npm - @sylphx/contract - Versions diffs - 0.2.0 - Mend

@sylphx/contract 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (571) hide show

package/CHANGELOG.md +44 -0
package/LICENSE +21 -0
package/README.md +164 -0
package/dist/endpoint.d.ts +65 -0
package/dist/endpoint.d.ts.map +1 -0
package/dist/endpoint.js +22 -0
package/dist/endpoints/admin-ai-playground.d.ts +93 -0
package/dist/endpoints/admin-ai-playground.d.ts.map +1 -0
package/dist/endpoints/admin-ai-playground.js +37 -0
package/dist/endpoints/admin-anomalies.d.ts +108 -0
package/dist/endpoints/admin-anomalies.d.ts.map +1 -0
package/dist/endpoints/admin-anomalies.js +72 -0
package/dist/endpoints/admin-apm.d.ts +102 -0
package/dist/endpoints/admin-apm.d.ts.map +1 -0
package/dist/endpoints/admin-apm.js +70 -0
package/dist/endpoints/admin-audit.d.ts +714 -0
package/dist/endpoints/admin-audit.d.ts.map +1 -0
package/dist/endpoints/admin-audit.js +494 -0
package/dist/endpoints/admin-billing.d.ts +82 -0
package/dist/endpoints/admin-billing.d.ts.map +1 -0
package/dist/endpoints/admin-billing.js +190 -0
package/dist/endpoints/admin-bootstrap.d.ts +16 -0
package/dist/endpoints/admin-bootstrap.d.ts.map +1 -0
package/dist/endpoints/admin-bootstrap.js +28 -0
package/dist/endpoints/admin-broadcasts.d.ts +105 -0
package/dist/endpoints/admin-broadcasts.d.ts.map +1 -0
package/dist/endpoints/admin-broadcasts.js +60 -0
package/dist/endpoints/admin-builds.d.ts +33 -0
package/dist/endpoints/admin-builds.d.ts.map +1 -0
package/dist/endpoints/admin-builds.js +36 -0
package/dist/endpoints/admin-config.d.ts +180 -0
package/dist/endpoints/admin-config.d.ts.map +1 -0
package/dist/endpoints/admin-config.js +108 -0
package/dist/endpoints/admin-consent.d.ts +123 -0
package/dist/endpoints/admin-consent.d.ts.map +1 -0
package/dist/endpoints/admin-consent.js +126 -0
package/dist/endpoints/admin-env-services.d.ts +28 -0
package/dist/endpoints/admin-env-services.d.ts.map +1 -0
package/dist/endpoints/admin-env-services.js +35 -0
package/dist/endpoints/admin-impersonation.d.ts +105 -0
package/dist/endpoints/admin-impersonation.d.ts.map +1 -0
package/dist/endpoints/admin-impersonation.js +88 -0
package/dist/endpoints/admin-invitations.d.ts +73 -0
package/dist/endpoints/admin-invitations.d.ts.map +1 -0
package/dist/endpoints/admin-invitations.js +55 -0
package/dist/endpoints/admin-jwt-keys.d.ts +75 -0
package/dist/endpoints/admin-jwt-keys.d.ts.map +1 -0
package/dist/endpoints/admin-jwt-keys.js +63 -0
package/dist/endpoints/admin-logs.d.ts +109 -0
package/dist/endpoints/admin-logs.d.ts.map +1 -0
package/dist/endpoints/admin-logs.js +78 -0
package/dist/endpoints/admin-plans.d.ts +63 -0
package/dist/endpoints/admin-plans.d.ts.map +1 -0
package/dist/endpoints/admin-plans.js +47 -0
package/dist/endpoints/admin-project-users.d.ts +148 -0
package/dist/endpoints/admin-project-users.d.ts.map +1 -0
package/dist/endpoints/admin-project-users.js +89 -0
package/dist/endpoints/admin-projects.d.ts +124 -0
package/dist/endpoints/admin-projects.d.ts.map +1 -0
package/dist/endpoints/admin-projects.js +74 -0
package/dist/endpoints/admin-quotas.d.ts +98 -0
package/dist/endpoints/admin-quotas.d.ts.map +1 -0
package/dist/endpoints/admin-quotas.js +67 -0
package/dist/endpoints/admin-rate-limits.d.ts +50 -0
package/dist/endpoints/admin-rate-limits.d.ts.map +1 -0
package/dist/endpoints/admin-rate-limits.js +53 -0
package/dist/endpoints/admin-reconcile.d.ts +28 -0
package/dist/endpoints/admin-reconcile.d.ts.map +1 -0
package/dist/endpoints/admin-reconcile.js +33 -0
package/dist/endpoints/admin-resources.d.ts +51 -0
package/dist/endpoints/admin-resources.d.ts.map +1 -0
package/dist/endpoints/admin-resources.js +53 -0
package/dist/endpoints/admin-secrets.d.ts +41 -0
package/dist/endpoints/admin-secrets.d.ts.map +1 -0
package/dist/endpoints/admin-secrets.js +33 -0
package/dist/endpoints/admin-services.d.ts +29 -0
package/dist/endpoints/admin-services.d.ts.map +1 -0
package/dist/endpoints/admin-services.js +35 -0
package/dist/endpoints/admin-tasks.d.ts +186 -0
package/dist/endpoints/admin-tasks.d.ts.map +1 -0
package/dist/endpoints/admin-tasks.js +67 -0
package/dist/endpoints/admin-tenants.d.ts +26 -0
package/dist/endpoints/admin-tenants.d.ts.map +1 -0
package/dist/endpoints/admin-tenants.js +30 -0
package/dist/endpoints/admin-traces.d.ts +124 -0
package/dist/endpoints/admin-traces.d.ts.map +1 -0
package/dist/endpoints/admin-traces.js +59 -0
package/dist/endpoints/admin-users.d.ts +106 -0
package/dist/endpoints/admin-users.d.ts.map +1 -0
package/dist/endpoints/admin-users.js +83 -0
package/dist/endpoints/admin-webhook-signature-versions.d.ts +59 -0
package/dist/endpoints/admin-webhook-signature-versions.d.ts.map +1 -0
package/dist/endpoints/admin-webhook-signature-versions.js +57 -0
package/dist/endpoints/ai-admin.d.ts +30 -0
package/dist/endpoints/ai-admin.d.ts.map +1 -0
package/dist/endpoints/ai-admin.js +59 -0
package/dist/endpoints/analytics-admin.d.ts +279 -0
package/dist/endpoints/analytics-admin.d.ts.map +1 -0
package/dist/endpoints/analytics-admin.js +308 -0
package/dist/endpoints/analytics.d.ts +58 -0
package/dist/endpoints/analytics.d.ts.map +1 -0
package/dist/endpoints/analytics.js +43 -0
package/dist/endpoints/audit-chain.d.ts +49 -0
package/dist/endpoints/audit-chain.d.ts.map +1 -0
package/dist/endpoints/audit-chain.js +29 -0
package/dist/endpoints/audit.d.ts +50 -0
package/dist/endpoints/audit.d.ts.map +1 -0
package/dist/endpoints/audit.js +30 -0
package/dist/endpoints/auth-admin.d.ts +65 -0
package/dist/endpoints/auth-admin.d.ts.map +1 -0
package/dist/endpoints/auth-admin.js +55 -0
package/dist/endpoints/auth.d.ts +157 -0
package/dist/endpoints/auth.d.ts.map +1 -0
package/dist/endpoints/auth.js +214 -0
package/dist/endpoints/backups.d.ts +51 -0
package/dist/endpoints/backups.d.ts.map +1 -0
package/dist/endpoints/backups.js +47 -0
package/dist/endpoints/billing-console.d.ts +294 -0
package/dist/endpoints/billing-console.d.ts.map +1 -0
package/dist/endpoints/billing-console.js +167 -0
package/dist/endpoints/billing-settings.d.ts +107 -0
package/dist/endpoints/billing-settings.d.ts.map +1 -0
package/dist/endpoints/billing-settings.js +117 -0
package/dist/endpoints/branch-databases.d.ts +75 -0
package/dist/endpoints/branch-databases.d.ts.map +1 -0
package/dist/endpoints/branch-databases.js +61 -0
package/dist/endpoints/challenge.d.ts +62 -0
package/dist/endpoints/challenge.d.ts.map +1 -0
package/dist/endpoints/challenge.js +52 -0
package/dist/endpoints/ci-settings.d.ts +89 -0
package/dist/endpoints/ci-settings.d.ts.map +1 -0
package/dist/endpoints/ci-settings.js +78 -0
package/dist/endpoints/consent-admin.d.ts +134 -0
package/dist/endpoints/consent-admin.d.ts.map +1 -0
package/dist/endpoints/consent-admin.js +83 -0
package/dist/endpoints/databases.d.ts +251 -0
package/dist/endpoints/databases.d.ts.map +1 -0
package/dist/endpoints/databases.js +150 -0
package/dist/endpoints/deployments.d.ts +280 -0
package/dist/endpoints/deployments.d.ts.map +1 -0
package/dist/endpoints/deployments.js +205 -0
package/dist/endpoints/domains.d.ts +356 -0
package/dist/endpoints/domains.d.ts.map +1 -0
package/dist/endpoints/domains.js +149 -0
package/dist/endpoints/edge-deployments.d.ts +92 -0
package/dist/endpoints/edge-deployments.d.ts.map +1 -0
package/dist/endpoints/edge-deployments.js +58 -0
package/dist/endpoints/email-admin.d.ts +415 -0
package/dist/endpoints/email-admin.d.ts.map +1 -0
package/dist/endpoints/email-admin.js +253 -0
package/dist/endpoints/email.d.ts +37 -0
package/dist/endpoints/email.d.ts.map +1 -0
package/dist/endpoints/email.js +42 -0
package/dist/endpoints/engagement-admin.d.ts +98 -0
package/dist/endpoints/engagement-admin.d.ts.map +1 -0
package/dist/endpoints/engagement-admin.js +64 -0
package/dist/endpoints/env-vars.d.ts +66 -0
package/dist/endpoints/env-vars.d.ts.map +1 -0
package/dist/endpoints/env-vars.js +47 -0
package/dist/endpoints/environments.d.ts +456 -0
package/dist/endpoints/environments.d.ts.map +1 -0
package/dist/endpoints/environments.js +237 -0
package/dist/endpoints/experiments.d.ts +500 -0
