@turnkey/http 0.17.0 → 0.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. package/CHANGELOG.md +13 -0
  2. package/dist/__generated__/services/coordinator/public/v1/public_api.fetcher.d.ts +4310 -515
  3. package/dist/__generated__/services/coordinator/public/v1/public_api.fetcher.d.ts.map +1 -1
  4. package/dist/__generated__/services/coordinator/public/v1/public_api.fetcher.js +385 -1
  5. package/dist/__generated__/services/coordinator/public/v1/public_api.fetcher.js.map +1 -1
  6. package/dist/__generated__/services/coordinator/public/v1/public_api.swagger.json +599 -44
  7. package/dist/__generated__/services/coordinator/public/v1/public_api.types.d.ts +336 -12
  8. package/dist/__generated__/services/coordinator/public/v1/public_api.types.d.ts.map +1 -1
  9. package/dist/base.d.ts +10 -1
  10. package/dist/base.d.ts.map +1 -1
  11. package/dist/base.js +29 -2
  12. package/dist/base.js.map +1 -1
  13. package/dist/config.d.ts +8 -0
  14. package/dist/config.d.ts.map +1 -1
  15. package/dist/config.js +14 -1
  16. package/dist/config.js.map +1 -1
  17. package/dist/encoding.d.ts +1 -0
  18. package/dist/encoding.d.ts.map +1 -1
  19. package/dist/encoding.js +6 -8
  20. package/dist/encoding.js.map +1 -1
  21. package/dist/index.d.ts +4 -1
  22. package/dist/index.d.ts.map +1 -1
  23. package/dist/index.js +4 -1
  24. package/dist/index.js.map +1 -1
  25. package/dist/shared.d.ts +5 -0
  26. package/dist/shared.d.ts.map +1 -1
  27. package/dist/webauthn-json/api.d.ts +13 -0
  28. package/dist/webauthn-json/api.d.ts.map +1 -0
  29. package/dist/webauthn-json/api.js +33 -0
  30. package/dist/webauthn-json/api.js.map +1 -0
  31. package/dist/webauthn-json/base64url.d.ts +4 -0
  32. package/dist/webauthn-json/base64url.d.ts.map +1 -0
  33. package/dist/webauthn-json/base64url.js +37 -0
  34. package/dist/webauthn-json/base64url.js.map +1 -0
  35. package/dist/webauthn-json/convert.d.ts +8 -0
  36. package/dist/webauthn-json/convert.d.ts.map +1 -0
  37. package/dist/webauthn-json/convert.js +69 -0
  38. package/dist/webauthn-json/convert.js.map +1 -0
  39. package/dist/webauthn-json/index.d.ts +14 -0
  40. package/dist/webauthn-json/index.d.ts.map +1 -0
  41. package/dist/webauthn-json/index.js +19 -0
  42. package/dist/webauthn-json/index.js.map +1 -0
  43. package/dist/webauthn-json/json.d.ts +92 -0
  44. package/dist/webauthn-json/json.d.ts.map +1 -0
  45. package/dist/webauthn-json/json.js +3 -0
  46. package/dist/webauthn-json/json.js.map +1 -0
  47. package/dist/webauthn-json/schema-format.d.ts +13 -0
  48. package/dist/webauthn-json/schema-format.d.ts.map +1 -0
  49. package/dist/webauthn-json/schema-format.js +3 -0
  50. package/dist/webauthn-json/schema-format.js.map +1 -0
  51. package/dist/webauthn-json/schema.d.ts +9 -0
  52. package/dist/webauthn-json/schema.d.ts.map +1 -0
  53. package/dist/webauthn-json/schema.js +86 -0
  54. package/dist/webauthn-json/schema.js.map +1 -0
  55. package/dist/webauthn.d.ts +24 -0
  56. package/dist/webauthn.d.ts.map +1 -0
  57. package/dist/webauthn.js +82 -0
  58. package/dist/webauthn.js.map +1 -0
  59. package/package.json +1 -1
package/dist/__generated__/services/coordinator/public/v1/public_api.swagger.json CHANGED
@@ -708,6 +708,59 @@
708
708
  }
709
709
  }
710
710
  },
711
+ "/public/v1/submit/create_authenticators": {
712
+ "post": {
713
+ "summary": "Create Authenticators",
714
+ "description": "Create Authenticators to authenticate requests to Turnkey",
715
