@openid4vc/openid4vp 0.5.0-alpha-20260202131209 → 0.5.0-alpha-20260202155954

package/dist/index.d.mts

@@ -281,10 +281,115 @@ declare const zOpenid4vpAuthorizationRequestDcApi: z.ZodObject<{
 type Openid4vpAuthorizationRequestDcApi = z.infer<typeof zOpenid4vpAuthorizationRequestDcApi>;
 declare function isOpenid4vpAuthorizationRequestDcApi(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpJarAuthorizationRequest): request is Openid4vpAuthorizationRequestDcApi;
 //#endregion
+//#region src/authorization-request/z-authorization-request-iae.d.ts
+/**
+ * Authorization Request schema for Interactive Authorization Endpoint (IAE) flow
+ *
+ * IAE is used in OpenID4VCI when the authorization server needs to interact
+ * directly with the wallet (e.g., requesting credential presentation) as part
+ * of the authorization process.
+ *
+ * Key differences from DC API:
+ * - Uses iae_post/iae_post.jwt response modes
+ * - Uses expected_url instead of expected_origins for signed requests
+ * - Response is sent back to the Interactive Authorization Endpoint
+ */
+declare const zOpenid4vpAuthorizationRequestIae: z.ZodObject<{
+  response_type: z.ZodLiteral<"vp_token">;
+  client_id: z.ZodOptional<z.ZodString>;
+  nonce: z.ZodString;
+  scope: z.ZodOptional<z.ZodNever>;
+  client_metadata: z.ZodOptional<z.ZodObject<{
+    logo_uri: z.ZodOptional<z.ZodUnion<[z.ZodURL, z.ZodString]>>;
+    client_name: z.ZodOptional<z.ZodString>;
+    authorization_signed_response_alg: z.ZodOptional<z.ZodString>;
+    authorization_encrypted_response_alg: z.ZodOptional<z.ZodString>;
+    authorization_encrypted_response_enc: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    jwks_uri: z.ZodOptional<z.ZodURL>;
+    jwks: z.ZodOptional<z.ZodObject<{
+      keys: z.ZodArray<z.ZodObject<{
+        kty: z.ZodString;
+        crv: z.ZodOptional<z.ZodString>;
+        x: z.ZodOptional<z.ZodString>;
+        y: z.ZodOptional<z.ZodString>;
+        e: z.ZodOptional<z.ZodString>;
+        n: z.ZodOptional<z.ZodString>;
+        alg: z.ZodOptional<z.ZodString>;
+        d: z.ZodOptional<z.ZodString>;
+        dp: z.ZodOptional<z.ZodString>;
+        dq: z.ZodOptional<z.ZodString>;
+        ext: z.ZodOptional<z.ZodBoolean>;
+        k: z.ZodOptional<z.ZodString>;
+        key_ops: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        kid: z.ZodOptional<z.ZodString>;
+        oth: z.ZodOptional<z.ZodArray<z.ZodObject<{
+          d: z.ZodOptional<z.ZodString>;
+          r: z.ZodOptional<z.ZodString>;
+          t: z.ZodOptional<z.ZodString>;
+        }, z.core.$loose>>>;
+        p: z.ZodOptional<z.ZodString>;
+        q: z.ZodOptional<z.ZodString>;
+        qi: z.ZodOptional<z.ZodString>;
+        use: z.ZodOptional<z.ZodString>;
+        x5c: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        x5t: z.ZodOptional<z.ZodString>;
+        'x5t#S256': z.ZodOptional<z.ZodString>;
+        x5u: z.ZodOptional<z.ZodString>;
+      }, z.core.$loose>>;
+    }, z.core.$loose>>;
+    vp_formats: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
+      alg_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$loose>>>;
+    vp_formats_supported: z.ZodOptional<z.ZodObject<{
+      'dc+sd-jwt': z.ZodOptional<z.ZodObject<{
+        'sd-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
+        'kb-jwt_alg_values': z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
+      }, z.core.$loose>>;
+      jwt_vc_json: z.ZodOptional<z.ZodObject<{
+        alg_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
+      }, z.core.$loose>>;
+      ldp_vc: z.ZodOptional<z.ZodObject<{
+        proof_type_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
+        cryptosuite_values: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
+      }, z.core.$loose>>;
+      mso_mdoc: z.ZodOptional<z.ZodObject<{
+        issuer_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
+        device_signed_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
+        issuerauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
+        deviceauth_alg_values: z.ZodOptional<z.ZodTuple<[z.ZodNumber], z.ZodNumber>>;
+      }, z.core.$loose>>;
+    }, z.core.$catchall<z.ZodObject<{}, z.core.$loose>>>>;
+    encrypted_response_enc_values_supported: z.ZodOptional<z.ZodArray<z.ZodString>>;
+  }, z.core.$loose>>;
+  state: z.ZodOptional<z.ZodString>;
+  transaction_data: z.ZodOptional<z.ZodArray<z.ZodBase64URL>>;
+  trust_chain: z.ZodOptional<z.ZodTuple<[z.ZodString], z.ZodString>>;
+  client_id_scheme: z.ZodOptional<z.ZodNever>;
+  verifier_attestations: z.ZodOptional<z.ZodArray<z.ZodObject<{
+    format: z.ZodString;
+    data: z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodString]>;
+    credential_ids: z.ZodOptional<z.ZodArray<z.ZodString>>;
+  }, z.core.$strip>>>;
+  verifier_info: z.ZodOptional<z.ZodArray<z.ZodObject<{
+    format: z.ZodString;
+    data: z.ZodUnion<[z.ZodRecord<z.ZodString, z.ZodUnknown>, z.ZodString]>;
+    credential_ids: z.ZodOptional<z.ZodArray<z.ZodString>>;
+  }, z.core.$strip>>>;
+  response_mode: z.ZodEnum<{
+    iae_post: "iae_post";
+    "iae_post.jwt": "iae_post.jwt";
+  }>;
+  dcql_query: z.ZodRecord<z.ZodString, z.ZodAny>;
+  expected_url: z.ZodOptional<z.ZodString>;
+  expected_origins: z.ZodOptional<z.ZodNever>;
+}, z.core.$loose>;
+type Openid4vpAuthorizationRequestIae = z.infer<typeof zOpenid4vpAuthorizationRequestIae>;
+declare function isOpenid4vpAuthorizationRequestIae(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestIae | Openid4vpJarAuthorizationRequest): request is Openid4vpAuthorizationRequestIae;
+//#endregion
 //#region src/authorization-request/create-authorization-request.d.ts
 interface CreateOpenid4vpAuthorizationRequestOptions {
   scheme?: string;
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
+  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpAuthorizationRequestIae;
   jar?: Pick<CreateJarAuthorizationRequestOptions, 'additionalJwtPayload' | 'requestUri' | 'jwtSigner' | 'expiresInSeconds'>;
   wallet?: WalletVerificationOptions;
   callbacks: Pick<CallbackContext, 'signJwt' | 'encryptJwe'>;
@@ -513,6 +618,104 @@ declare function createOpenid4vpAuthorizationRequest(options: CreateOpenid4vpAut
