@factpulse/sdk 4.0.2 → 4.0.3

package/dist/api/client-management-api.js

@@ -58,6 +58,8 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'POST' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -90,6 +92,8 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'POST' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -125,6 +129,78 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'POST' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
+            // authentication HTTPBearer required
+            // http bearer authentication required
+            yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
+            localVarHeaderParameter['Accept'] = 'application/json';
+            (0, common_1.setSearchParams)(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = Object.assign(Object.assign(Object.assign({}, localVarHeaderParameter), headersFromBaseOptions), options.headers);
+            return {
+                url: (0, common_1.toPathString)(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        }),
+        /**
+         * Delete the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **After deletion**: Webhooks for this client will use the global server key for HMAC signature instead of a client-specific key.
+         * @summary Delete webhook secret
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete: (uid_1, ...args_1) => __awaiter(this, [uid_1, ...args_1], void 0, function* (uid, options = {}) {
+            // verify required parameter 'uid' is not null or undefined
+            (0, common_1.assertParamExists)('deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete', 'uid', uid);
+            const localVarPath = `/api/v1/clients/{uid}/webhook-secret`
+                .replace(`{${"uid"}}`, encodeURIComponent(String(uid)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, common_1.DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+            const localVarRequestOptions = Object.assign(Object.assign({ method: 'DELETE' }, baseOptions), options);
+            const localVarHeaderParameter = {};
+            const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
+            // authentication HTTPBearer required
+            // http bearer authentication required
+            yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
+            localVarHeaderParameter['Accept'] = 'application/json';
+            (0, common_1.setSearchParams)(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = Object.assign(Object.assign(Object.assign({}, localVarHeaderParameter), headersFromBaseOptions), options.headers);
+            return {
+                url: (0, common_1.toPathString)(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        }),
+        /**
+         * Generate or regenerate the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Important**: Save the returned secret immediately - it will never be shown again. The secret is used to sign webhooks sent by the server (HMAC-SHA256).  **If a secret already exists**: It will be replaced by the new one.
+         * @summary Generate webhook secret
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost: (uid_1, ...args_1) => __awaiter(this, [uid_1, ...args_1], void 0, function* (uid, options = {}) {
+            // verify required parameter 'uid' is not null or undefined
+            (0, common_1.assertParamExists)('generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost', 'uid', uid);
+            const localVarPath = `/api/v1/clients/{uid}/webhook-secret/generate`
+                .replace(`{${"uid"}}`, encodeURIComponent(String(uid)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, common_1.DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+            const localVarRequestOptions = Object.assign(Object.assign({ method: 'POST' }, baseOptions), options);
+            const localVarHeaderParameter = {};
+            const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -158,6 +234,8 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'GET' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -191,6 +269,43 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'GET' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
+            // authentication HTTPBearer required
+            // http bearer authentication required
+            yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
+            localVarHeaderParameter['Accept'] = 'application/json';
+            (0, common_1.setSearchParams)(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = Object.assign(Object.assign(Object.assign({}, localVarHeaderParameter), headersFromBaseOptions), options.headers);
+            return {
+                url: (0, common_1.toPathString)(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        }),
+        /**
+         * Check if a webhook secret is configured for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Response**: - `hasSecret`: Whether a webhook secret is configured - `createdAt`: When the secret was created (if exists)  **Note**: The secret value is never returned, only its status.
