humanos 1.0.5 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. package/dist/index.d.mts +551 -323
  2. package/dist/index.d.ts +551 -323
  3. package/dist/index.js +33 -31
  4. package/dist/index.mjs +32 -31
  5. package/generated/.openapi-generator/FILES +13 -7
  6. package/generated/api/approval-api.ts +0 -2
  7. package/generated/api/credentials-api.ts +15 -15
  8. package/generated/api/requests-api.ts +8 -4
  9. package/generated/api/webhooks-api.ts +4 -4
  10. package/generated/models/create-presentation-dto.ts +1 -1
  11. package/generated/models/create-subject-entity.ts +3 -6
  12. package/generated/models/credential-entity.ts +2 -2
  13. package/generated/models/{w3-cverifiable-credential-proofs-inner.ts → credential-proof.ts} +20 -8
  14. package/generated/models/generate-request-dto.ts +15 -27
  15. package/generated/models/generate-request-iframe-cookie-dto.ts +36 -0
  16. package/generated/models/generate-request-iframe-dto.ts +39 -0
  17. package/generated/models/generate-request-user-dto.ts +64 -0
  18. package/generated/models/generate-subject-entity.ts +2 -2
  19. package/generated/models/identity-event-decision.ts +0 -18
  20. package/generated/models/identity-event.ts +3 -3
  21. package/generated/models/{w3-cverifiable-credential-valid-from.ts → identity-webhook-issue-date.ts} +2 -2
  22. package/generated/models/identity-webhook.ts +117 -0
  23. package/generated/models/index.ts +13 -7
  24. package/generated/models/{w3-cverifiable-credential-evidences-inner.ts → mandate-action.ts} +7 -5
  25. package/generated/models/{w3-cverifiable-credential-credential-subject-mandate-context.ts → mandate-context.ts} +3 -3
  26. package/generated/models/{w3-cverifiable-credential-valid-until.ts → mandate-grantor.ts} +2 -2
  27. package/generated/models/mandate.ts +65 -0
  28. package/generated/models/presentation-entity.ts +45 -0
  29. package/generated/models/request-detail-subject-entity.ts +6 -0
  30. package/generated/models/request-subject-entity.ts +6 -0
  31. package/generated/models/{generate400-response.ts → requests-create402-response.ts} +5 -5
  32. package/generated/models/{create400-response.ts → requests-create409-response.ts} +5 -5
  33. package/generated/models/resource-entity.ts +0 -1
  34. package/generated/models/resource-minimal-entity.ts +0 -1
  35. package/generated/models/resource-query.ts +0 -1
  36. package/generated/models/revoke-credential-entity.ts +0 -9
  37. package/generated/models/verify-presentation-dto.ts +8 -2
  38. package/generated/models/w3-cverifiable-credential-credential-subject.ts +3 -3
  39. package/generated/models/w3-cverifiable-credential.ts +5 -5
  40. package/generated/models/webhook-call-event.ts +1 -1
  41. package/package.json +1 -1
  42. package/generated/models/action-ref-dto.ts +0 -36
  43. package/generated/models/constraints-dto.ts +0 -36
  44. package/generated/models/create-presentation400-response.ts +0 -42
  45. package/generated/models/create-presentation403-response.ts +0 -42
  46. package/generated/models/create-presentation404-response.ts +0 -42
  47. package/generated/models/credential-dto-data-inner.ts +0 -26
  48. package/generated/models/get-credential404-response.ts +0 -42
  49. package/generated/models/get-evidence404-response.ts +0 -42
  50. package/generated/models/get-request-detail404-response.ts +0 -42
  51. package/generated/models/get-subject400-response.ts +0 -42
  52. package/generated/models/get-subject404-response.ts +0 -42
  53. package/generated/models/identity-payload.ts +0 -84
  54. package/generated/models/json-value.ts +0 -27
  55. package/generated/models/otp-failed-event-otp-error.ts +0 -36
  56. package/generated/models/presentation-receipt-entity.ts +0 -42
  57. package/generated/models/presentation-response-entity.ts +0 -39
  58. package/generated/models/resend-otp403-response.ts +0 -42
  59. package/generated/models/revoke-credential400-response.ts +0 -42
  60. package/generated/models/revoke-credential409-response.ts +0 -42
  61. package/generated/models/revoke-receipt-entity.ts +0 -42
  62. package/generated/models/schema-entity.ts +0 -57
  63. package/generated/models/schema-list-entity.ts +0 -39
  64. package/generated/models/schema-query.ts +0 -48
