gdc-common-utils-ts 1.6.0 → 1.8.0

package/dist/examples/ica-activation-proof.d.ts

@@ -0,0 +1,55 @@
+/**
+ * Shared synthetic ICA activation-proof fixtures reused by docs/tests.
+ *
+ * Contract note:
+ * - issuer/holder/audience DIDs, VC subtype names, and representative binding
+ *   fields must be imported from this module instead of re-hardcoded inline
+ * - the representative `hasCredential.material` shape below reflects the
+ *   current `activation-policy` helper contract; if ICA finalizes a different
+ *   VC shape, update this module first and then the dependent helpers/tests
+ */
+export declare const EXAMPLE_ICA_VP_ISSUER_DID: "did:web:controller.example.org";
+export declare const EXAMPLE_ICA_VP_AUDIENCE_DID: "did:web:host.example.com";
+export declare const EXAMPLE_ICA_VP_HOLDER_DID: "did:web:controller.example.org";
+export declare const EXAMPLE_ICA_ORGANIZATION_DID: "did:web:org.example.org";
+export declare const EXAMPLE_ICA_REPRESENTATIVE_DID: "did:web:rep.example.org";
+export declare const EXAMPLE_ICA_ORGANIZATION_TAX_ID: "ESB00112233";
+export declare const EXAMPLE_ICA_REPRESENTATIVE_ROLE_CODE: "RESPRSN";
+export declare const EXAMPLE_ICA_REPRESENTATIVE_BINDING_MATERIAL: "controller-sig-kid";
+export declare const EXAMPLE_ICA_ORGANIZATION_CREDENTIAL: Readonly<{
+    '@context': string[];
+    type: ("VerifiableCredential" | "OrganizationCredential")[];
+    credentialSubject: {
+        id: "did:web:org.example.org";
+        taxID: "ESB00112233";
+    };
+}>;
+export declare const EXAMPLE_ICA_LEGAL_REPRESENTATIVE_CREDENTIAL: Readonly<{
+    '@context': string[];
+    type: ("VerifiableCredential" | "LegalRepresentativeCredential")[];
+    credentialSubject: {
+        id: "did:web:rep.example.org";
+        memberOf: {
+            taxID: "ESB00112233";
+        };
+        hasOccupation: {
+            identifier: {
+                value: "RESPRSN";
+            };
+        };
+        hasCredential: {
+            material: "controller-sig-kid";
+        };
+    };
+}>;
+export declare const EXAMPLE_ICA_ACTIVATION_VP_PAYLOAD: Readonly<{
+    iss: "did:web:controller.example.org";
+    sub: "did:web:controller.example.org";
+    aud: "did:web:host.example.com";
+    vp: {
+        '@context': "https://www.w3.org/2018/credentials/v1"[];
+        type: "VerifiablePresentation"[];
+        holder: "did:web:controller.example.org";
+        verifiableCredential: string[];
+    };
+}>;