package/dist/endpoints/experiments.d.ts.map +1 -0
package/dist/endpoints/experiments.js +93 -0
package/dist/endpoints/flags-admin.d.ts +74 -0
package/dist/endpoints/flags-admin.d.ts.map +1 -0
package/dist/endpoints/flags-admin.js +84 -0
package/dist/endpoints/flags.d.ts +23 -0
package/dist/endpoints/flags.d.ts.map +1 -0
package/dist/endpoints/flags.js +17 -0
package/dist/endpoints/github.d.ts +30 -0
package/dist/endpoints/github.d.ts.map +1 -0
package/dist/endpoints/github.js +37 -0
package/dist/endpoints/image-opt.d.ts +43 -0
package/dist/endpoints/image-opt.d.ts.map +1 -0
package/dist/endpoints/image-opt.js +44 -0
package/dist/endpoints/kv-admin.d.ts +58 -0
package/dist/endpoints/kv-admin.d.ts.map +1 -0
package/dist/endpoints/kv-admin.js +69 -0
package/dist/endpoints/kv.d.ts +63 -0
package/dist/endpoints/kv.d.ts.map +1 -0
package/dist/endpoints/kv.js +82 -0
package/dist/endpoints/monitoring-admin.d.ts +204 -0
package/dist/endpoints/monitoring-admin.d.ts.map +1 -0
package/dist/endpoints/monitoring-admin.js +119 -0
package/dist/endpoints/monitoring.d.ts +63 -0
package/dist/endpoints/monitoring.d.ts.map +1 -0
package/dist/endpoints/monitoring.js +27 -0
package/dist/endpoints/newsletter.d.ts +366 -0
package/dist/endpoints/newsletter.d.ts.map +1 -0
package/dist/endpoints/newsletter.js +232 -0
package/dist/endpoints/notifications-admin.d.ts +268 -0
package/dist/endpoints/notifications-admin.d.ts.map +1 -0
package/dist/endpoints/notifications-admin.js +172 -0
package/dist/endpoints/notifications.d.ts +225 -0
package/dist/endpoints/notifications.d.ts.map +1 -0
package/dist/endpoints/notifications.js +150 -0
package/dist/endpoints/oidc.d.ts +67 -0
package/dist/endpoints/oidc.d.ts.map +1 -0
package/dist/endpoints/oidc.js +49 -0
package/dist/endpoints/organizations.d.ts +702 -0
package/dist/endpoints/organizations.d.ts.map +1 -0
package/dist/endpoints/organizations.js +460 -0
package/dist/endpoints/plans.d.ts +136 -0
package/dist/endpoints/plans.d.ts.map +1 -0
package/dist/endpoints/plans.js +83 -0
package/dist/endpoints/privacy.d.ts +131 -0
package/dist/endpoints/privacy.d.ts.map +1 -0
package/dist/endpoints/privacy.js +98 -0
package/dist/endpoints/project-manifest.d.ts +1044 -0
package/dist/endpoints/project-manifest.d.ts.map +1 -0
package/dist/endpoints/project-manifest.js +59 -0
package/dist/endpoints/projects.d.ts +187 -0
package/dist/endpoints/projects.d.ts.map +1 -0
package/dist/endpoints/projects.js +58 -0
package/dist/endpoints/rate-limits.d.ts +83 -0
package/dist/endpoints/rate-limits.d.ts.map +1 -0
package/dist/endpoints/rate-limits.js +54 -0
package/dist/endpoints/realtime-admin.d.ts +42 -0
package/dist/endpoints/realtime-admin.d.ts.map +1 -0
package/dist/endpoints/realtime-admin.js +50 -0
package/dist/endpoints/realtime.d.ts +35 -0
package/dist/endpoints/realtime.d.ts.map +1 -0
package/dist/endpoints/realtime.js +39 -0
package/dist/endpoints/referrals-admin.d.ts +118 -0
package/dist/endpoints/referrals-admin.d.ts.map +1 -0
package/dist/endpoints/referrals-admin.js +59 -0
package/dist/endpoints/refresh.d.ts +19 -0
package/dist/endpoints/refresh.d.ts.map +1 -0
package/dist/endpoints/refresh.js +25 -0
package/dist/endpoints/regions.d.ts +41 -0
package/dist/endpoints/regions.d.ts.map +1 -0
package/dist/endpoints/regions.js +43 -0
package/dist/endpoints/runners.d.ts +55 -0
package/dist/endpoints/runners.d.ts.map +1 -0
package/dist/endpoints/runners.js +45 -0
package/dist/endpoints/saml.d.ts +147 -0
package/dist/endpoints/saml.d.ts.map +1 -0
package/dist/endpoints/saml.js +106 -0
package/dist/endpoints/search.d.ts +62 -0
package/dist/endpoints/search.d.ts.map +1 -0
package/dist/endpoints/search.js +40 -0
package/dist/endpoints/secrets.d.ts +95 -0
package/dist/endpoints/secrets.d.ts.map +1 -0
package/dist/endpoints/secrets.js +81 -0
package/dist/endpoints/security.d.ts +231 -0
package/dist/endpoints/security.d.ts.map +1 -0
package/dist/endpoints/security.js +291 -0
package/dist/endpoints/service-tokens.d.ts +392 -0
package/dist/endpoints/service-tokens.d.ts.map +1 -0
package/dist/endpoints/service-tokens.js +125 -0
package/dist/endpoints/session-replay.d.ts +142 -0
package/dist/endpoints/session-replay.d.ts.map +1 -0
package/dist/endpoints/session-replay.js +53 -0
package/dist/endpoints/storage-admin.d.ts +96 -0
package/dist/endpoints/storage-admin.d.ts.map +1 -0
package/dist/endpoints/storage-admin.js +113 -0
package/dist/endpoints/storage.d.ts +167 -0
package/dist/endpoints/storage.d.ts.map +1 -0
package/dist/endpoints/storage.js +117 -0
package/dist/endpoints/tasks.d.ts +141 -0
package/dist/endpoints/tasks.d.ts.map +1 -0
package/dist/endpoints/tasks.js +97 -0
package/dist/endpoints/users.d.ts +103 -0
package/dist/endpoints/users.d.ts.map +1 -0
package/dist/endpoints/users.js +98 -0
package/dist/endpoints/webhooks.d.ts +201 -0
package/dist/endpoints/webhooks.d.ts.map +1 -0
package/dist/endpoints/webhooks.js +120 -0
package/dist/errors.d.ts +153 -0
package/dist/errors.d.ts.map +1 -0
package/dist/errors.js +73 -0
package/dist/index.d.ts +12303 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +390 -0
package/dist/schemas/_primitives.d.ts +37 -0
package/dist/schemas/_primitives.d.ts.map +1 -0
package/dist/schemas/_primitives.js +38 -0
package/dist/schemas/admin-ai-playground.d.ts +128 -0
package/dist/schemas/admin-ai-playground.d.ts.map +1 -0
package/dist/schemas/admin-ai-playground.js +84 -0
package/dist/schemas/admin-anomalies.d.ts +131 -0
package/dist/schemas/admin-anomalies.d.ts.map +1 -0
package/dist/schemas/admin-anomalies.js +106 -0
package/dist/schemas/admin-apm.d.ts +151 -0
package/dist/schemas/admin-apm.d.ts.map +1 -0
package/dist/schemas/admin-apm.js +96 -0
package/dist/schemas/admin-audit.d.ts +625 -0
package/dist/schemas/admin-audit.d.ts.map +1 -0
package/dist/schemas/admin-audit.js +508 -0
package/dist/schemas/admin-billing.d.ts +73 -0
package/dist/schemas/admin-billing.d.ts.map +1 -0
package/dist/schemas/admin-billing.js +60 -0
package/dist/schemas/admin-bootstrap.d.ts +32 -0
package/dist/schemas/admin-bootstrap.d.ts.map +1 -0
package/dist/schemas/admin-bootstrap.js +37 -0
package/dist/schemas/admin-broadcasts.d.ts +181 -0
package/dist/schemas/admin-broadcasts.d.ts.map +1 -0
package/dist/schemas/admin-broadcasts.js +93 -0
package/dist/schemas/admin-builds.d.ts +108 -0
package/dist/schemas/admin-builds.d.ts.map +1 -0
package/dist/schemas/admin-builds.js +127 -0
package/dist/schemas/admin-config.d.ts +248 -0
package/dist/schemas/admin-config.d.ts.map +1 -0
package/dist/schemas/admin-config.js +145 -0
package/dist/schemas/admin-consent.d.ts +129 -0
package/dist/schemas/admin-consent.d.ts.map +1 -0
package/dist/schemas/admin-consent.js +76 -0
package/dist/schemas/admin-env-services.d.ts +63 -0
package/dist/schemas/admin-env-services.d.ts.map +1 -0
package/dist/schemas/admin-env-services.js +81 -0
package/dist/schemas/admin-impersonation.d.ts +150 -0
package/dist/schemas/admin-impersonation.d.ts.map +1 -0
package/dist/schemas/admin-impersonation.js +114 -0
package/dist/schemas/admin-invitations.d.ts +119 -0
package/dist/schemas/admin-invitations.d.ts.map +1 -0
package/dist/schemas/admin-invitations.js +80 -0
package/dist/schemas/admin-jwt-keys.d.ts +130 -0
package/dist/schemas/admin-jwt-keys.d.ts.map +1 -0
package/dist/schemas/admin-jwt-keys.js +83 -0
package/dist/schemas/admin-logs.d.ts +170 -0
package/dist/schemas/admin-logs.d.ts.map +1 -0
package/dist/schemas/admin-logs.js +108 -0
package/dist/schemas/admin-plans.d.ts +92 -0
package/dist/schemas/admin-plans.d.ts.map +1 -0
package/dist/schemas/admin-plans.js +62 -0
package/dist/schemas/admin-project-users.d.ts +183 -0
package/dist/schemas/admin-project-users.d.ts.map +1 -0
package/dist/schemas/admin-project-users.js +108 -0
package/dist/schemas/admin-projects.d.ts +237 -0
package/dist/schemas/admin-projects.d.ts.map +1 -0
package/dist/schemas/admin-projects.js +129 -0
package/dist/schemas/admin-quotas.d.ts +161 -0
package/dist/schemas/admin-quotas.d.ts.map +1 -0
package/dist/schemas/admin-quotas.js +107 -0
