@hearth-auth/sdk 0.0.1

package/src/generated/hearth/events/v1/audit_pb.ts

@@ -0,0 +1,886 @@
+// @generated by protoc-gen-es v2.12.0 with parameter "target=ts"
+// @generated from file hearth/events/v1/audit.proto (package hearth.events.v1, syntax proto3)
+/* eslint-disable */
+
+import type { GenEnum, GenFile, GenMessage, GenService } from "@bufbuild/protobuf/codegenv2";
+import { enumDesc, fileDesc, messageDesc, serviceDesc } from "@bufbuild/protobuf/codegenv2";
+import { file_google_api_annotations } from "../../../google/api/annotations_pb";
+import type { Message } from "@bufbuild/protobuf";
+
+/**
+ * Describes the file hearth/events/v1/audit.proto.
+ */
+export const file_hearth_events_v1_audit: GenFile = /*@__PURE__*/
+  fileDesc("ChxoZWFydGgvZXZlbnRzL3YxL2F1ZGl0LnByb3RvEhBoZWFydGguZXZlbnRzLnYxIuMBCgpBdWRpdEV2ZW50EgoKAmlkGAEgASgJEhAKCHJlYWxtX2lkGAIgASgJEg0KBWFjdG9yGAMgASgJEi0KBmFjdGlvbhgEIAEoDjIdLmhlYXJ0aC5ldmVudHMudjEuQXVkaXRBY3Rpb24SFQoNcmVzb3VyY2VfdHlwZRgFIAEoCRITCgtyZXNvdXJjZV9pZBgGIAEoCRIRCgl0aW1lc3RhbXAYByABKAMSFQoIbWV0YWRhdGEYCCABKAlIAIgBARIWCg5pbnRlZ3JpdHlfaGFzaBgJIAEoCUILCglfbWV0YWRhdGEisgEKEENyZWF0ZUF1ZGl0RXZlbnQSEAoIcmVhbG1faWQYASABKAkSDQoFYWN0b3IYAiABKAkSLQoGYWN0aW9uGAMgASgOMh0uaGVhcnRoLmV2ZW50cy52MS5BdWRpdEFjdGlvbhIVCg1yZXNvdXJjZV90eXBlGAQgASgJEhMKC3Jlc291cmNlX2lkGAUgASgJEhUKCG1ldGFkYXRhGAYgASgJSACIAQFCCwoJX21ldGFkYXRhIuUBCgpBdWRpdFF1ZXJ5EhAKCHJlYWxtX2lkGAEgASgJEhcKCnN0YXJ0X3RpbWUYAiABKANIAIgBARIVCghlbmRfdGltZRgDIAEoA0gBiAEBEhIKBWFjdG9yGAQgASgJSAKIAQESMgoGYWN0aW9uGAUgASgOMh0uaGVhcnRoLmV2ZW50cy52MS5BdWRpdEFjdGlvbkgDiAEBEhIKBWxpbWl0GAYgASgNSASIAQFCDQoLX3N0YXJ0X3RpbWVCCwoJX2VuZF90aW1lQggKBl9hY3RvckIJCgdfYWN0aW9uQggKBl9saW1pdCI+Cg5BdWRpdEV2ZW50UGFnZRIsCgZldmVudHMYASADKAsyHC5oZWFydGguZXZlbnRzLnYxLkF1ZGl0RXZlbnQiGAoWVmVyaWZ5SW50ZWdyaXR5UmVxdWVzdCJyChdWZXJpZnlJbnRlZ3JpdHlSZXNwb25zZRIKCgJvaxgBIAEoCBIfChJicm9rZW5fYXRfZXZlbnRfaWQYAiABKAlIAIgBARITCgtldmVudF9jb3VudBgDIAEoBEIVChNfYnJva2VuX2F0X2V2ZW50X2lkKq8iCgtBdWRpdEFjdGlvbhIcChhBVURJVF9BQ1RJT05fVU5TUEVDSUZJRUQQABIdChlBVURJVF9BQ1RJT05fVVNFUl9DUkVBVEVEEAESHQoZQVVESVRfQUNUSU9OX1VTRVJfVVBEQVRFRBACEh0KGUFVRElUX0FDVElPTl9VU0VSX0RFTEVURUQQAxIfChtBVURJVF9BQ1RJT05fQ1JFREVOVElBTF9TRVQQBBIjCh9BVURJVF9BQ1RJT05fQ1JFREVOVElBTF9DSEFOR0VEEAUSJAogQVVESVRfQUNUSU9OX0NSRURFTlRJQUxfVkVSSUZJRUQQBhIgChxBVURJVF9BQ1RJT05fU0VTU0lPTl9DUkVBVEVEEAcSIAocQVVESVRfQUNUSU9OX1NFU1NJT05fUkVWT0tFRBAIEh0KGUFVRElUX0FDVElPTl9UT0tFTl9JU1NVRUQQCRIgChxBVURJVF9BQ1RJT05fVE9LRU5fUkVGUkVTSEVEEAoSHgoaQVVESVRfQUNUSU9OX1JFQUxNX0NSRUFURUQQCxIeChpBVURJVF9BQ1RJT05fUkVBTE1fVVBEQVRFRBAMEh4KGkFVRElUX0FDVElPTl9SRUFMTV