  65. package/generated/models/schema-response-entity.ts +0 -45
  66. package/generated/models/schema-version-detail-entity.ts +0 -72
  67. package/generated/models/schema-version-list-entity.ts +0 -39
  68. package/generated/models/schema-version-response-entity.ts +0 -54
  69. package/generated/models/schema-version-summary-entity.ts +0 -48
  70. package/generated/models/subject-contact-entity.ts +0 -42
  71. package/generated/models/verify-receipt-entity.ts +0 -42
  72. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-action.ts +0 -44
  73. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-constraint-constraint-schema.ts +0 -44
  74. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-constraint.ts +0 -41
  75. package/generated/models/w3-cverifiable-credential-credential-subject-mandate-grantor.ts +0 -24
  76. package/generated/models/w3-cverifiable-credential-credential-subject-mandate.ts +0 -65
  77. package/generated/models/webhook-event-type-credential.ts +0 -30
  78. package/generated/models/webhook-event-type-identity.ts +0 -30
  79. package/generated/models/webhook-event-type-otpfailed.ts +0 -30
  80. package/generated/models/webhook-event-type-test.ts +0 -30
  81. package/generated/models/webhook-event-type.ts +0 -33
@@ -40,7 +40,7 @@ import type { CredentialsRevoke400Response } from '../models';
40
40
  // @ts-ignore
41
41
  import type { CredentialsRevoke409Response } from '../models';
42
42
  // @ts-ignore
43
- import type { PresentationResponseEntity } from '../models';
43
+ import type { PresentationEntity } from '../models';
44
44
  // @ts-ignore
45
45
  import type { RevokeCredentialDto } from '../models';
46
46
  // @ts-ignore
@@ -136,7 +136,7 @@ export const CredentialsApiAxiosParamCreator = function (configuration?: Configu
136
136
  /**
137
137
  * Build and sign a W3C Verifiable Presentation for a stored credential. The API key must belong to the credential owner.
138
138
  * @summary Issue VP
139
- * @param {string} vcId DID of the credential to present.
139
+ * @param {string} vcId URN of the credential to present.
140
140
  * @param {CreatePresentationDto} createPresentationDto
141
141
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
142
142
  * @param {*} [options] Override http request option.
@@ -178,7 +178,7 @@ export const CredentialsApiAxiosParamCreator = function (configuration?: Configu
178
178
  };
179
179
  },
180
180
  /**
181
- * Permanently revoke an active credential. Flips status to REVOKED, records revokedAt and revocationReason, Issues a MANDATE_REVOKED receipt, and emits a MANDATE_REVOKED activity event. Subsequent /vp and /verify calls for this credential are denied with reason credential_revoked.
181
+ * Permanently revoke an active credential. Flips status to REVOKED, records revokedAt and revocationReason, Appends a REVOKE proof to the credential, and emits a MANDATE_REVOKED activity event. Subsequent /vp and /verify calls for this credential are denied with reason credential_revoked.
182
182
  * @summary Revoke Credential
183
183
  * @param {string} credentialId URN of the credential to revoke
184
184
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -220,7 +220,7 @@ export const CredentialsApiAxiosParamCreator = function (configuration?: Configu
220
220
  };
221
221
  },
222
222
  /**
223
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
223
+ * Evaluate a VP against runtime context. On allow, returns 201 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
224
224
  * @summary Verify VP
225
225
  * @param {VerifyPresentationDto} verifyPresentationDto
226
226
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
@@ -300,20 +300,20 @@ export const CredentialsApiFp = function(configuration?: Configuration) {
300
300
  /**
301
301
  * Build and sign a W3C Verifiable Presentation for a stored credential. The API key must belong to the credential owner.
302
302
  * @summary Issue VP
303
- * @param {string} vcId DID of the credential to present.
303
+ * @param {string} vcId URN of the credential to present.
304
304
  * @param {CreatePresentationDto} createPresentationDto
305
305
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\'s date.
306
306
  * @param {*} [options] Override http request option.