+ "operationId": "PublicApiService_CreateAuthenticators",
716
+ "responses": {
717
+ "200": {
718
+ "description": "A successful response.",
719
+ "schema": {
720
+ "$ref": "#/definitions/v1ActivityResponse"
721
+ }
722
+ },
723
+ "403": {
724
+ "description": "Returned when the user does not have permission to access the resource.",
725
+ "schema": {}
726
+ },
727
+ "404": {
728
+ "description": "Returned when the resource does not exist.",
729
+ "schema": {
730
+ "type": "string",
731
+ "format": "string"
732
+ }
733
+ },
734
+ "default": {
735
+ "description": "An unexpected error response.",
736
+ "schema": {
737
+ "$ref": "#/definitions/rpcStatus"
738
+ }
739
+ }
740
+ },
741
+ "parameters": [
742
+ {
743
+ "name": "body",
744
+ "in": "body",
745
+ "required": true,
746
+ "schema": {
747
+ "$ref": "#/definitions/v1CreateAuthenticatorsRequest"
748
+ }
749
+ }
750
+ ],
751
+ "tags": ["Authenticators"],
752
+ "x-readme": {
753
+ "code-samples": [
754
+ {
755
+ "code": "turnkey request --host coordinator-beta.turnkey.io --path /public/v1/submit/create_authenticators --body '{\n\t\"type\": \"ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2\",\n\t\"timestampMs\": \"'\"$(date +%s)\"'000\",\n\t\"organizationId\": \"'\"$ORGANIZATION_ID\"'\",\n\t\"parameters\": {\n\t\t\"userId\": \"\",\n\t\t\"authenticators\": [\n\t\t\t{\n\t\t\t\t\"authenticatorName\": \"\",\n\t\t\t\t\"challenge\": \"\",\n\t\t\t\t\"attestation\": {\n\t\t\t\t\t\"credentialId\": \"\",\n\t\t\t\t\t\"clientDataJson\": \"\",\n\t\t\t\t\t\"attestationObject\": \"\",\n\t\t\t\t\t\"transports\": []\n\t\t\t\t}\n\t\t\t}\n\t\t]\n\t}\n}\n'",
756
+ "install": "brew tap tkhq/tap \u0026\u0026 brew install turnkey",
757
+ "language": "curl",
758
+ "name": "Turnkey CLI"
759
+ }
760
+ ]
761
+ }
762
+ }
763
+ },
711
764
  "/public/v1/submit/create_invitations": {
712
765
  "post": {
713
766
  "summary": "Create Invitations",
@@ -867,6 +920,59 @@
867
920
  }
868
921
  }
869
922
  },
923
+ "/public/v1/submit/create_sub_organization": {
924
+ "post": {
925
+ "summary": "Create Sub-Organization",
926
+ "description": "Create a new Sub-Organization",
927
+ "operationId": "PublicApiService_CreateSubOrganization",
928
+ "responses": {
929
+ "200": {
930
+ "description": "A successful response.",
931
+ "schema": {
932
+ "$ref": "#/definitions/v1ActivityResponse"
933
+ }
934
+ },
935
+ "403": {
936
+ "description": "Returned when the user does not have permission to access the resource.",
937
+ "schema": {}
938
+ },
939
+ "404": {
940
+ "description": "Returned when the resource does not exist.",
941
+ "schema": {
942
+ "type": "string",
943
+ "format": "string"
944
+ }
945
+ },
946
+ "default": {
947
+ "description": "An unexpected error response.",
948
+ "schema": {
949
+ "$ref": "#/definitions/rpcStatus"
950
+ }
951
+ }
952
+ },
953
+ "parameters": [
954
+ {
955
+ "name": "body",
956
+ "in": "body",
957
+ "required": true,
958
+ "schema": {
959
+ "$ref": "#/definitions/v1CreateSubOrganizationRequest"
960
+ }
961
+ }
962
+ ],
963
+ "tags": ["Organizations"],
964
+ "x-readme": {
965
+ "code-samples": [
966
+ {
967
+ "code": "turnkey request --host coordinator-beta.turnkey.io --path /public/v1/submit/create_sub_organization --body '{\n\t\"timestampMs\": \"'\"$(date +%s)\"'000\",\n\t\"type\": \"ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION\",\n\t\"organizationId\": \"'\"$ORGANIZATION_ID\"'\",\n\t\"parameters\": {\n\t\t\"name\": \"\",\n\t\t\"rootAuthenticator\": {\n\t\t\t\"authenticatorName\": \"\",\n\t\t\t\"challenge\":\"\",\n\t\t\t\"attestation\":{\n\t\t\t\t\"credentialId\":\"\",\n\t\t\t\t\"clientDataJson\":\"\",\n\t\t\t\t\"attestationObject\":\"\",\n\t\t\t\t\"transports\":[],\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\t}'",