9ERUxFVEVEEA0SIgoeQVVESVRfQUNUSU9OX0NMSUVOVF9SRUdJU1RFUkVEEA4SKgomQVVESVRfQUNUSU9OX0FVVEhPUklaQVRJT05fQ09ERV9JU1NVRUQQDxItCilBVURJVF9BQ1RJT05fQVVUSE9SSVpBVElPTl9DT0RFX0VYQ0hBTkdFRBAQEh4KGkFVRElUX0FDVElPTl9UVVBMRV9XUklUVEVOEBESHgoaQVVESVRfQUNUSU9OX1RVUExFX0RFTEVURUQQEhIfChtBVURJVF9BQ1RJT05fQ0xJRU5UX1VQREFURUQQExIfChtBVURJVF9BQ1RJT05fQ0xJRU5UX0RFTEVURUQQFBIjCh9BVURJVF9BQ1RJT05fQlVMS19VU0VSU19DUkVBVEVEEBUSJAogQVVESVRfQUNUSU9OX0JVTEtfVVNFUlNfRElTQUJMRUQQFhIcChhBVURJVF9BQ1RJT05fT1JHX0NSRUFURUQQFxIcChhBVURJVF9BQ1RJT05fT1JHX1VQREFURUQQGBIcChhBVURJVF9BQ1RJT05fT1JHX0RFTEVURUQQGRIgChxBVURJVF9BQ1RJT05fQ09OU0VOVF9HUkFOVEVEEBoSHwobQVVESVRfQUNUSU9OX0NPTlNFTlRfREVOSUVEEBsSIAocQVVESVRfQUNUSU9OX0NPTlNFTlRfUkVWT0tFRBAcEikKJUFVRElUX0FDVElPTl9GRURFUkFUSU9OX0xPR0lOX1NUQVJURUQQHRIrCidBVURJVF9BQ1RJT05fRkVERVJBVElPTl9MT0dJTl9DT01QTEVURUQQHhIqCiZBVURJVF9BQ1RJT05fRkVERVJBVElPTl9BQ0NPVU5UX0xJTktFRBAfEiwKKEFVRElUX0FDVElPTl9GRURFUkFUSU9OX0FDQ09VTlRfVU5MSU5LRUQQIBIrCidBVURJVF9BQ1RJT05fRkVERVJBVElPTl9KSVRfUFJPVklTSU9ORUQQIRIlCiFBVURJVF9BQ1RJT05fU0FNTF9MT0dJTl9JTklUSUFURUQQIhIlCiFBVURJVF9BQ1RJT05fU0FNTF9MT0dJTl9DT01QTEVURUQQIxIiCh5BVURJVF9BQ1RJT05fU0FNTF9MT0dJTl9GQUlMRUQQJBIwCixBVURJVF9BQ1RJT05fU0FNTF9JRFBfQVVUSE5fUkVRVUVTVF9SRUNFSVZFRBAlEikKJUFVRElUX0FDVElPTl9TQU1MX0lEUF9SRVNQT05TRV9JU1NVRUQQJhInCiNBVURJVF9BQ1RJT05fU0FNTF9JRFBfSU5JVElBVEVEX1NTTxAnEiMKH0FVRElUX0FDVElPTl9TQU1MX1NMT19SRVFVRVNURUQQKBIjCh9BVURJVF9BQ1RJT05fU0FNTF9TTE9fQ09NUExFVEVEECkSIgoeQVVESVRfQUNUSU9OX1NDSU1fVVNFUl9DUkVBVEVEECoSIgoeQVVESVRfQUNUSU9OX1NDSU1fVVNFUl9VUERBVEVEECsSIgoeQVVESVRfQUNUSU9OX1NDSU1fVVNFUl9ERUxFVEVEECwSIwofQVVESVRfQUNUSU9OX1NDSU1fR1JPVVBfQ1JFQVRFRBAtEiMKH0FVRElUX0FDVElPTl9TQ0lNX0dST1VQX1VQREFURUQQLhIjCh9BVURJVF9BQ1RJT05fU0NJTV9HUk9VUF9ERUxFVEVEEC8SHgoaQVVESVRfQUNUSU9OX1JPTEVfQVNTSUdORUQQMBIdChlBVURJVF9BQ1RJT05fUk9MRV9SRVZPS0VEEDESGAoUQVVESVRfQUNUSU9OX0NMRUFOVVAQMhIeChpBVURJVF9BQ1RJT05fR1JPVVBfQ1JFQVRFRBAzEh4KGkFVRElUX0FDVElPTl9HUk9VUF9VUERBVEVEEDQSHgoaQVVESVRfQUNUSU9OX0dST1VQX0RFTEVURUQQNRIjCh9BVURJVF9BQ1RJT05fR1JPVVBfTUVNQkVSX0FEREVEEDYSJQohQVVESVRfQUNUSU9OX0dST1VQX01FTUJFUl9SRU1PVkVEEDcSKgomQVVESVRfQUNUSU9OX0dST1VQX01FTUJFUl9ST0xFX0NIQU5HRUQQOBIrCidBVURJVF9BQ1RJT05fT1JQSEFORURfUkVGRVJFTkNFX1NLSVBQRUQQORIoCiRBVURJVF9BQ1RJT05fVVNFUl9QRVJNSVNTSU9OX0dSQU5URUQQOhIoCiRBVURJVF9BQ1RJT05fVVNFUl9QRVJNSVNTSU9OX1JFVk9LRUQQOxInCiNBVURJVF9BQ1RJT05fQ0xJRU5UX0NPTlNFTlRfR1JBTlRFRBA8EicKI0FVRElUX0FDVElPTl9DTElFTlRfQ09OU0VOVF9SRVZPS0VEED0SLAooQVVESVRfQUNUSU9OX0NPTlNFTlRfUkVRVUlSRURfT05fUkVGUkVTSBA+Eh0KGUFVRElUX0FDVElPTl9MT0dJTl9GQUlMRUQQPxIdChlBVURJVF9BQ1RJT05fTE9HSU5fTE9DS0VEEEASKAokQVVESVRfQUNUSU9OX0lQX0xPR0lOX0xJTUlUX0VYQ0VFREVEEEESHwobQVVESVRfQUNUSU9OX0JBQ0tVUF9DUkVBVEVEEEISIAocQVVESVRfQUNUSU9OX0JBQ0tVUF9SRVNUT1JFRBBDEikKJUFVRElUX0FDVElPTl9SRUFMTV9FWFBPUlRfV0FURVJNQVJLRUQQRBIpCiVBVURJVF9BQ1RJT05fUkVRVUlSRURfQUNUSU9OX0FTU0lHTkVEEEUSKAokQVVESVRfQUNUSU9OX1JFUVVJUkVEX0FDVElPTl9SRU1PVkVEEEYSKgomQVVESVRfQUNUSU9OX1JFUVVJUkVEX0FDVElPTl9DT01QTEVURUQQRxItCilBVURJVF9BQ1RJT05fUkVRVUlSRURfQUNUSU9OX0FVVE9fQ0xFQVJFRBBIEi4KKkFVRElUX0FDVElPTl9QQVNTV09SRF9DT01QUk9NSVNFRF9SRUpFQ1RFRBBJEikKJUFVRElUX0FDVElPTl9CUkVBQ0hfQ0hFQ0tfVU5BVkFJTEFCTEUQShImCiJBVURJVF9BQ1RJT05fU1RFUF9VUF9NRkFfVFJJR0dFUkVEEEsSJgoiQVVESVRfQUNUSU9OX1NURVBfVVBfTUZBX0NPTVBMRVRFRBBMEisKJ0FVRElUX0FDVElPTl9TTVNfT1RQX0VOUk9MTE1FTlRfU1RBUlRFRBBNEiwKKEFVRElUX0FDVElPTl9TTVNfT1RQX0VOUk9MTE1FTlRfVkVSSUZJRUQQThIqCiZBVURJVF9BQ1RJT05fU01TX09UUF9FTlJPTExNRU5UX0ZBSUxFRBBPEiwKKEFVRElUX0FDVElPTl9TTVNfTUZBX0NIQUxMRU5HRV9TVUNDRUVERUQQUBIpCiVBVURJVF9BQ1RJT05fU01TX01GQV9DSEFMTEVOR0VfRkFJTEVEEFESHwobQVVESVRfQUNUSU9OX1NNU19NRkFfTE9DS0VEEFISKwonQVVESVRfQUNUSU9OX0RFVklDRV9GSU5HRVJQUklOVFNfRVJBU0VEEFMSJwojQVVESVRfQUNUSU9OX1NFU1NJT05fTElNSVRfRU5GT1JDRUQQVBIhCh1BVURJVF9BQ1RJT05fU0VTU0lPTlNfUkVWT0tFRBBVEiAKHEFVRElUX0FDVElPTl9TRVNTSU9OX0VWSUNURUQQVhIfChtBVURJVF9BQ1RJT05fQUJVU0VfREVURUNURUQQVxInCiNBVURJVF9BQ1RJT05fRU1BSUxfQ0hBTkdFX0lOSVRJQVRFRBBYEicKI0FVRElUX0FDVElPTl9FTUFJTF9DSEFOR0VfQ09ORklSTUVEEFkSKAokQVVESVRfQUNUSU9OX09JRENfU0lMRU5UX0FVVEhfUFJPQkVEEFoSHgoaQVVESVRfQUNUSU9OX0FHRU5UX0NSRUFURUQQWxIeChpBVURJVF9BQ1RJT05fQUdFTlRfVVBEQVRFRBBcEiAKHEFVRElUX0FDVElPTl9BR0VOVF9TVVNQRU5ERUQQXRIiCh5BVURJVF9BQ1RJT05fQUdFTlRfUkVBQ1RJVkFURUQQXhIeChpBVURJVF9BQ1RJT05fQUdFTlRfUkVWT0tFRBBfEh4KGkFVRElUX0FDVElPTl9BR0VOVF9ERUxFVEVEEGASKQolQVVESVRfQUNUSU9OX0FHRU5UX0NSRURFTlRJQUxfQ1JFQVRFRBBhEikKJUFVRElUX0FDVElPTl9BR0VOVF9DUkVERU5USUFMX1JFVk9LRUQQYhIhCh1BVURJVF9BQ1RJT05fQUdFTlRfREVMRUdBVElPThBjEiYKIkFVRElUX0FDVElPTl9BR0VOVF9UT09MX0lOVk9DQVRJT04QZBIjCh9BVURJVF9BQ1RJT05fQVBQUk9WQUxfUkVRVUVTVEVEEGUSIQodQVVESVRfQUNUSU9OX0FQUFJPVkFMX0dSQU5URUQQZhIgChxBVURJVF9BQ1RJT05fQVBQUk9WQUxfREVOSUVEEGcSJAogQVVESVRfQUNUSU9OX0FHRU5UX1RPS0VOX1JFVk9LRUQQaBIqCiZBVURJVF9BQ1RJT05fQ1JPU1NfUkVBTE1fVFJVU1RfQ1JFQVRFRBBpEioKJkFVRElUX0FDVElPTl9DUk9TU19SRUFMTV9UUlVTVF9SRVZPS0VEEGoSLgoqQVVESVRfQUNUSU9OX1BST1RFQ1RFRF9SRVNPVVJDRV9SRUdJU1RFUkVEEGsSKwonQVVESVRfQUNUSU9OX1BST1RFQ1RFRF9SRVNPVVJDRV9VUERBVEVEEGwSKwonQVVESVRfQUNUSU9OX1BST1RFQ1RFRF9SRVNPVVJDRV9ERUxFVEVEEG0SGwoXQVVESVRfQUNUSU9OX0FBVF9JU1NVRUQQbhIcChhBVURJVF9BQ1RJT05fQUFUX1JFVk9LRUQQbxIpCiVBVURJVF9BQ1RJT05fVFJBTlNBQ1RJT05fVE9LRU5fSVNTVUVEEHASKQolQVVESVRfQUNUSU9OX0NST1NTX1JFQUxNX1RPS0