307
307
  * @throws {RequiredError}
308
308
  */
309
- async issueVP(vcId: string, createPresentationDto: CreatePresentationDto, aPIVersion?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<PresentationResponseEntity>> {
309
+ async issueVP(vcId: string, createPresentationDto: CreatePresentationDto, aPIVersion?: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<PresentationEntity>> {
310
310
  const localVarAxiosArgs = await localVarAxiosParamCreator.issueVP(vcId, createPresentationDto, aPIVersion, options);
311
311
  const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
312
312
  const localVarOperationServerBasePath = operationServerMap['CredentialsApi.issueVP']?.[localVarOperationServerIndex]?.url;
313
313
  return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
314
314
  },
315
315
  /**
316
- * Permanently revoke an active credential. Flips status to REVOKED, records revokedAt and revocationReason, Issues a MANDATE_REVOKED receipt, and emits a MANDATE_REVOKED activity event. Subsequent /vp and /verify calls for this credential are denied with reason credential_revoked.
316
+ * Permanently revoke an active credential. Flips status to REVOKED, records revokedAt and revocationReason, Appends a REVOKE proof to the credential, and emits a MANDATE_REVOKED activity event. Subsequent /vp and /verify calls for this credential are denied with reason credential_revoked.
317
317
  * @summary Revoke Credential
318
318
  * @param {string} credentialId URN of the credential to revoke
319
319
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -328,7 +328,7 @@ export const CredentialsApiFp = function(configuration?: Configuration) {
328
328
  return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
329
329
  },
330
330
  /**
331
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
331
+ * Evaluate a VP against runtime context. On allow, returns 201 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
332
332
  * @summary Verify VP
333
333
  * @param {VerifyPresentationDto} verifyPresentationDto
334
334
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -376,17 +376,17 @@ export const CredentialsApiFactory = function (configuration?: Configuration, ba
376
376
  /**
377
377
  * Build and sign a W3C Verifiable Presentation for a stored credential. The API key must belong to the credential owner.
378
378
  * @summary Issue VP
379
- * @param {string} vcId DID of the credential to present.
379
+ * @param {string} vcId URN of the credential to present.
380
380
  * @param {CreatePresentationDto} createPresentationDto
381
381
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
382
382
  * @param {*} [options] Override http request option.
383
383
  * @throws {RequiredError}
384
384
  */
385
- issueVP(vcId: string, createPresentationDto: CreatePresentationDto, aPIVersion?: string, options?: RawAxiosRequestConfig): AxiosPromise<PresentationResponseEntity> {
385
+ issueVP(vcId: string, createPresentationDto: CreatePresentationDto, aPIVersion?: string, options?: RawAxiosRequestConfig): AxiosPromise<PresentationEntity> {
386
386
  return localVarFp.issueVP(vcId, createPresentationDto, aPIVersion, options).then((request) => request(axios, basePath));
387
387
  },
388
388
  /**
389
- * Permanently revoke an active credential. Flips status to REVOKED, records revokedAt and revocationReason, Issues a MANDATE_REVOKED receipt, and emits a MANDATE_REVOKED activity event. Subsequent /vp and /verify calls for this credential are denied with reason credential_revoked.
389
+ * Permanently revoke an active credential. Flips status to REVOKED, records revokedAt and revocationReason, Appends a REVOKE proof to the credential, and emits a MANDATE_REVOKED activity event. Subsequent /vp and /verify calls for this credential are denied with reason credential_revoked.
390
390
  * @summary Revoke Credential
391
391
  * @param {string} credentialId URN of the credential to revoke
392
392
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -398,7 +398,7 @@ export const CredentialsApiFactory = function (configuration?: Configuration, ba
398
398
  return localVarFp.revoke(credentialId, aPIVersion, revokeCredentialDto, options).then((request) => request(axios, basePath));
399
399
  },
400
400
  /**
401
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
401
+ * Evaluate a VP against runtime context. On allow, returns 201 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
402
402
  * @summary Verify VP
403
403
  * @param {VerifyPresentationDto} verifyPresentationDto
404
404
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -447,7 +447,7 @@ export class CredentialsApi extends BaseAPI {
447
447
  /**
448
448
  * Build and sign a W3C Verifiable Presentation for a stored credential. The API key must belong to the credential owner.
449
449
  * @summary Issue VP
450
- * @param {string} vcId DID of the credential to present.
450
+ * @param {string} vcId URN of the credential to present.
451
451
  * @param {CreatePresentationDto} createPresentationDto
452
452
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
453
453
  * @param {*} [options] Override http request option.
@@ -459,7 +459,7 @@ export class CredentialsApi extends BaseAPI {
459
459
  }
460
460
 
461
461
  /**
462
- * Permanently revoke an active credential. Flips status to REVOKED, records revokedAt and revocationReason, Issues a MANDATE_REVOKED receipt, and emits a MANDATE_REVOKED activity event. Subsequent /vp and /verify calls for this credential are denied with reason credential_revoked.
