> ## Documentation Index
> Fetch the complete documentation index at: https://docs.0xkey.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Update user's phone number

> Update a user's phone number in an existing organization.



## OpenAPI

````yaml /scripts/openapi-gen/openapi.json post /public/v1/submit/update_user_phone_number
openapi: 3.0.1
info:
  title: API Reference
  description: Review our [API Introduction](../api-introduction) to get started.
  contact: {}
  version: '1.0'
servers:
  - url: https://api.0xkey.io
security:
  - ApiKeyAuth: []
  - AuthenticatorAuth: []
tags:
  - name: Organizations
    description: >-
      An Organization is the highest level of hierarchy in 0xkey. It can contain
      many Users, Private Keys, and Policies managed by a Root Quorum. The Root
      Quorum consists of a set of Users with a consensus threshold. This
      consensus threshold must be reached by Quorum members in order for any
      actions to take place.


      See [Root Quorum](../concepts/users/root-quorum) for more information
  - name: Invitations
    description: >-
      Invitations allow you to invite Users into your Organization via email.
      Alternatively, Users can be added directly without an Invitation if their
      ApiKey or Authenticator credentials are known ahead of time.


      See [Users](./api#tag/Users) for more information
  - name: Policies
    description: >-
      Policies allow for deep customization of the security of your
      Organization. They can be used to grant permissions or restrict usage of
      Users and Private Keys. The Policy Engine analyzes all of your Policies on
      each request to determine whether an Activity is allowed.


      See [Policy Overview](../managing-policies/overview) for more information
  - name: Wallets
    description: >-
      Wallets contain collections of deterministically generated cryptographic
      public / private key pairs that share a common seed. 0xkey securely holds
      the common seed, but only you can access it. In most cases, Wallets should
      be preferred over Private Keys since they can be represented by a mnemonic
      phrase, used across a variety of cryptographic curves, and can derive many
      addresses.


      Derived addresses can be used to create digital signatures using the
      corresponding underlying private key. See [Signing](./api#tag/Signing) for
      more information
  - name: Signing
    description: >-
      Signers allow you to create digital signatures. Signatures are used to
      validate the authenticity and integrity of a digital message. 0xkey makes
      it easy to produce signatures by allowing you to sign with an address. If
      0xkey doesn't yet support an address format you need, you can generate and
      sign with the public key instead by using the address format
      `ADDRESS_FORMAT_COMPRESSED`.
  - name: Private Keys
    description: >-
      Private Keys are cryptographic public / private key pairs that can be used
      for cryptocurrency needs or more generalized encryption. 0xkey securely
      holds all private key materials for you, but only you can access them.


      The Private Key ID or any derived address can be used to create digital
      signatures. See [Signing](./api#tag/Signing) for more information
  - name: Private Key Tags
    description: >-
      Private Key Tags allow you to easily group and permission Private Keys
      through Policies.
  - name: Users
    description: >-
      Users are responsible for any action taken within an Organization. They
      can have ApiKey or Authenticator credentials, allowing you to onboard
      teammates to the Organization, or create API-only Users to run as part of
      your infrastructure.
  - name: User Tags
    description: >-
      User Key Tags allow you to easily group and permission Users through
      Policies.
  - name: Authenticators
    description: >-
      Authenticators are WebAuthN hardware devices, such as a Macbook TouchID or
      Yubikey, that can be used to authenticate requests.
  - name: API Keys
    description: >-
      API Keys are used to authenticate requests


      See our [CLI](https://github.com/0xkey-io) for instructions on generating
      API Keys
  - name: Activities
    description: >-
      Activities encapsulate all the possible actions that can be taken with
      0xkey. Some examples include adding a new user, creating a private key,
      and signing a transaction.


      Activities that modify your Organization are processed asynchronously. To
      confirm processing is complete and retrieve the Activity results, these
      activities must be polled until that status has been updated to a
      finalized state: `COMPLETED` when the activity is successful or `FAILED`
      when the activity has failed
  - name: Consensus
    description: >-
      Policies can enforce consensus requirements for Activities. For example,
      adding a new user requires two admins to approve the request.


      Activities that have been proposed, but don't yet meet the Consensus
      requirements will have the status: `REQUIRES_CONSENSUS`. Activities in
      this state can be approved or rejected using the unique fingerprint
      generated when an Activity is created.
