@twin.org/node 0.0.3-next.16 → 0.0.3-next.18

package/dist/locales/en.json

@@ -38,8 +38,7 @@
 			"tenantAdminComponentNotRegistered": "Multi-tenant support must be enabled to use this command."
 		},
 		"tenantUpdate": {
-			"tenantAdminComponentNotRegistered": "Multi-tenant support must be enabled to use this command.",
-			"tenantNotFound": "The tenant with ID \"{notFoundId}\" was not found in the system."
+			"tenantAdminComponentNotRegistered": "Multi-tenant support must be enabled to use this command."
 		},
 		"userCreate": {
 			"passwordTooShort": "The password provided is too short, it must be at least {minLength} characters long.",
@@ -49,7 +48,6 @@
 			"vaultKeyAlreadyExists": "The vault key with ID already exists and overwriteMode is set to \"error\"."
 		},
 		"nodeSetTenant": {
-			"tenantNotFound": "The tenant with ID \"{notFoundId}\" was not found in the system.",
 			"tenantAdminComponentNotRegistered": "Multi-tenant support must be enabled to use this command."
 		},
 		"nodeSetIdentity": {
@@ -63,6 +61,8 @@
 		"entityStorageAuthenticationAdminService": {
 			"userExists": "The user with the specified e-mail already exists",
 			"createUserFailed": "Creating the user failed",
+			"getUserFailed": "Getting the user failed",
+			"updateUserFailed": "Updating the user failed",
 			"removeUserFailed": "Removing the user failed",
 			"updatePasswordFailed": "Updating the user's password failed",
 			"passwordTooShort": "The password is too short, it must be at least {minLength} characters long",
@@ -73,7 +73,8 @@
 			"missing": "The JSON Web token could not be found in the authorization header",
 			"payloadMissingSubject": "The JSON Web token payload does not contain a subject",
 			"payloadMissingOrganization": "The JSON Web token payload does not contain an organization",
-			"expired": "The JSON Web token has expired"
+			"expired": "The JSON Web token has expired",
+			"insufficientScopes": "The JSON Web token does not have the required scopes to access this resource"
 		},
 		"authHeaderProcessor": {
 			"tenantIdMismatch": "The tenant ID in the token does not match the tenant ID in the context"
@@ -293,7 +294,8 @@
 			"apiKeyNotFound": "No node tenant found for API key \"{key}\"."
 		},
 		"tenantAdminService": {
-			"apiKeyAlreadyInUse": "The provided API key is already in use by another tenant."
+			"apiKeyAlreadyInUse": "The provided API key is already in use by another tenant.",
+			"tenantNotFound": "Tenant with ID \"{notFoundId}\" not found."
 		},
 		"commands": {
 			"common": {
@@ -871,30 +873,47 @@
 			"notAuthorizedToQuery": "Not authorized to query asset type \"{assetType}\"",
 			"notAuthorizedToGet": "Not authorized to get asset type \"{assetType}\" with id \"{id}\""
 		},
+		"odrlPolicyHelper": {
+			"policyMissingAssignee": "The {policyType} with id \"{policyId}\" is missing an assignee.",
+			"policyMissingAssigner": "The {policyType} with id \"{policyId}\" is missing an assigner."
+		},
 		"trustHelper": {
 			"trustVerifyFailed": "Trust verification failed for action \"{action}\""
 		},
 		"policyAdministrationPointService": {
 			"namespaceMismatch": "The namespace in the urn \"{id}\" does not match the namespace of the rights management components \"{namespace}\"",
-			"policyNotFound": "Policy not found with id: \"{notFoundId}\""
+			"policyNotFound": "Policy not found with id: \"{notFoundId}\"",
+			"agreementNotFound": "Agreement not found with id: \"{notFoundId}\"",
+			"agreementTypeMismatch": "The policy with id: \"{agreementId}\" is not of type Agreement, it is of type: \"{type}\".",
+			"offerNotFound": "Offer not found with id: \"{notFoundId}\"",
+			"offerTypeMismatch": "The policy with id: \"{offerId}\" is not of type Offer, it is of type: \"{type}\".",
+			"setNotFound": "Set not found with id: \"{notFoundId}\"",
+			"setTypeMismatch": "The policy with id: \"{setId}\" is not of type Set, it is of type: \"{type}\"."
