@inkbox/sdk 0.1.4 → 0.2.0

package/README.md

@@ -1,6 +1,6 @@
 # @inkbox/sdk
 
-TypeScript SDK for the [Inkbox API](https://www.inkbox.ai/docs) — API-first communication infrastructure for AI agents (email, phone, authenticator/OTP, identities).
+TypeScript SDK for the [Inkbox API](https://inkbox.ai/docs) — API-first communication infrastructure for AI agents (email, phone, authenticator/OTP, identities).
 
 ## Install
 
@@ -19,7 +19,10 @@ You'll need an API key to use this SDK. Get one at [console.inkbox.ai](https://c
 ```ts
 import { Inkbox } from "@inkbox/sdk";
 
-const inkbox = new Inkbox({ apiKey: process.env.INKBOX_API_KEY! });
+const inkbox = new Inkbox({
+  apiKey: process.env.INKBOX_API_KEY!,
+  vaultKey: process.env.INKBOX_VAULT_KEY,
+});
 
 // Create an agent identity
 const identity = await inkbox.createIdentity("support-bot");
@@ -48,6 +51,12 @@ for await (const message of identity.iterEmails()) {
 
 // List calls
 const calls = await identity.listCalls();
+
+// Access credentials (vault unlocked at construction)
+const creds = await identity.getCredentials();
+for (const login of creds.listLogins()) {
+  console.log(login.name);
+}
 ```
 
 ## Authentication
@@ -246,6 +255,37 @@ await inkbox.authenticatorApps.delete("app-uuid");
 
 ---
 
+## Credentials
+
+Access credentials stored in the vault through the agent-facing `credentials` surface. The vault must be unlocked first.
+
+```ts
+// Unlock the vault (once per session)
+await inkbox.vault.unlock("my-Vault-key-01!");
+
+const identity = await inkbox.getIdentity("my-agent");
+const creds = await identity.getCredentials();
+
+// Discovery — list credentials this identity has access to
+for (const login of creds.listLogins()) {
+  console.log(login.name, (login.payload as LoginPayload).username);
+}
+
+for (const key of creds.listApiKeys()) {
+  console.log(key.name, (key.payload as APIKeyPayload).accessKey);
+}
+
+// Access by UUID — returns the typed payload directly
+const login  = creds.getLogin("secret-uuid");    // → LoginPayload
+const apiKey = creds.getApiKey("secret-uuid");    // → APIKeyPayload
+const sshKey = creds.getSshKey("secret-uuid");    // → SSHKeyPayload
+
+// Generic access
+const secret = creds.get("secret-uuid");          // → DecryptedVaultSecret
+```
+
+---
+
 ## Org-level Mailboxes
 
 Manage mailboxes directly without going through an identity. Access via `inkbox.mailboxes`.

package/dist/_http.d.ts

@@ -3,7 +3,13 @@
  *
  * Async HTTP transport (internal). Zero runtime dependencies — uses native fetch.
  */
-export declare class InkboxAPIError extends Error {
+export declare class InkboxError extends Error {
+    constructor(message: string);
+}
+export declare class InkboxVaultKeyError extends InkboxError {
+    constructor(message: string);
+}
+export declare class InkboxAPIError extends InkboxError {
     readonly statusCode: number;
     readonly detail: string;
     constructor(statusCode: number, detail: string);

package/dist/_http.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"_http.d.ts","sourceRoot":"","sources":["../src/_http.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,qBAAa,cAAe,SAAQ,KAAK;IACvC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;gBAEZ,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CAM/C;AAED,KAAK,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,GAAG,IAAI,CAAC,CAAC;AAE3E,qBAAa,aAAa;IAEtB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,OAAO;IACxB,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAFT,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAe;IAGvC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAIjD,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAIjD,KAAK,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAIjD,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;YAI3B,OAAO;CA6DtB"}
+{"version":3,"file":"_http.d.ts","sourceRoot":"","sources":["../src/_http.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,qBAAa,WAAY,SAAQ,KAAK;gBACxB,OAAO,EAAE,MAAM;CAI5B;AAED,qBAAa,mBAAoB,SAAQ,WAAW;gBACtC,OAAO,EAAE,MAAM;CAI5B;AAED,qBAAa,cAAe,SAAQ,WAAW;IAC7C,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;gBAEZ,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;CAM/C;AAED,KAAK,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,GAAG,IAAI,CAAC,CAAC;AAE3E,qBAAa,aAAa;IAEtB,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,OAAO;IACxB,OAAO,CAAC,QAAQ,CAAC,SAAS;gBAFT,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAe;IAGvC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC;IAIjD,IAAI,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAIjD,KAAK,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC;IAIjD,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;YAI3B,OAAO;CA6DtB"}

package/dist/_http.js

@@ -3,7 +3,19 @@
  *
  * Async HTTP transport (internal). Zero runtime dependencies — uses native fetch.
  */
-export class InkboxAPIError extends Error {
+export class InkboxError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "InkboxError";
+    }
+}
+export class InkboxVaultKeyError extends InkboxError {
+    constructor(message) {
+        super(message);
+        this.name = "InkboxVaultKeyError";
+    }
+}
+export class InkboxAPIError extends InkboxError {
     statusCode;
     detail;
     constructor(statusCode, detail) {