968
+ "install": "brew tap tkhq/tap \u0026\u0026 brew install turnkey",
969
+ "language": "curl",
970
+ "name": "Turnkey CLI"
971
+ }
972
+ ]
973
+ }
974
+ }
975
+ },
870
976
  "/public/v1/submit/create_users": {
871
977
  "post": {
872
978
  "summary": "Create Users",
@@ -1292,6 +1398,59 @@
1292
1398
  }
1293
1399
  }
1294
1400
  },
1401
+ "/public/v1/submit/update_root_quorum": {
1402
+ "post": {
1403
+ "summary": "Set the root quorum",
1404
+ "description": "Set the threshold and members of the root quorum. This must be approved by the current root quorum.",
1405
+ "operationId": "PublicApiService_UpdateRootQuorum",
1406
+ "responses": {
1407
+ "200": {
1408
+ "description": "A successful response.",
1409
+ "schema": {
1410
+ "$ref": "#/definitions/v1ActivityResponse"
1411
+ }
1412
+ },
1413
+ "403": {
1414
+ "description": "Returned when the user does not have permission to access the resource.",
1415
+ "schema": {}
1416
+ },
1417
+ "404": {
1418
+ "description": "Returned when the resource does not exist.",
1419
+ "schema": {
1420
+ "type": "string",
1421
+ "format": "string"
1422
+ }
1423
+ },
1424
+ "default": {
1425
+ "description": "An unexpected error response.",
1426
+ "schema": {
1427
+ "$ref": "#/definitions/rpcStatus"
1428
+ }
1429
+ }
1430
+ },
1431
+ "parameters": [
1432
+ {
1433
+ "name": "body",
1434
+ "in": "body",
1435
+ "required": true,
1436
+ "schema": {
1437
+ "$ref": "#/definitions/v1UpdateRootQuorumRequest"
1438
+ }
1439
+ }
1440
+ ],
1441
+ "tags": ["Root Quorum"],
1442
+ "x-readme": {
1443
+ "code-samples": [
1444
+ {
1445
+ "code": "turnkey request --host coordinator-beta.turnkey.io --path /public/v1/submit/update_root_quorum --body '{\n\t\"timestampMs\": \"'\"$(date +%s)\"'000\",\n\t\"type\": \"UPDATE_ROOT_QUORUM\",\n\t\"organizationId\": \"'\"$ORGANIZATION_ID\"'\",\n\t\"parameters\": {\n\t\t\"userIds\": \"'\"$USER_IDS\"'\",\n\t\t\"threshold\": $THRESHOLD,\n\t\t\"type\": \"\"\n\t}\n}'",
1446
+ "install": "brew tap tkhq/tap \u0026\u0026 brew install turnkey",
1447
+ "language": "curl",
1448
+ "name": "Turnkey CLI"
1449
+ }
1450
+ ]
1451
+ }
1452
+ }
1453
+ },
1295
1454
  "/public/v1/submit/update_user_tag": {
1296
1455
  "post": {
1297
1456
  "summary": "Update User Tag",
@@ -1345,6 +1504,38 @@
1345
1504
  }
1346
1505
  }
1347
1506
  },
1507
+ "/tkhq/api/v1/noop-codegen-anchor": {
1508
+ "post": {
1509
+ "summary": "This route does nothing and does not need an implementation, but please don't remove it.\nIt's used at compile time for generating extra OpenAPI/TypeScript types\nthat are not directly referenced in requests.",
1510
+ "operationId": "PublicApiService_NOOPCodegenAnchor",
1511
+ "responses": {
1512
+ "200": {
1513
+ "description": "A successful response.",
1514
+ "schema": {
1515
+ "$ref": "#/definitions/v1NOOPCodegenAnchorResponse"
1516
+ }
1517
+ },
1518
+ "403": {
1519
+ "description": "Returned when the user does not have permission to access the resource.",
1520
+ "schema": {}
1521
+ },
1522
+ "404": {
1523
+ "description": "Returned when the resource does not exist.",
1524
+ "schema": {
1525
+ "type": "string",
1526
+ "format": "string"
1527
+ }
1528
+ },
1529
+ "default": {
1530
+ "description": "An unexpected error response.",
1531
+ "schema": {
1532
+ "$ref": "#/definitions/rpcStatus"