VOX0lTU1VFRBBxEiEKHUFVRElUX0FDVElPTl9TUElGRkVfSURfTUFQUEVEEHISJAogQVVESVRfQUNUSU9OX1NQSUZGRV9BVVRIX1NVQ0NFU1MQczLaAQoMQXVkaXRTZXJ2aWNlEmIKCkxpc3RFdmVudHMSHC5oZWFydGguZXZlbnRzLnYxLkF1ZGl0UXVlcnkaIC5oZWFydGguZXZlbnRzLnYxLkF1ZGl0RXZlbnRQYWdlIhSC0+STAg4SDC9hZG1pbi9hdWRpdBJmCg9WZXJpZnlJbnRlZ3JpdHkSKC5oZWFydGguZXZlbnRzLnYxLlZlcmlmeUludGVncml0eVJlcXVlc3QaKS5oZWFydGguZXZlbnRzLnYxLlZlcmlmeUludGVncml0eVJlc3BvbnNlQkFaP2dpdGh1Yi5jb20vaGVhcnRoZGIvaGVhcnRoL3Nka3MvZ28vZ2VuZXJhdGVkL2V2ZW50cy92MTtldmVudHN2MWIGcHJvdG8z", [file_google_api_annotations]);
+
+/**
+ * A recorded audit event in the append-only log.
+ *
+ * @generated from message hearth.events.v1.AuditEvent
+ */
+export type AuditEvent = Message<"hearth.events.v1.AuditEvent"> & {
+  /**
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * @generated from field: string realm_id = 2;
+   */
+  realmId: string;
+
+  /**
+   * @generated from field: string actor = 3;
+   */
+  actor: string;
+
+  /**
+   * @generated from field: hearth.events.v1.AuditAction action = 4;
+   */
+  action: AuditAction;
+
+  /**
+   * @generated from field: string resource_type = 5;
+   */
+  resourceType: string;
+
+  /**
+   * @generated from field: string resource_id = 6;
+   */
+  resourceId: string;
+
+  /**
+   * @generated from field: int64 timestamp = 7;
+   */
+  timestamp: bigint;
+
+  /**
+   * Optional additional context (JSON-encoded).
+   *
+   * @generated from field: optional string metadata = 8;
+   */
+  metadata?: string | undefined;
+
+  /**
+   * @generated from field: string integrity_hash = 9;
+   */
+  integrityHash: string;
+};
+
+/**
+ * Describes the message hearth.events.v1.AuditEvent.
+ * Use `create(AuditEventSchema)` to create a new message.
+ */
+export const AuditEventSchema: GenMessage<AuditEvent> = /*@__PURE__*/
+  messageDesc(file_hearth_events_v1_audit, 0);
+
+/**
+ * Request to append a new audit event.
+ *
+ * @generated from message hearth.events.v1.CreateAuditEvent
+ */
+export type CreateAuditEvent = Message<"hearth.events.v1.CreateAuditEvent"> & {
+  /**
+   * @generated from field: string realm_id = 1;
+   */
+  realmId: string;
+
+  /**
+   * @generated from field: string actor = 2;
+   */
+  actor: string;
+
+  /**
+   * @generated from field: hearth.events.v1.AuditAction action = 3;
+   */
+  action: AuditAction;
+
+  /**
+   * @generated from field: string resource_type = 4;
+   */
+  resourceType: string;
+
+  /**
+   * @generated from field: string resource_id = 5;
+   */
+  resourceId: string;
+
+  /**
+   * Optional additional context (JSON-encoded).