package/dist/examples/ica-activation-proof.js

@@ -0,0 +1,67 @@
+// Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
+// Always create JSDoc, do not use strings inline in keys nor values, use types instead, and reuse the data test examples.
+import { ActivationCredentialTypes, W3cCredentialContexts, W3cCredentialTypes, } from '../constants/verifiable-credentials.js';
+/**
+ * Shared synthetic ICA activation-proof fixtures reused by docs/tests.
+ *
+ * Contract note:
+ * - issuer/holder/audience DIDs, VC subtype names, and representative binding
+ *   fields must be imported from this module instead of re-hardcoded inline
+ * - the representative `hasCredential.material` shape below reflects the
+ *   current `activation-policy` helper contract; if ICA finalizes a different
+ *   VC shape, update this module first and then the dependent helpers/tests
+ */
+export const EXAMPLE_ICA_VP_ISSUER_DID = 'did:web:controller.example.org';
+export const EXAMPLE_ICA_VP_AUDIENCE_DID = 'did:web:host.example.com';
+export const EXAMPLE_ICA_VP_HOLDER_DID = EXAMPLE_ICA_VP_ISSUER_DID;
+export const EXAMPLE_ICA_ORGANIZATION_DID = 'did:web:org.example.org';
+export const EXAMPLE_ICA_REPRESENTATIVE_DID = 'did:web:rep.example.org';
+export const EXAMPLE_ICA_ORGANIZATION_TAX_ID = 'ESB00112233';
+export const EXAMPLE_ICA_REPRESENTATIVE_ROLE_CODE = 'RESPRSN';
+export const EXAMPLE_ICA_REPRESENTATIVE_BINDING_MATERIAL = 'controller-sig-kid';
+export const EXAMPLE_ICA_ORGANIZATION_CREDENTIAL = Object.freeze({
+    '@context': [W3cCredentialContexts.V2, 'https://schema.org'],
+    type: [
+        W3cCredentialTypes.VerifiableCredential,
+        ActivationCredentialTypes.OrganizationCredential,
+    ],
+    credentialSubject: {
+        id: EXAMPLE_ICA_ORGANIZATION_DID,
+        taxID: EXAMPLE_ICA_ORGANIZATION_TAX_ID,
+    },
+});
+export const EXAMPLE_ICA_LEGAL_REPRESENTATIVE_CREDENTIAL = Object.freeze({
+    '@context': [W3cCredentialContexts.V2, 'https://schema.org'],
+    type: [
+        W3cCredentialTypes.VerifiableCredential,
+        ActivationCredentialTypes.LegalRepresentativeCredential,
+    ],
+    credentialSubject: {
+        id: EXAMPLE_ICA_REPRESENTATIVE_DID,
+        memberOf: {
+            taxID: EXAMPLE_ICA_ORGANIZATION_TAX_ID,
+        },
+        hasOccupation: {
+            identifier: {
+                value: EXAMPLE_ICA_REPRESENTATIVE_ROLE_CODE,
+            },
+        },
+        hasCredential: {
+            material: EXAMPLE_ICA_REPRESENTATIVE_BINDING_MATERIAL,
+        },
+    },
+});
+export const EXAMPLE_ICA_ACTIVATION_VP_PAYLOAD = Object.freeze({
+    iss: EXAMPLE_ICA_VP_ISSUER_DID,
+    sub: EXAMPLE_ICA_VP_ISSUER_DID,
+    aud: EXAMPLE_ICA_VP_AUDIENCE_DID,
+    vp: {
+        '@context': [W3cCredentialContexts.V1],
+        type: [W3cCredentialTypes.VerifiablePresentation],
+        holder: EXAMPLE_ICA_VP_HOLDER_DID,