1533
+ }
1534
+ }
1535
+ },
1536
+ "tags": ["PublicApiService"]
1537
+ }
1538
+ },
1348
1539
  "/tkhq/public/v1/query/get_private_key": {
1349
1540
  "post": {
1350
1541
  "summary": "Get Private Key",
@@ -1617,6 +1808,25 @@
1617
1808
  },
1618
1809
  "required": ["invitationId", "userId", "authenticator"]
1619
1810
  },
1811
+ "v1AcceptInvitationIntentV2": {
1812
+ "type": "object",
1813
+ "properties": {
1814
+ "invitationId": {
1815
+ "type": "string",
1816
+ "description": "Unique identifier for a given Invitation object.",
1817
+ "title": "@inject_tag: validate:\"required,uuid\""
1818
+ },
1819
+ "userId": {
1820
+ "type": "string",
1821
+ "description": "Unique identifier for a given User.",
1822
+ "title": "@inject_tag: validate:\"required,uuid\""
1823
+ },
1824
+ "authenticator": {
1825
+ "$ref": "#/definitions/v1AuthenticatorParamsV2"
1826
+ }
1827
+ },
1828
+ "required": ["invitationId", "userId", "authenticator"]
1829
+ },
1620
1830
  "v1AcceptInvitationResult": {
1621
1831
  "type": "object",
1622
1832
  "properties": {
@@ -1770,7 +1980,13 @@
1770
1980
  "ACTIVITY_TYPE_CREATE_API_ONLY_USERS",
1771
1981
  "ACTIVITY_TYPE_UPDATE_ROOT_QUORUM",
1772
1982
  "ACTIVITY_TYPE_UPDATE_USER_TAG",
1773
- "ACTIVITY_TYPE_UPDATE_PRIVATE_KEY_TAG"
1983
+ "ACTIVITY_TYPE_UPDATE_PRIVATE_KEY_TAG",
1984
+ "ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2",
1985
+ "ACTIVITY_TYPE_CREATE_ORGANIZATION_V2",
1986
+ "ACTIVITY_TYPE_CREATE_USERS_V2",
1987
+ "ACTIVITY_TYPE_ACCEPT_INVITATION_V2",
1988
+ "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION",
1989
+ "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V2"
1774
1990
  ],
1775
1991
  "description": "Type of Activity, such as Add User, or Sign Transaction."
1776
1992
  },
@@ -1883,6 +2099,39 @@
1883
2099
  },
1884
2100
  "required": ["type", "timestampMs", "organizationId", "parameters"]
1885
2101
  },
2102
+ "v1Attestation": {
2103
+ "type": "object",
2104
+ "properties": {
2105
+ "credentialId": {
2106
+ "type": "string",
2107
+ "description": "The cbor encoded then base64 url encoded id of the credential.",
2108
+ "title": "@inject_tag: validate:\"required,max=256\""
2109
+ },
2110
+ "clientDataJson": {
2111
+ "type": "string",
2112
+ "description": "A base64 url encoded payload containing metadata about the signing context and the challenge.",
2113
+ "title": "@inject_tag: validate:\"required\""
2114
+ },
2115
+ "attestationObject": {
2116
+ "type": "string",
2117
+ "description": "A base64 url encoded payload containing authenticator data and any attestation the webauthn provider chooses.",
2118
+ "title": "@inject_tag: validate:\"required\""
2119
+ },
2120
+ "transports": {
2121
+ "type": "array",
2122
+ "items": {
2123
+ "$ref": "#/definitions/immutablewebauthnv1AuthenticatorTransport"
2124
+ },
2125
+ "description": "The type of authenticator transports."
2126
+ }
2127
+ },
2128
+ "required": [
2129
+ "credentialId",
2130
+ "clientDataJson",
2131
+ "attestationObject",
2132
+ "transports"
2133
+ ]
2134
+ },
1886
2135
  "v1Authenticator": {
1887
2136
  "type": "object",
1888
2137
  "properties": {
@@ -1900,10 +2149,6 @@
1900
2149
  "type": "string",
1901
2150
  "description": "Identifier indicating the type of the Security Key."
1902
2151
  },
1903
- "userId": {
1904
- "type": "string",
1905
- "description": "Unique identifier for a given User."
1906
- },
1907
2152
  "credentialId": {
1908
2153
  "type": "string",
1909
2154
  "description": "Unique identifier for a WebAuthn credential."
