
-    /**
-     * Allowed category values that can be used when updating schema metadata category.
-     */
-    categories: Array<VocabularyEntryDto>;
-    /**
-     * Allowed tag values that can be used when updating schema metadata tags.
-     */
-    tags: Array<VocabularyEntryDto>;
-};
-type MetadataSchemaDto = {
-    /**
-     * Unique identifier for this schema entry
-     */
-    id: string;
-    /**
-     * The credential format identifier
-     */
-    formatIdentifier: "dc+sd-jwt" | "mso_mdoc";
-    /**
-     * URI to the schema definition
-     */
-    uri?: string;
-    /**
-     * Inline schema content (JSON Schema)
-     */
-    schemaContent?: {
-        [key: string]: unknown;
-    };
-    /**
-     * Subresource Integrity hash for the schema
-     */
-    integrity?: string;
-};
-type TrustAuthorityDto = {
-    /**
-     * Unique identifier for this trust authority entry
-     */
-    id: string;
-    /**
-     * Type of trust framework
-     */
-    frameworkType: "etsi_tl";
-    /**
-     * URI or identifier for the trust list / authority
-     */
-    value: string;
-    /**
-     * Verification method for the trust list signature (e.g., JWK)
-     */
-    verificationMethod?: {
-        [key: string]: unknown;
-    };
-};
-type AccessCertificateRefDto = {
-    id: string;
-    relyingPartyId: string;
-    certificate: string;
-    revoked: string;
-    createdAt: string;
-};
-type SchemaMetadataResponseDto = {
-    /**
-     * The unique, server-assigned identifier (UUID) for the schema metadata
-     */
-    id: string;
-    /**
-     * Version of this schema metadata (SemVer)
-     */
-    version: string;
-    /**
-     * URI of the human-readable Rulebook document
-     */
-    rulebookURI?: string;
-    /**
-     * Subresource Integrity hash for the rulebook URI
-     */
-    rulebookIntegrity?: string;
-    /**
-     * Level of security (LoS) of this attestation
+     * The base URL of the registrar API
      */
-    attestationLoS: "iso_18045_high" | "iso_18045_moderate" | "iso_18045_enhanced-basic" | "iso_18045_basic";
+    registrarUrl: string;
     /**
-     * Required binding type between attestation and holder
+     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
      */
-    bindingType: "claim" | "key" | "biometric" | "none";
+    oidcUrl: string;
     /**
-     * Credential formats in which this attestation is available
+     * The OIDC client ID for the registrar
      */
-    supportedFormats: Array<"dc+sd-jwt" | "mso_mdoc">;
+    clientId: string;
     /**
-     * Format-specific schema URIs for this schema metadata
+     * The OIDC client secret (optional, for confidential clients)
      */
-    schemaURIs: Array<MetadataSchemaDto>;
+    clientSecret?: string;
     /**
-     * Trust frameworks / trust anchors applicable to this schema metadata
+     * The username for OIDC login
      */
-    trustedAuthorities: Array<TrustAuthorityDto>;
+    username: string;
     /**
-     * Domain category for filtering
+     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
      */
-    category?: "identity" | "health" | "finance" | "education" | "mobility" | "employment" | "other";
+    registrationCertificateDefaults?: RegistrationCertificateDefaults;
     /**
-     * Free-form tags for filtering and search
+     * Indicates whether a password is configured (actual password is never returned)
      */
-    tags?: Array<string>;
+    hasPassword: boolean;
+};
+type CreateRegistrarConfigDto = {
     /**
-     * The original signed JWT
+     * The base URL of the registrar API
      */
-    signedJwt: string;
+    registrarUrl: string;
     /**
-     * Issuer from the JWT (`iss` claim)
+     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
      */
-    issuer: string;
+    oidcUrl: string;
     /**
-     * Serial number of the access certificate that signed this schema metadata
+     * The OIDC client ID for the registrar
      */
-    signerCertificateSerial: string;
+    clientId: string;
     /**
-     * The access certificate used to sign this schema metadata
+     * The OIDC client secret (optional, for confidential clients)
      */
-    signerCertificate?: AccessCertificateRefDto;
+    clientSecret?: string;
     /**
-     * Timestamp when the JWT was issued (from the `iat` claim)
+     * The username for OIDC login
      */
-    issuedAt: string;
+    username: string;
     /**
-     * Server creation timestamp
+     * The password for OIDC login (stored in plaintext)
      */
-    createdAt: string;
+    password: string;
     /**
-     * Last update timestamp
+     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
      */
-    updatedAt: string;
+    registrationCertificateDefaults?: RegistrationCertificateDefaults;
+};
+type UpdateRegistrarConfigDto = {
     /**
-     * Whether this version is deprecated
+     * The base URL of the registrar API
      */
-    deprecated?: boolean;
+    registrarUrl?: string;
     /**
-     * Deprecation message shown to consumers
+     * The OIDC issuer URL for authentication (e.g., Keycloak realm URL)
      */
-    deprecationMessage?: string;
+    oidcUrl?: string;
     /**
-     * The version that supersedes this one
+     * The OIDC client ID for the registrar
      */
-    supersededByVersion?: string;
-};
-type UpdateSchemaMetadataDto = {
+    clientId?: string;
     /**
-     * Domain category for filtering
+     * The OIDC client secret (optional, for confidential clients)
      */
-    category?: "identity" | "health" | "finance" | "education" | "mobility" | "employment" | "other";
+    clientSecret?: string;
     /**
-     * Predefined tags for filtering and search
+     * The username for OIDC login
      */
-    tags?: Array<"pid" | "eudi" | "kyc" | "aml" | "age-verification" | "residency" | "membership" | "education" | "employment" | "mobility">;
-};
-type DeprecateSchemaMetadataDto = {
+    username?: string;
     /**
-     * Whether to mark this version as deprecated
+     * The password for OIDC login (stored in plaintext)
      */
-    deprecated: boolean;
+    password?: string;
     /**
-     * Deprecation message shown to consumers
+     * Optional default values merged into registration certificate creation requests (for example privacy_policy, support_uri)
      */
-    message?: string;
+    registrationCertificateDefaults?: RegistrationCertificateDefaults;
+};
+type CreateAccessCertificateDto = {
     /**
-     * The version that supersedes this one
+     * The ID of the key to create an access certificate for
      */
-    supersededByVersion?: string;
+    keyId: string;
 };
 type DeferredCredentialRequestDto = {
     /**
@@ -2192,9 +2247,7 @@ type DeferredCredentialRequestDto = {
 };
 type NotificationRequestDto = {
     notification_id: string;
-    event: {
-        [key: string]: unknown;
-    };
+    event: 'credential_accepted' | 'credential_failure' | 'credential_deleted';
 };
 type Object$1 = {
     [key: string]: unknown;
@@ -2399,7 +2452,7 @@ type DeferredOperationResponse = {
     /**
      * The new status of the transaction
      */
-    status: "pending" | "ready" | "retrieved" | "expired" | "failed";
+    status: 'pending' | 'ready' | 'retrieved' | 'expired' | 'failed';
     /**
      * Optional message
      */
@@ -2472,6 +2525,14 @@ type KmsProviderCapabilitiesDto = {
      * Whether the provider supports deleting keys.
      */
     canDelete: boolean;
+    /**
+     * Signing algorithms supported by the provider.
+     */
+    supportedAlgs: Array<string>;
+    /**
+     * Default signing algorithm used when caller does not specify one.
+     */
+    defaultAlg: string;
 };
 type KmsProviderInfoDto = {
     /**
@@ -2571,11 +2632,11 @@ type KeyChainResponseDto = {
     /**
      * Usage type of the key chain.
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * Type of key chain (standalone or internalChain).
      */
-    type: "standalone" | "internalChain";
+    type: 'standalone' | 'internalChain';
     /**
      * Human-readable description.
      */
@@ -2677,7 +2738,7 @@ type KeyChainExportDto = {
     /**
      * Usage type for this key chain.
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * The private key in JWK format (EC).
      */
@@ -2713,11 +2774,11 @@ type KeyChainCreateDto = {
     /**
      * Usage type determines the purpose of this key chain (access, attestation, etc.).
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * Type of key chain to create.
      */
-    type: "standalone" | "internalChain";
+    type: 'standalone' | 'internalChain';
     /**
      * Human-readable description for the key chain.
      */
@@ -2770,7 +2831,7 @@ type KeyChainImportDto = {
     /**
      * Usage type for this key chain.
      */
-    usageType: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+    usageType: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     /**
      * Certificate chain in PEM format (leaf first, then intermediates/CA).
      */
@@ -2816,7 +2877,7 @@ type PresentationRequest = {
     /**
      * The type of response expected from the presentation request.
      */
-    response_type: "uri" | "dc-api";
+    response_type: 'uri' | 'dc-api';
     /**
      * Identifier of the presentation configuration
      */
@@ -2831,6 +2892,11 @@ type PresentationRequest = {
      * You can use the `{sessionId}` placeholder in the URI, which will be replaced with the actual session ID.
      */
     redirectUri?: string;
+    /**
+     * Optional expected browser origin for DC API key-binding audience.
+     * Example: "http://localhost:8080"
+     */
+    expected_origin?: string;
     /**
      * Optional transaction data to include in the OID4VP request.
      * If provided, this will override the transaction_data from the presentation configuration.
