@knowledge-stack/ksapi 1.80.0 → 1.81.0

package/.openapi-generator/FILES

@@ -104,6 +104,8 @@ docs/MembershipResponse.md
 docs/MessageRole.md
 docs/MeteredQuotaStatus.md
 docs/NonFilesystemReferenceType.md
+docs/OnboardingCompanyRequest.md
+docs/OnboardingProfileRequest.md
 docs/PaginatedResponseAnnotatedUnionFolderResponseDocumentResponseDiscriminator.md
 docs/PaginatedResponseAnnotatedUnionSectionContentItemChunkContentItemDiscriminator.md
 docs/PaginatedResponseDocumentResponse.md
@@ -161,6 +163,7 @@ docs/StepInput.md
 docs/StepKind.md
 docs/StepOutput.md
 docs/SubmitFeedbackRequest.md
+docs/SubmitSubscriptionResponse.md
 docs/SubscriptionPlanResponse.md
 docs/SubscriptionsApi.md
 docs/SubtreeChunkGroup.md
@@ -342,6 +345,8 @@ src/models/MembershipResponse.ts
 src/models/MessageRole.ts
 src/models/MeteredQuotaStatus.ts
 src/models/NonFilesystemReferenceType.ts
+src/models/OnboardingCompanyRequest.ts
+src/models/OnboardingProfileRequest.ts
 src/models/PaginatedResponseAnnotatedUnionFolderResponseDocumentResponseDiscriminator.ts
 src/models/PaginatedResponseAnnotatedUnionSectionContentItemChunkContentItemDiscriminator.ts
 src/models/PaginatedResponseDocumentResponse.ts
@@ -396,6 +401,7 @@ src/models/StepInput.ts
 src/models/StepKind.ts
 src/models/StepOutput.ts
 src/models/SubmitFeedbackRequest.ts
+src/models/SubmitSubscriptionResponse.ts
 src/models/SubscriptionPlanResponse.ts
 src/models/SubtreeChunkGroup.ts
 src/models/SubtreeChunksResponse.ts

package/README.md

@@ -1,4 +1,4 @@
-# @knowledge-stack/ksapi@1.80.0
+# @knowledge-stack/ksapi@1.81.0
 
 A TypeScript SDK client for the localhost API.
 
@@ -180,7 +180,10 @@ All URIs are relative to *http://localhost:8000*
 *UserPermissionsApi* | [**listUserPermissions**](docs/UserPermissionsApi.md#listuserpermissions) | **GET** /v1/user-permissions | List User Permissions Handler
 *UserPermissionsApi* | [**updateUserPermission**](docs/UserPermissionsApi.md#updateuserpermission) | **PATCH** /v1/user-permissions/{permission_id} | Update User Permission Handler
 *UsersApi* | [**getMe**](docs/UsersApi.md#getme) | **GET** /v1/users/me | Get Me Handler
+*UsersApi* | [**skipOnboarding**](docs/UsersApi.md#skiponboarding) | **POST** /v1/users/me/onboarding/skip | Skip Onboarding Handler
 *UsersApi* | [**updateMe**](docs/UsersApi.md#updateme) | **PATCH** /v1/users | Update Me Handler
+*UsersApi* | [**updateOnboardingCompany**](docs/UsersApi.md#updateonboardingcompany) | **PATCH** /v1/users/me/onboarding/company | Update Onboarding Company Handler
+*UsersApi* | [**updateOnboardingProfile**](docs/UsersApi.md#updateonboardingprofile) | **PATCH** /v1/users/me/onboarding/profile | Update Onboarding Profile Handler
 *WorkflowDefinitionsApi* | [**createWorkflowDefinition**](docs/WorkflowDefinitionsApi.md#createworkflowdefinitionoperation) | **POST** /v1/workflow-definitions | Create Workflow Definition Handler
 *WorkflowDefinitionsApi* | [**deleteWorkflowDefinition**](docs/WorkflowDefinitionsApi.md#deleteworkflowdefinition) | **DELETE** /v1/workflow-definitions/{definition_id} | Delete Workflow Definition Handler
 *WorkflowDefinitionsApi* | [**getWorkflowDefinition**](docs/WorkflowDefinitionsApi.md#getworkflowdefinition) | **GET** /v1/workflow-definitions/{definition_id} | Get Workflow Definition Handler
@@ -290,6 +293,8 @@ All URIs are relative to *http://localhost:8000*
 - [MessageRole](docs/MessageRole.md)
 - [MeteredQuotaStatus](docs/MeteredQuotaStatus.md)
 - [NonFilesystemReferenceType](docs/NonFilesystemReferenceType.md)
+- [OnboardingCompanyRequest](docs/OnboardingCompanyRequest.md)
+- [OnboardingProfileRequest](docs/OnboardingProfileRequest.md)
 - [PaginatedResponseAnnotatedUnionFolderResponseDocumentResponseDiscriminator](docs/PaginatedResponseAnnotatedUnionFolderResponseDocumentResponseDiscriminator.md)
 - [PaginatedResponseAnnotatedUnionSectionContentItemChunkContentItemDiscriminator](docs/PaginatedResponseAnnotatedUnionSectionContentItemChunkContentItemDiscriminator.md)
 - [PaginatedResponseDocumentResponse](docs/PaginatedResponseDocumentResponse.md)
@@ -344,6 +349,7 @@ All URIs are relative to *http://localhost:8000*
 - [StepKind](docs/StepKind.md)
 - [StepOutput](docs/StepOutput.md)
 - [SubmitFeedbackRequest](docs/SubmitFeedbackRequest.md)
+- [SubmitSubscriptionResponse](docs/SubmitSubscriptionResponse.md)
 - [SubscriptionPlanResponse](docs/SubscriptionPlanResponse.md)
 - [SubtreeChunkGroup](docs/SubtreeChunkGroup.md)
 - [SubtreeChunksResponse](docs/SubtreeChunksResponse.md)
@@ -408,7 +414,7 @@ and is automatically generated by the
 [OpenAPI Generator](https://openapi-generator.tech) project:
 
