@turnkey/http 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (58) hide show
  1. package/CHANGELOG.md +30 -0
  2. package/README.md +22 -17
  3. package/dist/__generated__/services/coordinator/public/v1/public_api.client.d.ts +548 -0
  4. package/dist/__generated__/services/coordinator/public/v1/public_api.client.d.ts.map +1 -0
  5. package/dist/__generated__/services/coordinator/public/v1/public_api.client.js +938 -0
  6. package/dist/__generated__/services/coordinator/public/v1/public_api.client.js.map +1 -0
  7. package/dist/__generated__/services/coordinator/public/v1/public_api.fetcher.d.ts +3066 -691
  8. package/dist/__generated__/services/coordinator/public/v1/public_api.fetcher.d.ts.map +1 -1
  9. package/dist/__generated__/services/coordinator/public/v1/public_api.fetcher.js +74 -38
  10. package/dist/__generated__/services/coordinator/public/v1/public_api.fetcher.js.map +1 -1
  11. package/dist/__generated__/services/coordinator/public/v1/public_api.swagger.json +576 -713
  12. package/dist/__generated__/services/coordinator/public/v1/public_api.types.d.ts +282 -788
  13. package/dist/__generated__/services/coordinator/public/v1/public_api.types.d.ts.map +1 -1
  14. package/dist/async.d.ts +20 -1
  15. package/dist/async.d.ts.map +1 -1
  16. package/dist/async.js +78 -2
  17. package/dist/async.js.map +1 -1
  18. package/dist/base.d.ts +51 -1
  19. package/dist/base.d.ts.map +1 -1
  20. package/dist/base.js +27 -5
  21. package/dist/base.js.map +1 -1
  22. package/dist/config.d.ts +6 -0
  23. package/dist/config.d.ts.map +1 -1
  24. package/dist/config.js +6 -0
  25. package/dist/config.js.map +1 -1
  26. package/dist/encoding.d.ts +0 -4
  27. package/dist/encoding.d.ts.map +1 -1
  28. package/dist/encoding.js +1 -24
  29. package/dist/encoding.js.map +1 -1
  30. package/dist/index.d.ts +5 -3
  31. package/dist/index.d.ts.map +1 -1
  32. package/dist/index.js +8 -4
  33. package/dist/index.js.map +1 -1
  34. package/dist/shared.d.ts +1 -27
  35. package/dist/shared.d.ts.map +1 -1
  36. package/dist/shared.js +4 -13
  37. package/dist/shared.js.map +1 -1
  38. package/dist/universal.d.ts +1 -3
  39. package/dist/universal.d.ts.map +1 -1
  40. package/dist/universal.js +2 -10
  41. package/dist/universal.js.map +1 -1
  42. package/package.json +4 -2
  43. package/dist/stamp.node.d.ts +0 -3
  44. package/dist/stamp.node.d.ts.map +0 -1
  45. package/dist/stamp.node.js +0 -51
  46. package/dist/stamp.node.js.map +0 -1
  47. package/dist/stamp.webcrypto.d.ts +0 -4
  48. package/dist/stamp.webcrypto.d.ts.map +0 -1
  49. package/dist/stamp.webcrypto.js +0 -110
  50. package/dist/stamp.webcrypto.js.map +0 -1
  51. package/dist/tink/bytes.d.ts +0 -45
  52. package/dist/tink/bytes.d.ts.map +0 -1
  53. package/dist/tink/bytes.js +0 -82
  54. package/dist/tink/bytes.js.map +0 -1
  55. package/dist/tink/elliptic_curves.d.ts +0 -14
  56. package/dist/tink/elliptic_curves.d.ts.map +0 -1
  57. package/dist/tink/elliptic_curves.js +0 -178
  58. package/dist/tink/elliptic_curves.js.map +0 -1
package/dist/__generated__/services/coordinator/public/v1/public_api.swagger.json CHANGED
@@ -1,20 +1,61 @@
1
1
  {
2
2
  "swagger": "2.0",
3
3
  "info": {
4
- "title": "Turnkey Public API",
4
+ "title": "API Reference",
5
+ "description": "Review our [API Introduction](../api-introduction) to get started.",
5
6
  "version": "1.0",
6
- "contact": {
7
- "name": "Turnkey Engineering",
8
- "url": "https://turnkey.io/contact",
9
- "email": "eng@turnkey.io"
10
- }
7
+ "contact": {}
11
8
  },
12
9
  "tags": [
13
10
  {
14
11
  "name": "PublicApiService"
12
+ },
13
+ {
14
+ "name": "Organizations",
15
+ "description": "An Organization is the highest level of hierarchy in Turnkey. It can contain many Users, Private Keys, and Policies managed by a Root Quorum. The Root Quorum consists of a set of Users with a consensus threshold. This consensus threshold must be reached by Quorum members in order for any actions to take place.\n\nSee [Root Quorum](../managing-users/root-quorum) for more information"
16
+ },
17
+ {
18
+ "name": "Invitations",
19
+ "description": "Invitations allow you to invite Users into your Organization via email. Alternatively, Users can be added directly without an Invitation if their ApiKey or Authenticator credentials are known ahead of time.\n\nSee [Users](./api#tag/Users) for more information"
20
+ },
21
+ {
22
+ "name": "Policies",
23
+ "description": "Policies allow for deep customization of the security of your Organization. They can be used to grant permissions or restrict usage of Users and Private Keys. The Policy Engine analyzes all of your Policies on each request to determine whether an Activity is allowed.\n\nSee [Policy Overview](../managing-policies/overview) for more information"
24
+ },
25
+ {
26
+ "name": "Private Keys",
27
+ "description": "Private Keys are cryptographic public / private key pairs that can be used for cryptocurrency needs or more generalized encryption. Think of Private Keys as your own programmable wallet. Turnkey securely holds all Private Key materials for you, but only you can access them."
28
+ },
29
+ {
30
+ "name": "Private Key Tags",
31
+ "description": "Private Key Tags allow you to easily group and permission Private Keys through Policies."
32
+ },
33
+ {
34
+ "name": "Users",
35
+ "description": "Users are responsible for any action taken within an Organization. They can have ApiKey or Auuthenticator credentials, allowing you to onboard teammates to the Organization, or create API-only Users to run as part of your infrastructure."
36
+ },
37
+ {
38
+ "name": "User Tags",
39
+ "description": "User Key Tags allow you to easily group and permission Users through Policies."
40
+ },
41
+ {
42
+ "name": "Authenticators",
43
+ "description": "Authenticators are WebAuthN hardware devices, such as a Macbook TouchID or Yubikey, that can be used to authenticate requests."
44
+ },
45
+ {
46
+ "name": "API Keys",
47
+ "description": "API Keys are used to authenticate requests\n\nSee our [CLI](https://github.com/tkhq/tkcli) for instructions on generating API Keys"
48
+ },
49
+ {
50
+ "name": "Activities",
51
+ "description": "Activities encapsulate all the possible actions that can be taken with Turnkey. Some examples include adding a new user, creating a private key, and signing a transaction.\n\nActivities that modify your Organization are processed asynchronously. To confirm processing is complete and retrieve the Activity results, these activities must be polled until that status has been updated to a finalized state: `COMPLETED` when the activity is successful or `FAILED` when the activity has failed"
52
+ },
53
+ {
54
+ "name": "Consensus",
55
+ "description": "Policies can enforce consensus requirements for Activities. For example, adding a new user requires two admins to approve the request.\n\nActivities that have been proposed, but don't yet meet the Consesnsus requirements will have the status: `REQUIRES_CONSENSUS`. Activities in this state can be approved or rejected using the unique fingerprint generated when an Activity is created."
15
56
  }
16
57
  ],
17
- "host": "coordinator-beta.turnkey.io",
58
+ "host": "api.turnkey.com",
18
59
  "schemes": ["https"],
19
60
  "consumes": ["application/json"],
20
61
  "produces": ["application/json"],
@@ -31,17 +72,6 @@
31
72
  "$ref": "#/definitions/v1ActivityResponse"
32
73
  }
33
74
  },
34
- "403": {
35
- "description": "Returned when the user does not have permission to access the resource.",
36
- "schema": {}
37
- },
38
- "404": {
39
- "description": "Returned when the resource does not exist.",
40
- "schema": {
41
- "type": "string",
42
- "format": "string"
43
- }
44
- },
45
75
  "default": {
46
76
  "description": "An unexpected error response.",
47
77
  "schema": {
@@ -74,17 +104,6 @@
74
104
  "$ref": "#/definitions/v1GetAuthenticatorResponse"
75
105
  }
76
106
  },
77
- "403": {
78
- "description": "Returned when the user does not have permission to access the resource.",
79
- "schema": {}
80
- },
81
- "404": {
82
- "description": "Returned when the resource does not exist.",
83
- "schema": {
84
- "type": "string",
85
- "format": "string"
86
- }
87
- },
88
107
  "default": {
89
108
  "description": "An unexpected error response.",
90
109
  "schema": {
@@ -117,17 +136,6 @@
117
136
  "$ref": "#/definitions/v1GetAuthenticatorsResponse"
118
137
  }
119
138
  },
120
- "403": {
121
- "description": "Returned when the user does not have permission to access the resource.",
122
- "schema": {}
123
- },
124
- "404": {
125
- "description": "Returned when the resource does not exist.",
126
- "schema": {
127
- "type": "string",
128
- "format": "string"
129
- }
130
- },
131
139
  "default": {
132
140
  "description": "An unexpected error response.",
133
141
  "schema": {
@@ -160,17 +168,6 @@
160
168
  "$ref": "#/definitions/v1GetOrganizationResponse"
161
169
  }
162
170
  },
163
- "403": {
164
- "description": "Returned when the user does not have permission to access the resource.",
165
- "schema": {}
166
- },
167
- "404": {
168
- "description": "Returned when the resource does not exist.",
169
- "schema": {
170
- "type": "string",
171
- "format": "string"
172
- }
173
- },
174
171
  "default": {
175
172
  "description": "An unexpected error response.",
176
173
  "schema": {
@@ -203,17 +200,6 @@
203
200
  "$ref": "#/definitions/v1GetPolicyResponse"
204
201
  }
205
202
  },
206
- "403": {
207
- "description": "Returned when the user does not have permission to access the resource.",
208
- "schema": {}
209
- },
210
- "404": {
211
- "description": "Returned when the resource does not exist.",
212
- "schema": {
213
- "type": "string",
214
- "format": "string"
215
- }
216
- },
217
203
  "default": {
218
204
  "description": "An unexpected error response.",
219
205
  "schema": {
@@ -246,17 +232,6 @@
246
232
  "$ref": "#/definitions/v1GetPrivateKeyResponse"
247
233
  }
248
234
  },
249
- "403": {
250
- "description": "Returned when the user does not have permission to access the resource.",
251
- "schema": {}
252
- },
253
- "404": {
254
- "description": "Returned when the resource does not exist.",
255
- "schema": {
256
- "type": "string",
257
- "format": "string"
258
- }
259
- },
260
235
  "default": {
261
236
  "description": "An unexpected error response.",
262
237
  "schema": {
@@ -289,17 +264,6 @@
289
264
  "$ref": "#/definitions/v1GetUserResponse"
290
265
  }
291
266
  },
292
- "403": {
293
- "description": "Returned when the user does not have permission to access the resource.",
294
- "schema": {}
295
- },
296
- "404": {
297
- "description": "Returned when the resource does not exist.",
298
- "schema": {
299
- "type": "string",
300
- "format": "string"
301
- }
302
- },
303
267
  "default": {
304
268
  "description": "An unexpected error response.",
305
269
  "schema": {
@@ -332,17 +296,6 @@
332
296
  "$ref": "#/definitions/v1GetActivitiesResponse"
333
297
  }
334
298
  },
335
- "403": {
336
- "description": "Returned when the user does not have permission to access the resource.",
337
- "schema": {}
338
- },
339
- "404": {
340
- "description": "Returned when the resource does not exist.",
341
- "schema": {
342
- "type": "string",
343
- "format": "string"
344
- }
345
- },
346
299
  "default": {
347
300
  "description": "An unexpected error response.",
348
301
  "schema": {
@@ -375,17 +328,6 @@
375
328
  "$ref": "#/definitions/v1GetPoliciesResponse"
376
329
  }
377
330
  },
378
- "403": {
379
- "description": "Returned when the user does not have permission to access the resource.",
380
- "schema": {}
381
- },
382
- "404": {
383
- "description": "Returned when the resource does not exist.",
384
- "schema": {
385
- "type": "string",
386
- "format": "string"
387
- }
388
- },
389
331
  "default": {
390
332
  "description": "An unexpected error response.",
391
333
  "schema": {
@@ -418,17 +360,6 @@
418
360
  "$ref": "#/definitions/v1GetPrivateKeysResponse"
419
361
  }
420
362
  },
421
- "403": {
422
- "description": "Returned when the user does not have permission to access the resource.",
423
- "schema": {}
424
- },
425
- "404": {
426
- "description": "Returned when the resource does not exist.",
427
- "schema": {
428
- "type": "string",
429
- "format": "string"
430
- }
431
- },
432
363
  "default": {
433
364
  "description": "An unexpected error response.",
434
365
  "schema": {
@@ -461,17 +392,6 @@
461
392
  "$ref": "#/definitions/v1GetUsersResponse"
462
393
  }
463
394
  },
464
- "403": {
465
- "description": "Returned when the user does not have permission to access the resource.",
466
- "schema": {}
467
- },
468
- "404": {
469
- "description": "Returned when the resource does not exist.",
470
- "schema": {
471
- "type": "string",
472
- "format": "string"
473
- }
474
- },
475
395
  "default": {
476
396
  "description": "An unexpected error response.",
477
397
  "schema": {
@@ -504,17 +424,6 @@
504
424
  "$ref": "#/definitions/v1GetWhoamiResponse"
505
425
  }
506
426
  },
507
- "403": {
508
- "description": "Returned when the user does not have permission to access the resource.",
509
- "schema": {}
510
- },
511
- "404": {
512
- "description": "Returned when the resource does not exist.",
513
- "schema": {
514
- "type": "string",
515
- "format": "string"
516
- }
517
- },
518
427
  "default": {
519
428
  "description": "An unexpected error response.",
520
429
  "schema": {
@@ -532,7 +441,7 @@
532
441
  }
533
442
  }
534
443
  ],
535
- "tags": ["Users"]
444
+ "tags": ["Who am I?"]