@@ -2905,7 +2971,7 @@ type AppControllerGetVersionData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/version";
+    url: '/api/version';
 };
 type AppControllerGetVersionResponses = {
     /**
@@ -2917,7 +2983,7 @@ type AppControllerGetFrontendConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/frontend-config";
+    url: '/api/frontend-config';
 };
 type AppControllerGetFrontendConfigResponses = {
     /**
@@ -2930,7 +2996,7 @@ type AuthControllerGetOAuth2TokenData = {
     body: ClientCredentialsDto;
     path?: never;
     query?: never;
-    url: "/api/oauth2/token";
+    url: '/api/oauth2/token';
 };
 type AuthControllerGetOAuth2TokenErrors = {
     /**
@@ -2949,7 +3015,7 @@ type TenantControllerGetTenantsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/tenant";
+    url: '/api/tenant';
 };
 type TenantControllerGetTenantsResponses = {
     200: Array<TenantEntity>;
@@ -2959,7 +3025,7 @@ type TenantControllerInitTenantData = {
     body: CreateTenantDto;
     path?: never;
     query?: never;
-    url: "/api/tenant";
+    url: '/api/tenant';
 };
 type TenantControllerInitTenantResponses = {
     201: {
@@ -2973,7 +3039,7 @@ type TenantControllerDeleteTenantData = {
         id: string;
     };
     query?: never;
-    url: "/api/tenant/{id}";
+    url: '/api/tenant/{id}';
 };
 type TenantControllerDeleteTenantResponses = {
     200: unknown;
@@ -2984,7 +3050,7 @@ type TenantControllerGetTenantData = {
         id: string;
     };
     query?: never;
-    url: "/api/tenant/{id}";
+    url: '/api/tenant/{id}';
 };
 type TenantControllerGetTenantResponses = {
     200: TenantEntity;
@@ -2996,7 +3062,7 @@ type TenantControllerUpdateTenantData = {
         id: string;
     };
     query?: never;
-    url: "/api/tenant/{id}";
+    url: '/api/tenant/{id}';
 };
 type TenantControllerUpdateTenantResponses = {
     200: TenantEntity;
@@ -3011,7 +3077,7 @@ type AuditLogControllerGetAuditLogsData = {
          */
         limit?: number;
     };
-    url: "/api/admin/audit-logs";
+    url: '/api/admin/audit-logs';
 };
 type AuditLogControllerGetAuditLogsResponses = {
     200: Array<AuditLogResponseDto>;
@@ -3021,7 +3087,7 @@ type ClientControllerGetClientsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/client";
+    url: '/api/client';
 };
 type ClientControllerGetClientsResponses = {
     200: Array<ClientEntity>;
@@ -3031,7 +3097,7 @@ type ClientControllerCreateClientData = {
     body: CreateClientDto;
     path?: never;
     query?: never;
-    url: "/api/client";
+    url: '/api/client';
 };
 type ClientControllerCreateClientResponses = {
     201: ClientEntity;
@@ -3043,7 +3109,7 @@ type ClientControllerDeleteClientData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}";
+    url: '/api/client/{id}';
 };
 type ClientControllerDeleteClientResponses = {
     200: unknown;
@@ -3054,7 +3120,7 @@ type ClientControllerGetClientData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}";
+    url: '/api/client/{id}';
 };
 type ClientControllerGetClientResponses = {
     200: ClientEntity;
@@ -3066,7 +3132,7 @@ type ClientControllerUpdateClientData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}";
+    url: '/api/client/{id}';
 };
 type ClientControllerUpdateClientResponses = {
     200: {
@@ -3080,7 +3146,7 @@ type ClientControllerGetClientSecretData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}/secret";
+    url: '/api/client/{id}/secret';
 };
 type ClientControllerGetClientSecretResponses = {
     200: ClientSecretResponseDto;
@@ -3092,7 +3158,7 @@ type ClientControllerRotateClientSecretData = {
         id: string;
     };
     query?: never;
-    url: "/api/client/{id}/rotate-secret";
+    url: '/api/client/{id}/rotate-secret';
 };
 type ClientControllerRotateClientSecretResponses = {
     201: ClientSecretResponseDto;
@@ -3102,7 +3168,7 @@ type StatusListConfigControllerResetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/status-list-config";
+    url: '/api/status-list-config';
 };
 type StatusListConfigControllerResetConfigResponses = {
     /**
@@ -3115,7 +3181,7 @@ type StatusListConfigControllerGetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/status-list-config";
+    url: '/api/status-list-config';
 };
 type StatusListConfigControllerGetConfigResponses = {
     /**
@@ -3128,7 +3194,7 @@ type StatusListConfigControllerUpdateConfigData = {
     body: UpdateStatusListConfigDto;
     path?: never;
     query?: never;
-    url: "/api/status-list-config";
+    url: '/api/status-list-config';
 };
 type StatusListConfigControllerUpdateConfigResponses = {
     /**
@@ -3141,7 +3207,7 @@ type StatusListManagementControllerGetListsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/status-lists";
+    url: '/api/status-lists';
 };
 type StatusListManagementControllerGetListsResponses = {
     /**
@@ -3154,7 +3220,7 @@ type StatusListManagementControllerCreateListData = {
     body: CreateStatusListDto;
     path?: never;
     query?: never;
-    url: "/api/status-lists";
+    url: '/api/status-lists';
 };
 type StatusListManagementControllerCreateListResponses = {
     /**
@@ -3172,7 +3238,7 @@ type StatusListManagementControllerDeleteListData = {
         listId: string;
     };
     query?: never;
-    url: "/api/status-lists/{listId}";
+    url: '/api/status-lists/{listId}';
 };
 type StatusListManagementControllerDeleteListResponses = {
     /**
@@ -3190,7 +3256,7 @@ type StatusListManagementControllerGetListData = {
         listId: string;
     };
     query?: never;
-    url: "/api/status-lists/{listId}";
+    url: '/api/status-lists/{listId}';
 };
 type StatusListManagementControllerGetListResponses = {
     /**
@@ -3208,7 +3274,7 @@ type StatusListManagementControllerUpdateListData = {
         listId: string;
     };
     query?: never;
-    url: "/api/status-lists/{listId}";
+    url: '/api/status-lists/{listId}';
 };
 type StatusListManagementControllerUpdateListResponses = {
     /**
@@ -3220,11 +3286,36 @@ type StatusListManagementControllerUpdateListResponse = StatusListManagementCont
 type SessionControllerGetAllSessionsData = {
     body?: never;
     path?: never;
-    query?: never;
-    url: "/api/session";
+    query?: {
+        /**
+         * Page number (1-based)
+         */
+        page?: number;
+        /**
+         * Number of items per page
+         */
+        pageSize?: number;
+        /**
+         * Filter by session status
+         */
+        status?: 'active' | 'fetched' | 'completed' | 'expired' | 'failed';
+        /**
+         * Filter by session type
+         */
+        type?: 'issuance' | 'presentation';
+        /**
+         * Field to sort by
+         */
+        sortBy?: 'id' | 'status' | 'createdAt' | 'requestId';
+        /**
+         * Sort direction
+         */
+        sortOrder?: 'asc' | 'desc';
+    };
+    url: '/api/session';
 };
 type SessionControllerGetAllSessionsResponses = {
-    200: Array<Session>;
+    200: PaginatedSessionResponseDto;
 };
 type SessionControllerGetAllSessionsResponse = SessionControllerGetAllSessionsResponses[keyof SessionControllerGetAllSessionsResponses];
 type SessionControllerDeleteSessionData = {
@@ -3233,7 +3324,7 @@ type SessionControllerDeleteSessionData = {
         id: string;
     };
     query?: never;
-    url: "/api/session/{id}";
+    url: '/api/session/{id}';
 };
 type SessionControllerDeleteSessionResponses = {
     200: unknown;
@@ -3247,7 +3338,7 @@ type SessionControllerGetSessionData = {
         id: string;
     };
     query?: never;
-    url: "/api/session/{id}";
+    url: '/api/session/{id}';
 };
 type SessionControllerGetSessionResponses = {
     200: Session;
@@ -3262,7 +3353,7 @@ type SessionControllerGetSessionLogsData = {
         id: string;
     };
     query?: never;
-    url: "/api/session/{id}/logs";
+    url: '/api/session/{id}/logs';
 };
 type SessionControllerGetSessionLogsResponses = {
     200: Array<SessionLogEntryResponseDto>;
@@ -3272,7 +3363,7 @@ type SessionControllerRevokeAllData = {
     body: StatusUpdateDto;
     path?: never;
     query?: never;
-    url: "/api/session/revoke";
+    url: '/api/session/revoke';
 };
 type SessionControllerRevokeAllResponses = {
     201: unknown;
@@ -3281,7 +3372,7 @@ type SessionConfigControllerResetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/session-config";
+    url: '/api/session-config';
 };
 type SessionConfigControllerResetConfigResponses = {
     /**
@@ -3293,7 +3384,7 @@ type SessionConfigControllerGetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/session-config";
+    url: '/api/session-config';
 };
 type SessionConfigControllerGetConfigResponses = {
     /**
@@ -3306,7 +3397,7 @@ type SessionConfigControllerUpdateConfigData = {
     body: UpdateSessionConfigDto;
     path?: never;
     query?: never;
-    url: "/api/session-config";
+    url: '/api/session-config';
 };
 type SessionConfigControllerUpdateConfigResponses = {
     /**
@@ -3329,7 +3420,7 @@ type SessionEventsControllerSubscribeToSessionEventsData = {
          */
         token: string;
     };
-    url: "/api/session/{id}/events";
+    url: '/api/session/{id}/events';
 };
 type SessionEventsControllerSubscribeToSessionEventsResponses = {
     200: unknown;
@@ -3338,7 +3429,7 @@ type UserControllerGetUsersData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/user";
+    url: '/api/user';
 };
 type UserControllerGetUsersResponses = {
     200: Array<ManagedUserDto>;
@@ -3348,7 +3439,7 @@ type UserControllerCreateUserData = {
     body: CreateUserDto;
     path?: never;
     query?: never;
-    url: "/api/user";
+    url: '/api/user';
 };
 type UserControllerCreateUserResponses = {
     201: ManagedUserDto;
@@ -3360,7 +3451,7 @@ type UserControllerDeleteUserData = {
         id: string;
     };
     query?: never;
-    url: "/api/user/{id}";
+    url: '/api/user/{id}';
 };
 type UserControllerDeleteUserResponses = {
     200: unknown;
@@ -3371,7 +3462,7 @@ type UserControllerGetUserData = {
         id: string;
     };
     query?: never;
-    url: "/api/user/{id}";
+    url: '/api/user/{id}';
 };
 type UserControllerGetUserResponses = {
     200: ManagedUserDto;
@@ -3383,7 +3474,7 @@ type UserControllerUpdateUserData = {
         id: string;
     };
     query?: never;
-    url: "/api/user/{id}";
+    url: '/api/user/{id}';
 };
 type UserControllerUpdateUserResponses = {
     200: ManagedUserDto;
@@ -3393,7 +3484,7 @@ type IssuanceConfigControllerGetIssuanceConfigurationsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/issuer/config";
+    url: '/api/issuer/config';
 };
 type IssuanceConfigControllerGetIssuanceConfigurationsResponses = {
     200: IssuanceConfig;
@@ -3403,7 +3494,7 @@ type IssuanceConfigControllerStoreIssuanceConfigurationData = {
     body: IssuanceDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/config";
+    url: '/api/issuer/config';
 };
 type IssuanceConfigControllerStoreIssuanceConfigurationResponses = {
     201: {
@@ -3415,7 +3506,7 @@ type CredentialConfigControllerGetConfigsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/issuer/credentials";
+    url: '/api/issuer/credentials';
 };
 type CredentialConfigControllerGetConfigsResponses = {
     200: Array<CredentialConfig>;
@@ -3425,7 +3516,7 @@ type CredentialConfigControllerStoreCredentialConfigurationData = {
     body: CredentialConfigCreate;
     path?: never;
     query?: never;
-    url: "/api/issuer/credentials";
+    url: '/api/issuer/credentials';
 };
 type CredentialConfigControllerStoreCredentialConfigurationResponses = {
     201: {
@@ -3439,7 +3530,7 @@ type CredentialConfigControllerDeleteIssuanceConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/credentials/{id}";
+    url: '/api/issuer/credentials/{id}';
 };
 type CredentialConfigControllerDeleteIssuanceConfigurationResponses = {
     200: {
@@ -3453,7 +3544,7 @@ type CredentialConfigControllerGetConfigByIdData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/credentials/{id}";
+    url: '/api/issuer/credentials/{id}';
 };
 type CredentialConfigControllerGetConfigByIdResponses = {
     200: CredentialConfig;
@@ -3465,7 +3556,7 @@ type CredentialConfigControllerUpdateCredentialConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/credentials/{id}";
+    url: '/api/issuer/credentials/{id}';
 };
 type CredentialConfigControllerUpdateCredentialConfigurationResponses = {
     200: {
@@ -3473,47 +3564,200 @@ type CredentialConfigControllerUpdateCredentialConfigurationResponses = {
     };
 };
 type CredentialConfigControllerUpdateCredentialConfigurationResponse = CredentialConfigControllerUpdateCredentialConfigurationResponses[keyof CredentialConfigControllerUpdateCredentialConfigurationResponses];
-type CredentialConfigControllerSignSchemaMetaConfigData = {
+type SchemaMetadataControllerSignSchemaMetaConfigData = {
     body: SignSchemaMetaConfigDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/credentials/schema-metadata/sign";
+    url: '/api/schema-metadata/sign';
 };
-type CredentialConfigControllerSignSchemaMetaConfigErrors = {
+type SchemaMetadataControllerSignSchemaMetaConfigErrors = {
     /**
      * Invalid schema metadata or missing certificate for signing
      */
     400: unknown;
 };
-type CredentialConfigControllerSignSchemaMetaConfigResponses = {
+type SchemaMetadataControllerSignSchemaMetaConfigResponses = {
     /**
      * Registrar metadata entry for the freshly submitted schema metadata.