462
+ * Permanently revoke an active credential. Flips status to REVOKED, records revokedAt and revocationReason, Appends a REVOKE proof to the credential, and emits a MANDATE_REVOKED activity event. Subsequent /vp and /verify calls for this credential are denied with reason credential_revoked.
463
463
  * @summary Revoke Credential
464
464
  * @param {string} credentialId URN of the credential to revoke
465
465
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -473,7 +473,7 @@ export class CredentialsApi extends BaseAPI {
473
473
  }
474
474
 
475
475
  /**
476
- * Evaluate a VP against runtime context. On allow, returns 200 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked.
476
+ * Evaluate a VP against runtime context. On allow, returns 201 with the signed receipt. On deny, returns 403 with the reason, evaluations, and receipt in the error body. If the mandate has no constraint schema, only signatures, verifier access, and validity are checked. Supply the presentation exactly as returned by POST /credential/vp/:vcId — do not re-serialize or modify it. Pass it as either `presentation` (the signed VP object) or `presentationEncoded` (its base64 string); at least one is required (400 otherwise), and if both are sent `presentationEncoded` wins. `presentationEncoded` is the recommended field: being an opaque string it is immune to JSON re-serialization / formatting changes (e.g. some HTTP clients reformatting date strings) that would otherwise break the signature.
477
477
  * @summary Verify VP
478
478
  * @param {VerifyPresentationDto} verifyPresentationDto
479
479
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -30,6 +30,10 @@ import type { RequestDetailEntity } from '../models';
30
30
  // @ts-ignore
31
31
  import type { RequestsCreate400Response } from '../models';
32
32
  // @ts-ignore
33
+ import type { RequestsCreate402Response } from '../models';
34
+ // @ts-ignore
35
+ import type { RequestsCreate409Response } from '../models';
36
+ // @ts-ignore
33
37
  import type { RequestsDetail404Response } from '../models';
34
38
  // @ts-ignore
35
39
  import type { RequestsEntity } from '../models';
@@ -242,7 +246,7 @@ export const RequestsApiAxiosParamCreator = function (configuration?: Configurat
242
246
  };
243
247
  },
244
248
  /**
245
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
249
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
246
250
  * @summary Resend OTP
247
251
  * @param {string} requestId Unique identifier of the request.
248
252
  * @param {string} [contact] Verified contact value (email or phone)
@@ -373,7 +377,7 @@ export const RequestsApiFp = function(configuration?: Configuration) {
373
377
  return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
374
378
  },
375
379
  /**
376
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
380
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
377
381
  * @summary Resend OTP
378
382
  * @param {string} requestId Unique identifier of the request.
379
383
  * @param {string} [contact] Verified contact value (email or phone)
@@ -453,7 +457,7 @@ export const RequestsApiFactory = function (configuration?: Configuration, baseP
453
457
  return localVarFp.list(pageIndex, pageSize, search, dateFrom, dateTo, subject, internalId, securityLevel, aPIVersion, options).then((request) => request(axios, basePath));
454
458
  },
455
459
  /**
456
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
460
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
457
461
  * @summary Resend OTP
458
462
  * @param {string} requestId Unique identifier of the request.
459
463
  * @param {string} [contact] Verified contact value (email or phone)
@@ -538,7 +542,7 @@ export class RequestsApi extends BaseAPI {
538
542
  }
539
543
 
540
544
  /**
541
- * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS (depending on their contact type) with a code and a signing URL. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
545
+ * Resend a One-Time Password (OTP) to a subject for credential approval, via email or SMS. The endpoint validates: - The request is not canceled - Maximum attempts have not been reached, only successful OTP sends count towards resend limits - Sufficient time has passed since the last successful resend - Billing restrictions apply
542
546
  * @summary Resend OTP
543
547
  * @param {string} requestId Unique identifier of the request.