 		},
 		"policyDecisionPointService": {
-			"decidingFailed": "Deciding on policies for locator \"{locator}\" failed in arbiter with id: \"{arbiterId}\"",
-			"noSupportedArbiters": "No arbiters found that support the given locator: \"{locator}\""
+			"decidingFailed": "Deciding on policies for policy id \"{policyId}\" failed in arbiter with id: \"{arbiterId}\"",
+			"noArbiters": "No policy arbiters are registered in the system."
 		},
 		"policyEnforcementPointService": {
-			"processingFailed": "Failed to process information using processor with id: \"{processorId}\", locator: \"{locator}\""
+			"noProcessors": "No processors available to process information",
+			"processingFailed": "Failed to process information using processor with id: \"{processorId}\", policy id: \"{policyId}\"",
+			"noPoliciesFound": "No policies found for locator: \"{locator}\"",
+			"multiplePoliciesFound": "Multiple policies found for locator: \"{locator}\""
 		},
 		"policyInformationPointService": {
-			"sourceRetrieveFailed": "Failed to retrieve information from source with id: \"{sourceId}\", locator: \"{locator}\""
+			"sourceRetrieveFailed": "Failed to retrieve information from source with id: \"{sourceId}\", for policy: \"{policyId}\""
 		},
 		"identityPolicyInformationSource": {
-			"identityRetrievalFailed": "Failed to retrieve identity information for locator: \"{locator}\""
+			"identityRetrievalFailed": "Failed to retrieve identity \"{id}\" information for policy id: \"{policyId}\""
+		},
+		"defaultPolicyEnforcementProcessor": {
+			"targetNotJsonPath": "The policy decision target \"{target}\" is not a valid JSON-path string, it should be a minimum of $.",
+			"replaceValueMissing": "The policy decision replaceValue was not provided for target \"{target}\"."
 		},
 		"policyNegotiationPointService": {
 			"noOfferFound": "No offer found with id: \"{offerId}\"",
 			"noNegotiatorFound": "No negotiator found which support offer id: \"{offerId}\"",
-			"noRequesterFound": "No requester found with id: \"{requesterId}\"",
+			"noRequesterFound": "No requester found with type: \"{notFoundId}\"",
 			"negotiationFailed": "Negotiation failed for offer id: \"{offerId}\"",
 			"agreementMissing": "The agreement is missing",
 			"negotiationNotFound": "No negotiation found with id: \"{notFoundId}\"",
@@ -908,7 +927,7 @@
 			"policyNotFound": "Policy with id: \"{notFoundId}\" not found"
 		},
 		"policyExecutionPointService": {
-			"actionExecutionFailed": "Action execution failed for id: \"{actionId}\", at stage \"{stage}\", with locator: \"{locator}\""
+			"actionExecutionFailed": "Action execution failed for id: \"{actionId}\", at stage \"{stage}\", policy id: \"{policyId}\""
 		},
 		"policyNegotiationPointRestClient": {
 			"notSupportedOnClient": "The method \"{methodName}\" is not supported on the REST client, it can only be used on a server side component"
@@ -1096,6 +1115,9 @@
 					"description": "Bootstrap in legacy mode for backwards compatibility, **will be deprecated in future versions**",
 					"example": "bootstrap-legacy --load-env=\"./.env.bootstrap-legacy\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"load-env": {
 							"description": "Comma separated list of paths to .env files to read input parameters from."
 						}
@@ -1120,6 +1142,9 @@
 					"description": "Create an identity",
 					"example": "identity-create --mnemonic=\"...\" --fund-wallet=true",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"mnemonic": {
 							"description": "The mnemonic phrase to use for the identity. If not provided, a random mnemonic will be generated."
 						},
@@ -1171,6 +1196,9 @@
 					"description": "Import an identity",
 					"example": "identity-import --identity=\"did:iota:...\" --mnemonic=\"...\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"identity": {
 							"description": "The DID of the identity to import."
 						},
@@ -1190,6 +1218,9 @@
 					"description": "Create a verifiable credential",
 					"example": "identity-verifiable-credential-create --identity=\"did:iota:....\" --verification-method-id=\"my-id\" --subject-json=\"./subject.json\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"identity": {
 							"description": "The DID of the identity to use to create the credential."