      */
     201: unknown;
 };
-type CredentialConfigControllerSignVersionSchemaMetaConfigData = {
+type SchemaMetadataControllerSignVersionSchemaMetaConfigData = {
     body: SignVersionSchemaMetaConfigDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/credentials/schema-metadata/sign-version";
+    url: '/api/schema-metadata/sign-version';
 };
-type CredentialConfigControllerSignVersionSchemaMetaConfigErrors = {
+type SchemaMetadataControllerSignVersionSchemaMetaConfigErrors = {
     /**
      * config.id is required; or invalid schema metadata
      */
     400: unknown;
 };
-type CredentialConfigControllerSignVersionSchemaMetaConfigResponses = {
-    /**
-     * Registrar metadata entry for the newly submitted version.
-     */
-    201: unknown;
+type SchemaMetadataControllerSignVersionSchemaMetaConfigResponses = {
+    /**
+     * Registrar metadata entry for the newly submitted version.
+     */
+    201: unknown;
+};
+type SchemaMetadataControllerGetVocabulariesData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/schema-metadata/vocabularies';
+};
+type SchemaMetadataControllerGetVocabulariesResponses = {
+    200: SchemaMetadataVocabulariesDto;
+};
+type SchemaMetadataControllerGetVocabulariesResponse = SchemaMetadataControllerGetVocabulariesResponses[keyof SchemaMetadataControllerGetVocabulariesResponses];
+type SchemaMetadataControllerFindAllData = {
+    body?: never;
+    path?: never;
+    query?: {
+        attestationId?: string;
+        version?: string;
+    };
+    url: '/api/schema-metadata';
+};
+type SchemaMetadataControllerFindAllResponses = {
+    200: Array<SchemaMetadataResponseDto>;
+};
+type SchemaMetadataControllerFindAllResponse = SchemaMetadataControllerFindAllResponses[keyof SchemaMetadataControllerFindAllResponses];
+type SchemaMetadataControllerFindOneData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}';
+};
+type SchemaMetadataControllerFindOneResponses = {
+    200: SchemaMetadataResponseDto;
+};
+type SchemaMetadataControllerFindOneResponse = SchemaMetadataControllerFindOneResponses[keyof SchemaMetadataControllerFindOneResponses];
+type SchemaMetadataControllerRemoveData = {
+    body?: never;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}';
+};
+type SchemaMetadataControllerRemoveResponses = {
+    /**
+     * Deleted
+     */
+    200: unknown;
+};
+type SchemaMetadataControllerUpdateData = {
+    body: UpdateSchemaMetadataDto;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}';
+};
+type SchemaMetadataControllerUpdateResponses = {
+    200: SchemaMetadataResponseDto;
+};
+type SchemaMetadataControllerUpdateResponse = SchemaMetadataControllerUpdateResponses[keyof SchemaMetadataControllerUpdateResponses];
+type SchemaMetadataControllerGetLatestData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/latest';
+};
+type SchemaMetadataControllerGetLatestResponses = {
+    200: SchemaMetadataResponseDto;
+};
+type SchemaMetadataControllerGetLatestResponse = SchemaMetadataControllerGetLatestResponses[keyof SchemaMetadataControllerGetLatestResponses];
+type SchemaMetadataControllerGetVersionsData = {
+    body?: never;
+    path: {
+        id: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions';
+};
+type SchemaMetadataControllerGetVersionsResponses = {
+    200: Array<SchemaMetadataResponseDto>;
+};
+type SchemaMetadataControllerGetVersionsResponse = SchemaMetadataControllerGetVersionsResponses[keyof SchemaMetadataControllerGetVersionsResponses];
+type SchemaMetadataControllerGetJwtData = {
+    body?: never;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}/jwt';
+};
+type SchemaMetadataControllerGetJwtResponses = {
+    /**
+     * Compact-serialization JWS string
+     */
+    200: string;
+};
+type SchemaMetadataControllerGetJwtResponse = SchemaMetadataControllerGetJwtResponses[keyof SchemaMetadataControllerGetJwtResponses];
+type SchemaMetadataControllerExportData = {
+    body?: never;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}/export';
+};
+type SchemaMetadataControllerExportResponses = {
+    /**
+     * Registrar-defined catalog document
+     */
+    200: {
+        [key: string]: unknown;
+    };
+};
+type SchemaMetadataControllerExportResponse = SchemaMetadataControllerExportResponses[keyof SchemaMetadataControllerExportResponses];
+type SchemaMetadataControllerGetSchemaData = {
+    body?: never;
+    path: {
+        id: string;
+        version: string;
+        format: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}/schemas/{format}';
+};
+type SchemaMetadataControllerGetSchemaResponses = {
+    /**
+     * JSON Schema document for the requested format
+     */
+    200: {
+        [key: string]: unknown;
+    };
+};
+type SchemaMetadataControllerGetSchemaResponse = SchemaMetadataControllerGetSchemaResponses[keyof SchemaMetadataControllerGetSchemaResponses];
+type SchemaMetadataControllerDeprecateVersionData = {
+    body: DeprecateSchemaMetadataDto;
+    path: {
+        id: string;
+        version: string;
+    };
+    query?: never;
+    url: '/api/schema-metadata/{id}/versions/{version}/deprecation';
+};
+type SchemaMetadataControllerDeprecateVersionResponses = {
+    200: SchemaMetadataResponseDto;
 };
+type SchemaMetadataControllerDeprecateVersionResponse = SchemaMetadataControllerDeprecateVersionResponses[keyof SchemaMetadataControllerDeprecateVersionResponses];
 type AttributeProviderControllerGetAllData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/issuer/attribute-providers";
+    url: '/api/issuer/attribute-providers';
 };
 type AttributeProviderControllerGetAllResponses = {
     /**
@@ -3525,7 +3769,7 @@ type AttributeProviderControllerCreateData = {
     body: CreateAttributeProviderDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/attribute-providers";
+    url: '/api/issuer/attribute-providers';
 };
 type AttributeProviderControllerCreateResponses = {
     /**
@@ -3539,7 +3783,7 @@ type AttributeProviderControllerDeleteData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/attribute-providers/{id}";
+    url: '/api/issuer/attribute-providers/{id}';
 };
 type AttributeProviderControllerDeleteErrors = {
     /**
@@ -3559,7 +3803,7 @@ type AttributeProviderControllerGetByIdData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/attribute-providers/{id}";
+    url: '/api/issuer/attribute-providers/{id}';
 };
 type AttributeProviderControllerGetByIdErrors = {
     /**
@@ -3579,7 +3823,7 @@ type AttributeProviderControllerUpdateData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/attribute-providers/{id}";
+    url: '/api/issuer/attribute-providers/{id}';
 };
 type AttributeProviderControllerUpdateErrors = {
     /**
@@ -3597,7 +3841,7 @@ type WebhookEndpointControllerGetAllData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/issuer/webhook-endpoints";
+    url: '/api/issuer/webhook-endpoints';
 };
 type WebhookEndpointControllerGetAllResponses = {
     /**
@@ -3610,7 +3854,7 @@ type WebhookEndpointControllerCreateData = {
     body: CreateWebhookEndpointDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/webhook-endpoints";
+    url: '/api/issuer/webhook-endpoints';
 };
 type WebhookEndpointControllerCreateResponses = {
     /**
@@ -3624,7 +3868,7 @@ type WebhookEndpointControllerDeleteData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/webhook-endpoints/{id}";
+    url: '/api/issuer/webhook-endpoints/{id}';
 };
 type WebhookEndpointControllerDeleteErrors = {
     /**
@@ -3644,7 +3888,7 @@ type WebhookEndpointControllerGetByIdData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/webhook-endpoints/{id}";
+    url: '/api/issuer/webhook-endpoints/{id}';
 };
 type WebhookEndpointControllerGetByIdErrors = {
     /**
@@ -3664,7 +3908,7 @@ type WebhookEndpointControllerUpdateData = {
         id: string;
     };
     query?: never;
-    url: "/api/issuer/webhook-endpoints/{id}";
+    url: '/api/issuer/webhook-endpoints/{id}';
 };
 type WebhookEndpointControllerUpdateErrors = {
     /**
@@ -3682,7 +3926,7 @@ type TrustListControllerGetAllTrustListsData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/trust-list";
+    url: '/api/trust-list';
 };
 type TrustListControllerGetAllTrustListsResponses = {
     200: Array<TrustList>;
@@ -3692,7 +3936,7 @@ type TrustListControllerCreateTrustListData = {
     body: TrustListCreateDto;
     path?: never;
     query?: never;
-    url: "/api/trust-list";
+    url: '/api/trust-list';
 };
 type TrustListControllerCreateTrustListResponses = {
     201: TrustList;
@@ -3704,7 +3948,7 @@ type TrustListControllerDeleteTrustListData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}";
+    url: '/api/trust-list/{id}';
 };
 type TrustListControllerDeleteTrustListResponses = {
     200: unknown;
@@ -3715,7 +3959,7 @@ type TrustListControllerGetTrustListData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}";
+    url: '/api/trust-list/{id}';
 };
 type TrustListControllerGetTrustListResponses = {
     200: TrustList;
@@ -3727,7 +3971,7 @@ type TrustListControllerUpdateTrustListData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}";
+    url: '/api/trust-list/{id}';
 };
 type TrustListControllerUpdateTrustListResponses = {
     200: TrustList;
@@ -3739,7 +3983,7 @@ type TrustListControllerExportTrustListData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}/export";
+    url: '/api/trust-list/{id}/export';
 };
 type TrustListControllerExportTrustListResponses = {
     200: TrustListCreateDto;
@@ -3751,7 +3995,7 @@ type TrustListControllerGetTrustListVersionsData = {
         id: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}/versions";
+    url: '/api/trust-list/{id}/versions';
 };
 type TrustListControllerGetTrustListVersionsResponses = {
     200: Array<TrustListVersion>;
@@ -3764,17 +4008,68 @@ type TrustListControllerGetTrustListVersionData = {
         versionId: string;
     };
     query?: never;
-    url: "/api/trust-list/{id}/versions/{versionId}";
+    url: '/api/trust-list/{id}/versions/{versionId}';
 };
 type TrustListControllerGetTrustListVersionResponses = {
     200: TrustListVersion;
 };
 type TrustListControllerGetTrustListVersionResponse = TrustListControllerGetTrustListVersionResponses[keyof TrustListControllerGetTrustListVersionResponses];
+type CacheControllerGetStatsData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/cache/stats';
+};
+type CacheControllerGetStatsResponses = {
+    /**
+     * Cache statistics
+     */
+    200: unknown;
+};
+type CacheControllerClearAllCachesData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/cache';
+};
+type CacheControllerClearAllCachesResponses = {
+    /**
+     * All caches cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearAllCachesResponse = CacheControllerClearAllCachesResponses[keyof CacheControllerClearAllCachesResponses];
+type CacheControllerClearTrustListCacheData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/cache/trust-list';
+};
+type CacheControllerClearTrustListCacheResponses = {
+    /**
+     * Trust list cache cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearTrustListCacheResponse = CacheControllerClearTrustListCacheResponses[keyof CacheControllerClearTrustListCacheResponses];
+type CacheControllerClearStatusListCacheData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/cache/status-list';
+};
+type CacheControllerClearStatusListCacheResponses = {
+    /**
+     * Status list cache cleared successfully
+     */
+    204: void;
+};
+type CacheControllerClearStatusListCacheResponse = CacheControllerClearStatusListCacheResponses[keyof CacheControllerClearStatusListCacheResponses];
 type PresentationManagementControllerConfigurationData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/verifier/config";
+    url: '/api/verifier/config';
 };
 type PresentationManagementControllerConfigurationResponses = {
     200: Array<PresentationConfig>;
@@ -3784,7 +4079,7 @@ type PresentationManagementControllerStorePresentationConfigData = {
     body: PresentationConfigCreateDto;
     path?: never;
     query?: never;
-    url: "/api/verifier/config";
+    url: '/api/verifier/config';
 };
 type PresentationManagementControllerStorePresentationConfigResponses = {