 - API version: `0.1.0`
-- Package version: `1.80.0`
+- Package version: `1.81.0`
 - Generator version: `7.21.0`
 - Build package: `org.openapitools.codegen.languages.TypeScriptFetchClientCodegen`
 

package/dist/apis/AgentApi.d.ts

@@ -38,7 +38,7 @@ export interface AgentApiInterface {
      */
     agentAskRequestOpts(requestParameters: AgentAskRequest): Promise<runtime.RequestOpts>;
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * @summary Agent Ask Handler
      * @param {AskRequest} askRequest
      * @param {string} [authorization]
@@ -49,7 +49,7 @@ export interface AgentApiInterface {
      */
     agentAskRaw(requestParameters: AgentAskRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<AskResponse>>;
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * Agent Ask Handler
      */
     agentAsk(requestParameters: AgentAskRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<AskResponse>;
@@ -88,12 +88,12 @@ export declare class AgentApi extends runtime.BaseAPI implements AgentApiInterfa
      */
     agentAskRequestOpts(requestParameters: AgentAskRequest): Promise<runtime.RequestOpts>;
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * Agent Ask Handler
      */
     agentAskRaw(requestParameters: AgentAskRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<AskResponse>>;
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * Agent Ask Handler
      */
     agentAsk(requestParameters: AgentAskRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<AskResponse>;

package/dist/apis/AgentApi.js

@@ -87,7 +87,7 @@ class AgentApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * Agent Ask Handler
      */
     agentAskRaw(requestParameters, initOverrides) {
@@ -98,7 +98,7 @@ class AgentApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * Agent Ask Handler
      */
     agentAsk(requestParameters, initOverrides) {

