humanos 1.0.5 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/dist/index.d.mts +292 -178
  2. package/dist/index.d.ts +292 -178
  3. package/dist/index.js +23 -18
  4. package/dist/index.mjs +22 -18
  5. package/generated/.openapi-generator/FILES +4 -1
  6. package/generated/api/actions-api.ts +1 -1
  7. package/generated/api/activity-api.ts +1 -1
  8. package/generated/api/approval-api.ts +1 -3
  9. package/generated/api/credentials-api.ts +5 -5
  10. package/generated/api/didapi.ts +1 -1
  11. package/generated/api/requests-api.ts +5 -5
  12. package/generated/api/user-api.ts +1 -1
  13. package/generated/api/webhooks-api.ts +5 -5
  14. package/generated/api.ts +1 -1
  15. package/generated/base.ts +1 -1
  16. package/generated/common.ts +1 -1
  17. package/generated/configuration.ts +1 -1
  18. package/generated/index.ts +1 -1
  19. package/generated/models/action-dto.ts +1 -1
  20. package/generated/models/action-entity.ts +1 -1
  21. package/generated/models/action-list-entity.ts +1 -1
  22. package/generated/models/action-query.ts +1 -1
  23. package/generated/models/action-version-detail-entity.ts +1 -1
  24. package/generated/models/action-version-list-entity.ts +1 -1
  25. package/generated/models/action-version-summary-entity.ts +1 -1
  26. package/generated/models/activities-entity.ts +1 -1
  27. package/generated/models/activity-entity.ts +1 -1
  28. package/generated/models/activity-query.ts +1 -1
  29. package/generated/models/consent.ts +1 -1
  30. package/generated/models/contact-entity.ts +1 -1
  31. package/generated/models/create-presentation-dto.ts +1 -1
  32. package/generated/models/create-subject-dto.ts +1 -1
  33. package/generated/models/create-subject-entity.ts +1 -1
  34. package/generated/models/credential-dto-data.ts +1 -1
  35. package/generated/models/credential-dto.ts +1 -1
  36. package/generated/models/credential-entity.ts +1 -1
  37. package/generated/models/credential-event-decision.ts +1 -1
  38. package/generated/models/credential-event-user.ts +1 -1
  39. package/generated/models/credential-event.ts +1 -1
  40. package/generated/models/credential-placement-dto.ts +1 -1
  41. package/generated/models/credential-status.ts +1 -1
  42. package/generated/models/credentials-detail404-response.ts +1 -1
  43. package/generated/models/credentials-evidence404-response.ts +1 -1
  44. package/generated/models/credentials-issue-vp400-response.ts +1 -1
  45. package/generated/models/credentials-issue-vp403-response.ts +1 -1
  46. package/generated/models/credentials-issue-vp404-response.ts +1 -1
  47. package/generated/models/credentials-revoke400-response.ts +1 -1
  48. package/generated/models/credentials-revoke409-response.ts +1 -1
  49. package/generated/models/delivery-action-type.ts +1 -1
  50. package/generated/models/did-document-entity.ts +1 -1
  51. package/generated/models/evidence.ts +1 -1
  52. package/generated/models/generate-credential-entity.ts +1 -1
  53. package/generated/models/generate-request-dto.ts +16 -28
  54. package/generated/models/generate-request-entity.ts +1 -1
  55. package/generated/models/{otp-failed-event-otp-error.ts → generate-request-iframe-dto.ts} +6 -12
  56. package/generated/models/generate-request-user-dto.ts +64 -0
  57. package/generated/models/generate-subject-entity.ts +3 -3
  58. package/generated/models/group-entity.ts +1 -1
  59. package/generated/models/groups-entity.ts +1 -1