 						},
@@ -1231,6 +1262,9 @@
 					"description": "Import an identity verification method",
 					"example": "identity-verification-method-import --identity=\"did:iota:....\" --verification-method-type=\"verificationMethod\" --verification-method-id=\"my-key-1\" ----private-key-hex=\"15...a2\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"identity": {
 							"description": "The DID of the identity to import the verification method to."
 						},
@@ -1260,6 +1294,9 @@
 					"description": "Create an identity verification method",
 					"example": "identity-verification-method-create --identity=\"did:iota:....\" --verification-method-type=\"verificationMethod\" --verification-method-id=\"my-key-1\" --controller=\"did:iota:....\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"identity": {
 							"description": "The DID of the identity to add the verification method to."
 						},
@@ -1308,6 +1345,9 @@
 					"description": "Set the node identity",
 					"example": "node-set-identity --identity=\"did:iota...\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"identity": {
 							"description": "The identity to set in the node."
 						},
@@ -1324,6 +1364,9 @@
 					"description": "Create a tenant with associated api key",
 					"example": "tenant-create --tenant-id=\"0011..aabb\" --api-key=\"aabb..0099\" --label=\"My Tenant\" --public-origin=\"https://example.com:1234\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"tenant-id": {
 							"description": "The tenant ID to add. If not provided a random tenant id will be generated."
 						},
@@ -1361,6 +1404,9 @@
 					"description": "Import a tenant with associated api key",
 					"example": "tenant-import --tenant-id=\"0011..aabb\" --api-key=\"aabb..0099\" --label=\"My Tenant\" --public-origin=\"https://example.com:1234\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"tenant-id": {
 							"description": "The tenant ID to import."
 						},
@@ -1386,6 +1432,9 @@
 					"description": "Update a tenant with associated api key",
 					"example": "tenant-update --tenant-id=\"0011..aabb\" --api-key=\"aabb..0099\" --label=\"My Tenant\" --public-origin=\"https://example.com:1234\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"tenant-id": {
 							"description": "The tenant ID to update."
 						},
@@ -1411,6 +1460,9 @@
 					"description": "Set the node tenant",
 					"example": "node-set-tenant --tenant-id=\"0011..aabb\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"tenant-id": {
 							"description": "The tenant ID to add. If not provided a random tenant id will be generated."
 						},
@@ -1424,8 +1476,11 @@
 				},
 				"user-create": {
 					"description": "Create a user",
-					"example": "user-create --user-identity=\"did:iota:....\" --organization-identity=\"did:iota:....\" --email=\"bob@examples.com\" --password=\"pass1234\" --givenName=\"Bob\" --familyName=\"Smith\"",
+					"example": "user-create --user-identity=\"did:iota:....\" --organization-identity=\"did:iota:....\" --email=\"bob@examples.com\" --password=\"pass1234\" --scope=\"tenant-admin\" --givenName=\"Bob\" --familyName=\"Smith\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"user-identity": {
 							"description": "The DID to associate the user with."
 						},
@@ -1438,6 +1493,9 @@
 						"password": {
 							"description": "The password for the user."
 						},
+						"scope": {
+							"description": "List of scopes to associate with the user, comma separated."
+						},
 						"given-name": {
 							"description": "The given name of the user."
 						},
@@ -1466,13 +1524,54 @@
 						"storingProfile": "Storing profile",
 						"userCreated": "User created",
 						"skipping": "The user with ID already exists, skipping creation",
-						"overwriting": "Overwriting existing user with ID"
+						"overwriting": "Overwriting existing user with ID",
+						"email": "Email",
+						"password": "Password"
+					}
+				},
+				"user-update": {
+					"description": "Update a user",
+					"example": "user-update --email=\"bob@examples.com\" --user-identity=\"did:iota:....\" --organization-identity=\"did:iota:....\" --scope=\"tenant-admin\" --givenName=\"Bob\" --familyName=\"Smith\"",
+					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
+						"user-identity": {
+							"description": "The DID to associate the user with."
+						},
+						"organization-identity": {
+							"description": "The organization DID to associate the user with."
+						},
+						"email": {
+							"description": "The email address of the user."
+						},
+						"scope": {
+							"description": "List of scopes to associate with the user, comma separated."