package/dist/schemas/admin-rate-limits.d.ts +90 -0
package/dist/schemas/admin-rate-limits.d.ts.map +1 -0
package/dist/schemas/admin-rate-limits.js +72 -0
package/dist/schemas/admin-reconcile.d.ts +89 -0
package/dist/schemas/admin-reconcile.d.ts.map +1 -0
package/dist/schemas/admin-reconcile.js +86 -0
package/dist/schemas/admin-resources.d.ts +129 -0
package/dist/schemas/admin-resources.d.ts.map +1 -0
package/dist/schemas/admin-resources.js +143 -0
package/dist/schemas/admin-secrets.d.ts +113 -0
package/dist/schemas/admin-secrets.d.ts.map +1 -0
package/dist/schemas/admin-secrets.js +94 -0
package/dist/schemas/admin-services.d.ts +71 -0
package/dist/schemas/admin-services.d.ts.map +1 -0
package/dist/schemas/admin-services.js +61 -0
package/dist/schemas/admin-tasks.d.ts +239 -0
package/dist/schemas/admin-tasks.d.ts.map +1 -0
package/dist/schemas/admin-tasks.js +103 -0
package/dist/schemas/admin-tenants.d.ts +45 -0
package/dist/schemas/admin-tenants.d.ts.map +1 -0
package/dist/schemas/admin-tenants.js +54 -0
package/dist/schemas/admin-traces.d.ts +203 -0
package/dist/schemas/admin-traces.d.ts.map +1 -0
package/dist/schemas/admin-traces.js +128 -0
package/dist/schemas/admin-users.d.ts +158 -0
package/dist/schemas/admin-users.d.ts.map +1 -0
package/dist/schemas/admin-users.js +110 -0
package/dist/schemas/admin-webhook-signature-versions.d.ts +103 -0
package/dist/schemas/admin-webhook-signature-versions.d.ts.map +1 -0
package/dist/schemas/admin-webhook-signature-versions.js +73 -0
package/dist/schemas/ai-admin.d.ts +39 -0
package/dist/schemas/ai-admin.d.ts.map +1 -0
package/dist/schemas/ai-admin.js +29 -0
package/dist/schemas/ai.d.ts +120 -0
package/dist/schemas/ai.d.ts.map +1 -0
package/dist/schemas/ai.js +84 -0
package/dist/schemas/analytics-admin.d.ts +104 -0
package/dist/schemas/analytics-admin.d.ts.map +1 -0
package/dist/schemas/analytics-admin.js +61 -0
package/dist/schemas/analytics.d.ts +118 -0
package/dist/schemas/analytics.d.ts.map +1 -0
package/dist/schemas/analytics.js +80 -0
package/dist/schemas/audit-chain.d.ts +81 -0
package/dist/schemas/audit-chain.d.ts.map +1 -0
package/dist/schemas/audit-chain.js +62 -0
package/dist/schemas/auth-admin.d.ts +55 -0
package/dist/schemas/auth-admin.d.ts.map +1 -0
package/dist/schemas/auth-admin.js +48 -0
package/dist/schemas/auth.d.ts +865 -0
package/dist/schemas/auth.d.ts.map +1 -0
package/dist/schemas/auth.js +815 -0
package/dist/schemas/backups.d.ts +70 -0
package/dist/schemas/backups.d.ts.map +1 -0
package/dist/schemas/backups.js +38 -0
package/dist/schemas/billing-console.d.ts +414 -0
package/dist/schemas/billing-console.d.ts.map +1 -0
package/dist/schemas/billing-console.js +298 -0
package/dist/schemas/billing-settings.d.ts +156 -0
package/dist/schemas/billing-settings.d.ts.map +1 -0
package/dist/schemas/billing-settings.js +119 -0
package/dist/schemas/billing.d.ts +211 -0
package/dist/schemas/billing.d.ts.map +1 -0
package/dist/schemas/billing.js +147 -0
package/dist/schemas/branch-database.d.ts +98 -0
package/dist/schemas/branch-database.d.ts.map +1 -0
package/dist/schemas/branch-database.js +68 -0
package/dist/schemas/challenge.d.ts +104 -0
package/dist/schemas/challenge.d.ts.map +1 -0
package/dist/schemas/challenge.js +74 -0
package/dist/schemas/ci-settings.d.ts +122 -0
package/dist/schemas/ci-settings.d.ts.map +1 -0
package/dist/schemas/ci-settings.js +65 -0
package/dist/schemas/consent-admin.d.ts +187 -0
package/dist/schemas/consent-admin.d.ts.map +1 -0
package/dist/schemas/consent-admin.js +114 -0
package/dist/schemas/consent.d.ts +78 -0
package/dist/schemas/consent.d.ts.map +1 -0
package/dist/schemas/consent.js +68 -0
package/dist/schemas/database.d.ts +104 -0
package/dist/schemas/database.d.ts.map +1 -0
package/dist/schemas/database.js +89 -0
package/dist/schemas/deployment.d.ts +386 -0
package/dist/schemas/deployment.d.ts.map +1 -0
package/dist/schemas/deployment.js +282 -0
package/dist/schemas/domain.d.ts +148 -0
package/dist/schemas/domain.d.ts.map +1 -0
package/dist/schemas/domain.js +86 -0
package/dist/schemas/edge-deployments.d.ts +140 -0
package/dist/schemas/edge-deployments.d.ts.map +1 -0
package/dist/schemas/edge-deployments.js +87 -0
package/dist/schemas/email-admin.d.ts +384 -0
package/dist/schemas/email-admin.d.ts.map +1 -0
package/dist/schemas/email-admin.js +313 -0
package/dist/schemas/email.d.ts +46 -0
package/dist/schemas/email.d.ts.map +1 -0
package/dist/schemas/email.js +34 -0
package/dist/schemas/engagement-admin.d.ts +148 -0
package/dist/schemas/engagement-admin.d.ts.map +1 -0
package/dist/schemas/engagement-admin.js +107 -0
package/dist/schemas/env-var.d.ts +68 -0
package/dist/schemas/env-var.d.ts.map +1 -0
package/dist/schemas/env-var.js +52 -0
package/dist/schemas/environment.d.ts +392 -0
package/dist/schemas/environment.d.ts.map +1 -0
package/dist/schemas/environment.js +211 -0
package/dist/schemas/experiments.d.ts +540 -0
package/dist/schemas/experiments.d.ts.map +1 -0
package/dist/schemas/experiments.js +150 -0
package/dist/schemas/flags-admin.d.ts +112 -0
package/dist/schemas/flags-admin.d.ts.map +1 -0
package/dist/schemas/flags-admin.js +84 -0
package/dist/schemas/flags.d.ts +43 -0
package/dist/schemas/flags.d.ts.map +1 -0
package/dist/schemas/flags.js +27 -0
package/dist/schemas/github.d.ts +34 -0
package/dist/schemas/github.d.ts.map +1 -0
package/dist/schemas/github.js +24 -0
package/dist/schemas/ids.d.ts +39 -0
package/dist/schemas/ids.d.ts.map +1 -0
package/dist/schemas/ids.js +26 -0
package/dist/schemas/image-opt.d.ts +70 -0
package/dist/schemas/image-opt.d.ts.map +1 -0
package/dist/schemas/image-opt.js +68 -0
package/dist/schemas/kv-admin.d.ts +60 -0
package/dist/schemas/kv-admin.d.ts.map +1 -0
package/dist/schemas/kv-admin.js +43 -0
package/dist/schemas/kv.d.ts +79 -0
package/dist/schemas/kv.d.ts.map +1 -0
package/dist/schemas/kv.js +54 -0
package/dist/schemas/monitoring-admin.d.ts +314 -0
package/dist/schemas/monitoring-admin.d.ts.map +1 -0
package/dist/schemas/monitoring-admin.js +196 -0
package/dist/schemas/monitoring.d.ts +143 -0
package/dist/schemas/monitoring.d.ts.map +1 -0
package/dist/schemas/monitoring.js +96 -0
package/dist/schemas/newsletter.d.ts +366 -0
package/dist/schemas/newsletter.d.ts.map +1 -0
package/dist/schemas/newsletter.js +245 -0
package/dist/schemas/notifications-admin.d.ts +337 -0
package/dist/schemas/notifications-admin.d.ts.map +1 -0
package/dist/schemas/notifications-admin.js +261 -0
package/dist/schemas/notifications.d.ts +312 -0
package/dist/schemas/notifications.d.ts.map +1 -0
package/dist/schemas/notifications.js +235 -0
package/dist/schemas/oidc.d.ts +74 -0
package/dist/schemas/oidc.d.ts.map +1 -0
package/dist/schemas/oidc.js +46 -0
package/dist/schemas/organization-billing.d.ts +165 -0
package/dist/schemas/organization-billing.d.ts.map +1 -0
package/dist/schemas/organization-billing.js +156 -0
package/dist/schemas/organization-project-users.d.ts +126 -0
package/dist/schemas/organization-project-users.d.ts.map +1 -0
package/dist/schemas/organization-project-users.js +88 -0
package/dist/schemas/organization-projects.d.ts +129 -0
package/dist/schemas/organization-projects.d.ts.map +1 -0
package/dist/schemas/organization-projects.js +119 -0
package/dist/schemas/organization-referrals.d.ts +129 -0
package/dist/schemas/organization-referrals.d.ts.map +1 -0
package/dist/schemas/organization-referrals.js +126 -0
package/dist/schemas/organization-team.d.ts +123 -0
package/dist/schemas/organization-team.d.ts.map +1 -0
package/dist/schemas/organization-team.js +119 -0
package/dist/schemas/organization.d.ts +210 -0
package/dist/schemas/organization.d.ts.map +1 -0
package/dist/schemas/organization.js +169 -0
package/dist/schemas/plans.d.ts +211 -0
package/dist/schemas/plans.d.ts.map +1 -0
package/dist/schemas/plans.js +131 -0
package/dist/schemas/privacy.d.ts +174 -0
package/dist/schemas/privacy.d.ts.map +1 -0
package/dist/schemas/privacy.js +132 -0
package/dist/schemas/project-manifest.d.ts +1421 -0
package/dist/schemas/project-manifest.d.ts.map +1 -0
package/dist/schemas/project-manifest.js +318 -0