  60. package/generated/models/identity-dto.ts +1 -1
  61. package/generated/models/identity-event-decision.ts +1 -19
  62. package/generated/models/identity-event-user.ts +1 -1
  63. package/generated/models/identity-event.ts +4 -4
  64. package/generated/models/{w3-cverifiable-credential-valid-from.ts → identity-webhook-issue-date.ts} +3 -3
  65. package/generated/models/identity-webhook.ts +117 -0
  66. package/generated/models/index.ts +4 -1
  67. package/generated/models/organization-data-entity.ts +1 -1
  68. package/generated/models/otp-error.ts +1 -1
  69. package/generated/models/otp-failed-event-otp.ts +1 -1
  70. package/generated/models/otp-failed-event.ts +1 -1
  71. package/generated/models/partial-subject-entity.ts +1 -1
  72. package/generated/models/presentation-response-entity.ts +8 -2
  73. package/generated/models/receipt-entity.ts +1 -1
  74. package/generated/models/request-credential-entity.ts +1 -1
  75. package/generated/models/request-detail-entity.ts +1 -1
  76. package/generated/models/request-detail-subject-entity.ts +7 -1
  77. package/generated/models/request-entity.ts +1 -1
  78. package/generated/models/request-query.ts +1 -1
  79. package/generated/models/request-subject-entity.ts +7 -1
  80. package/generated/models/requests-create400-response.ts +1 -1
  81. package/generated/models/requests-detail404-response.ts +1 -1
  82. package/generated/models/requests-entity.ts +1 -1
  83. package/generated/models/requests-resend-otp403-response.ts +1 -1
  84. package/generated/models/resource-entity.ts +1 -2
  85. package/generated/models/resource-minimal-entity.ts +1 -2
  86. package/generated/models/resource-query.ts +1 -2
  87. package/generated/models/resources-entity.ts +1 -1
  88. package/generated/models/revoke-credential-dto.ts +1 -1
  89. package/generated/models/revoke-credential-entity.ts +1 -1
  90. package/generated/models/subject-issuer-entity.ts +1 -1
  91. package/generated/models/subject-query.ts +1 -1
  92. package/generated/models/success-entity.ts +1 -1
  93. package/generated/models/test-event.ts +1 -1
  94. package/generated/models/user-create400-response.ts +1 -1
  95. package/generated/models/user-detail400-response.ts +1 -1
  96. package/generated/models/user-detail404-response.ts +1 -1
  97. package/generated/models/verification-method-entity.ts +1 -1
  98. package/generated/models/verify-allow-response-entity.ts +1 -1
  99. package/generated/models/verify-deny-response-entity.ts +1 -1
  100. package/generated/models/verify-evaluation-entity.ts +1 -1
  101. package/generated/models/verify-presentation-dto.ts +8 -2
  102. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-action.ts +1 -1
  103. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-context.ts +1 -1
  104. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-grantor.ts +1 -1
  105. package/generated/models/w3-cverifiable-credential-credential-subject-mandate.ts +1 -1
  106. package/generated/models/w3-cverifiable-credential-credential-subject.ts +1 -1
  107. package/generated/models/w3-cverifiable-credential-proofs-inner.ts +1 -1
  108. package/generated/models/w3-cverifiable-credential.ts +1 -1
  109. package/generated/models/webhook-call-event.ts +2 -2
  110. package/package.json +1 -1
  111. package/generated/models/action-ref-dto.ts +0 -36
  112. package/generated/models/constraints-dto.ts +0 -36
  113. package/generated/models/create-presentation400-response.ts +0 -42