+						},
+						"given-name": {
+							"description": "The given name of the user."
+						},
+						"family-name": {
+							"description": "The family name of the user."
+						},
+						"load-env": {
+							"description": "Comma separated list of paths to .env files to read input parameters from."
+						}
+					},
+					"labels": {
+						"updating": "Updating user",
+						"storingUser": "Storing user",
+						"storingProfile": "Storing profile",
+						"userUpdated": "User updated"
 					}
 				},
 				"vault-key-create": {
 					"description": "Create a vault key for an identity",
 					"example": "vault-key-create --identity=\"did:iota:....\" --key-id=\"my-key\" --type=\"Ed25519\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"identity": {
 							"description": "The DID to associate the key with."
 						},
@@ -1515,6 +1614,9 @@
 					"description": "Import a vault key for an identity",
 					"example": "vault-key-import --identity=\"did:iota:....\" --key-id=\"my-key\" --key-type=Ed25519 --private-key-hex=\"15...a2\"",
 					"params": {
+						"env-prefix": {
+							"description": "Prefix to use for standard .env files e.g. TWIN_."
+						},
 						"identity": {
 							"description": "The DID to associate the key with."
 						},
@@ -1782,27 +1884,46 @@
 			"contractReady": "Contract ready for use"
 		},
 		"policyEnforcementPointService": {
-			"processing": "Processing information using processor with id: \"{processorId}\", locator: \"{locator}\"",
-			"intercepting": "Intercepting information for locator: \"{locator}\""
+			"processing": "Processing information using processor with id: \"{processorId}\", policy id: \"{policyId}\"",
+			"intercepting": "Intercepting information for policy id: \"{policyId}\""
 		},
 		"identityPolicyInformationSource": {
-			"identityRetrieving": "Retrieving identity information for locator: \"{locator}\""
+			"identityRetrieving": "Retrieving identity \"{id}\" information for policy id: \"{policyId}\""
 		},
 		"staticPolicyInformationSource": {
-			"staticRetrieving": "Retrieving static policy information for locator \"{locator}\" with access mode: \"{accessMode}\"",
-			"staticRetrieved": "Retrieved static policy information for locator: \"{locator}\" with access mode: \"{accessMode}\", item count: {itemCount}"
+			"staticRetrieving": "Retrieving static policy information for policy id: \"{policyId}\" with access mode: \"{accessMode}\"",
+			"staticRetrieved": "Retrieved static policy information for policy id: \"{policyId}\" with access mode: \"{accessMode}\", item count: {itemCount}"
 		},
 		"loggingPolicyExecutionAction": {
-			"policyActionExecutedBefore": "Policy executed for locator: \"{locator}\", stage: \"{stage}\", data: \"{data}\", policies: \"{policies}\"",
-			"policyActionExecutedAfter": "Policy executed for locator: \"{locator}\", stage: \"{stage}\", data: \"{data}\", policies: \"{policies}\", decisions: \"{decisions}\""
+			"policyActionExecutedBefore": "Policy executed for policyId: \"{policyId}\", stage: \"{stage}\", data: \"{data}\", policy: \"{policy}\", decisions: \"{decisions}\"",
+			"policyActionExecutedAfter": "Policy executed for policyId: \"{policyId}\", stage: \"{stage}\", data: \"{data}\", policy: \"{policy}\", decisions: \"{decisions}\""
+		},
+		"passThroughPolicyEnforcementProcessor": {
+			"processingPolicy": "Processing policy enforcement for policy id: \"{policyId}\""
+		},
+		"defaultPolicyEnforcementProcessor": {
+			"processingPolicy": "Processing policy enforcement for policy id: \"{policyId}\""
+		},
+		"passThroughPolicyArbiter": {
+			"decidingPolicy": "Deciding policy for policy id: \"{policyId}\""
+		},
+		"passThroughPolicyNegotiator": {
+			"handlingOffer": "Handling offer negotiation for offer id: \"{offerId}\"",
+			"createAgreement": "Creating agreement for policy id: \"{offerId}\""
+		},
+		"passThroughPolicyRequester": {
+			"offer": "Logging offer request for offer id: \"{offerId}\", negotiation id: \"{negotiationId}\"",
+			"agreement": "Logging agreement request for agreement id: \"{agreementId}\", negotiation id: \"{negotiationId}\"",
+			"finalised": "Logging finalised request for negotiation id: \"{negotiationId}\"",
+			"terminated": "Logging terminated request for negotiation id: \"{negotiationId}\""
 		},
 		"policyManagementPointService": {
 			"retrieving": "Retrieving policies for locator \"locator\"",
 			"retrieved": "Retrieved {count} policies for locator \"locator\"."