+        verifiableCredential: [
+            JSON.stringify(EXAMPLE_ICA_ORGANIZATION_CREDENTIAL),
+            JSON.stringify(EXAMPLE_ICA_LEGAL_REPRESENTATIVE_CREDENTIAL),
+        ],
+    },
+});

package/dist/examples/index.d.ts

@@ -1,4 +1,5 @@
 export * from './shared';
+export * from './ica-activation-proof';
 export * from './organization-controller';
 export * from './individual-controller';
 export * from './professional';

package/dist/examples/index.js

@@ -1,4 +1,5 @@
 export * from './shared.js';
+export * from './ica-activation-proof.js';
 export * from './organization-controller.js';
 export * from './individual-controller.js';
 export * from './professional.js';

package/dist/examples/individual-controller.d.ts

@@ -1,3 +1,19 @@
+/**
+ * Examples for individual-controller and subject-index bootstrap flows.
+ *
+ * CORE canonical examples in this file avoid phone-specific subject/controller
+ * fields unless the flow truly requires them. Telephone-driven notification or
+ * consent targeting is treated as an extension concern (for example UNID GW),
+ * not a CORE GW contract requirement.
+ *
+ * Semantic split:
+ *
+ * - these examples model the human controller as owner of the individual
+ *   subject-index organization
+ * - legal organization controller/representative examples belong instead to
+ *   organization activation and VC/member semantics, not to `owner.*` claims
+ */
+import type { ExampleClinicalBundleSearchInput, ExampleLatestIpsSearchInput } from './shared';
 export declare const EXAMPLE_INDIVIDUAL_ORGANIZATION_START_INPUT: {
     readonly alternateName: "ana";
     readonly controllerEmail: "ana.parent@example.org";
@@ -50,7 +66,7 @@ export declare const EXAMPLE_LIVE_CONSENT_GRANT_INPUT: {
     };
     readonly actorRole: "ISCO-08|2211";
     readonly purpose: "TREAT";
-    readonly actions: readonly ["LOINC|48765-2"];
+    readonly actions: readonly [string];
 };
 export declare const EXAMPLE_CONSENT_GRANT_RESPONSE: {
     readonly submit: {
@@ -80,17 +96,5 @@ export declare const EXAMPLE_DIGITAL_TWIN_COMPOSITION_INPUT: {
     };
     readonly format: "api";
 };
-export declare const EXAMPLE_CLINICAL_BUNDLE_SEARCH_INPUT: {
-    readonly subject: "did:web:api.acme.org:individual:123";
-    readonly section: readonly ["LOINC|60591-5", "LOINC|48765-2"];
-    readonly includedTypes: readonly ["Composition", "DocumentReference"];
-    readonly date: {
-        readonly start: "2026-01-01";
-        readonly end: "2026-12-31";
-    };
-    readonly code: "LOINC|11450-4";
-    readonly author: "did:web:api.acme.org:professional:1";
-};
-export declare const EXAMPLE_LATEST_IPS_SEARCH_INPUT: {
-    readonly subject: "did:web:api.acme.org:individual:123";
-};
+export declare const EXAMPLE_CLINICAL_BUNDLE_SEARCH_INPUT: ExampleClinicalBundleSearchInput;
+export declare const EXAMPLE_LATEST_IPS_SEARCH_INPUT: ExampleLatestIpsSearchInput;