  114. package/generated/models/create-presentation403-response.ts +0 -42
  115. package/generated/models/create-presentation404-response.ts +0 -42
  116. package/generated/models/create400-response.ts +0 -42
  117. package/generated/models/credential-dto-data-inner.ts +0 -26
  118. package/generated/models/generate400-response.ts +0 -42
  119. package/generated/models/get-credential404-response.ts +0 -42
  120. package/generated/models/get-evidence404-response.ts +0 -42
  121. package/generated/models/get-request-detail404-response.ts +0 -42
  122. package/generated/models/get-subject400-response.ts +0 -42
  123. package/generated/models/get-subject404-response.ts +0 -42
  124. package/generated/models/identity-payload.ts +0 -84
  125. package/generated/models/json-value.ts +0 -27
  126. package/generated/models/presentation-receipt-entity.ts +0 -42
  127. package/generated/models/resend-otp403-response.ts +0 -42
  128. package/generated/models/revoke-credential400-response.ts +0 -42
  129. package/generated/models/revoke-credential409-response.ts +0 -42
  130. package/generated/models/revoke-receipt-entity.ts +0 -42
  131. package/generated/models/schema-entity.ts +0 -57
  132. package/generated/models/schema-list-entity.ts +0 -39
  133. package/generated/models/schema-query.ts +0 -48
  134. package/generated/models/schema-response-entity.ts +0 -45
  135. package/generated/models/schema-version-detail-entity.ts +0 -72
  136. package/generated/models/schema-version-list-entity.ts +0 -39
  137. package/generated/models/schema-version-response-entity.ts +0 -54
  138. package/generated/models/schema-version-summary-entity.ts +0 -48
  139. package/generated/models/subject-contact-entity.ts +0 -42
  140. package/generated/models/verify-receipt-entity.ts +0 -42
  141. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-constraint-constraint-schema.ts +0 -44
  142. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-constraint.ts +0 -41
  143. package/generated/models/w3-cverifiable-credential-evidences-inner.ts +0 -42
  144. package/generated/models/w3-cverifiable-credential-valid-until.ts +0 -24
  145. package/generated/models/webhook-event-type-credential.ts +0 -30
  146. package/generated/models/webhook-event-type-identity.ts +0 -30
  147. package/generated/models/webhook-event-type-otpfailed.ts +0 -30
  148. package/generated/models/webhook-event-type-test.ts +0 -30
  149. package/generated/models/webhook-event-type.ts +0 -33
package/dist/index.js CHANGED
@@ -62,6 +62,7 @@ __export(index_exports, {
62
62
  DIDApiFp: () => DIDApiFp,
63
63
  DeliveryActionType: () => DeliveryActionType,
64
64
  GenerateRequestDtoSecurityLevelEnum: () => GenerateRequestDtoSecurityLevelEnum,
65
+ GenerateRequestUserDtoLanguageEnum: () => GenerateRequestUserDtoLanguageEnum,
65
66
  HumanosClient: () => HumanosClient,
66
67
  IdentityEventEventTypeEnum: () => IdentityEventEventTypeEnum,
67
68
  ListSecurityLevelEnum: () => ListSecurityLevelEnum,
@@ -773,7 +774,6 @@ var ListTypesEnum = {
773
774
  Form: "FORM",
774
775
  Document: "DOCUMENT",
775
776
  Json: "JSON",
776
- Payment: "PAYMENT",
777
777
  Policy: "POLICY"
778
778
  };
779
779
  var WorkflowsTypesEnum = {
@@ -781,7 +781,6 @@ var WorkflowsTypesEnum = {
781
781
  Form: "FORM",
782
782
  Document: "DOCUMENT",
783
783
  Json: "JSON",
784
- Payment: "PAYMENT",
785
784
  Policy: "POLICY"
786
785
  };
787
786
 