 		},
 		"policyExecutionPointService": {
-			"executingActions": "Executing actions for stage: \"{stage}\", locator: \"{locator}\"",
-			"executingAction": "Executing action for stage: \"{stage}\", locator: \"{locator}\""
+			"executingActions": "Executing actions for stage: \"{stage}\", policy id: \"{policyId}\"",
+			"executingAction": "Executing action for stage: \"{stage}\", policy id: \"{policyId}\""
 		},
 		"changeSetHelper": {
 			"changeSetApplyingChange": "Applying remote sync change with operation id \"{operation}\" for item with id \"{id}\"",

package/docs/changelog.md

@@ -1,5 +1,33 @@
 # @twin.org/node - Changelog
 
+## [0.0.3-next.18](https://github.com/twinfoundation/node/compare/node-v0.0.3-next.17...node-v0.0.3-next.18) (2026-02-04)
+
+
+### Features
+
+* env-prefix option and user-update cli command ([#83](https://github.com/twinfoundation/node/issues/83)) ([fc48efa](https://github.com/twinfoundation/node/commit/fc48efa7ad72173def048170c3afb5eeb9f1b292))
+
+
+### Dependencies
+
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/node-core bumped from 0.0.3-next.17 to 0.0.3-next.18
+
+## [0.0.3-next.17](https://github.com/twinfoundation/node/compare/node-v0.0.3-next.16...node-v0.0.3-next.17) (2026-02-02)
+
+
+### Features
+
+* update rights management ([5c992c6](https://github.com/twinfoundation/node/commit/5c992c6b0d72f3eeaa39ee267e096d9a3f477f4e))
+
+
+### Dependencies
+
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/node-core bumped from 0.0.3-next.16 to 0.0.3-next.17
+
 ## [0.0.3-next.16](https://github.com/twinfoundation/node/compare/node-v0.0.3-next.15...node-v0.0.3-next.16) (2026-01-28)
 
 

package/docs/examples.md

@@ -142,7 +142,7 @@ twin-node identity-verification-method-create --load-env="node-identity.env,orga
 twin-node vault-key-create --load-env="organization-identity.env" --identity=!ORGANIZATION_DID --key-id=!TWIN_BLOB_STORAGE_ENCRYPTION_KEY_ID --key-type=ChaCha20Poly1305 --output-json="organization-blob-encryption.json" --output-env="organization-blob-encryption.env"
 ```
 
-### Create a user identity associated with the organization
+### Create an identity associated with the organization
 
 ```shell
 twin-node identity-create --load-env="organization-identity.env" --controller=!ORGANIZATION_DID --output-json="user-identity.json" --output-env="user-identity.env" --output-env-prefix=user
@@ -151,5 +151,11 @@ twin-node identity-create --load-env="organization-identity.env" --controller=!O
 ### Create a user login associated with the user identity
 
 ```shell
-twin-node user-create --load-env="organization-identity.env,user-identity.env,node-tenant.env" --user-identity=!USER_DID --organization-identity=!ORGANIZATION_DID --tenant-id=!NODE_TENANT_ID --email="admin@node" --output-json="user-account-admin.json" --output-env="user-account-admin.env" --output-env-prefix=admin
+twin-node user-create --load-env="organization-identity.env,user-identity.env,node-tenant.env" --user-identity=!USER_DID --organization-identity=!ORGANIZATION_DID --email="admin@node" --scope="tenant-admin" --output-json="user-account-admin.json" --output-env="user-account-admin.env" --output-env-prefix=admin
+```
+
+### Update a user login associated with the user identity
+
+```shell
+twin-node user-update --load-env="organization-identity.env,user-identity.env,node-tenant.env" --email="admin@node" --scope="tenant-admin,foo"
 ```

package/docs/open-api/spec.json

@@ -12779,6 +12779,42 @@
 					"Policy Administration Point"
 				],
 				"parameters": [
+					{
+						"name": "assigner",
+						"description": "The assigner to filter by.",
+						"in": "query",
+						"required": false,
+						"schema": {
+							"type": "string"
+						}
+					},
+					{
+						"name": "assignee",
+						"description": "The assignee to filter by.",
+						"in": "query",
+						"required": false,
+						"schema": {
+							"type": "string"
+						}
+					},
+					{
+						"name": "action",
+						"description": "The action to filter by.",
+						"in": "query",
+						"required": false,
+						"schema": {
+							"type": "string"
+						}
+					},
+					{
+						"name": "target",
+						"description": "The target to filter by.",
+						"in": "query",
+						"required": false,
+						"schema": {
+							"type": "string"
+						}
+					},
 					{
 						"name": "conditions",
 						"description": "The condition for the query.",