536
445
  }
537
446
  },
538
447
  "/public/v1/submit/approve_activity": {
@@ -547,17 +456,6 @@
547
456
  "$ref": "#/definitions/v1ActivityResponse"
548
457
  }
549
458
  },
550
- "403": {
551
- "description": "Returned when the user does not have permission to access the resource.",
552
- "schema": {}
553
- },
554
- "404": {
555
- "description": "Returned when the resource does not exist.",
556
- "schema": {
557
- "type": "string",
558
- "format": "string"
559
- }
560
- },
561
459
  "default": {
562
460
  "description": "An unexpected error response.",
563
461
  "schema": {
@@ -575,7 +473,7 @@
575
473
  }
576
474
  }
577
475
  ],
578
- "tags": ["Activities"]
476
+ "tags": ["Consensus"]
579
477
  }
580
478
  },
581
479
  "/public/v1/submit/create_api_keys": {
@@ -590,17 +488,6 @@
590
488
  "$ref": "#/definitions/v1ActivityResponse"
591
489
  }
592
490
  },
593
- "403": {
594
- "description": "Returned when the user does not have permission to access the resource.",
595
- "schema": {}
596
- },
597
- "404": {
598
- "description": "Returned when the resource does not exist.",
599
- "schema": {
600
- "type": "string",
601
- "format": "string"
602
- }
603
- },
604
491
  "default": {
605
492
  "description": "An unexpected error response.",
606
493
  "schema": {
@@ -618,7 +505,7 @@
618
505
  }
619
506
  }
620
507
  ],
621
- "tags": ["Users"]
508
+ "tags": ["API Keys"]
622
509
  }
623
510
  },
624
511
  "/public/v1/submit/create_api_only_users": {
@@ -633,17 +520,6 @@
633
520
  "$ref": "#/definitions/v1ActivityResponse"
634
521
  }
635
522
  },
636
- "403": {
637
- "description": "Returned when the user does not have permission to access the resource.",
638
- "schema": {}
639
- },
640
- "404": {
641
- "description": "Returned when the resource does not exist.",
642
- "schema": {
643
- "type": "string",
644
- "format": "string"
645
- }
646
- },
647
523
  "default": {
648
524
  "description": "An unexpected error response.",
649
525
  "schema": {
@@ -676,17 +552,6 @@
676
552
  "$ref": "#/definitions/v1ActivityResponse"
677
553
  }
678
554
  },
679
- "403": {
680
- "description": "Returned when the user does not have permission to access the resource.",
681
- "schema": {}
682
- },
683
- "404": {
684
- "description": "Returned when the resource does not exist.",
685
- "schema": {
686
- "type": "string",
687
- "format": "string"
688
- }
689
- },
690
555
  "default": {
691
556
  "description": "An unexpected error response.",
692
557
  "schema": {
@@ -719,17 +584,6 @@
719
584
  "$ref": "#/definitions/v1ActivityResponse"
720
585
  }
721
586
  },
722
- "403": {
723
- "description": "Returned when the user does not have permission to access the resource.",
724
- "schema": {}
725
- },
726
- "404": {
727
- "description": "Returned when the resource does not exist.",
728
- "schema": {
729
- "type": "string",
730
- "format": "string"
731
- }
732
- },
733
587
  "default": {
734
588
  "description": "An unexpected error response.",
735
589
  "schema": {
@@ -762,17 +616,6 @@
762
616
  "$ref": "#/definitions/v1ActivityResponse"
763
617
  }
764
618
  },
765
- "403": {
766
- "description": "Returned when the user does not have permission to access the resource.",
767
- "schema": {}
768
- },
769
- "404": {
770
- "description": "Returned when the resource does not exist.",
771
- "schema": {
772
- "type": "string",
773
- "format": "string"
774
- }
775
- },
776
619
  "default": {
777
620
  "description": "An unexpected error response.",
778
621
  "schema": {
@@ -805,17 +648,6 @@
805
648
  "$ref": "#/definitions/v1ActivityResponse"
806
649
  }
807
650
  },
808
- "403": {
809
- "description": "Returned when the user does not have permission to access the resource.",
810
- "schema": {}
811
- },
812
- "404": {
813
- "description": "Returned when the resource does not exist.",
814
- "schema": {
815
- "type": "string",
816
- "format": "string"
817
- }
818
- },
819
651
  "default": {
820
652
  "description": "An unexpected error response.",
821
653
  "schema": {
@@ -833,7 +665,7 @@
833
665
  }
834
666
  }
835
667
  ],
836
- "tags": ["Private Keys"]
668
+ "tags": ["Private Key Tags"]
837
669
  }
838
670
  },
839
671
  "/public/v1/submit/create_private_keys": {
@@ -848,17 +680,6 @@
848
680
  "$ref": "#/definitions/v1ActivityResponse"
849
681
  }
850
682
  },
851
- "403": {
852
- "description": "Returned when the user does not have permission to access the resource.",
853
- "schema": {}
854
- },
855
- "404": {
856
- "description": "Returned when the resource does not exist.",
857
- "schema": {
858
- "type": "string",
859
- "format": "string"
860
- }
861
- },
862
683
  "default": {
863
684
  "description": "An unexpected error response.",
864
685
  "schema": {
@@ -891,17 +712,6 @@
891
712
  "$ref": "#/definitions/v1ActivityResponse"
892
713
  }
893
714
  },
894
- "403": {
895
- "description": "Returned when the user does not have permission to access the resource.",
896
- "schema": {}
897
- },
898
- "404": {
899
- "description": "Returned when the resource does not exist.",
900
- "schema": {
901
- "type": "string",
902
- "format": "string"
903
- }
904
- },
905
715
  "default": {
906
716
  "description": "An unexpected error response.",
907
717
  "schema": {
@@ -934,17 +744,6 @@
934
744
  "$ref": "#/definitions/v1ActivityResponse"
935
745
  }
936
746
  },
937
- "403": {
938
- "description": "Returned when the user does not have permission to access the resource.",
939
- "schema": {}
940
- },
941
- "404": {
942
- "description": "Returned when the resource does not exist.",
943
- "schema": {
944
- "type": "string",
945
- "format": "string"
946
- }
947
- },
948
747
  "default": {
949
748
  "description": "An unexpected error response.",
950
749
  "schema": {
@@ -962,7 +761,7 @@
962
761
  }
963
762
  }
964
763
  ],
965
- "tags": ["Users"]
764
+ "tags": ["User Tags"]
966
765
  }
967
766
  },
968
767
  "/public/v1/submit/create_users": {
@@ -977,17 +776,6 @@
977
776
  "$ref": "#/definitions/v1ActivityResponse"
978
777
  }
979
778
  },
980
- "403": {
981
- "description": "Returned when the user does not have permission to access the resource.",
982
- "schema": {}
983
- },
984
- "404": {
985
- "description": "Returned when the resource does not exist.",
986
- "schema": {
987
- "type": "string",
988
- "format": "string"
989
- }
990
- },
991
779
  "default": {
992
780
  "description": "An unexpected error response.",
993
781
  "schema": {
@@ -1005,8 +793,7 @@
1005
793
  }
1006
794
  }
1007
795
  ],
1008
- "tags": ["Users"],
1009
- "deprecated": true
796
+ "tags": ["Users"]
1010
797
  }
1011
798
  },
1012
799
  "/public/v1/submit/delete_api_keys": {
@@ -1021,15 +808,36 @@
1021
808
  "$ref": "#/definitions/v1ActivityResponse"
1022
809
  }
1023
810
  },
1024
- "403": {
1025
- "description": "Returned when the user does not have permission to access the resource.",
1026
- "schema": {}
1027
- },
1028
- "404": {
1029
- "description": "Returned when the resource does not exist.",
811
+ "default": {
812
+ "description": "An unexpected error response.",
813
+ "schema": {
814
+ "$ref": "#/definitions/rpcStatus"
815
+ }
816
+ }
817
+ },
818
+ "parameters": [
819
+ {
820
+ "name": "body",
821
+ "in": "body",
822
+ "required": true,
1030
823
  "schema": {
1031
- "type": "string",
1032
- "format": "string"
824
+ "$ref": "#/definitions/v1DeleteApiKeysRequest"
825
+ }
826
+ }
827
+ ],
828
+ "tags": ["API Keys"]
829
+ }
830
+ },
831
+ "/public/v1/submit/delete_authenticators": {
832
+ "post": {
833
+ "summary": "Delete Authenticators",
834
+ "description": "Remove authenticators from a User",
835
+ "operationId": "PublicApiService_DeleteAuthenticators",
836
+ "responses": {
837
+ "200": {
838
+ "description": "A successful response.",
839
+ "schema": {
840
+ "$ref": "#/definitions/v1ActivityResponse"
1033
841
  }
1034
842
  },
1035
843
  "default": {
@@ -1045,11 +853,11 @@
1045
853
  "in": "body",
1046
854
  "required": true,
1047
855
  "schema": {
1048
- "$ref": "#/definitions/v1DeleteApiKeysRequest"
856
+ "$ref": "#/definitions/v1DeleteAuthenticatorsRequest"
1049
857
  }
1050
858
  }
1051
859
  ],
1052
- "tags": ["Users"]
860
+ "tags": ["Authenticators"]
1053
861
  }
1054
862
  },
1055
863
  "/public/v1/submit/delete_invitations": {
@@ -1064,17 +872,6 @@
1064
872
  "$ref": "#/definitions/v1ActivityResponse"
1065
873
  }
1066
874
  },
1067
- "403": {
1068
- "description": "Returned when the user does not have permission to access the resource.",
1069
- "schema": {}
1070
- },
1071
- "404": {
1072
- "description": "Returned when the resource does not exist.",
1073
- "schema": {
1074
- "type": "string",
1075
- "format": "string"
1076
- }
1077
- },
1078
875
  "default": {
1079
876
  "description": "An unexpected error response.",
1080
877
  "schema": {
@@ -1107,17 +904,6 @@
1107
904
  "$ref": "#/definitions/v1ActivityResponse"
1108
905
  }
1109
906
  },
1110
- "403": {
1111
- "description": "Returned when the user does not have permission to access the resource.",
1112
- "schema": {}
1113
- },
1114
- "404": {
1115
- "description": "Returned when the resource does not exist.",
1116
- "schema": {
1117
- "type": "string",
1118
- "format": "string"
1119
- }
1120
- },
1121
907
  "default": {
1122
908
  "description": "An unexpected error response.",
1123
909
  "schema": {
@@ -1150,17 +936,6 @@
1150
936
  "$ref": "#/definitions/v1ActivityResponse"
1151
937
  }
1152
938
  },
1153
- "403": {
1154
- "description": "Returned when the user does not have permission to access the resource.",
1155
- "schema": {}
1156
- },
1157
- "404": {
1158
- "description": "Returned when the resource does not exist.",
1159
- "schema": {
1160
- "type": "string",
1161
- "format": "string"
1162
- }
1163
- },
1164
939
  "default": {
1165
940
  "description": "An unexpected error response.",
1166
941
  "schema": {
@@ -1178,7 +953,7 @@
1178
953
  }
1179
954
  }
1180
955
  ],
1181
- "tags": ["Activities"]
956
+ "tags": ["Consensus"]
1182
957
  }
1183
958
  },
1184
959
  "/public/v1/submit/sign_raw_payload": {
@@ -1193,17 +968,6 @@
1193
968
  "$ref": "#/definitions/v1ActivityResponse"
1194
969
  }
1195
970
  },
1196
- "403": {
1197
- "description": "Returned when the user does not have permission to access the resource.",
1198
- "schema": {}
1199
- },
1200
- "404": {
1201
- "description": "Returned when the resource does not exist.",
1202
- "schema": {
1203
- "type": "string",
1204
- "format": "string"
1205
- }
1206
- },
1207
971
  "default": {
1208
972
  "description": "An unexpected error response.",
1209
973
  "schema": {
@@ -1236,17 +1000,6 @@
1236
1000
  "$ref": "#/definitions/v1ActivityResponse"
1237
1001
  }
1238
1002
  },
1239
- "403": {
1240
- "description": "Returned when the user does not have permission to access the resource.",
1241
- "schema": {}
1242
- },
1243
- "404": {
1244
- "description": "Returned when the resource does not exist.",
1245
- "schema": {
1246
- "type": "string",
1247
- "format": "string"
1248
- }
1249
- },
1250
1003
  "default": {
1251
1004
  "description": "An unexpected error response.",
1252
1005
  "schema": {
@@ -1279,15 +1032,36 @@
1279
1032
  "$ref": "#/definitions/v1ActivityResponse"
1280
1033
  }
1281
1034
  },
1282
- "403": {
1283
- "description": "Returned when the user does not have permission to access the resource.",
1284
- "schema": {}
1285
- },
1286
- "404": {
1287
- "description": "Returned when the resource does not exist.",
1035
+ "default": {
1036
+ "description": "An unexpected error response.",
1288
1037
  "schema": {
1289
- "type": "string",
1290
- "format": "string"
1038
+ "$ref": "#/definitions/rpcStatus"
1039
+ }
1040
+ }
1041
+ },
1042
+ "parameters": [
1043
+ {
1044
+ "name": "body",
1045
+ "in": "body",
1046
+ "required": true,
1047
+ "schema": {
1048
+ "$ref": "#/definitions/v1UpdateAllowedOriginsRequest"
1049
+ }
1050
+ }
1051
+ ],
1052
+ "tags": ["Organizations"]
1053
+ }
1054
+ },
1055
+ "/public/v1/submit/update_policy": {
1056
+ "post": {
1057