@@ -1934,7 +2179,6 @@
1934
2179
  "transports",
1935
2180
  "attestationType",
1936
2181
  "aaguid",
1937
- "userId",
1938
2182
  "credentialId",
1939
2183
  "model",
1940
2184
  "credential",
@@ -1993,6 +2237,25 @@
1993
2237
  },
1994
2238
  "required": ["authenticatorName", "userId", "attestation", "challenge"]
1995
2239
  },
2240
+ "v1AuthenticatorParamsV2": {
2241
+ "type": "object",
2242
+ "properties": {
2243
+ "authenticatorName": {
2244
+ "type": "string",
2245
+ "description": "Human-readable name for an Authenticator.",
2246
+ "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
2247
+ },
2248
+ "challenge": {
2249
+ "type": "string",
2250
+ "description": "Challenge presented for authentication purposes.",
2251
+ "title": "@inject_tag: validate:\"required,max=256\""
2252
+ },
2253
+ "attestation": {
2254
+ "$ref": "#/definitions/v1Attestation"
2255
+ }
2256
+ },
2257
+ "required": ["authenticatorName", "challenge", "attestation"]
2258
+ },
1996
2259
  "v1CreateApiKeysIntent": {
1997
2260
  "type": "object",
1998
2261
  "properties": {
@@ -2113,6 +2376,46 @@
2113
2376
  },
2114
2377
  "required": ["authenticators", "userId"]
2115
2378
  },
2379
+ "v1CreateAuthenticatorsIntentV2": {
2380
+ "type": "object",
2381
+ "properties": {
2382
+ "authenticators": {
2383
+ "type": "array",
2384
+ "items": {
2385
+ "$ref": "#/definitions/v1AuthenticatorParamsV2"
2386
+ },
2387
+ "description": "A list of Authenticators.",
2388
+ "title": "@inject_tag: validate:\"dive,required\""
2389
+ },
2390
+ "userId": {
2391
+ "type": "string",
2392
+ "description": "Unique identifier for a given User.",
2393
+ "title": "@inject_tag: validate:\"required,uuid\""
2394
+ }
2395
+ },
2396
+ "required": ["authenticators", "userId"]
2397
+ },
2398
+ "v1CreateAuthenticatorsRequest": {
2399
+ "type": "object",
2400
+ "properties": {
2401
+ "type": {
2402
+ "type": "string",
2403
+ "enum": ["ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2"]
2404
+ },
2405
+ "timestampMs": {
2406
+ "type": "string",
2407
+ "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests."
2408
+ },
2409
+ "organizationId": {
2410
+ "type": "string",
2411
+ "description": "Unique identifier for a given Organization."
2412
+ },
2413
+ "parameters": {
2414
+ "$ref": "#/definitions/v1CreateAuthenticatorsIntentV2"
2415
+ }
2416
+ },
2417
+ "required": ["type", "timestampMs", "organizationId", "parameters"]
2418
+ },
2116
2419
  "v1CreateAuthenticatorsResult": {
2117
2420
  "type": "object",
2118
2421
  "properties": {
@@ -2198,6 +2501,30 @@
2198
2501
  },
2199
2502
  "required": ["organizationName", "rootEmail", "rootAuthenticator"]
2200
2503
  },
2504
+ "v1CreateOrganizationIntentV2": {
2505
+ "type": "object",
2506
+ "properties": {
2507
+ "organizationName": {
2508
+ "type": "string",
2509
+ "description": "Human-readable name for an Organization.",
2510
+ "title": "@inject_tag: validate:\"required,tk_label_length\""
2511
+ },
2512
+ "rootEmail": {
2513
+ "type": "string",
2514
+ "description": "The root user's email address.",
2515
+ "title": "@inject_tag: validate:\"required,email,tk_email\""
2516
+ },
2517
+ "rootAuthenticator": {
2518
+ "$ref": "#/definitions/v1AuthenticatorParamsV2"
2519
+ },
2520
+ "rootUserId": {
2521
+ "type": "string",
2522
+ "description": "Unique identifier for the root user object.",
2523
+ "title": "@inject_tag: validate:\"uuid\""
2524
+ }
2525
+ },
2526
+ "required": ["organizationName", "rootEmail", "rootAuthenticator"]
2527
+ },
2201
2528
  "v1CreateOrganizationResult": {
2202
2529
  "type": "object",
2203
2530
  "properties": {
@@ -2398,6 +2725,75 @@
2398
2725
  },
2399
2726
  "required": ["privateKeyIds"]
2400
2727
  },
2728
+ "v1CreateSubOrganizationIntent": {
2729
+ "type": "object",
2730
+ "properties": {
2731
+ "name": {
2732
+ "type": "string",
2733
+ "description": "Name for this sub-organization",
2734
+ "title": "@inject_tag: validate:\"omitempty,tk_label,tk_label_length\""
2735
+ },
2736
+ "rootAuthenticator": {
2737
+ "$ref": "#/definitions/v1AuthenticatorParamsV2"
2738
+ }
2739
+ },
2740
+ "required": ["name", "rootAuthenticator"]
2741
+ },
2742
+ "v1CreateSubOrganizationIntentV2": {
2743
+ "type": "object",
2744
+ "properties": {
2745
+ "subOrganizationName": {
2746
+ "type": "string",
2747
+ "description": "Name for this sub-organization",
2748
+ "title": "@inject_tag: validate:\"omitempty,tk_label,tk_label_length\""
2749
+ },
2750
+ "rootUsers": {
2751
+ "type": "array",
2752
+ "items": {
2753
+ "$ref": "#/definitions/v1RootUserParams"
2754
+ },
2755
+ "description": "Root users to create within this sub-organization",
2756
+ "title": "@inject_tag: validate:\"required\""
2757
+ },
2758
+ "rootQuorumThreshold": {
2759
+ "type": "integer",
2760
+ "format": "int32",
2761
+ "description": "The threshold of unique approvals to reach root quorum. This value must be less than or equal to the number of root users",
2762
+ "title": "@inject_tag: validate:\"required\""
2763
+ }
2764
+ },
2765
+ "required": ["subOrganizationName", "rootUsers", "rootQuorumThreshold"]
2766
+ },
2767
+ "v1CreateSubOrganizationRequest": {
2768
+ "type": "object",
2769
+ "properties": {
2770
+ "type": {
2771
+ "type": "string",
2772
+ "enum": ["ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V2"]
2773
+ },
2774
+ "timestampMs": {
2775
+ "type": "string",
2776
+ "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests."