package/dist/examples/individual-controller.js

@@ -1,20 +1,5 @@
 // Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
-/**
- * Examples for individual-controller and subject-index bootstrap flows.
- *
- * CORE canonical examples in this file avoid phone-specific subject/controller
- * fields unless the flow truly requires them. Telephone-driven notification or
- * consent targeting is treated as an extension concern (for example UNID GW),
- * not a CORE GW contract requirement.
- *
- * Semantic split:
- *
- * - these examples model the human controller as owner of the individual
- *   subject-index organization
- * - legal organization controller/representative examples belong instead to
- *   organization activation and VC/member semantics, not to `owner.*` claims
- */
-import { EXAMPLE_EMAIL_CONTROLLER_INDIVIDUAL } from './shared.js';
+import { EXAMPLE_API_ORGANIZATION_DID, EXAMPLE_CLINICAL_CODE_PROBLEM, EXAMPLE_CLINICAL_DATE_RANGE, EXAMPLE_CLINICAL_SECTION_ALLERGIES, EXAMPLE_CLINICAL_SECTION_PATIENT_SUMMARY, EXAMPLE_CONSENT_PURPOSE_TREATMENT, EXAMPLE_EMAIL_CONTROLLER_INDIVIDUAL, EXAMPLE_GENERIC_SUBJECT_DID, EXAMPLE_HEALTHCARE_ACTOR_ROLE_PHYSICIAN, EXAMPLE_HEALTHCARE_JURISDICTION, EXAMPLE_HEALTHCARE_ROLE_PHYSICIAN_TEXT, EXAMPLE_PRACTITIONER_DID, EXAMPLE_PROFESSIONAL_DID, EXAMPLE_SUBJECT_DID, } from './shared.js';
 export const EXAMPLE_INDIVIDUAL_ORGANIZATION_START_INPUT = {
     alternateName: 'ana',
     controllerEmail: EXAMPLE_EMAIL_CONTROLLER_INDIVIDUAL,
@@ -37,18 +22,18 @@ export const EXAMPLE_INDIVIDUAL_ORGANIZATION_ORDER_RESPONSE = {
     poll: { status: 200, body: {}, attempts: 1 },
 };
 export const EXAMPLE_CONSENT_GRANT_INPUT = {
-    actor: 'did:web:practitioner.example,ES',
-    actorRole: 'physician',
-    purpose: 'TREAT',
+    actor: `${EXAMPLE_PRACTITIONER_DID},${EXAMPLE_HEALTHCARE_JURISDICTION}`,
+    actorRole: EXAMPLE_HEALTHCARE_ROLE_PHYSICIAN_TEXT,
+    purpose: EXAMPLE_CONSENT_PURPOSE_TREATMENT,
     actions: ['read'],
-    subjectDid: 'did:web:subject.example',
+    subjectDid: EXAMPLE_GENERIC_SUBJECT_DID,
 };
 export const EXAMPLE_LIVE_CONSENT_GRANT_INPUT = {
-    subjectDid: 'did:web:api.acme.org:individual:123',
-    actor: { identifier: 'did:web:api.acme.org' },
-    actorRole: 'ISCO-08|2211',
-    purpose: 'TREAT',
-    actions: ['LOINC|48765-2'],
+    subjectDid: EXAMPLE_SUBJECT_DID,
+    actor: { identifier: EXAMPLE_API_ORGANIZATION_DID },
+    actorRole: EXAMPLE_HEALTHCARE_ACTOR_ROLE_PHYSICIAN,
+    purpose: EXAMPLE_CONSENT_PURPOSE_TREATMENT,
+    actions: [EXAMPLE_CLINICAL_SECTION_ALLERGIES],
 };
 export const EXAMPLE_CONSENT_GRANT_RESPONSE = {
     submit: { status: 202, body: {} },
@@ -74,13 +59,13 @@ export const EXAMPLE_DIGITAL_TWIN_COMPOSITION_INPUT = {
     format: 'api',
 };
 export const EXAMPLE_CLINICAL_BUNDLE_SEARCH_INPUT = {
-    subject: 'did:web:api.acme.org:individual:123',
-    section: ['LOINC|60591-5', 'LOINC|48765-2'],
+    subject: EXAMPLE_SUBJECT_DID,
+    section: [EXAMPLE_CLINICAL_SECTION_PATIENT_SUMMARY, EXAMPLE_CLINICAL_SECTION_ALLERGIES],
     includedTypes: ['Composition', 'DocumentReference'],
-    date: { start: '2026-01-01', end: '2026-12-31' },
-    code: 'LOINC|11450-4',
-    author: 'did:web:api.acme.org:professional:1',
+    date: EXAMPLE_CLINICAL_DATE_RANGE,
+    code: EXAMPLE_CLINICAL_CODE_PROBLEM,
+    author: EXAMPLE_PROFESSIONAL_DID,
 };
 export const EXAMPLE_LATEST_IPS_SEARCH_INPUT = {
-    subject: 'did:web:api.acme.org:individual:123',
+    subject: EXAMPLE_SUBJECT_DID,
 };