+ "summary": "Update Policy",
1058
+ "description": "Update an existing Policy",
1059
+ "operationId": "PublicApiService_UpdatePolicy",
1060
+ "responses": {
1061
+ "200": {
1062
+ "description": "A successful response.",
1063
+ "schema": {
1064
+ "$ref": "#/definitions/v1ActivityResponse"
1291
1065
  }
1292
1066
  },
1293
1067
  "default": {
@@ -1303,11 +1077,11 @@
1303
1077
  "in": "body",
1304
1078
  "required": true,
1305
1079
  "schema": {
1306
- "$ref": "#/definitions/v1UpdateAllowedOriginsRequest"
1080
+ "$ref": "#/definitions/v1UpdatePolicyRequest"
1307
1081
  }
1308
1082
  }
1309
1083
  ],
1310
- "tags": ["Organizations"]
1084
+ "tags": ["Policies"]
1311
1085
  }
1312
1086
  },
1313
1087
  "/public/v1/submit/update_private_key_tag": {
@@ -1322,17 +1096,6 @@
1322
1096
  "$ref": "#/definitions/v1ActivityResponse"
1323
1097
  }
1324
1098
  },
1325
- "403": {
1326
- "description": "Returned when the user does not have permission to access the resource.",
1327
- "schema": {}
1328
- },
1329
- "404": {
1330
- "description": "Returned when the resource does not exist.",
1331
- "schema": {
1332
- "type": "string",
1333
- "format": "string"
1334
- }
1335
- },
1336
1099
  "default": {
1337
1100
  "description": "An unexpected error response.",
1338
1101
  "schema": {
@@ -1350,7 +1113,7 @@
1350
1113
  }
1351
1114
  }
1352
1115
  ],
1353
- "tags": ["Private Keys"]
1116
+ "tags": ["Private Key Tags"]
1354
1117
  }
1355
1118
  },
1356
1119
  "/public/v1/submit/update_root_quorum": {
@@ -1365,17 +1128,6 @@
1365
1128
  "$ref": "#/definitions/v1ActivityResponse"
1366
1129
  }
1367
1130
  },
1368
- "403": {
1369
- "description": "Returned when the user does not have permission to access the resource.",
1370
- "schema": {}
1371
- },
1372
- "404": {
1373
- "description": "Returned when the resource does not exist.",
1374
- "schema": {
1375
- "type": "string",
1376
- "format": "string"
1377
- }
1378
- },
1379
1131
  "default": {
1380
1132
  "description": "An unexpected error response.",
1381
1133
  "schema": {
@@ -1396,11 +1148,11 @@
1396
1148
  "tags": ["Organizations"]
1397
1149
  }
1398
1150
  },
1399
- "/public/v1/submit/update_user_tag": {
1151
+ "/public/v1/submit/update_user": {
1400
1152
  "post": {
1401
- "summary": "Update User Tag",
1402
- "description": "Update human-readable name or associated users. Note that this activity is atomic: all of the updates will succeed at once, or all of them will fail.",
1403
- "operationId": "PublicApiService_UpdateUserTag",
1153
+ "summary": "Update User",
1154
+ "description": "Update a User in an existing Organization",
1155
+ "operationId": "PublicApiService_UpdateUser",
1404
1156
  "responses": {
1405
1157
  "200": {
1406
1158
  "description": "A successful response.",
@@ -1408,17 +1160,6 @@
1408
1160
  "$ref": "#/definitions/v1ActivityResponse"
1409
1161
  }
1410
1162
  },
1411
- "403": {
1412
- "description": "Returned when the user does not have permission to access the resource.",
1413
- "schema": {}
1414
- },
1415
- "404": {
1416
- "description": "Returned when the resource does not exist.",
1417
- "schema": {
1418
- "type": "string",
1419
- "format": "string"
1420
- }
1421
- },
1422
1163
  "default": {
1423
1164
  "description": "An unexpected error response.",
1424
1165
  "schema": {
@@ -1432,33 +1173,23 @@
1432
1173
  "in": "body",
1433
1174
  "required": true,
1434
1175
  "schema": {
1435
- "$ref": "#/definitions/v1UpdateUserTagRequest"
1176
+ "$ref": "#/definitions/v1UpdateUserRequest"
1436
1177
  }
1437
1178
  }
1438
1179
  ],
1439
1180
  "tags": ["Users"]
1440
1181
  }
1441
1182
  },
1442
- "/tkhq/api/v1/noop-codegen-anchor": {
1183
+ "/public/v1/submit/update_user_tag": {
1443
1184
  "post": {
1444
- "summary": "This route does nothing and does not need an implementation, but please don't remove it.\nIt's used at compile time for generating extra OpenAPI/TypeScript types\nthat are not directly referenced in requests.",
1445
- "operationId": "PublicApiService_NOOPCodegenAnchor",
1185
+ "summary": "Update User Tag",
1186
+ "description": "Update human-readable name or associated users. Note that this activity is atomic: all of the updates will succeed at once, or all of them will fail.",
1187
+ "operationId": "PublicApiService_UpdateUserTag",
1446
1188
  "responses": {
1447
1189
  "200": {
1448
1190
  "description": "A successful response.",
1449
1191
  "schema": {
1450
- "$ref": "#/definitions/v1NOOPCodegenAnchorResponse"
1451
- }
1452
- },
1453
- "403": {
1454
- "description": "Returned when the user does not have permission to access the resource.",
1455
- "schema": {}
1456
- },
1457
- "404": {
1458
- "description": "Returned when the resource does not exist.",
1459
- "schema": {
1460
- "type": "string",
1461
- "format": "string"
1192
+ "$ref": "#/definitions/v1ActivityResponse"
1462
1193
  }
1463
1194
  },
1464
1195
  "default": {
@@ -1468,30 +1199,27 @@
1468
1199
  }
1469
1200
  }
1470
1201
  },
1471
- "tags": ["PublicApiService"]
1202
+ "parameters": [
1203
+ {
1204
+ "name": "body",
1205
+ "in": "body",
1206
+ "required": true,
1207
+ "schema": {
1208
+ "$ref": "#/definitions/v1UpdateUserTagRequest"
1209
+ }
1210
+ }
1211
+ ],
1212
+ "tags": ["User Tags"]
1472
1213
  }
1473
1214
  },
1474
- "/tkhq/public/v1/query/get_private_key": {
1215
+ "/tkhq/api/v1/noop-codegen-anchor": {
1475
1216
  "post": {
1476
- "summary": "Get Private Key",
1477
- "description": "Get details about a Private Key",
1478
- "operationId": "PublicApiService_GetPrivateKeyBackwardsCompat",
1217
+ "operationId": "PublicApiService_NOOPCodegenAnchor",
1479
1218
  "responses": {
1480
1219
  "200": {
1481
1220
  "description": "A successful response.",
1482
1221
  "schema": {
1483
- "$ref": "#/definitions/v1GetPrivateKeyResponse"
1484
- }
1485
- },
1486
- "403": {
1487
- "description": "Returned when the user does not have permission to access the resource.",
1488
- "schema": {}
1489
- },
1490
- "404": {
1491
- "description": "Returned when the resource does not exist.",
1492
- "schema": {
1493
- "type": "string",
1494
- "format": "string"
1222
+ "$ref": "#/definitions/v1NOOPCodegenAnchorResponse"
1495
1223
  }
1496
1224
  },
1497
1225
  "default": {
@@ -1501,18 +1229,7 @@
1501
1229
  }
1502
1230
  }
1503
1231
  },
1504
- "parameters": [
1505
- {
1506
- "name": "body",
1507
- "in": "body",
1508
- "required": true,
1509
- "schema": {
1510
- "$ref": "#/definitions/v1GetPrivateKeyRequest"
1511
- }
1512
- }
1513
- ],
1514
- "tags": ["Private Keys"],
1515
- "deprecated": true
1232
+ "tags": ["PublicApiService"]
1516
1233
  }
1517
1234
  }
1518
1235
  },
@@ -1561,8 +1278,7 @@
1561
1278
  "ADDRESS_FORMAT_UNCOMPRESSED",
1562
1279
  "ADDRESS_FORMAT_COMPRESSED",
1563
1280
  "ADDRESS_FORMAT_ETHEREUM"
1564
- ],
1565
- "description": " - ADDRESS_FORMAT_UNCOMPRESSED: 04\u003cX_COORDINATE\u003e\u003cY_COORDINATE\u003e\n - ADDRESS_FORMAT_COMPRESSED: 02 or 03, followed by the X coordinate\n - ADDRESS_FORMAT_ETHEREUM: Your standard Ethereum address (0x...). We apply EIP55 casing."
1281
+ ]
1566
1282
  },
1567
1283
  "externaldatav1AuthenticatorTransport": {
1568
1284
  "type": "string",
@@ -1576,8 +1292,7 @@
1576
1292
  },
1577
1293
  "externaldatav1Curve": {
1578
1294
  "type": "string",
1579
- "enum": ["CURVE_SECP256K1", "CURVE_ED25519"],
1580
- "description": "Cryptographic Curve used to generate a given Private Key."
1295
+ "enum": ["CURVE_SECP256K1", "CURVE_ED25519"]
1581
1296
  },
1582
1297
  "externaldatav1Effect": {
1583
1298
  "type": "string",
@@ -1597,8 +1312,7 @@
1597
1312
  "OPERATOR_NOT_IN",
1598
1313
  "OPERATOR_CONTAINS_ONE",
1599
1314
  "OPERATOR_CONTAINS_ALL"
1600
- ],
1601
- "description": "Logical operators."
1315
+ ]
1602
1316
  },
1603
1317
  "externaldatav1Selector": {
1604
1318
  "type": "object",
@@ -1608,7 +1322,8 @@
1608
1322
  "description": "The resource being referenced within a policy (e.g., user.tags or activities.type)."
1609
1323
  },
1610
1324
  "operator": {
1611
- "$ref": "#/definitions/externaldatav1Operator"
1325
+ "$ref": "#/definitions/externaldatav1Operator",
1326
+ "description": "Logical operators like OPERATOR_CONTAINS or OPERATOR_EQUAL."
1612
1327
  },
1613
1328
  "targets": {
1614
1329
  "type": "array",
@@ -1641,13 +1356,11 @@
1641
1356
  "ADDRESS_FORMAT_UNCOMPRESSED",
1642
1357
  "ADDRESS_FORMAT_COMPRESSED",
1643
1358
  "ADDRESS_FORMAT_ETHEREUM"
1644
- ],
1645
- "description": " - ADDRESS_FORMAT_UNCOMPRESSED: 04\u003cX_COORDINATE\u003e\u003cY_COORDINATE\u003e\n - ADDRESS_FORMAT_COMPRESSED: 02 or 03, followed by the X coordinate\n - ADDRESS_FORMAT_ETHEREUM: Your standard Ethereum address (0x...). We apply EIP55 casing."
1359
+ ]
1646
1360
  },
1647
1361
  "immutableactivityv1Curve": {
1648
1362
  "type": "string",
1649
- "enum": ["CURVE_SECP256K1", "CURVE_ED25519"],
1650
- "description": "Cryptographic Curve used to generate a given Private Key."
1363
+ "enum": ["CURVE_SECP256K1", "CURVE_ED25519"]
1651
1364
  },
1652
1365
  "immutableactivityv1Effect": {
1653
1366
  "type": "string",
@@ -1685,8 +1398,7 @@
1685
1398
  },
1686
1399
  "immutableactivityv1TransactionType": {
1687
1400
  "type": "string",
1688
- "enum": ["TRANSACTION_TYPE_ETHEREUM"],
1689
- "title": "- TRANSACTION_TYPE_ETHEREUM: Unsigned Ethereum transaction, RLP-encoded and hex-encoded"
1401
+ "enum": ["TRANSACTION_TYPE_ETHEREUM"]
1690
1402
  },
1691
1403
  "immutablewebauthnv1AuthenticatorTransport": {
1692
1404
  "type": "string",
@@ -1720,6 +1432,7 @@
1720
1432
  "details": {
1721
1433
  "type": "array",
1722
1434
  "items": {
1435
+ "type": "object",
1723
1436
  "$ref": "#/definitions/protobufAny"
1724
1437
  }
1725
1438
  }
@@ -1730,16 +1443,15 @@
1730
1443
  "properties": {
1731
1444
  "invitationId": {
1732
1445
  "type": "string",
1733
- "description": "Unique identifier for a given Invitation object.",
1734
- "title": "@inject_tag: validate:\"required,uuid\""
1446
+ "description": "Unique identifier for a given Invitation object."
1735
1447
  },
1736
1448
  "userId": {
1737
1449
  "type": "string",
1738
- "description": "Unique identifier for a given User.",
1739
- "title": "@inject_tag: validate:\"required,uuid\""
1450
+ "description": "Unique identifier for a given User."
1740
1451
  },
1741
1452
  "authenticator": {
1742
- "$ref": "#/definitions/v1AuthenticatorParams"
1453
+ "$ref": "#/definitions/v1AuthenticatorParams",
1454
+ "description": "WebAuthN hardware devices that can be used to log in to the Turnkey web app."
1743
1455
  }
1744
1456
  },
1745
1457
  "required": ["invitationId", "userId", "authenticator"]
@@ -1749,16 +1461,15 @@
1749
1461
  "properties": {
1750
1462
  "invitationId": {
1751
1463
  "type": "string",
1752
- "description": "Unique identifier for a given Invitation object.",
1753
- "title": "@inject_tag: validate:\"required,uuid\""
1464
+ "description": "Unique identifier for a given Invitation object."
1754
1465
  },
1755
1466
  "userId": {
1756
1467
  "type": "string",
1757
- "description": "Unique identifier for a given User.",
1758
- "title": "@inject_tag: validate:\"required,uuid\""
1468
+ "description": "Unique identifier for a given User."
1759
1469
  },
1760
1470
  "authenticator": {
1761
- "$ref": "#/definitions/v1AuthenticatorParamsV2"
1471
+ "$ref": "#/definitions/v1AuthenticatorParamsV2",
1472
+ "description": "WebAuthN hardware devices that can be used to log in to the Turnkey web app."
1762
1473
  }
1763
1474
  },
1764
1475
  "required": ["invitationId", "userId", "authenticator"]
@@ -1782,8 +1493,7 @@
1782
1493
  "properties": {
1783
1494
  "productId": {
1784
1495
  "type": "string",
1785
- "description": "The product that the customer wants to subscribe to.",
1786
- "title": "@inject_tag: validate:\"required\""
1496
+ "description": "The product that the customer wants to subscribe to."
1787
1497
  }
1788
1498
  },
1789
1499
  "required": ["productId"]
@@ -1810,20 +1520,25 @@
1810
1520
  "description": "Unique identifier for a given Organization."