+   *
+   * @generated from field: optional string metadata = 6;
+   */
+  metadata?: string | undefined;
+};
+
+/**
+ * Describes the message hearth.events.v1.CreateAuditEvent.
+ * Use `create(CreateAuditEventSchema)` to create a new message.
+ */
+export const CreateAuditEventSchema: GenMessage<CreateAuditEvent> = /*@__PURE__*/
+  messageDesc(file_hearth_events_v1_audit, 1);
+
+/**
+ * Query parameters for filtering audit events.
+ * All fields except realm_id become URL query parameters on the HTTP binding.
+ *
+ * @generated from message hearth.events.v1.AuditQuery
+ */
+export type AuditQuery = Message<"hearth.events.v1.AuditQuery"> & {
+  /**
+   * @generated from field: string realm_id = 1;
+   */
+  realmId: string;
+
+  /**
+   * @generated from field: optional int64 start_time = 2;
+   */
+  startTime?: bigint | undefined;
+
+  /**
+   * @generated from field: optional int64 end_time = 3;
+   */
+  endTime?: bigint | undefined;
+
+  /**
+   * @generated from field: optional string actor = 4;
+   */
+  actor?: string | undefined;
+
+  /**
+   * @generated from field: optional hearth.events.v1.AuditAction action = 5;
+   */
+  action?: AuditAction | undefined;
+
+  /**
+   * @generated from field: optional uint32 limit = 6;
+   */
+  limit?: number | undefined;
+};
+
+/**
+ * Describes the message hearth.events.v1.AuditQuery.
+ * Use `create(AuditQuerySchema)` to create a new message.
+ */
+export const AuditQuerySchema: GenMessage<AuditQuery> = /*@__PURE__*/
+  messageDesc(file_hearth_events_v1_audit, 2);
+
+/**
+ * A page of audit events.
+ *
+ * @generated from message hearth.events.v1.AuditEventPage
+ */
+export type AuditEventPage = Message<"hearth.events.v1.AuditEventPage"> & {
+  /**
+   * @generated from field: repeated hearth.events.v1.AuditEvent events = 1;
+   */
+  events: AuditEvent[];
+};
+
+/**
+ * Describes the message hearth.events.v1.AuditEventPage.
+ * Use `create(AuditEventPageSchema)` to create a new message.
+ */
+export const AuditEventPageSchema: GenMessage<AuditEventPage> = /*@__PURE__*/
+  messageDesc(file_hearth_events_v1_audit, 3);
+
+/**
+ * Request to verify the integrity hash chain of the realm's audit log.
+ * Realm context comes from the `x-realm-id` metadata (admin interceptor).
+ *
+ * @generated from message hearth.events.v1.VerifyIntegrityRequest
+ */
+export type VerifyIntegrityRequest = Message<"hearth.events.v1.VerifyIntegrityRequest"> & {
+};
+
+/**
+ * Describes the message hearth.events.v1.VerifyIntegrityRequest.
+ * Use `create(VerifyIntegrityRequestSchema)` to create a new message.
+ */
+export const VerifyIntegrityRequestSchema: GenMessage<VerifyIntegrityRequest> = /*@__PURE__*/
+  messageDesc(file_hearth_events_v1_audit, 4);
+
+/**
+ * Result of an integrity check. `ok = true` means the hash chain verified
+ * end-to-end; `ok = false` indicates a broken link at `broken_at_event_id`.
+ *
+ * @generated from message hearth.events.v1.VerifyIntegrityResponse
+ */
+export type VerifyIntegrityResponse = Message<"hearth.events.v1.VerifyIntegrityResponse"> & {
+  /**
+   * @generated from field: bool ok = 1;
+   */
+  ok: boolean;
+
+  /**
+   * @generated from field: optional string broken_at_event_id = 2;
+   */
+  brokenAtEventId?: string | undefined;
+
+  /**
+   * @generated from field: uint64 event_count = 3;
+   */
+  eventCount: bigint;
+};
+
+/**
+ * Describes the message hearth.events.v1.VerifyIntegrityResponse.
+ * Use `create(VerifyIntegrityResponseSchema)` to create a new message.
+ */
+export const VerifyIntegrityResponseSchema: GenMessage<VerifyIntegrityResponse> = /*@__PURE__*/
+  messageDesc(file_hearth_events_v1_audit, 5);
+
+/**
+ * Categories of security-critical actions recorded in the audit log.