package/dist/schemas/project.d.ts +132 -0
package/dist/schemas/project.d.ts.map +1 -0
package/dist/schemas/project.js +76 -0
package/dist/schemas/realtime-admin.d.ts +51 -0
package/dist/schemas/realtime-admin.d.ts.map +1 -0
package/dist/schemas/realtime-admin.js +29 -0
package/dist/schemas/realtime.d.ts +46 -0
package/dist/schemas/realtime.d.ts.map +1 -0
package/dist/schemas/realtime.js +32 -0
package/dist/schemas/referrals-admin.d.ts +166 -0
package/dist/schemas/referrals-admin.d.ts.map +1 -0
package/dist/schemas/referrals-admin.js +123 -0
package/dist/schemas/referrals.d.ts +148 -0
package/dist/schemas/referrals.d.ts.map +1 -0
package/dist/schemas/referrals.js +102 -0
package/dist/schemas/refresh.d.ts +29 -0
package/dist/schemas/refresh.d.ts.map +1 -0
package/dist/schemas/refresh.js +18 -0
package/dist/schemas/region.d.ts +118 -0
package/dist/schemas/region.d.ts.map +1 -0
package/dist/schemas/region.js +86 -0
package/dist/schemas/resources.d.ts +345 -0
package/dist/schemas/resources.d.ts.map +1 -0
package/dist/schemas/resources.js +220 -0
package/dist/schemas/runners.d.ts +93 -0
package/dist/schemas/runners.d.ts.map +1 -0
package/dist/schemas/runners.js +49 -0
package/dist/schemas/saml.d.ts +254 -0
package/dist/schemas/saml.d.ts.map +1 -0
package/dist/schemas/saml.js +159 -0
package/dist/schemas/search.d.ts +96 -0
package/dist/schemas/search.d.ts.map +1 -0
package/dist/schemas/search.js +57 -0
package/dist/schemas/secret.d.ts +101 -0
package/dist/schemas/secret.d.ts.map +1 -0
package/dist/schemas/secret.js +79 -0
package/dist/schemas/security.d.ts +345 -0
package/dist/schemas/security.d.ts.map +1 -0
package/dist/schemas/security.js +248 -0
package/dist/schemas/service-tokens.d.ts +342 -0
package/dist/schemas/service-tokens.d.ts.map +1 -0
package/dist/schemas/service-tokens.js +101 -0
package/dist/schemas/session-replay.d.ts +285 -0
package/dist/schemas/session-replay.d.ts.map +1 -0
package/dist/schemas/session-replay.js +145 -0
package/dist/schemas/storage-admin.d.ts +351 -0
package/dist/schemas/storage-admin.d.ts.map +1 -0
package/dist/schemas/storage-admin.js +197 -0
package/dist/schemas/storage.d.ts +257 -0
package/dist/schemas/storage.d.ts.map +1 -0
package/dist/schemas/storage.js +173 -0
package/dist/schemas/tasks.d.ts +178 -0
package/dist/schemas/tasks.d.ts.map +1 -0
package/dist/schemas/tasks.js +102 -0
package/dist/schemas/user.d.ts +103 -0
package/dist/schemas/user.d.ts.map +1 -0
package/dist/schemas/user.js +79 -0
package/dist/schemas/webhooks.d.ts +259 -0
package/dist/schemas/webhooks.d.ts.map +1 -0
package/dist/schemas/webhooks.js +198 -0
package/package.json +154 -0

package/dist/schemas/auth.d.ts ADDED Viewed

@@ -0,0 +1,865 @@
+/**
+ * Auth — BaaS plane primitives. Matches `@sylphx/sdk` `auth.ts` public
+ * surface (sign-in, sign-up, session, 2FA).
+ *
+ * Two layers coexist here (ADR-084):
+ *
+ * 1. **Lean primitives** (`SignInInput`, `SignUpInput`, `SessionResult`) —
+ *    the minimal shape a generic OAuth/OIDC consumer needs. Stable;
+ *    brand-safe; closed.
+ *
+ * 2. **SDK wire shapes** (`LoginRequest`, `LoginResponse`, `RegisterRequest`,
+ *    `RegisterResponse`, `AuthTokensResponse`, `TwoFactorVerifyRequest`,
+ *    `UserFullProfile`) — richer request/response envelopes the REST API
+ *    actually returns. Mirror the OpenAPI schema previously consumed from
+ *    `@sylphx/sdk/src/generated/api.d.ts`. Declared as plain `Struct`s with
+ *    unbranded `Schema.String` ids so the SDK (which hands ids straight to
+ *    URL builders, cookies, etc.) can accept them without casts.
+ */
+import { Schema } from 'effect';
+/** Tokens issued by `/auth/login` / `/auth/token`. */
+export declare const AuthTokens: Schema.Struct<{
+    accessToken: typeof Schema.String;
+    refreshToken: Schema.optional<typeof Schema.String>;
+    tokenType: Schema.optional<typeof Schema.String>;
+    expiresIn: Schema.optional<typeof Schema.Number>;
+}>;
+export type AuthTokens = typeof AuthTokens.Type;
+export declare const SessionUser: Schema.Struct<{
+    id: Schema.brand<Schema.filter<typeof Schema.String>, "UserId">;
+    email: typeof Schema.String;
+    name: Schema.NullOr<typeof Schema.String>;
+    image: Schema.NullOr<typeof Schema.String>;
+    emailVerified: typeof Schema.Boolean;
+}>;
+export type SessionUser = typeof SessionUser.Type;
+export declare const SignInInput: Schema.Struct<{
+    email: typeof Schema.String;
+    password: typeof Schema.String;
+}>;
+export type SignInInput = typeof SignInInput.Type;
+/** Success path issues tokens; 2FA path redirects via `requiresTwoFactor`. */
+export declare const SignInResult: Schema.Struct<{
+    requiresTwoFactor: Schema.optional<typeof Schema.Boolean>;
+    userId: Schema.optional<Schema.brand<Schema.filter<typeof Schema.String>, "UserId">>;
+    accessToken: Schema.optional<typeof Schema.String>;
+    refreshToken: Schema.optional<typeof Schema.String>;
+    tokenType: Schema.optional<typeof Schema.String>;
+    expiresIn: Schema.optional<typeof Schema.Number>;
+}>;
+export type SignInResult = typeof SignInResult.Type;
+export declare const SignUpInput: Schema.Struct<{
+    email: typeof Schema.String;
+    password: typeof Schema.String;
+    name: Schema.optional<typeof Schema.String>;
+}>;
+export type SignUpInput = typeof SignUpInput.Type;
+export declare const SignUpResult: Schema.Struct<{
+    userId: Schema.brand<Schema.filter<typeof Schema.String>, "UserId">;
+    email: typeof Schema.String;
+    emailVerified: typeof Schema.Boolean;
+}>;
+export type SignUpResult = typeof SignUpResult.Type;
+export declare const SessionResult: Schema.Struct<{
+    user: Schema.NullOr<Schema.Struct<{
+        id: Schema.brand<Schema.filter<typeof Schema.String>, "UserId">;
+        email: typeof Schema.String;
+        name: Schema.NullOr<typeof Schema.String>;
+        image: Schema.NullOr<typeof Schema.String>;
+        emailVerified: typeof Schema.Boolean;
+    }>>;
+}>;
+export type SessionResult = typeof SessionResult.Type;
+/** Minimal user returned inside login/token/register envelopes. */
+export declare const AuthUser: Schema.Struct<{
+    id: typeof Schema.String;
+    email: typeof Schema.String;
+    name: Schema.NullOr<typeof Schema.String>;
+    image: Schema.optional<Schema.NullOr<typeof Schema.String>>;
+    emailVerified: Schema.optional<typeof Schema.Boolean>;
+    role: Schema.optional<typeof Schema.String>;
+    createdAt: Schema.optional<typeof Schema.String>;
+}>;
+export type AuthUser = typeof AuthUser.Type;
+/** `POST /auth/login` request body. */
+export declare const LoginRequest: Schema.Struct<{
+    email: typeof Schema.String;
+    password: typeof Schema.String;
+}>;
+export type LoginRequest = typeof LoginRequest.Type;
+/**
+ * `POST /auth/login` response — discriminated on `requiresTwoFactor`.
+ *
+ * - `true`: caller must finish the 2FA flow via `POST /auth/verify-2fa`
+ *   using the returned `userId`.
+ * - `false` / absent: tokens + user profile are returned directly.
+ */
+export declare const LoginResponse: Schema.Union<[Schema.Struct<{
+    requiresTwoFactor: Schema.Literal<[true]>;
+    userId: typeof Schema.String;
+    email: Schema.optional<typeof Schema.String>;
+}>, Schema.Struct<{
+    requiresTwoFactor: Schema.optional<Schema.Literal<[false]>>;
+    accessToken: typeof Schema.String;
+    refreshToken: Schema.optional<typeof Schema.String>;
+    expiresIn: Schema.optional<typeof Schema.Number>;
+    user: Schema.optional<Schema.Struct<{
+        id: typeof Schema.String;
+        email: typeof Schema.String;
+        name: Schema.NullOr<typeof Schema.String>;
+        image: Schema.optional<Schema.NullOr<typeof Schema.String>>;
+        emailVerified: Schema.optional<typeof Schema.Boolean>;
+        role: Schema.optional<typeof Schema.String>;
+        createdAt: Schema.optional<typeof Schema.String>;
+    }>>;
+}>]>;
+export type LoginResponse = typeof LoginResponse.Type;
+/**
+ * `POST /auth/register` request body — a superset of `SignUpInput` that
+ * accepts caller metadata and an optional invitation token.