+         * @summary Get webhook secret status
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet: (uid_1, ...args_1) => __awaiter(this, [uid_1, ...args_1], void 0, function* (uid, options = {}) {
+            // verify required parameter 'uid' is not null or undefined
+            (0, common_1.assertParamExists)('getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet', 'uid', uid);
+            const localVarPath = `/api/v1/clients/{uid}/webhook-secret/status`
+                .replace(`{${"uid"}}`, encodeURIComponent(String(uid)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, common_1.DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+            const localVarRequestOptions = Object.assign(Object.assign({ method: 'GET' }, baseOptions), options);
+            const localVarHeaderParameter = {};
+            const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -222,6 +337,8 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'GET' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -240,6 +357,46 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
                 options: localVarRequestOptions,
             };
         }),
+        /**
+         * Rotate the client encryption key for all secrets in double encryption mode.  **Scope**: Client level (JWT with client_uid that must match {uid})  **What this does**: 1. Decrypts all secrets (PDP, Chorus Pro) using the old key 2. Re-encrypts them using the new key 3. Saves to database  **Important notes**: - Both keys must be base64-encoded AES-256 keys (32 bytes each) - The old key becomes invalid immediately after rotation - Only secrets encrypted with `encryptionMode: \"double\"` are affected - If the client has no double-encrypted secrets, returns 404  **Security**: - The old key must be valid (decryption is verified) - If decryption fails, rotation is aborted (atomic operation) - Neither key is logged or stored by the server
+         * @summary Rotate client encryption key
+         * @param {string} uid
+         * @param {KeyRotationRequest} keyRotationRequest
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost: (uid_1, keyRotationRequest_1, ...args_1) => __awaiter(this, [uid_1, keyRotationRequest_1, ...args_1], void 0, function* (uid, keyRotationRequest, options = {}) {
+            // verify required parameter 'uid' is not null or undefined
+            (0, common_1.assertParamExists)('rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost', 'uid', uid);
+            // verify required parameter 'keyRotationRequest' is not null or undefined
+            (0, common_1.assertParamExists)('rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost', 'keyRotationRequest', keyRotationRequest);
+            const localVarPath = `/api/v1/clients/{uid}/rotate-encryption-key`
+                .replace(`{${"uid"}}`, encodeURIComponent(String(uid)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, common_1.DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+            const localVarRequestOptions = Object.assign(Object.assign({ method: 'POST' }, baseOptions), options);
+            const localVarHeaderParameter = {};
+            const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
+            // authentication HTTPBearer required
+            // http bearer authentication required
+            yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
+            localVarHeaderParameter['Content-Type'] = 'application/json';
+            localVarHeaderParameter['Accept'] = 'application/json';
+            (0, common_1.setSearchParams)(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = Object.assign(Object.assign(Object.assign({}, localVarHeaderParameter), headersFromBaseOptions), options.headers);
+            localVarRequestOptions.data = (0, common_1.serializeDataIfNeeded)(keyRotationRequest, localVarRequestOptions, configuration);
+            return {
+                url: (0, common_1.toPathString)(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        }),
         /**
          * Update client information (partial update).  **Scope**: Client level (JWT with client_uid that must match {uid})  **Updatable fields**: - `name`: Client name - `description`: Description - `siret`: SIRET (14 digits)  Only provided fields are updated.
          * @summary Update a client
@@ -264,6 +421,8 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'PATCH' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -279,14 +438,15 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             };
         }),
         /**
-         * Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false)  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
+         * Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false) - `encryptionMode`: Encryption mode (default: \"fernet\")   - \"fernet\": Server-side encryption only   - \"double\": Client AES-256-GCM + Server Fernet (requires X-Encryption-Key header)  **Double Encryption Mode**: When `encryptionMode` is set to \"double\", you MUST also provide the `X-Encryption-Key` header containing a base64-encoded AES-256 key (32 bytes). This key is used to encrypt the `clientSecret` on the client side before the server encrypts it again with Fernet. The server cannot decrypt the secret without the client key.  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
          * @summary Configure client PDP
          * @param {string} uid
          * @param {PDPConfigUpdateRequest} pDPConfigUpdateRequest
+         * @param {string | null} [xEncryptionKey] Client encryption key for double encryption mode. Must be a base64-encoded AES-256 key (32 bytes). Required only when accessing resources encrypted with encryption_mode=\'double\'.
          * @param {*} [options] Override http request option.