@@ -917,7 +916,7 @@ var CredentialsApiAxiosParamCreator = function(configuration) {
917
916
  };
918
917
  },
919
918
  /**
920
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
919
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
921
920
  * @summary Verify VP
922
921
  * @param {VerifyPresentationDto} verifyPresentationDto
923
922
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -1012,7 +1011,7 @@ var CredentialsApiFp = function(configuration) {
1012
1011
  return (axios2, basePath) => createRequestFunction(localVarAxiosArgs, import_axios5.default, BASE_PATH, configuration)(axios2, localVarOperationServerBasePath || basePath);
1013
1012
  },
1014
1013
  /**
1015
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
1014
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
1016
1015
  * @summary Verify VP
1017
1016
  * @param {VerifyPresentationDto} verifyPresentationDto
1018
1017
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -1077,7 +1076,7 @@ var CredentialsApiFactory = function(configuration, basePath, axios2) {
1077
1076
  return localVarFp.revoke(credentialId, aPIVersion, revokeCredentialDto, options).then((request) => request(axios2, basePath));
1078
1077
  },
1079
1078
  /**
1080
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
1079
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
1081
1080
  * @summary Verify VP
1082
1081
  * @param {VerifyPresentationDto} verifyPresentationDto
1083
1082
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -1141,7 +1140,7 @@ var CredentialsApi = class extends BaseAPI {
1141
1140
  return CredentialsApiFp(this.configuration).revoke(credentialId, aPIVersion, revokeCredentialDto, options).then((request) => request(this.axios, this.basePath));
1142
1141
  }
1143
1142
  /**
1144
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
1143
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
1145
1144
  * @summary Verify VP
1146
1145
  * @param {VerifyPresentationDto} verifyPresentationDto
1147
1146
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -1401,7 +1400,7 @@ var RequestsApiAxiosParamCreator = function(configuration) {
1401
1400
  };
1402
1401
  },
1403
1402
  /**
1404
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1403
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1405
1404
  * @summary Resend OTP
1406
1405
  * @param {string} requestId Unique identifier of the request.
1407
1406
  * @param {string} [contact] Verified contact value (email or phone)
@@ -1516,7 +1515,7 @@ var RequestsApiFp = function(configuration) {
1516
1515
  return (axios2, basePath) => createRequestFunction(localVarAxiosArgs, import_axios7.default, BASE_PATH, configuration)(axios2, localVarOperationServerBasePath || basePath);
1517
1516
  },
1518
1517
  /**
1519
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1518
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1520
1519
  * @summary Resend OTP
1521
1520
  * @param {string} requestId Unique identifier of the request.
1522
1521
  * @param {string} [contact] Verified contact value (email or phone)
@@ -1591,7 +1590,7 @@ var RequestsApiFactory = function(configuration, basePath, axios2) {
1591
1590
  return localVarFp.list(pageIndex, pageSize, search, dateFrom, dateTo, subject, internalId, securityLevel, aPIVersion, options).then((request) => request(axios2, basePath));
1592
1591
  },
1593
1592
  /**
1594
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1593
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1595
1594
  * @summary Resend OTP
1596
1595
  * @param {string} requestId Unique identifier of the request.
1597
1596
  * @param {string} [contact] Verified contact value (email or phone)
@@ -1665,7 +1664,7 @@ var RequestsApi = class extends BaseAPI {
1665
1664
  return RequestsApiFp(this.configuration).list(pageIndex, pageSize, search, dateFrom, dateTo, subject, internalId, securityLevel, aPIVersion, options).then((request) => request(this.axios, this.basePath));
1666
1665
  }
1667
1666
  /**
1668
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1667
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1669
1668
  * @summary Resend OTP
1670
1669
  * @param {string} requestId Unique identifier of the request.
1671
1670
  * @param {string} [contact] Verified contact value (email or phone)
@@ -1935,7 +1934,7 @@ var WebhooksApiAxiosParamCreator = function(configuration) {
1935
1934
  };
1936
1935
  },
1937
1936
  /**
1938
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
1937
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
1939
1938
  * @summary OTP Failed Event
1940
1939
  * @param {OtpFailedEvent} otpFailedEvent
1941
1940
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -2032,7 +2031,7 @@ var WebhooksApiFp = function(configuration) {
2032
2031
  return (axios2, basePath) => createRequestFunction(localVarAxiosArgs, import_axios9.default, BASE_PATH, configuration)(axios2, localVarOperationServerBasePath || basePath);
2033
2032
  },
2034
2033
  /**
2035
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
2034
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
2036
2035
  * @summary OTP Failed Event
2037
2036
  * @param {OtpFailedEvent} otpFailedEvent
2038
2037
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -2087,7 +2086,7 @@ var WebhooksApiFactory = function(configuration, basePath, axios2) {
2087
2086
  return localVarFp.identity(identityEvent, aPIVersion, options).then((request) => request(axios2, basePath));
2088
2087
  },
2089
2088
  /**
2090
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
2089
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
2091
2090
  * @summary OTP Failed Event
2092
2091
  * @param {OtpFailedEvent} otpFailedEvent
2093
2092
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -2136,7 +2135,7 @@ var WebhooksApi = class extends BaseAPI {
2136
2135
  return WebhooksApiFp(this.configuration).identity(identityEvent, aPIVersion, options).then((request) => request(this.axios, this.basePath));
2137
2136
  }
2138
2137
  /**
2139
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
2138
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
2140
2139
  * @summary OTP Failed Event
2141
2140
  * @param {OtpFailedEvent} otpFailedEvent
2142
2141
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -2291,6 +2290,14 @@ var GenerateRequestDtoSecurityLevelEnum = {
2291
2290
  HumanosRevalidation: "HUMANOS_REVALIDATION"
2292
2291
  };
2293
2292
 