+ *
+ * @generated from enum hearth.events.v1.AuditAction
+ */
+export enum AuditAction {
+  /**
+   * @generated from enum value: AUDIT_ACTION_UNSPECIFIED = 0;
+   */
+  UNSPECIFIED = 0,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_USER_CREATED = 1;
+   */
+  USER_CREATED = 1,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_USER_UPDATED = 2;
+   */
+  USER_UPDATED = 2,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_USER_DELETED = 3;
+   */
+  USER_DELETED = 3,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CREDENTIAL_SET = 4;
+   */
+  CREDENTIAL_SET = 4,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CREDENTIAL_CHANGED = 5;
+   */
+  CREDENTIAL_CHANGED = 5,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CREDENTIAL_VERIFIED = 6;
+   */
+  CREDENTIAL_VERIFIED = 6,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SESSION_CREATED = 7;
+   */
+  SESSION_CREATED = 7,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SESSION_REVOKED = 8;
+   */
+  SESSION_REVOKED = 8,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_TOKEN_ISSUED = 9;
+   */
+  TOKEN_ISSUED = 9,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_TOKEN_REFRESHED = 10;
+   */
+  TOKEN_REFRESHED = 10,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_REALM_CREATED = 11;
+   */
+  REALM_CREATED = 11,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_REALM_UPDATED = 12;
+   */
+  REALM_UPDATED = 12,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_REALM_DELETED = 13;
+   */
+  REALM_DELETED = 13,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CLIENT_REGISTERED = 14;
+   */
+  CLIENT_REGISTERED = 14,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AUTHORIZATION_CODE_ISSUED = 15;
+   */
+  AUTHORIZATION_CODE_ISSUED = 15,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AUTHORIZATION_CODE_EXCHANGED = 16;
+   */
+  AUTHORIZATION_CODE_EXCHANGED = 16,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_TUPLE_WRITTEN = 17;
+   */
+  TUPLE_WRITTEN = 17,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_TUPLE_DELETED = 18;
+   */
+  TUPLE_DELETED = 18,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CLIENT_UPDATED = 19;
+   */
+  CLIENT_UPDATED = 19,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CLIENT_DELETED = 20;
+   */
+  CLIENT_DELETED = 20,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_BULK_USERS_CREATED = 21;
+   */
+  BULK_USERS_CREATED = 21,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_BULK_USERS_DISABLED = 22;
+   */
+  BULK_USERS_DISABLED = 22,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_ORG_CREATED = 23;
+   */
+  ORG_CREATED = 23,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_ORG_UPDATED = 24;
+   */
+  ORG_UPDATED = 24,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_ORG_DELETED = 25;
+   */
+  ORG_DELETED = 25,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CONSENT_GRANTED = 26;
+   */
+  CONSENT_GRANTED = 26,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CONSENT_DENIED = 27;
+   */
+  CONSENT_DENIED = 27,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CONSENT_REVOKED = 28;
+   */
+  CONSENT_REVOKED = 28,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_FEDERATION_LOGIN_STARTED = 29;
+   */
+  FEDERATION_LOGIN_STARTED = 29,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_FEDERATION_LOGIN_COMPLETED = 30;
+   */
+  FEDERATION_LOGIN_COMPLETED = 30,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_FEDERATION_ACCOUNT_LINKED = 31;
+   */
+  FEDERATION_ACCOUNT_LINKED = 31,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_FEDERATION_ACCOUNT_UNLINKED = 32;
+   */
+  FEDERATION_ACCOUNT_UNLINKED = 32,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_FEDERATION_JIT_PROVISIONED = 33;
+   */
+  FEDERATION_JIT_PROVISIONED = 33,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SAML_LOGIN_INITIATED = 34;
+   */
+  SAML_LOGIN_INITIATED = 34,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SAML_LOGIN_COMPLETED = 35;
+   */
+  SAML_LOGIN_COMPLETED = 35,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SAML_LOGIN_FAILED = 36;
+   */
+  SAML_LOGIN_FAILED = 36,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SAML_IDP_AUTHN_REQUEST_RECEIVED = 37;
+   */
+  SAML_IDP_AUTHN_REQUEST_RECEIVED = 37,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SAML_IDP_RESPONSE_ISSUED = 38;
+   */
+  SAML_IDP_RESPONSE_ISSUED = 38,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SAML_IDP_INITIATED_SSO = 39;
+   */
+  SAML_IDP_INITIATED_SSO = 39,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SAML_SLO_REQUESTED = 40;
+   */
+  SAML_SLO_REQUESTED = 40,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SAML_SLO_COMPLETED = 41;
+   */
+  SAML_SLO_COMPLETED = 41,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SCIM_USER_CREATED = 42;
+   */
+  SCIM_USER_CREATED = 42,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SCIM_USER_UPDATED = 43;
+   */