package/dist/_http.js.map

@@ -1 +1 @@
-{"version":3,"file":"_http.js","sourceRoot":"","sources":["../src/_http.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,OAAO,cAAe,SAAQ,KAAK;IAC9B,UAAU,CAAS;IACnB,MAAM,CAAS;IAExB,YAAY,UAAkB,EAAE,MAAc;QAC5C,KAAK,CAAC,QAAQ,UAAU,KAAK,MAAM,EAAE,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAID,MAAM,OAAO,aAAa;IAEL;IACA;IACA;IAHnB,YACmB,MAAc,EACd,OAAe,EACf,YAAoB,MAAM;QAF1B,WAAM,GAAN,MAAM,CAAQ;QACd,YAAO,GAAP,OAAO,CAAQ;QACf,cAAS,GAAT,SAAS,CAAiB;IAC1C,CAAC;IAEJ,KAAK,CAAC,GAAG,CAAI,IAAY,EAAE,MAAe;QACxC,OAAO,IAAI,CAAC,OAAO,CAAI,KAAK,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,IAAI,CAAI,IAAY,EAAE,IAAc;QACxC,OAAO,IAAI,CAAC,OAAO,CAAI,MAAM,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,KAAK,CAAI,IAAY,EAAE,IAAa;QACxC,OAAO,IAAI,CAAC,OAAO,CAAI,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAY;QACvB,MAAM,IAAI,CAAC,OAAO,CAAO,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC3C,CAAC;IAEO,KAAK,CAAC,OAAO,CACnB,MAAc,EACd,IAAY,EACZ,OAA4C,EAAE;QAE9C,IAAI,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QAEnC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,MAAM,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC;YACjC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjD,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;oBAClC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YACD,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;YACxB,IAAI,CAAC;gBAAE,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC;QACxB,CAAC;QAED,MAAM,OAAO,GAA2B;YACtC,iBAAiB,EAAE,IAAI,CAAC,MAAM;YAC9B,MAAM,EAAE,kBAAkB;SAC3B,CAAC;QAEF,IAAI,OAA2B,CAAC;QAChC,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;YAC7C,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAEnE,IAAI,IAAc,CAAC;QACnB,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBACtB,MAAM;gBACN,OAAO;gBACP,IAAI,EAAE,OAAO;gBACb,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;QACL,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,IAAI,MAAc,CAAC;YACnB,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAwB,CAAC;gBACvD,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC;YACzC,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC;YAC3B,CAAC;YACD,MAAM,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAChD,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACxB,OAAO,SAAc,CAAC;QACxB,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,EAAgB,CAAC;IACnC,CAAC;CACF"}
+{"version":3,"file":"_http.js","sourceRoot":"","sources":["../src/_http.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,OAAO,WAAY,SAAQ,KAAK;IACpC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;IAC5B,CAAC;CACF;AAED,MAAM,OAAO,mBAAoB,SAAQ,WAAW;IAClD,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED,MAAM,OAAO,cAAe,SAAQ,WAAW;IACpC,UAAU,CAAS;IACnB,MAAM,CAAS;IAExB,YAAY,UAAkB,EAAE,MAAc;QAC5C,KAAK,CAAC,QAAQ,UAAU,KAAK,MAAM,EAAE,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAID,MAAM,OAAO,aAAa;IAEL;IACA;IACA;IAHnB,YACmB,MAAc,EACd,OAAe,EACf,YAAoB,MAAM;QAF1B,WAAM,GAAN,MAAM,CAAQ;QACd,YAAO,GAAP,OAAO,CAAQ;QACf,cAAS,GAAT,SAAS,CAAiB;IAC1C,CAAC;IAEJ,KAAK,CAAC,GAAG,CAAI,IAAY,EAAE,MAAe;QACxC,OAAO,IAAI,CAAC,OAAO,CAAI,KAAK,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,IAAI,CAAI,IAAY,EAAE,IAAc;QACxC,OAAO,IAAI,CAAC,OAAO,CAAI,MAAM,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,KAAK,CAAI,IAAY,EAAE,IAAa;QACxC,OAAO,IAAI,CAAC,OAAO,CAAI,OAAO,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAY;QACvB,MAAM,IAAI,CAAC,OAAO,CAAO,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC3C,CAAC;IAEO,KAAK,CAAC,OAAO,CACnB,MAAc,EACd,IAAY,EACZ,OAA4C,EAAE;QAE9C,IAAI,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QAEnC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,MAAM,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC;YACjC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjD,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;oBAClC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YACD,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;YACxB,IAAI,CAAC;gBAAE,GAAG,IAAI,IAAI,CAAC,EAAE,CAAC;QACxB,CAAC;QAED,MAAM,OAAO,GAA2B;YACtC,iBAAiB,EAAE,IAAI,CAAC,MAAM;YAC9B,MAAM,EAAE,kBAAkB;SAC3B,CAAC;QAEF,IAAI,OAA2B,CAAC;QAChC,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;YAC7C,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAEnE,IAAI,IAAc,CAAC;QACnB,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBACtB,MAAM;gBACN,OAAO;gBACP,IAAI,EAAE,OAAO;gBACb,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;QACL,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,IAAI,MAAc,CAAC;YACnB,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAwB,CAAC;gBACvD,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC;YACzC,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC;YAC3B,CAAC;YACD,MAAM,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAChD,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YACxB,OAAO,SAAc,CAAC;QACxB,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,EAAgB,CAAC;IACnC,CAAC;CACF"}

package/dist/agent_identity.d.ts

@@ -9,6 +9,8 @@
  * address or phone number ID explicitly.
  */
 import type { AuthenticatorAccount, AuthenticatorApp, OTPCode } from "./authenticator/types.js";
+import { Credentials } from "./credentials.js";
+import { MessageDirection } from "./mail/types.js";
 import type { Message, MessageDetail, ThreadDetail } from "./mail/types.js";
 import type { PhoneCall, PhoneCallWithRateLimit, PhoneTranscript } from "./phone/types.js";
 import type { _AgentIdentityData, IdentityAuthenticatorApp, IdentityMailbox, IdentityPhoneNumber } from "./identities/types.js";
@@ -19,6 +21,8 @@ export declare class AgentIdentity {
     private _mailbox;
     private _phoneNumber;
     private _authenticatorApp;
+    private _credentials;
+    private _credentialsVaultRef;
     constructor(data: _AgentIdentityData, inkbox: Inkbox);
     get agentHandle(): string;
     get id(): string;
@@ -29,6 +33,29 @@ export declare class AgentIdentity {
     get phoneNumber(): IdentityPhoneNumber | null;
     /** The authenticator app currently assigned to this identity, or `null` if none. */
     get authenticatorApp(): IdentityAuthenticatorApp | null;
+    /**
+     * Identity-scoped credential access.
+     *
+     * Returns a {@link Credentials} object filtered to the secrets this
+     * identity has been granted access to. The vault must be unlocked
+     * first via `inkbox.vault.unlock(vaultKey)`.
+     *
+     * The result is cached and automatically invalidated when the
+     * vault is re-unlocked.  Call {@link refresh} to manually clear
+     * the cache (e.g. after access-rule changes).
+     *
+     * @throws Error if the vault has not been unlocked.
+     */
+    getCredentials(): Promise<Credentials>;
+    /**
+     * Revoke this identity's access to a vault secret.
+     *
+     * Also clears the credentials cache so the next call to
+     * {@link getCredentials} reflects the change.
+     *
+     * @param secretId - UUID of the secret to revoke access from.
+     */
+    revokeCredentialAccess(secretId: string): Promise<void>;
     /**
      * Create a new mailbox and link it to this identity.
      *
@@ -127,7 +154,7 @@ export declare class AgentIdentity {
      */
     iterEmails(options?: {
         pageSize?: number;
-        direction?: "inbound" | "outbound";
+        direction?: MessageDirection;
     }): AsyncGenerator<Message>;
     /**
      * Iterate over unread emails in this identity's inbox, newest first.
@@ -139,7 +166,7 @@ export declare class AgentIdentity {
      */
     iterUnreadEmails(options?: {
         pageSize?: number;
-        direction?: "inbound" | "outbound";
+        direction?: MessageDirection;
     }): AsyncGenerator<Message>;
     /**
      * Mark a list of messages as read.
@@ -219,7 +246,7 @@ export declare class AgentIdentity {
         description?: string | null;
     }): Promise<AuthenticatorAccount>;
     /**
-     * Soft-delete an authenticator account.
+     * Delete an authenticator account.
      *
      * @param accountId - UUID of the authenticator account to delete.
      */
@@ -244,11 +271,16 @@ export declare class AgentIdentity {
     /**
      * Re-fetch this identity from the API and update cached channels.
      *
+     * Also clears the credentials filter cache so the next call to
+     * {@link getCredentials} re-evaluates access rules.  (The cache is
+     * also automatically invalidated when the vault is re-unlocked.)
+     *
      * @returns `this` for chaining.
      */
     refresh(): Promise<AgentIdentity>;
-    /** Soft-delete this identity (unlinks channels without deleting them). */
+    /** Delete this identity (unlinks channels without deleting them). */
     delete(): Promise<void>;
+    private _requireVaultUnlocked;
     private _requireMailbox;
     private _requirePhone;
     private _requireAuthenticatorApp;