package/dist/apis/SubscriptionsApi.d.ts

@@ -10,7 +10,7 @@
  * Do not edit the class manually.
  */
 import * as runtime from '../runtime';
-import type { ChangeSubscriptionRequest, SubscriptionPlanResponse, TenantResponse } from '../models/index';
+import type { ChangeSubscriptionRequest, SubmitSubscriptionResponse, SubscriptionPlanResponse } from '../models/index';
 export interface ChangeTenantSubscriptionRequest {
     tenantId: string;
     changeSubscriptionRequest: ChangeSubscriptionRequest;
@@ -42,7 +42,7 @@ export interface SubscriptionsApiInterface {
      */
     changeTenantSubscriptionRequestOpts(requestParameters: ChangeTenantSubscriptionRequest): Promise<runtime.RequestOpts>;
     /**
-     * Change the tenant\'s subscription plan and/or seat count.  OWNER-only on the target tenant. Covers three scenarios with one shape:   - Plan change (with optional seat-count change).   - Pure seat-count change (same plan, different ``num_seats``).   - No-op (same plan, same seats) — returns 200, performs no DB or     Stripe writes.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — retries in that case are NOT deduplicated. v1 mock-Stripe doesn\'t care, but the contract is in place for the real integration.
+     * Submit a subscription change (mock-Stripe).  OWNER-only on the target tenant. Validates the request (tenant + plan exist, ``num_seats`` within bounds), submits the (mock-)Stripe subscription update, and returns 202. The plan/seat write is NOT applied here — that happens in ``POST /webhooks/stripe/subscription`` after Stripe confirms the change.  Async two-hop workflow per ``docs/billing_additional_limits.md`` §\"Async payment workflow\": the dev environment exercises the same submit/webhook split as production will when the real Stripe SDK replaces the log-line stub in ``notify_billing``.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — but only when a Stripe call is actually about to fire (i.e. the validation passed AND the change is not a no-op). Warning before validation would false-positive on every 4xx and on every redundant submit.  **Header value lands in structured logs.** The header value is forwarded into the ``stripe.update_subscription`` log event\'s ``idempotency_key`` field (and into the eventual real Stripe call). Use opaque random IDs (e.g. ``uuid4()``); do NOT pass user identifiers, tokens, or other sensitive material as the ``Idempotency-Key`` header.
      * @summary Change Tenant Subscription Handler
      * @param {string} tenantId
      * @param {ChangeSubscriptionRequest} changeSubscriptionRequest
@@ -53,12 +53,12 @@ export interface SubscriptionsApiInterface {
      * @throws {RequiredError}
      * @memberof SubscriptionsApiInterface
      */
-    changeTenantSubscriptionRaw(requestParameters: ChangeTenantSubscriptionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<TenantResponse>>;
+    changeTenantSubscriptionRaw(requestParameters: ChangeTenantSubscriptionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<SubmitSubscriptionResponse>>;
     /**
-     * Change the tenant\'s subscription plan and/or seat count.  OWNER-only on the target tenant. Covers three scenarios with one shape:   - Plan change (with optional seat-count change).   - Pure seat-count change (same plan, different ``num_seats``).   - No-op (same plan, same seats) — returns 200, performs no DB or     Stripe writes.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — retries in that case are NOT deduplicated. v1 mock-Stripe doesn\'t care, but the contract is in place for the real integration.
+     * Submit a subscription change (mock-Stripe).  OWNER-only on the target tenant. Validates the request (tenant + plan exist, ``num_seats`` within bounds), submits the (mock-)Stripe subscription update, and returns 202. The plan/seat write is NOT applied here — that happens in ``POST /webhooks/stripe/subscription`` after Stripe confirms the change.  Async two-hop workflow per ``docs/billing_additional_limits.md`` §\"Async payment workflow\": the dev environment exercises the same submit/webhook split as production will when the real Stripe SDK replaces the log-line stub in ``notify_billing``.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — but only when a Stripe call is actually about to fire (i.e. the validation passed AND the change is not a no-op). Warning before validation would false-positive on every 4xx and on every redundant submit.  **Header value lands in structured logs.** The header value is forwarded into the ``stripe.update_subscription`` log event\'s ``idempotency_key`` field (and into the eventual real Stripe call). Use opaque random IDs (e.g. ``uuid4()``); do NOT pass user identifiers, tokens, or other sensitive material as the ``Idempotency-Key`` header.
      * Change Tenant Subscription Handler
      */
-    changeTenantSubscription(requestParameters: ChangeTenantSubscriptionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<TenantResponse>;
+    changeTenantSubscription(requestParameters: ChangeTenantSubscriptionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<SubmitSubscriptionResponse>;
     /**
      * Creates request options for getTenantSubscription without sending the request
      * @param {string} tenantId
@@ -94,15 +94,15 @@ export declare class SubscriptionsApi extends runtime.BaseAPI implements Subscri
      */
     changeTenantSubscriptionRequestOpts(requestParameters: ChangeTenantSubscriptionRequest): Promise<runtime.RequestOpts>;
     /**
-     * Change the tenant\'s subscription plan and/or seat count.  OWNER-only on the target tenant. Covers three scenarios with one shape:   - Plan change (with optional seat-count change).   - Pure seat-count change (same plan, different ``num_seats``).   - No-op (same plan, same seats) — returns 200, performs no DB or     Stripe writes.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — retries in that case are NOT deduplicated. v1 mock-Stripe doesn\'t care, but the contract is in place for the real integration.
+     * Submit a subscription change (mock-Stripe).  OWNER-only on the target tenant. Validates the request (tenant + plan exist, ``num_seats`` within bounds), submits the (mock-)Stripe subscription update, and returns 202. The plan/seat write is NOT applied here — that happens in ``POST /webhooks/stripe/subscription`` after Stripe confirms the change.  Async two-hop workflow per ``docs/billing_additional_limits.md`` §\"Async payment workflow\": the dev environment exercises the same submit/webhook split as production will when the real Stripe SDK replaces the log-line stub in ``notify_billing``.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — but only when a Stripe call is actually about to fire (i.e. the validation passed AND the change is not a no-op). Warning before validation would false-positive on every 4xx and on every redundant submit.  **Header value lands in structured logs.** The header value is forwarded into the ``stripe.update_subscription`` log event\'s ``idempotency_key`` field (and into the eventual real Stripe call). Use opaque random IDs (e.g. ``uuid4()``); do NOT pass user identifiers, tokens, or other sensitive material as the ``Idempotency-Key`` header.
      * Change Tenant Subscription Handler
      */
-    changeTenantSubscriptionRaw(requestParameters: ChangeTenantSubscriptionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<TenantResponse>>;
+    changeTenantSubscriptionRaw(requestParameters: ChangeTenantSubscriptionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<SubmitSubscriptionResponse>>;
     /**
-     * Change the tenant\'s subscription plan and/or seat count.  OWNER-only on the target tenant. Covers three scenarios with one shape:   - Plan change (with optional seat-count change).   - Pure seat-count change (same plan, different ``num_seats``).   - No-op (same plan, same seats) — returns 200, performs no DB or     Stripe writes.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — retries in that case are NOT deduplicated. v1 mock-Stripe doesn\'t care, but the contract is in place for the real integration.
+     * Submit a subscription change (mock-Stripe).  OWNER-only on the target tenant. Validates the request (tenant + plan exist, ``num_seats`` within bounds), submits the (mock-)Stripe subscription update, and returns 202. The plan/seat write is NOT applied here — that happens in ``POST /webhooks/stripe/subscription`` after Stripe confirms the change.  Async two-hop workflow per ``docs/billing_additional_limits.md`` §\"Async payment workflow\": the dev environment exercises the same submit/webhook split as production will when the real Stripe SDK replaces the log-line stub in ``notify_billing``.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — but only when a Stripe call is actually about to fire (i.e. the validation passed AND the change is not a no-op). Warning before validation would false-positive on every 4xx and on every redundant submit.  **Header value lands in structured logs.** The header value is forwarded into the ``stripe.update_subscription`` log event\'s ``idempotency_key`` field (and into the eventual real Stripe call). Use opaque random IDs (e.g. ``uuid4()``); do NOT pass user identifiers, tokens, or other sensitive material as the ``Idempotency-Key`` header.
      * Change Tenant Subscription Handler
      */
-    changeTenantSubscription(requestParameters: ChangeTenantSubscriptionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<TenantResponse>;
+    changeTenantSubscription(requestParameters: ChangeTenantSubscriptionRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<SubmitSubscriptionResponse>;
     /**
      * Creates request options for getTenantSubscription without sending the request
      */