     expected_origins?: string[] | undefined;
     client_id_scheme?: undefined;
     scope?: undefined;
+  } | {
+    [x: string]: unknown;
+    response_type: "vp_token";
+    nonce: string;
+    response_mode: "iae_post" | "iae_post.jwt";
+    dcql_query: Record<string, any>;
+    client_id?: string | undefined;
+    scope?: undefined;
+    client_metadata?: {
+      [x: string]: unknown;
+      logo_uri?: string | undefined;
+      client_name?: string | undefined;
+      authorization_signed_response_alg?: string | undefined;
+      authorization_encrypted_response_alg?: string | undefined;
+      authorization_encrypted_response_enc?: string | undefined;
+      jwks_uri?: string | undefined;
+      jwks?: {
+        [x: string]: unknown;
+        keys: {
+          [x: string]: unknown;
+          kty: string;
+          crv?: string | undefined;
+          x?: string | undefined;
+          y?: string | undefined;
+          e?: string | undefined;
+          n?: string | undefined;
+          alg?: string | undefined;
+          d?: string | undefined;
+          dp?: string | undefined;
+          dq?: string | undefined;
+          ext?: boolean | undefined;
+          k?: string | undefined;
+          key_ops?: string[] | undefined;
+          kid?: string | undefined;
+          oth?: {
+            [x: string]: unknown;
+            d?: string | undefined;
+            r?: string | undefined;
+            t?: string | undefined;
+          }[] | undefined;
+          p?: string | undefined;
+          q?: string | undefined;
+          qi?: string | undefined;
+          use?: string | undefined;
+          x5c?: string[] | undefined;
+          x5t?: string | undefined;
+          'x5t#S256'?: string | undefined;
+          x5u?: string | undefined;
+        }[];
+      } | undefined;
+      vp_formats?: Record<string, {
+        [x: string]: unknown;
+        alg_values_supported?: string[] | undefined;
+      }> | undefined;
+      vp_formats_supported?: {
+        [x: string]: {
+          [x: string]: unknown;
+        };
+        'dc+sd-jwt'?: {
+          [x: string]: unknown;
+          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
+          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
+        } | undefined;
+        jwt_vc_json?: {
+          [x: string]: unknown;
+          alg_values?: [string, ...string[]] | undefined;
+        } | undefined;
+        ldp_vc?: {
+          [x: string]: unknown;
+          proof_type_values?: [string, ...string[]] | undefined;
+          cryptosuite_values?: [string, ...string[]] | undefined;
+        } | undefined;
+        mso_mdoc?: {
+          [x: string]: unknown;
+          issuer_signed_alg_values?: [number, ...number[]] | undefined;
+          device_signed_alg_values?: [number, ...number[]] | undefined;
+          issuerauth_alg_values?: [number, ...number[]] | undefined;
+          deviceauth_alg_values?: [number, ...number[]] | undefined;
+        } | undefined;
+      } | undefined;
+      encrypted_response_enc_values_supported?: string[] | undefined;
+    } | undefined;
+    state?: string | undefined;
+    transaction_data?: string[] | undefined;
+    trust_chain?: [string, ...string[]] | undefined;
+    client_id_scheme?: undefined;
+    verifier_attestations?: {
+      format: string;
+      data: string | Record<string, unknown>;
+      credential_ids?: string[] | undefined;
+    }[] | undefined;
+    verifier_info?: {
+      format: string;
+      data: string | Record<string, unknown>;
+      credential_ids?: string[] | undefined;
+    }[] | undefined;
+    expected_url?: string | undefined;
+    expected_origins?: undefined;
   };
   authorizationRequestObject: {
     [x: string]: unknown;
@@ -799,22 +1002,14 @@ declare function createOpenid4vpAuthorizationRequest(options: CreateOpenid4vpAut
     expected_origins?: string[] | undefined;
     client_id_scheme?: undefined;
     scope?: undefined;
-  };
-  authorizationRequestObject: {
+  } | {
     [x: string]: unknown;
     response_type: "vp_token";
-    client_id: string;
     nonce: string;
-    redirect_uri?: string | undefined;
-    response_uri?: string | undefined;
-    request_uri?: string | undefined;
-    request_uri_method?: string | undefined;
-    response_mode?: "direct_post" | "direct_post.jwt" | undefined;
-    wallet_nonce?: string | undefined;
-    scope?: string | undefined;
-    presentation_definition?: any;
-    presentation_definition_uri?: string | undefined;
-    dcql_query?: any;
+    response_mode: "iae_post" | "iae_post.jwt";
+    dcql_query: Record<string, any>;
+    client_id?: string | undefined;
+    scope?: undefined;
     client_metadata?: {
       [x: string]: unknown;
       logo_uri?: string | undefined;
@@ -889,11 +1084,10 @@ declare function createOpenid4vpAuthorizationRequest(options: CreateOpenid4vpAut
       } | undefined;
       encrypted_response_enc_values_supported?: string[] | undefined;
     } | undefined;
-    client_metadata_uri?: string | undefined;
     state?: string | undefined;
     transaction_data?: string[] | undefined;
     trust_chain?: [string, ...string[]] | undefined;
-    client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
+    client_id_scheme?: undefined;
     verifier_attestations?: {
       format: string;
       data: string | Record<string, unknown>;
@@ -904,12 +1098,23 @@ declare function createOpenid4vpAuthorizationRequest(options: CreateOpenid4vpAut
       data: string | Record<string, unknown>;
       credential_ids?: string[] | undefined;
     }[] | undefined;
-  } | {
+    expected_url?: string | undefined;
+    expected_origins?: undefined;
+  };
+  authorizationRequestObject: {
     [x: string]: unknown;
     response_type: "vp_token";
+    client_id: string;
     nonce: string;
-    response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
+    redirect_uri?: string | undefined;
+    response_uri?: string | undefined;
+    request_uri?: string | undefined;
+    request_uri_method?: string | undefined;
+    response_mode?: "direct_post" | "direct_post.jwt" | undefined;
+    wallet_nonce?: string | undefined;
+    scope?: string | undefined;