package/dist/examples/lifecycle.d.ts

@@ -16,6 +16,8 @@ export declare const EXAMPLE_LIFECYCLE_OPERATIONS: {
  * These are intentionally synthetic and stable. Repositories should override
  * them at runtime with environment variables, UI form values, or test fixtures
  * rather than committing personal data.
+ *
+ * Keep all repeated actor/section/code fixtures imported from `./shared`.
  */
 export declare const EXAMPLE_LIFECYCLE_PLACEHOLDERS: {
     readonly tenantId: "acme-id";
@@ -212,7 +214,7 @@ export declare const EXAMPLE_CONSENT_ENABLE_MESSAGE: {
         readonly "Consent.actor-identifier": "{{consentActorIdentifier}}";
         readonly "Consent.actor-role": "ISCO-08|2211";
         readonly "Consent.purpose": "TREAT";
-        readonly "Consent.action": "LOINC|48765-2";
+        readonly "Consent.action": string;
         readonly "Consent.decision": "permit";
     };
 };
@@ -231,7 +233,7 @@ export declare const EXAMPLE_CONSENT_DISABLE_MESSAGE: {
         readonly "Consent.actor-identifier": "{{consentActorIdentifier}}";
         readonly "Consent.actor-role": "ISCO-08|2211";
         readonly "Consent.purpose": "TREAT";
-        readonly "Consent.action": "LOINC|48765-2";
+        readonly "Consent.action": string;
         readonly "Consent.decision": "permit";
     };
 };
@@ -456,7 +458,7 @@ export declare const EXAMPLE_LIFECYCLE_REFERENCE: {
                 readonly "Consent.actor-identifier": "{{consentActorIdentifier}}";
                 readonly "Consent.actor-role": "ISCO-08|2211";
                 readonly "Consent.purpose": "TREAT";
-                readonly "Consent.action": "LOINC|48765-2";
+                readonly "Consent.action": string;
                 readonly "Consent.decision": "permit";
             };
         };
@@ -475,7 +477,7 @@ export declare const EXAMPLE_LIFECYCLE_REFERENCE: {
                 readonly "Consent.actor-identifier": "{{consentActorIdentifier}}";
                 readonly "Consent.actor-role": "ISCO-08|2211";
                 readonly "Consent.purpose": "TREAT";
-                readonly "Consent.action": "LOINC|48765-2";
+                readonly "Consent.action": string;
                 readonly "Consent.decision": "permit";
             };
         };

package/dist/examples/lifecycle.js

@@ -1,7 +1,7 @@
 // Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
 import { ClaimsOrganizationSchemaorg, ClaimsPersonSchemaorg, } from '../constants/schemaorg.js';
 import { ClaimConsent } from '../models/consent-rule.js';
-import { EXAMPLE_EMAIL_CONTROLLER_INDIVIDUAL, EXAMPLE_EMAIL_CONTROLLER_ORG, EXAMPLE_JURISDICTION, EXAMPLE_SECTOR, EXAMPLE_TENANT_IDENTIFIER, } from './shared.js';
+import { EXAMPLE_EMAIL_CONTROLLER_INDIVIDUAL, EXAMPLE_EMAIL_CONTROLLER_ORG, EXAMPLE_CLINICAL_SECTION_ALLERGIES, EXAMPLE_CONSENT_PURPOSE_TREATMENT, EXAMPLE_HEALTHCARE_ACTOR_ROLE_PHYSICIAN, EXAMPLE_JURISDICTION, EXAMPLE_SECTOR, EXAMPLE_TENANT_IDENTIFIER, } from './shared.js';
 /**
  * Canonical lifecycle naming for `v1`.
  *
@@ -20,6 +20,8 @@ export const EXAMPLE_LIFECYCLE_OPERATIONS = {
  * These are intentionally synthetic and stable. Repositories should override
  * them at runtime with environment variables, UI form values, or test fixtures
  * rather than committing personal data.
+ *
+ * Keep all repeated actor/section/code fixtures imported from `./shared`.
  */
 export const EXAMPLE_LIFECYCLE_PLACEHOLDERS = {
     tenantId: EXAMPLE_TENANT_IDENTIFIER,
@@ -214,9 +216,9 @@ export const EXAMPLE_CONSENT_ENABLE_MESSAGE = {
         [ClaimConsent.identifier]: EXAMPLE_LIFECYCLE_PLACEHOLDERS.consentIdentifier,
         [ClaimConsent.subject]: EXAMPLE_LIFECYCLE_PLACEHOLDERS.individualSubjectDid,
         [ClaimConsent.actorIdentifier]: EXAMPLE_LIFECYCLE_PLACEHOLDERS.consentActorIdentifier,
-        [ClaimConsent.actorRole]: 'ISCO-08|2211',
-        [ClaimConsent.purpose]: 'TREAT',
-        [ClaimConsent.action]: 'LOINC|48765-2',
+        [ClaimConsent.actorRole]: EXAMPLE_HEALTHCARE_ACTOR_ROLE_PHYSICIAN,
+        [ClaimConsent.purpose]: EXAMPLE_CONSENT_PURPOSE_TREATMENT,
+        [ClaimConsent.action]: EXAMPLE_CLINICAL_SECTION_ALLERGIES,
         [ClaimConsent.decision]: 'permit',
     },
 };
@@ -233,9 +235,9 @@ export const EXAMPLE_CONSENT_DISABLE_MESSAGE = {
         [ClaimConsent.identifier]: EXAMPLE_LIFECYCLE_PLACEHOLDERS.consentIdentifier,
         [ClaimConsent.subject]: EXAMPLE_LIFECYCLE_PLACEHOLDERS.individualSubjectDid,
         [ClaimConsent.actorIdentifier]: EXAMPLE_LIFECYCLE_PLACEHOLDERS.consentActorIdentifier,
-        [ClaimConsent.actorRole]: 'ISCO-08|2211',
-        [ClaimConsent.purpose]: 'TREAT',
-        [ClaimConsent.action]: 'LOINC|48765-2',
+        [ClaimConsent.actorRole]: EXAMPLE_HEALTHCARE_ACTOR_ROLE_PHYSICIAN,
+        [ClaimConsent.purpose]: EXAMPLE_CONSENT_PURPOSE_TREATMENT,
+        [ClaimConsent.action]: EXAMPLE_CLINICAL_SECTION_ALLERGIES,
         [ClaimConsent.decision]: 'permit',
     },
 };