package/dist/agent_identity.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"agent_identity.d.ts","sourceRoot":"","sources":["../src/agent_identity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,KAAK,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAChG,OAAO,KAAK,EAAE,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC5E,OAAO,KAAK,EAAE,SAAS,EAAE,sBAAsB,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAC3F,OAAO,KAAK,EAEV,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,EACf,mBAAmB,EACpB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAE1C,qBAAa,aAAa;IACxB,OAAO,CAAC,KAAK,CAAqB;IAClC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAyB;IACzC,OAAO,CAAC,YAAY,CAA6B;IACjD,OAAO,CAAC,iBAAiB,CAAkC;gBAE/C,IAAI,EAAE,kBAAkB,EAAE,MAAM,EAAE,MAAM;IAYpD,IAAI,WAAW,IAAI,MAAM,CAAmC;IAC5D,IAAI,EAAE,IAAI,MAAM,CAAoC;IACpD,IAAI,MAAM,IAAI,MAAM,CAAoC;IAExD,0EAA0E;IAC1E,IAAI,OAAO,IAAI,eAAe,GAAG,IAAI,CAA0B;IAE/D,+EAA+E;IAC/E,IAAI,WAAW,IAAI,mBAAmB,GAAG,IAAI,CAA8B;IAE3E,oFAAoF;IACpF,IAAI,gBAAgB,IAAI,wBAAwB,GAAG,IAAI,CAAmC;IAM1F;;;;;OAKG;IACG,aAAa,CAAC,OAAO,GAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,eAAe,CAAC;IAiBrF;;;;;;OAMG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAShE;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAMpC;;;;;;OAMG;IACG,oBAAoB,CACxB,OAAO,GAAE;QAAE,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAO,GAC9C,OAAO,CAAC,mBAAmB,CAAC;IAQ/B;;;;;;OAMG;IACG,iBAAiB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAS5E;;OAEG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAMxC;;;;OAIG;IACG,sBAAsB,IAAI,OAAO,CAAC,gBAAgB,CAAC;IAazD;;;;;;OAMG;IACG,sBAAsB,CAAC,kBAAkB,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC;IAS3F;;OAEG;IACG,sBAAsB,IAAI,OAAO,CAAC,IAAI,CAAC;IAU7C;;;;;;;;;;;OAWG;IACG,SAAS,CAAC,OAAO,EAAE;QACvB,EAAE,EAAE,MAAM,EAAE,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;QACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,WAAW,CAAC,EAAE,KAAK,CAAC;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAC;YAAC,aAAa,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACvF,GAAG,OAAO,CAAC,OAAO,CAAC;IAKpB;;;;;;;OAOG;IACH,UAAU,CAAC,OAAO,GAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,SAAS,GAAG,UAAU,CAAA;KAAO,GAAG,cAAc,CAAC,OAAO,CAAC;IAK5G;;;;;;;OAOG;IACI,gBAAgB,CAAC,OAAO,GAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,SAAS,GAAG,UAAU,CAAA;KAAO,GAAG,cAAc,CAAC,OAAO,CAAC;IAMzH;;;;OAIG;IACG,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAOzD;;;;;OAKG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAK3D;;;;;OAKG;IACG,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IASxD;;;;;OAKG;IACG,SAAS,CAAC,OAAO,EAAE;QACvB,QAAQ,EAAE,MAAM,CAAC;QACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,GAAG,OAAO,CAAC,sBAAsB,CAAC;IASnC;;;;;OAKG;IACG,SAAS,CAAC,OAAO,GAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAKxF;;;;OAIG;IACG,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IASjE;;;;;;OAMG;IACG,0BAA0B,CAAC,OAAO,EAAE;QACxC,UAAU,EAAE,MAAM,CAAC;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAKjC,8DAA8D;IACxD,yBAAyB,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;IAKlE;;;;OAIG;IACG,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAK/E;;;;;;OAMG;IACG,0BAA0B,CAC9B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GACpE,OAAO,CAAC,oBAAoB,CAAC;IAKhC;;;;OAIG;IACG,0BAA0B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKlE;;;;;OAKG;IACG,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAStD;;;;;OAKG;IACG,MAAM,CAAC,OAAO,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAU7E;;;;OAIG;IACG,OAAO,IAAI,OAAO,CAAC,aAAa,CAAC;IASvC,0EAA0E;IACpE,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ7B,OAAO,CAAC,eAAe;IASvB,OAAO,CAAC,aAAa;IASrB,OAAO,CAAC,wBAAwB;CAQjC"}