2293
+ // generated/models/generate-request-user-dto.ts
2294
+ var GenerateRequestUserDtoLanguageEnum = {
2295
+ Eng: "ENG",
2296
+ Prt: "PRT",
2297
+ Spa: "SPA",
2298
+ Fra: "FRA"
2299
+ };
2300
+
2294
2301
  // generated/models/identity-event.ts
2295
2302
  var IdentityEventEventTypeEnum = {
2296
2303
  Identity: "identity"
@@ -2355,7 +2362,6 @@ var ResourceEntityTypeEnum = {
2355
2362
  Form: "FORM",
2356
2363
  Document: "DOCUMENT",
2357
2364
  Json: "JSON",
2358
- Payment: "PAYMENT",
2359
2365
  Policy: "POLICY"
2360
2366
  };
2361
2367
 
@@ -2365,7 +2371,6 @@ var ResourceMinimalEntityTypeEnum = {
2365
2371
  Form: "FORM",
2366
2372
  Document: "DOCUMENT",
2367
2373
  Json: "JSON",
2368
- Payment: "PAYMENT",
2369
2374
  Policy: "POLICY"
2370
2375
  };
2371
2376
 
@@ -2375,7 +2380,6 @@ var ResourceQueryTypesEnum = {
2375
2380
  Form: "FORM",
2376
2381
  Document: "DOCUMENT",
2377
2382
  Json: "JSON",
2378
- Payment: "PAYMENT",
2379
2383
  Policy: "POLICY"
2380
2384
  };
2381
2385
 
@@ -2452,7 +2456,7 @@ function applySignatureInterceptor(axiosInstance, signatureSecret) {
2452
2456
  }
2453
2457
 
2454
2458
  // src/client.ts
2455
- var API_VERSION = "2026-05-20";
2459
+ var API_VERSION = "2026-06-22";
2456
2460
  var SDK_LANGUAGE = "typescript";
2457
2461
  var HumanosClient = class {
2458
2462
  constructor(clientConfig) {
@@ -2602,6 +2606,7 @@ function createWebhookHandler(config, handler) {
2602
2606
  DIDApiFp,
2603
2607
  DeliveryActionType,
2604
2608
  GenerateRequestDtoSecurityLevelEnum,
2609
+ GenerateRequestUserDtoLanguageEnum,
2605
2610
  HumanosClient,
2606
2611
  IdentityEventEventTypeEnum,
2607
2612
  ListSecurityLevelEnum,
package/dist/index.mjs CHANGED
@@ -663,7 +663,6 @@ var ListTypesEnum = {
663
663
  Form: "FORM",
664
664
  Document: "DOCUMENT",
665
665
  Json: "JSON",
666
- Payment: "PAYMENT",
667
666
  Policy: "POLICY"
668
667
  };
669
668
  var WorkflowsTypesEnum = {
@@ -671,7 +670,6 @@ var WorkflowsTypesEnum = {
671
670
  Form: "FORM",
672
671
  Document: "DOCUMENT",
673
672
  Json: "JSON",
674
- Payment: "PAYMENT",
675
673
  Policy: "POLICY"
676
674
  };
677
675
 