544
548
  * @param {string} [contact] Verified contact value (email or phone)
@@ -116,7 +116,7 @@ export const WebhooksApiAxiosParamCreator = function (configuration?: Configurat
116
116
  };
117
117
  },
118
118
  /**
119
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
119
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
120
120
  * @summary OTP Failed Event
121
121
  * @param {OtpFailedEvent} otpFailedEvent
122
122
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -234,7 +234,7 @@ export const WebhooksApiFp = function(configuration?: Configuration) {
234
234
  return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
235
235
  },
236
236
  /**
237
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
237
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
238
238
  * @summary OTP Failed Event
239
239
  * @param {OtpFailedEvent} otpFailedEvent
240
240
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -294,7 +294,7 @@ export const WebhooksApiFactory = function (configuration?: Configuration, baseP
294
294
  return localVarFp.identity(identityEvent, aPIVersion, options).then((request) => request(axios, basePath));
295
295
  },
296
296
  /**
297
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
297
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
298
298
  * @summary OTP Failed Event
299
299
  * @param {OtpFailedEvent} otpFailedEvent
300
300
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -352,7 +352,7 @@ export class WebhooksApi extends BaseAPI {
352
352
  }
353
353
 
354
354
  /**
355
- * Fired when an OTP delivery to the subject fails. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
355
+ * Fired when an OTP **SMS** could not be delivered: every eligible SMS provider was tried (synchronously or via carrier delivery reports) and none succeeded. Email OTP failures do not emit this event. Carrier delivery reports are asynchronous and occasionally corrected to \"delivered\" afterwards, so treat this event as *Humanos stopped retrying*, not as a guarantee the SMS never arrived. The safe reaction is to `PATCH` the `otp.resendEndpoint` URL exactly as delivered — a resend issues a fresh code and invalidates the old one, so it is harmless even if the original message did arrive late. **Inbound webhook callback** — Humanos POSTs this payload to your registered webhook URL. This is not an endpoint you call; it is documented as a path so SDK code generators emit a typed payload model.
356
356
  * @summary OTP Failed Event
357
357
  * @param {OtpFailedEvent} otpFailedEvent
358
358
  * @param {string} [aPIVersion] Pin responses to a specific API version (YYYY-MM-DD). When omitted, defaults to the version stored in your issuer config or today\&#39;s date.
@@ -21,7 +21,7 @@
21
21
  */
22
22
  export interface CreatePresentationDto {
23
23
  /**
24
- * DID of the intended verifier. When provided, the VP is bound to this audience via proof.domain and a challenge nonce.
24
+ * Domain or subdomain of the intended verifier (e.g. \"organization.com\"). When provided, the VP is bound to this audience via proof.domain and a challenge nonce.
25
25
  * @type {string}
26
26
  * @memberof CreatePresentationDto
27
27
  */
@@ -24,7 +24,7 @@ import type { PartialSubjectEntity } from './partial-subject-entity';
24
24
  */
25
25
  export interface CreateSubjectEntity {
26
26
  /**
27
- * HTTP status code indicating the result of the operation for this specific subject: - 200: Success - 201: Success, but nothing was updated - 400: Invalid body payload. Information will be at the message field - 402: Invalid identity due to invalid countryAlpha3 - 407: This call contained this contact more than once - 408: This call contained this identity more than once - 409: Duplicate Identity - 410: Duplicate Identity. This user already has an identity with this countryAlpha3
27
+ * HTTP status code indicating the result of the operation for this specific subject: - 201: Success — subject created or updated (the message distinguishes: \"Subject created\" vs updated) - 400: Invalid body payload. Information will be at the message field - 409: Duplicate contact within the request body - 410: Contact maps to a subject with inconsistent references (the same subject appears through more than one contact in this request) - 500: Unexpected processing error
28
28
  * @type {number}
29
29
  * @memberof CreateSubjectEntity
30
30
  */
@@ -44,14 +44,11 @@ export interface CreateSubjectEntity {
44
44
  }
45
45
 
46
46
  export const CreateSubjectEntityStatusEnum = {
47
- NUMBER_200: 200,
48
47
  NUMBER_201: 201,
49
48
  NUMBER_400: 400,
50
- NUMBER_402: 402,
51
- NUMBER_407: 407,
52
- NUMBER_408: 408,
53
49
  NUMBER_409: 409,
54
- NUMBER_410: 410
50
+ NUMBER_410: 410,
51
+ NUMBER_500: 500
55
52
  } as const;
56
53
 
57
54
  export type CreateSubjectEntityStatusEnum = typeof CreateSubjectEntityStatusEnum[keyof typeof CreateSubjectEntityStatusEnum];
@@ -69,11 +69,11 @@ export interface CredentialEntity {
69
69
  */
70
70
  'w3cCredential': object;
71
71
  /**
72
- * Whether each grantor accepted or rejected the credential and information about the grantor contact. The `id` field carries the decision URN.
72
+ * Whether each grantor accepted or rejected the credential and information about the grantor contact. The `id` field carries the grantor\'s DID. Always an array (empty when there are no decisions yet).