+{"version":3,"file":"agent_identity.d.ts","sourceRoot":"","sources":["../src/agent_identity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,KAAK,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,OAAO,EAAE,MAAM,0BAA0B,CAAC;AAChG,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,KAAK,EAAE,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC5E,OAAO,KAAK,EAAE,SAAS,EAAE,sBAAsB,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAC3F,OAAO,KAAK,EAEV,kBAAkB,EAClB,wBAAwB,EACxB,eAAe,EACf,mBAAmB,EACpB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAE1C,qBAAa,aAAa;IACxB,OAAO,CAAC,KAAK,CAAqB;IAClC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAyB;IACzC,OAAO,CAAC,YAAY,CAA6B;IACjD,OAAO,CAAC,iBAAiB,CAAkC;IAC3D,OAAO,CAAC,YAAY,CAA4B;IAChD,OAAO,CAAC,oBAAoB,CAAuB;gBAEvC,IAAI,EAAE,kBAAkB,EAAE,MAAM,EAAE,MAAM;IAYpD,IAAI,WAAW,IAAI,MAAM,CAAmC;IAC5D,IAAI,EAAE,IAAI,MAAM,CAAoC;IACpD,IAAI,MAAM,IAAI,MAAM,CAAoC;IAExD,0EAA0E;IAC1E,IAAI,OAAO,IAAI,eAAe,GAAG,IAAI,CAA0B;IAE/D,+EAA+E;IAC/E,IAAI,WAAW,IAAI,mBAAmB,GAAG,IAAI,CAA8B;IAE3E,oFAAoF;IACpF,IAAI,gBAAgB,IAAI,wBAAwB,GAAG,IAAI,CAAmC;IAE1F;;;;;;;;;;;;OAYG;IACG,cAAc,IAAI,OAAO,CAAC,WAAW,CAAC;IA6B5C;;;;;;;OAOG;IACG,sBAAsB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAS7D;;;;;OAKG;IACG,aAAa,CAAC,OAAO,GAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,eAAe,CAAC;IAiBrF;;;;;;OAMG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAShE;;OAEG;IACG,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAMpC;;;;;;OAMG;IACG,oBAAoB,CACxB,OAAO,GAAE;QAAE,IAAI,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAO,GAC9C,OAAO,CAAC,mBAAmB,CAAC;IAQ/B;;;;;;OAMG;IACG,iBAAiB,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAS5E;;OAEG;IACG,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAMxC;;;;OAIG;IACG,sBAAsB,IAAI,OAAO,CAAC,gBAAgB,CAAC;IAazD;;;;;;OAMG;IACG,sBAAsB,CAAC,kBAAkB,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC;IAS3F;;OAEG;IACG,sBAAsB,IAAI,OAAO,CAAC,IAAI,CAAC;IAU7C;;;;;;;;;;;OAWG;IACG,SAAS,CAAC,OAAO,EAAE;QACvB,EAAE,EAAE,MAAM,EAAE,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;QACf,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,WAAW,CAAC,EAAE,KAAK,CAAC;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAC;YAAC,aAAa,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACvF,GAAG,OAAO,CAAC,OAAO,CAAC;IAKpB;;;;;;;OAOG;IACH,UAAU,CAAC,OAAO,GAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,gBAAgB,CAAA;KAAO,GAAG,cAAc,CAAC,OAAO,CAAC;IAKtG;;;;;;;OAOG;IACI,gBAAgB,CAAC,OAAO,GAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,gBAAgB,CAAA;KAAO,GAAG,cAAc,CAAC,OAAO,CAAC;IAMnH;;;;OAIG;IACG,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAOzD;;;;;OAKG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAK3D;;;;;OAKG;IACG,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IASxD;;;;;OAKG;IACG,SAAS,CAAC,OAAO,EAAE;QACvB,QAAQ,EAAE,MAAM,CAAC;QACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,GAAG,OAAO,CAAC,sBAAsB,CAAC;IASnC;;;;;OAKG;IACG,SAAS,CAAC,OAAO,GAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAO,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAKxF;;;;OAIG;IACG,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IASjE;;;;;;OAMG;IACG,0BAA0B,CAAC,OAAO,EAAE;QACxC,UAAU,EAAE,MAAM,CAAC;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAKjC,8DAA8D;IACxD,yBAAyB,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;IAKlE;;;;OAIG;IACG,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAK/E;;;;;;OAMG;IACG,0BAA0B,CAC9B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GACpE,OAAO,CAAC,oBAAoB,CAAC;IAKhC;;;;OAIG;IACG,0BAA0B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKlE;;;;;OAKG;IACG,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAStD;;;;;OAKG;IACG,MAAM,CAAC,OAAO,EAAE;QAAE,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,IAAI,CAAC;IAU7E;;;;;;;;OAQG;IACG,OAAO,IAAI,OAAO,CAAC,aAAa,CAAC;IAUvC,qEAAqE;IAC/D,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ7B,OAAO,CAAC,qBAAqB;IAQ7B,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,aAAa;IAQrB,OAAO,CAAC,wBAAwB;CAOjC"}