@@ -807,7 +805,7 @@ var CredentialsApiAxiosParamCreator = function(configuration) {
807
805
  };
808
806
  },
809
807
  /**
810
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
808
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
811
809
  * @summary Verify VP
812
810
  * @param {VerifyPresentationDto} verifyPresentationDto
813
811
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -902,7 +900,7 @@ var CredentialsApiFp = function(configuration) {
902
900
  return (axios2, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios5, BASE_PATH, configuration)(axios2, localVarOperationServerBasePath || basePath);
903
901
  },
904
902
  /**
905
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
903
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
906
904
  * @summary Verify VP
907
905
  * @param {VerifyPresentationDto} verifyPresentationDto
908
906
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -967,7 +965,7 @@ var CredentialsApiFactory = function(configuration, basePath, axios2) {
967
965
  return localVarFp.revoke(credentialId, aPIVersion, revokeCredentialDto, options).then((request) => request(axios2, basePath));
968
966
  },
969
967
  /**
970
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
968
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
971
969
  * @summary Verify VP
972
970
  * @param {VerifyPresentationDto} verifyPresentationDto
973
971
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -1031,7 +1029,7 @@ var CredentialsApi = class extends BaseAPI {
1031
1029
  return CredentialsApiFp(this.configuration).revoke(credentialId, aPIVersion, revokeCredentialDto, options).then((request) => request(this.axios, this.basePath));
1032
1030
  }
1033
1031
  /**
1034
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
1032
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
1035
1033
  * @summary Verify VP
1036
1034
  * @param {VerifyPresentationDto} verifyPresentationDto
1037
1035
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -1291,7 +1289,7 @@ var RequestsApiAxiosParamCreator = function(configuration) {
1291
1289
  };
1292
1290
  },
1293
1291
  /**
1294
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1292
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1295
1293
  * @summary Resend OTP
1296
1294
  * @param {string} requestId Unique identifier of the request.
1297
1295
  * @param {string} [contact] Verified contact value (email or phone)
@@ -1406,7 +1404,7 @@ var RequestsApiFp = function(configuration) {
1406
1404
  return (axios2, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios7, BASE_PATH, configuration)(axios2, localVarOperationServerBasePath || basePath);
1407
1405
  },
1408
1406
  /**
1409
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1407
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1410
1408
  * @summary Resend OTP
1411
1409
  * @param {string} requestId Unique identifier of the request.
1412
1410
  * @param {string} [contact] Verified contact value (email or phone)
@@ -1481,7 +1479,7 @@ var RequestsApiFactory = function(configuration, basePath, axios2) {
1481
1479
  return localVarFp.list(pageIndex, pageSize, search, dateFrom, dateTo, subject, internalId, securityLevel, aPIVersion, options).then((request) => request(axios2, basePath));
1482
1480
  },
1483
1481
  /**
1484
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1482
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1485
1483
  * @summary Resend OTP
1486
1484
  * @param {string} requestId Unique identifier of the request.
1487
1485
  * @param {string} [contact] Verified contact value (email or phone)
@@ -1555,7 +1553,7 @@ var RequestsApi = class extends BaseAPI {
1555
1553
  return RequestsApiFp(this.configuration).list(pageIndex, pageSize, search, dateFrom, dateTo, subject, internalId, securityLevel, aPIVersion, options).then((request) => request(this.axios, this.basePath));
1556
1554
  }
1557
1555
  /**
1558
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1556
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
1559
1557
  * @summary Resend OTP
1560
1558
  * @param {string} requestId Unique identifier of the request.
1561
1559
  * @param {string} [contact] Verified contact value (email or phone)
@@ -1825,7 +1823,7 @@ var WebhooksApiAxiosParamCreator = function(configuration) {
1825
1823
  };
1826
1824
  },
1827
1825
  /**
1828
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
1826
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
1829
1827
  * @summary OTP Failed Event
1830
1828
  * @param {OtpFailedEvent} otpFailedEvent
1831
1829
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -1922,7 +1920,7 @@ var WebhooksApiFp = function(configuration) {
1922
1920
  return (axios2, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios9, BASE_PATH, configuration)(axios2, localVarOperationServerBasePath || basePath);
1923
1921
  },
1924
1922
  /**
1925
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
1923
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
1926
1924
  * @summary OTP Failed Event
1927
1925
  * @param {OtpFailedEvent} otpFailedEvent
1928
1926
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -1977,7 +1975,7 @@ var WebhooksApiFactory = function(configuration, basePath, axios2) {
1977
1975
  return localVarFp.identity(identityEvent, aPIVersion, options).then((request) => request(axios2, basePath));
1978
1976
  },
1979
1977
  /**
1980
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
1978
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
1981
1979
  * @summary OTP Failed Event
1982
1980
  * @param {OtpFailedEvent} otpFailedEvent
1983
1981
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -2026,7 +2024,7 @@ var WebhooksApi = class extends BaseAPI {
2026
2024
  return WebhooksApiFp(this.configuration).identity(identityEvent, aPIVersion, options).then((request) => request(this.axios, this.basePath));
2027
2025
  }
2028
2026
  /**
2029
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
2027
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
2030
2028
  * @summary OTP Failed Event
2031
2029
  * @param {OtpFailedEvent} otpFailedEvent
2032
2030
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -2181,6 +2179,14 @@ var GenerateRequestDtoSecurityLevelEnum = {
2181
2179
  HumanosRevalidation: "HUMANOS_REVALIDATION"
2182
2180
  };
2183
2181
 