+  SCIM_USER_UPDATED = 43,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SCIM_USER_DELETED = 44;
+   */
+  SCIM_USER_DELETED = 44,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SCIM_GROUP_CREATED = 45;
+   */
+  SCIM_GROUP_CREATED = 45,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SCIM_GROUP_UPDATED = 46;
+   */
+  SCIM_GROUP_UPDATED = 46,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SCIM_GROUP_DELETED = 47;
+   */
+  SCIM_GROUP_DELETED = 47,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_ROLE_ASSIGNED = 48;
+   */
+  ROLE_ASSIGNED = 48,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_ROLE_REVOKED = 49;
+   */
+  ROLE_REVOKED = 49,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CLEANUP = 50;
+   */
+  CLEANUP = 50,
+
+  /**
+   * RBAC group management
+   *
+   * @generated from enum value: AUDIT_ACTION_GROUP_CREATED = 51;
+   */
+  GROUP_CREATED = 51,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_GROUP_UPDATED = 52;
+   */
+  GROUP_UPDATED = 52,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_GROUP_DELETED = 53;
+   */
+  GROUP_DELETED = 53,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_GROUP_MEMBER_ADDED = 54;
+   */
+  GROUP_MEMBER_ADDED = 54,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_GROUP_MEMBER_REMOVED = 55;
+   */
+  GROUP_MEMBER_REMOVED = 55,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_GROUP_MEMBER_ROLE_CHANGED = 56;
+   */
+  GROUP_MEMBER_ROLE_CHANGED = 56,
+
+  /**
+   * Permission management
+   *
+   * @generated from enum value: AUDIT_ACTION_ORPHANED_REFERENCE_SKIPPED = 57;
+   */
+  ORPHANED_REFERENCE_SKIPPED = 57,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_USER_PERMISSION_GRANTED = 58;
+   */
+  USER_PERMISSION_GRANTED = 58,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_USER_PERMISSION_REVOKED = 59;
+   */
+  USER_PERMISSION_REVOKED = 59,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CLIENT_CONSENT_GRANTED = 60;
+   */
+  CLIENT_CONSENT_GRANTED = 60,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CLIENT_CONSENT_REVOKED = 61;
+   */
+  CLIENT_CONSENT_REVOKED = 61,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CONSENT_REQUIRED_ON_REFRESH = 62;
+   */
+  CONSENT_REQUIRED_ON_REFRESH = 62,
+
+  /**
+   * Login events
+   *
+   * @generated from enum value: AUDIT_ACTION_LOGIN_FAILED = 63;
+   */
+  LOGIN_FAILED = 63,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_LOGIN_LOCKED = 64;
+   */
+  LOGIN_LOCKED = 64,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_IP_LOGIN_LIMIT_EXCEEDED = 65;
+   */
+  IP_LOGIN_LIMIT_EXCEEDED = 65,
+
+  /**
+   * Backup and export
+   *
+   * @generated from enum value: AUDIT_ACTION_BACKUP_CREATED = 66;
+   */
+  BACKUP_CREATED = 66,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_BACKUP_RESTORED = 67;
+   */
+  BACKUP_RESTORED = 67,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_REALM_EXPORT_WATERMARKED = 68;
+   */
+  REALM_EXPORT_WATERMARKED = 68,
+
+  /**
+   * Required actions
+   *
+   * @generated from enum value: AUDIT_ACTION_REQUIRED_ACTION_ASSIGNED = 69;
+   */
+  REQUIRED_ACTION_ASSIGNED = 69,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_REQUIRED_ACTION_REMOVED = 70;
+   */
+  REQUIRED_ACTION_REMOVED = 70,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_REQUIRED_ACTION_COMPLETED = 71;
+   */
+  REQUIRED_ACTION_COMPLETED = 71,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_REQUIRED_ACTION_AUTO_CLEARED = 72;
+   */
+  REQUIRED_ACTION_AUTO_CLEARED = 72,
+
+  /**
+   * Password security
+   *
+   * @generated from enum value: AUDIT_ACTION_PASSWORD_COMPROMISED_REJECTED = 73;
+   */
+  PASSWORD_COMPROMISED_REJECTED = 73,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_BREACH_CHECK_UNAVAILABLE = 74;
+   */
+  BREACH_CHECK_UNAVAILABLE = 74,
+
+  /**
+   * Adaptive MFA / step-up
+   *
+   * @generated from enum value: AUDIT_ACTION_STEP_UP_MFA_TRIGGERED = 75;
+   */
+  STEP_UP_MFA_TRIGGERED = 75,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_STEP_UP_MFA_COMPLETED = 76;
+   */
+  STEP_UP_MFA_COMPLETED = 76,
+
+  /**
+   * SMS OTP enrollment
+   *
+   * @generated from enum value: AUDIT_ACTION_SMS_OTP_ENROLLMENT_STARTED = 77;
+   */
+  SMS_OTP_ENROLLMENT_STARTED = 77,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SMS_OTP_ENROLLMENT_VERIFIED = 78;
+   */
+  SMS_OTP_ENROLLMENT_VERIFIED = 78,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SMS_OTP_ENROLLMENT_FAILED = 79;
+   */
+  SMS_OTP_ENROLLMENT_FAILED = 79,
+
+  /**
+   * SMS MFA challenges
+   *
+   * @generated from enum value: AUDIT_ACTION_SMS_MFA_CHALLENGE_SUCCEEDED = 80;
+   */
+  SMS_MFA_CHALLENGE_SUCCEEDED = 80,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SMS_MFA_CHALLENGE_FAILED = 81;
+   */
+  SMS_MFA_CHALLENGE_FAILED = 81,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SMS_MFA_LOCKED = 82;
+   */
+  SMS_MFA_LOCKED = 82,
+
+  /**
+   * Device fingerprints
+   *
+   * @generated from enum value: AUDIT_ACTION_DEVICE_FINGERPRINTS_ERASED = 83;