package/dist/agent_identity.js

@@ -8,13 +8,16 @@
  * identity's assigned channels so callers never need to pass an email
  * address or phone number ID explicitly.
  */
-import { InkboxAPIError } from "./_http.js";
+import { InkboxError } from "./_http.js";
+import { Credentials } from "./credentials.js";
 export class AgentIdentity {
     _data;
     _inkbox;
     _mailbox;
     _phoneNumber;
     _authenticatorApp;
+    _credentials = null;
+    _credentialsVaultRef = null; // tracks which _unlocked built the cache
     constructor(data, inkbox) {
         this._data = data;
         this._inkbox = inkbox;
@@ -34,6 +37,57 @@ export class AgentIdentity {
     get phoneNumber() { return this._phoneNumber; }
     /** The authenticator app currently assigned to this identity, or `null` if none. */
     get authenticatorApp() { return this._authenticatorApp; }
+    /**
+     * Identity-scoped credential access.
+     *
+     * Returns a {@link Credentials} object filtered to the secrets this
+     * identity has been granted access to. The vault must be unlocked
+     * first via `inkbox.vault.unlock(vaultKey)`.
+     *
+     * The result is cached and automatically invalidated when the
+     * vault is re-unlocked.  Call {@link refresh} to manually clear
+     * the cache (e.g. after access-rule changes).
+     *
+     * @throws Error if the vault has not been unlocked.
+     */
+    async getCredentials() {
+        // If the vault was unlocked via constructor vaultKey, wait for it.
+        if (this._inkbox._vaultUnlockPromise !== null) {
+            await this._inkbox._vaultUnlockPromise;
+        }
+        const vault = this._inkbox._vaultResource;
+        // Invalidate cache if the vault was re-unlocked since we last built it.
+        if (this._credentials !== null && vault._unlocked === this._credentialsVaultRef) {
+            return this._credentials;
+        }
+        this._requireVaultUnlocked();
+        const unlocked = vault._unlocked;
+        // Filter secrets by identity access rules (same logic as
+        // VaultResource.unlock with identityId).
+        const idStr = this.id;
+        const filtered = [];
+        for (const secret of unlocked.secrets) {
+            const rules = await vault.http.get(`/secrets/${secret.id}/access`);
+            if (rules.some((r) => r.identity_id === idStr)) {
+                filtered.push(secret);
+            }
+        }
+        this._credentials = new Credentials(filtered);
+        this._credentialsVaultRef = unlocked;
+        return this._credentials;
+    }
+    /**
+     * Revoke this identity's access to a vault secret.
+     *
+     * Also clears the credentials cache so the next call to
+     * {@link getCredentials} reflects the change.
+     *
+     * @param secretId - UUID of the secret to revoke access from.
+     */
+    async revokeCredentialAccess(secretId) {
+        await this._inkbox._vaultResource.revokeAccess(secretId, this.id);
+        this._credentials = null;
+    }
     // ------------------------------------------------------------------
     // Channel management
     // ------------------------------------------------------------------
@@ -311,7 +365,7 @@ export class AgentIdentity {
         return this._inkbox._authAccounts.update(this._authenticatorApp.id, accountId, options);
     }
     /**
-     * Soft-delete an authenticator account.
+     * Delete an authenticator account.
      *
      * @param accountId - UUID of the authenticator account to delete.
      */
@@ -350,6 +404,10 @@ export class AgentIdentity {
     /**
      * Re-fetch this identity from the API and update cached channels.
      *
+     * Also clears the credentials filter cache so the next call to
+     * {@link getCredentials} re-evaluates access rules.  (The cache is
+     * also automatically invalidated when the vault is re-unlocked.)
+     *
      * @returns `this` for chaining.
      */
     async refresh() {
@@ -358,28 +416,34 @@ export class AgentIdentity {
         this._mailbox = data.mailbox;
         this._phoneNumber = data.phoneNumber;
         this._authenticatorApp = data.authenticatorApp;
+        this._credentials = null;
         return this;
     }
-    /** Soft-delete this identity (unlinks channels without deleting them). */
+    /** Delete this identity (unlinks channels without deleting them). */
     async delete() {
         await this._inkbox._idsResource.delete(this.agentHandle);
     }
     // ------------------------------------------------------------------
     // Internal guards
     // ------------------------------------------------------------------
+    _requireVaultUnlocked() {
+        if (this._inkbox._vaultResource._unlocked === null) {
+            throw new InkboxError("Vault must be unlocked before accessing credentials. Call inkbox.vault.unlock(vaultKey) first.");
+        }
+    }
     _requireMailbox() {
         if (!this._mailbox) {
-            throw new InkboxAPIError(0, `Identity '${this.agentHandle}' has no mailbox assigned. Call identity.createMailbox() or identity.assignMailbox() first.`);
+            throw new InkboxError(`Identity '${this.agentHandle}' has no mailbox assigned. Call identity.createMailbox() or identity.assignMailbox() first.`);
         }
     }
     _requirePhone() {
         if (!this._phoneNumber) {
-            throw new InkboxAPIError(0, `Identity '${this.agentHandle}' has no phone number assigned. Call identity.provisionPhoneNumber() or identity.assignPhoneNumber() first.`);
+            throw new InkboxError(`Identity '${this.agentHandle}' has no phone number assigned. Call identity.provisionPhoneNumber() or identity.assignPhoneNumber() first.`);
         }
     }
     _requireAuthenticatorApp() {
         if (!this._authenticatorApp) {
-            throw new InkboxAPIError(0, `Identity '${this.agentHandle}' has no authenticator app assigned. Call identity.createAuthenticatorApp() or identity.assignAuthenticatorApp() first.`);
+            throw new InkboxError(`Identity '${this.agentHandle}' has no authenticator app assigned. Call identity.createAuthenticatorApp() or identity.assignAuthenticatorApp() first.`);
         }
     }
 }