          * @throws {RequiredError}
          */
-        updatePdpConfigApiV1ClientsUidPdpConfigPut: (uid_1, pDPConfigUpdateRequest_1, ...args_1) => __awaiter(this, [uid_1, pDPConfigUpdateRequest_1, ...args_1], void 0, function* (uid, pDPConfigUpdateRequest, options = {}) {
+        updatePdpConfigApiV1ClientsUidPdpConfigPut: (uid_1, pDPConfigUpdateRequest_1, xEncryptionKey_1, ...args_1) => __awaiter(this, [uid_1, pDPConfigUpdateRequest_1, xEncryptionKey_1, ...args_1], void 0, function* (uid, pDPConfigUpdateRequest, xEncryptionKey, options = {}) {
             // verify required parameter 'uid' is not null or undefined
             (0, common_1.assertParamExists)('updatePdpConfigApiV1ClientsUidPdpConfigPut', 'uid', uid);
             // verify required parameter 'pDPConfigUpdateRequest' is not null or undefined
@@ -302,11 +462,16 @@ const ClientManagementApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'PUT' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
             localVarHeaderParameter['Content-Type'] = 'application/json';
             localVarHeaderParameter['Accept'] = 'application/json';
+            if (xEncryptionKey != null) {
+                localVarHeaderParameter['X-Encryption-Key'] = String(xEncryptionKey);
+            }
             (0, common_1.setSearchParams)(localVarUrlObj, localVarQueryParameter);
             let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
             localVarRequestOptions.headers = Object.assign(Object.assign(Object.assign({}, localVarHeaderParameter), headersFromBaseOptions), options.headers);
@@ -373,6 +538,38 @@ const ClientManagementApiFp = function (configuration) {
                 return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
             });
         },
+        /**
+         * Delete the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **After deletion**: Webhooks for this client will use the global server key for HMAC signature instead of a client-specific key.
+         * @summary Delete webhook secret
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete(uid, options) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c;
+                const localVarAxiosArgs = yield localVarAxiosParamCreator.deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete(uid, options);
+                const localVarOperationServerIndex = (_a = configuration === null || configuration === void 0 ? void 0 : configuration.serverIndex) !== null && _a !== void 0 ? _a : 0;
+                const localVarOperationServerBasePath = (_c = (_b = base_1.operationServerMap['ClientManagementApi.deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete']) === null || _b === void 0 ? void 0 : _b[localVarOperationServerIndex]) === null || _c === void 0 ? void 0 : _c.url;
+                return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+            });
+        },
+        /**
+         * Generate or regenerate the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Important**: Save the returned secret immediately - it will never be shown again. The secret is used to sign webhooks sent by the server (HMAC-SHA256).  **If a secret already exists**: It will be replaced by the new one.
+         * @summary Generate webhook secret
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost(uid, options) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c;
+                const localVarAxiosArgs = yield localVarAxiosParamCreator.generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost(uid, options);
+                const localVarOperationServerIndex = (_a = configuration === null || configuration === void 0 ? void 0 : configuration.serverIndex) !== null && _a !== void 0 ? _a : 0;
+                const localVarOperationServerBasePath = (_c = (_b = base_1.operationServerMap['ClientManagementApi.generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost']) === null || _b === void 0 ? void 0 : _b[localVarOperationServerIndex]) === null || _c === void 0 ? void 0 : _c.url;
+                return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+            });
+        },
         /**
          * Get details of a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Security**: If the JWT contains a client_uid, it must match the {uid} in the URL, otherwise a 403 error is returned.
          * @summary Get client details
@@ -405,6 +602,22 @@ const ClientManagementApiFp = function (configuration) {
                 return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
             });
         },
+        /**
+         * Check if a webhook secret is configured for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Response**: - `hasSecret`: Whether a webhook secret is configured - `createdAt`: When the secret was created (if exists)  **Note**: The secret value is never returned, only its status.