73
73
  * @type {Array<Array<any>>}
74
74
  * @memberof CredentialEntity
75
75
  */
76
- 'decisions'?: Array<Array<any>>;
76
+ 'decisions': Array<Array<any>>;
77
77
  }
78
78
 
79
79
  export const CredentialEntityStatusEnum = {
@@ -17,45 +17,57 @@
17
17
  /**
18
18
  *
19
19
  * @export
20
- * @interface W3CVerifiableCredentialProofsInner
20
+ * @interface CredentialProof
21
21
  */
22
- export interface W3CVerifiableCredentialProofsInner {
22
+ export interface CredentialProof {
23
23
  [key: string]: any;
24
24
 
25
25
  /**
26
26
  *
27
27
  * @type {string}
28
- * @memberof W3CVerifiableCredentialProofsInner
28
+ * @memberof CredentialProof
29
+ */
30
+ 'action': string;
31
+ /**
32
+ *
33
+ * @type {string}
34
+ * @memberof CredentialProof
35
+ */
36
+ 'actionProof': string;
37
+ /**
38
+ *
39
+ * @type {string}
40
+ * @memberof CredentialProof
29
41
  */
30
42
  'type': string;
31
43
  /**
32
44
  *
33
45
  * @type {string}
34
- * @memberof W3CVerifiableCredentialProofsInner
46
+ * @memberof CredentialProof
35
47
  */
36
48
  'cryptosuite': string;
37
49
  /**
38
50
  *
39
51
  * @type {string}
40
- * @memberof W3CVerifiableCredentialProofsInner
52
+ * @memberof CredentialProof
41
53
  */
42
54
  'verificationMethod': string;
43
55
  /**
44
56
  *
45
57
  * @type {string}
46
- * @memberof W3CVerifiableCredentialProofsInner
58
+ * @memberof CredentialProof
47
59
  */
48
60
  'created': string;
49
61
  /**
50
62
  *
51
63
  * @type {string}
52
- * @memberof W3CVerifiableCredentialProofsInner
64
+ * @memberof CredentialProof
53
65
  */
54
66
  'proofPurpose': string;
55
67
  /**
56
68
  *
57
69
  * @type {string}
58
- * @memberof W3CVerifiableCredentialProofsInner
70
+ * @memberof CredentialProof
59
71
  */
60
72
  'proofValue': string;
61
73
  }
@@ -16,6 +16,12 @@
16
16
  // May contain unused imports in some cases
17
17
  // @ts-ignore
18
18
  import type { CredentialDto } from './credential-dto';
19
+ // May contain unused imports in some cases
20
+ // @ts-ignore
21
+ import type { GenerateRequestIFrameDto } from './generate-request-iframe-dto';
22
+ // May contain unused imports in some cases
23
+ // @ts-ignore
24
+ import type { GenerateRequestUserDto } from './generate-request-user-dto';
19
25
 
20
26
  /**
21
27
  *
@@ -30,11 +36,17 @@ export interface GenerateRequestDto {
30
36
  */
31
37
  'name'?: string;
32
38
  /**
33
- * Array of contact emails or phone numbers
34
- * @type {Array<string>}
39
+ * Array of users to be included in the request
40
+ * @type {Array<GenerateRequestUserDto>}
41
+ * @memberof GenerateRequestDto
42
+ */
43
+ 'users': Array<GenerateRequestUserDto>;
44
+ /**
45
+ * IFrame configuration for the request
46
+ * @type {GenerateRequestIFrameDto}
35
47
  * @memberof GenerateRequestDto
36
48
  */
37
- 'contacts': Array<string>;
49
+ 'iframe'?: GenerateRequestIFrameDto;
38
50
  /**
39
51
  * Security level for the request
40
52
  * @type {string}
@@ -59,42 +71,18 @@ export interface GenerateRequestDto {
59
71
  * @memberof GenerateRequestDto
60
72
  */
61
73
  'credentials'?: Array<CredentialDto>;
62
- /**
63
- * What language to use when sending notifications to the user
64
- * @type {string}
65
- * @memberof GenerateRequestDto
66
- */
67
- 'language'?: string;
68
- /**
69
- * URL to redirect the subject after completing the request
70
- * @type {string}
71
- * @memberof GenerateRequestDto
72
- */
73
- 'redirectUrl'?: string;
74
74
  /**
75
75
  * Internal identifier for the request
76
76
  * @type {string}
77
77
  * @memberof GenerateRequestDto
78
78
  */
79
79
  'internalId'?: string;
80
- /**
81
- * Base64-encoded P-256 SPKI public key to pre-register for postMessage payload encryption.