package/dist/agent_identity.js.map

@@ -1 +1 @@
-{"version":3,"file":"agent_identity.js","sourceRoot":"","sources":["../src/agent_identity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAa5C,MAAM,OAAO,aAAa;IAChB,KAAK,CAAqB;IACjB,OAAO,CAAS;IACzB,QAAQ,CAAyB;IACjC,YAAY,CAA6B;IACzC,iBAAiB,CAAkC;IAE3D,YAAY,IAAwB,EAAE,MAAc;QAClD,IAAI,CAAC,KAAK,GAAgB,IAAI,CAAC;QAC/B,IAAI,CAAC,OAAO,GAAc,MAAM,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAa,IAAI,CAAC,OAAO,CAAC;QACvC,IAAI,CAAC,YAAY,GAAS,IAAI,CAAC,WAAW,CAAC;QAC3C,IAAI,CAAC,iBAAiB,GAAI,IAAI,CAAC,gBAAgB,CAAC;IAClD,CAAC;IAED,qEAAqE;IACrE,sBAAsB;IACtB,qEAAqE;IAErE,IAAI,WAAW,KAAa,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC;IAC5D,IAAI,EAAE,KAAuB,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACpD,IAAI,MAAM,KAAmB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IAExD,0EAA0E;IAC1E,IAAI,OAAO,KAA6B,OAAO,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAE/D,+EAA+E;IAC/E,IAAI,WAAW,KAAiC,OAAO,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;IAE3E,oFAAoF;IACpF,IAAI,gBAAgB,KAAsC,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAE1F,qEAAqE;IACrE,qBAAqB;IACrB,qEAAqE;IAErE;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,UAAoC,EAAE;QACxD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;YACnD,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,GAAG,OAAO;SACX,CAAC,CAAC;QACH,MAAM,MAAM,GAAoB;YAC9B,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;QACvB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB;QACnC,MAAM,IAAI,GAAM,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,WAAW,EAAE;YAC9E,SAAS;SACV,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAI,IAAI,CAAC,OAAO,CAAC;QAC9B,IAAI,CAAC,KAAK,GAAO,IAAI,CAAC;QACtB,OAAO,IAAI,CAAC,QAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAChE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,oBAAoB,CACxB,UAA6C,EAAE;QAE/C,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;QACrF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACnE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC;QACrC,IAAI,CAAC,KAAK,GAAU,IAAI,CAAC;QACzB,OAAO,IAAI,CAAC,YAAa,CAAC;IAC5B,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,iBAAiB,CAAC,aAAqB;QAC3C,MAAM,IAAI,GAAK,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAAE;YACjF,aAAa;SACd,CAAC,CAAC;QACH,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC;QACrC,IAAI,CAAC,KAAK,GAAU,IAAI,CAAC;QACzB,OAAO,IAAI,CAAC,YAAa,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB;QACrB,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,iBAAiB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACpE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB;QAC1B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QACnF,IAAI,CAAC,iBAAiB,GAAG;YACvB,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,cAAc,EAAE,GAAG,CAAC,cAAc;YAClC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,SAAS,EAAE,GAAG,CAAC,SAAS;SACzB,CAAC;QACF,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,sBAAsB,CAAC,kBAA0B;QACrD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,sBAAsB,CAAC,IAAI,CAAC,WAAW,EAAE;YACpF,kBAAkB;SACnB,CAAC,CAAC;QACH,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAC/C,IAAI,CAAC,KAAK,GAAe,IAAI,CAAC;QAC9B,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,sBAAsB;QAC1B,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,sBAAsB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACzE,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAChC,CAAC;IAED,qEAAqE;IACrE,eAAe;IACf,qEAAqE;IAErE;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,SAAS,CAAC,OASf;QACC,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC3E,CAAC;IAED;;;;;;;OAOG;IACH,UAAU,CAAC,UAAqE,EAAE;QAChF,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC3E,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,CAAC,gBAAgB,CAAC,UAAqE,EAAE;QAC7F,IAAI,KAAK,EAAE,MAAM,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC,GAAG,CAAC,MAAM;gBAAE,MAAM,GAAG,CAAC;QAC7B,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,cAAc,CAAC,UAAoB;QACvC,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;YAC5B,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,UAAU,CAAC,SAAiB;QAChC,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAC5E,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,QAAgB;QAC9B,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IAC1E,CAAC;IAED,qEAAqE;IACrE,gBAAgB;IAChB,qEAAqE;IAErE;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,OAGf;QACC,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC;YAC/B,UAAU,EAAW,IAAI,CAAC,YAAa,CAAC,MAAM;YAC9C,QAAQ,EAAa,OAAO,CAAC,QAAQ;YACrC,kBAAkB,EAAG,OAAO,CAAC,kBAAkB;SAChD,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,UAA+C,EAAE;QAC/D,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAa,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IAClE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,MAAc;QAClC,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,YAAa,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IACvE,CAAC;IAED,qEAAqE;IACrE,wBAAwB;IACxB,qEAAqE;IAErE;;;;;;OAMG;IACH,KAAK,CAAC,0BAA0B,CAAC,OAIhC;QACC,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IAChF,CAAC;IAED,8DAA8D;IAC9D,KAAK,CAAC,yBAAyB;QAC7B,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,CAAC,CAAC;IACrE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,uBAAuB,CAAC,SAAiB;QAC7C,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IAC/E,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,0BAA0B,CAC9B,SAAiB,EACjB,OAAqE;QAErE,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC3F,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,0BAA0B,CAAC,SAAiB;QAChD,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IACjF,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CAAC,SAAiB;QACjC,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IACvF,CAAC;IAED,qEAAqE;IACrE,sBAAsB;IACtB,qEAAqE;IAErE;;;;;OAKG;IACH,KAAK,CAAC,MAAM,CAAC,OAAgD;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACjF,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,MAAM;YACT,OAAO,EAAW,IAAI,CAAC,QAAQ;YAC/B,WAAW,EAAO,IAAI,CAAC,YAAY;YACnC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB;SACzC,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,GAAe,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC/E,IAAI,CAAC,KAAK,GAAe,IAAI,CAAC;QAC9B,IAAI,CAAC,QAAQ,GAAY,IAAI,CAAC,OAAO,CAAC;QACtC,IAAI,CAAC,YAAY,GAAQ,IAAI,CAAC,WAAW,CAAC;QAC1C,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAC/C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,0EAA0E;IAC1E,KAAK,CAAC,MAAM;QACV,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC3D,CAAC;IAED,qEAAqE;IACrE,kBAAkB;IAClB,qEAAqE;IAE7D,eAAe;QACrB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,MAAM,IAAI,cAAc,CACtB,CAAC,EACD,aAAa,IAAI,CAAC,WAAW,6FAA6F,CAC3H,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,aAAa;QACnB,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,cAAc,CACtB,CAAC,EACD,aAAa,IAAI,CAAC,WAAW,6GAA6G,CAC3I,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,wBAAwB;QAC9B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,IAAI,cAAc,CACtB,CAAC,EACD,aAAa,IAAI,CAAC,WAAW,yHAAyH,CACvJ,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