1811
1521
  },
1812
1522
  "status": {
1813
- "$ref": "#/definitions/v1ActivityStatus"
1523
+ "$ref": "#/definitions/v1ActivityStatus",
1524
+ "description": "The current processing status of a specified Activity."
1814
1525
  },
1815
1526
  "type": {
1816
- "$ref": "#/definitions/v1ActivityType"
1527
+ "$ref": "#/definitions/v1ActivityType",
1528
+ "description": "Type of Activity, such as Add User, or Sign Transaction."
1817
1529
  },
1818
1530
  "intent": {
1819
- "$ref": "#/definitions/v1Intent"
1531
+ "$ref": "#/definitions/v1Intent",
1532
+ "description": "Intent object crafted by Turnkey based on the user request, used to assess the permissibility of an action."
1820
1533
  },
1821
1534
  "result": {
1822
- "$ref": "#/definitions/v1Result"
1535
+ "$ref": "#/definitions/v1Result",
1536
+ "description": "Result of the intended action."
1823
1537
  },
1824
1538
  "votes": {
1825
1539
  "type": "array",
1826
1540
  "items": {
1541
+ "type": "object",
1827
1542
  "$ref": "#/definitions/v1Vote"
1828
1543
  },
1829
1544
  "description": "A list of objects representing a particular User's approval or rejection of a Consensus request, including all relevant metadata."
@@ -1845,7 +1560,6 @@
1845
1560
  "$ref": "#/definitions/v1Timestamp"
1846
1561
  }
1847
1562
  },
1848
- "description": "An action that can that can be taken within the Turnkey infrastructure.",
1849
1563
  "required": [
1850
1564
  "id",
1851
1565
  "organizationId",
@@ -1865,7 +1579,8 @@
1865
1579
  "type": "object",
1866
1580
  "properties": {
1867
1581
  "activity": {
1868
- "$ref": "#/definitions/v1Activity"
1582
+ "$ref": "#/definitions/v1Activity",
1583
+ "description": "An action that can that can be taken within the Turnkey infrastructure."
1869
1584
  }
1870
1585
  },
1871
1586
  "required": ["activity"]
@@ -1879,8 +1594,7 @@
1879
1594
  "ACTIVITY_STATUS_FAILED",
1880
1595
  "ACTIVITY_STATUS_CONSENSUS_NEEDED",
1881
1596
  "ACTIVITY_STATUS_REJECTED"
1882
- ],
1883
- "description": "The current processing status of an Activity."
1597
+ ]
1884
1598
  },
1885
1599
  "v1ActivityType": {
1886
1600
  "type": "string",
@@ -1924,15 +1638,18 @@
1924
1638
  "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION",
1925
1639
  "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V2",
1926
1640
  "ACTIVITY_TYPE_UPDATE_ALLOWED_ORIGINS",
1927
- "ACTIVITY_TYPE_CREATE_PRIVATE_KEYS_V2"
1928
- ],
1929
- "description": "Type of Activity, such as Add User, or Sign Transaction."
1641
+ "ACTIVITY_TYPE_CREATE_PRIVATE_KEYS_V2",
1642
+ "ACTIVITY_TYPE_UPDATE_USER",
1643
+ "ACTIVITY_TYPE_UPDATE_POLICY",
1644
+ "ACTIVITY_TYPE_SET_PAYMENT_METHOD_V2"
1645
+ ]
1930
1646
  },
1931
1647
  "v1ApiKey": {
1932
1648
  "type": "object",
1933
1649
  "properties": {
1934
1650
  "credential": {
1935
- "$ref": "#/definitions/v1Credential"
1651
+ "$ref": "#/definitions/v1Credential",
1652
+ "description": "A User credential that can be used to authenticate to Turnkey."
1936
1653
  },
1937
1654
  "apiKeyId": {
1938
1655
  "type": "string",
@@ -1962,13 +1679,11 @@
1962
1679
  "properties": {
1963
1680
  "apiKeyName": {
1964
1681
  "type": "string",
1965
- "description": "Human-readable name for an API Key.",
1966
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
1682
+ "description": "Human-readable name for an API Key."
1967
1683
  },
1968
1684
  "publicKey": {
1969
1685
  "type": "string",
1970
- "description": "The public component of a cryptographic key pair used to sign messages and transactions.",
1971
- "title": "@inject_tag: validate:\"hexadecimal,len=66\""
1686
+ "description": "The public component of a cryptographic key pair used to sign messages and transactions."
1972
1687
  }
1973
1688
  },
1974
1689
  "required": ["apiKeyName", "publicKey"]
@@ -1978,29 +1693,26 @@
1978
1693
  "properties": {
1979
1694
  "userName": {
1980
1695
  "type": "string",
1981
- "description": "The name of the new API-only User.",
1982
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
1696
+ "description": "The name of the new API-only User."
1983
1697
  },
1984
1698
  "userEmail": {
1985
1699
  "type": "string",
1986
- "description": "The email address for this API-only User (optional).",
1987
- "title": "@inject_tag: validate:\"omitempty,email,tk_email\""
1700
+ "description": "The email address for this API-only User (optional)."
1988
1701
  },
1989
1702
  "userTags": {
1990
1703
  "type": "array",
1991
1704
  "items": {
1992
1705
  "type": "string"
1993
1706
  },
1994
- "description": "A list of tags assigned to the new API-only User.",
1995
- "title": "@inject_tag: validate:\"dive,uuid\""
1707
+ "description": "A list of tags assigned to the new API-only User."
1996
1708
  },
1997
1709
  "apiKeys": {
1998
1710
  "type": "array",
1999
1711
  "items": {
1712
+ "type": "object",
2000
1713
  "$ref": "#/definitions/v1ApiKeyParams"
2001
1714
  },
2002
- "description": "A list of API Key parameters.",
2003
- "title": "@inject_tag: validate:\"dive,uuid\""
1715
+ "description": "A list of API Key parameters."
2004
1716
  }
2005
1717
  },
2006
1718
  "required": ["userName", "userTags", "apiKeys"]
@@ -2010,8 +1722,7 @@
2010
1722
  "properties": {
2011
1723
  "fingerprint": {
2012
1724
  "type": "string",
2013
- "description": "An artifact verifying a User's action.",
2014
- "title": "@inject_tag: validate:\"required\""
1725
+ "description": "An artifact verifying a User's action."
2015
1726
  }
2016
1727
  },
2017
1728
  "required": ["fingerprint"]
@@ -2042,18 +1753,15 @@
2042
1753
  "properties": {
2043
1754
  "credentialId": {
2044
1755
  "type": "string",
2045
- "description": "The cbor encoded then base64 url encoded id of the credential.",
2046
- "title": "@inject_tag: validate:\"required,max=256\""
1756
+ "description": "The cbor encoded then base64 url encoded id of the credential."
2047
1757
  },
2048
1758
  "clientDataJson": {
2049
1759
  "type": "string",
2050
- "description": "A base64 url encoded payload containing metadata about the signing context and the challenge.",
2051
- "title": "@inject_tag: validate:\"required\""
1760
+ "description": "A base64 url encoded payload containing metadata about the signing context and the challenge."
2052
1761
  },
2053
1762
  "attestationObject": {
2054
1763
  "type": "string",
2055
- "description": "A base64 url encoded payload containing authenticator data and any attestation the webauthn provider chooses.",
2056
- "title": "@inject_tag: validate:\"required\""
1764
+ "description": "A base64 url encoded payload containing authenticator data and any attestation the webauthn provider chooses."
2057
1765
  },
2058
1766
  "transports": {
2059
1767
  "type": "array",
@@ -2096,7 +1804,8 @@
2096
1804
  "description": "The type of Authenticator device."
2097
1805
  },
2098
1806
  "credential": {
2099
- "$ref": "#/definitions/v1Credential"
1807
+ "$ref": "#/definitions/v1Credential",
1808
+ "description": "A User credential that can be used to authenticate to Turnkey."
2100
1809
  },
2101
1810
  "authenticatorId": {
2102
1811
  "type": "string",
@@ -2130,12 +1839,10 @@
2130
1839
  "type": "object",
2131
1840
  "properties": {
2132
1841
  "clientDataJson": {
2133
- "type": "string",
2134
- "title": "ENCODING: base64url"
1842
+ "type": "string"
2135
1843
  },
2136
1844
  "attestationObject": {
2137
- "type": "string",
2138
- "title": "ENCODING: base64url"
1845
+ "type": "string"
2139
1846
  },
2140
1847
  "transports": {
2141
1848
  "type": "array",
@@ -2156,21 +1863,18 @@
2156
1863
  "properties": {
2157
1864
  "authenticatorName": {
2158
1865
  "type": "string",
2159
- "description": "Human-readable name for an Authenticator.",
2160
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
1866
+ "description": "Human-readable name for an Authenticator."
2161
1867
  },
2162
1868
  "userId": {
2163
1869
  "type": "string",
2164
- "description": "Unique identifier for a given User.",
2165
- "title": "@inject_tag: validate:\"required,uuid\""
1870
+ "description": "Unique identifier for a given User."
2166
1871
  },
2167
1872
  "attestation": {
2168
1873
  "$ref": "#/definitions/v1PublicKeyCredentialWithAttestation"
2169
1874
  },
2170
1875
  "challenge": {
2171
1876
  "type": "string",
2172
- "description": "Challenge presented for authentication purposes.",
2173
- "title": "@inject_tag: validate:\"required,max=256\""
1877
+ "description": "Challenge presented for authentication purposes."
2174
1878
  }
2175
1879
  },
2176
1880
  "required": ["authenticatorName", "userId", "attestation", "challenge"]
@@ -2180,16 +1884,15 @@
2180
1884
  "properties": {
2181
1885
  "authenticatorName": {
2182
1886
  "type": "string",
2183
- "description": "Human-readable name for an Authenticator.",
2184
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
1887
+ "description": "Human-readable name for an Authenticator."
2185
1888
  },
2186
1889
  "challenge": {
2187
1890
  "type": "string",
2188
- "description": "Challenge presented for authentication purposes.",
2189
- "title": "@inject_tag: validate:\"required,max=256\""
1891
+ "description": "Challenge presented for authentication purposes."
2190
1892
  },
2191
1893
  "attestation": {
2192
- "$ref": "#/definitions/v1Attestation"
1894
+ "$ref": "#/definitions/v1Attestation",
1895
+ "description": "The attestation that proves custody of the authenticator and provides metadata about it."
2193
1896
  }
2194
1897
  },
2195
1898
  "required": ["authenticatorName", "challenge", "attestation"]
@@ -2200,15 +1903,14 @@
2200
1903
  "apiKeys": {
2201
1904
  "type": "array",
2202
1905
  "items": {
1906
+ "type": "object",
2203
1907
  "$ref": "#/definitions/v1ApiKeyParams"
2204
1908
  },
2205
- "description": "A list of API Keys.",
2206
- "title": "@inject_tag: validate:\"dive,required\""
1909
+ "description": "A list of API Keys."
2207
1910
  },
2208
1911
  "userId": {
2209
1912
  "type": "string",
2210
- "description": "Unique identifier for a given User.",
2211
- "title": "@inject_tag: validate:\"required,uuid\""
1913
+ "description": "Unique identifier for a given User."
2212
1914
  }
2213
1915
  },
2214
1916
  "required": ["apiKeys", "userId"]
@@ -2253,10 +1955,10 @@
2253
1955
  "apiOnlyUsers": {
2254
1956
  "type": "array",
2255
1957
  "items": {
1958
+ "type": "object",
2256
1959
  "$ref": "#/definitions/v1ApiOnlyUserParams"
2257
1960
  },
2258
- "description": "A list of API-only Users to create.",
2259
- "title": "@inject_tag: validate:\"required,dive,required\""
1961
+ "description": "A list of API-only Users to create."
2260
1962
  }
2261
1963
  },
2262
1964
  "required": ["apiOnlyUsers"]
@@ -2301,15 +2003,14 @@
2301
2003
  "authenticators": {
2302
2004
  "type": "array",
2303
2005
  "items": {
2006
+ "type": "object",
2304
2007
  "$ref": "#/definitions/v1AuthenticatorParams"
2305
2008
  },
2306
- "description": "A list of Authenticators.",
2307
- "title": "@inject_tag: validate:\"dive,required\""
2009
+ "description": "A list of Authenticators."
2308
2010
  },
2309
2011
  "userId": {
2310
2012
  "type": "string",
2311
- "description": "Unique identifier for a given User.",
2312
- "title": "@inject_tag: validate:\"required,uuid\""
2013
+ "description": "Unique identifier for a given User."
2313
2014
  }
2314
2015
  },
2315
2016
  "required": ["authenticators", "userId"]
@@ -2320,15 +2021,14 @@
2320
2021
  "authenticators": {
2321
2022
  "type": "array",
2322
2023
  "items": {
2024
+ "type": "object",
2323
2025
  "$ref": "#/definitions/v1AuthenticatorParamsV2"
2324
2026
  },
2325
- "description": "A list of Authenticators.",
2326
- "title": "@inject_tag: validate:\"dive,required\""
2027
+ "description": "A list of Authenticators."
2327
2028
  },
2328
2029
  "userId": {
2329
2030
  "type": "string",
2330
- "description": "Unique identifier for a given User.",
2331
- "title": "@inject_tag: validate:\"required,uuid\""
2031
+ "description": "Unique identifier for a given User."
2332
2032
  }
2333
2033
  },
2334
2034
  "required": ["authenticators", "userId"]
@@ -2373,10 +2073,10 @@
2373
2073
  "invitations": {
2374
2074
  "type": "array",
2375
2075
  "items": {
2076
+ "type": "object",
2376
2077
  "$ref": "#/definitions/v1InvitationParams"
2377
2078
  },
2378
- "description": "A list of Invitations.",
2379
- "title": "@inject_tag: validate:\"required,dive,required\""
2079
+ "description": "A list of Invitations."
2380
2080
  }
2381
2081
  },
2382
2082
  "required": ["invitations"]
@@ -2420,21 +2120,19 @@
2420
2120
  "properties": {
2421
2121
  "organizationName": {
2422
2122
  "type": "string",
2423
- "description": "Human-readable name for an Organization.",
2424
- "title": "@inject_tag: validate:\"required,tk_label_length\""
2123
+ "description": "Human-readable name for an Organization."