     201: PresentationConfig;
@@ -3794,7 +4089,7 @@ type PresentationManagementControllerResolveIssuerMetadataData = {
     body: ResolveIssuerMetadataDto;
     path?: never;
     query?: never;
-    url: "/api/verifier/config/issuer-metadata/resolve";
+    url: '/api/verifier/config/issuer-metadata/resolve';
 };
 type PresentationManagementControllerResolveIssuerMetadataErrors = {
     /**
@@ -3812,7 +4107,7 @@ type PresentationManagementControllerResolveSchemaMetadataData = {
     body: ResolveSchemaMetadataDto;
     path?: never;
     query?: never;
-    url: "/api/verifier/config/schema-metadata/resolve";
+    url: '/api/verifier/config/schema-metadata/resolve';
 };
 type PresentationManagementControllerResolveSchemaMetadataErrors = {
     /**
@@ -3830,7 +4125,7 @@ type PresentationManagementControllerListSchemaMetadataCatalogData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/verifier/config/schema-metadata/catalog";
+    url: '/api/verifier/config/schema-metadata/catalog';
 };
 type PresentationManagementControllerListSchemaMetadataCatalogResponses = {
     /**
@@ -3844,7 +4139,7 @@ type PresentationManagementControllerDeleteConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/verifier/config/{id}";
+    url: '/api/verifier/config/{id}';
 };
 type PresentationManagementControllerDeleteConfigurationResponses = {
     200: unknown;
@@ -3855,7 +4150,7 @@ type PresentationManagementControllerGetConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/verifier/config/{id}";
+    url: '/api/verifier/config/{id}';
 };
 type PresentationManagementControllerGetConfigurationResponses = {
     200: PresentationConfig;
@@ -3867,7 +4162,7 @@ type PresentationManagementControllerUpdateConfigurationData = {
         id: string;
     };
     query?: never;
-    url: "/api/verifier/config/{id}";
+    url: '/api/verifier/config/{id}';
 };
 type PresentationManagementControllerUpdateConfigurationResponses = {
     200: PresentationConfig;
@@ -3879,7 +4174,7 @@ type PresentationManagementControllerReissueRegistrationCertificateData = {
         id: string;
     };
     query?: never;
-    url: "/api/verifier/config/{id}/registration-cert/reissue";
+    url: '/api/verifier/config/{id}/registration-cert/reissue';
 };
 type PresentationManagementControllerReissueRegistrationCertificateErrors = {
     /**
@@ -3893,62 +4188,11 @@ type PresentationManagementControllerReissueRegistrationCertificateResponses = {
      */
     200: unknown;
 };
-type CacheControllerGetStatsData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/cache/stats";
-};
-type CacheControllerGetStatsResponses = {
-    /**
-     * Cache statistics
-     */
-    200: unknown;
-};
-type CacheControllerClearAllCachesData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/cache";
-};
-type CacheControllerClearAllCachesResponses = {
-    /**
-     * All caches cleared successfully
-     */
-    204: void;
-};
-type CacheControllerClearAllCachesResponse = CacheControllerClearAllCachesResponses[keyof CacheControllerClearAllCachesResponses];
-type CacheControllerClearTrustListCacheData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/cache/trust-list";
-};
-type CacheControllerClearTrustListCacheResponses = {
-    /**
-     * Trust list cache cleared successfully
-     */
-    204: void;
-};
-type CacheControllerClearTrustListCacheResponse = CacheControllerClearTrustListCacheResponses[keyof CacheControllerClearTrustListCacheResponses];
-type CacheControllerClearStatusListCacheData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/cache/status-list";
-};
-type CacheControllerClearStatusListCacheResponses = {
-    /**
-     * Status list cache cleared successfully
-     */
-    204: void;
-};
-type CacheControllerClearStatusListCacheResponse = CacheControllerClearStatusListCacheResponses[keyof CacheControllerClearStatusListCacheResponses];
 type RegistrarControllerDeleteConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/registrar/config";
+    url: '/api/registrar/config';
 };
 type RegistrarControllerDeleteConfigResponses = {
     /**
@@ -3961,7 +4205,7 @@ type RegistrarControllerGetConfigData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/registrar/config";
+    url: '/api/registrar/config';
 };
 type RegistrarControllerGetConfigErrors = {
     /**
@@ -3980,7 +4224,7 @@ type RegistrarControllerUpdateConfigData = {
     body: UpdateRegistrarConfigDto;
     path?: never;
     query?: never;
-    url: "/api/registrar/config";
+    url: '/api/registrar/config';
 };
 type RegistrarControllerUpdateConfigErrors = {
     /**
@@ -3991,6 +4235,10 @@ type RegistrarControllerUpdateConfigErrors = {
      * No registrar configuration found
      */
     404: unknown;
+    /**
+     * Registrar OIDC endpoint unreachable — credentials could not be verified
+     */
+    503: unknown;
 };
 type RegistrarControllerUpdateConfigResponses = {
     /**
@@ -4003,13 +4251,17 @@ type RegistrarControllerCreateConfigData = {
     body: CreateRegistrarConfigDto;
     path?: never;
     query?: never;
-    url: "/api/registrar/config";
+    url: '/api/registrar/config';
 };
 type RegistrarControllerCreateConfigErrors = {
     /**
      * Invalid credentials
      */
     400: unknown;
+    /**
+     * Registrar OIDC endpoint unreachable — credentials could not be verified
+     */
+    503: unknown;
 };
 type RegistrarControllerCreateConfigResponses = {
     /**
@@ -4022,7 +4274,7 @@ type RegistrarControllerCreateAccessCertificateData = {
     body: CreateAccessCertificateDto;
     path?: never;
     query?: never;
-    url: "/api/registrar/access-certificate";
+    url: '/api/registrar/access-certificate';
 };
 type RegistrarControllerCreateAccessCertificateErrors = {
     /**
@@ -4050,164 +4302,11 @@ type RegistrarControllerCreateAccessCertificateResponses = {
     };
 };
 type RegistrarControllerCreateAccessCertificateResponse = RegistrarControllerCreateAccessCertificateResponses[keyof RegistrarControllerCreateAccessCertificateResponses];
-type SchemaMetadataControllerGetVocabulariesData = {
-    body?: never;
-    path?: never;
-    query?: never;
-    url: "/api/schema-metadata/vocabularies";
-};
-type SchemaMetadataControllerGetVocabulariesResponses = {
-    200: SchemaMetadataVocabulariesDto;
-};
-type SchemaMetadataControllerGetVocabulariesResponse = SchemaMetadataControllerGetVocabulariesResponses[keyof SchemaMetadataControllerGetVocabulariesResponses];
-type SchemaMetadataControllerFindAllData = {
-    body?: never;
-    path?: never;
-    query?: {
-        attestationId?: string;
-        version?: string;
-    };
-    url: "/api/schema-metadata";
-};
-type SchemaMetadataControllerFindAllResponses = {
-    200: Array<SchemaMetadataResponseDto>;
-};
-type SchemaMetadataControllerFindAllResponse = SchemaMetadataControllerFindAllResponses[keyof SchemaMetadataControllerFindAllResponses];
-type SchemaMetadataControllerFindOneData = {
-    body?: never;
-    path: {
-        id: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}";
-};
-type SchemaMetadataControllerFindOneResponses = {
-    200: SchemaMetadataResponseDto;
-};
-type SchemaMetadataControllerFindOneResponse = SchemaMetadataControllerFindOneResponses[keyof SchemaMetadataControllerFindOneResponses];
-type SchemaMetadataControllerRemoveData = {
-    body?: never;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}";
-};
-type SchemaMetadataControllerRemoveResponses = {
-    /**
-     * Deleted
-     */
-    200: unknown;
-};
-type SchemaMetadataControllerUpdateData = {
-    body: UpdateSchemaMetadataDto;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}";
-};
-type SchemaMetadataControllerUpdateResponses = {
-    200: SchemaMetadataResponseDto;
-};
-type SchemaMetadataControllerUpdateResponse = SchemaMetadataControllerUpdateResponses[keyof SchemaMetadataControllerUpdateResponses];
-type SchemaMetadataControllerGetLatestData = {
-    body?: never;
-    path: {
-        id: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/latest";
-};
-type SchemaMetadataControllerGetLatestResponses = {
-    200: SchemaMetadataResponseDto;
-};
-type SchemaMetadataControllerGetLatestResponse = SchemaMetadataControllerGetLatestResponses[keyof SchemaMetadataControllerGetLatestResponses];
-type SchemaMetadataControllerGetVersionsData = {
-    body?: never;
-    path: {
-        id: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions";
-};
-type SchemaMetadataControllerGetVersionsResponses = {
-    200: Array<SchemaMetadataResponseDto>;
-};
-type SchemaMetadataControllerGetVersionsResponse = SchemaMetadataControllerGetVersionsResponses[keyof SchemaMetadataControllerGetVersionsResponses];
-type SchemaMetadataControllerGetJwtData = {
-    body?: never;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}/jwt";
-};
-type SchemaMetadataControllerGetJwtResponses = {
-    /**
-     * Compact-serialization JWS string
-     */
-    200: string;
-};
-type SchemaMetadataControllerGetJwtResponse = SchemaMetadataControllerGetJwtResponses[keyof SchemaMetadataControllerGetJwtResponses];
-type SchemaMetadataControllerExportData = {
-    body?: never;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}/export";
-};
-type SchemaMetadataControllerExportResponses = {
-    /**
-     * Registrar-defined catalog document
-     */
-    200: {
-        [key: string]: unknown;
-    };
-};
-type SchemaMetadataControllerExportResponse = SchemaMetadataControllerExportResponses[keyof SchemaMetadataControllerExportResponses];
-type SchemaMetadataControllerGetSchemaData = {
-    body?: never;
-    path: {
-        id: string;
-        version: string;
-        format: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}/schemas/{format}";
-};
-type SchemaMetadataControllerGetSchemaResponses = {
-    /**
-     * JSON Schema document for the requested format
-     */
-    200: {
-        [key: string]: unknown;
-    };
-};
-type SchemaMetadataControllerGetSchemaResponse = SchemaMetadataControllerGetSchemaResponses[keyof SchemaMetadataControllerGetSchemaResponses];
-type SchemaMetadataControllerDeprecateVersionData = {
-    body: DeprecateSchemaMetadataDto;
-    path: {
-        id: string;
-        version: string;
-    };
-    query?: never;
-    url: "/api/schema-metadata/{id}/versions/{version}/deprecation";
-};
-type SchemaMetadataControllerDeprecateVersionResponses = {
-    200: SchemaMetadataResponseDto;
-};
-type SchemaMetadataControllerDeprecateVersionResponse = SchemaMetadataControllerDeprecateVersionResponses[keyof SchemaMetadataControllerDeprecateVersionResponses];
 type CredentialOfferControllerGetOfferData = {
     body: OfferRequestDto;
     path?: never;
     query?: never;
-    url: "/api/issuer/offer";
+    url: '/api/issuer/offer';
 };
 type CredentialOfferControllerGetOfferResponses = {
     /**
@@ -4222,7 +4321,7 @@ type DeferredControllerCompleteDeferredData = {
         transactionId: string;
     };
     query?: never;
-    url: "/api/issuer/deferred/{transactionId}/complete";
+    url: '/api/issuer/deferred/{transactionId}/complete';
 };
 type DeferredControllerCompleteDeferredErrors = {
     /**
@@ -4243,7 +4342,7 @@ type DeferredControllerFailDeferredData = {
         transactionId: string;
     };
     query?: never;
-    url: "/api/issuer/deferred/{transactionId}/fail";
+    url: '/api/issuer/deferred/{transactionId}/fail';
 };
 type DeferredControllerFailDeferredErrors = {
     /**
@@ -4262,7 +4361,7 @@ type KeyChainControllerGetProvidersData = {
     body?: never;
     path?: never;
     query?: never;
-    url: "/api/key-chain/providers";
+    url: '/api/key-chain/providers';
 };
 type KeyChainControllerGetProvidersResponses = {
     /**
@@ -4271,6 +4370,18 @@ type KeyChainControllerGetProvidersResponses = {
     200: KmsProvidersResponseDto;
 };
 type KeyChainControllerGetProvidersResponse = KeyChainControllerGetProvidersResponses[keyof KeyChainControllerGetProvidersResponses];
+type KeyChainControllerGetProvidersHealthData = {
+    body?: never;
+    path?: never;
+    query?: never;
+    url: '/api/key-chain/providers/health';
+};
+type KeyChainControllerGetProvidersHealthResponses = {
+    /**
+     * Per-provider health result (ok, latencyMs, optional error).