     presentation_definition?: any;
+    presentation_definition_uri?: string | undefined;
     dcql_query?: any;
     client_metadata?: {
       [x: string]: unknown;
@@ -985,9 +1190,11 @@ declare function createOpenid4vpAuthorizationRequest(options: CreateOpenid4vpAut
       } | undefined;
       encrypted_response_enc_values_supported?: string[] | undefined;
     } | undefined;
+    client_metadata_uri?: string | undefined;
     state?: string | undefined;
     transaction_data?: string[] | undefined;
     trust_chain?: [string, ...string[]] | undefined;
+    client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
     verifier_attestations?: {
       format: string;
       data: string | Record<string, unknown>;
@@ -998,46 +1205,243 @@ declare function createOpenid4vpAuthorizationRequest(options: CreateOpenid4vpAut
       data: string | Record<string, unknown>;
       credential_ids?: string[] | undefined;
     }[] | undefined;
-    client_id?: string | undefined;
-    expected_origins?: string[] | undefined;
-    client_id_scheme?: undefined;
-    scope?: undefined;
-  };
-  authorizationRequest: string;
-  jar: undefined;
-}>;
-//#endregion
-//#region src/authorization-request/parse-authorization-request-params.d.ts
-interface ParsedJarRequest {
-  type: 'jar';
-  provided: 'uri' | 'jwt' | 'params';
-  params: Openid4vpJarAuthorizationRequest;
-}
-interface ParsedOpenid4vpAuthorizationRequest {
-  type: 'openid4vp';
-  provided: 'uri' | 'jwt' | 'params';
-  params: Openid4vpAuthorizationRequest;
-}
-interface ParsedOpenid4vpDcApiAuthorizationRequest {
-  type: 'openid4vp_dc_api';
-  provided: 'uri' | 'jwt' | 'params';
-  params: Openid4vpAuthorizationRequestDcApi;
-}
-interface ParseOpenid4vpAuthorizationRequestOptions {
-  authorizationRequest: string | Record<string, unknown>;
-}
-declare function parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
-//#endregion
-//#region src/jar/handle-jar-request/verify-jar-request.d.ts
-interface VerifiedJarRequest {
-  authorizationRequestPayload: JarRequestObjectPayload;
-  sendBy: 'value' | 'reference';
-  decryptionJwk?: Jwk;
-  signer: JwtSignerWithJwk;
-  jwt: DecodeJwtResult<undefined, typeof zJarRequestObjectPayload>;
-}
-//#endregion
-//#region src/models/z-client-metadata.d.ts
+  } | {
+    [x: string]: unknown;
+    response_type: "vp_token";
+    nonce: string;
+    response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
+    presentation_definition?: any;
+    dcql_query?: any;
+    client_metadata?: {
+      [x: string]: unknown;
+      logo_uri?: string | undefined;
+      client_name?: string | undefined;
+      authorization_signed_response_alg?: string | undefined;
+      authorization_encrypted_response_alg?: string | undefined;
+      authorization_encrypted_response_enc?: string | undefined;
+      jwks_uri?: string | undefined;
+      jwks?: {
+        [x: string]: unknown;
+        keys: {
+          [x: string]: unknown;
+          kty: string;
+          crv?: string | undefined;
+          x?: string | undefined;
+          y?: string | undefined;
+          e?: string | undefined;
+          n?: string | undefined;
+          alg?: string | undefined;
+          d?: string | undefined;
+          dp?: string | undefined;
+          dq?: string | undefined;
+          ext?: boolean | undefined;
+          k?: string | undefined;
+          key_ops?: string[] | undefined;
+          kid?: string | undefined;
+          oth?: {
+            [x: string]: unknown;
+            d?: string | undefined;
+            r?: string | undefined;
+            t?: string | undefined;
+          }[] | undefined;
+          p?: string | undefined;
+          q?: string | undefined;
+          qi?: string | undefined;
+          use?: string | undefined;
+          x5c?: string[] | undefined;
+          x5t?: string | undefined;
+          'x5t#S256'?: string | undefined;
+          x5u?: string | undefined;
+        }[];
+      } | undefined;
+      vp_formats?: Record<string, {
+        [x: string]: unknown;
+        alg_values_supported?: string[] | undefined;
+      }> | undefined;
+      vp_formats_supported?: {
+        [x: string]: {
+          [x: string]: unknown;
+        };
+        'dc+sd-jwt'?: {
+          [x: string]: unknown;
+          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
+          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
+        } | undefined;
+        jwt_vc_json?: {
+          [x: string]: unknown;
+          alg_values?: [string, ...string[]] | undefined;
+        } | undefined;
+        ldp_vc?: {
+          [x: string]: unknown;
+          proof_type_values?: [string, ...string[]] | undefined;
+          cryptosuite_values?: [string, ...string[]] | undefined;
+        } | undefined;
+        mso_mdoc?: {
+          [x: string]: unknown;
+          issuer_signed_alg_values?: [number, ...number[]] | undefined;
+          device_signed_alg_values?: [number, ...number[]] | undefined;
+          issuerauth_alg_values?: [number, ...number[]] | undefined;
+          deviceauth_alg_values?: [number, ...number[]] | undefined;
+        } | undefined;
+      } | undefined;
+      encrypted_response_enc_values_supported?: string[] | undefined;
+    } | undefined;
+    state?: string | undefined;
+    transaction_data?: string[] | undefined;
+    trust_chain?: [string, ...string[]] | undefined;
+    verifier_attestations?: {
+      format: string;
+      data: string | Record<string, unknown>;
+      credential_ids?: string[] | undefined;
+    }[] | undefined;
+    verifier_info?: {
+      format: string;
+      data: string | Record<string, unknown>;
+      credential_ids?: string[] | undefined;
+    }[] | undefined;
+    client_id?: string | undefined;
+    expected_origins?: string[] | undefined;
+    client_id_scheme?: undefined;
+    scope?: undefined;
+  } | {
+    [x: string]: unknown;
+    response_type: "vp_token";
+    nonce: string;
+    response_mode: "iae_post" | "iae_post.jwt";
+    dcql_query: Record<string, any>;
+    client_id?: string | undefined;
+    scope?: undefined;
+    client_metadata?: {
+      [x: string]: unknown;
+      logo_uri?: string | undefined;