2182
+ // generated/models/generate-request-user-dto.ts
2183
+ var GenerateRequestUserDtoLanguageEnum = {
2184
+ Eng: "ENG",
2185
+ Prt: "PRT",
2186
+ Spa: "SPA",
2187
+ Fra: "FRA"
2188
+ };
2189
+
2184
2190
  // generated/models/identity-event.ts
2185
2191
  var IdentityEventEventTypeEnum = {
2186
2192
  Identity: "identity"
@@ -2245,7 +2251,6 @@ var ResourceEntityTypeEnum = {
2245
2251
  Form: "FORM",
2246
2252
  Document: "DOCUMENT",
2247
2253
  Json: "JSON",
2248
- Payment: "PAYMENT",
2249
2254
  Policy: "POLICY"
2250
2255
  };
2251
2256
 
@@ -2255,7 +2260,6 @@ var ResourceMinimalEntityTypeEnum = {
2255
2260
  Form: "FORM",
2256
2261
  Document: "DOCUMENT",
2257
2262
  Json: "JSON",
2258
- Payment: "PAYMENT",
2259
2263
  Policy: "POLICY"
2260
2264
  };
2261
2265
 
@@ -2265,7 +2269,6 @@ var ResourceQueryTypesEnum = {
2265
2269
  Form: "FORM",
2266
2270
  Document: "DOCUMENT",
2267
2271
  Json: "JSON",
2268
- Payment: "PAYMENT",
2269
2272
  Policy: "POLICY"
2270
2273
  };
2271
2274
 
@@ -2342,7 +2345,7 @@ function applySignatureInterceptor(axiosInstance, signatureSecret) {
2342
2345
  }
2343
2346
 
2344
2347
  // src/client.ts
2345
- var API_VERSION = "2026-05-20";
2348
+ var API_VERSION = "2026-06-22";
2346
2349
  var SDK_LANGUAGE = "typescript";
2347
2350
  var HumanosClient = class {
2348
2351
  constructor(clientConfig) {
@@ -2491,6 +2494,7 @@ export {
2491
2494
  DIDApiFp,
2492
2495
  DeliveryActionType,
2493
2496
  GenerateRequestDtoSecurityLevelEnum,
2497
+ GenerateRequestUserDtoLanguageEnum,
2494
2498
  HumanosClient,
2495
2499
  IdentityEventEventTypeEnum,
2496
2500
  ListSecurityLevelEnum,
@@ -51,6 +51,8 @@ models/evidence.ts
51
51
  models/generate-credential-entity.ts
52
52
  models/generate-request-dto.ts
53
53
  models/generate-request-entity.ts
54
+ models/generate-request-iframe-dto.ts
55
+ models/generate-request-user-dto.ts
54
56
  models/generate-subject-entity.ts
55
57
  models/group-entity.ts
56
58
  models/groups-entity.ts
@@ -58,7 +60,8 @@ models/identity-dto.ts
58
60
  models/identity-event-decision.ts
59
61
  models/identity-event-user.ts
60
62
  models/identity-event.ts
61
- models/identity-payload.ts
63
+ models/identity-webhook-issue-date.ts
64
+ models/identity-webhook.ts
62
65
  models/index.ts
63
66
  models/organization-data-entity.ts
64
67
  models/otp-error.ts
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *
@@ -304,7 +304,6 @@ export const ListTypesEnum = {
304
304
  Form: 'FORM',
305
305
  Document: 'DOCUMENT',
306
306
  Json: 'JSON',
307
- Payment: 'PAYMENT',
308
307
  Policy: 'POLICY'
309
308
  } as const;
310
309
  export type ListTypesEnum = typeof ListTypesEnum[keyof typeof ListTypesEnum];
@@ -316,7 +315,6 @@ export const WorkflowsTypesEnum = {
316
315
  Form: 'FORM',
317
316
  Document: 'DOCUMENT',
318
317
  Json: 'JSON',
319
- Payment: 'PAYMENT',
320
318
  Policy: 'POLICY'
321
319
  } as const;
322
320
  export type WorkflowsTypesEnum = typeof WorkflowsTypesEnum[keyof typeof WorkflowsTypesEnum];
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *
@@ -220,7 +220,7 @@ export const CredentialsApiAxiosParamCreator = function (configuration?: Configu
220
220
  };
221
221
  },
222
222
  /**
223
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
223
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
224
224
  * @summary Verify VP
225
225
  * @param {VerifyPresentationDto} verifyPresentationDto
226
226
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -328,7 +328,7 @@ export const CredentialsApiFp = function(configuration?: Configuration) {
328
328
  return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
329
329
  },
330
330
  /**
331
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
331
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
332
332
  * @summary Verify VP
333
333
  * @param {VerifyPresentationDto} verifyPresentationDto
334
334
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -398,7 +398,7 @@ export const CredentialsApiFactory = function (configuration?: Configuration, ba
398
398
  return localVarFp.revoke(credentialId, aPIVersion, revokeCredentialDto, options).then((request) => request(axios, basePath));
399
399
  },
400
400
  /**
401
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
401
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
402
402
  * @summary Verify VP
403
403
  * @param {VerifyPresentationDto} verifyPresentationDto
404
404
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -473,7 +473,7 @@ export class CredentialsApi extends BaseAPI {
473
473
  }
474
474
 