package/dist/examples/organization-controller.d.ts

@@ -1,5 +1,9 @@
 /**
  * Examples for organization-controller and host-onboarding flows.
+ *
+ * Contract note:
+ * repeated synthetic DIDs, roles, and activation fixtures must come from
+ * `./shared`, never be re-hardcoded inline in public example payloads.
  */
 export declare const EXAMPLE_ACTIVATE_ORGANIZATION_FROM_ICA_PROOF_INPUT: {
     readonly vpToken: "<ica-proof-token>";
@@ -39,6 +43,7 @@ export declare const EXAMPLE_ACTIVATE_ORGANIZATION_FROM_ICA_PROOF_INPUT: {
         readonly "org.schema.Service.category": "health-care";
         readonly "org.schema.Service.identifier": "did:web:public.acme.org";
         readonly "org.schema.Service.url": `https://operator.example.net/acme/cds-${string}/v1/health-care`;
+        readonly "org.schema.Service.serviceType": string | undefined;
     };
 };
 export declare const EXAMPLE_GW_ORGANIZATION_ACTIVATE_PAYLOAD: {

package/dist/examples/organization-controller.js

@@ -1,9 +1,14 @@
 // Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
+// Always create JSDoc, do not use strings inline in keys nor values, use types instead, and reuse the data test examples.
 import { ClaimsOrganizationSchemaorg, ClaimsPersonSchemaorg, ClaimsServiceSchemaorg, } from '../constants/schemaorg.js';
-import { EXAMPLE_CONTROLLER_BINDING } from './shared.js';
-import { EXAMPLE_SECTOR, EXAMPLE_JURISDICTION, EXAMPLE_EMAIL_CONTROLLER_ORG } from './shared.js';
+import { ServiceCapabilityToken, serializeServiceCapabilityTokens, } from '../constants/service-capabilities.js';
+import { EXAMPLE_CONTROLLER_BINDING, EXAMPLE_DEVICE_CLIENT_ID, EXAMPLE_EMAIL_CONTROLLER_ORG, EXAMPLE_EMPLOYEE_ACTIVATION_CODE, EXAMPLE_HEALTHCARE_ACTOR_ROLE_RECEPTIONIST, EXAMPLE_JURISDICTION, EXAMPLE_ORGANIZATION_CONTROLLER_ROLE, EXAMPLE_SECTOR, EXAMPLE_SERVICE_PUBLIC_DID, } from './shared.js';
 /**
  * Examples for organization-controller and host-onboarding flows.
+ *
+ * Contract note:
+ * repeated synthetic DIDs, roles, and activation fixtures must come from
+ * `./shared`, never be re-hardcoded inline in public example payloads.
  */
 export const EXAMPLE_ACTIVATE_ORGANIZATION_FROM_ICA_PROOF_INPUT = {
     vpToken: '<ica-proof-token>',
@@ -16,10 +21,14 @@ export const EXAMPLE_ACTIVATE_ORGANIZATION_FROM_ICA_PROOF_INPUT = {
         [ClaimsOrganizationSchemaorg.addressCountry]: EXAMPLE_JURISDICTION,
         [ClaimsOrganizationSchemaorg.taxId]: 'VATES-B00112233',
         [ClaimsPersonSchemaorg.email]: EXAMPLE_EMAIL_CONTROLLER_ORG,
-        [ClaimsPersonSchemaorg.hasOccupationalRoleValue]: 'RESPRSN',
+        [ClaimsPersonSchemaorg.hasOccupationalRoleValue]: EXAMPLE_ORGANIZATION_CONTROLLER_ROLE,
         [ClaimsServiceSchemaorg.category]: EXAMPLE_SECTOR,
-        [ClaimsServiceSchemaorg.identifier]: 'did:web:public.acme.org',
+        [ClaimsServiceSchemaorg.identifier]: EXAMPLE_SERVICE_PUBLIC_DID,
         [ClaimsServiceSchemaorg.url]: `https://operator.example.net/acme/cds-${String(EXAMPLE_JURISDICTION).toLowerCase()}/v1/${EXAMPLE_SECTOR}`,
+        [ClaimsServiceSchemaorg.serviceType]: serializeServiceCapabilityTokens([
+            ServiceCapabilityToken.IndexingCruds,
+            ServiceCapabilityToken.DigitalTwinReadSearch,
+        ]),
     },
 };
 export const EXAMPLE_GW_ORGANIZATION_ACTIVATE_PAYLOAD = {
@@ -56,7 +65,7 @@ export const EXAMPLE_ORGANIZATION_EMPLOYEE_INPUT = {
     employeeClaims: {
         [ClaimsPersonSchemaorg.identifier]: 'urn:uuid:11b2c3d4-e5f6-7890-1234-567890abcdef',
         [ClaimsPersonSchemaorg.email]: 'receptionist1@acme.org',
-        [ClaimsPersonSchemaorg.hasOccupationalRoleValue]: 'ISCO-08|4226',
+        [ClaimsPersonSchemaorg.hasOccupationalRoleValue]: EXAMPLE_HEALTHCARE_ACTOR_ROLE_RECEPTIONIST,
     },
 };
 export const EXAMPLE_LIVE_EMPLOYEE_INPUT = {
@@ -64,11 +73,11 @@ export const EXAMPLE_LIVE_EMPLOYEE_INPUT = {
         '@context': 'org.schema',
         [ClaimsPersonSchemaorg.identifier]: 'urn:uuid:11b2c3d4-e5f6-7890-1234-567890abcdef',
         [ClaimsPersonSchemaorg.email]: EXAMPLE_EMAIL_CONTROLLER_ORG,
-        [ClaimsPersonSchemaorg.hasOccupationalRoleValue]: 'RESPRSN',
+        [ClaimsPersonSchemaorg.hasOccupationalRoleValue]: EXAMPLE_ORGANIZATION_CONTROLLER_ROLE,
     },
 };
 export const EXAMPLE_EMPLOYEE_DEVICE_ACTIVATION_INPUT = {
-    activationCode: 'ACT-001',
+    activationCode: EXAMPLE_EMPLOYEE_ACTIVATION_CODE,
     idToken: 'employee-id-token-001',
     dcrPayload: {
         application_type: 'web',
@@ -80,5 +89,5 @@ export const EXAMPLE_EMPLOYEE_DEVICE_EXCHANGE_RESPONSE = {
 };
 export const EXAMPLE_EMPLOYEE_DEVICE_DCR_RESPONSE = {
     submit: { status: 202, body: {} },
-    poll: { status: 200, body: { body: { client_id: 'did:web:device-001' } }, attempts: 1 },
+    poll: { status: 200, body: { body: { client_id: EXAMPLE_DEVICE_CLIENT_ID } }, attempts: 1 },
 };