+         * @summary Get webhook secret status
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet(uid, options) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c;
+                const localVarAxiosArgs = yield localVarAxiosParamCreator.getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet(uid, options);
+                const localVarOperationServerIndex = (_a = configuration === null || configuration === void 0 ? void 0 : configuration.serverIndex) !== null && _a !== void 0 ? _a : 0;
+                const localVarOperationServerBasePath = (_c = (_b = base_1.operationServerMap['ClientManagementApi.getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet']) === null || _b === void 0 ? void 0 : _b[localVarOperationServerIndex]) === null || _c === void 0 ? void 0 : _c.url;
+                return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+            });
+        },
         /**
          * Paginated list of clients for the account.  **Scope**: Account level (JWT without client_uid)  **Pagination**: - `page`: Page number (default: 1) - `pageSize`: Page size (default: 20, max: 100)
          * @summary List clients
@@ -422,6 +635,23 @@ const ClientManagementApiFp = function (configuration) {
                 return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
             });
         },
+        /**
+         * Rotate the client encryption key for all secrets in double encryption mode.  **Scope**: Client level (JWT with client_uid that must match {uid})  **What this does**: 1. Decrypts all secrets (PDP, Chorus Pro) using the old key 2. Re-encrypts them using the new key 3. Saves to database  **Important notes**: - Both keys must be base64-encoded AES-256 keys (32 bytes each) - The old key becomes invalid immediately after rotation - Only secrets encrypted with `encryptionMode: \"double\"` are affected - If the client has no double-encrypted secrets, returns 404  **Security**: - The old key must be valid (decryption is verified) - If decryption fails, rotation is aborted (atomic operation) - Neither key is logged or stored by the server
+         * @summary Rotate client encryption key
+         * @param {string} uid
+         * @param {KeyRotationRequest} keyRotationRequest
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost(uid, keyRotationRequest, options) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c;
+                const localVarAxiosArgs = yield localVarAxiosParamCreator.rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost(uid, keyRotationRequest, options);
+                const localVarOperationServerIndex = (_a = configuration === null || configuration === void 0 ? void 0 : configuration.serverIndex) !== null && _a !== void 0 ? _a : 0;
+                const localVarOperationServerBasePath = (_c = (_b = base_1.operationServerMap['ClientManagementApi.rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost']) === null || _b === void 0 ? void 0 : _b[localVarOperationServerIndex]) === null || _c === void 0 ? void 0 : _c.url;
+                return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+            });
+        },
         /**
          * Update client information (partial update).  **Scope**: Client level (JWT with client_uid that must match {uid})  **Updatable fields**: - `name`: Client name - `description`: Description - `siret`: SIRET (14 digits)  Only provided fields are updated.
          * @summary Update a client
@@ -440,17 +670,18 @@ const ClientManagementApiFp = function (configuration) {
             });
         },
         /**
-         * Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false)  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
+         * Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false) - `encryptionMode`: Encryption mode (default: \"fernet\")   - \"fernet\": Server-side encryption only   - \"double\": Client AES-256-GCM + Server Fernet (requires X-Encryption-Key header)  **Double Encryption Mode**: When `encryptionMode` is set to \"double\", you MUST also provide the `X-Encryption-Key` header containing a base64-encoded AES-256 key (32 bytes). This key is used to encrypt the `clientSecret` on the client side before the server encrypts it again with Fernet. The server cannot decrypt the secret without the client key.  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
          * @summary Configure client PDP
          * @param {string} uid
          * @param {PDPConfigUpdateRequest} pDPConfigUpdateRequest
+         * @param {string | null} [xEncryptionKey] Client encryption key for double encryption mode. Must be a base64-encoded AES-256 key (32 bytes). Required only when accessing resources encrypted with encryption_mode=\'double\'.
          * @param {*} [options] Override http request option.
          * @throws {RequiredError}
          */
-        updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, options) {
+        updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, xEncryptionKey, options) {
             return __awaiter(this, void 0, void 0, function* () {
                 var _a, _b, _c;
-                const localVarAxiosArgs = yield localVarAxiosParamCreator.updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, options);
+                const localVarAxiosArgs = yield localVarAxiosParamCreator.updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, xEncryptionKey, options);
                 const localVarOperationServerIndex = (_a = configuration === null || configuration === void 0 ? void 0 : configuration.serverIndex) !== null && _a !== void 0 ? _a : 0;
                 const localVarOperationServerBasePath = (_c = (_b = base_1.operationServerMap['ClientManagementApi.updatePdpConfigApiV1ClientsUidPdpConfigPut']) === null || _b === void 0 ? void 0 : _b[localVarOperationServerIndex]) === null || _c === void 0 ? void 0 : _c.url;
                 return (axios, basePath) => (0, common_1.createRequestFunction)(localVarAxiosArgs, axios_1.default, base_1.BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
@@ -495,6 +726,26 @@ const ClientManagementApiFactory = function (configuration, basePath, axios) {
         deactivateClientApiV1ClientsUidDesactiverPost(uid, options) {
             return localVarFp.deactivateClientApiV1ClientsUidDesactiverPost(uid, options).then((request) => request(axios, basePath));
         },
+        /**
+         * Delete the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **After deletion**: Webhooks for this client will use the global server key for HMAC signature instead of a client-specific key.