+ */
+export declare const RegisterRequest: Schema.Struct<{
+    email: typeof Schema.String;
+    password: typeof Schema.String;
+    name: Schema.optional<typeof Schema.String>;
+    metadata: Schema.optional<Schema.Record$<typeof Schema.String, typeof Schema.Unknown>>;
+    invitationToken: Schema.optional<typeof Schema.String>;
+}>;
+export type RegisterRequest = typeof RegisterRequest.Type;
+/** `POST /auth/register` response — email-verification envelope. */
+export declare const RegisterResponse: Schema.Struct<{
+    requiresVerification: Schema.optional<typeof Schema.Boolean>;
+    message: Schema.optional<typeof Schema.String>;
+    user: Schema.Struct<{
+        id: typeof Schema.String;
+        email: typeof Schema.String;
+        name: Schema.NullOr<typeof Schema.String>;
+    }>;
+}>;
+export type RegisterResponse = typeof RegisterResponse.Type;
+/**
+ * Token-issuing response shared by `/auth/token`, `/auth/verify-2fa`,
+ * `/auth/switch-org`. `user` is surfaced for SDK convenience (hydrating the
+ * local session immediately after issuance).
+ */
+export declare const AuthTokensResponse: Schema.Struct<{
+    accessToken: typeof Schema.String;
+    refreshToken: typeof Schema.String;
+    expiresIn: Schema.optional<typeof Schema.Number>;
+    tokenType: Schema.optional<typeof Schema.String>;
+    user: Schema.optional<Schema.Struct<{
+        id: typeof Schema.String;
+        email: typeof Schema.String;
+        name: Schema.NullOr<typeof Schema.String>;
+        image: Schema.optional<Schema.NullOr<typeof Schema.String>>;
+        emailVerified: Schema.optional<typeof Schema.Boolean>;
+        role: Schema.optional<typeof Schema.String>;
+        createdAt: Schema.optional<typeof Schema.String>;
+    }>>;
+}>;
+export type AuthTokensResponse = typeof AuthTokensResponse.Type;
+/**
+ * `POST /auth/verify-2fa` request body.
+ *
+ * The OpenAPI spec lists `code` only (post-login flow where the server has
+ * the user bound to the challenge session). The SDK uses an extended shape
+ * including `userId` for the stateless public flow — both are accepted.
+ */
+export declare const TwoFactorVerifyRequest: Schema.Struct<{
+    userId: Schema.optional<typeof Schema.String>;
+    code: typeof Schema.String;
+}>;
+export type TwoFactorVerifyRequest = typeof TwoFactorVerifyRequest.Type;
+/** `GET /auth/me` response — full profile with verification + timestamps. */
+export declare const UserFullProfile: Schema.Struct<{
+    id: typeof Schema.String;
+    email: typeof Schema.String;
+    name: Schema.NullOr<typeof Schema.String>;
+    image: Schema.NullOr<typeof Schema.String>;
+    emailVerified: Schema.optional<typeof Schema.Boolean>;
+    createdAt: Schema.optional<typeof Schema.String>;
+}>;
+export type UserFullProfile = typeof UserFullProfile.Type;
+/**
+ * `POST /auth/device` request body — initiate a device authorization
+ * grant per RFC 8628 §3.1.
+ */
+export declare const DeviceInitRequest: Schema.Struct<{
+    /**
+     * Client identifier — must match a well-known client registered on
+     * the BaaS plane. Phase 2a hard-codes `sylphx-cli` as the only
+     * allow-listed value; Phase 5.1 replaces the allow-list with the
+     * `oauth_clients` DB registry (ADR-086).
+     */
+    client_id: typeof Schema.String;
+    /**
+     * Space- or array-delimited OAuth scopes the client is requesting.
+     * Phase 2a accepts any scope shape; Phase 5.1 will validate against
+     * the client's registered scope set.
+     */
+    scope: Schema.optional<Schema.Array$<typeof Schema.String>>;
+}>;
+export type DeviceInitRequest = typeof DeviceInitRequest.Type;
+/**
+ * `POST /auth/device` response — grant issued per RFC 8628 §3.2.
+ *
+ * `device_code` is the CLI's private reference (opaque bearer);
+ * `user_code` is the short human-readable code the user enters on the
+ * verification page.
+ */
+export declare const DeviceInitResponse: Schema.Struct<{
+    device_code: typeof Schema.String;
+    user_code: typeof Schema.String;
+    verification_uri: typeof Schema.String;
+    verification_uri_complete: typeof Schema.String;
+    expires_in: typeof Schema.Number;
+    interval: typeof Schema.Number;
+}>;
+export type DeviceInitResponse = typeof DeviceInitResponse.Type;
+/**
+ * `GET /auth/device/poll?device_code=…` response.
+ *
+ * Mirrors the RFC 8628 §3.5 polling token-endpoint response but in a
+ * single envelope so the SDK can discriminate on `status` without
+ * needing a second round-trip to the RFC 6749 token endpoint. Phase
+ * 5.1 will add a strict RFC 6749 `/oauth/token` endpoint that callers
+ * MAY hit instead when they prefer the canonical shape.
+ */
+export declare const DevicePollResponse: Schema.Union<[Schema.Struct<{
+    status: Schema.Literal<["pending"]>;
+}>, Schema.Struct<{
+    status: Schema.Literal<["approved"]>;
+    access_token: typeof Schema.String;
+    refresh_token: typeof Schema.String;
+    token_type: Schema.Literal<["Bearer"]>;
+    expires_in: typeof Schema.Number;
+    refresh_expires_at: typeof Schema.String;
+}>, Schema.Struct<{
+    status: Schema.Literal<["denied"]>;
+}>, Schema.Struct<{
+    status: Schema.Literal<["expired"]>;
+}>]>;
+export type DevicePollResponse = typeof DevicePollResponse.Type;
+/**
+ * `POST /auth/device/approve` request body — browser leg, user-facing.
+ *
+ * Called from the Console's verification page after the user clicks
+ * Authorize. Cookie-session auth identifies the approving user;
+ * `user_code` is the short public code the user typed / confirmed on
+ * the verification page.
+ */
+export declare const DeviceApproveRequest: Schema.Struct<{
+    user_code: typeof Schema.String;
+}>;
+export type DeviceApproveRequest = typeof DeviceApproveRequest.Type;
+/**
+ * `POST /auth/device/approve` response — confirmation envelope.
+ * The CLI picks up the tokens on its next `/auth/device/poll` call.
+ */
+export declare const DeviceApproveResponse: Schema.Struct<{
+    success: Schema.Literal<[true]>;
+}>;
+export type DeviceApproveResponse = typeof DeviceApproveResponse.Type;
+/**
+ * `POST /auth/device/deny` request body — same shape as approve.
+ */
+export declare const DeviceDenyRequest: Schema.Struct<{
+    user_code: typeof Schema.String;
+}>;
+export type DeviceDenyRequest = typeof DeviceDenyRequest.Type;
+/**
+ * `POST /auth/device/deny` response.
+ */
+export declare const DeviceDenyResponse: Schema.Struct<{
+    success: Schema.Literal<[true]>;
+}>;
+export type DeviceDenyResponse = typeof DeviceDenyResponse.Type;
+/**
+ * `authorization_code` grant body — RFC 6749 §4.1.3 + RFC 7636.
+ */
+export declare const OAuthTokenAuthorizationCodeRequest: Schema.Struct<{
+    grant_type: Schema.Literal<["authorization_code"]>;
+    code: typeof Schema.String;
+    redirect_uri: typeof Schema.String;
+    client_id: typeof Schema.String;
+    client_secret: Schema.optional<typeof Schema.String>;
+    code_verifier: typeof Schema.String;
+}>;
+/**
+ * `refresh_token` grant body — RFC 6749 §6. Rotation is mandatory on the
+ * server side; clients simply present their current refresh_token.
+ */
+export declare const OAuthTokenRefreshRequest: Schema.Struct<{
+    grant_type: Schema.Literal<["refresh_token"]>;
+    refresh_token: typeof Schema.String;
+    client_id: typeof Schema.String;
+    client_secret: Schema.optional<typeof Schema.String>;
+    scope: Schema.optional<typeof Schema.String>;
+}>;
+/**
+ * `device_code` grant body — RFC 8628 §3.4. Client auth is registry-driven;
+ * public clients present `client_id` only, confidential clients add
+ * `client_secret`.
+ */
+export declare const OAuthTokenDeviceCodeRequest: Schema.Struct<{
+    grant_type: Schema.Literal<["urn:ietf:params:oauth:grant-type:device_code"]>;
+    device_code: typeof Schema.String;
+    client_id: typeof Schema.String;
+    client_secret: Schema.optional<typeof Schema.String>;
+}>;
+/**
+ * `client_credentials` grant body — RFC 6749 §4.4. Confidential clients
+ * only; `client_secret` is mandatory.
+ */
+export declare const OAuthTokenClientCredentialsRequest: Schema.Struct<{
+    grant_type: Schema.Literal<["client_credentials"]>;
+    client_id: typeof Schema.String;
+    client_secret: typeof Schema.String;
+    scope: Schema.optional<typeof Schema.String>;
+}>;
+/**
+ * Union of every token-endpoint request shape. Discriminated by
+ * `grant_type` — new grants join the union, never replace an existing
+ * variant. Rejected grant types return an RFC 6749 §5.2 error envelope
+ * with `error='unsupported_grant_type'`.