2777
+ },
2778
+ "organizationId": {
2779
+ "type": "string",
2780
+ "description": "Unique identifier for a given Organization."
2781
+ },
2782
+ "parameters": {
2783
+ "$ref": "#/definitions/v1CreateSubOrganizationIntentV2"
2784
+ }
2785
+ },
2786
+ "required": ["type", "timestampMs", "organizationId", "parameters"]
2787
+ },
2788
+ "v1CreateSubOrganizationResult": {
2789
+ "type": "object",
2790
+ "properties": {
2791
+ "subOrganizationId": {
2792
+ "type": "string"
2793
+ }
2794
+ },
2795
+ "required": ["subOrganizationId"]
2796
+ },
2401
2797
  "v1CreateUserTagIntent": {
2402
2798
  "type": "object",
2403
2799
  "properties": {
@@ -2448,12 +2844,26 @@
2448
2844
  },
2449
2845
  "required": ["users"]
2450
2846
  },
2847
+ "v1CreateUsersIntentV2": {
2848
+ "type": "object",
2849
+ "properties": {
2850
+ "users": {
2851
+ "type": "array",
2852
+ "items": {
2853
+ "$ref": "#/definitions/v1UserParamsV2"
2854
+ },
2855
+ "description": "A list of Users.",
2856
+ "title": "@inject_tag: validate:\"required,dive,required\""
2857
+ }
2858
+ },
2859
+ "required": ["users"]
2860
+ },
2451
2861
  "v1CreateUsersRequest": {
2452
2862
  "type": "object",
2453
2863
  "properties": {
2454
2864
  "type": {
2455
2865
  "type": "string",
2456
- "enum": ["ACTIVITY_TYPE_CREATE_USERS"]
2866
+ "enum": ["ACTIVITY_TYPE_CREATE_USERS_V2"]
2457
2867
  },
2458
2868
  "timestampMs": {
2459
2869
  "type": "string",
@@ -2464,7 +2874,7 @@
2464
2874
  "description": "Unique identifier for a given Organization."
2465
2875
  },
2466
2876
  "parameters": {
2467
- "$ref": "#/definitions/v1CreateUsersIntent"
2877
+ "$ref": "#/definitions/v1CreateUsersIntentV2"
2468
2878
  }
2469
2879
  },
2470
2880
  "required": ["type", "timestampMs", "organizationId", "parameters"]
@@ -3181,6 +3591,24 @@
3181
3591
  },
3182
3592
  "updatePrivateKeyTagIntent": {
3183
3593
  "$ref": "#/definitions/v1UpdatePrivateKeyTagIntent"
3594
+ },
3595
+ "createAuthenticatorsIntentV2": {
3596
+ "$ref": "#/definitions/v1CreateAuthenticatorsIntentV2"
3597
+ },
3598
+ "acceptInvitationIntentV2": {
3599
+ "$ref": "#/definitions/v1AcceptInvitationIntentV2"
3600
+ },
3601
+ "createOrganizationIntentV2": {
3602
+ "$ref": "#/definitions/v1CreateOrganizationIntentV2"
3603
+ },
3604
+ "createUsersIntentV2": {
3605
+ "$ref": "#/definitions/v1CreateUsersIntentV2"
3606
+ },
3607
+ "createSubOrganizationIntent": {
3608
+ "$ref": "#/definitions/v1CreateSubOrganizationIntent"
3609
+ },
3610
+ "createSubOrganizationIntentV2": {
3611
+ "$ref": "#/definitions/v1CreateSubOrganizationIntentV2"
3184
3612
  }
3185
3613
  },
3186
3614
  "description": "Intent object crafted by Turnkey based on the user request, used to assess the permissibility of an action.",
@@ -3283,6 +3711,15 @@
3283
3711
  "INVITATION_STATUS_REVOKED"
3284
3712
  ]
3285
3713
  },
3714
+ "v1NOOPCodegenAnchorResponse": {
3715
+ "type": "object",
3716
+ "properties": {
3717
+ "stamp": {
3718
+ "$ref": "#/definitions/v1WebAuthnStamp"
3719
+ }
3720
+ },
3721
+ "required": ["stamp"]
3722
+ },
3286
3723
  "v1OrganizationData": {
3287
3724
  "type": "object",
3288
3725
  "properties": {
@@ -3322,47 +3759,14 @@
3322
3759
  "$ref": "#/definitions/datav1Tag"
3323
3760
  }
3324
3761
  },
3325
- "deletedUsers": {
3326
- "type": "array",
3327
- "items": {
3328
- "$ref": "#/definitions/v1User"
3329
- }
3330
- },
3331
- "deletedPolicies": {
3332
- "type": "array",
3333
- "items": {
3334
- "$ref": "#/definitions/v1Policy"
3335
- }
3336
- },
3337
3762
  "disabledPrivateKeys": {
3338
3763
  "type": "array",
3339
3764
  "items": {
3340
3765
  "$ref": "#/definitions/v1PrivateKey"
3341
3766
  }