+      client_name?: string | undefined;
+      authorization_signed_response_alg?: string | undefined;
+      authorization_encrypted_response_alg?: string | undefined;
+      authorization_encrypted_response_enc?: string | undefined;
+      jwks_uri?: string | undefined;
+      jwks?: {
+        [x: string]: unknown;
+        keys: {
+          [x: string]: unknown;
+          kty: string;
+          crv?: string | undefined;
+          x?: string | undefined;
+          y?: string | undefined;
+          e?: string | undefined;
+          n?: string | undefined;
+          alg?: string | undefined;
+          d?: string | undefined;
+          dp?: string | undefined;
+          dq?: string | undefined;
+          ext?: boolean | undefined;
+          k?: string | undefined;
+          key_ops?: string[] | undefined;
+          kid?: string | undefined;
+          oth?: {
+            [x: string]: unknown;
+            d?: string | undefined;
+            r?: string | undefined;
+            t?: string | undefined;
+          }[] | undefined;
+          p?: string | undefined;
+          q?: string | undefined;
+          qi?: string | undefined;
+          use?: string | undefined;
+          x5c?: string[] | undefined;
+          x5t?: string | undefined;
+          'x5t#S256'?: string | undefined;
+          x5u?: string | undefined;
+        }[];
+      } | undefined;
+      vp_formats?: Record<string, {
+        [x: string]: unknown;
+        alg_values_supported?: string[] | undefined;
+      }> | undefined;
+      vp_formats_supported?: {
+        [x: string]: {
+          [x: string]: unknown;
+        };
+        'dc+sd-jwt'?: {
+          [x: string]: unknown;
+          'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
+          'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
+        } | undefined;
+        jwt_vc_json?: {
+          [x: string]: unknown;
+          alg_values?: [string, ...string[]] | undefined;
+        } | undefined;
+        ldp_vc?: {
+          [x: string]: unknown;
+          proof_type_values?: [string, ...string[]] | undefined;
+          cryptosuite_values?: [string, ...string[]] | undefined;
+        } | undefined;
+        mso_mdoc?: {
+          [x: string]: unknown;
+          issuer_signed_alg_values?: [number, ...number[]] | undefined;
+          device_signed_alg_values?: [number, ...number[]] | undefined;
+          issuerauth_alg_values?: [number, ...number[]] | undefined;
+          deviceauth_alg_values?: [number, ...number[]] | undefined;
+        } | undefined;
+      } | undefined;
+      encrypted_response_enc_values_supported?: string[] | undefined;
+    } | undefined;
+    state?: string | undefined;
+    transaction_data?: string[] | undefined;
+    trust_chain?: [string, ...string[]] | undefined;
+    client_id_scheme?: undefined;
+    verifier_attestations?: {
+      format: string;
+      data: string | Record<string, unknown>;
+      credential_ids?: string[] | undefined;
+    }[] | undefined;
+    verifier_info?: {
+      format: string;
+      data: string | Record<string, unknown>;
+      credential_ids?: string[] | undefined;
+    }[] | undefined;
+    expected_url?: string | undefined;
+    expected_origins?: undefined;
+  };
+  authorizationRequest: string;
+  jar: undefined;
+}>;
+//#endregion
+//#region src/authorization-request/parse-authorization-request-params.d.ts
+interface ParsedJarRequest {
+  type: 'jar';
+  provided: 'uri' | 'jwt' | 'params';
+  params: Openid4vpJarAuthorizationRequest;
+}
+interface ParsedOpenid4vpAuthorizationRequest {
+  type: 'openid4vp';
+  provided: 'uri' | 'jwt' | 'params';
+  params: Openid4vpAuthorizationRequest;
+}
+interface ParsedOpenid4vpDcApiAuthorizationRequest {
+  type: 'openid4vp_dc_api';
+  provided: 'uri' | 'jwt' | 'params';
+  params: Openid4vpAuthorizationRequestDcApi;
+}
+interface ParsedOpenid4vpIaeAuthorizationRequest {
+  type: 'openid4vp_iae';
+  provided: 'uri' | 'jwt' | 'params';
+  params: Openid4vpAuthorizationRequestIae;
+}
+interface ParseOpenid4vpAuthorizationRequestOptions {
+  authorizationRequest: string | Record<string, unknown>;
+}
+declare function parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest | ParsedOpenid4vpIaeAuthorizationRequest;
+//#endregion
+//#region src/jar/handle-jar-request/verify-jar-request.d.ts
+interface VerifiedJarRequest {
+  authorizationRequestPayload: JarRequestObjectPayload;
+  sendBy: 'value' | 'reference';
+  decryptionJwk?: Jwk;
+  signer: JwtSignerWithJwk;
+  jwt: DecodeJwtResult<undefined, typeof zJarRequestObjectPayload>;
+}
+//#endregion
+//#region src/models/z-client-metadata.d.ts
 declare const zClientMetadata: z.ZodObject<{
   logo_uri: z.ZodOptional<z.ZodUnion<[z.ZodURL, z.ZodString]>>;
   client_name: z.ZodOptional<z.ZodString>;
@@ -1106,10 +1510,13 @@ type ClientMetadata = z.infer<typeof zClientMetadata>;
 /**
  * The Openid4vpVersionNumber
  *
- * 100 means 1.0 final, all others are draft versions
+ * 100 means 1.0 final
+ * 101 means 1.1 draft 1
+ * 110 will mean 1.1 final
+ * all others are pre-1.0 draft versions
  */
-type Openid4vpVersionNumber = 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 100;
-declare function parseAuthorizationRequestVersion(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi): Openid4vpVersionNumber;
+type Openid4vpVersionNumber = 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 100 | 101;
+declare function parseAuthorizationRequestVersion(request: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpAuthorizationRequestIae): Openid4vpVersionNumber;
 //#endregion
 //#region src/client-identifier-prefix/z-client-id-prefix.d.ts
 declare const zClientIdPrefix: z.ZodEnum<{
@@ -1232,7 +1639,7 @@ declare function getOpenid4vpClientId(options: GetOpenid4vpClientIdOptions): {
    */
   clientIdIdentifier: string;
   /**
-   * The client id prefix according to the latest verion of OpenID4VP. Older prefixes are
+   * The client id prefix according to the latest version of OpenID4VP. Older prefixes are
    * transformed into a singular value. Do not use this for checking the actual client id prefix
    * used, but can be used to understand which method is used.