package/dist/apis/SubscriptionsApi.js

@@ -94,18 +94,18 @@ class SubscriptionsApi extends runtime.BaseAPI {
         });
     }
     /**
-     * Change the tenant\'s subscription plan and/or seat count.  OWNER-only on the target tenant. Covers three scenarios with one shape:   - Plan change (with optional seat-count change).   - Pure seat-count change (same plan, different ``num_seats``).   - No-op (same plan, same seats) — returns 200, performs no DB or     Stripe writes.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — retries in that case are NOT deduplicated. v1 mock-Stripe doesn\'t care, but the contract is in place for the real integration.
+     * Submit a subscription change (mock-Stripe).  OWNER-only on the target tenant. Validates the request (tenant + plan exist, ``num_seats`` within bounds), submits the (mock-)Stripe subscription update, and returns 202. The plan/seat write is NOT applied here — that happens in ``POST /webhooks/stripe/subscription`` after Stripe confirms the change.  Async two-hop workflow per ``docs/billing_additional_limits.md`` §\"Async payment workflow\": the dev environment exercises the same submit/webhook split as production will when the real Stripe SDK replaces the log-line stub in ``notify_billing``.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — but only when a Stripe call is actually about to fire (i.e. the validation passed AND the change is not a no-op). Warning before validation would false-positive on every 4xx and on every redundant submit.  **Header value lands in structured logs.** The header value is forwarded into the ``stripe.update_subscription`` log event\'s ``idempotency_key`` field (and into the eventual real Stripe call). Use opaque random IDs (e.g. ``uuid4()``); do NOT pass user identifiers, tokens, or other sensitive material as the ``Idempotency-Key`` header.
      * Change Tenant Subscription Handler
      */
     changeTenantSubscriptionRaw(requestParameters, initOverrides) {
         return __awaiter(this, void 0, void 0, function* () {
             const requestOptions = yield this.changeTenantSubscriptionRequestOpts(requestParameters);
             const response = yield this.request(requestOptions, initOverrides);
-            return new runtime.JSONApiResponse(response, (jsonValue) => (0, index_1.TenantResponseFromJSON)(jsonValue));
+            return new runtime.JSONApiResponse(response, (jsonValue) => (0, index_1.SubmitSubscriptionResponseFromJSON)(jsonValue));
         });
     }
     /**
-     * Change the tenant\'s subscription plan and/or seat count.  OWNER-only on the target tenant. Covers three scenarios with one shape:   - Plan change (with optional seat-count change).   - Pure seat-count change (same plan, different ``num_seats``).   - No-op (same plan, same seats) — returns 200, performs no DB or     Stripe writes.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — retries in that case are NOT deduplicated. v1 mock-Stripe doesn\'t care, but the contract is in place for the real integration.
+     * Submit a subscription change (mock-Stripe).  OWNER-only on the target tenant. Validates the request (tenant + plan exist, ``num_seats`` within bounds), submits the (mock-)Stripe subscription update, and returns 202. The plan/seat write is NOT applied here — that happens in ``POST /webhooks/stripe/subscription`` after Stripe confirms the change.  Async two-hop workflow per ``docs/billing_additional_limits.md`` §\"Async payment workflow\": the dev environment exercises the same submit/webhook split as production will when the real Stripe SDK replaces the log-line stub in ``notify_billing``.  Optional ``Idempotency-Key`` request header is forwarded to Stripe verbatim (clients that retry the same logical operation MUST send the same value across attempts; Stripe collapses duplicates server- side). Absent the header, the server generates a fresh ``uuid4()`` per call and emits a warning — but only when a Stripe call is actually about to fire (i.e. the validation passed AND the change is not a no-op). Warning before validation would false-positive on every 4xx and on every redundant submit.  **Header value lands in structured logs.** The header value is forwarded into the ``stripe.update_subscription`` log event\'s ``idempotency_key`` field (and into the eventual real Stripe call). Use opaque random IDs (e.g. ``uuid4()``); do NOT pass user identifiers, tokens, or other sensitive material as the ``Idempotency-Key`` header.
      * Change Tenant Subscription Handler
      */
     changeTenantSubscription(requestParameters, initOverrides) {