+ */
+export declare const OAuthTokenRequest: Schema.Union<[Schema.Struct<{
+    grant_type: Schema.Literal<["authorization_code"]>;
+    code: typeof Schema.String;
+    redirect_uri: typeof Schema.String;
+    client_id: typeof Schema.String;
+    client_secret: Schema.optional<typeof Schema.String>;
+    code_verifier: typeof Schema.String;
+}>, Schema.Struct<{
+    grant_type: Schema.Literal<["refresh_token"]>;
+    refresh_token: typeof Schema.String;
+    client_id: typeof Schema.String;
+    client_secret: Schema.optional<typeof Schema.String>;
+    scope: Schema.optional<typeof Schema.String>;
+}>, Schema.Struct<{
+    grant_type: Schema.Literal<["urn:ietf:params:oauth:grant-type:device_code"]>;
+    device_code: typeof Schema.String;
+    client_id: typeof Schema.String;
+    client_secret: Schema.optional<typeof Schema.String>;
+}>, Schema.Struct<{
+    grant_type: Schema.Literal<["client_credentials"]>;
+    client_id: typeof Schema.String;
+    client_secret: typeof Schema.String;
+    scope: Schema.optional<typeof Schema.String>;
+}>]>;
+export type OAuthTokenRequest = typeof OAuthTokenRequest.Type;
+/**
+ * Successful `/oauth/token` response carrying access + refresh token pair.
+ * Used by `authorization_code`, `refresh_token`, and `device_code` grants.
+ */
+export declare const OAuthTokenResponse: Schema.Struct<{
+    access_token: typeof Schema.String;
+    token_type: Schema.Literal<["Bearer"]>;
+    expires_in: typeof Schema.Number;
+    refresh_token: typeof Schema.String;
+    scope: typeof Schema.String;
+}>;
+export type OAuthTokenResponse = typeof OAuthTokenResponse.Type;
+/**
+ * `client_credentials` success response — RFC 6749 §4.4.3 forbids refresh
+ * tokens on this grant, so the envelope is deliberately narrower.
+ */
+export declare const OAuthClientCredentialsResponse: Schema.Struct<{
+    access_token: typeof Schema.String;
+    token_type: Schema.Literal<["Bearer"]>;
+    expires_in: typeof Schema.Number;
+    scope: typeof Schema.String;
+}>;
+export type OAuthClientCredentialsResponse = typeof OAuthClientCredentialsResponse.Type;
+/**
+ * RFC 6749 §5.2 error codes + RFC 8628 §3.5 polling codes. One closed
+ * enumeration — SDK callers pattern-match on this value to choose the
+ * next action (retry / abort / re-auth).
+ */
+export declare const OAuthTokenErrorCode: Schema.Literal<["invalid_request", "invalid_client", "invalid_grant", "unauthorized_client", "unsupported_grant_type", "invalid_scope", "authorization_pending", "slow_down", "access_denied", "expired_token"]>;
+export type OAuthTokenErrorCode = typeof OAuthTokenErrorCode.Type;
+/**
+ * RFC 6749 §5.2 error envelope. Surfaced with HTTP 400 (or 401 when a
+ * Basic auth header was presented with bad credentials).
+ */
+export declare const OAuthTokenErrorResponse: Schema.Struct<{
+    error: Schema.Literal<["invalid_request", "invalid_client", "invalid_grant", "unauthorized_client", "unsupported_grant_type", "invalid_scope", "authorization_pending", "slow_down", "access_denied", "expired_token"]>;
+    error_description: Schema.optional<typeof Schema.String>;
+    error_uri: Schema.optional<typeof Schema.String>;
+}>;
+export type OAuthTokenErrorResponse = typeof OAuthTokenErrorResponse.Type;
+/**
+ * `/oauth/revoke` request body — RFC 7009 §2.1.
+ */
+export declare const OAuthRevokeRequest: Schema.Struct<{
+    token: typeof Schema.String;
+    token_type_hint: Schema.optional<Schema.Literal<["access_token", "refresh_token"]>>;
+    client_id: typeof Schema.String;
+    client_secret: Schema.optional<typeof Schema.String>;
+}>;
+export type OAuthRevokeRequest = typeof OAuthRevokeRequest.Type;
+/**
+ * `/oauth/revoke` success response — per §2.2 an empty body. Modelled as
+ * an empty struct so the SDK has a typed `void`-equivalent to await.
+ */
+export declare const OAuthRevokeResponse: Schema.Struct<{}>;
+export type OAuthRevokeResponse = typeof OAuthRevokeResponse.Type;
+/**
+ * `/oauth/introspect` request body — RFC 7662 §2.1. Same auth model as
+ * `/oauth/revoke` (client_id + optional client_secret, or Basic header).
+ */
+export declare const OAuthIntrospectRequest: Schema.Struct<{
+    token: typeof Schema.String;
+    token_type_hint: Schema.optional<Schema.Literal<["access_token", "refresh_token"]>>;
+    client_id: typeof Schema.String;
+    client_secret: Schema.optional<typeof Schema.String>;
+}>;
+export type OAuthIntrospectRequest = typeof OAuthIntrospectRequest.Type;
+/**
+ * `/oauth/introspect` response — RFC 7662 §2.2. Only `active` is required.
+ * Inactive responses carry ONLY `{ active: false }` per §4; populated
+ * responses echo the token's claims (scope, client_id, username, etc.).
+ */
+export declare const OAuthIntrospectResponse: Schema.Struct<{
+    active: typeof Schema.Boolean;
+    scope: Schema.optional<typeof Schema.String>;
+    client_id: Schema.optional<typeof Schema.String>;
+    username: Schema.optional<typeof Schema.String>;
+    token_type: Schema.optional<Schema.Literal<["Bearer"]>>;
+    exp: Schema.optional<typeof Schema.Number>;
+    iat: Schema.optional<typeof Schema.Number>;
+    nbf: Schema.optional<typeof Schema.Number>;
+    sub: Schema.optional<typeof Schema.String>;
+    aud: Schema.optional<Schema.Union<[typeof Schema.String, Schema.Array$<typeof Schema.String>]>>;
+    iss: Schema.optional<typeof Schema.String>;
+    jti: Schema.optional<typeof Schema.String>;
+}>;
+export type OAuthIntrospectResponse = typeof OAuthIntrospectResponse.Type;
+/**
+ * A single platform-plane session row as surfaced to the client.
+ *
+ * `id` is the prefixed TypeID (`sess_*`) — the BaaS route encodes the
+ * underlying UUID on the way out. Consumers must pass this back
+ * verbatim on the revoke/rename endpoints; the BaaS side accepts both
+ * forms via `parseIdOrError` but the canonical wire representation is
+ * prefixed.
+ */
+export declare const PlatformSession: Schema.Struct<{
+    id: typeof Schema.String;
+    name: Schema.NullOr<typeof Schema.String>;
+    ipAddress: Schema.NullOr<typeof Schema.String>;
+    userAgent: Schema.NullOr<typeof Schema.String>;
+    createdAt: typeof Schema.String;
+    lastActiveAt: Schema.NullOr<typeof Schema.String>;
+    isCurrent: typeof Schema.Boolean;
+}>;
+export type PlatformSession = typeof PlatformSession.Type;
+/**
+ * `GET /auth/platform-sessions` — list envelope.
+ *
+ * Ordering: most-recently-active first (descending `lastActiveAt`).
+ * Matches the pre-existing Platform `GetSessionsResult` shape so the
+ * migration is a drop-in on the caller side.
+ */
+export declare const PlatformSessionsListResponse: Schema.Struct<{
+    sessions: Schema.Array$<Schema.Struct<{
+        id: typeof Schema.String;
+        name: Schema.NullOr<typeof Schema.String>;
+        ipAddress: Schema.NullOr<typeof Schema.String>;
+        userAgent: Schema.NullOr<typeof Schema.String>;
+        createdAt: typeof Schema.String;
+        lastActiveAt: Schema.NullOr<typeof Schema.String>;
+        isCurrent: typeof Schema.Boolean;
+    }>>;
+}>;
+export type PlatformSessionsListResponse = typeof PlatformSessionsListResponse.Type;
+/**
+ * `POST /auth/platform-sessions/revoke` — revoke one session.
+ *
+ * `sessionId` accepts either the prefixed TypeID (`sess_*`, preferred)
+ * or the raw UUID — the BaaS side normalises via `parseIdOrError`.
+ */
+export declare const PlatformSessionRevokeRequest: Schema.Struct<{
+    sessionId: typeof Schema.String;
+}>;
+export type PlatformSessionRevokeRequest = typeof PlatformSessionRevokeRequest.Type;
+export declare const PlatformSessionRevokeResponse: Schema.Struct<{
+    success: Schema.Literal<[true]>;
+}>;
+export type PlatformSessionRevokeResponse = typeof PlatformSessionRevokeResponse.Type;
+/**
+ * `POST /auth/platform-sessions/revoke-other` — revoke every session
+ * except the one presenting the current access token.
+ *
+ * When the token carries no `sid` claim (pure-Bearer CLI/CI flows),
+ * every session for the user is revoked — equivalent to `revoke-all`.
+ */
+export declare const PlatformSessionRevokeOtherResponse: Schema.Struct<{
+    revokedCount: typeof Schema.Number;
+}>;
+export type PlatformSessionRevokeOtherResponse = typeof PlatformSessionRevokeOtherResponse.Type;
+/**
+ * `POST /auth/platform-sessions/revoke-all` — revoke every session for
+ * the user, including the caller's own. Used by "sign me out
+ * everywhere" after a password change or a compromise scare.
+ */
+export declare const PlatformSessionRevokeAllResponse: Schema.Struct<{
+    success: Schema.Literal<[true]>;
+    count: typeof Schema.Number;
+}>;
+export type PlatformSessionRevokeAllResponse = typeof PlatformSessionRevokeAllResponse.Type;
+/**
+ * `POST /auth/platform-sessions/rename` — update the user-visible
+ * device label on a session row.