package/dist/examples/professional.js

@@ -3,6 +3,7 @@ import { HealthcareActorRoles, HealthcareBasicSections, HealthcareConsentPurpose
 import { ResourceTypesFhirR4 } from '../constants/fhir-resource-types.js';
 import { SmartGatewayScopesFhirR4 } from '../constants/smart.js';
 import { buildSmartCompositionReadScope } from '../utils/smart-scope.js';
+import { EXAMPLE_CLINICAL_SECTION_ALLERGIES, EXAMPLE_EMAIL_PROFESSIONAL, EXAMPLE_HEALTHCARE_JURISDICTION, EXAMPLE_PATIENT_DID, EXAMPLE_PROVIDER_ORGANIZATION_URL, EXAMPLE_SUBJECT_DID, } from './shared.js';
 /**
  * Examples for professional runtime access flows.
  *
@@ -17,14 +18,14 @@ import { buildSmartCompositionReadScope } from '../utils/smart-scope.js';
  * examples, where the main concern is identity/bootstrap rather than
  * professional clinical access permissions.
  */
-const EXAMPLE_SMART_SUBJECT_DID = 'did:web:api.acme.org:individual:123';
-const EXAMPLE_PHYSICIAN_EMAIL = 'doctor.oncall@example.org';
-const EXAMPLE_PROVIDER_ORG_URL = 'https://hospital.acme.org';
-const EXAMPLE_JURISDICTION = 'ES';
+const EXAMPLE_SMART_SUBJECT_DID = EXAMPLE_SUBJECT_DID;
+const EXAMPLE_PHYSICIAN_EMAIL = EXAMPLE_EMAIL_PROFESSIONAL;
+const EXAMPLE_PROVIDER_ORG_URL = EXAMPLE_PROVIDER_ORGANIZATION_URL;
+const EXAMPLE_JURISDICTION = EXAMPLE_HEALTHCARE_JURISDICTION;
 const EXAMPLE_CANONICAL_SMART_READ_SCOPES = [
     buildSmartCompositionReadScope({
         subjectDid: EXAMPLE_SMART_SUBJECT_DID,
-        sections: 'LOINC|48765-2',
+        sections: EXAMPLE_CLINICAL_SECTION_ALLERGIES,
     }),
 ];
 const EXAMPLE_CANONICAL_SMART_SCOPES = [
@@ -77,11 +78,11 @@ export const EXAMPLE_TOKEN_EXCHANGE_RESPONSE = {
     },
 };
 export const EXAMPLE_SEND_COMMUNICATION_INPUT = {
-    subject: 'did:web:patient.example',
+    subject: EXAMPLE_PATIENT_DID,
     text: 'Message body',
 };
 export const EXAMPLE_SEARCH_CLINICAL_BUNDLE_INPUT = {
-    subject: 'did:web:patient.example',
+    subject: EXAMPLE_PATIENT_DID,
     includedTypes: ['Communication', 'DocumentReference'],
 };
 /**

package/dist/examples/relationship-access.js

@@ -1,6 +1,6 @@
 // Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
 import { HealthcareConsentPurposes } from '../constants/healthcare.js';
-import { EXAMPLE_JURISDICTION, EXAMPLE_SECTOR } from './shared.js';
+import { EXAMPLE_HEALTHCARE_ACTOR_ROLE_PHYSICIAN, EXAMPLE_JURISDICTION, EXAMPLE_SECTOR, } from './shared.js';
 import { EXAMPLE_EMAIL_PROFESSIONAL, EXAMPLE_EMAIL_RELATED_PERSON, EXAMPLE_INDIVIDUAL_DID_WEB, } from './consent-access.js';
 export const EXAMPLE_RELATIONSHIP_CHANNEL_INVITATION_INPUT = {
     tenantId: 'acme-id',
@@ -38,7 +38,7 @@ export const EXAMPLE_RELATIONSHIP_PROFESSIONAL_INVITATION_INPUT = {
     subjectKind: 'person',
     actorKind: 'professional',
     actorIdentifier: EXAMPLE_EMAIL_PROFESSIONAL,
-    actorRole: 'ISCO-08|2211',
+    actorRole: EXAMPLE_HEALTHCARE_ACTOR_ROLE_PHYSICIAN,
     deliveryChannel: 'email',
     deliveryTarget: EXAMPLE_EMAIL_PROFESSIONAL,
     purpose: HealthcareConsentPurposes.Treatment,