+     */
+    200: unknown;
+};
 type KeyChainControllerGetAllData = {
     body?: never;
     path?: never;
@@ -4278,9 +4389,9 @@ type KeyChainControllerGetAllData = {
         /**
          * Optional usage type filter
          */
-        usageType?: "access" | "attestation" | "trustList" | "statusList" | "encrypt";
+        usageType?: 'access' | 'attestation' | 'trustList' | 'statusList' | 'encrypt';
     };
-    url: "/api/key-chain";
+    url: '/api/key-chain';
 };
 type KeyChainControllerGetAllResponses = {
     /**
@@ -4293,7 +4404,7 @@ type KeyChainControllerCreateData = {
     body: KeyChainCreateDto;
     path?: never;
     query?: never;
-    url: "/api/key-chain";
+    url: '/api/key-chain';
 };
 type KeyChainControllerCreateResponses = {
     /**
@@ -4307,7 +4418,7 @@ type KeyChainControllerDeleteData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}";
+    url: '/api/key-chain/{id}';
 };
 type KeyChainControllerDeleteErrors = {
     /**
@@ -4327,7 +4438,7 @@ type KeyChainControllerGetByIdData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}";
+    url: '/api/key-chain/{id}';
 };
 type KeyChainControllerGetByIdErrors = {
     /**
@@ -4348,7 +4459,7 @@ type KeyChainControllerUpdateData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}";
+    url: '/api/key-chain/{id}';
 };
 type KeyChainControllerUpdateErrors = {
     /**
@@ -4368,7 +4479,7 @@ type KeyChainControllerExportData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}/export";
+    url: '/api/key-chain/{id}/export';
 };
 type KeyChainControllerExportErrors = {
     /**
@@ -4387,7 +4498,7 @@ type KeyChainControllerImportData = {
     body: KeyChainImportDto;
     path?: never;
     query?: never;
-    url: "/api/key-chain/import";
+    url: '/api/key-chain/import';
 };
 type KeyChainControllerImportResponses = {
     /**
@@ -4401,7 +4512,7 @@ type KeyChainControllerRotateData = {
         id: string;
     };
     query?: never;
-    url: "/api/key-chain/{id}/rotate";
+    url: '/api/key-chain/{id}/rotate';
 };
 type KeyChainControllerRotateErrors = {
     /**
@@ -4419,7 +4530,7 @@ type VerifierOfferControllerGetOfferData = {
     body: PresentationRequest;
     path?: never;
     query?: never;
-    url: "/api/verifier/offer";
+    url: '/api/verifier/offer';
 };
 type VerifierOfferControllerGetOfferResponses = {
     /**
@@ -4432,7 +4543,7 @@ type StorageControllerUploadData = {
     body: FileUploadDto;
     path?: never;
     query?: never;
-    url: "/api/storage";
+    url: '/api/storage';
 };
 type StorageControllerUploadResponses = {
     201: {
@@ -4441,4 +4552,4 @@ type StorageControllerUploadResponses = {
 };
 type StorageControllerUploadResponse = StorageControllerUploadResponses[keyof StorageControllerUploadResponses];
 
-export type { ChainedAsTokenConfig as $, AccessCertificateRefDto as A, AuthControllerGetOAuth2TokenData as B, AuthControllerGetOAuth2TokenErrors as C, AuthControllerGetOAuth2TokenResponse as D, AuthControllerGetOAuth2TokenResponses as E, AuthenticationMethodAuth as F, AuthenticationMethodNone as G, AuthenticationMethodPresentation as H, AuthenticationUrlConfig as I, AuthorizationResponse as J, AuthorizeQueries as K, CacheControllerClearAllCachesData as L, CacheControllerClearAllCachesResponse as M, CacheControllerClearAllCachesResponses as N, CacheControllerClearStatusListCacheData as O, CacheControllerClearStatusListCacheResponse as P, CacheControllerClearStatusListCacheResponses as Q, CacheControllerClearTrustListCacheData as R, Session as S, CacheControllerClearTrustListCacheResponse as T, CacheControllerClearTrustListCacheResponses as U, CacheControllerGetStatsData as V, CacheControllerGetStatsResponses as W, CertificateInfoDto as X, ChainedAsConfig as Y, ChainedAsErrorResponseDto as Z, ChainedAsParResponseDto as _, AllowListPolicy as a, CredentialOfferControllerGetOfferResponse as a$, ChainedAsTokenRequestDto as a0, ChainedAsTokenResponseDto as a1, ClaimDisplayInfo as a2, ClaimMetadata as a3, ClaimsQuery as a4, ClientControllerCreateClientData as a5, ClientControllerCreateClientResponse as a6, ClientControllerCreateClientResponses as a7, ClientControllerDeleteClientData as a8, ClientControllerDeleteClientResponses as a9, CreateUserDto as aA, CreateWebhookEndpointDto as aB, CredentialConfig as aC, CredentialConfigControllerDeleteIssuanceConfigurationData as aD, CredentialConfigControllerDeleteIssuanceConfigurationResponse as aE, CredentialConfigControllerDeleteIssuanceConfigurationResponses as aF, CredentialConfigControllerGetConfigByIdData as aG, CredentialConfigControllerGetConfigByIdResponse as aH, CredentialConfigControllerGetConfigByIdResponses as aI, CredentialConfigControllerGetConfigsData as aJ, CredentialConfigControllerGetConfigsResponse as aK, CredentialConfigControllerGetConfigsResponses as aL, CredentialConfigControllerSignSchemaMetaConfigData as aM, CredentialConfigControllerSignSchemaMetaConfigErrors as aN, CredentialConfigControllerSignSchemaMetaConfigResponses as aO, CredentialConfigControllerSignVersionSchemaMetaConfigData as aP, CredentialConfigControllerSignVersionSchemaMetaConfigErrors as aQ, CredentialConfigControllerSignVersionSchemaMetaConfigResponses as aR, CredentialConfigControllerStoreCredentialConfigurationData as aS, CredentialConfigControllerStoreCredentialConfigurationResponse as aT, CredentialConfigControllerStoreCredentialConfigurationResponses as aU, CredentialConfigControllerUpdateCredentialConfigurationData as aV, CredentialConfigControllerUpdateCredentialConfigurationResponse as aW, CredentialConfigControllerUpdateCredentialConfigurationResponses as aX, CredentialConfigCreate as aY, CredentialConfigUpdate as aZ, CredentialOfferControllerGetOfferData as a_, ClientControllerGetClientData as aa, ClientControllerGetClientResponse as ab, ClientControllerGetClientResponses as ac, ClientControllerGetClientSecretData as ad, ClientControllerGetClientSecretResponse as ae, ClientControllerGetClientSecretResponses as af, ClientControllerGetClientsData as ag, ClientControllerGetClientsResponse as ah, ClientControllerGetClientsResponses as ai, ClientControllerRotateClientSecretData as aj, ClientControllerRotateClientSecretResponse as ak, ClientControllerRotateClientSecretResponses as al, ClientControllerUpdateClientData as am, ClientControllerUpdateClientResponse as an, ClientControllerUpdateClientResponses as ao, ClientCredentialsDto as ap, ClientEntity as aq, ClientOptions as ar, ClientSecretResponseDto as as, CompleteDeferredDto as at, CreateAccessCertificateDto as au, CreateAttributeProviderDto as av, CreateClientDto as aw, CreateRegistrarConfigDto as ax, CreateStatusListDto as ay, CreateTenantDto as az, ApiKeyConfig as b, KeyChainControllerGetProvidersData as b$, CredentialOfferControllerGetOfferResponses as b0, CredentialQuery as b1, CredentialSetQuery as b2, Dcql as b3, DeferredControllerCompleteDeferredData as b4, DeferredControllerCompleteDeferredErrors as b5, DeferredControllerCompleteDeferredResponse as b6, DeferredControllerCompleteDeferredResponses as b7, DeferredControllerFailDeferredData as b8, DeferredControllerFailDeferredErrors as b9, IssuanceConfig as bA, IssuanceConfigControllerGetIssuanceConfigurationsData as bB, IssuanceConfigControllerGetIssuanceConfigurationsResponse as bC, IssuanceConfigControllerGetIssuanceConfigurationsResponses as bD, IssuanceConfigControllerStoreIssuanceConfigurationData as bE, IssuanceConfigControllerStoreIssuanceConfigurationResponse as bF, IssuanceConfigControllerStoreIssuanceConfigurationResponses as bG, IssuanceDto as bH, IssuerMetadataCredentialConfig as bI, JwksResponseDto as bJ, KeyAttestationsRequired as bK, KeyChainControllerCreateData as bL, KeyChainControllerCreateResponses as bM, KeyChainControllerDeleteData as bN, KeyChainControllerDeleteErrors as bO, KeyChainControllerDeleteResponses as bP, KeyChainControllerExportData as bQ, KeyChainControllerExportErrors as bR, KeyChainControllerExportResponse as bS, KeyChainControllerExportResponses as bT, KeyChainControllerGetAllData as bU, KeyChainControllerGetAllResponse as bV, KeyChainControllerGetAllResponses as bW, KeyChainControllerGetByIdData as bX, KeyChainControllerGetByIdErrors as bY, KeyChainControllerGetByIdResponse as bZ, KeyChainControllerGetByIdResponses as b_, DeferredControllerFailDeferredResponse as ba, DeferredControllerFailDeferredResponses as bb, DeferredCredentialRequestDto as bc, DeferredOperationResponse as bd, DeprecateSchemaMetadataDto as be, Display as bf, DisplayImage as bg, DisplayInfo as bh, DisplayLogo as bi, EcJwk as bj, EcPublic as bk, EmbeddedDisclosurePolicy as bl, ExportEcJwk as bm, ExportRotationPolicyDto as bn, ExternalTrustListEntity as bo, FailDeferredDto as bp, FileUploadDto as bq, FrontendConfigResponseDto as br, GrafanaConfigDto as bs, IaeActionOpenid4VpPresentation as bt, IaeActionRedirectToWeb as bu, ImportTenantDto as bv, InteractiveAuthorizationCodeResponseDto as bw, InteractiveAuthorizationErrorResponseDto as bx, InteractiveAuthorizationRequestDto as by, InternalTrustListEntity as bz, AppControllerGetFrontendConfigData as c, RegistrarControllerCreateAccessCertificateData as c$, KeyChainControllerGetProvidersResponse as c0, KeyChainControllerGetProvidersResponses as c1, KeyChainControllerImportData as c2, KeyChainControllerImportResponses as c3, KeyChainControllerRotateData as c4, KeyChainControllerRotateErrors as c5, KeyChainControllerRotateResponses as c6, KeyChainControllerUpdateData as c7, KeyChainControllerUpdateErrors as c8, KeyChainControllerUpdateResponses as c9, PresentationManagementControllerConfigurationResponse as cA, PresentationManagementControllerConfigurationResponses as cB, PresentationManagementControllerDeleteConfigurationData as cC, PresentationManagementControllerDeleteConfigurationResponses as cD, PresentationManagementControllerGetConfigurationData as cE, PresentationManagementControllerGetConfigurationResponse as cF, PresentationManagementControllerGetConfigurationResponses as cG, PresentationManagementControllerListSchemaMetadataCatalogData as cH, PresentationManagementControllerListSchemaMetadataCatalogResponses as cI, PresentationManagementControllerReissueRegistrationCertificateData as cJ, PresentationManagementControllerReissueRegistrationCertificateErrors as cK, PresentationManagementControllerReissueRegistrationCertificateResponses as cL, PresentationManagementControllerResolveIssuerMetadataData as cM, PresentationManagementControllerResolveIssuerMetadataErrors as cN, PresentationManagementControllerResolveIssuerMetadataResponses