+         * @summary Delete webhook secret
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete(uid, options) {
+            return localVarFp.deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete(uid, options).then((request) => request(axios, basePath));
+        },
+        /**
+         * Generate or regenerate the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Important**: Save the returned secret immediately - it will never be shown again. The secret is used to sign webhooks sent by the server (HMAC-SHA256).  **If a secret already exists**: It will be replaced by the new one.
+         * @summary Generate webhook secret
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost(uid, options) {
+            return localVarFp.generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost(uid, options).then((request) => request(axios, basePath));
+        },
         /**
          * Get details of a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Security**: If the JWT contains a client_uid, it must match the {uid} in the URL, otherwise a 403 error is returned.
          * @summary Get client details
@@ -515,6 +766,16 @@ const ClientManagementApiFactory = function (configuration, basePath, axios) {
         getPdpConfigApiV1ClientsUidPdpConfigGet(uid, options) {
             return localVarFp.getPdpConfigApiV1ClientsUidPdpConfigGet(uid, options).then((request) => request(axios, basePath));
         },
+        /**
+         * Check if a webhook secret is configured for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Response**: - `hasSecret`: Whether a webhook secret is configured - `createdAt`: When the secret was created (if exists)  **Note**: The secret value is never returned, only its status.
+         * @summary Get webhook secret status
+         * @param {string} uid
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet(uid, options) {
+            return localVarFp.getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet(uid, options).then((request) => request(axios, basePath));
+        },
         /**
          * Paginated list of clients for the account.  **Scope**: Account level (JWT without client_uid)  **Pagination**: - `page`: Page number (default: 1) - `pageSize`: Page size (default: 20, max: 100)
          * @summary List clients
@@ -526,6 +787,17 @@ const ClientManagementApiFactory = function (configuration, basePath, axios) {
         listClientsApiV1ClientsGet(page, pageSize, options) {
             return localVarFp.listClientsApiV1ClientsGet(page, pageSize, options).then((request) => request(axios, basePath));
         },
+        /**
+         * Rotate the client encryption key for all secrets in double encryption mode.  **Scope**: Client level (JWT with client_uid that must match {uid})  **What this does**: 1. Decrypts all secrets (PDP, Chorus Pro) using the old key 2. Re-encrypts them using the new key 3. Saves to database  **Important notes**: - Both keys must be base64-encoded AES-256 keys (32 bytes each) - The old key becomes invalid immediately after rotation - Only secrets encrypted with `encryptionMode: \"double\"` are affected - If the client has no double-encrypted secrets, returns 404  **Security**: - The old key must be valid (decryption is verified) - If decryption fails, rotation is aborted (atomic operation) - Neither key is logged or stored by the server
+         * @summary Rotate client encryption key
+         * @param {string} uid
+         * @param {KeyRotationRequest} keyRotationRequest
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost(uid, keyRotationRequest, options) {
+            return localVarFp.rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost(uid, keyRotationRequest, options).then((request) => request(axios, basePath));
+        },
         /**
          * Update client information (partial update).  **Scope**: Client level (JWT with client_uid that must match {uid})  **Updatable fields**: - `name`: Client name - `description`: Description - `siret`: SIRET (14 digits)  Only provided fields are updated.
          * @summary Update a client
@@ -538,15 +810,16 @@ const ClientManagementApiFactory = function (configuration, basePath, axios) {
             return localVarFp.updateClientApiV1ClientsUidPatch(uid, clientUpdateRequest, options).then((request) => request(axios, basePath));
         },
         /**
-         * Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false)  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
+         * Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false) - `encryptionMode`: Encryption mode (default: \"fernet\")   - \"fernet\": Server-side encryption only   - \"double\": Client AES-256-GCM + Server Fernet (requires X-Encryption-Key header)  **Double Encryption Mode**: When `encryptionMode` is set to \"double\", you MUST also provide the `X-Encryption-Key` header containing a base64-encoded AES-256 key (32 bytes). This key is used to encrypt the `clientSecret` on the client side before the server encrypts it again with Fernet. The server cannot decrypt the secret without the client key.  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
          * @summary Configure client PDP
          * @param {string} uid
          * @param {PDPConfigUpdateRequest} pDPConfigUpdateRequest
+         * @param {string | null} [xEncryptionKey] Client encryption key for double encryption mode. Must be a base64-encoded AES-256 key (32 bytes). Required only when accessing resources encrypted with encryption_mode=\'double\'.