2425
2124
  },
2426
2125
  "rootEmail": {
2427
2126
  "type": "string",
2428
- "description": "The root user's email address.",
2429
- "title": "@inject_tag: validate:\"required,email,tk_email\""
2127
+ "description": "The root user's email address."
2430
2128
  },
2431
2129
  "rootAuthenticator": {
2432
- "$ref": "#/definitions/v1AuthenticatorParams"
2130
+ "$ref": "#/definitions/v1AuthenticatorParams",
2131
+ "description": "The root user's Authenticator."
2433
2132
  },
2434
2133
  "rootUserId": {
2435
2134
  "type": "string",
2436
- "description": "Unique identifier for the root user object.",
2437
- "title": "@inject_tag: validate:\"uuid\""
2135
+ "description": "Unique identifier for the root user object."
2438
2136
  }
2439
2137
  },
2440
2138
  "required": ["organizationName", "rootEmail", "rootAuthenticator"]
@@ -2444,21 +2142,19 @@
2444
2142
  "properties": {
2445
2143
  "organizationName": {
2446
2144
  "type": "string",
2447
- "description": "Human-readable name for an Organization.",
2448
- "title": "@inject_tag: validate:\"required,tk_label,tk_label_length\""
2145
+ "description": "Human-readable name for an Organization."
2449
2146
  },
2450
2147
  "rootEmail": {
2451
2148
  "type": "string",
2452
- "description": "The root user's email address.",
2453
- "title": "@inject_tag: validate:\"required,email,tk_email\""
2149
+ "description": "The root user's email address."
2454
2150
  },
2455
2151
  "rootAuthenticator": {
2456
- "$ref": "#/definitions/v1AuthenticatorParamsV2"
2152
+ "$ref": "#/definitions/v1AuthenticatorParamsV2",
2153
+ "description": "The root user's Authenticator."
2457
2154
  },
2458
2155
  "rootUserId": {
2459
2156
  "type": "string",
2460
- "description": "Unique identifier for the root user object.",
2461
- "title": "@inject_tag: validate:\"uuid\""
2157
+ "description": "Unique identifier for the root user object."
2462
2158
  }
2463
2159
  },
2464
2160
  "required": ["organizationName", "rootEmail", "rootAuthenticator"]
@@ -2478,19 +2174,19 @@
2478
2174
  "properties": {
2479
2175
  "policyName": {
2480
2176
  "type": "string",
2481
- "description": "Human-readable name for a Policy.",
2482
- "title": "@inject_tag: validate:\"required,tk_label_length\""
2177
+ "description": "Human-readable name for a Policy."
2483
2178
  },
2484
2179
  "selectors": {
2485
2180
  "type": "array",
2486
2181
  "items": {
2182
+ "type": "object",
2487
2183
  "$ref": "#/definitions/immutableactivityv1Selector"
2488
2184
  },
2489
- "description": "A list of simple functions each including a subject, target and boolean. See Policy Engine Language section for additional details.",
2490
- "title": "@inject_tag: validate:\"required,dive,required\""
2185
+ "description": "A list of simple functions each including a subject, target and boolean. See Policy Engine Language section for additional details."
2491
2186
  },
2492
2187
  "effect": {
2493
- "$ref": "#/definitions/immutableactivityv1Effect"
2188
+ "$ref": "#/definitions/immutableactivityv1Effect",
2189
+ "description": "The instruction to DENY or ALLOW a particular activity following policy selector(s)."
2494
2190
  },
2495
2191
  "notes": {
2496
2192
  "type": "string"
@@ -2503,19 +2199,19 @@
2503
2199
  "properties": {
2504
2200
  "policyName": {
2505
2201
  "type": "string",
2506
- "description": "Human-readable name for a Policy.",
2507
- "title": "@inject_tag: validate:\"required,tk_label_length\""
2202
+ "description": "Human-readable name for a Policy."
2508
2203
  },
2509
2204
  "selectors": {
2510
2205
  "type": "array",
2511
2206
  "items": {
2207
+ "type": "object",
2512
2208
  "$ref": "#/definitions/v1SelectorV2"
2513
2209
  },
2514
- "description": "A list of simple functions each including a subject, target and boolean. See Policy Engine Language section for additional details.",
2515
- "title": "@inject_tag: validate:\"required,dive,required\""
2210
+ "description": "A list of simple functions each including a subject, target and boolean. See Policy Engine Language section for additional details."
2516
2211
  },
2517
2212
  "effect": {
2518
- "$ref": "#/definitions/immutableactivityv1Effect"
2213
+ "$ref": "#/definitions/immutableactivityv1Effect",
2214
+ "description": "Whether to ALLOW or DENY requests that match the condition and consensus requirements."
2519
2215
  },
2520
2216
  "notes": {
2521
2217
  "type": "string"
@@ -2528,11 +2224,11 @@
2528
2224
  "properties": {
2529
2225
  "policyName": {
2530
2226
  "type": "string",
2531
- "description": "Human-readable name for a Policy.",
2532
- "title": "@inject_tag: validate:\"required,tk_label,tk_label_length\""
2227
+ "description": "Human-readable name for a Policy."
2533
2228
  },
2534
2229
  "effect": {
2535
- "$ref": "#/definitions/immutableactivityv1Effect"
2230
+ "$ref": "#/definitions/immutableactivityv1Effect",
2231
+ "description": "The instruction to DENY or ALLOW an activity."
2536
2232
  },
2537
2233
  "condition": {
2538
2234
  "type": "string",
@@ -2584,16 +2280,14 @@
2584
2280
  "properties": {
2585
2281
  "privateKeyTagName": {
2586
2282
  "type": "string",
2587
- "description": "Human-readable name for a Private Key Tag.",
2588
- "title": "@inject_tag: validate:\"required,tk_label,tk_label_length\""
2283
+ "description": "Human-readable name for a Private Key Tag."
2589
2284
  },
2590
2285
  "privateKeyIds": {
2591
2286
  "type": "array",
2592
2287
  "items": {
2593
2288
  "type": "string"
2594
2289
  },
2595
- "description": "A list of Private Key IDs.",
2596
- "title": "@inject_tag: validate:\"dive,uuid\""
2290
+ "description": "A list of Private Key IDs."
2597
2291
  }
2598
2292
  },
2599
2293
  "required": ["privateKeyTagName", "privateKeyIds"]
@@ -2642,10 +2336,10 @@
2642
2336
  "privateKeys": {
2643
2337
  "type": "array",
2644
2338
  "items": {
2339
+ "type": "object",
2645
2340
  "$ref": "#/definitions/v1PrivateKeyParams"
2646
2341
  },
2647
- "description": "A list of Private Keys.",
2648
- "title": "@inject_tag: validate:\"dive,required\""
2342
+ "description": "A list of Private Keys."
2649
2343
  }
2650
2344
  },
2651
2345
  "required": ["privateKeys"]
@@ -2656,10 +2350,10 @@
2656
2350
  "privateKeys": {
2657
2351
  "type": "array",
2658
2352
  "items": {
2353
+ "type": "object",
2659
2354
  "$ref": "#/definitions/v1PrivateKeyParams"
2660
2355
  },
2661
- "description": "A list of Private Keys.",
2662
- "title": "@inject_tag: validate:\"dive,required\""
2356
+ "description": "A list of Private Keys."
2663
2357
  }
2664
2358
  },
2665
2359
  "required": ["privateKeys"]
@@ -2704,6 +2398,7 @@
2704
2398
  "privateKeys": {
2705
2399
  "type": "array",
2706
2400
  "items": {
2401
+ "type": "object",
2707
2402
  "$ref": "#/definitions/v1PrivateKeyResult"
2708
2403
  },
2709
2404
  "description": "A list of Private Key IDs and addresses."
@@ -2716,11 +2411,11 @@
2716
2411
  "properties": {
2717
2412
  "name": {
2718
2413
  "type": "string",
2719
- "description": "Name for this sub-organization",
2720
- "title": "@inject_tag: validate:\"omitempty,tk_label,tk_label_length\""
2414
+ "description": "Name for this sub-organization"
2721
2415
  },
2722
2416
  "rootAuthenticator": {
2723
- "$ref": "#/definitions/v1AuthenticatorParamsV2"
2417
+ "$ref": "#/definitions/v1AuthenticatorParamsV2",
2418
+ "description": "Root User authenticator for this new sub-organization"
2724
2419
  }
2725
2420
  },
2726
2421
  "required": ["name", "rootAuthenticator"]
@@ -2730,22 +2425,20 @@
2730
2425
  "properties": {
2731
2426
  "subOrganizationName": {
2732
2427
  "type": "string",
2733
- "description": "Name for this sub-organization",
2734
- "title": "@inject_tag: validate:\"omitempty,tk_label,tk_label_length\""
2428
+ "description": "Name for this sub-organization"
2735
2429
  },
2736
2430
  "rootUsers": {
2737
2431
  "type": "array",
2738
2432
  "items": {
2433
+ "type": "object",
2739
2434
  "$ref": "#/definitions/v1RootUserParams"
2740
2435
  },
2741
- "description": "Root users to create within this sub-organization",
2742
- "title": "@inject_tag: validate:\"required\""
2436
+ "description": "Root users to create within this sub-organization"
2743
2437
  },
2744
2438
  "rootQuorumThreshold": {
2745
2439
  "type": "integer",
2746
2440
  "format": "int32",
2747
- "description": "The threshold of unique approvals to reach root quorum. This value must be less than or equal to the number of root users",
2748
- "title": "@inject_tag: validate:\"required\""
2441
+ "description": "The threshold of unique approvals to reach root quorum. This value must be less than or equal to the number of root users"
2749
2442
  }
2750
2443
  },
2751
2444
  "required": ["subOrganizationName", "rootUsers", "rootQuorumThreshold"]
@@ -2785,16 +2478,14 @@
2785
2478
  "properties": {
2786
2479
  "userTagName": {
2787
2480
  "type": "string",
2788
- "description": "Human-readable name for a User Tag.",
2789
- "title": "@inject_tag: validate:\"required,tk_label,tk_label_length\""
2481
+ "description": "Human-readable name for a User Tag."
2790
2482
  },
2791
2483
  "userIds": {
2792
2484
  "type": "array",
2793
2485
  "items": {
2794
2486
  "type": "string"
2795
2487
  },
2796
- "description": "A list of User IDs.",
2797
- "title": "@inject_tag: validate:\"dive,uuid\""
2488
+ "description": "A list of User IDs."
2798
2489
  }
2799
2490
  },
2800
2491
  "required": ["userTagName", "userIds"]
@@ -2843,10 +2534,10 @@
2843
2534
  "users": {
2844
2535
  "type": "array",
2845
2536
  "items": {
2537
+ "type": "object",
2846
2538
  "$ref": "#/definitions/v1UserParams"
2847
2539
  },
2848
- "description": "A list of Users.",
2849
- "title": "@inject_tag: validate:\"required,dive,required\""
2540
+ "description": "A list of Users."
2850
2541
  }
2851
2542
  },
2852
2543
  "required": ["users"]
@@ -2857,10 +2548,10 @@
2857
2548
  "users": {
2858
2549
  "type": "array",
2859
2550
  "items": {
2551
+ "type": "object",
2860
2552
  "$ref": "#/definitions/v1UserParamsV2"
2861
2553
  },
2862
- "description": "A list of Users.",
2863
- "title": "@inject_tag: validate:\"required,dive,required\""
2554
+ "description": "A list of Users."
2864
2555
  }
2865
2556
  },
2866
2557
  "required": ["users"]
@@ -2933,16 +2624,14 @@
2933
2624
  "properties": {
2934
2625
  "userId": {
2935
2626
  "type": "string",
2936
- "description": "Unique identifier for a given User.",
2937
- "title": "@inject_tag: validate:\"required,uuid\""
2627
+ "description": "Unique identifier for a given User."
2938
2628
  },
2939
2629
  "apiKeyIds": {
2940
2630
  "type": "array",
2941
2631
  "items": {
2942
2632
  "type": "string"
2943
2633
  },
2944
- "description": "A list of API Key IDs.",
2945
- "title": "@inject_tag: validate:\"required,dive,required,uuid\""
2634
+ "description": "A list of API Key IDs."
2946
2635
  }
2947
2636
  },
2948
2637
  "required": ["userId", "apiKeyIds"]
@@ -2986,20 +2675,39 @@
2986
2675
  "properties": {
2987
2676
  "userId": {
2988
2677
  "type": "string",
2989
- "description": "Unique identifier for a given User.",
2990
- "title": "@inject_tag: validate:\"required,uuid\""
2678
+ "description": "Unique identifier for a given User."
2991
2679
  },
2992
2680
  "authenticatorIds": {
2993
2681
  "type": "array",
2994
2682
  "items": {
2995
2683
  "type": "string"
2996
2684
  },
2997
- "description": "A list of Authenticator IDs.",
2998
- "title": "@inject_tag: validate:\"required,dive,required,uuid\""
2685
+ "description": "A list of Authenticator IDs."
2999
2686
  }
3000
2687
  },
3001
2688
  "required": ["userId", "authenticatorIds"]
3002
2689
  },
2690
+ "v1DeleteAuthenticatorsRequest": {
2691
+ "type": "object",
2692
+ "properties": {
2693
+ "type": {
2694
+ "type": "string",
2695
+ "enum": ["ACTIVITY_TYPE_DELETE_AUTHENTICATORS"]
2696
+ },
2697
+ "timestampMs": {
2698
+ "type": "string",
2699
+ "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests."
2700
+ },
2701
+ "organizationId": {
2702
+ "type": "string",
2703
+ "description": "Unique identifier for a given Organization."
2704
+ },
2705
+ "parameters": {
2706
+ "$ref": "#/definitions/v1DeleteAuthenticatorsIntent"
2707
+ }
2708
+ },
2709
+ "required": ["type", "timestampMs", "organizationId", "parameters"]
2710
+ },
3003
2711
  "v1DeleteAuthenticatorsResult": {
3004
2712
  "type": "object",
3005
2713
  "properties": {
@@ -3018,8 +2726,7 @@
3018
2726
  "properties": {
3019
2727
  "invitationId": {
3020
2728
  "type": "string",
3021
- "description": "Unique identifier for a given Invitation object.",
3022
- "title": "@inject_tag: validate:\"required,uuid\""
2729
+ "description": "Unique identifier for a given Invitation object."