+   */
+  DEVICE_FINGERPRINTS_ERASED = 83,
+
+  /**
+   * Session management
+   *
+   * @generated from enum value: AUDIT_ACTION_SESSION_LIMIT_ENFORCED = 84;
+   */
+  SESSION_LIMIT_ENFORCED = 84,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SESSIONS_REVOKED = 85;
+   */
+  SESSIONS_REVOKED = 85,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SESSION_EVICTED = 86;
+   */
+  SESSION_EVICTED = 86,
+
+  /**
+   * Abuse detection
+   *
+   * @generated from enum value: AUDIT_ACTION_ABUSE_DETECTED = 87;
+   */
+  ABUSE_DETECTED = 87,
+
+  /**
+   * Email change
+   *
+   * @generated from enum value: AUDIT_ACTION_EMAIL_CHANGE_INITIATED = 88;
+   */
+  EMAIL_CHANGE_INITIATED = 88,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_EMAIL_CHANGE_CONFIRMED = 89;
+   */
+  EMAIL_CHANGE_CONFIRMED = 89,
+
+  /**
+   * OIDC silent auth
+   *
+   * @generated from enum value: AUDIT_ACTION_OIDC_SILENT_AUTH_PROBED = 90;
+   */
+  OIDC_SILENT_AUTH_PROBED = 90,
+
+  /**
+   * Agent lifecycle
+   *
+   * @generated from enum value: AUDIT_ACTION_AGENT_CREATED = 91;
+   */
+  AGENT_CREATED = 91,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_UPDATED = 92;
+   */
+  AGENT_UPDATED = 92,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_SUSPENDED = 93;
+   */
+  AGENT_SUSPENDED = 93,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_REACTIVATED = 94;
+   */
+  AGENT_REACTIVATED = 94,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_REVOKED = 95;
+   */
+  AGENT_REVOKED = 95,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_DELETED = 96;
+   */
+  AGENT_DELETED = 96,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_CREDENTIAL_CREATED = 97;
+   */
+  AGENT_CREDENTIAL_CREATED = 97,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_CREDENTIAL_REVOKED = 98;
+   */
+  AGENT_CREDENTIAL_REVOKED = 98,
+
+  /**
+   * Agent delegation and MCP (M2)
+   *
+   * @generated from enum value: AUDIT_ACTION_AGENT_DELEGATION = 99;
+   */
+  AGENT_DELEGATION = 99,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_TOOL_INVOCATION = 100;
+   */
+  AGENT_TOOL_INVOCATION = 100,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_APPROVAL_REQUESTED = 101;
+   */
+  APPROVAL_REQUESTED = 101,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_APPROVAL_GRANTED = 102;
+   */
+  APPROVAL_GRANTED = 102,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_APPROVAL_DENIED = 103;
+   */
+  APPROVAL_DENIED = 103,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AGENT_TOKEN_REVOKED = 104;
+   */
+  AGENT_TOKEN_REVOKED = 104,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CROSS_REALM_TRUST_CREATED = 105;
+   */
+  CROSS_REALM_TRUST_CREATED = 105,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CROSS_REALM_TRUST_REVOKED = 106;
+   */
+  CROSS_REALM_TRUST_REVOKED = 106,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_PROTECTED_RESOURCE_REGISTERED = 107;
+   */
+  PROTECTED_RESOURCE_REGISTERED = 107,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_PROTECTED_RESOURCE_UPDATED = 108;
+   */
+  PROTECTED_RESOURCE_UPDATED = 108,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_PROTECTED_RESOURCE_DELETED = 109;
+   */
+  PROTECTED_RESOURCE_DELETED = 109,
+
+  /**
+   * Phase D — advanced agent surface
+   *
+   * @generated from enum value: AUDIT_ACTION_AAT_ISSUED = 110;
+   */
+  AAT_ISSUED = 110,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_AAT_REVOKED = 111;
+   */
+  AAT_REVOKED = 111,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_TRANSACTION_TOKEN_ISSUED = 112;
+   */
+  TRANSACTION_TOKEN_ISSUED = 112,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_CROSS_REALM_TOKEN_ISSUED = 113;
+   */
+  CROSS_REALM_TOKEN_ISSUED = 113,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SPIFFE_ID_MAPPED = 114;
+   */
+  SPIFFE_ID_MAPPED = 114,
+
+  /**
+   * @generated from enum value: AUDIT_ACTION_SPIFFE_AUTH_SUCCESS = 115;
+   */
+  SPIFFE_AUTH_SUCCESS = 115,
+}
+
+/**
+ * Describes the enum hearth.events.v1.AuditAction.
+ */
+export const AuditActionSchema: GenEnum<AuditAction> = /*@__PURE__*/
+  enumDesc(file_hearth_events_v1_audit, 0);
+
+/**
+ * @generated from service hearth.events.v1.AuditService
+ */
+export const AuditService: GenService<{
+  /**
+   * Query audit events with optional filters. Maps to GET /admin/audit.
+   *
+   * @generated from rpc hearth.events.v1.AuditService.ListEvents
+   */
+  listEvents: {
+    methodKind: "unary";
+    input: typeof AuditQuerySchema;
+    output: typeof AuditEventPageSchema;
+  },
+  /**
+   * Verify the integrity hash chain — gRPC-only (no REST route yet).
+   *
+   * @generated from rpc hearth.events.v1.AuditService.VerifyIntegrity
+   */
+  verifyIntegrity: {
+    methodKind: "unary";
+    input: typeof VerifyIntegrityRequestSchema;
+    output: typeof VerifyIntegrityResponseSchema;
+  },
+}> = /*@__PURE__*/
+  serviceDesc(file_hearth_events_v1_audit, 0);
+