@@ -12823,22 +12859,19 @@
 								},
 								"examples": {
 									"papQueryResponseExample": {
-										"value": {
-											"cursor": "next-page-cursor",
-											"policies": [
-												{
-													"@context": "http://www.w3.org/ns/odrl.jsonld",
-													"@type": "Set",
-													"uid": "urn:rights-management:abc123def456",
-													"permission": [
-														{
-															"target": "http://example.com/asset/1",
-															"action": "use"
-														}
-													]
-												}
-											]
-										}
+										"value": [
+											{
+												"@context": "http://www.w3.org/ns/odrl.jsonld",
+												"@type": "Set",
+												"uid": "urn:rights-management:abc123def456",
+												"permission": [
+													{
+														"target": "http://example.com/asset/1",
+														"action": "use"
+													}
+												]
+											}
+										]
 									}
 								}
 							}
@@ -13215,6 +13248,345 @@
 				}
 			}
 		},
+		"/rights-management/policy/admin/agreement/{id}": {
+			"get": {
+				"operationId": "papGetAgreement",
+				"summary": "Get a policy agreement",
+				"tags": [
+					"Policy Administration Point"
+				],
+				"parameters": [
+					{
+						"name": "id",
+						"description": "The ID of the agreement to get.",
+						"in": "path",
+						"required": true,
+						"schema": {
+							"type": "string"
+						},
+						"style": "simple",
+						"example": "urn:rights-management:abc123def456"
+					}
+				],
+				"security": [
+					{
+						"jwtBearerAuthScheme": []
+					}
+				],
+				"responses": {
+					"200": {
+						"description": "The response structure for getting an agreement.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "https://schema.twindev.org/w3c-odrl/OdrlAgreement"
+								},
+								"examples": {
+									"papGetResponseExample": {
+										"value": {
+											"@context": "http://www.w3.org/ns/odrl.jsonld",
+											"@type": "Agreement",
+											"uid": "urn:rights-management:abc123def456",
+											"permission": [
+												{
+													"target": "http://example.com/asset/1",
+													"action": "use"
+												}
+											],
+											"assignee": "did:example:receiver",
+											"assigner": "did:example:sender"
+										}
+									}
+								}
+							}
+						}
+					},
+					"400": {
+						"description": "The server cannot process the request, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "GeneralError",
+											"message": "errorMessage",
+											"properties": {
+												"foo": "bar"
+											}
+										}
+									}
+								}
+							}
+						}
+					},
+					"401": {
+						"description": "You are not authorized to use the API or no credentials were supplied, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "UnauthorizedError",
+											"message": "errorMessage"
+										}
+									}
+								}
+							}
+						}
+					},
+					"500": {
+						"description": "The server has encountered a situation it does not know how to handle, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "InternalServerError",
+											"message": "errorMessage"
+										}
+									}
+								}
+							}
+						}
+					}
+				}
+			}
+		},
+		"/rights-management/policy/admin/offer/{id}": {
+			"get": {
+				"operationId": "papGetOffer",
+				"summary": "Get a policy offer",
+				"tags": [
+					"Policy Administration Point"
+				],
+				"parameters": [
+					{
+						"name": "id",
+						"description": "The ID of the offer to get.",
+						"in": "path",
+						"required": true,
+						"schema": {
+							"type": "string"
+						},
+						"style": "simple",
+						"example": "urn:rights-management:abc123def456"
+					}
+				],
+				"security": [
+					{
+						"jwtBearerAuthScheme": []
+					}
+				],
+				"responses": {
+					"200": {
+						"description": "The response structure for getting an offer.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "https://schema.twindev.org/w3c-odrl/OdrlOffer"
+								},
+								"examples": {
+									"papGetResponseExample": {
+										"value": {
+											"@context": "http://www.w3.org/ns/odrl.jsonld",
+											"@type": "Offer",
+											"uid": "urn:rights-management:abc123def456",
+											"permission": [
+												{
+													"target": "http://example.com/asset/1",
+													"action": "use"