+{"version":3,"file":"agent_identity.js","sourceRoot":"","sources":["../src/agent_identity.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAkB,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAa/C,MAAM,OAAO,aAAa;IAChB,KAAK,CAAqB;IACjB,OAAO,CAAS;IACzB,QAAQ,CAAyB;IACjC,YAAY,CAA6B;IACzC,iBAAiB,CAAkC;IACnD,YAAY,GAAuB,IAAI,CAAC;IACxC,oBAAoB,GAAkB,IAAI,CAAC,CAAC,yCAAyC;IAE7F,YAAY,IAAwB,EAAE,MAAc;QAClD,IAAI,CAAC,KAAK,GAAgB,IAAI,CAAC;QAC/B,IAAI,CAAC,OAAO,GAAc,MAAM,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAa,IAAI,CAAC,OAAO,CAAC;QACvC,IAAI,CAAC,YAAY,GAAS,IAAI,CAAC,WAAW,CAAC;QAC3C,IAAI,CAAC,iBAAiB,GAAI,IAAI,CAAC,gBAAgB,CAAC;IAClD,CAAC;IAED,qEAAqE;IACrE,sBAAsB;IACtB,qEAAqE;IAErE,IAAI,WAAW,KAAa,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC;IAC5D,IAAI,EAAE,KAAuB,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IACpD,IAAI,MAAM,KAAmB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IAExD,0EAA0E;IAC1E,IAAI,OAAO,KAA6B,OAAO,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAE/D,+EAA+E;IAC/E,IAAI,WAAW,KAAiC,OAAO,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;IAE3E,oFAAoF;IACpF,IAAI,gBAAgB,KAAsC,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAE1F;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,cAAc;QAClB,mEAAmE;QACnE,IAAI,IAAI,CAAC,OAAO,CAAC,mBAAmB,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC;QACzC,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;QAC1C,wEAAwE;QACxE,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,IAAI,KAAK,CAAC,SAAS,KAAK,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAChF,OAAO,IAAI,CAAC,YAAY,CAAC;QAC3B,CAAC;QACD,IAAI,CAAC,qBAAqB,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC,SAAU,CAAC;QAClC,yDAAyD;QACzD,yCAAyC;QACzC,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC;QACtB,MAAM,QAAQ,GAAG,EAAE,CAAC;QACpB,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAEhC,YAAY,MAAM,CAAC,EAAE,SAAS,CAAC,CAAC;YAClC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,KAAK,CAAC,EAAE,CAAC;gBAC/C,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,oBAAoB,GAAG,QAAQ,CAAC;QACrC,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,sBAAsB,CAAC,QAAgB;QAC3C,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;IAC3B,CAAC;IAED,qEAAqE;IACrE,qBAAqB;IACrB,qEAAqE;IAErE;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,UAAoC,EAAE;QACxD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC;YACnD,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,GAAG,OAAO;SACX,CAAC,CAAC;QACH,MAAM,MAAM,GAAoB;YAC9B,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC;QACvB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB;QACnC,MAAM,IAAI,GAAM,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,WAAW,EAAE;YAC9E,SAAS;SACV,CAAC,CAAC;QACH,IAAI,CAAC,QAAQ,GAAI,IAAI,CAAC,OAAO,CAAC;QAC9B,IAAI,CAAC,KAAK,GAAO,IAAI,CAAC;QACtB,OAAO,IAAI,CAAC,QAAS,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAChE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,oBAAoB,CACxB,UAA6C,EAAE;QAE/C,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;QACrF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACnE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC;QACrC,IAAI,CAAC,KAAK,GAAU,IAAI,CAAC;QACzB,OAAO,IAAI,CAAC,YAAa,CAAC;IAC5B,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,iBAAiB,CAAC,aAAqB;QAC3C,MAAM,IAAI,GAAK,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,iBAAiB,CAAC,IAAI,CAAC,WAAW,EAAE;YACjF,aAAa;SACd,CAAC,CAAC;QACH,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC;QACrC,IAAI,CAAC,KAAK,GAAU,IAAI,CAAC;QACzB,OAAO,IAAI,CAAC,YAAa,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB;QACrB,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,iBAAiB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACpE,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;IAC3B,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB;QAC1B,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QACnF,IAAI,CAAC,iBAAiB,GAAG;YACvB,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,cAAc,EAAE,GAAG,CAAC,cAAc;YAClC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,SAAS,EAAE,GAAG,CAAC,SAAS;SACzB,CAAC;QACF,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,sBAAsB,CAAC,kBAA0B;QACrD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,sBAAsB,CAAC,IAAI,CAAC,WAAW,EAAE;YACpF,kBAAkB;SACnB,CAAC,CAAC;QACH,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAC/C,IAAI,CAAC,KAAK,GAAe,IAAI,CAAC;QAC9B,OAAO,IAAI,CAAC,iBAAkB,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,sBAAsB;QAC1B,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,sBAAsB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACzE,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;IAChC,CAAC;IAED,qEAAqE;IACrE,eAAe;IACf,qEAAqE;IAErE;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,SAAS,CAAC,OASf;QACC,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC3E,CAAC;IAED;;;;;;;OAOG;IACH,UAAU,CAAC,UAA+D,EAAE;QAC1E,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC3E,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,CAAC,gBAAgB,CAAC,UAA+D,EAAE;QACvF,IAAI,KAAK,EAAE,MAAM,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC,GAAG,CAAC,MAAM;gBAAE,MAAM,GAAG,CAAC;QAC7B,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,cAAc,CAAC,UAAoB;QACvC,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;YAC5B,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,UAAU,CAAC,SAAiB;QAChC,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IAC5E,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,QAAgB;QAC9B,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,QAAS,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IAC1E,CAAC;IAED,qEAAqE;IACrE,gBAAgB;IAChB,qEAAqE;IAErE;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,OAGf;QACC,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC;YAC/B,UAAU,EAAW,IAAI,CAAC,YAAa,CAAC,MAAM;YAC9C,QAAQ,EAAa,OAAO,CAAC,QAAQ;YACrC,kBAAkB,EAAG,OAAO,CAAC,kBAAkB;SAChD,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,UAA+C,EAAE;QAC/D,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAa,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IAClE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,MAAc;QAClC,IAAI,CAAC,aAAa,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,YAAa,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IACvE,CAAC;IAED,qEAAqE;IACrE,wBAAwB;IACxB,qEAAqE;IAErE;;;;;;OAMG;IACH,KAAK,CAAC,0BAA0B,CAAC,OAIhC;QACC,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IAChF,CAAC;IAED,8DAA8D;IAC9D,KAAK,CAAC,yBAAyB;QAC7B,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,CAAC,CAAC;IACrE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,uBAAuB,CAAC,SAAiB;QAC7C,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IAC/E,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,0BAA0B,CAC9B,SAAiB,EACjB,OAAqE;QAErE,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAC3F,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,0BAA0B,CAAC,SAAiB;QAChD,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,MAAM,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IACjF,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CAAC,SAAiB;QACjC,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,IAAI,CAAC,iBAAkB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IACvF,CAAC;IAED,qEAAqE;IACrE,sBAAsB;IACtB,qEAAqE;IAErE;;;;;OAKG;IACH,KAAK,CAAC,MAAM,CAAC,OAAgD;QAC3D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACjF,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,MAAM;YACT,OAAO,EAAW,IAAI,CAAC,QAAQ;YAC/B,WAAW,EAAO,IAAI,CAAC,YAAY;YACnC,gBAAgB,EAAE,IAAI,CAAC,iBAAiB;SACzC,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,GAAe,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC/E,IAAI,CAAC,KAAK,GAAe,IAAI,CAAC;QAC9B,IAAI,CAAC,QAAQ,GAAY,IAAI,CAAC,OAAO,CAAC;QACtC,IAAI,CAAC,YAAY,GAAQ,IAAI,CAAC,WAAW,CAAC;QAC1C,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAC/C,IAAI,CAAC,YAAY,GAAQ,IAAI,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,qEAAqE;IACrE,KAAK,CAAC,MAAM;QACV,MAAM,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC3D,CAAC;IAED,qEAAqE;IACrE,kBAAkB;IAClB,qEAAqE;IAE7D,qBAAqB;QAC3B,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;YACnD,MAAM,IAAI,WAAW,CACnB,gGAAgG,CACjG,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,eAAe;QACrB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,MAAM,IAAI,WAAW,CACnB,aAAa,IAAI,CAAC,WAAW,6FAA6F,CAC3H,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,aAAa;QACnB,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,WAAW,CACnB,aAAa,IAAI,CAAC,WAAW,6GAA6G,CAC3I,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,wBAAwB;QAC9B,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,IAAI,WAAW,CACnB,aAAa,IAAI,CAAC,WAAW,yHAAyH,CACvJ,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}