3342
3767
  },
3343
- "deletedInvitations": {
3344
- "type": "array",
3345
- "items": {
3346
- "$ref": "#/definitions/v1Invitation"
3347
- }
3348
- },
3349
- "deletedApiKeys": {
3350
- "type": "array",
3351
- "items": {
3352
- "$ref": "#/definitions/v1ApiKey"
3353
- }
3354
- },
3355
- "deletedAuthenticators": {
3356
- "type": "array",
3357
- "items": {
3358
- "$ref": "#/definitions/v1Authenticator"
3359
- }
3360
- },
3361
- "deletedTags": {
3362
- "type": "array",
3363
- "items": {
3364
- "$ref": "#/definitions/datav1Tag"
3365
- }
3768
+ "rootQuorum": {
3769
+ "$ref": "#/definitions/v1Quorum"
3366
3770
  }
3367
3771
  },
3368
3772
  "description": "This proto definition is used in our external-facing APIs.\nIt's important to leverage annotations because they're used in our external interfaces."
@@ -3552,6 +3956,24 @@
3552
3956
  },
3553
3957
  "required": ["id", "type", "rawId", "response", "clientExtensionResults"]
3554
3958
  },
3959
+ "v1Quorum": {
3960
+ "type": "object",
3961
+ "properties": {
3962
+ "threshold": {
3963
+ "type": "integer",
3964
+ "format": "int32",
3965
+ "description": "Count of unique approvals required to meet quorum."
3966
+ },
3967
+ "userIds": {
3968
+ "type": "array",
3969
+ "items": {
3970
+ "type": "string"
3971
+ },
3972
+ "description": "Unique identifiers of quorum set members."
3973
+ }
3974
+ },
3975
+ "required": ["threshold", "userIds"]
3976
+ },
3555
3977
  "v1RejectActivityIntent": {
3556
3978
  "type": "object",
3557
3979
  "properties": {
@@ -3670,10 +4092,45 @@
3670
4092
  },
3671
4093
  "updatePrivateKeyTagResult": {
3672
4094
  "$ref": "#/definitions/v1UpdatePrivateKeyTagResult"
4095
+ },
4096
+ "createSubOrganizationResult": {
4097
+ "$ref": "#/definitions/v1CreateSubOrganizationResult"
3673
4098
  }
3674
4099
  },
3675
4100
  "description": "Result of the intended action."
3676
4101
  },
4102
+ "v1RootUserParams": {
4103
+ "type": "object",
4104
+ "properties": {
4105
+ "userName": {
4106
+ "type": "string",
4107
+ "description": "Human-readable name for a User.",
4108
+ "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
4109
+ },
4110
+ "userEmail": {
4111
+ "type": "string",
4112
+ "description": "The user's email address.",
4113
+ "title": "@inject_tag: validate:\"omitempty,email,tk_email\""
4114
+ },
4115
+ "apiKeys": {
4116
+ "type": "array",
4117
+ "items": {
4118
+ "$ref": "#/definitions/v1ApiKeyParams"
4119
+ },
4120
+ "description": "A list of API Key parameters.",
4121
+ "title": "@inject_tag: validate:\"dive\""
4122
+ },
4123
+ "authenticators": {
4124
+ "type": "array",
4125
+ "items": {
4126
+ "$ref": "#/definitions/v1AuthenticatorParamsV2"
4127
+ },
4128
+ "description": "A list of Authenticator parameters.",
4129
+ "title": "@inject_tag: validate:\"dive\""
4130
+ }
4131
+ },
4132
+ "required": ["userName", "apiKeys", "authenticators"]
4133
+ },
3677
4134
  "v1SelectorV2": {
3678
4135
  "type": "object",
3679
4136
  "properties": {
@@ -3970,11 +4427,32 @@
3970
4427
  "type": "string"
3971
4428
  },
3972
4429
  "description": "The unique identifiers of users who comprise the quorum set.",
3973
- "title": "@inject_tag: validate:\"required,uuid\""
4430
+ "title": "@inject_tag: validate:\"dive,uuid\""
3974
4431
  }
3975
4432
  },
3976
4433
  "required": ["threshold", "userIds"]
3977
4434
  },
4435
+ "v1UpdateRootQuorumRequest": {
4436
+ "type": "object",
4437
+ "properties": {
4438
+ "type": {
4439
+ "type": "string",
4440
+ "enum": ["ACTIVITY_TYPE_UPDATE_ROOT_QUORUM"]
4441
+ },
4442
+ "timestampMs": {
4443
+ "type": "string",
4444
+ "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests."