as cO, PresentationManagementControllerResolveSchemaMetadataData as cP, PresentationManagementControllerResolveSchemaMetadataErrors as cQ, PresentationManagementControllerResolveSchemaMetadataResponses as cR, PresentationManagementControllerStorePresentationConfigData as cS, PresentationManagementControllerStorePresentationConfigResponse as cT, PresentationManagementControllerStorePresentationConfigResponses as cU, PresentationManagementControllerUpdateConfigurationData as cV, PresentationManagementControllerUpdateConfigurationResponse as cW, PresentationManagementControllerUpdateConfigurationResponses as cX, PresentationRequest as cY, PublicKeyInfoDto as cZ, RegistrarConfigResponseDto as c_, KeyChainCreateDto as ca, KeyChainEntity as cb, KeyChainExportDto as cc, KeyChainImportDto as cd, KeyChainResponseDto as ce, KeyChainUpdateDto as cf, KmsProviderCapabilitiesDto as cg, KmsProviderInfoDto as ch, KmsProvidersResponseDto as ci, ManagedUserDto as cj, MetadataSchemaDto as ck, NoneTrustPolicy as cl, NotificationRequestDto as cm, Object$1 as cn, ObjectWritable as co, OfferRequestDto as cp, OfferResponse as cq, ParResponseDto as cr, PolicyCredential as cs, PresentationAttachment as ct, PresentationConfig as cu, PresentationConfigCreateDto as cv, PresentationConfigUpdateDto as cw, PresentationConfigWritable as cx, PresentationDuringIssuanceConfig as cy, PresentationManagementControllerConfigurationData as cz, AppControllerGetFrontendConfigResponse as d, SchemaMetadataControllerUpdateResponses as d$, RegistrarControllerCreateAccessCertificateErrors as d0, RegistrarControllerCreateAccessCertificateResponse as d1, RegistrarControllerCreateAccessCertificateResponses as d2, RegistrarControllerCreateConfigData as d3, RegistrarControllerCreateConfigErrors as d4, RegistrarControllerCreateConfigResponse as d5, RegistrarControllerCreateConfigResponses as d6, RegistrarControllerDeleteConfigData as d7, RegistrarControllerDeleteConfigResponse as d8, RegistrarControllerDeleteConfigResponses as d9, SchemaMetadataControllerExportResponse as dA, SchemaMetadataControllerExportResponses as dB, SchemaMetadataControllerFindAllData as dC, SchemaMetadataControllerFindAllResponse as dD, SchemaMetadataControllerFindAllResponses as dE, SchemaMetadataControllerFindOneData as dF, SchemaMetadataControllerFindOneResponse as dG, SchemaMetadataControllerFindOneResponses as dH, SchemaMetadataControllerGetJwtData as dI, SchemaMetadataControllerGetJwtResponse as dJ, SchemaMetadataControllerGetJwtResponses as dK, SchemaMetadataControllerGetLatestData as dL, SchemaMetadataControllerGetLatestResponse as dM, SchemaMetadataControllerGetLatestResponses as dN, SchemaMetadataControllerGetSchemaData as dO, SchemaMetadataControllerGetSchemaResponse as dP, SchemaMetadataControllerGetSchemaResponses as dQ, SchemaMetadataControllerGetVersionsData as dR, SchemaMetadataControllerGetVersionsResponse as dS, SchemaMetadataControllerGetVersionsResponses as dT, SchemaMetadataControllerGetVocabulariesData as dU, SchemaMetadataControllerGetVocabulariesResponse as dV, SchemaMetadataControllerGetVocabulariesResponses as dW, SchemaMetadataControllerRemoveData as dX, SchemaMetadataControllerRemoveResponses as dY, SchemaMetadataControllerUpdateData as dZ, SchemaMetadataControllerUpdateResponse as d_, RegistrarControllerGetConfigData as da, RegistrarControllerGetConfigErrors as db, RegistrarControllerGetConfigResponse as dc, RegistrarControllerGetConfigResponses as dd, RegistrarControllerUpdateConfigData as de, RegistrarControllerUpdateConfigErrors as df, RegistrarControllerUpdateConfigResponse as dg, RegistrarControllerUpdateConfigResponses as dh, RegistrationCertificateBody as di, RegistrationCertificateDefaults as dj, RegistrationCertificatePurpose as dk, RegistrationCertificateRequest as dl, ResolveIssuerMetadataDto as dm, ResolveSchemaMetadataDto as dn, RoleDto as dp, RootOfTrustPolicy as dq, RotationPolicyCreateDto as dr, RotationPolicyImportDto as ds, RotationPolicyResponseDto as dt, RotationPolicyUpdateDto as du, SchemaMetaConfig as dv, SchemaMetadataControllerDeprecateVersionData as dw, SchemaMetadataControllerDeprecateVersionResponse as dx, SchemaMetadataControllerDeprecateVersionResponses as dy, SchemaMetadataControllerExportData as dz, AppControllerGetFrontendConfigResponses as e, TenantControllerDeleteTenantData as e$, SchemaMetadataResponseDto as e0, SchemaMetadataVocabulariesDto as e1, SchemaResponse as e2, SchemaUriEntry as e3, SessionConfigControllerGetConfigData as e4, SessionConfigControllerGetConfigResponse as e5, SessionConfigControllerGetConfigResponses as e6, SessionConfigControllerResetConfigData as e7, SessionConfigControllerResetConfigResponses as e8, SessionConfigControllerUpdateConfigData as e9, StatusListConfigControllerResetConfigData as eA, StatusListConfigControllerResetConfigResponse as eB, StatusListConfigControllerResetConfigResponses as eC, StatusListConfigControllerUpdateConfigData as eD, StatusListConfigControllerUpdateConfigResponse as eE, StatusListConfigControllerUpdateConfigResponses as eF, StatusListImportDto as eG, StatusListManagementControllerCreateListData as eH, StatusListManagementControllerCreateListResponse as eI, StatusListManagementControllerCreateListResponses as eJ, StatusListManagementControllerDeleteListData as eK, StatusListManagementControllerDeleteListResponse as eL, StatusListManagementControllerDeleteListResponses as eM, StatusListManagementControllerGetListData as eN, StatusListManagementControllerGetListResponse as eO, StatusListManagementControllerGetListResponses as eP, StatusListManagementControllerGetListsData as eQ, StatusListManagementControllerGetListsResponse as eR, StatusListManagementControllerGetListsResponses as eS, StatusListManagementControllerUpdateListData as eT, StatusListManagementControllerUpdateListResponse as eU, StatusListManagementControllerUpdateListResponses as eV, StatusListResponseDto as eW, StatusUpdateDto as eX, StorageControllerUploadData as eY, StorageControllerUploadResponse as eZ, StorageControllerUploadResponses as e_, SessionConfigControllerUpdateConfigResponse as ea, SessionConfigControllerUpdateConfigResponses as eb, SessionControllerDeleteSessionData as ec, SessionControllerDeleteSessionResponses as ed, SessionControllerGetAllSessionsData as ee, SessionControllerGetAllSessionsResponse as ef, SessionControllerGetAllSessionsResponses as eg, SessionControllerGetSessionData as eh, SessionControllerGetSessionLogsData as ei, SessionControllerGetSessionLogsResponse as ej, SessionControllerGetSessionLogsResponses as ek, SessionControllerGetSessionResponse as el, SessionControllerGetSessionResponses as em, SessionControllerRevokeAllData as en, SessionControllerRevokeAllResponses as eo, SessionEventsControllerSubscribeToSessionEventsData as ep, SessionEventsControllerSubscribeToSessionEventsResponses as eq, SessionLogEntryResponseDto as er, SessionStorageConfig as es, SignSchemaMetaConfigDto as et, SignVersionSchemaMetaConfigDto as eu, StatusListAggregationDto as ev, StatusListConfig as ew, StatusListConfigControllerGetConfigData as ex, StatusListConfigControllerGetConfigResponse as ey, StatusListConfigControllerGetConfigResponses as ez, AppControllerGetVersionData as f, UserControllerGetUserResponse as f$, TenantControllerDeleteTenantResponses as f0, TenantControllerGetTenantData as f1, TenantControllerGetTenantResponse as f2, TenantControllerGetTenantResponses as f3, TenantControllerGetTenantsData as f4, TenantControllerGetTenantsResponse as f5, TenantControllerGetTenantsResponses as f6, TenantControllerInitTenantData as f7, TenantControllerInitTenantResponse as f8, TenantControllerInitTenantResponses as f9, TrustListControllerGetTrustListVersionsData as fA, TrustListControllerGetTrustListVersionsResponse as fB, TrustListControllerGetTrustListVersionsResponses as fC, TrustListControllerUpdateTrustListData as fD, TrustListControllerUpdateTrustListResponse as fE, TrustListControllerUpdateTrustListResponses as fF, TrustListCreateDto as fG, TrustListEntityInfo as fH, TrustListVersion as fI, TrustedAuthorityQuery as fJ, UpdateAttributeProviderDto as fK, UpdateClientDto as fL, UpdateRegistrarConfigDto as fM, UpdateSchemaMetadataDto as fN, UpdateSessionConfigDto as fO, UpdateStatusListConfigDto as fP, UpdateStatusListDto as fQ, UpdateTenantDto as fR, UpdateUserDto as fS, UpdateWebhookEndpointDto as fT, UpstreamOidcConfig as fU, UserControllerCreateUserData as fV, UserControllerCreateUserResponse as fW, UserControllerCreateUserResponses as fX, UserControllerDeleteUserData as fY, UserControllerDeleteUserResponses as fZ, UserControllerGetUserData as f_, TenantControllerUpdateTenantData as fa, TenantControllerUpdateTenantResponse as fb, TenantControllerUpdateTenantResponses as fc, TenantEntity as fd, TokenResponse as fe, TransactionData as ff, TrustAuthorityDto as fg, TrustAuthorityEntry as fh, TrustList as fi, TrustListControllerCreateTrustListData as fj, TrustListControllerCreateTrustListResponse as fk, TrustListControllerCreateTrustListResponses as fl, TrustListControllerDeleteTrustListData as fm, TrustListControllerDeleteTrustListResponses as fn, TrustListControllerExportTrustListData as fo, TrustListControllerExportTrustListResponse as fp, TrustListControllerExportTrustListResponses as fq, TrustListControllerGetAllTrustListsData as fr, TrustListControllerGetAllTrustListsResponse as fs, TrustListControllerGetAllTrustListsResponses as ft, TrustListControllerGetTrustListData as fu, TrustListControllerGetTrustListResponse as fv, TrustListControllerGetTrustListResponses as fw, TrustListControllerGetTrustListVersionData as fx, TrustListControllerGetTrustListVersionResponse as fy, TrustListControllerGetTrustListVersionResponses as fz, AppControllerGetVersionResponses as g, UserControllerGetUserResponses as g0, UserControllerGetUsersData as g1, UserControllerGetUsersResponse as g2, UserControllerGetUsersResponses as g3, UserControllerUpdateUserData as g4, UserControllerUpdateUserResponse as g5, UserControllerUpdateUserResponses as g6, Vct as g7, VerifierOfferControllerGetOfferData as g8, VerifierOfferControllerGetOfferResponse as g9, VerifierOfferControllerGetOfferResponses as ga, VocabularyEntryDto as gb, WebHookAuthConfigHeader as gc, WebHookAuthConfigNone as gd, WebhookConfig as ge, WebhookEndpointControllerCreateData as gf, WebhookEndpointControllerCreateResponses as gg, WebhookEndpointControllerDeleteData as gh, WebhookEndpointControllerDeleteErrors as gi, WebhookEndpointControllerDeleteResponses as gj, WebhookEndpointControllerGetAllData as gk, WebhookEndpointControllerGetAllResponse as gl, WebhookEndpointControllerGetAllResponses as gm, WebhookEndpointControllerGetByIdData as gn, WebhookEndpointControllerGetByIdErrors as go, WebhookEndpointControllerGetByIdResponses as gp, WebhookEndpointControllerUpdateData as gq, WebhookEndpointControllerUpdateErrors as gr, WebhookEndpointControllerUpdateResponses as gs, WebhookEndpointEntity as gt, AttestationBasedPolicy as h, AttributeProviderControllerCreateData as i, AttributeProviderControllerCreateResponses as j, AttributeProviderControllerDeleteData as k, AttributeProviderControllerDeleteErrors as l, AttributeProviderControllerDeleteResponses as m, AttributeProviderControllerGetAllData as n, AttributeProviderControllerGetAllResponses as o, AttributeProviderControllerGetByIdData as p, AttributeProviderControllerGetByIdErrors as q, AttributeProviderControllerGetByIdResponses as r, AttributeProviderControllerUpdateData as s, AttributeProviderControllerUpdateErrors as t, AttributeProviderControllerUpdateResponses as u, AttributeProviderEntity as v, AuditLogControllerGetAuditLogsData as w, AuditLogControllerGetAuditLogsResponse as x, AuditLogControllerGetAuditLogsResponses as y, AuditLogResponseDto as z };