3023
2730
  }
3024
2731
  },
3025
2732
  "required": ["invitationId"]
@@ -3060,8 +2767,7 @@
3060
2767
  "properties": {
3061
2768
  "organizationId": {
3062
2769
  "type": "string",
3063
- "description": "Unique identifier for a given Organization.",
3064
- "title": "@inject_tag: validate:\"required,uuid\""
2770
+ "description": "Unique identifier for a given Organization."
3065
2771
  }
3066
2772
  },
3067
2773
  "required": ["organizationId"]
@@ -3101,8 +2807,7 @@
3101
2807
  "properties": {
3102
2808
  "policyId": {
3103
2809
  "type": "string",
3104
- "description": "Unique identifier for a given Policy.",
3105
- "title": "@inject_tag: validate:\"required,uuid\""
2810
+ "description": "Unique identifier for a given Policy."
3106
2811
  }
3107
2812
  },
3108
2813
  "required": ["policyId"]
@@ -3146,8 +2851,7 @@
3146
2851
  "items": {
3147
2852
  "type": "string"
3148
2853
  },
3149
- "description": "A list of Private Key Tag IDs.",
3150
- "title": "@inject_tag: validate:\"required,dive,required,uuid\""
2854
+ "description": "A list of Private Key Tag IDs."
3151
2855
  }
3152
2856
  },
3153
2857
  "required": ["privateKeyTagIds"]
@@ -3180,8 +2884,7 @@
3180
2884
  "items": {
3181
2885
  "type": "string"
3182
2886
  },
3183
- "description": "A list of User Tag IDs.",
3184
- "title": "@inject_tag: validate:\"required,dive,required,uuid\""
2887
+ "description": "A list of User Tag IDs."
3185
2888
  }
3186
2889
  },
3187
2890
  "required": ["userTagIds"]
@@ -3214,8 +2917,7 @@
3214
2917
  "items": {
3215
2918
  "type": "string"
3216
2919
  },
3217
- "description": "A list of User IDs.",
3218
- "title": "@inject_tag: validate:\"required,dive,required,uuid\""
2920
+ "description": "A list of User IDs."
3219
2921
  }
3220
2922
  },
3221
2923
  "required": ["userIds"]
@@ -3238,8 +2940,7 @@
3238
2940
  "properties": {
3239
2941
  "privateKeyId": {
3240
2942
  "type": "string",
3241
- "description": "Unique identifier for a given Private Key.",
3242
- "title": "@inject_tag: validate:\"required,uuid\""
2943
+ "description": "Unique identifier for a given Private Key."
3243
2944
  }
3244
2945
  },
3245
2946
  "required": ["privateKeyId"]
@@ -3269,7 +2970,8 @@
3269
2970
  "description": "Array of Activity Statuses filtering which Activities will be listed in the response."
3270
2971
  },
3271
2972
  "paginationOptions": {
3272
- "$ref": "#/definitions/v1Pagination"
2973
+ "$ref": "#/definitions/v1Pagination",
2974
+ "description": "Parameters used for cursor-based pagination."
3273
2975
  },
3274
2976
  "filterByType": {
3275
2977
  "type": "array",
@@ -3287,6 +2989,7 @@
3287
2989
  "activities": {
3288
2990
  "type": "array",
3289
2991
  "items": {
2992
+ "type": "object",
3290
2993
  "$ref": "#/definitions/v1Activity"
3291
2994
  },
3292
2995
  "description": "A list of Activities."
@@ -3326,7 +3029,8 @@
3326
3029
  "type": "object",
3327
3030
  "properties": {
3328
3031
  "authenticator": {
3329
- "$ref": "#/definitions/v1Authenticator"
3032
+ "$ref": "#/definitions/v1Authenticator",
3033
+ "description": "An authenticator."
3330
3034
  }
3331
3035
  },
3332
3036
  "required": ["authenticator"]
@@ -3351,6 +3055,7 @@
3351
3055
  "authenticators": {
3352
3056
  "type": "array",
3353
3057
  "items": {
3058
+ "type": "object",
3354
3059
  "$ref": "#/definitions/v1Authenticator"
3355
3060
  },
3356
3061
  "description": "A list of authenticators."
@@ -3372,7 +3077,8 @@
3372
3077
  "type": "object",
3373
3078
  "properties": {
3374
3079
  "organizationData": {
3375
- "$ref": "#/definitions/v1OrganizationData"
3080
+ "$ref": "#/definitions/v1OrganizationData",
3081
+ "description": "Object representing the full current and deleted / disabled collection of Users, Policies, Private Keys, and Invitations attributable to a particular Organization."
3376
3082
  }
3377
3083
  },
3378
3084
  "required": ["organizationData"]
@@ -3393,6 +3099,7 @@
3393
3099
  "policies": {
3394
3100
  "type": "array",
3395
3101
  "items": {
3102
+ "type": "object",
3396
3103
  "$ref": "#/definitions/v1Policy"
3397
3104
  },
3398
3105
  "description": "A list of Policies."
@@ -3418,7 +3125,8 @@
3418
3125
  "type": "object",
3419
3126
  "properties": {
3420
3127
  "policy": {
3421
- "$ref": "#/definitions/v1Policy"
3128
+ "$ref": "#/definitions/v1Policy",
3129
+ "description": "Object that codifies rules defining the actions that are permissible within an Organization."
3422
3130
  }
3423
3131
  },
3424
3132
  "required": ["policy"]
@@ -3441,7 +3149,8 @@
3441
3149
  "type": "object",
3442
3150
  "properties": {
3443
3151
  "privateKey": {
3444
- "$ref": "#/definitions/v1PrivateKey"
3152
+ "$ref": "#/definitions/v1PrivateKey",
3153
+ "description": "Cryptographic public/private key pair that can be used for cryptocurrency needs or more generalized encryption."
3445
3154
  }
3446
3155
  },
3447
3156
  "required": ["privateKey"]
@@ -3462,6 +3171,7 @@
3462
3171
  "privateKeys": {
3463
3172
  "type": "array",
3464
3173
  "items": {
3174
+ "type": "object",
3465
3175
  "$ref": "#/definitions/v1PrivateKey"
3466
3176
  },
3467
3177
  "description": "A list of Private Keys."
@@ -3487,7 +3197,8 @@
3487
3197
  "type": "object",
3488
3198
  "properties": {
3489
3199
  "user": {
3490
- "$ref": "#/definitions/v1User"
3200
+ "$ref": "#/definitions/v1User",
3201
+ "description": "Web and/or API user within your Organization."
3491
3202
  }
3492
3203
  },
3493
3204
  "required": ["user"]
@@ -3508,6 +3219,7 @@
3508
3219
  "users": {
3509
3220
  "type": "array",
3510
3221
  "items": {
3222
+ "type": "object",
3511
3223
  "$ref": "#/definitions/v1User"
3512
3224
  },
3513
3225
  "description": "A list of Users."
@@ -3554,8 +3266,7 @@
3554
3266
  "HASH_FUNCTION_SHA256",
3555
3267
  "HASH_FUNCTION_KECCAK256",
3556
3268
  "HASH_FUNCTION_NOT_APPLICABLE"
3557
- ],
3558
- "description": " - HASH_FUNCTION_UNSPECIFIED: Default value if a hash function is not set explicitly.\n - HASH_FUNCTION_NO_OP: No-op function. Useful if you want to pass raw digests to sign (ECDSA-only)\n - HASH_FUNCTION_SHA256: Standard SHA-256. Used in the Bitcoin ecosystem.\n - HASH_FUNCTION_KECCAK256: Keccak-256 (not the same as NIST SHA-3!).\nThis is the hash function used in the Ethereum ecosystem.\n - HASH_FUNCTION_NOT_APPLICABLE: Callers must use this enum value when signing with ed25519 keys.\nThis is because, unlike ECDSA, EdDSA's API does not support signing raw digests (see RFC 8032)."
3269
+ ]
3559
3270
  },
3560
3271
  "v1Intent": {
3561
3272
  "type": "object",
@@ -3679,9 +3390,17 @@
3679
3390
  },
3680
3391
  "createPrivateKeysIntentV2": {
3681
3392
  "$ref": "#/definitions/v1CreatePrivateKeysIntentV2"
3393
+ },
3394
+ "updateUserIntent": {
3395
+ "$ref": "#/definitions/v1UpdateUserIntent"
3396
+ },
3397
+ "updatePolicyIntent": {
3398
+ "$ref": "#/definitions/v1UpdatePolicyIntent"
3399
+ },
3400
+ "setPaymentMethodIntentV2": {
3401
+ "$ref": "#/definitions/v1SetPaymentMethodIntentV2"
3682
3402
  }
3683
3403
  },
3684
- "description": "Intent object crafted by Turnkey based on the user request, used to assess the permissibility of an action.",
3685
3404
  "required": ["createOrganizationIntent"]
3686
3405
  },
3687
3406
  "v1Invitation": {
@@ -3707,10 +3426,12 @@
3707
3426
  "description": "A list of tags assigned to the Invitation recipient."
3708
3427
  },
3709
3428
  "accessType": {
3710
- "$ref": "#/definitions/externaldatav1AccessType"
3429
+ "$ref": "#/definitions/externaldatav1AccessType",
3430
+ "description": "The User's permissible access method(s)."
3711
3431
  },
3712
3432
  "status": {
3713
- "$ref": "#/definitions/v1InvitationStatus"
3433
+ "$ref": "#/definitions/v1InvitationStatus",
3434
+ "description": "The current processing status of a specified Invitation."
3714
3435
  },
3715
3436
  "createdAt": {
3716
3437
  "$ref": "#/definitions/v1Timestamp"
@@ -3740,29 +3461,26 @@
3740
3461
  "properties": {
3741
3462
  "receiverUserName": {
3742
3463
  "type": "string",
3743
- "description": "The name of the intended Invitation recipient.",
3744
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
3464
+ "description": "The name of the intended Invitation recipient."
3745
3465
  },
3746
3466
  "receiverUserEmail": {
3747
3467
  "type": "string",
3748
- "description": "The email address of the intended Invitation recipient.",
3749
- "title": "@inject_tag: validate:\"required,email,tk_email\""
3468
+ "description": "The email address of the intended Invitation recipient."
3750
3469
  },
3751
3470
  "receiverUserTags": {
3752
3471
  "type": "array",
3753
3472
  "items": {
3754
3473
  "type": "string"
3755
3474
  },
3756
- "description": "A list of tags assigned to the Invitation recipient.",
3757
- "title": "@inject_tag: validate:\"dive,uuid\""
3475
+ "description": "A list of tags assigned to the Invitation recipient."
3758
3476
  },
3759
3477
  "accessType": {
3760
- "$ref": "#/definitions/immutableactivityv1AccessType"
3478
+ "$ref": "#/definitions/immutableactivityv1AccessType",
3479
+ "description": "The User's permissible access method(s)."
3761
3480
  },
3762
3481
  "senderUserId": {
3763
3482
  "type": "string",
3764
- "description": "Unique identifier for the Sender of an Invitation.",
3765
- "title": "@inject_tag: validate:\"required,uuid\""
3483
+ "description": "Unique identifier for the Sender of an Invitation."
3766
3484
  }
3767
3485
  },
3768
3486
  "required": [
@@ -3802,36 +3520,42 @@
3802
3520
  "users": {
3803
3521
  "type": "array",
3804
3522
  "items": {
3523
+ "type": "object",
3805
3524
  "$ref": "#/definitions/v1User"
3806
3525
  }
3807
3526
  },
3808
3527
  "policies": {
3809
3528
  "type": "array",
3810
3529
  "items": {
3530
+ "type": "object",
3811
3531
  "$ref": "#/definitions/v1Policy"
3812
3532
  }
3813
3533
  },
3814
3534
  "privateKeys": {
3815
3535
  "type": "array",
3816
3536
  "items": {
3537
+ "type": "object",
3817
3538
  "$ref": "#/definitions/v1PrivateKey"
3818
3539
  }
3819
3540
  },
3820
3541
  "invitations": {
3821
3542
  "type": "array",
3822
3543
  "items": {
3544
+ "type": "object",
3823
3545
  "$ref": "#/definitions/v1Invitation"
3824
3546
  }
3825
3547
  },
3826
3548
  "tags": {
3827
3549
  "type": "array",
3828
3550
  "items": {
3551
+ "type": "object",
3829
3552
  "$ref": "#/definitions/datav1Tag"
3830
3553
  }
3831
3554
  },
3832
3555
  "disabledPrivateKeys": {
3833
3556
  "type": "array",
3834
3557
  "items": {
3558
+ "type": "object",
3835
3559
  "$ref": "#/definitions/v1PrivateKey"
3836
3560
  }
3837
3561
  },
@@ -3844,16 +3568,14 @@
3844
3568
  "type": "string"
3845
3569
  }
3846
3570
  }
3847
- },
3848
- "description": "This proto definition is used in our external-facing APIs.\nIt's important to leverage annotations because they're used in our external interfaces."
3571
+ }
3849
3572
  },
3850
3573
  "v1Pagination": {
3851
3574
  "type": "object",
3852
3575
  "properties": {
3853
3576
  "limit": {
3854
- "type": "integer",
3855
- "format": "int32",
3856
- "description": "A limit of the number of object to be returned, between 1 and 100. Defaults to 10 if omitted or set to 0."
3577
+ "type": "string",
3578
+ "description": "A limit of the number of object to be returned, between 1 and 100. Defaults to 10."
3857
3579
  },
3858
3580
  "before": {
3859
3581
  "type": "string",
@@ -3867,8 +3589,7 @@
3867
3589
  },
3868
3590
  "v1PayloadEncoding": {
3869
3591
  "type": "string",
3870
- "enum": ["PAYLOAD_ENCODING_HEXADECIMAL", "PAYLOAD_ENCODING_TEXT_UTF8"],
3871
- "title": "- PAYLOAD_ENCODING_UNSPECIFIED: Default value if payload encoding is not set explicitly\n - PAYLOAD_ENCODING_HEXADECIMAL: Payload is encoded in hexadecimal\nWe accept 0x-prefixed or non-0x prefixed payloads.\nWe accept any casing (uppercase, lowercase, or mixed)\n - PAYLOAD_ENCODING_TEXT_UTF8: Payload is encoded as utf-8 text\nWill be converted to bytes for signature with Rust's standard String.as_bytes()"
3592
+ "enum": ["PAYLOAD_ENCODING_HEXADECIMAL", "PAYLOAD_ENCODING_TEXT_UTF8"]
3872
3593
  },
3873
3594
  "v1Policy": {
3874
3595
  "type": "object",
@@ -3882,11 +3603,13 @@
3882
3603
  "description": "Human-readable name for a Policy."