    *
@@ -1293,15 +1700,17 @@ declare function parseTransactionData(options: ParseTransactionDataOptions): Par
 //#endregion
 //#region src/authorization-request/resolve-authorization-request.d.ts
 interface ResolveOpenid4vpAuthorizationRequestOptions {
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpJarAuthorizationRequest;
+  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpAuthorizationRequestIae | Openid4vpJarAuthorizationRequest;
   wallet?: WalletVerificationOptions;
-  origin?: string;
-  disableOriginValidation?: boolean;
+  /**
+   * The response mode that is expected for the resolved presentation request.
+   */
+  responseMode: ExpectedResponseMode;
   callbacks: Pick<CallbackContext, 'verifyJwt' | 'decryptJwe' | 'getX509CertificateMetadata' | 'fetch' | 'hash'>;
 }
 type ResolvedOpenid4vpAuthorizationRequest = {
   transactionData?: ParsedTransactionDataEntry[];
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
+  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpAuthorizationRequestIae;
   jar: VerifiedJarRequest | undefined;
   client: ParsedClientIdentifier;
   pex?: {
@@ -1319,6 +1728,67 @@ type ResolvedOpenid4vpAuthorizationRequest = {
   version: Openid4vpVersionNumber;
 };
 declare function resolveOpenid4vpAuthorizationRequest(options: ResolveOpenid4vpAuthorizationRequestOptions): Promise<ResolvedOpenid4vpAuthorizationRequest>;
+type ExpectedResponseMode = {
+  /**
+   * Enforces the response is `iae` or `iae_post`, meaning the presentation
+   * is created as part of an issuance session.
+   */
+  type: 'iae';
+  /**
+   * The expectedUrl for the IAE session. Must always be provided, but will
+   * only be verified if the OpenID4VP request is signed (and thus MUST contain `expected_url`)
+   */
+  expectedUrl: string;
+} | {
+  /**
+   * Enforces the response is `dc_api` or `dc_api.jwt` (including legacy support for `w3c_dc_api` and `w3c_dc_api.jwt`),
+   * meaning the presentation will be shared using the Digital Credentials API.
+   */
+  type: 'dc_api';
+  /**
+   * The expected origin for the DC API session. Must always be provided, but will
+   * only be verified if the OpenID4VP request is signed (and thus MUST contain `expected_origins`)
+   */
+  expectedOrigin: string;
+} | {
+  /**
+   * Enforces the response is `direct_post` or `direct_post.jwt`
+   */
+  type: 'direct_post';
+};
+//#endregion
+//#region src/authorization-request/validate-authorization-request-dc-api.d.ts
+interface ValidateOpenid4vpAuthorizationRequestDcApiPayloadOptions {
+  params: Openid4vpAuthorizationRequestDcApi;
+  isJarRequest: boolean;
+  disableOriginValidation?: boolean;
+  origin?: string;
+}
+/**
+ * Validate the OpenId4Vp Authorization Request parameters for the dc_api response mode
+ */
+declare const validateOpenid4vpAuthorizationRequestDcApiPayload: (options: ValidateOpenid4vpAuthorizationRequestDcApiPayloadOptions) => void;
+//#endregion
+//#region src/authorization-request/validate-authorization-request-iae.d.ts
+interface ValidateOpenid4vpAuthorizationRequestIaePayloadOptions {
+  params: Openid4vpAuthorizationRequestIae;
+  isJarRequest: boolean;
+  /** The URL of the endpoint that will receive the response (for validating expected_url) */
+  expectedUrl?: string;
+  disableExpectedUrlValidation?: boolean;
+}
+/**
+ * Validate the OpenId4Vp Authorization Request parameters for the IAE (Interactive Authorization Endpoint) response mode
+ *
+ * The IAE flow is part of OpenID4VCI 1.1 and is used when the authorization server needs to
+ * interact directly with the wallet during the authorization process.
+ *
+ * Key validation rules:
+ * - For signed requests (JAR), expected_url parameter is validated against the actual endpoint URL
+ * - expected_url is used instead of expected_origins to prevent replay attacks
+ * - dcql_query must be present
+ */
+declare const validateOpenid4vpAuthorizationRequestIaePayload: (options: ValidateOpenid4vpAuthorizationRequestIaePayloadOptions) => void;
 //#endregion
 //#region src/jarm/metadata/z-jarm-authorization-server-metadata.d.ts
 declare const zJarmServerMetadata: z.ZodObject<{
@@ -1681,7 +2151,7 @@ declare function submitOpenid4vpAuthorizationResponse(options: SubmitOpenid4vpAu
 //#endregion
 //#region src/authorization-response/validate-authorization-response.d.ts
 interface ValidateOpenid4vpAuthorizationResponseOptions {
-  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi;
+  authorizationRequestPayload: Openid4vpAuthorizationRequest | Openid4vpAuthorizationRequestDcApi | Openid4vpAuthorizationRequestIae;
   authorizationResponsePayload: Openid4vpAuthorizationResponse;
 }
 /**
@@ -1805,7 +2275,7 @@ interface Openid4vpClientOptions {
 declare class Openid4vpClient {
   private options;
   constructor(options: Openid4vpClientOptions);
-  parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
+  parseOpenid4vpAuthorizationRequest(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest | ParsedOpenid4vpIaeAuthorizationRequest;
   resolveOpenId4vpAuthorizationRequest(options: Omit<ResolveOpenid4vpAuthorizationRequestOptions, 'callbacks'>): Promise<ResolvedOpenid4vpAuthorizationRequest>;
   createOpenid4vpAuthorizationResponse(options: Omit<CreateOpenid4vpAuthorizationResponseOptions, 'callbacks'>): Promise<CreateOpenid4vpAuthorizationResponseResult>;
   submitOpenid4vpAuthorizationResponse(options: Omit<SubmitOpenid4vpAuthorizationResponseOptions, 'callbacks'>): Promise<{
@@ -1868,17 +2338,113 @@ declare class Openid4vpVerifier {
     authorizationRequestPayload: {
       [x: string]: unknown;
       response_type: "vp_token";
-      client_id: string;
+      client_id: string;
+      nonce: string;
+      redirect_uri?: string | undefined;
+      response_uri?: string | undefined;
+      request_uri?: string | undefined;
+      request_uri_method?: string | undefined;
+      response_mode?: "direct_post" | "direct_post.jwt" | undefined;
+      wallet_nonce?: string | undefined;
+      scope?: string | undefined;
+      presentation_definition?: any;
+      presentation_definition_uri?: string | undefined;
+      dcql_query?: any;
+      client_metadata?: {
+        [x: string]: unknown;
+        logo_uri?: string | undefined;
+        client_name?: string | undefined;