+												}
+											],
+											"assignee": "did:example:receiver",
+											"assigner": "did:example:sender"
+										}
+									}
+								}
+							}
+						}
+					},
+					"400": {
+						"description": "The server cannot process the request, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "GeneralError",
+											"message": "errorMessage",
+											"properties": {
+												"foo": "bar"
+											}
+										}
+									}
+								}
+							}
+						}
+					},
+					"401": {
+						"description": "You are not authorized to use the API or no credentials were supplied, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "UnauthorizedError",
+											"message": "errorMessage"
+										}
+									}
+								}
+							}
+						}
+					},
+					"500": {
+						"description": "The server has encountered a situation it does not know how to handle, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "InternalServerError",
+											"message": "errorMessage"
+										}
+									}
+								}
+							}
+						}
+					}
+				}
+			}
+		},
+		"/rights-management/policy/admin/set/{id}": {
+			"get": {
+				"operationId": "papGetSet",
+				"summary": "Get a policy set",
+				"tags": [
+					"Policy Administration Point"
+				],
+				"parameters": [
+					{
+						"name": "id",
+						"description": "The ID of the set to get.",
+						"in": "path",
+						"required": true,
+						"schema": {
+							"type": "string"
+						},
+						"style": "simple",
+						"example": "urn:rights-management:abc123def456"
+					}
+				],
+				"security": [
+					{
+						"jwtBearerAuthScheme": []
+					}
+				],
+				"responses": {
+					"200": {
+						"description": "The response structure for getting a set.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "https://schema.twindev.org/w3c-odrl/OdrlSet"
+								},
+								"examples": {
+									"papGetResponseExample": {
+										"value": {
+											"@context": "http://www.w3.org/ns/odrl.jsonld",
+											"@type": "Set",
+											"uid": "urn:rights-management:abc123def456",
+											"permission": [
+												{
+													"target": "http://example.com/asset/1",
+													"action": "use"
+												}
+											],
+											"assignee": "did:example:receiver",
+											"assigner": "did:example:sender"
+										}
+									}
+								}
+							}
+						}
+					},
+					"400": {
+						"description": "The server cannot process the request, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "GeneralError",
+											"message": "errorMessage",
+											"properties": {
+												"foo": "bar"
+											}
+										}
+									}
+								}
+							}
+						}
+					},
+					"401": {
+						"description": "You are not authorized to use the API or no credentials were supplied, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "UnauthorizedError",
+											"message": "errorMessage"
+										}
+									}
+								}
+							}
+						}
+					},
+					"500": {
+						"description": "The server has encountered a situation it does not know how to handle, see the content for more details.",
+						"content": {
+							"application/json": {
+								"schema": {
+									"$ref": "#/components/schemas/Error"
+								},
+								"examples": {
+									"exampleResponse": {
+										"value": {
+											"name": "InternalServerError",
+											"message": "errorMessage"
+										}
+									}
+								}
+							}
+						}
+					}
+				}
+			}
+		},
 		"/rights-management/negotiations/{id}": {
 			"get": {
 				"operationId": "pnpGetNegotiation",
@@ -14599,17 +14971,14 @@
 								},
 								"examples": {
 									"pnapQueryResponseExample": {
-										"value": {
-											"items": [
-												{
-													"id": "pid",
-													"correlationId": "cid",
-													"dateCreated": "2025-09-03T00:00:00.000Z",
-													"state": "REQUESTED"
-												}
-											],
-											"cursor": "next-cursor"
-										}
+										"value": [
+											{
+												"id": "pid",
+												"correlationId": "cid",
+												"dateCreated": "2025-09-03T00:00:00.000Z",
+												"state": "REQUESTED"
+											}
+										]
 									}
 								}
 							}
@@ -18954,45 +19323,17 @@
 				"description": "The body of the request - the policy to create (uid will be auto-generated)."