475
475
  /**
476
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
476
+ * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
477
477
  * @summary Verify VP
478
478
  * @param {VerifyPresentationDto} verifyPresentationDto
479
479
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *
@@ -242,7 +242,7 @@ export const RequestsApiAxiosParamCreator = function (configuration?: Configurat
242
242
  };
243
243
  },
244
244
  /**
245
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
245
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
246
246
  * @summary Resend OTP
247
247
  * @param {string} requestId Unique identifier of the request.
248
248
  * @param {string} [contact] Verified contact value (email or phone)
@@ -373,7 +373,7 @@ export const RequestsApiFp = function(configuration?: Configuration) {
373
373
  return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
374
374
  },
375
375
  /**
376
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
376
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
377
377
  * @summary Resend OTP
378
378
  * @param {string} requestId Unique identifier of the request.
379
379
  * @param {string} [contact] Verified contact value (email or phone)
@@ -453,7 +453,7 @@ export const RequestsApiFactory = function (configuration?: Configuration, baseP
453
453
  return localVarFp.list(pageIndex, pageSize, search, dateFrom, dateTo, subject, internalId, securityLevel, aPIVersion, options).then((request) => request(axios, basePath));
454
454
  },
455
455
  /**
456
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
456
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
457
457
  * @summary Resend OTP
458
458
  * @param {string} requestId Unique identifier of the request.
459
459
  * @param {string} [contact] Verified contact value (email or phone)
@@ -538,7 +538,7 @@ export class RequestsApi extends BaseAPI {
538
538
  }
539
539
 
540
540
  /**
541
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
541
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
542
542
  * @summary Resend OTP
543
543
  * @param {string} requestId Unique identifier of the request.
544
544
  * @param {string} [contact] Verified contact value (email or phone)
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *
@@ -116,7 +116,7 @@ export const WebhooksApiAxiosParamCreator = function (configuration?: Configurat
116
116
  };
117
117
  },
118
118
  /**
119
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
119
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
120
120
  * @summary OTP Failed Event
121
121
  * @param {OtpFailedEvent} otpFailedEvent
122
122
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -234,7 +234,7 @@ export const WebhooksApiFp = function(configuration?: Configuration) {
234
234
  return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
235
235
  },
236
236
  /**
237
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
237
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
238
238
  * @summary OTP Failed Event
239
239
  * @param {OtpFailedEvent} otpFailedEvent
240
240
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -294,7 +294,7 @@ export const WebhooksApiFactory = function (configuration?: Configuration, baseP
294
294
  return localVarFp.identity(identityEvent, aPIVersion, options).then((request) => request(axios, basePath));
295
295
  },
296
296
  /**
297
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
297
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
298
298
  * @summary OTP Failed Event
299
299
  * @param {OtpFailedEvent} otpFailedEvent
300
300
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -352,7 +352,7 @@ export class WebhooksApi extends BaseAPI {
352
352
  }
353
353
 
354
354
  /**
355
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
355
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
356
356
  * @summary OTP Failed Event
357
357
  * @param {OtpFailedEvent} otpFailedEvent
358
358
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
package/generated/api.ts CHANGED
@@ -2,7 +2,7 @@
2
2
  /* eslint-disable */
3
3
  /**
4
4
  * Humanos API
5
- * Humanos API
5
+ * Humanos App Backend API
6
6
  *
7
7
  * The version of the OpenAPI document: 1.0
8
8
  *