+        authorization_signed_response_alg?: string | undefined;
+        authorization_encrypted_response_alg?: string | undefined;
+        authorization_encrypted_response_enc?: string | undefined;
+        jwks_uri?: string | undefined;
+        jwks?: {
+          [x: string]: unknown;
+          keys: {
+            [x: string]: unknown;
+            kty: string;
+            crv?: string | undefined;
+            x?: string | undefined;
+            y?: string | undefined;
+            e?: string | undefined;
+            n?: string | undefined;
+            alg?: string | undefined;
+            d?: string | undefined;
+            dp?: string | undefined;
+            dq?: string | undefined;
+            ext?: boolean | undefined;
+            k?: string | undefined;
+            key_ops?: string[] | undefined;
+            kid?: string | undefined;
+            oth?: {
+              [x: string]: unknown;
+              d?: string | undefined;
+              r?: string | undefined;
+              t?: string | undefined;
+            }[] | undefined;
+            p?: string | undefined;
+            q?: string | undefined;
+            qi?: string | undefined;
+            use?: string | undefined;
+            x5c?: string[] | undefined;
+            x5t?: string | undefined;
+            'x5t#S256'?: string | undefined;
+            x5u?: string | undefined;
+          }[];
+        } | undefined;
+        vp_formats?: Record<string, {
+          [x: string]: unknown;
+          alg_values_supported?: string[] | undefined;
+        }> | undefined;
+        vp_formats_supported?: {
+          [x: string]: {
+            [x: string]: unknown;
+          };
+          'dc+sd-jwt'?: {
+            [x: string]: unknown;
+            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
+            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
+          } | undefined;
+          jwt_vc_json?: {
+            [x: string]: unknown;
+            alg_values?: [string, ...string[]] | undefined;
+          } | undefined;
+          ldp_vc?: {
+            [x: string]: unknown;
+            proof_type_values?: [string, ...string[]] | undefined;
+            cryptosuite_values?: [string, ...string[]] | undefined;
+          } | undefined;
+          mso_mdoc?: {
+            [x: string]: unknown;
+            issuer_signed_alg_values?: [number, ...number[]] | undefined;
+            device_signed_alg_values?: [number, ...number[]] | undefined;
+            issuerauth_alg_values?: [number, ...number[]] | undefined;
+            deviceauth_alg_values?: [number, ...number[]] | undefined;
+          } | undefined;
+        } | undefined;
+        encrypted_response_enc_values_supported?: string[] | undefined;
+      } | undefined;
+      client_metadata_uri?: string | undefined;
+      state?: string | undefined;
+      transaction_data?: string[] | undefined;
+      trust_chain?: [string, ...string[]] | undefined;
+      client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
+      verifier_attestations?: {
+        format: string;
+        data: string | Record<string, unknown>;
+        credential_ids?: string[] | undefined;
+      }[] | undefined;
+      verifier_info?: {
+        format: string;
+        data: string | Record<string, unknown>;
+        credential_ids?: string[] | undefined;
+      }[] | undefined;
+    } | {
+      [x: string]: unknown;
+      response_type: "vp_token";
       nonce: string;
-      redirect_uri?: string | undefined;
-      response_uri?: string | undefined;
-      request_uri?: string | undefined;
-      request_uri_method?: string | undefined;
-      response_mode?: "direct_post" | "direct_post.jwt" | undefined;
-      wallet_nonce?: string | undefined;
-      scope?: string | undefined;
+      response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
       presentation_definition?: any;
-      presentation_definition_uri?: string | undefined;
       dcql_query?: any;
       client_metadata?: {
         [x: string]: unknown;
@@ -1954,11 +2520,9 @@ declare class Openid4vpVerifier {
         } | undefined;
         encrypted_response_enc_values_supported?: string[] | undefined;
       } | undefined;
-      client_metadata_uri?: string | undefined;
       state?: string | undefined;
       transaction_data?: string[] | undefined;
       trust_chain?: [string, ...string[]] | undefined;
-      client_id_scheme?: "redirect_uri" | "pre-registered" | "entity_id" | "did" | "verifier_attestation" | "x509_san_dns" | "x509_san_uri" | "x509_hash" | undefined;
       verifier_attestations?: {
         format: string;
         data: string | Record<string, unknown>;
@@ -1969,13 +2533,18 @@ declare class Openid4vpVerifier {
         data: string | Record<string, unknown>;
         credential_ids?: string[] | undefined;
       }[] | undefined;
+      client_id?: string | undefined;
+      expected_origins?: string[] | undefined;
+      client_id_scheme?: undefined;
+      scope?: undefined;
     } | {
       [x: string]: unknown;
       response_type: "vp_token";
       nonce: string;
-      response_mode: "dc_api" | "dc_api.jwt" | "w3c_dc_api.jwt" | "w3c_dc_api";
-      presentation_definition?: any;
-      dcql_query?: any;
+      response_mode: "iae_post" | "iae_post.jwt";
+      dcql_query: Record<string, any>;
+      client_id?: string | undefined;
+      scope?: undefined;
       client_metadata?: {
         [x: string]: unknown;
         logo_uri?: string | undefined;
@@ -2053,6 +2622,7 @@ declare class Openid4vpVerifier {
       state?: string | undefined;
       transaction_data?: string[] | undefined;
       trust_chain?: [string, ...string[]] | undefined;
+      client_id_scheme?: undefined;
       verifier_attestations?: {
         format: string;
         data: string | Record<string, unknown>;
@@ -2063,10 +2633,8 @@ declare class Openid4vpVerifier {
         data: string | Record<string, unknown>;
         credential_ids?: string[] | undefined;
       }[] | undefined;
-      client_id?: string | undefined;
-      expected_origins?: string[] | undefined;
-      client_id_scheme?: undefined;
-      scope?: undefined;
+      expected_url?: string | undefined;
+      expected_origins?: undefined;
     };