  - name: PublicApiService
paths:
  /public/v1/submit/update_user_phone_number:
    post:
      tags:
        - Users
      summary: Update user's phone number
      description: Update a user's phone number in an existing organization.
      operationId: PublicApiService_UpdateUserPhoneNumber
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/v1UpdateUserPhoneNumberRequest'
        required: true
      responses:
        '200':
          description: A successful response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/v1ActivityResponse'
        default:
          description: An unexpected error response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/rpcStatus'
components:
  schemas:
    v1UpdateUserPhoneNumberRequest:
      type: object
      properties:
        type:
          type: string
          enum:
            - ACTIVITY_TYPE_UPDATE_USER_PHONE_NUMBER
        timestampMs:
          type: string
          description: >-
            Timestamp (in milliseconds) of the request, used to verify liveness
            of user requests.
        organizationId:
          type: string
          description: Unique identifier for a given Organization.
        parameters:
          $ref: '#/components/schemas/v1UpdateUserPhoneNumberIntent'
        generateAppProofs:
          type: boolean
      required:
        - type
        - timestampMs
        - organizationId
        - parameters
    v1ActivityResponse:
      type: object
      properties:
        activity:
          $ref: '#/components/schemas/v1Activity'
      required:
        - activity
    rpcStatus:
      type: object
      properties:
        code:
          type: integer
          format: int32
          description: |-
            The status code, which should be an enum value of
            [google.rpc.Code][google.rpc.Code].
        message:
          type: string
          description: >-
            A developer-facing error message, which should be in English. Any

            user-facing error message should be localized and sent in the

            [google.rpc.Status.details][google.rpc.Status.details] field, or
            localized

            by the client.
        details:
          type: array
          items:
            $ref: '#/components/schemas/protobufAny'
          description: >-
            A list of messages that carry the error details.  There is a common
            set of

            message types for APIs to use.
      description: >-
        The `Status` type defines a logical error model that is suitable for

        different programming environments, including REST APIs and RPC APIs. It
        is

        used by [gRPC](https://github.com/grpc). Each `Status` message contains

        three pieces of data: error code, error message, and error details.


        You can find out more about this error model and how to work with it in
        the

        [API Design Guide](https://cloud.google.com/apis/design/errors).
    v1UpdateUserPhoneNumberIntent:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"uuid"'
        userPhoneNumber:
          type: string
          description: >-
            The user's phone number in E.164 format e.g. +13214567890. Setting
            this to an empty string will remove the user's phone number.
          title: '@inject_tag: validate:"omitempty,e164"'
        verificationToken:
          type: string
          description: >-
            Signed JWT containing a unique id, expiry, verification type,
            contact
      required:
        - userId
        - userPhoneNumber
    v1Activity:
      type: object
      properties:
        id:
          type: string
          description: Unique identifier for a given Activity object.
        organizationId:
          type: string
          description: Unique identifier for a given Organization.
        status:
          $ref: '#/components/schemas/v1ActivityStatus'
        type:
          $ref: '#/components/schemas/v1ActivityType'
        intent:
          $ref: '#/components/schemas/v1Intent'
        result:
          $ref: '#/components/schemas/v1Result'
        votes:
          type: array
          items:
            $ref: '#/components/schemas/v1Vote'
          description: >-
            A list of objects representing a particular User's approval or
            rejection of a Consensus request, including all relevant metadata.
        appProofs:
          type: array
          items:
            $ref: '#/components/schemas/v1AppProof'
          description: >-
            A list of App Proofs generated by enclaves during activity
            execution, providing verifiable attestations of performed
            operations.
        fingerprint:
          type: string
          description: An artifact verifying a User's action.
        canApprove:
          type: boolean
        canReject:
          type: boolean
        createdAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
        updatedAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
        failure:
          $ref: '#/components/schemas/rpcStatus'
        timestampMs:
          type: string
          description: >-
            Timestamp (in milliseconds) of the request, used to verify liveness
            of user requests.
      description: An action that can that can be taken within the 0xkey infrastructure.
      required:
        - id
        - organizationId
        - status
        - type
        - intent
        - result
        - votes
        - fingerprint
        - canApprove
        - canReject
        - createdAt
        - updatedAt
        - timestampMs
    protobufAny:
      type: object
      properties:
        '@type':
          type: string
          description: >-
            A URL/resource name that uniquely identifies the type of the
            serialized

            protocol buffer message. This string must contain at least

            one "/" character. The last segment of the URL's path must represent

            the fully qualified name of the type (as in

            `path/google.protobuf.Duration`). The name should be in a canonical
            form

            (e.g., leading "." is not accepted).


            In practice, teams usually precompile into the binary all types that
            they

            expect it to use in the context of Any. However, for URLs which use
            the

            scheme `http`, `https`, or no scheme, one can optionally set up a
            type

            server that maps type URLs to message definitions as follows:


            * If no scheme is provided, `https` is assumed.