package/dist/apis/UsersApi.d.ts

@@ -10,16 +10,30 @@
  * Do not edit the class manually.
  */
 import * as runtime from '../runtime';
-import type { UpdateUserRequest, UserResponse } from '../models/index';
+import type { OnboardingCompanyRequest, OnboardingProfileRequest, UpdateUserRequest, UserResponse } from '../models/index';
 export interface GetMeRequest {
     authorization?: string | null;
     ksUat?: string | null;
 }
+export interface SkipOnboardingRequest {
+    authorization?: string | null;
+    ksUat?: string | null;
+}
 export interface UpdateMeRequest {
     updateUserRequest: UpdateUserRequest;
     authorization?: string | null;
     ksUat?: string | null;
 }
+export interface UpdateOnboardingCompanyRequest {
+    onboardingCompanyRequest: OnboardingCompanyRequest;
+    authorization?: string | null;
+    ksUat?: string | null;
+}
+export interface UpdateOnboardingProfileRequest {
+    onboardingProfileRequest: OnboardingProfileRequest;
+    authorization?: string | null;
+    ksUat?: string | null;
+}
 /**
  * UsersApi - interface
  *
@@ -50,6 +64,29 @@ export interface UsersApiInterface {
      * Get Me Handler
      */
     getMe(requestParameters: GetMeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
+    /**
+     * Creates request options for skipOnboarding without sending the request
+     * @param {string} [authorization]
+     * @param {string} [ksUat]
+     * @throws {RequiredError}
+     * @memberof UsersApiInterface
+     */
+    skipOnboardingRequestOpts(requestParameters: SkipOnboardingRequest): Promise<runtime.RequestOpts>;
+    /**
+     * Mark onboarding complete without writing any profile/company fields.  Idempotent — calling this after onboarding is already complete returns the current state unchanged (the CRUD only stamps the timestamp when it is NULL).
+     * @summary Skip Onboarding Handler
+     * @param {string} [authorization]
+     * @param {string} [ksUat]
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof UsersApiInterface
+     */
+    skipOnboardingRaw(requestParameters: SkipOnboardingRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<UserResponse>>;
+    /**
+     * Mark onboarding complete without writing any profile/company fields.  Idempotent — calling this after onboarding is already complete returns the current state unchanged (the CRUD only stamps the timestamp when it is NULL).
+     * Skip Onboarding Handler
+     */
+    skipOnboarding(requestParameters: SkipOnboardingRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
     /**
      * Creates request options for updateMe without sending the request
      * @param {UpdateUserRequest} updateUserRequest
@@ -75,6 +112,56 @@ export interface UsersApiInterface {
      * Update Me Handler
      */
     updateMe(requestParameters: UpdateMeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
+    /**
+     * Creates request options for updateOnboardingCompany without sending the request
+     * @param {OnboardingCompanyRequest} onboardingCompanyRequest
+     * @param {string} [authorization]
+     * @param {string} [ksUat]
+     * @throws {RequiredError}
+     * @memberof UsersApiInterface
+     */
+    updateOnboardingCompanyRequestOpts(requestParameters: UpdateOnboardingCompanyRequest): Promise<runtime.RequestOpts>;
+    /**
+     * Step 1 of onboarding: tenant-wide company info.  Writes ``industry`` and ``description`` into the current tenant\'s settings JSONB. Restricted to OWNER and ADMIN — invited USERs see a pre-filled, read-only step on the frontend instead.  Does not mark onboarding complete; the user finishes via the profile step. Re-running while the wizard is still open overwrites prior values; once onboarding has been completed/skipped, this endpoint returns 409. Post-onboarding edits go through PATCH /v1/tenants/{id}.
+     * @summary Update Onboarding Company Handler
+     * @param {OnboardingCompanyRequest} onboardingCompanyRequest
+     * @param {string} [authorization]
+     * @param {string} [ksUat]
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof UsersApiInterface
+     */
+    updateOnboardingCompanyRaw(requestParameters: UpdateOnboardingCompanyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<UserResponse>>;
+    /**
+     * Step 1 of onboarding: tenant-wide company info.  Writes ``industry`` and ``description`` into the current tenant\'s settings JSONB. Restricted to OWNER and ADMIN — invited USERs see a pre-filled, read-only step on the frontend instead.  Does not mark onboarding complete; the user finishes via the profile step. Re-running while the wizard is still open overwrites prior values; once onboarding has been completed/skipped, this endpoint returns 409. Post-onboarding edits go through PATCH /v1/tenants/{id}.
+     * Update Onboarding Company Handler
+     */
+    updateOnboardingCompany(requestParameters: UpdateOnboardingCompanyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
+    /**
+     * Creates request options for updateOnboardingProfile without sending the request
+     * @param {OnboardingProfileRequest} onboardingProfileRequest
+     * @param {string} [authorization]
+     * @param {string} [ksUat]
+     * @throws {RequiredError}
+     * @memberof UsersApiInterface
+     */
+    updateOnboardingProfileRequestOpts(requestParameters: UpdateOnboardingProfileRequest): Promise<runtime.RequestOpts>;
+    /**
+     * Step 2 (final) of onboarding: per-user profile for the current tenant.  Writes name to the User row (global) and job_title to the TenantUser row (per-tenant), then stamps ``onboarding_completed_at`` on the membership. Returns 409 if onboarding has already been completed or skipped — post-onboarding edits go through PATCH /v1/users (name) or a future per-membership profile endpoint (job_title).