+export type { ChainedAsParResponseDto as $, AccessCertificateRefDto as A, AuthControllerGetOAuth2TokenData as B, ClientOptions as C, AuthControllerGetOAuth2TokenErrors as D, AuthControllerGetOAuth2TokenResponse as E, AuthControllerGetOAuth2TokenResponses as F, AuthenticationMethodAuth as G, AuthenticationMethodNone as H, AuthenticationMethodPresentation as I, AuthenticationUrlConfig as J, AuthorizationResponse as K, AuthorizeQueries as L, CacheControllerClearAllCachesData as M, CacheControllerClearAllCachesResponse as N, CacheControllerClearAllCachesResponses as O, CacheControllerClearStatusListCacheData as P, CacheControllerClearStatusListCacheResponse as Q, CacheControllerClearStatusListCacheResponses as R, Session as S, CacheControllerClearTrustListCacheData as T, CacheControllerClearTrustListCacheResponse as U, CacheControllerClearTrustListCacheResponses as V, CacheControllerGetStatsData as W, CacheControllerGetStatsResponses as X, CertificateInfoDto as Y, ChainedAsConfig as Z, ChainedAsErrorResponseDto as _, AllowListPolicy as a, DeferredControllerCompleteDeferredResponse as a$, ChainedAsTokenConfig as a0, ChainedAsTokenRequestDto as a1, ChainedAsTokenResponseDto as a2, ClaimFieldDefinitionDto as a3, ClaimsQuery as a4, ClientControllerCreateClientData as a5, ClientControllerCreateClientResponse as a6, ClientControllerCreateClientResponses as a7, ClientControllerDeleteClientData as a8, ClientControllerDeleteClientResponses as a9, CreateWebhookEndpointDto as aA, CredentialConfig as aB, CredentialConfigControllerDeleteIssuanceConfigurationData as aC, CredentialConfigControllerDeleteIssuanceConfigurationResponse as aD, CredentialConfigControllerDeleteIssuanceConfigurationResponses as aE, CredentialConfigControllerGetConfigByIdData as aF, CredentialConfigControllerGetConfigByIdResponse as aG, CredentialConfigControllerGetConfigByIdResponses as aH, CredentialConfigControllerGetConfigsData as aI, CredentialConfigControllerGetConfigsResponse as aJ, CredentialConfigControllerGetConfigsResponses as aK, CredentialConfigControllerStoreCredentialConfigurationData as aL, CredentialConfigControllerStoreCredentialConfigurationResponse as aM, CredentialConfigControllerStoreCredentialConfigurationResponses as aN, CredentialConfigControllerUpdateCredentialConfigurationData as aO, CredentialConfigControllerUpdateCredentialConfigurationResponse as aP, CredentialConfigControllerUpdateCredentialConfigurationResponses as aQ, CredentialConfigCreate as aR, CredentialConfigUpdate as aS, CredentialOfferControllerGetOfferData as aT, CredentialOfferControllerGetOfferResponse as aU, CredentialOfferControllerGetOfferResponses as aV, CredentialQuery as aW, CredentialSetQuery as aX, Dcql as aY, DeferredControllerCompleteDeferredData as aZ, DeferredControllerCompleteDeferredErrors as a_, ClientControllerGetClientData as aa, ClientControllerGetClientResponse as ab, ClientControllerGetClientResponses as ac, ClientControllerGetClientSecretData as ad, ClientControllerGetClientSecretResponse as ae, ClientControllerGetClientSecretResponses as af, ClientControllerGetClientsData as ag, ClientControllerGetClientsResponse as ah, ClientControllerGetClientsResponses as ai, ClientControllerRotateClientSecretData as aj, ClientControllerRotateClientSecretResponse as ak, ClientControllerRotateClientSecretResponses as al, ClientControllerUpdateClientData as am, ClientControllerUpdateClientResponse as an, ClientControllerUpdateClientResponses as ao, ClientCredentialsDto as ap, ClientEntity as aq, ClientSecretResponseDto as ar, CompleteDeferredDto as as, CreateAccessCertificateDto as at, CreateAttributeProviderDto as au, CreateClientDto as av, CreateRegistrarConfigDto as aw, CreateStatusListDto as ax, CreateTenantDto as ay, CreateUserDto as az, ApiKeyConfig as b, KeyChainControllerGetProvidersResponses as b$, DeferredControllerCompleteDeferredResponses as b0, DeferredControllerFailDeferredData as b1, DeferredControllerFailDeferredErrors as b2, DeferredControllerFailDeferredResponse as b3, DeferredControllerFailDeferredResponses as b4, DeferredCredentialRequestDto as b5, DeferredOperationResponse as b6, DeprecateSchemaMetadataDto as b7, Display as b8, DisplayImage as b9, IssuanceConfigControllerStoreIssuanceConfigurationData as bA, IssuanceConfigControllerStoreIssuanceConfigurationResponse as bB, IssuanceConfigControllerStoreIssuanceConfigurationResponses as bC, IssuanceDto as bD, IssuerMetadataCredentialConfig as bE, JwksResponseDto as bF, KeyAttestationsRequired as bG, KeyChainControllerCreateData as bH, KeyChainControllerCreateResponses as bI, KeyChainControllerDeleteData as bJ, KeyChainControllerDeleteErrors as bK, KeyChainControllerDeleteResponses as bL, KeyChainControllerExportData as bM, KeyChainControllerExportErrors as bN, KeyChainControllerExportResponse as bO, KeyChainControllerExportResponses as bP, KeyChainControllerGetAllData as bQ, KeyChainControllerGetAllResponse as bR, KeyChainControllerGetAllResponses as bS, KeyChainControllerGetByIdData as bT, KeyChainControllerGetByIdErrors as bU, KeyChainControllerGetByIdResponse as bV, KeyChainControllerGetByIdResponses as bW, KeyChainControllerGetProvidersData as bX, KeyChainControllerGetProvidersHealthData as bY, KeyChainControllerGetProvidersHealthResponses as bZ, KeyChainControllerGetProvidersResponse as b_, DisplayInfo as ba, DisplayLogo as bb, EcJwk as bc, EcPublic as bd, EmbeddedDisclosurePolicy as be, ExportEcJwk as bf, ExportRotationPolicyDto as bg, ExternalTrustListEntity as bh, FailDeferredDto as bi, FederationConfig as bj, FederationTrustAnchorConfig as bk, FieldDisplayDto as bl, FileUploadDto as bm, FrontendConfigResponseDto as bn, GrafanaConfigDto as bo, IaeActionOpenid4VpPresentation as bp, IaeActionRedirectToWeb as bq, ImportTenantDto as br, InteractiveAuthorizationCodeResponseDto as bs, InteractiveAuthorizationErrorResponseDto as bt, InteractiveAuthorizationRequestDto as bu, InternalTrustListEntity as bv, IssuanceConfig as bw, IssuanceConfigControllerGetIssuanceConfigurationsData as bx, IssuanceConfigControllerGetIssuanceConfigurationsResponse as by, IssuanceConfigControllerGetIssuanceConfigurationsResponses as bz, AppControllerGetFrontendConfigData as c, RegistrarControllerCreateAccessCertificateErrors as c$, KeyChainControllerImportData as c0, KeyChainControllerImportResponses as c1, KeyChainControllerRotateData as c2, KeyChainControllerRotateErrors as c3, KeyChainControllerRotateResponses as c4, KeyChainControllerUpdateData as c5, KeyChainControllerUpdateErrors as c6, KeyChainControllerUpdateResponses as c7, KeyChainCreateDto as c8, KeyChainEntity as c9, PresentationManagementControllerConfigurationResponses as cA, PresentationManagementControllerDeleteConfigurationData as cB, PresentationManagementControllerDeleteConfigurationResponses as cC, PresentationManagementControllerGetConfigurationData as cD, PresentationManagementControllerGetConfigurationResponse as cE, PresentationManagementControllerGetConfigurationResponses as cF, PresentationManagementControllerListSchemaMetadataCatalogData as cG, PresentationManagementControllerListSchemaMetadataCatalogResponses as cH, PresentationManagementControllerReissueRegistrationCertificateData as cI, PresentationManagementControllerReissueRegistrationCertificateErrors as cJ, PresentationManagementControllerReissueRegistrationCertificateResponses as cK, PresentationManagementControllerResolveIssuerMetadataData as cL, PresentationManagementControllerResolveIssuerMetadataErrors as cM, PresentationManagementControllerResolveIssuerMetadataResponses as cN, PresentationManagementControllerResolveSchemaMetadataData as cO, PresentationManagementControllerResolveSchemaMetadataErrors as cP, PresentationManagementControllerResolveSchemaMetadataResponses as cQ, PresentationManagementControllerStorePresentationConfigData as cR, PresentationManagementControllerStorePresentationConfigResponse as cS, PresentationManagementControllerStorePresentationConfigResponses as cT, PresentationManagementControllerUpdateConfigurationData as cU, PresentationManagementControllerUpdateConfigurationResponse as cV, PresentationManagementControllerUpdateConfigurationResponses as cW, PresentationRequest as cX, PublicKeyInfoDto as cY, RegistrarConfigResponseDto as cZ, RegistrarControllerCreateAccessCertificateData as c_, KeyChainExportDto as ca, KeyChainImportDto as cb, KeyChainResponseDto as cc, KeyChainUpdateDto as cd, KmsProviderCapabilitiesDto as ce, KmsProviderInfoDto as cf, KmsProvidersResponseDto as cg, ManagedUserDto as ch, MetadataSchemaDto as ci, NoneTrustPolicy as cj, NotificationRequestDto as ck, Object$1 as cl, ObjectWritable as cm, OfferRequestDto as cn, OfferResponse as co, PaginatedSessionResponseDto as cp, ParResponseDto as cq, PolicyCredential as cr, PresentationAttachment as cs, PresentationConfig as ct, PresentationConfigCreateDto as cu, PresentationConfigUpdateDto as cv, PresentationConfigWritable as cw, PresentationDuringIssuanceConfig as cx, PresentationManagementControllerConfigurationData as cy, PresentationManagementControllerConfigurationResponse as cz, AppControllerGetFrontendConfigResponse as d, SchemaMetadataControllerSignVersionSchemaMetaConfigData as d$, RegistrarControllerCreateAccessCertificateResponse