4445
+ },
4446
+ "organizationId": {
4447
+ "type": "string",
4448
+ "description": "Unique identifier for a given Organization."
4449
+ },
4450
+ "parameters": {
4451
+ "$ref": "#/definitions/v1UpdateRootQuorumIntent"
4452
+ }
4453
+ },
4454
+ "required": ["type", "timestampMs", "organizationId", "parameters"]
4455
+ },
3978
4456
  "v1UpdateRootQuorumResult": {
3979
4457
  "type": "object"
3980
4458
  },
@@ -4148,6 +4626,55 @@
4148
4626
  "userTags"
4149
4627
  ]
4150
4628
  },
4629
+ "v1UserParamsV2": {
4630
+ "type": "object",
4631
+ "properties": {
4632
+ "userName": {
4633
+ "type": "string",
4634
+ "description": "Human-readable name for a User.",
4635
+ "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
4636
+ },
4637
+ "userEmail": {
4638
+ "type": "string",
4639
+ "description": "The user's email address.",
4640
+ "title": "@inject_tag: validate:\"omitempty,email,tk_email\""
4641
+ },
4642
+ "accessType": {
4643
+ "$ref": "#/definitions/immutableactivityv1AccessType"
4644
+ },
4645
+ "apiKeys": {
4646
+ "type": "array",
4647
+ "items": {
4648
+ "$ref": "#/definitions/v1ApiKeyParams"
4649
+ },
4650
+ "description": "A list of API Key parameters.",
4651
+ "title": "@inject_tag: validate:\"dive,uuid\""
4652
+ },
4653
+ "authenticators": {
4654
+ "type": "array",
4655
+ "items": {
4656
+ "$ref": "#/definitions/v1AuthenticatorParamsV2"
4657
+ },
4658
+ "description": "A list of Authenticator parameters.",
4659
+ "title": "@inject_tag: validate:\"dive\""
4660
+ },
4661
+ "userTags": {
4662
+ "type": "array",
4663
+ "items": {
4664
+ "type": "string"
4665
+ },
4666
+ "description": "A list of User Tag IDs.",
4667
+ "title": "@inject_tag: validate:\"dive,uuid\""
4668
+ }
4669
+ },
4670
+ "required": [
4671
+ "userName",
4672
+ "accessType",
4673
+ "apiKeys",
4674
+ "authenticators",
4675
+ "userTags"
4676
+ ]
4677
+ },
4151
4678
  "v1Vote": {
4152
4679
  "type": "object",
4153
4680
  "properties": {
@@ -4203,6 +4730,34 @@
4203
4730
  "scheme",
4204
4731
  "createdAt"
4205
4732
  ]
4733
+ },
4734
+ "v1WebAuthnStamp": {
4735
+ "type": "object",
4736
+ "properties": {
4737
+ "credentialId": {
4738
+ "type": "string",
4739
+ "description": "A base64 url encoded Unique identifier for a given credential."
4740
+ },
4741
+ "clientDataJson": {
4742
+ "type": "string",
4743
+ "description": "A base64 encoded payload containing metadata about the signing context and the challenge."
4744
+ },
4745
+ "authenticatorData": {
4746
+ "type": "string",
4747
+ "description": "A base64 encoded payload containing metadata about the authenticator."
4748
+ },
4749
+ "signature": {
4750
+ "type": "string",
4751
+ "description": "The base64 url encoded signature bytes contained within the WebAuthn assertion response."
4752
+ }
4753
+ },
4754
+ "title": "We expect this to be passed in as a JSON-encoded, then base64-encoded string within a X-Stamp-Webauthn header",
4755
+ "required": [
4756
+ "credentialId",
4757
+ "clientDataJson",
4758
+ "authenticatorData",
4759
+ "signature"
4760
+ ]
4206
4761
  }
4207
4762
  },
4208
4763
  "securityDefinitions": {