+     * @summary Update Onboarding Profile Handler
+     * @param {OnboardingProfileRequest} onboardingProfileRequest
+     * @param {string} [authorization]
+     * @param {string} [ksUat]
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     * @memberof UsersApiInterface
+     */
+    updateOnboardingProfileRaw(requestParameters: UpdateOnboardingProfileRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<UserResponse>>;
+    /**
+     * Step 2 (final) of onboarding: per-user profile for the current tenant.  Writes name to the User row (global) and job_title to the TenantUser row (per-tenant), then stamps ``onboarding_completed_at`` on the membership. Returns 409 if onboarding has already been completed or skipped — post-onboarding edits go through PATCH /v1/users (name) or a future per-membership profile endpoint (job_title).
+     * Update Onboarding Profile Handler
+     */
+    updateOnboardingProfile(requestParameters: UpdateOnboardingProfileRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
 }
 /**
  *
@@ -94,6 +181,20 @@ export declare class UsersApi extends runtime.BaseAPI implements UsersApiInterfa
      * Get Me Handler
      */
     getMe(requestParameters?: GetMeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
+    /**
+     * Creates request options for skipOnboarding without sending the request
+     */
+    skipOnboardingRequestOpts(requestParameters: SkipOnboardingRequest): Promise<runtime.RequestOpts>;
+    /**
+     * Mark onboarding complete without writing any profile/company fields.  Idempotent — calling this after onboarding is already complete returns the current state unchanged (the CRUD only stamps the timestamp when it is NULL).
+     * Skip Onboarding Handler
+     */
+    skipOnboardingRaw(requestParameters: SkipOnboardingRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<UserResponse>>;
+    /**
+     * Mark onboarding complete without writing any profile/company fields.  Idempotent — calling this after onboarding is already complete returns the current state unchanged (the CRUD only stamps the timestamp when it is NULL).
+     * Skip Onboarding Handler
+     */
+    skipOnboarding(requestParameters?: SkipOnboardingRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
     /**
      * Creates request options for updateMe without sending the request
      */
@@ -108,4 +209,32 @@ export declare class UsersApi extends runtime.BaseAPI implements UsersApiInterfa
      * Update Me Handler
      */
     updateMe(requestParameters: UpdateMeRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
+    /**
+     * Creates request options for updateOnboardingCompany without sending the request
+     */
+    updateOnboardingCompanyRequestOpts(requestParameters: UpdateOnboardingCompanyRequest): Promise<runtime.RequestOpts>;
+    /**
+     * Step 1 of onboarding: tenant-wide company info.  Writes ``industry`` and ``description`` into the current tenant\'s settings JSONB. Restricted to OWNER and ADMIN — invited USERs see a pre-filled, read-only step on the frontend instead.  Does not mark onboarding complete; the user finishes via the profile step. Re-running while the wizard is still open overwrites prior values; once onboarding has been completed/skipped, this endpoint returns 409. Post-onboarding edits go through PATCH /v1/tenants/{id}.
+     * Update Onboarding Company Handler
+     */
+    updateOnboardingCompanyRaw(requestParameters: UpdateOnboardingCompanyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<UserResponse>>;
+    /**
+     * Step 1 of onboarding: tenant-wide company info.  Writes ``industry`` and ``description`` into the current tenant\'s settings JSONB. Restricted to OWNER and ADMIN — invited USERs see a pre-filled, read-only step on the frontend instead.  Does not mark onboarding complete; the user finishes via the profile step. Re-running while the wizard is still open overwrites prior values; once onboarding has been completed/skipped, this endpoint returns 409. Post-onboarding edits go through PATCH /v1/tenants/{id}.
+     * Update Onboarding Company Handler
+     */
+    updateOnboardingCompany(requestParameters: UpdateOnboardingCompanyRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
+    /**
+     * Creates request options for updateOnboardingProfile without sending the request
+     */
+    updateOnboardingProfileRequestOpts(requestParameters: UpdateOnboardingProfileRequest): Promise<runtime.RequestOpts>;
+    /**
+     * Step 2 (final) of onboarding: per-user profile for the current tenant.  Writes name to the User row (global) and job_title to the TenantUser row (per-tenant), then stamps ``onboarding_completed_at`` on the membership. Returns 409 if onboarding has already been completed or skipped — post-onboarding edits go through PATCH /v1/users (name) or a future per-membership profile endpoint (job_title).
+     * Update Onboarding Profile Handler
+     */
+    updateOnboardingProfileRaw(requestParameters: UpdateOnboardingProfileRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<UserResponse>>;
+    /**
+     * Step 2 (final) of onboarding: per-user profile for the current tenant.  Writes name to the User row (global) and job_title to the TenantUser row (per-tenant), then stamps ``onboarding_completed_at`` on the membership. Returns 409 if onboarding has already been completed or skipped — post-onboarding edits go through PATCH /v1/users (name) or a future per-membership profile endpoint (job_title).
+     * Update Onboarding Profile Handler
+     */
+    updateOnboardingProfile(requestParameters: UpdateOnboardingProfileRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<UserResponse>;
 }