          * @param {*} [options] Override http request option.
          * @throws {RequiredError}
          */
-        updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, options) {
-            return localVarFp.updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, options).then((request) => request(axios, basePath));
+        updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, xEncryptionKey, options) {
+            return localVarFp.updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, xEncryptionKey, options).then((request) => request(axios, basePath));
         },
     };
 };
@@ -585,6 +858,26 @@ class ClientManagementApi extends base_1.BaseAPI {
     deactivateClientApiV1ClientsUidDesactiverPost(uid, options) {
         return (0, exports.ClientManagementApiFp)(this.configuration).deactivateClientApiV1ClientsUidDesactiverPost(uid, options).then((request) => request(this.axios, this.basePath));
     }
+    /**
+     * Delete the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **After deletion**: Webhooks for this client will use the global server key for HMAC signature instead of a client-specific key.
+     * @summary Delete webhook secret
+     * @param {string} uid
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete(uid, options) {
+        return (0, exports.ClientManagementApiFp)(this.configuration).deleteWebhookSecretApiV1ClientsUidWebhookSecretDelete(uid, options).then((request) => request(this.axios, this.basePath));
+    }
+    /**
+     * Generate or regenerate the webhook secret for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Important**: Save the returned secret immediately - it will never be shown again. The secret is used to sign webhooks sent by the server (HMAC-SHA256).  **If a secret already exists**: It will be replaced by the new one.
+     * @summary Generate webhook secret
+     * @param {string} uid
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost(uid, options) {
+        return (0, exports.ClientManagementApiFp)(this.configuration).generateWebhookSecretApiV1ClientsUidWebhookSecretGeneratePost(uid, options).then((request) => request(this.axios, this.basePath));
+    }
     /**
      * Get details of a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Security**: If the JWT contains a client_uid, it must match the {uid} in the URL, otherwise a 403 error is returned.
      * @summary Get client details
@@ -605,6 +898,16 @@ class ClientManagementApi extends base_1.BaseAPI {
     getPdpConfigApiV1ClientsUidPdpConfigGet(uid, options) {
         return (0, exports.ClientManagementApiFp)(this.configuration).getPdpConfigApiV1ClientsUidPdpConfigGet(uid, options).then((request) => request(this.axios, this.basePath));
     }
+    /**
+     * Check if a webhook secret is configured for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Response**: - `hasSecret`: Whether a webhook secret is configured - `createdAt`: When the secret was created (if exists)  **Note**: The secret value is never returned, only its status.
+     * @summary Get webhook secret status
+     * @param {string} uid
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet(uid, options) {
+        return (0, exports.ClientManagementApiFp)(this.configuration).getWebhookSecretStatusApiV1ClientsUidWebhookSecretStatusGet(uid, options).then((request) => request(this.axios, this.basePath));
+    }
     /**
      * Paginated list of clients for the account.  **Scope**: Account level (JWT without client_uid)  **Pagination**: - `page`: Page number (default: 1) - `pageSize`: Page size (default: 20, max: 100)
      * @summary List clients
@@ -616,6 +919,17 @@ class ClientManagementApi extends base_1.BaseAPI {
     listClientsApiV1ClientsGet(page, pageSize, options) {
         return (0, exports.ClientManagementApiFp)(this.configuration).listClientsApiV1ClientsGet(page, pageSize, options).then((request) => request(this.axios, this.basePath));
     }
+    /**
+     * Rotate the client encryption key for all secrets in double encryption mode.  **Scope**: Client level (JWT with client_uid that must match {uid})  **What this does**: 1. Decrypts all secrets (PDP, Chorus Pro) using the old key 2. Re-encrypts them using the new key 3. Saves to database  **Important notes**: - Both keys must be base64-encoded AES-256 keys (32 bytes each) - The old key becomes invalid immediately after rotation - Only secrets encrypted with `encryptionMode: \"double\"` are affected - If the client has no double-encrypted secrets, returns 404  **Security**: - The old key must be valid (decryption is verified) - If decryption fails, rotation is aborted (atomic operation) - Neither key is logged or stored by the server
+     * @summary Rotate client encryption key
+     * @param {string} uid
+     * @param {KeyRotationRequest} keyRotationRequest
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost(uid, keyRotationRequest, options) {
+        return (0, exports.ClientManagementApiFp)(this.configuration).rotateEncryptionKeyApiV1ClientsUidRotateEncryptionKeyPost(uid, keyRotationRequest, options).then((request) => request(this.axios, this.basePath));
+    }
     /**
      * Update client information (partial update).  **Scope**: Client level (JWT with client_uid that must match {uid})  **Updatable fields**: - `name`: Client name - `description`: Description - `siret`: SIRET (14 digits)  Only provided fields are updated.