     authorizationRequestObject: {
       [x: string]: unknown;
@@ -2353,6 +2921,104 @@ declare class Openid4vpVerifier {
       expected_origins?: string[] | undefined;
       client_id_scheme?: undefined;
       scope?: undefined;
+    } | {
+      [x: string]: unknown;
+      response_type: "vp_token";
+      nonce: string;
+      response_mode: "iae_post" | "iae_post.jwt";
+      dcql_query: Record<string, any>;
+      client_id?: string | undefined;
+      scope?: undefined;
+      client_metadata?: {
+        [x: string]: unknown;
+        logo_uri?: string | undefined;
+        client_name?: string | undefined;
+        authorization_signed_response_alg?: string | undefined;
+        authorization_encrypted_response_alg?: string | undefined;
+        authorization_encrypted_response_enc?: string | undefined;
+        jwks_uri?: string | undefined;
+        jwks?: {
+          [x: string]: unknown;
+          keys: {
+            [x: string]: unknown;
+            kty: string;
+            crv?: string | undefined;
+            x?: string | undefined;
+            y?: string | undefined;
+            e?: string | undefined;
+            n?: string | undefined;
+            alg?: string | undefined;
+            d?: string | undefined;
+            dp?: string | undefined;
+            dq?: string | undefined;
+            ext?: boolean | undefined;
+            k?: string | undefined;
+            key_ops?: string[] | undefined;
+            kid?: string | undefined;
+            oth?: {
+              [x: string]: unknown;
+              d?: string | undefined;
+              r?: string | undefined;
+              t?: string | undefined;
+            }[] | undefined;
+            p?: string | undefined;
+            q?: string | undefined;
+            qi?: string | undefined;
+            use?: string | undefined;
+            x5c?: string[] | undefined;
+            x5t?: string | undefined;
+            'x5t#S256'?: string | undefined;
+            x5u?: string | undefined;
+          }[];
+        } | undefined;
+        vp_formats?: Record<string, {
+          [x: string]: unknown;
+          alg_values_supported?: string[] | undefined;
+        }> | undefined;
+        vp_formats_supported?: {
+          [x: string]: {
+            [x: string]: unknown;
+          };
+          'dc+sd-jwt'?: {
+            [x: string]: unknown;
+            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
+            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
+          } | undefined;
+          jwt_vc_json?: {
+            [x: string]: unknown;
+            alg_values?: [string, ...string[]] | undefined;
+          } | undefined;
+          ldp_vc?: {
+            [x: string]: unknown;
+            proof_type_values?: [string, ...string[]] | undefined;
+            cryptosuite_values?: [string, ...string[]] | undefined;
+          } | undefined;
+          mso_mdoc?: {
+            [x: string]: unknown;
+            issuer_signed_alg_values?: [number, ...number[]] | undefined;
+            device_signed_alg_values?: [number, ...number[]] | undefined;
+            issuerauth_alg_values?: [number, ...number[]] | undefined;
+            deviceauth_alg_values?: [number, ...number[]] | undefined;
+          } | undefined;
+        } | undefined;
+        encrypted_response_enc_values_supported?: string[] | undefined;
+      } | undefined;
+      state?: string | undefined;
+      transaction_data?: string[] | undefined;
+      trust_chain?: [string, ...string[]] | undefined;
+      client_id_scheme?: undefined;
+      verifier_attestations?: {
+        format: string;
+        data: string | Record<string, unknown>;
+        credential_ids?: string[] | undefined;
+      }[] | undefined;
+      verifier_info?: {
+        format: string;
+        data: string | Record<string, unknown>;
+        credential_ids?: string[] | undefined;
+      }[] | undefined;
+      expected_url?: string | undefined;
+      expected_origins?: undefined;
     };
     authorizationRequestObject: {
       [x: string]: unknown;
@@ -2556,11 +3222,109 @@ declare class Openid4vpVerifier {
       expected_origins?: string[] | undefined;
       client_id_scheme?: undefined;
       scope?: undefined;
+    } | {
+      [x: string]: unknown;
+      response_type: "vp_token";
+      nonce: string;
+      response_mode: "iae_post" | "iae_post.jwt";
+      dcql_query: Record<string, any>;
+      client_id?: string | undefined;
+      scope?: undefined;
+      client_metadata?: {
+        [x: string]: unknown;
+        logo_uri?: string | undefined;
+        client_name?: string | undefined;
+        authorization_signed_response_alg?: string | undefined;
+        authorization_encrypted_response_alg?: string | undefined;
+        authorization_encrypted_response_enc?: string | undefined;
+        jwks_uri?: string | undefined;
+        jwks?: {
+          [x: string]: unknown;
+          keys: {
+            [x: string]: unknown;
+            kty: string;
+            crv?: string | undefined;
+            x?: string | undefined;
+            y?: string | undefined;
+            e?: string | undefined;
+            n?: string | undefined;
+            alg?: string | undefined;
+            d?: string | undefined;
+            dp?: string | undefined;
+            dq?: string | undefined;
+            ext?: boolean | undefined;
+            k?: string | undefined;
+            key_ops?: string[] | undefined;
+            kid?: string | undefined;
+            oth?: {
+              [x: string]: unknown;
+              d?: string | undefined;
+              r?: string | undefined;
+              t?: string | undefined;
+            }[] | undefined;
+            p?: string | undefined;
+            q?: string | undefined;
+            qi?: string | undefined;
+            use?: string | undefined;
+            x5c?: string[] | undefined;
+            x5t?: string | undefined;
+            'x5t#S256'?: string | undefined;
+            x5u?: string | undefined;
+          }[];
+        } | undefined;
+        vp_formats?: Record<string, {
+          [x: string]: unknown;
+          alg_values_supported?: string[] | undefined;
+        }> | undefined;
+        vp_formats_supported?: {