+ */
+export declare const PlatformSessionRenameRequest: Schema.Struct<{
+    sessionId: typeof Schema.String;
+    name: typeof Schema.String;
+}>;
+export type PlatformSessionRenameRequest = typeof PlatformSessionRenameRequest.Type;
+export declare const PlatformSessionRenameResponse: Schema.Struct<{
+    success: Schema.Literal<[true]>;
+}>;
+export type PlatformSessionRenameResponse = typeof PlatformSessionRenameResponse.Type;
+/**
+ * `GET /auth/platform-password/status` — whether the authenticated user
+ * has a password set. OAuth-only users return `{ hasPassword: false }`.
+ */
+export declare const PlatformPasswordStatusResponse: Schema.Struct<{
+    hasPassword: typeof Schema.Boolean;
+}>;
+export type PlatformPasswordStatusResponse = typeof PlatformPasswordStatusResponse.Type;
+/**
+ * `POST /auth/platform-password/set` — initial password for users that
+ * don't have one (signed up via OAuth, never set a local password).
+ *
+ * BaaS enforces the 8-char minimum and the have-i-been-pwned breach check
+ * server-side; Platform callers just forward the plaintext.
+ */
+export declare const PlatformPasswordSetRequest: Schema.Struct<{
+    password: typeof Schema.String;
+}>;
+export type PlatformPasswordSetRequest = typeof PlatformPasswordSetRequest.Type;
+export declare const PlatformPasswordSetResponse: Schema.Struct<{
+    success: Schema.Literal<[true]>;
+}>;
+export type PlatformPasswordSetResponse = typeof PlatformPasswordSetResponse.Type;
+/**
+ * `POST /auth/platform-password/change` — change an existing password.
+ *
+ * `currentPassword` verification happens server-side via
+ * `verifyPasswordEffect`; a mismatch returns 401 UNAUTHORIZED. Users
+ * that are OAuth-only (no `passwordHash`) receive a 400 so the UI can
+ * redirect them to `set`.
+ */
+export declare const PlatformPasswordChangeRequest: Schema.Struct<{
+    currentPassword: typeof Schema.String;
+    newPassword: typeof Schema.String;
+}>;
+export type PlatformPasswordChangeRequest = typeof PlatformPasswordChangeRequest.Type;
+export declare const PlatformPasswordChangeResponse: Schema.Struct<{
+    success: Schema.Literal<[true]>;
+}>;
+export type PlatformPasswordChangeResponse = typeof PlatformPasswordChangeResponse.Type;
+/**
+ * `GET /auth/platform-user/export` — GDPR data-portability envelope.
+ *
+ * Deliberately permissive — the export contains per-project data that
+ * varies by customer provisioning (storage files, project memberships,
+ * subscription rows). Platform callers pass the whole record through
+ * to the user verbatim; the Console renders it as a JSON download.
+ */
+export declare const AuthUserExportResponse: Schema.Record$<typeof Schema.String, typeof Schema.Unknown>;
+export type AuthUserExportResponse = typeof AuthUserExportResponse.Type;
+/**
+ * `DELETE /auth/platform-user/account` — GDPR right-to-erasure request.
+ *
+ * `reason` is optional operator context (`user_request` / `admin_action`
+ * / `account_violation`); the BaaS route defaults to `user_request`.
+ * Production hardening (WebAuthn step-up challenge) lands in Phase 5.11 —
+ * see the handler TODO.
+ */
+export declare const AuthUserDeleteRequest: Schema.Struct<{
+    reason: Schema.optional<typeof Schema.String>;
+}>;
+export type AuthUserDeleteRequest = typeof AuthUserDeleteRequest.Type;
+/**
+ * `DELETE /auth/platform-user/account` response.
+ *
+ * `deletedData` is the string list of resource kinds actually erased
+ * (sessions, oauthAccounts, projectUsers, storageFiles, …). Mirrors the
+ * `UserDeletionResult.deletedData` surface from the core helper but
+ * flattened to a string array — the per-kind counts are audit-log
+ * payload only.
+ */
+export declare const AuthUserDeleteResponse: Schema.Struct<{
+    success: typeof Schema.Boolean;
+    deletedData: Schema.Array$<typeof Schema.String>;
+}>;
+export type AuthUserDeleteResponse = typeof AuthUserDeleteResponse.Type;
+/** Scope taxonomy — matches `audit_logs.scope` CHECK on the DB side. */
+export declare const AuditScopeLiteral: Schema.Literal<["platform-ops", "project-ops", "app-events"]>;
+export type AuditScopeLiteral = typeof AuditScopeLiteral.Type;
+/**
+ * `GET /audit/query` — filter envelope. All fields optional
+ * except `limit` (default 100, max 500). `from` / `to` are ISO-8601 UTC;
+ * `cursor` paginates; `scope` narrows to one plane (caller role must
+ * include it — see scope enforcement notes above).
+ */
+export declare const PlatformAuditQueryRequest: Schema.Struct<{
+    scope: Schema.optional<Schema.Literal<["platform-ops", "project-ops", "app-events"]>>;
+    actor: Schema.optional<typeof Schema.String>;
+    resourceType: Schema.optional<typeof Schema.String>;
+    resourceId: Schema.optional<typeof Schema.String>;
+    action: Schema.optional<typeof Schema.String>;
+    from: Schema.optional<typeof Schema.String>;
+    to: Schema.optional<typeof Schema.String>;
+    cursor: Schema.optional<typeof Schema.String>;
+    limit: Schema.optional<typeof Schema.Number>;
+}>;
+export type PlatformAuditQueryRequest = typeof PlatformAuditQueryRequest.Type;
+/** One audit row as surfaced to the query client. Hashes are hex-encoded. */
+export declare const PlatformAuditEvent: Schema.Struct<{
+    id: typeof Schema.String;
+    ts: typeof Schema.String;
+    scope: Schema.Literal<["platform-ops", "project-ops", "app-events"]>;
+    actor: Schema.NullOr<typeof Schema.String>;
+    user: Schema.NullOr<typeof Schema.String>;
+    orgId: Schema.NullOr<typeof Schema.String>;
+    projectId: Schema.NullOr<typeof Schema.String>;
+    resourceType: typeof Schema.String;
+    resourceId: Schema.NullOr<typeof Schema.String>;
+    action: typeof Schema.String;
+    metadata: Schema.NullOr<Schema.Record$<typeof Schema.String, typeof Schema.Unknown>>;
+    prevHashHex: Schema.NullOr<typeof Schema.String>;
+    rowHashHex: Schema.NullOr<typeof Schema.String>;
+}>;
+export type PlatformAuditEvent = typeof PlatformAuditEvent.Type;
+/**
+ * Response envelope — paginated events + chain-verification flag.
+ *
+ * `chainVerified` is `true` when every returned row's `prev_hash` equals
+ * the preceding row's `row_hash` (rows returned in chain order). It MAY
+ * be `false` when a range query skips a row (rare; not corruption) —
+ * the field is advisory for the client, the ground-truth verifier is
+ * `scripts/check-audit-hash-chain.ts --nightly`.
+ */
+export declare const PlatformAuditQueryResponse: Schema.Struct<{
+    events: Schema.Array$<Schema.Struct<{
+        id: typeof Schema.String;
+        ts: typeof Schema.String;
+        scope: Schema.Literal<["platform-ops", "project-ops", "app-events"]>;
+        actor: Schema.NullOr<typeof Schema.String>;
+        user: Schema.NullOr<typeof Schema.String>;
+        orgId: Schema.NullOr<typeof Schema.String>;
+        projectId: Schema.NullOr<typeof Schema.String>;
+        resourceType: typeof Schema.String;
+        resourceId: Schema.NullOr<typeof Schema.String>;
+        action: typeof Schema.String;
+        metadata: Schema.NullOr<Schema.Record$<typeof Schema.String, typeof Schema.Unknown>>;
+        prevHashHex: Schema.NullOr<typeof Schema.String>;
+        rowHashHex: Schema.NullOr<typeof Schema.String>;
+    }>>;
+    nextCursor: Schema.NullOr<typeof Schema.String>;
+    chainVerified: typeof Schema.Boolean;
+}>;
+export type PlatformAuditQueryResponse = typeof PlatformAuditQueryResponse.Type;
+/** Scope taxonomy — mirrors `RATE_LIMIT_SCOPES` in the Drizzle schema. */
+export declare const RateLimitScopeLiteral: Schema.Literal<["global", "project", "user"]>;
+export type RateLimitScopeLiteral = typeof RateLimitScopeLiteral.Type;
+/** Strategy taxonomy — mirrors `RATE_LIMIT_STRATEGIES`. */
+export declare const RateLimitStrategyLiteral: Schema.Literal<["token-bucket", "sliding-window", "fixed-window"]>;
+export type RateLimitStrategyLiteral = typeof RateLimitStrategyLiteral.Type;
+export declare const PlatformRateLimitStatusRequest: Schema.Struct<{
+    scope: Schema.optional<Schema.Literal<["global", "project", "user"]>>;
+    scope_id: Schema.optional<typeof Schema.String>;
+    namespace: Schema.optional<Schema.filter<typeof Schema.String>>;
+}>;
+export type PlatformRateLimitStatusRequest = typeof PlatformRateLimitStatusRequest.Type;
+export declare const PlatformRateLimitStatusRow: Schema.Struct<{
+    namespace: typeof Schema.String;
+    scope: Schema.Literal<["global", "project", "user"]>;
+    scopeId: Schema.NullOr<typeof Schema.String>;
+    strategy: Schema.Literal<["token-bucket", "sliding-window", "fixed-window"]>;
+    limit: typeof Schema.Number;
+    windowSeconds: typeof Schema.Number;
+    burst: Schema.NullOr<typeof Schema.Number>;
+    source: Schema.Literal<["default", "global", "project", "user"]>;
+}>;