package/dist/apis/UsersApi.js

@@ -102,6 +102,46 @@ class UsersApi extends runtime.BaseAPI {
             return yield response.value();
         });
     }
+    /**
+     * Creates request options for skipOnboarding without sending the request
+     */
+    skipOnboardingRequestOpts(requestParameters) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const queryParameters = {};
+            const headerParameters = {};
+            if (requestParameters['authorization'] != null) {
+                headerParameters['authorization'] = String(requestParameters['authorization']);
+            }
+            let urlPath = `/v1/users/me/onboarding/skip`;
+            return {
+                path: urlPath,
+                method: 'POST',
+                headers: headerParameters,
+                query: queryParameters,
+            };
+        });
+    }
+    /**
+     * Mark onboarding complete without writing any profile/company fields.  Idempotent — calling this after onboarding is already complete returns the current state unchanged (the CRUD only stamps the timestamp when it is NULL).
+     * Skip Onboarding Handler
+     */
+    skipOnboardingRaw(requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const requestOptions = yield this.skipOnboardingRequestOpts(requestParameters);
+            const response = yield this.request(requestOptions, initOverrides);
+            return new runtime.JSONApiResponse(response, (jsonValue) => (0, index_1.UserResponseFromJSON)(jsonValue));
+        });
+    }
+    /**
+     * Mark onboarding complete without writing any profile/company fields.  Idempotent — calling this after onboarding is already complete returns the current state unchanged (the CRUD only stamps the timestamp when it is NULL).
+     * Skip Onboarding Handler
+     */
+    skipOnboarding() {
+        return __awaiter(this, arguments, void 0, function* (requestParameters = {}, initOverrides) {
+            const response = yield this.skipOnboardingRaw(requestParameters, initOverrides);
+            return yield response.value();
+        });
+    }
     /**
      * Creates request options for updateMe without sending the request
      */
@@ -147,5 +187,95 @@ class UsersApi extends runtime.BaseAPI {
             return yield response.value();
         });
     }
+    /**
+     * Creates request options for updateOnboardingCompany without sending the request
+     */
+    updateOnboardingCompanyRequestOpts(requestParameters) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (requestParameters['onboardingCompanyRequest'] == null) {
+                throw new runtime.RequiredError('onboardingCompanyRequest', 'Required parameter "onboardingCompanyRequest" was null or undefined when calling updateOnboardingCompany().');
+            }
+            const queryParameters = {};
+            const headerParameters = {};
+            headerParameters['Content-Type'] = 'application/json';
+            if (requestParameters['authorization'] != null) {
+                headerParameters['authorization'] = String(requestParameters['authorization']);
+            }
+            let urlPath = `/v1/users/me/onboarding/company`;
+            return {
+                path: urlPath,
+                method: 'PATCH',
+                headers: headerParameters,
+                query: queryParameters,
+                body: (0, index_1.OnboardingCompanyRequestToJSON)(requestParameters['onboardingCompanyRequest']),
+            };
+        });
+    }
+    /**
+     * Step 1 of onboarding: tenant-wide company info.  Writes ``industry`` and ``description`` into the current tenant\'s settings JSONB. Restricted to OWNER and ADMIN — invited USERs see a pre-filled, read-only step on the frontend instead.  Does not mark onboarding complete; the user finishes via the profile step. Re-running while the wizard is still open overwrites prior values; once onboarding has been completed/skipped, this endpoint returns 409. Post-onboarding edits go through PATCH /v1/tenants/{id}.
+     * Update Onboarding Company Handler
+     */
+    updateOnboardingCompanyRaw(requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const requestOptions = yield this.updateOnboardingCompanyRequestOpts(requestParameters);
+            const response = yield this.request(requestOptions, initOverrides);
+            return new runtime.JSONApiResponse(response, (jsonValue) => (0, index_1.UserResponseFromJSON)(jsonValue));
+        });
+    }
+    /**
+     * Step 1 of onboarding: tenant-wide company info.  Writes ``industry`` and ``description`` into the current tenant\'s settings JSONB. Restricted to OWNER and ADMIN — invited USERs see a pre-filled, read-only step on the frontend instead.  Does not mark onboarding complete; the user finishes via the profile step. Re-running while the wizard is still open overwrites prior values; once onboarding has been completed/skipped, this endpoint returns 409. Post-onboarding edits go through PATCH /v1/tenants/{id}.
+     * Update Onboarding Company Handler
+     */
+    updateOnboardingCompany(requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const response = yield this.updateOnboardingCompanyRaw(requestParameters, initOverrides);
+            return yield response.value();
+        });
+    }
+    /**
+     * Creates request options for updateOnboardingProfile without sending the request
+     */
+    updateOnboardingProfileRequestOpts(requestParameters) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (requestParameters['onboardingProfileRequest'] == null) {
+                throw new runtime.RequiredError('onboardingProfileRequest', 'Required parameter "onboardingProfileRequest" was null or undefined when calling updateOnboardingProfile().');
+            }
+            const queryParameters = {};
+            const headerParameters = {};
+            headerParameters['Content-Type'] = 'application/json';
+            if (requestParameters['authorization'] != null) {
+                headerParameters['authorization'] = String(requestParameters['authorization']);
+            }
+            let urlPath = `/v1/users/me/onboarding/profile`;
+            return {
+                path: urlPath,
+                method: 'PATCH',
+                headers: headerParameters,
+                query: queryParameters,
+                body: (0, index_1.OnboardingProfileRequestToJSON)(requestParameters['onboardingProfileRequest']),
+            };
+        });
+    }
+    /**
+     * Step 2 (final) of onboarding: per-user profile for the current tenant.  Writes name to the User row (global) and job_title to the TenantUser row (per-tenant), then stamps ``onboarding_completed_at`` on the membership. Returns 409 if onboarding has already been completed or skipped — post-onboarding edits go through PATCH /v1/users (name) or a future per-membership profile endpoint (job_title).
+     * Update Onboarding Profile Handler
+     */
+    updateOnboardingProfileRaw(requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const requestOptions = yield this.updateOnboardingProfileRequestOpts(requestParameters);
+            const response = yield this.request(requestOptions, initOverrides);
+            return new runtime.JSONApiResponse(response, (jsonValue) => (0, index_1.UserResponseFromJSON)(jsonValue));
+        });
+    }
+    /**
+     * Step 2 (final) of onboarding: per-user profile for the current tenant.  Writes name to the User row (global) and job_title to the TenantUser row (per-tenant), then stamps ``onboarding_completed_at`` on the membership. Returns 409 if onboarding has already been completed or skipped — post-onboarding edits go through PATCH /v1/users (name) or a future per-membership profile endpoint (job_title).
+     * Update Onboarding Profile Handler
+     */
+    updateOnboardingProfile(requestParameters, initOverrides) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const response = yield this.updateOnboardingProfileRaw(requestParameters, initOverrides);
+            return yield response.value();
+        });
+    }
 }
 exports.UsersApi = UsersApi;