82
- * @type {string}
83
- * @memberof GenerateRequestDto
84
- */
85
- 'pubKey'?: string;
86
80
  /**
87
81
  * Grants 3 types of access to the request: 1. READ access to request detail, credentials, and corresponding evidences. 2. Allows to create Verifiable Presentations (VPs) from mandates associated with this request 3. Allows to verify Verifiable Presentations (VPs) from mandates associated with this request By default, the requester DID are automatically appended to this list.
88
82
  * @type {Array<string>}
89
83
  * @memberof GenerateRequestDto
90
84
  */
91
85
  'authorizedDIDs'?: Array<string>;
92
- /**
93
- * List of known document IDs of the users This will force a KYC verification for each user if none of its Humanos identities match the document ID Will make sure the received identity from the KYC verification matches the document ID, and update the user\'s Humanos identities if needed
94
- * @type {Array<string>}
95
- * @memberof GenerateRequestDto
96
- */
97
- 'expectedDocIds'?: Array<string>;
98
86
  }
99
87
 
100
88
  export const GenerateRequestDtoSecurityLevelEnum = {
@@ -0,0 +1,36 @@
1
+ /* tslint:disable */
2
+ /* eslint-disable */
3
+ /**
4
+ * Humanos API
5
+ * Humanos API
6
+ *
7
+ * The version of the OpenAPI document: 1.0
8
+ *
9
+ *
10
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
11
+ * https://openapi-generator.tech
12
+ * Do not edit the class manually.
13
+ */
14
+
15
+
16
+
17
+ /**
18
+ *
19
+ * @export
20
+ * @interface GenerateRequestIFrameCookieDto
21
+ */
22
+ export interface GenerateRequestIFrameCookieDto {
23
+ /**
24
+ * Opt into a trusted browser session for this request (HUM-6): when true, a valid session cookie lets the subject skip the OTP on future approvals. Default false.
25
+ * @type {boolean}
26
+ * @memberof GenerateRequestIFrameCookieDto
27
+ */
28
+ 'allow'?: boolean;
29
+ /**
30
+ * Trusted-session lifespan in seconds. Used ONLY when `allow` is true (ignored otherwise — no error). Clamped to [3600 (1h), 86400 (24h)]; default 3600.
31
+ * @type {number}
32
+ * @memberof GenerateRequestIFrameCookieDto
33
+ */
34
+ 'duration'?: number;
35
+ }
36
+
@@ -0,0 +1,39 @@
1
+ /* tslint:disable */
2
+ /* eslint-disable */
3
+ /**
4
+ * Humanos API
5
+ * Humanos API
6
+ *
7
+ * The version of the OpenAPI document: 1.0
8
+ *
9
+ *
10
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
11
+ * https://openapi-generator.tech
12
+ * Do not edit the class manually.
13
+ */
14
+
15
+
16
+ // May contain unused imports in some cases
17
+ // @ts-ignore
18
+ import type { GenerateRequestIFrameCookieDto } from './generate-request-iframe-cookie-dto';
19
+
20
+ /**
21
+ *
22
+ * @export
23
+ * @interface GenerateRequestIFrameDto
24
+ */
25
+ export interface GenerateRequestIFrameDto {
26
+ /**
27
+ * Base64-encoded P-256 SPKI public key to pre-register for postMessage payload encryption.
28
+ * @type {string}
29
+ * @memberof GenerateRequestIFrameDto
30
+ */
31
+ 'pubKey': string;
32
+ /**
33
+ * Trusted browser session config — skip the OTP for high-frequency approvals (HUM-6).
34
+ * @type {GenerateRequestIFrameCookieDto}
35
+ * @memberof GenerateRequestIFrameDto
36
+ */
37
+ 'cookie'?: GenerateRequestIFrameCookieDto;
38
+ }
39
+
@@ -0,0 +1,64 @@
1
+ /* tslint:disable */
2
+ /* eslint-disable */
3
+ /**
4
+ * Humanos API
5
+ * Humanos API
6
+ *
7
+ * The version of the OpenAPI document: 1.0
8
+ *
9
+ *
10
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
11
+ * https://openapi-generator.tech
12
+ * Do not edit the class manually.