package/dist/authenticator/resources/accounts.d.ts

@@ -49,7 +49,7 @@ export declare class AuthenticatorAccountsResource {
         description?: string | null;
     }): Promise<AuthenticatorAccount>;
     /**
-     * Soft-delete an authenticator account.
+     * Delete an authenticator account.
      *
      * @param authenticatorAppId - UUID of the parent authenticator app.
      * @param accountId - UUID of the authenticator account to delete.

package/dist/authenticator/resources/accounts.js

@@ -65,7 +65,7 @@ export class AuthenticatorAccountsResource {
         return parseAuthenticatorAccount(data);
     }
     /**
-     * Soft-delete an authenticator account.
+     * Delete an authenticator account.
      *
      * @param authenticatorAppId - UUID of the parent authenticator app.
      * @param accountId - UUID of the authenticator account to delete.

package/dist/authenticator/resources/apps.d.ts

@@ -26,10 +26,10 @@ export declare class AuthenticatorAppsResource {
      */
     get(authenticatorAppId: string): Promise<AuthenticatorApp>;
     /**
-     * Soft-delete an authenticator app.
+     * Delete an authenticator app.
      *
      * This also unlinks the app from its identity (if any) and
-     * soft-deletes all child authenticator accounts.
+     * deletes all child authenticator accounts.
      *
      * @param authenticatorAppId - UUID of the authenticator app to delete.
      */

package/dist/authenticator/resources/apps.js

@@ -38,10 +38,10 @@ export class AuthenticatorAppsResource {
         return parseAuthenticatorApp(data);
     }
     /**
-     * Soft-delete an authenticator app.
+     * Delete an authenticator app.
      *
      * This also unlinks the app from its identity (if any) and
-     * soft-deletes all child authenticator accounts.
+     * deletes all child authenticator accounts.
      *
      * @param authenticatorAppId - UUID of the authenticator app to delete.
      */

package/dist/credentials.d.ts

@@ -0,0 +1,86 @@
+/**
+ * inkbox/src/credentials.ts
+ *
+ * Credentials — agent-facing credential access, typed and identity-scoped.
+ *
+ * This is the *runtime* surface for agents that need their credentials.
+ * The vault remains the *admin* surface for creating secrets, managing
+ * keys, and configuring access rules.
+ */
+import type { APIKeyPayload, DecryptedVaultSecret, KeyPairPayload, LoginPayload, SSHKeyPayload } from "./vault/types.js";
+/**
+ * Agent-facing credential access — typed, identity-scoped.
+ *
+ * Wraps a pre-filtered list of {@link DecryptedVaultSecret} objects and
+ * provides typed accessors so agents can retrieve credentials without
+ * dealing with vault internals.
+ *
+ * Obtain via {@link AgentIdentity.getCredentials} after unlocking the vault:
+ *
+ * ```ts
+ * await inkbox.vault.unlock("my-Vault-key-01!");
+ * const identity = await inkbox.getIdentity("support-bot");
+ *
+ * const creds = await identity.getCredentials();
+ * const logins = creds.listLogins();
+ * const apiKey = creds.getApiKey("cccc3333-...");
+ * ```
+ */
+export declare class Credentials {
+    private readonly _secrets;
+    private readonly _byId;
+    constructor(secrets: DecryptedVaultSecret[]);
+    /** List all credentials this identity has access to. */
+    list(): DecryptedVaultSecret[];
+    /** List login credentials (username/password). */
+    listLogins(): DecryptedVaultSecret[];
+    /** List API key credentials. */
+    listApiKeys(): DecryptedVaultSecret[];
+    /** List key pair credentials (access key + secret key). */
+    listKeyPairs(): DecryptedVaultSecret[];
+    /** List SSH key credentials. */
+    listSshKeys(): DecryptedVaultSecret[];
+    /**
+     * Get any credential by UUID.
+     *
+     * @param secretId - UUID of the secret.
+     * @throws Error if no credential with this UUID is accessible.
+     */
+    get(secretId: string): DecryptedVaultSecret;
+    /**
+     * Get a login credential's payload by UUID.
+     *
+     * @param secretId - UUID of the secret.
+     * @throws Error if not found.
+     * @throws TypeError if the credential is not a login type.
+     */
+    getLogin(secretId: string): LoginPayload;
+    /**
+     * Get an API key credential's payload by UUID.
+     *
+     * @param secretId - UUID of the secret.
+     * @throws Error if not found.
+     * @throws TypeError if the credential is not an api_key type.
+     */
+    getApiKey(secretId: string): APIKeyPayload;
+    /**
+     * Get a key pair credential's payload by UUID.
+     *
+     * @param secretId - UUID of the secret.
+     * @throws Error if not found.
+     * @throws TypeError if the credential is not a key_pair type.
+     */
+    getKeyPair(secretId: string): KeyPairPayload;
+    /**
+     * Get an SSH key credential's payload by UUID.
+     *
+     * @param secretId - UUID of the secret.
+     * @throws Error if not found.
+     * @throws TypeError if the credential is not an ssh_key type.
+     */
+    getSshKey(secretId: string): SSHKeyPayload;
+    private _getTyped;
+    /** Number of credentials accessible to this identity. */
+    get length(): number;
+}
+//# sourceMappingURL=credentials.d.ts.map

package/dist/credentials.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EACV,aAAa,EACb,oBAAoB,EACpB,cAAc,EACd,YAAY,EACZ,aAAa,EACd,MAAM,kBAAkB,CAAC;AAG1B;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAyB;IAClD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAoC;gBAE9C,OAAO,EAAE,oBAAoB,EAAE;IAS3C,wDAAwD;IACxD,IAAI,IAAI,oBAAoB,EAAE;IAI9B,kDAAkD;IAClD,UAAU,IAAI,oBAAoB,EAAE;IAIpC,gCAAgC;IAChC,WAAW,IAAI,oBAAoB,EAAE;IAIrC,2DAA2D;IAC3D,YAAY,IAAI,oBAAoB,EAAE;IAItC,gCAAgC;IAChC,WAAW,IAAI,oBAAoB,EAAE;IAQrC;;;;;OAKG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,oBAAoB;IAU3C;;;;;;OAMG;IACH,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,YAAY;IAIxC;;;;;;OAMG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa;IAI1C;;;;;;OAMG;IACH,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc;IAI5C;;;;;;OAMG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa;IAQ1C,OAAO,CAAC,SAAS;IAUjB,yDAAyD;IACzD,IAAI,MAAM,IAAI,MAAM,CAEnB;CACF"}