+export type PlatformRateLimitStatusRow = typeof PlatformRateLimitStatusRow.Type;
+export declare const PlatformRateLimitStatusResponse: Schema.Struct<{
+    rows: Schema.Array$<Schema.Struct<{
+        namespace: typeof Schema.String;
+        scope: Schema.Literal<["global", "project", "user"]>;
+        scopeId: Schema.NullOr<typeof Schema.String>;
+        strategy: Schema.Literal<["token-bucket", "sliding-window", "fixed-window"]>;
+        limit: typeof Schema.Number;
+        windowSeconds: typeof Schema.Number;
+        burst: Schema.NullOr<typeof Schema.Number>;
+        source: Schema.Literal<["default", "global", "project", "user"]>;
+    }>>;
+}>;
+export type PlatformRateLimitStatusResponse = typeof PlatformRateLimitStatusResponse.Type;
+export declare const PlatformRateLimitStrategiesListRequest: Schema.Struct<{
+    scope: Schema.optional<Schema.Literal<["global", "project", "user"]>>;
+    scope_id: Schema.optional<typeof Schema.String>;
+}>;
+export type PlatformRateLimitStrategiesListRequest = typeof PlatformRateLimitStrategiesListRequest.Type;
+export declare const PlatformRateLimitStrategyRow: Schema.Struct<{
+    id: typeof Schema.String;
+    scope: Schema.Literal<["global", "project", "user"]>;
+    scopeId: Schema.NullOr<typeof Schema.String>;
+    namespace: typeof Schema.String;
+    strategy: Schema.Literal<["token-bucket", "sliding-window", "fixed-window"]>;
+    limitCount: typeof Schema.Number;
+    windowSeconds: typeof Schema.Number;
+    burstCount: Schema.NullOr<typeof Schema.Number>;
+    updatedAt: typeof Schema.String;
+    updatedBy: Schema.NullOr<typeof Schema.String>;
+}>;
+export type PlatformRateLimitStrategyRow = typeof PlatformRateLimitStrategyRow.Type;
+export declare const PlatformRateLimitStrategiesListResponse: Schema.Struct<{
+    strategies: Schema.Array$<Schema.Struct<{
+        id: typeof Schema.String;
+        scope: Schema.Literal<["global", "project", "user"]>;
+        scopeId: Schema.NullOr<typeof Schema.String>;
+        namespace: typeof Schema.String;
+        strategy: Schema.Literal<["token-bucket", "sliding-window", "fixed-window"]>;
+        limitCount: typeof Schema.Number;
+        windowSeconds: typeof Schema.Number;
+        burstCount: Schema.NullOr<typeof Schema.Number>;
+        updatedAt: typeof Schema.String;
+        updatedBy: Schema.NullOr<typeof Schema.String>;
+    }>>;
+}>;
+export type PlatformRateLimitStrategiesListResponse = typeof PlatformRateLimitStrategiesListResponse.Type;
+export declare const PlatformRateLimitNamespaceParams: Schema.Struct<{
+    namespace: Schema.filter<typeof Schema.String>;
+}>;
+export type PlatformRateLimitNamespaceParams = typeof PlatformRateLimitNamespaceParams.Type;
+export declare const PlatformRateLimitStrategyUpsertRequest: Schema.Struct<{
+    scope: Schema.Literal<["global", "project", "user"]>;
+    scope_id: Schema.optional<typeof Schema.String>;
+    strategy: Schema.Literal<["token-bucket", "sliding-window", "fixed-window"]>;
+    limit: typeof Schema.Number;
+    windowSeconds: typeof Schema.Number;
+    burst: Schema.optional<Schema.NullOr<typeof Schema.Number>>;
+}>;
+export type PlatformRateLimitStrategyUpsertRequest = typeof PlatformRateLimitStrategyUpsertRequest.Type;
+export declare const PlatformRateLimitStrategyUpsertResponse: Schema.Struct<{
+    strategy: Schema.Struct<{
+        id: typeof Schema.String;
+        scope: Schema.Literal<["global", "project", "user"]>;
+        scopeId: Schema.NullOr<typeof Schema.String>;
+        namespace: typeof Schema.String;
+        strategy: Schema.Literal<["token-bucket", "sliding-window", "fixed-window"]>;
+        limitCount: typeof Schema.Number;
+        windowSeconds: typeof Schema.Number;
+        burstCount: Schema.NullOr<typeof Schema.Number>;
+        updatedAt: typeof Schema.String;
+        updatedBy: Schema.NullOr<typeof Schema.String>;
+    }>;
+}>;
+export type PlatformRateLimitStrategyUpsertResponse = typeof PlatformRateLimitStrategyUpsertResponse.Type;
+export declare const PlatformRateLimitStrategyDeleteRequest: Schema.Struct<{
+    scope: Schema.Literal<["global", "project", "user"]>;
+    scope_id: Schema.optional<typeof Schema.String>;
+}>;
+export type PlatformRateLimitStrategyDeleteRequest = typeof PlatformRateLimitStrategyDeleteRequest.Type;
+export declare const PlatformRateLimitStrategyDeleteResponse: Schema.Struct<{
+    deleted: typeof Schema.Boolean;
+}>;
+export type PlatformRateLimitStrategyDeleteResponse = typeof PlatformRateLimitStrategyDeleteResponse.Type;
+/**
+ * Passkey signup-challenge request. `orgId` binds the ceremony to an org
+ * for policy enforcement (device-bound + AAGUID allow-list). Omit for
+ * personal signups.
+ */
+export declare const PasskeySignupChallengeRequest: Schema.Struct<{
+    email: typeof Schema.String;
+    displayName: Schema.optional<typeof Schema.String>;
+    orgId: Schema.optional<typeof Schema.String>;
+}>;
+export type PasskeySignupChallengeRequest = typeof PasskeySignupChallengeRequest.Type;
+/**
+ * WebAuthn registration options + platform-issued `userHandle`. Caller
+ * feeds these to `navigator.credentials.create({ publicKey: options })`
+ * and echoes `userHandle` back to /signup-verify.
+ */
+export declare const PasskeySignupChallengeResponse: Schema.Struct<{
+    challenge: typeof Schema.String;
+    rp: Schema.Struct<{
+        name: typeof Schema.String;
+        id: Schema.optional<typeof Schema.String>;
+    }>;
+    user: Schema.Struct<{
+        id: typeof Schema.String;
+        name: typeof Schema.String;
+        displayName: typeof Schema.String;
+    }>;
+    pubKeyCredParams: Schema.Array$<Schema.Struct<{
+        type: Schema.Literal<["public-key"]>;
+        alg: typeof Schema.Number;
+    }>>;
+    timeout: Schema.optional<typeof Schema.Number>;
+    attestation: Schema.optional<typeof Schema.String>;
+    authenticatorSelection: Schema.optional<Schema.Struct<{
+        authenticatorAttachment: Schema.optional<Schema.Literal<["platform", "cross-platform"]>>;
+        residentKey: Schema.optional<Schema.Literal<["discouraged", "preferred", "required"]>>;
+        userVerification: Schema.optional<Schema.Literal<["discouraged", "preferred", "required"]>>;
+    }>>;
+    userHandle: typeof Schema.String;
+}>;
+export type PasskeySignupChallengeResponse = typeof PasskeySignupChallengeResponse.Type;
+export declare const PasskeySignupVerifyRequest: Schema.Struct<{
+    email: typeof Schema.String;
+    userHandle: typeof Schema.String;
+    credential: typeof Schema.Unknown;
+    deviceName: Schema.optional<typeof Schema.String>;
+}>;
+export type PasskeySignupVerifyRequest = typeof PasskeySignupVerifyRequest.Type;
+export declare const PasskeySignupVerifyResponse: Schema.Struct<{
+    accessToken: typeof Schema.String;
+    refreshToken: typeof Schema.String;
+    expiresIn: typeof Schema.Number;
+    user: Schema.Struct<{
+        id: typeof Schema.String;
+        email: typeof Schema.String;
+        name: Schema.NullOr<typeof Schema.String>;
+        role: typeof Schema.String;
+    }>;
+    passkey: Schema.Struct<{
+        id: typeof Schema.String;
+        authenticatorAttachment: Schema.NullOr<Schema.Literal<["platform", "cross-platform"]>>;
+        backupState: Schema.NullOr<typeof Schema.Boolean>;
+        aaguid: Schema.NullOr<typeof Schema.String>;
+    }>;
+}>;
+export type PasskeySignupVerifyResponse = typeof PasskeySignupVerifyResponse.Type;
+export declare const PasskeyPolicyViolationResponse: Schema.Struct<{
+    error: Schema.Literal<["policy_violation"]>;
+    code: Schema.Literal<["device_bound_required", "aaguid_not_allowed"]>;
+    message: typeof Schema.String;
+}>;
+export type PasskeyPolicyViolationResponse = typeof PasskeyPolicyViolationResponse.Type;
+export declare const PrimaryAuthMethodResponse: Schema.Struct<{
+    userId: typeof Schema.String;
+    primaryAuthMethod: Schema.Literal<["passkey", "password"]>;
+}>;
+export type PrimaryAuthMethodResponse = typeof PrimaryAuthMethodResponse.Type;
+export declare const OrgAuthPolicy: Schema.Struct<{
+    orgId: typeof Schema.String;
+    requirePasskeyForSignup: typeof Schema.Boolean;
+    requireDeviceBoundPasskeys: typeof Schema.Boolean;
+    allowedAaguids: Schema.Array$<typeof Schema.String>;
+    updatedAt: typeof Schema.String;
+    updatedBy: Schema.NullOr<typeof Schema.String>;
+}>;
+export type OrgAuthPolicy = typeof OrgAuthPolicy.Type;
+export declare const OrgAuthPolicyUpdateRequest: Schema.Struct<{
+    requirePasskeyForSignup: Schema.optional<typeof Schema.Boolean>;
+    requireDeviceBoundPasskeys: Schema.optional<typeof Schema.Boolean>;
+    allowedAaguids: Schema.optional<Schema.Array$<typeof Schema.String>>;
+}>;
+export type OrgAuthPolicyUpdateRequest = typeof OrgAuthPolicyUpdateRequest.Type;
+//# sourceMappingURL=auth.d.ts.map