package/dist/esm/apis/AgentApi.d.ts

@@ -38,7 +38,7 @@ export interface AgentApiInterface {
      */
     agentAskRequestOpts(requestParameters: AgentAskRequest): Promise<runtime.RequestOpts>;
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * @summary Agent Ask Handler
      * @param {AskRequest} askRequest
      * @param {string} [authorization]
@@ -49,7 +49,7 @@ export interface AgentApiInterface {
      */
     agentAskRaw(requestParameters: AgentAskRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<AskResponse>>;
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * Agent Ask Handler
      */
     agentAsk(requestParameters: AgentAskRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<AskResponse>;
@@ -88,12 +88,12 @@ export declare class AgentApi extends runtime.BaseAPI implements AgentApiInterfa
      */
     agentAskRequestOpts(requestParameters: AgentAskRequest): Promise<runtime.RequestOpts>;
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * Agent Ask Handler
      */
     agentAskRaw(requestParameters: AgentAskRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<AskResponse>>;
     /**
-     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refunds on any failure between consume and ``handle.result()`` returning — pre-enqueue ``start_workflow`` raises and post-enqueue workflow failures both refund.
+     * Run a one-shot text agent request to completion and return the payload.  The request blocks until the underlying Temporal workflow finishes. Clients should set a generous HTTP timeout to accommodate tool-heavy runs.  Quota: consumes one MESSAGE before ``start_workflow``. Refund semantics distinguish cause:  * **Cancellation** (client disconnect → ``asyncio.CancelledError``,   OR explicit ``DELETE /v1/workflows/{id}`` while we await   ``handle.result()`` → Temporal-wrapped ``CancelledError``)   → **NO REFUND.** The user walked away or actively cancelled;   that\'s their volition. We still best-effort cancel the   workflow so the agent stops burning LLM tokens, but the   consume stays charged. Detection uses   ``temporalio.exceptions.is_cancelled_exception`` which spans   both forms. * Any other exception (pre-enqueue ``start_workflow`` raise,   Temporal failure, workflow-internal error) → **REFUND.** Server   / our-problem failures don\'t bill the user.
      * Agent Ask Handler
      */
     agentAsk(requestParameters: AgentAskRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<AskResponse>;