      * @summary Update a client
@@ -628,15 +942,16 @@ class ClientManagementApi extends base_1.BaseAPI {
         return (0, exports.ClientManagementApiFp)(this.configuration).updateClientApiV1ClientsUidPatch(uid, clientUpdateRequest, options).then((request) => request(this.axios, this.basePath));
     }
     /**
-     * Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false)  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
+     * Configure or update the PDP (PA/PDP) configuration for a client.  **Scope**: Client level (JWT with client_uid that must match {uid})  **Required fields**: - `flowServiceUrl`: PDP Flow Service URL - `tokenUrl`: PDP OAuth token URL - `oauthClientId`: OAuth Client ID - `clientSecret`: OAuth Client Secret (sent but NEVER returned)  **Optional fields**: - `isActive`: Enable/disable the config (default: true) - `modeSandbox`: Sandbox mode (default: false) - `encryptionMode`: Encryption mode (default: \"fernet\")   - \"fernet\": Server-side encryption only   - \"double\": Client AES-256-GCM + Server Fernet (requires X-Encryption-Key header)  **Double Encryption Mode**: When `encryptionMode` is set to \"double\", you MUST also provide the `X-Encryption-Key` header containing a base64-encoded AES-256 key (32 bytes). This key is used to encrypt the `clientSecret` on the client side before the server encrypts it again with Fernet. The server cannot decrypt the secret without the client key.  **Security**: The `clientSecret` is stored encrypted on Django side and is never returned in API responses.
      * @summary Configure client PDP
      * @param {string} uid
      * @param {PDPConfigUpdateRequest} pDPConfigUpdateRequest
+     * @param {string | null} [xEncryptionKey] Client encryption key for double encryption mode. Must be a base64-encoded AES-256 key (32 bytes). Required only when accessing resources encrypted with encryption_mode=\'double\'.
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
-    updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, options) {
-        return (0, exports.ClientManagementApiFp)(this.configuration).updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, options).then((request) => request(this.axios, this.basePath));
+    updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, xEncryptionKey, options) {
+        return (0, exports.ClientManagementApiFp)(this.configuration).updatePdpConfigApiV1ClientsUidPdpConfigPut(uid, pDPConfigUpdateRequest, xEncryptionKey, options).then((request) => request(this.axios, this.basePath));
     }
 }
 exports.ClientManagementApi = ClientManagementApi;

package/dist/api/downloads-api.js

@@ -58,6 +58,8 @@ const DownloadsApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'HEAD' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -92,6 +94,8 @@ const DownloadsApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'GET' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);

package/dist/api/electronic-signature-api.js

@@ -57,6 +57,8 @@ const ElectronicSignatureApiAxiosParamCreator = function (configuration) {
             const localVarRequestOptions = Object.assign(Object.assign({ method: 'POST' }, baseOptions), options);
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -98,6 +100,8 @@ const ElectronicSignatureApiAxiosParamCreator = function (configuration) {
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
             const localVarFormParams = new ((configuration && configuration.formDataCtor) || FormData)();
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -162,6 +166,8 @@ const ElectronicSignatureApiAxiosParamCreator = function (configuration) {
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
             const localVarFormParams = new ((configuration && configuration.formDataCtor) || FormData)();
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);
@@ -224,6 +230,8 @@ const ElectronicSignatureApiAxiosParamCreator = function (configuration) {
             const localVarHeaderParameter = {};
             const localVarQueryParameter = {};
             const localVarFormParams = new ((configuration && configuration.formDataCtor) || FormData)();
+            // authentication APIKeyHeader required
+            yield (0, common_1.setApiKeyToObject)(localVarHeaderParameter, "X-API-Key", configuration);
             // authentication HTTPBearer required
             // http bearer authentication required
             yield (0, common_1.setBearerAuthToObject)(localVarHeaderParameter, configuration);