as d0, RegistrarControllerCreateAccessCertificateResponses as d1, RegistrarControllerCreateConfigData as d2, RegistrarControllerCreateConfigErrors as d3, RegistrarControllerCreateConfigResponse as d4, RegistrarControllerCreateConfigResponses as d5, RegistrarControllerDeleteConfigData as d6, RegistrarControllerDeleteConfigResponse as d7, RegistrarControllerDeleteConfigResponses as d8, RegistrarControllerGetConfigData as d9, SchemaMetadataControllerExportResponses as dA, SchemaMetadataControllerFindAllData as dB, SchemaMetadataControllerFindAllResponse as dC, SchemaMetadataControllerFindAllResponses as dD, SchemaMetadataControllerFindOneData as dE, SchemaMetadataControllerFindOneResponse as dF, SchemaMetadataControllerFindOneResponses as dG, SchemaMetadataControllerGetJwtData as dH, SchemaMetadataControllerGetJwtResponse as dI, SchemaMetadataControllerGetJwtResponses as dJ, SchemaMetadataControllerGetLatestData as dK, SchemaMetadataControllerGetLatestResponse as dL, SchemaMetadataControllerGetLatestResponses as dM, SchemaMetadataControllerGetSchemaData as dN, SchemaMetadataControllerGetSchemaResponse as dO, SchemaMetadataControllerGetSchemaResponses as dP, SchemaMetadataControllerGetVersionsData as dQ, SchemaMetadataControllerGetVersionsResponse as dR, SchemaMetadataControllerGetVersionsResponses as dS, SchemaMetadataControllerGetVocabulariesData as dT, SchemaMetadataControllerGetVocabulariesResponse as dU, SchemaMetadataControllerGetVocabulariesResponses as dV, SchemaMetadataControllerRemoveData as dW, SchemaMetadataControllerRemoveResponses as dX, SchemaMetadataControllerSignSchemaMetaConfigData as dY, SchemaMetadataControllerSignSchemaMetaConfigErrors as dZ, SchemaMetadataControllerSignSchemaMetaConfigResponses as d_, RegistrarControllerGetConfigErrors as da, RegistrarControllerGetConfigResponse as db, RegistrarControllerGetConfigResponses as dc, RegistrarControllerUpdateConfigData as dd, RegistrarControllerUpdateConfigErrors as de, RegistrarControllerUpdateConfigResponse as df, RegistrarControllerUpdateConfigResponses as dg, RegistrationCertificateBody as dh, RegistrationCertificateDefaults as di, RegistrationCertificatePurpose as dj, RegistrationCertificateRequest as dk, ResolveIssuerMetadataDto as dl, ResolveSchemaMetadataDto as dm, RoleDto as dn, RootOfTrustPolicy as dp, RotationPolicyCreateDto as dq, RotationPolicyImportDto as dr, RotationPolicyResponseDto as ds, RotationPolicyUpdateDto as dt, SchemaMetaConfig as du, SchemaMetadataControllerDeprecateVersionData as dv, SchemaMetadataControllerDeprecateVersionResponse as dw, SchemaMetadataControllerDeprecateVersionResponses as dx, SchemaMetadataControllerExportData as dy, SchemaMetadataControllerExportResponse as dz, AppControllerGetFrontendConfigResponses as e, StatusUpdateDto as e$, SchemaMetadataControllerSignVersionSchemaMetaConfigErrors as e0, SchemaMetadataControllerSignVersionSchemaMetaConfigResponses as e1, SchemaMetadataControllerUpdateData as e2, SchemaMetadataControllerUpdateResponse as e3, SchemaMetadataControllerUpdateResponses as e4, SchemaMetadataResponseDto as e5, SchemaMetadataVocabulariesDto as e6, SchemaUriEntry as e7, SessionConfigControllerGetConfigData as e8, SessionConfigControllerGetConfigResponse as e9, StatusListConfig as eA, StatusListConfigControllerGetConfigData as eB, StatusListConfigControllerGetConfigResponse as eC, StatusListConfigControllerGetConfigResponses as eD, StatusListConfigControllerResetConfigData as eE, StatusListConfigControllerResetConfigResponse as eF, StatusListConfigControllerResetConfigResponses as eG, StatusListConfigControllerUpdateConfigData as eH, StatusListConfigControllerUpdateConfigResponse as eI, StatusListConfigControllerUpdateConfigResponses as eJ, StatusListImportDto as eK, StatusListManagementControllerCreateListData as eL, StatusListManagementControllerCreateListResponse as eM, StatusListManagementControllerCreateListResponses as eN, StatusListManagementControllerDeleteListData as eO, StatusListManagementControllerDeleteListResponse as eP, StatusListManagementControllerDeleteListResponses as eQ, StatusListManagementControllerGetListData as eR, StatusListManagementControllerGetListResponse as eS, StatusListManagementControllerGetListResponses as eT, StatusListManagementControllerGetListsData as eU, StatusListManagementControllerGetListsResponse as eV, StatusListManagementControllerGetListsResponses as eW, StatusListManagementControllerUpdateListData as eX, StatusListManagementControllerUpdateListResponse as eY, StatusListManagementControllerUpdateListResponses as eZ, StatusListResponseDto as e_, SessionConfigControllerGetConfigResponses as ea, SessionConfigControllerResetConfigData as eb, SessionConfigControllerResetConfigResponses as ec, SessionConfigControllerUpdateConfigData as ed, SessionConfigControllerUpdateConfigResponse as ee, SessionConfigControllerUpdateConfigResponses as ef, SessionControllerDeleteSessionData as eg, SessionControllerDeleteSessionResponses as eh, SessionControllerGetAllSessionsData as ei, SessionControllerGetAllSessionsResponse as ej, SessionControllerGetAllSessionsResponses as ek, SessionControllerGetSessionData as el, SessionControllerGetSessionLogsData as em, SessionControllerGetSessionLogsResponse as en, SessionControllerGetSessionLogsResponses as eo, SessionControllerGetSessionResponse as ep, SessionControllerGetSessionResponses as eq, SessionControllerRevokeAllData as er, SessionControllerRevokeAllResponses as es, SessionEventsControllerSubscribeToSessionEventsData as et, SessionEventsControllerSubscribeToSessionEventsResponses as eu, SessionLogEntryResponseDto as ev, SessionStorageConfig as ew, SignSchemaMetaConfigDto as ex, SignVersionSchemaMetaConfigDto as ey, StatusListAggregationDto as ez, AppControllerGetVersionData as f, UserControllerCreateUserResponses as f$, StorageControllerUploadData as f0, StorageControllerUploadResponse as f1, StorageControllerUploadResponses as f2, TenantControllerDeleteTenantData as f3, TenantControllerDeleteTenantResponses as f4, TenantControllerGetTenantData as f5, TenantControllerGetTenantResponse as f6, TenantControllerGetTenantResponses as f7, TenantControllerGetTenantsData as f8, TenantControllerGetTenantsResponse as f9, TrustListControllerGetTrustListResponses as fA, TrustListControllerGetTrustListVersionData as fB, TrustListControllerGetTrustListVersionResponse as fC, TrustListControllerGetTrustListVersionResponses as fD, TrustListControllerGetTrustListVersionsData as fE, TrustListControllerGetTrustListVersionsResponse as fF, TrustListControllerGetTrustListVersionsResponses as fG, TrustListControllerUpdateTrustListData as fH, TrustListControllerUpdateTrustListResponse as fI, TrustListControllerUpdateTrustListResponses as fJ, TrustListCreateDto as fK, TrustListEntityInfo as fL, TrustListVersion as fM, TrustedAuthorityQuery as fN, UpdateAttributeProviderDto as fO, UpdateClientDto as fP, UpdateRegistrarConfigDto as fQ, UpdateSchemaMetadataDto as fR, UpdateSessionConfigDto as fS, UpdateStatusListConfigDto as fT, UpdateStatusListDto as fU, UpdateTenantDto as fV, UpdateUserDto as fW, UpdateWebhookEndpointDto as fX, UpstreamOidcConfig as fY, UserControllerCreateUserData as fZ, UserControllerCreateUserResponse as f_, TenantControllerGetTenantsResponses as fa, TenantControllerInitTenantData as fb, TenantControllerInitTenantResponse as fc, TenantControllerInitTenantResponses as fd, TenantControllerUpdateTenantData as fe, TenantControllerUpdateTenantResponse as ff, TenantControllerUpdateTenantResponses as fg, TenantEntity as fh, TokenResponse as fi, TransactionData as fj, TrustAuthorityDto as fk, TrustAuthorityEntry as fl, TrustList as fm, TrustListControllerCreateTrustListData as fn, TrustListControllerCreateTrustListResponse as fo, TrustListControllerCreateTrustListResponses as fp, TrustListControllerDeleteTrustListData as fq, TrustListControllerDeleteTrustListResponses as fr, TrustListControllerExportTrustListData as fs, TrustListControllerExportTrustListResponse as ft, TrustListControllerExportTrustListResponses as fu, TrustListControllerGetAllTrustListsData as fv, TrustListControllerGetAllTrustListsResponse as fw, TrustListControllerGetAllTrustListsResponses as fx, TrustListControllerGetTrustListData as fy, TrustListControllerGetTrustListResponse as fz, AppControllerGetVersionResponses as g, UserControllerDeleteUserData as g0, UserControllerDeleteUserResponses as g1, UserControllerGetUserData as g2, UserControllerGetUserResponse as g3, UserControllerGetUserResponses as g4, UserControllerGetUsersData as g5, UserControllerGetUsersResponse as g6, UserControllerGetUsersResponses as g7, UserControllerUpdateUserData as g8, UserControllerUpdateUserResponse as g9, UserControllerUpdateUserResponses as ga, Vct as gb, VerifierOfferControllerGetOfferData as gc, VerifierOfferControllerGetOfferResponse as gd, VerifierOfferControllerGetOfferResponses as ge, VocabularyEntryDto as gf, WebHookAuthConfigHeader as gg, WebHookAuthConfigNone as gh, WebhookConfig as gi, WebhookEndpointControllerCreateData as gj, WebhookEndpointControllerCreateResponses as gk, WebhookEndpointControllerDeleteData as gl, WebhookEndpointControllerDeleteErrors as gm, WebhookEndpointControllerDeleteResponses as gn, WebhookEndpointControllerGetAllData as go, WebhookEndpointControllerGetAllResponse as gp, WebhookEndpointControllerGetAllResponses as gq, WebhookEndpointControllerGetByIdData as gr, WebhookEndpointControllerGetByIdErrors as gs, WebhookEndpointControllerGetByIdResponses as gt, WebhookEndpointControllerUpdateData as gu, WebhookEndpointControllerUpdateErrors as gv, WebhookEndpointControllerUpdateResponses as gw, WebhookEndpointEntity as gx, AttestationBasedPolicy as h, AttributeProviderControllerCreateData as i, AttributeProviderControllerCreateResponses as j, AttributeProviderControllerDeleteData as k, AttributeProviderControllerDeleteErrors as l, AttributeProviderControllerDeleteResponses as m, AttributeProviderControllerGetAllData as n, AttributeProviderControllerGetAllResponses as o, AttributeProviderControllerGetByIdData as p, AttributeProviderControllerGetByIdErrors as q, AttributeProviderControllerGetByIdResponses as r, AttributeProviderControllerUpdateData as s, AttributeProviderControllerUpdateErrors as t, AttributeProviderControllerUpdateResponses as u, AttributeProviderEntity as v, AuditLogControllerGetAuditLogsData as w, AuditLogControllerGetAuditLogsResponse as x, AuditLogControllerGetAuditLogsResponses as y, AuditLogResponseDto as z };