13
+ */
14
+
15
+
16
+
17
+ /**
18
+ *
19
+ * @export
20
+ * @interface GenerateRequestUserDto
21
+ */
22
+ export interface GenerateRequestUserDto {
23
+ /**
24
+ * Contact email or phone number
25
+ * @type {string}
26
+ * @memberof GenerateRequestUserDto
27
+ */
28
+ 'contact': string;
29
+ /**
30
+ * Secondary contact email or phone number. When present, first contact will receive the OTP code and the secondary contact will receive the link to complete the request.
31
+ * @type {string}
32
+ * @memberof GenerateRequestUserDto
33
+ */
34
+ 'secondaryContact'?: string;
35
+ /**
36
+ * Known document ID of the user, expected to be returned by the KYC verification
37
+ * @type {string}
38
+ * @memberof GenerateRequestUserDto
39
+ */
40
+ 'docId'?: string;
41
+ /**
42
+ * Language for OTP notifications. Defaults to the contact phone nationality, or ENG.
43
+ * @type {string}
44
+ * @memberof GenerateRequestUserDto
45
+ */
46
+ 'language'?: GenerateRequestUserDtoLanguageEnum;
47
+ /**
48
+ * Signer quality for this request. Free text; if omitted for an existing member, the member quality is propagated.
49
+ * @type {string}
50
+ * @memberof GenerateRequestUserDto
51
+ */
52
+ 'signerQuality'?: string;
53
+ }
54
+
55
+ export const GenerateRequestUserDtoLanguageEnum = {
56
+ Eng: 'ENG',
57
+ Prt: 'PRT',
58
+ Spa: 'SPA',
59
+ Fra: 'FRA'
60
+ } as const;
61
+
62
+ export type GenerateRequestUserDtoLanguageEnum = typeof GenerateRequestUserDtoLanguageEnum[keyof typeof GenerateRequestUserDtoLanguageEnum];
63
+
64
+
@@ -33,11 +33,11 @@ export interface GenerateSubjectEntity {
33
33
  */
34
34
  'id': string;
35
35
  /**
36
- * Code for the subject-OTP link. Only present if the issuer is configured to not send the OTP.
36
+ * Secondary contact (phone or email) used in 2FA mode to receive the signing link.
37
37
  * @type {string}
38
38
  * @memberof GenerateSubjectEntity
39
39
  */
40
- 'code'?: string;
40
+ 'secondaryContact'?: string;
41
41
  /**
42
42
  * Link to the subject-OTP link. Only present if the issuer is configured to not send the OTP.
43
43
  * @type {string}
@@ -26,30 +26,12 @@ export interface IdentityEventDecision {
26
26
  * @memberof IdentityEventDecision
27
27
  */
28
28
  'success': boolean;
29
- /**
30
- *
31
- * @type {boolean}
32
- * @memberof IdentityEventDecision
33
- */
34
- 'isFraud': boolean;
35
- /**
36
- *
37
- * @type {number}
38
- * @memberof IdentityEventDecision
39
- */
40
- 'riskScore'?: number;
41
29
  /**
42
30
  *
43
31
  * @type {string}
44
32
  * @memberof IdentityEventDecision
45
33
  */
46
34
  'message'?: string;
47
- /**
48
- *
49
- * @type {string}
50
- * @memberof IdentityEventDecision
51
- */
52
- 'outcome'?: string;
53
35
  /**
54
36
  *
55
37
  * @type {string}
@@ -21,7 +21,7 @@ import type { IdentityEventDecision } from './identity-event-decision';
21
21
  import type { IdentityEventUser } from './identity-event-user';
22
22
  // May contain unused imports in some cases
23
23
  // @ts-ignore
24
- import type { IdentityPayload } from './identity-payload';
24
+ import type { IdentityWebhook } from './identity-webhook';
25
25
 
26
26
  /**
27
27
  *
@@ -69,10 +69,10 @@ export interface IdentityEvent {
69
69
  'api_version': string;
70
70
  /**
71
71
  *
72
- * @type {IdentityPayload}
72
+ * @type {IdentityWebhook}
73
73
  * @memberof IdentityEvent
74
74
  */
75
- 'identity'?: IdentityPayload;
75
+ 'identity'?: IdentityWebhook;
76
76
  /**
77
77
  *
78
78
  * @type {IdentityEventDecision}
@@ -17,8 +17,8 @@
17
17
  /**
18
18
  *
19
19
  * @export
20
- * @interface W3CVerifiableCredentialValidFrom
20
+ * @interface IdentityWebhookIssueDate
21
21
  */
22
- export interface W3CVerifiableCredentialValidFrom {
22
+ export interface IdentityWebhookIssueDate {
23
23
  }
24
24