3883
3604
  },
3884
3605
  "effect": {
3885
- "$ref": "#/definitions/externaldatav1Effect"
3606
+ "$ref": "#/definitions/externaldatav1Effect",
3607
+ "description": "The instruction to DENY or ALLOW a particular activity following policy selector(s)."
3886
3608
  },
3887
3609
  "selectors": {
3888
3610
  "type": "array",
3889
3611
  "items": {
3612
+ "type": "object",
3890
3613
  "$ref": "#/definitions/externaldatav1Selector"
3891
3614
  },
3892
3615
  "description": "A list of simple functions each including a subject, target and boolean. See Policy Engine Language section for additional details."
@@ -3938,11 +3661,13 @@
3938
3661
  "description": "Human-readable name for a Private Key."
3939
3662
  },
3940
3663
  "curve": {
3941
- "$ref": "#/definitions/externaldatav1Curve"
3664
+ "$ref": "#/definitions/externaldatav1Curve",
3665
+ "description": "Cryptographic Curve used to generate a given Private Key."
3942
3666
  },
3943
3667
  "addresses": {
3944
3668
  "type": "array",
3945
3669
  "items": {
3670
+ "type": "object",
3946
3671
  "$ref": "#/definitions/externaldatav1Address"
3947
3672
  },
3948
3673
  "description": "Derived cryptocurrency addresses for a given Private Key."
@@ -3973,27 +3698,25 @@
3973
3698
  "properties": {
3974
3699
  "privateKeyName": {
3975
3700
  "type": "string",
3976
- "description": "Human-readable name for a Private Key.",
3977
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
3701
+ "description": "Human-readable name for a Private Key."
3978
3702
  },
3979
3703
  "curve": {
3980
- "$ref": "#/definitions/immutableactivityv1Curve"
3704
+ "$ref": "#/definitions/immutableactivityv1Curve",
3705
+ "description": "Cryptographic Curve used to generate a given Private Key."
3981
3706
  },
3982
3707
  "privateKeyTags": {
3983
3708
  "type": "array",
3984
3709
  "items": {
3985
3710
  "type": "string"
3986
3711
  },
3987
- "description": "A list of Private Key Tag IDs.",
3988
- "title": "@inject_tag: validate:\"dive,uuid\""
3712
+ "description": "A list of Private Key Tag IDs."
3989
3713
  },
3990
3714
  "addressFormats": {
3991
3715
  "type": "array",
3992
3716
  "items": {
3993
3717
  "$ref": "#/definitions/immutableactivityv1AddressFormat"
3994
3718
  },
3995
- "description": "Cryptocurrency-specific formats for a derived address (e.g., Ethereum).",
3996
- "title": "@inject_tag: validate:\"dive\""
3719
+ "description": "Cryptocurrency-specific formats for a derived address (e.g., Ethereum)."
3997
3720
  }
3998
3721
  },
3999
3722
  "required": [
@@ -4012,6 +3735,7 @@
4012
3735
  "addresses": {
4013
3736
  "type": "array",
4014
3737
  "items": {
3738
+ "type": "object",
4015
3739
  "$ref": "#/definitions/immutableactivityv1Address"
4016
3740
  }
4017
3741
  }
@@ -4025,12 +3749,10 @@
4025
3749
  },
4026
3750
  "type": {
4027
3751
  "type": "string",
4028
- "enum": ["public-key"],
4029
- "title": "Must be literal string \"public-key\""
3752
+ "enum": ["public-key"]
4030
3753
  },
4031
3754
  "rawId": {
4032
- "type": "string",
4033
- "title": "ENCODING: base64url"
3755
+ "type": "string"
4034
3756
  },
4035
3757
  "authenticatorAttachment": {
4036
3758
  "type": "string",
@@ -4069,8 +3791,7 @@
4069
3791
  "properties": {
4070
3792
  "fingerprint": {
4071
3793
  "type": "string",
4072
- "description": "An artifact verifying a User's action.",
4073
- "title": "@inject_tag: validate:\"required\""
3794
+ "description": "An artifact verifying a User's action."
4074
3795
  }
4075
3796
  },
4076
3797
  "required": ["fingerprint"]
@@ -4191,38 +3912,41 @@
4191
3912
  },
4192
3913
  "createPrivateKeysResultV2": {
4193
3914
  "$ref": "#/definitions/v1CreatePrivateKeysResultV2"
3915
+ },
3916
+ "updateUserResult": {
3917
+ "$ref": "#/definitions/v1UpdateUserResult"
3918
+ },
3919
+ "updatePolicyResult": {
3920
+ "$ref": "#/definitions/v1UpdatePolicyResult"
4194
3921
  }
4195
- },
4196
- "description": "Result of the intended action."
3922
+ }
4197
3923
  },
4198
3924
  "v1RootUserParams": {
4199
3925
  "type": "object",
4200
3926
  "properties": {
4201
3927
  "userName": {
4202
3928
  "type": "string",
4203
- "description": "Human-readable name for a User.",
4204
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
3929
+ "description": "Human-readable name for a User."
4205
3930
  },
4206
3931
  "userEmail": {
4207
3932
  "type": "string",
4208
- "description": "The user's email address.",
4209
- "title": "@inject_tag: validate:\"omitempty,email,tk_email\""
3933
+ "description": "The user's email address."
4210
3934
  },
4211
3935
  "apiKeys": {
4212
3936
  "type": "array",
4213
3937
  "items": {
3938
+ "type": "object",
4214
3939
  "$ref": "#/definitions/v1ApiKeyParams"
4215
3940
  },
4216
- "description": "A list of API Key parameters.",
4217
- "title": "@inject_tag: validate:\"dive\""
3941
+ "description": "A list of API Key parameters."
4218
3942
  },
4219
3943
  "authenticators": {
4220
3944
  "type": "array",
4221
3945
  "items": {
3946
+ "type": "object",
4222
3947
  "$ref": "#/definitions/v1AuthenticatorParamsV2"
4223
3948
  },
4224
- "description": "A list of Authenticator parameters.",
4225
- "title": "@inject_tag: validate:\"dive\""
3949
+ "description": "A list of Authenticator parameters."
4226
3950
  }
4227
3951
  },
4228
3952
  "required": ["userName", "apiKeys", "authenticators"]
@@ -4249,33 +3973,27 @@
4249
3973
  "properties": {
4250
3974
  "number": {
4251
3975
  "type": "string",
4252
- "description": "The account number of the customer's credit card.",
4253
- "title": "@inject_tag: validate:\"required,max=16,numeric\""
3976
+ "description": "The account number of the customer's credit card."
4254
3977
  },
4255
3978
  "cvv": {
4256
3979
  "type": "string",
4257
- "description": "The verification digits of the customer's credit card.",
4258
- "title": "@inject_tag: validate:\"required,max=4,numeric\""
3980
+ "description": "The verification digits of the customer's credit card."
4259
3981
  },
4260
3982
  "expiryMonth": {
4261
3983
  "type": "string",
4262
- "description": "The month that the credit card expires.",
4263
- "title": "@inject_tag: validate:\"required,numeric,len=2\""
3984
+ "description": "The month that the credit card expires."
4264
3985
  },
4265
3986
  "expiryYear": {
4266
3987
  "type": "string",
4267
- "description": "The year that the credit card expires.",
4268
- "title": "@inject_tag: validate:\"required,numeric,len=4\""
3988
+ "description": "The year that the credit card expires."
4269
3989
  },
4270
3990
  "cardHolderEmail": {
4271
3991
  "type": "string",
4272
- "description": "The email that will receive invoices for the credit card.",
4273
- "title": "@inject_tag: validate:\"required,email,tk_email\""
3992
+ "description": "The email that will receive invoices for the credit card."
4274
3993
  },
4275
3994
  "cardHolderName": {
4276
3995
  "type": "string",
4277
- "description": "The name associated with the credit card.",
4278
- "title": "@inject_tag: validate:\"required,tk_label_length\""
3996
+ "description": "The name associated with the credit card."
4279
3997
  }
4280
3998
  },
4281
3999
  "required": [
@@ -4287,6 +4005,24 @@
4287
4005
  "cardHolderName"
4288
4006
  ]
4289
4007
  },
4008
+ "v1SetPaymentMethodIntentV2": {
4009
+ "type": "object",
4010
+ "properties": {
4011
+ "paymentMethodId": {
4012
+ "type": "string",
4013
+ "description": "The id of the payment method that was created clientside."
4014
+ },
4015
+ "cardHolderEmail": {
4016
+ "type": "string",
4017
+ "description": "The email that will receive invoices for the credit card."
4018
+ },
4019
+ "cardHolderName": {
4020
+ "type": "string",
4021
+ "description": "The name associated with the credit card."
4022
+ }
4023
+ },
4024
+ "required": ["paymentMethodId", "cardHolderEmail", "cardHolderName"]
4025
+ },
4290
4026
  "v1SetPaymentMethodResult": {
4291
4027
  "type": "object",
4292
4028
  "properties": {
@@ -4310,19 +4046,19 @@
4310
4046
  "properties": {
4311
4047
  "privateKeyId": {
4312
4048
  "type": "string",
4313
- "description": "Unique identifier for a given Private Key.",
4314
- "title": "@inject_tag: validate:\"required,uuid\""
4049
+ "description": "Unique identifier for a given Private Key."
4315
4050
  },
4316
4051
  "payload": {
4317
4052
  "type": "string",
4318
- "description": "Raw unsigned payload to be signed.",
4319
- "title": "@inject_tag: validate:\"required\""
4053
+ "description": "Raw unsigned payload to be signed."
4320
4054
  },
4321
4055
  "encoding": {
4322
- "$ref": "#/definitions/v1PayloadEncoding"
4056
+ "$ref": "#/definitions/v1PayloadEncoding",
4057
+ "description": "Encoding of the `payload` string. Turnkey uses this information to convert `payload` into bytes with the correct decoder (e.g. hex, utf8)."
4323
4058
  },
4324
4059
  "hashFunction": {
4325
- "$ref": "#/definitions/v1HashFunction"
4060
+ "$ref": "#/definitions/v1HashFunction",
4061
+ "description": "Hash function to apply to payload bytes before signing. This field must be set to HASH_FUNCTION_NOT_APPLICABLE for EdDSA/ed25519 signature requests; configurable payload hashing is not supported by RFC 8032."
4326
4062
  }
4327
4063
  },
4328
4064
  "required": ["privateKeyId", "payload", "encoding", "hashFunction"]
@@ -4371,13 +4107,11 @@
4371
4107
  "properties": {
4372
4108
  "privateKeyId": {
4373
4109
  "type": "string",
4374
- "description": "Unique identifier for a given Private Key.",
4375
- "title": "@inject_tag: validate:\"required,uuid\""
4110
+ "description": "Unique identifier for a given Private Key."
4376
4111
  },
4377
4112
  "unsignedTransaction": {
4378
4113
  "type": "string",
4379
- "description": "Raw unsigned transaction to be signed by a particular Private Key.",
4380
- "title": "@inject_tag: validate:\"required\""
4114
+ "description": "Raw unsigned transaction to be signed by a particular Private Key."
4381
4115
  },
4382
4116
  "type": {
4383
4117
  "$ref": "#/definitions/immutableactivityv1TransactionType"
@@ -4453,8 +4187,7 @@
4453
4187
  "items": {
4454
4188
  "type": "string"
4455
4189
  },
4456
- "description": "Additional origins requests are allowed from besides Turnkey origins",
4457
- "title": "@inject_tag: validate:\"required\""
4190
+ "description": "Additional origins requests are allowed from besides Turnkey origins"
4458
4191
  }
4459
4192
  },
4460
4193
  "required": ["allowedOrigins"]
@@ -4483,34 +4216,91 @@
4483
4216
  "v1UpdateAllowedOriginsResult": {
4484
4217
  "type": "object"
4485
4218
  },
4219
+ "v1UpdatePolicyIntent": {
4220
+ "type": "object",
4221
+ "properties": {
4222
+ "policyId": {
4223
+ "type": "string",
4224
+ "description": "Unique identifier for a given Policy."
4225
+ },
4226
+ "policyName": {
4227
+ "type": "string",
4228
+ "description": "Human-readable name for a Policy."
4229
+ },
4230
+ "policyEffect": {
4231
+ "$ref": "#/definitions/immutableactivityv1Effect",
4232
+ "description": "The instruction to DENY or ALLOW an activity (optional)."
4233
+ },
4234
+ "policyCondition": {
4235
+ "type": "string",
4236
+ "description": "The condition expression that triggers the Effect (optional)."
4237
+ },
4238
+ "policyConsensus": {
4239
+ "type": "string",
4240
+ "description": "The consensus expression that triggers the Effect (optional)."
4241
+ },
4242
+ "policyNotes": {
4243
+ "type": "string",
4244
+ "description": "Accompanying notes for a Policy (optional)."
4245
+ }
4246
+ },
4247
+ "required": ["policyId"]
4248
+ },
4249
+ "v1UpdatePolicyRequest": {
4250
+ "type": "object",
4251
+ "properties": {
4252
+ "type": {
4253
+ "type": "string",
4254
+ "enum": ["ACTIVITY_TYPE_UPDATE_POLICY"]
4255
+ },
4256
+ "timestampMs": {
4257
+ "type": "string",
4258
+ "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests."
4259
+ },
4260
+ "organizationId": {
4261
+ "type": "string",
4262
+ "description": "Unique identifier for a given Organization."