 			},
 			"PapQueryResponse": {
-				"type": "object",
-				"properties": {
-					"cursor": {
-						"type": "string",
-						"description": "The cursor for the next page of results, if there are more results available."
-					},
-					"policies": {
-						"type": "array",
-						"items": {
-							"$ref": "https://schema.twindev.org/w3c-odrl/OdrlPolicy"
-						},
-						"description": "The policies matching the query."
-					}
+				"type": "array",
+				"items": {
+					"$ref": "https://schema.twindev.org/w3c-odrl/OdrlPolicy"
 				},
-				"required": [
-					"policies"
-				],
-				"additionalProperties": false,
 				"description": "The body of the response."
 			},
 			"PnapQueryResponse": {
-				"type": "object",
-				"properties": {
-					"items": {
-						"type": "array",
-						"items": {
-							"$ref": "#/components/schemas/PolicyNegotiation"
-						},
-						"description": "The list of policy negotiations."
-					},
-					"cursor": {
-						"type": "string",
-						"description": "The cursor for pagination."
-					}
+				"type": "array",
+				"items": {
+					"$ref": "#/components/schemas/PolicyNegotiation"
 				},
-				"required": [
-					"items"
-				],
-				"additionalProperties": false,
 				"description": "The body of the response."
 			},
 			"PnpContractNegotiationResponse": {
@@ -19006,39 +19347,9 @@
 				],
 				"description": "The state of the policy or an error."
 			},
-			"PolicyInformation": {
-				"type": "object",
-				"additionalProperties": {
-					"$ref": "#/components/schemas/PolicyInformationItems"
-				},
-				"description": "Interface describing a Policy Information."
-			},
-			"PolicyInformationItems": {
-				"type": "array",
-				"items": {
-					"$ref": "https://schema.twindev.org/json-ld/JsonLdNodeObject"
-				},
-				"description": "Interface describing a Policy Information."
-			},
 			"PolicyNegotiation": {
 				"type": "object",
 				"properties": {
-					"assignee": {
-						"type": "string",
-						"description": "The assignee for the locator."
-					},
-					"action": {
-						"type": "string",
-						"description": "The action for the locator."
-					},
-					"assetType": {
-						"type": "string",
-						"description": "The asset type for the locator."
-					},
-					"resourceId": {
-						"type": "string",
-						"description": "A resource identifier for the locator."
-					},
 					"id": {
 						"type": "string",
 						"description": "The primary id used by the provider."
@@ -19072,8 +19383,8 @@
 					"agreement": {
 						"$ref": "https://schema.twindev.org/w3c-odrl/OdrlAgreement"
 					},
-					"information": {
-						"$ref": "#/components/schemas/PolicyInformation"
+					"trustVerificationInfo": {
+						"$ref": "#/components/schemas/TrustVerificationInfo"
 					},
 					"code": {
 						"type": "string",
@@ -19564,6 +19875,27 @@
 				"additionalProperties": false,
 				"description": "The response payload."
 			},
+			"TrustVerificationInfo": {
+				"type": "object",
+				"properties": {
+					"identity": {
+						"type": "string",
+						"description": "The identity associated with the payload."
+					},
+					"data": {
+						"type": "object",
+						"additionalProperties": {
+							"$ref": "https://schema.twindev.org/json-ld/JsonLdNodeObject"
+						},
+						"description": "Additional JSON-LD node objects associated with the verification."
+					}
+				},
+				"required": [
+					"identity"
+				],
+				"additionalProperties": false,
+				"description": "Interface describing a trust verifier information."
+			},
 			"UpdatePasswordRequest": {
 				"type": "object",
 				"properties": {

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@twin.org/node",
-	"version": "0.0.3-next.16",
+	"version": "0.0.3-next.18",
 	"description": "TWIN Node serving APIs using the specified configuration",
 	"repository": {
 		"type": "git",
@@ -14,7 +14,7 @@
 		"node": ">=20.0.0"
 	},
 	"dependencies": {
-		"@twin.org/node-core": "0.0.3-next.16"
+		"@twin.org/node-core": "0.0.3-next.18"
 	},
 	"bugs": {
 		"url": "git+https://github.com/twinfoundation/node/issues"