package/dist/examples/shared.d.ts

@@ -1,5 +1,12 @@
 /**
  * Shared low-level example fragments reused by multiple flow-specific example modules.
+ *
+ * Non-negotiable rule:
+ *
+ * - example DIDs, emails, actor identifiers, sections, codes, and date windows
+ *   must be imported from this module
+ * - example files must not re-hardcode those fixture values inline
+ * - all values below are synthetic documentation/test fixtures, never real data
  */
 export declare const EXAMPLE_TENANT_IDENTIFIER: "acme-id";
 export declare const EXAMPLE_JURISDICTION: "ES";
@@ -18,6 +25,53 @@ export declare const EXAMPLE_HOST_ROUTE_CONTEXT: {
 export declare const EXAMPLE_CONTROLLER_DID: "did:web:people.acme.org:controllers:primary";
 export declare const EXAMPLE_CONTROLLER_EMAIL: "controller@acme.org";
 export declare const EXAMPLE_CONTROLLER_SAME_AS: "mailto:controller@acme.org";
+export declare const EXAMPLE_API_ORGANIZATION_DID: "did:web:api.acme.org";
+export declare const EXAMPLE_SERVICE_PUBLIC_DID: "did:web:public.acme.org";
+export declare const EXAMPLE_SUBJECT_DID: "did:web:api.acme.org:individual:123";
+export declare const EXAMPLE_PROFESSIONAL_DID: "did:web:api.acme.org:professional:1";
+export declare const EXAMPLE_PROVIDER_ORGANIZATION_DID: "did:web:hospital.acme.org";
+export declare const EXAMPLE_PROVIDER_ORGANIZATION_URL: "https://hospital.acme.org";
+export declare const EXAMPLE_PATIENT_DID: "did:web:patient.example";
+export declare const EXAMPLE_PROFILE_PROVIDER_DID: "did:web:provider.example.org";
+export declare const EXAMPLE_PROFILE_ORGANIZATION_DID: "did:web:org.example";
+export declare const EXAMPLE_PROFILE_ID: "profile-1";
+export declare const EXAMPLE_PROFILE_EMAIL: "user@example.com";
+export declare const EXAMPLE_PRACTITIONER_DID: "did:web:practitioner.example";
+export declare const EXAMPLE_GENERIC_SUBJECT_DID: "did:web:subject.example";
+export declare const EXAMPLE_EMAIL_PROFESSIONAL: "doctor.oncall@example.org";
+export declare const EXAMPLE_EMAIL_RELATED_PERSON: "parent.guardian@example.org";
+export declare const EXAMPLE_HEALTHCARE_JURISDICTION: "ES";
+export declare const EXAMPLE_ORGANIZATION_CONTROLLER_ROLE: "RESPRSN";
+export declare const EXAMPLE_HEALTHCARE_ACTOR_ROLE_PHYSICIAN: "ISCO-08|2211";
+export declare const EXAMPLE_HEALTHCARE_ACTOR_ROLE_RECEPTIONIST: "ISCO-08|4226";
+export declare const EXAMPLE_HEALTHCARE_ROLE_PHYSICIAN_TEXT: "physician";
+export declare const EXAMPLE_RELATED_PERSON_ROLE: "v3-RoleCode|RESPRSN";
+export declare const EXAMPLE_CLINICAL_SECTION_RESULTS: "LOINC|30954-2";
+export declare const EXAMPLE_CLINICAL_SECTION_PATIENT_SUMMARY: "LOINC|60591-5";
+export declare const EXAMPLE_CLINICAL_SECTION_HISTORY_MEDICATION: "LOINC|10160-0";
+export declare const EXAMPLE_CLINICAL_SECTION_ALLERGIES: string;
+export declare const EXAMPLE_CLINICAL_CODE_PROBLEM: "LOINC|11450-4";
+export declare const EXAMPLE_CONSENT_DATE: "2026-05-20";
+export declare const EXAMPLE_CONSENT_PERIOD_END: "2026-05-01T00:00:00Z";
+export declare const EXAMPLE_CONSENT_PURPOSE_TREATMENT: "TREAT";
+export declare const EXAMPLE_EMPLOYEE_ACTIVATION_CODE: "ACT-001";
+export declare const EXAMPLE_DEVICE_CLIENT_ID: "did:web:device-001";
+export type ExampleDateRange = Readonly<{
+    start: string;
+    end: string;
+}>;
+export declare const EXAMPLE_CLINICAL_DATE_RANGE: ExampleDateRange;
+export type ExampleClinicalBundleSearchInput = Readonly<{
+    subject: string;
+    section: readonly string[];
+    includedTypes: readonly string[];
+    date: ExampleDateRange;
+    code: string;
+    author: string;
+}>;
+export type ExampleLatestIpsSearchInput = Readonly<{
+    subject: string;
+}>;
 export declare const EXAMPLE_CONTROLLER_SIGN_KEY: {
     readonly kid: "controller-es384-001";
     readonly kty: "EC";
@@ -72,7 +126,7 @@ export declare const EXAMPLE_CONTROLLER_BINDING: {
     };
 };
 export declare function buildExampleCommunicationIngestionPayload({ subjectDid, sent, ipsBundleBase64, }?: {
-    subjectDid?: string | undefined;
+    subjectDid?: "did:web:api.acme.org:individual:123" | undefined;
     sent?: string | undefined;
     ipsBundleBase64?: string | undefined;
 }): {
@@ -104,18 +158,18 @@ export declare function buildExampleCommunicationIngestionPayload({ subjectDid,
                 meta: {
                     claims: {
                         '@context': string;
-                        'Communication.category': string;
-                        'Communication.subject': string;
-                        'Communication.sent': string;
-                        'Communication.content-attachment-type': string;
-                        'Communication.note': string;
+                        "Communication.category": string;
+                        "Communication.subject": "did:web:api.acme.org:individual:123";
+                        "Communication.sent": string;
+                        "Communication.content-attachment-type": string;
+                        "Communication.text": string;
                     };
                 };
             };
         }[];
     };
 };
-export declare function buildExampleDocumentReferenceSearchPayload(subjectDid?: string): {
+export declare function buildExampleDocumentReferenceSearchPayload(subjectDid?: "did:web:api.acme.org:individual:123"): {
     thid: string;
     body: {
         resourceType: string;