+          [x: string]: {
+            [x: string]: unknown;
+          };
+          'dc+sd-jwt'?: {
+            [x: string]: unknown;
+            'sd-jwt_alg_values'?: [string, ...string[]] | undefined;
+            'kb-jwt_alg_values'?: [string, ...string[]] | undefined;
+          } | undefined;
+          jwt_vc_json?: {
+            [x: string]: unknown;
+            alg_values?: [string, ...string[]] | undefined;
+          } | undefined;
+          ldp_vc?: {
+            [x: string]: unknown;
+            proof_type_values?: [string, ...string[]] | undefined;
+            cryptosuite_values?: [string, ...string[]] | undefined;
+          } | undefined;
+          mso_mdoc?: {
+            [x: string]: unknown;
+            issuer_signed_alg_values?: [number, ...number[]] | undefined;
+            device_signed_alg_values?: [number, ...number[]] | undefined;
+            issuerauth_alg_values?: [number, ...number[]] | undefined;
+            deviceauth_alg_values?: [number, ...number[]] | undefined;
+          } | undefined;
+        } | undefined;
+        encrypted_response_enc_values_supported?: string[] | undefined;
+      } | undefined;
+      state?: string | undefined;
+      transaction_data?: string[] | undefined;
+      trust_chain?: [string, ...string[]] | undefined;
+      client_id_scheme?: undefined;
+      verifier_attestations?: {
+        format: string;
+        data: string | Record<string, unknown>;
+        credential_ids?: string[] | undefined;
+      }[] | undefined;
+      verifier_info?: {
+        format: string;
+        data: string | Record<string, unknown>;
+        credential_ids?: string[] | undefined;
+      }[] | undefined;
+      expected_url?: string | undefined;
+      expected_origins?: undefined;
     };
     authorizationRequest: string;
     jar: undefined;
   }>;
-  parseOpenid4vpAuthorizationRequestPayload(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest;
+  parseOpenid4vpAuthorizationRequestPayload(options: ParseOpenid4vpAuthorizationRequestOptions): ParsedOpenid4vpAuthorizationRequest | ParsedJarRequest | ParsedOpenid4vpDcApiAuthorizationRequest | ParsedOpenid4vpIaeAuthorizationRequest;
   parseOpenid4vpAuthorizationResponse(options: ParseOpenid4vpAuthorizationResponseOptions): Promise<ParsedOpenid4vpAuthorizationResponse>;
   validateOpenid4vpAuthorizationResponsePayload(options: ValidateOpenid4vpAuthorizationResponseOptions): ValidateOpenid4VpAuthorizationResponseResult;
   parsePexVpToken(vpToken: unknown): [string | Record<string, any>, ...(string | Record<string, any>)[]];
@@ -2581,5 +3345,5 @@ declare class Openid4vpVerifier {
 declare function parsePexVpToken(vpToken: unknown): [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]];
 declare function parseDcqlVpToken(vpToken: unknown): Record<string, [VpTokenPresentationEntry, ...VpTokenPresentationEntry[]]>;
 //#endregion
-export { type ClientIdPrefix, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type GetOpenid4vpClientIdOptions, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type Openid4vpVersionNumber, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type TransactionDataHashesCredentials, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifiedTransactionDataEntry, type VerifierAttestation, type VerifierAttestations, type VerifyJarmAuthorizationResponseOptions, type VerifyTransactionDataOptions, type VpToken, type VpTokenDcql, type VpTokenPex, type VpTokenPresentationEntry, type WalletMetadata, type WalletVerificationOptions, calculateX509HashClientIdPrefixValue, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
+export { type ClientIdPrefix, type ClientMetadata, type CreateOpenid4vpAuthorizationRequestOptions, type CreateOpenid4vpAuthorizationResponseOptions, type CreateOpenid4vpAuthorizationResponseResult, type CredentialFormat, type GetOpenid4vpClientIdOptions, type JarmClientMetadata, JarmMode, type Openid4vpAuthorizationRequest, type Openid4vpAuthorizationRequestDcApi, type Openid4vpAuthorizationRequestIae, type Openid4vpAuthorizationResponse, Openid4vpClient, Openid4vpVerifier, type Openid4vpVersionNumber, type ParseJarmAuthorizationResponseOptions, type ParseOpenid4vpAuthorizationRequestOptions, type ParseOpenid4vpAuthorizationResponseOptions, type ParseTransactionDataOptions, type ParsedOpenid4vpAuthorizationResponse, type ProofFormat, type ResolveOpenid4vpAuthorizationRequestOptions, type ResolvedOpenid4vpAuthorizationRequest, type SubmitOpenid4vpAuthorizationResponseOptions, type TransactionDataEntry, type TransactionDataHashesCredentials, type ValidateOpenid4VpAuthorizationResponseResult, type ValidateOpenid4VpDcqlAuthorizationResponseResult, type ValidateOpenid4VpPexAuthorizationResponseResult, type ValidateOpenid4vpAuthorizationRequestDcApiPayloadOptions, type ValidateOpenid4vpAuthorizationRequestIaePayloadOptions, type ValidateOpenid4vpAuthorizationRequestPayloadOptions, type ValidateOpenid4vpAuthorizationResponseOptions, type VerifiedTransactionDataEntry, type VerifierAttestation, type VerifierAttestations, type VerifyJarmAuthorizationResponseOptions, type VerifyTransactionDataOptions, type VpToken, type VpTokenDcql, type VpTokenPex, type VpTokenPresentationEntry, type WalletMetadata, type WalletVerificationOptions, calculateX509HashClientIdPrefixValue, createOpenid4vpAuthorizationRequest, createOpenid4vpAuthorizationResponse, extractEncryptionJwkFromJwks, getOpenid4vpClientId, isJarmResponseMode, isOpenid4vpAuthorizationRequestDcApi, isOpenid4vpAuthorizationRequestIae, parseAuthorizationRequestVersion, parseDcqlVpToken, parseJarmAuthorizationResponse, parseOpenid4VpAuthorizationResponsePayload, parseOpenid4vpAuthorizationRequest, parseOpenid4vpAuthorizationResponse, parsePexVpToken, parseTransactionData, resolveOpenid4vpAuthorizationRequest, submitOpenid4vpAuthorizationResponse, validateOpenid4vpAuthorizationRequestDcApiPayload, validateOpenid4vpAuthorizationRequestIaePayload, validateOpenid4vpAuthorizationRequestPayload, validateOpenid4vpAuthorizationResponsePayload, verifyJarmAuthorizationResponse, zClientIdPrefix, zClientMetadata, zCredentialFormat, zJarmClientMetadata, zOpenid4vpAuthorizationResponse, zProofFormat, zVerifierAttestations, zWalletMetadata };
 //# sourceMappingURL=index.d.mts.map