4263
+ },
4264
+ "parameters": {
4265
+ "$ref": "#/definitions/v1UpdatePolicyIntent"
4266
+ }
4267
+ },
4268
+ "required": ["type", "timestampMs", "organizationId", "parameters"]
4269
+ },
4270
+ "v1UpdatePolicyResult": {
4271
+ "type": "object",
4272
+ "properties": {
4273
+ "policyId": {
4274
+ "type": "string",
4275
+ "description": "Unique identifier for a given Policy."
4276
+ }
4277
+ },
4278
+ "required": ["policyId"]
4279
+ },
4486
4280
  "v1UpdatePrivateKeyTagIntent": {
4487
4281
  "type": "object",
4488
4282
  "properties": {
4489
4283
  "privateKeyTagId": {
4490
4284
  "type": "string",
4491
- "description": "Unique identifier for a given Private Key Tag.",
4492
- "title": "@inject_tag: validate:\"uuid\""
4285
+ "description": "Unique identifier for a given Private Key Tag."
4493
4286
  },
4494
4287
  "newPrivateKeyTagName": {
4495
4288
  "type": "string",
4496
- "description": "The new, human-readable name for the tag with the given ID.",
4497
- "title": "@inject_tag: validate:\"omitempty,tk_label,tk_label_length\""
4289
+ "description": "The new, human-readable name for the tag with the given ID."
4498
4290
  },
4499
4291
  "addPrivateKeyIds": {
4500
4292
  "type": "array",
4501
4293
  "items": {
4502
4294
  "type": "string"
4503
4295
  },
4504
- "description": "A list of Private Keys IDs to add this tag to.",
4505
- "title": "@inject_tag: validate:\"dive,uuid\""
4296
+ "description": "A list of Private Keys IDs to add this tag to."
4506
4297
  },
4507
4298
  "removePrivateKeyIds": {
4508
4299
  "type": "array",
4509
4300
  "items": {
4510
4301
  "type": "string"
4511
4302
  },
4512
- "description": "A list of Private Key IDs to remove this tag from.",
4513
- "title": "@inject_tag: validate:\"dive,uuid\""
4303
+ "description": "A list of Private Key IDs to remove this tag from."
4514
4304
  }
4515
4305
  },
4516
4306
  "required": ["privateKeyTagId", "addPrivateKeyIds", "removePrivateKeyIds"]
@@ -4552,16 +4342,14 @@
4552
4342
  "threshold": {
4553
4343
  "type": "integer",
4554
4344
  "format": "int32",
4555
- "description": "The threshold of unique approvals to reach quorum.",
4556
- "title": "@inject_tag: validate:\"required\""
4345
+ "description": "The threshold of unique approvals to reach quorum."
4557
4346
  },
4558
4347
  "userIds": {
4559
4348
  "type": "array",
4560
4349
  "items": {
4561
4350
  "type": "string"
4562
4351
  },
4563
- "description": "The unique identifiers of users who comprise the quorum set.",
4564
- "title": "@inject_tag: validate:\"dive,uuid\""
4352
+ "description": "The unique identifiers of users who comprise the quorum set."
4565
4353
  }
4566
4354
  },
4567
4355
  "required": ["threshold", "userIds"]
@@ -4590,34 +4378,86 @@
4590
4378
  "v1UpdateRootQuorumResult": {
4591
4379
  "type": "object"
4592
4380
  },
4381
+ "v1UpdateUserIntent": {
4382
+ "type": "object",
4383
+ "properties": {
4384
+ "userId": {
4385
+ "type": "string",
4386
+ "description": "Unique identifier for a given User."
4387
+ },
4388
+ "userName": {
4389
+ "type": "string",
4390
+ "description": "Human-readable name for a User."
4391
+ },
4392
+ "userEmail": {
4393
+ "type": "string",
4394
+ "description": "The user's email address."
4395
+ },
4396
+ "userTagIds": {
4397
+ "type": "array",
4398
+ "items": {
4399
+ "type": "string"
4400
+ },
4401
+ "description": "An updated list of User Tags to apply to this User."
4402
+ }
4403
+ },
4404
+ "required": ["userId"]
4405
+ },
4406
+ "v1UpdateUserRequest": {
4407
+ "type": "object",
4408
+ "properties": {
4409
+ "type": {
4410
+ "type": "string",
4411
+ "enum": ["ACTIVITY_TYPE_UPDATE_USER"]
4412
+ },
4413
+ "timestampMs": {
4414
+ "type": "string",
4415
+ "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests."
4416
+ },
4417
+ "organizationId": {
4418
+ "type": "string",
4419
+ "description": "Unique identifier for a given Organization."
4420
+ },
4421
+ "parameters": {
4422
+ "$ref": "#/definitions/v1UpdateUserIntent"
4423
+ }
4424
+ },
4425
+ "required": ["type", "timestampMs", "organizationId", "parameters"]
4426
+ },
4427
+ "v1UpdateUserResult": {
4428
+ "type": "object",
4429
+ "properties": {
4430
+ "userId": {
4431
+ "type": "string",
4432
+ "description": "A User ID."
4433
+ }
4434
+ },
4435
+ "required": ["userId"]
4436
+ },
4593
4437
  "v1UpdateUserTagIntent": {
4594
4438
  "type": "object",
4595
4439
  "properties": {
4596
4440
  "userTagId": {
4597
4441
  "type": "string",
4598
- "description": "Unique identifier for a given User Tag.",
4599
- "title": "@inject_tag: validate:\"uuid\""
4442
+ "description": "Unique identifier for a given User Tag."
4600
4443
  },
4601
4444
  "newUserTagName": {
4602
4445
  "type": "string",
4603
- "description": "The new, human-readable name for the tag with the given ID.",
4604
- "title": "@inject_tag: validate:\"omitempty,tk_label,tk_label_length\""
4446
+ "description": "The new, human-readable name for the tag with the given ID."
4605
4447
  },
4606
4448
  "addUserIds": {
4607
4449
  "type": "array",
4608
4450
  "items": {
4609
4451
  "type": "string"
4610
4452
  },
4611
- "description": "A list of User IDs to add this tag to.",
4612
- "title": "@inject_tag: validate:\"dive,uuid\""
4453
+ "description": "A list of User IDs to add this tag to."
4613
4454
  },
4614
4455
  "removeUserIds": {
4615
4456
  "type": "array",
4616
4457
  "items": {
4617
4458
  "type": "string"
4618
4459
  },
4619
- "description": "A list of User IDs to remove this tag from.",
4620
- "title": "@inject_tag: validate:\"dive,uuid\""
4460
+ "description": "A list of User IDs to remove this tag from."
4621
4461
  }
4622
4462
  },
4623
4463
  "required": ["userTagId", "addUserIds", "removeUserIds"]
@@ -4666,15 +4506,16 @@
4666
4506
  },
4667
4507
  "userEmail": {
4668
4508
  "type": "string",
4669
- "description": "The user's email address.",
4670
- "title": "some users do not have emails (programmatic users)"
4509
+ "description": "The user's email address."
4671
4510
  },
4672
4511
  "accessType": {
4673
- "$ref": "#/definitions/externaldatav1AccessType"
4512
+ "$ref": "#/definitions/externaldatav1AccessType",
4513
+ "description": "The User's permissible access method(s)."
4674
4514
  },
4675
4515
  "authenticators": {
4676
4516
  "type": "array",
4677
4517
  "items": {
4518
+ "type": "object",
4678
4519
  "$ref": "#/definitions/v1Authenticator"
4679
4520
  },
4680
4521
  "description": "A list of Authenticator parameters."
@@ -4682,6 +4523,7 @@
4682
4523
  "apiKeys": {
4683
4524
  "type": "array",
4684
4525
  "items": {
4526
+ "type": "object",
4685
4527
  "$ref": "#/definitions/v1ApiKey"
4686
4528
  },
4687
4529
  "description": "A list of API Key parameters."
@@ -4716,40 +4558,38 @@
4716
4558
  "properties": {
4717
4559
  "userName": {
4718
4560
  "type": "string",
4719
- "description": "Human-readable name for a User.",
4720
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
4561
+ "description": "Human-readable name for a User."
4721
4562
  },
4722
4563
  "userEmail": {
4723
4564
  "type": "string",
4724
- "description": "The user's email address.",
4725
- "title": "@inject_tag: validate:\"omitempty,email,tk_email\""
4565
+ "description": "The user's email address."
4726
4566
  },
4727
4567
  "accessType": {
4728
- "$ref": "#/definitions/immutableactivityv1AccessType"
4568
+ "$ref": "#/definitions/immutableactivityv1AccessType",
4569
+ "description": "The User's permissible access method(s)."
4729
4570
  },
4730
4571
  "apiKeys": {
4731
4572
  "type": "array",
4732
4573
  "items": {
4574
+ "type": "object",
4733
4575
  "$ref": "#/definitions/v1ApiKeyParams"
4734
4576
  },
4735
- "description": "A list of API Key parameters.",
4736
- "title": "@inject_tag: validate:\"dive,uuid\""
4577
+ "description": "A list of API Key parameters."
4737
4578
  },
4738
4579
  "authenticators": {
4739
4580
  "type": "array",
4740
4581
  "items": {
4582
+ "type": "object",
4741
4583
  "$ref": "#/definitions/v1AuthenticatorParams"
4742
4584
  },
4743
- "description": "A list of Authenticator parameters.",
4744
- "title": "@inject_tag: validate:\"dive\""
4585
+ "description": "A list of Authenticator parameters."
4745
4586
  },
4746
4587
  "userTags": {
4747
4588
  "type": "array",
4748
4589
  "items": {
4749
4590
  "type": "string"
4750
4591
  },
4751
- "description": "A list of User Tag IDs.",
4752
- "title": "@inject_tag: validate:\"dive,uuid\""
4592
+ "description": "A list of User Tag IDs."
4753
4593
  }
4754
4594
  },
4755
4595
  "required": [
@@ -4765,40 +4605,38 @@
4765
4605
  "properties": {
4766
4606
  "userName": {
4767
4607
  "type": "string",
4768
- "description": "Human-readable name for a User.",
4769
- "title": "@inject_tag: validate:\"required,tk_label_length,tk_label\""
4608
+ "description": "Human-readable name for a User."
4770
4609
  },
4771
4610
  "userEmail": {
4772
4611
  "type": "string",
4773
- "description": "The user's email address.",
4774
- "title": "@inject_tag: validate:\"omitempty,email,tk_email\""
4612
+ "description": "The user's email address."
4775
4613
  },
4776
4614
  "accessType": {
4777
- "$ref": "#/definitions/immutableactivityv1AccessType"
4615
+ "$ref": "#/definitions/immutableactivityv1AccessType",
4616
+ "description": "The User's permissible access method(s)."
4778
4617
  },
4779
4618
  "apiKeys": {
4780
4619
  "type": "array",
4781
4620
  "items": {
4621
+ "type": "object",
4782
4622
  "$ref": "#/definitions/v1ApiKeyParams"
4783
4623
  },
4784
- "description": "A list of API Key parameters.",
4785
- "title": "@inject_tag: validate:\"dive,uuid\""
4624
+ "description": "A list of API Key parameters."
4786
4625
  },
4787
4626
  "authenticators": {
4788
4627
  "type": "array",
4789
4628
  "items": {
4629
+ "type": "object",
4790
4630
  "$ref": "#/definitions/v1AuthenticatorParamsV2"
4791
4631
  },
4792
- "description": "A list of Authenticator parameters.",
4793
- "title": "@inject_tag: validate:\"dive\""
4632
+ "description": "A list of Authenticator parameters."
4794
4633
  },
4795
4634
  "userTags": {
4796
4635
  "type": "array",
4797
4636
  "items": {
4798
4637
  "type": "string"
4799
4638
  },
4800
- "description": "A list of User Tag IDs.",
4801
- "title": "@inject_tag: validate:\"dive,uuid\""
4639
+ "description": "A list of User Tag IDs."
4802
4640
  }
4803
4641
  },
4804
4642
  "required": [
@@ -4821,7 +4659,8 @@
4821
4659
  "description": "Unique identifier for a given User."
4822
4660
  },
4823
4661
  "user": {
4824
- "$ref": "#/definitions/v1User"
4662
+ "$ref": "#/definitions/v1User",
4663
+ "description": "Web and/or API user within your Organization."
4825
4664
  },
4826
4665
  "activityId": {
4827
4666
  "type": "string",
@@ -4851,7 +4690,6 @@
4851
4690
  "$ref": "#/definitions/v1Timestamp"
4852
4691
  }
4853
4692
  },
4854
- "description": "Object representing a particular User's approval or rejection of a Consensus request, including all relevant metadata.",
4855
4693
  "required": [
4856
4694
  "id",
4857
4695
  "userId",
@@ -4885,7 +4723,6 @@
4885
4723
  "description": "The base64 url encoded signature bytes contained within the WebAuthn assertion response."
4886
4724
  }
4887
4725
  },
4888
- "title": "We expect this to be passed in as a JSON-encoded, then base64-encoded string within a X-Stamp-Webauthn header",
4889
4726
  "required": [
4890
4727
  "credentialId",
4891
4728
  "clientDataJson",
@@ -4899,11 +4736,37 @@
4899
4736
  "type": "apiKey",
4900
4737
  "name": "X-Stamp",
4901
4738
  "in": "header"
4739
+ },
4740
+ "AuthenticatorAuth": {
4741
+ "type": "apiKey",
4742
+ "name": "X-Stamp-WebAuthn",
4743
+ "in": "header"
4902
4744
  }
4903
4745
  },
4904
4746
  "security": [
4905
4747
  {
4906
4748
  "ApiKeyAuth": []
4749
+ },
4750
+ {
4751
+ "AuthenticatorAuth": []
4752
+ }
4753
+ ],
4754
+ "x-tagGroups": [
4755
+ {
4756
+ "name": "ORGANIZATIONS",
4757
+ "tags": ["Organizations", "Invitations", "Policies"]
4758
+ },
4759
+ {
4760
+ "name": "PRIVATE KEYS",
4761
+ "tags": ["Private Keys", "Private Key Tags"]
4762
+ },
4763
+ {
4764
+ "name": "USERS",
4765
+ "tags": ["Users", "User Tags", "Authenticators", "API Keys", "Who am I?"]
4766
+ },
4767
+ {
4768
+ "name": "ACTIVITIES",
4769
+ "tags": ["Activities", "Consensus"]
4907
4770
  }
4908
4771
  ]
4909
4772
  }