            * An HTTP GET on the URL must yield a [google.protobuf.Type][]
              value in binary format, or produce an error.
            * Applications are allowed to cache lookup results based on the
              URL, or have them precompiled into a binary to avoid any
              lookup. Therefore, binary compatibility needs to be preserved
              on changes to types. (Use versioned type names to manage
              breaking changes.)

            Note: this functionality is not currently available in the official

            protobuf release, and it is not used for type URLs beginning with

            type.googleapis.com. As of May 2023, there are no widely used type
            server

            implementations and no plans to implement one.


            Schemes other than `http`, `https` (or the empty scheme) might be

            used with implementation specific semantics.
      additionalProperties: {}
      description: >-
        `Any` contains an arbitrary serialized protocol buffer message along
        with a

        URL that describes the type of the serialized message.


        Protobuf library provides support to pack/unpack Any values in the form

        of utility functions or additional generated methods of the Any type.


        Example 1: Pack and unpack a message in C++.

            Foo foo = ...;
            Any any;
            any.PackFrom(foo);
            ...
            if (any.UnpackTo(&foo)) {
              ...
            }

        Example 2: Pack and unpack a message in Java.

            Foo foo = ...;
            Any any = Any.pack(foo);
            ...
            if (any.is(Foo.class)) {
              foo = any.unpack(Foo.class);
            }
            // or ...
            if (any.isSameTypeAs(Foo.getDefaultInstance())) {
              foo = any.unpack(Foo.getDefaultInstance());
            }

         Example 3: Pack and unpack a message in Python.

            foo = Foo(...)
            any = Any()
            any.Pack(foo)
            ...
            if any.Is(Foo.DESCRIPTOR):
              any.Unpack(foo)
              ...

         Example 4: Pack and unpack a message in Go

             foo := &pb.Foo{...}
             any, err := anypb.New(foo)
             if err != nil {
               ...
             }
             ...
             foo := &pb.Foo{}
             if err := any.UnmarshalTo(foo); err != nil {
               ...
             }

        The pack methods provided by protobuf library will by default use

        'type.googleapis.com/full.type.name' as the type URL and the unpack

        methods only use the fully qualified type name after the last '/'

        in the type URL, for example "foo.bar.com/x/y.z" will yield type

        name "y.z".


        JSON

        ====

        The JSON representation of an `Any` value uses the regular

        representation of the deserialized, embedded message, with an

        additional field `@type` which contains the type URL. Example:

            package google.profile;
            message Person {
              string first_name = 1;
              string last_name = 2;
            }

            {
              "@type": "type.googleapis.com/google.profile.Person",
              "firstName": <string>,
              "lastName": <string>
            }

        If the embedded message type is well-known and has a custom JSON

        representation, that representation will be embedded adding a field

        `value` which holds the custom JSON in addition to the `@type`

        field. Example (for message [google.protobuf.Duration][]):

            {
              "@type": "type.googleapis.com/google.protobuf.Duration",
              "value": "1.212s"
            }
    v1ActivityStatus:
      type: string
      enum:
        - ACTIVITY_STATUS_UNSPECIFIED
        - ACTIVITY_STATUS_CREATED
        - ACTIVITY_STATUS_PENDING
        - ACTIVITY_STATUS_COMPLETED
        - ACTIVITY_STATUS_FAILED
        - ACTIVITY_STATUS_CONSENSUS_NEEDED
        - ACTIVITY_STATUS_REJECTED
      default: ACTIVITY_STATUS_UNSPECIFIED
      description: The current processing status of an Activity.
    v1ActivityType:
      type: string
      enum:
        - ACTIVITY_TYPE_UNSPECIFIED
        - ACTIVITY_TYPE_CREATE_API_KEYS
        - ACTIVITY_TYPE_CREATE_USERS
        - ACTIVITY_TYPE_CREATE_PRIVATE_KEYS
        - ACTIVITY_TYPE_SIGN_RAW_PAYLOAD
        - ACTIVITY_TYPE_CREATE_INVITATIONS
        - ACTIVITY_TYPE_ACCEPT_INVITATION
        - ACTIVITY_TYPE_CREATE_POLICY
        - ACTIVITY_TYPE_DISABLE_PRIVATE_KEY
        - ACTIVITY_TYPE_DELETE_USERS
        - ACTIVITY_TYPE_DELETE_API_KEYS
        - ACTIVITY_TYPE_DELETE_INVITATION
        - ACTIVITY_TYPE_DELETE_ORGANIZATION
        - ACTIVITY_TYPE_DELETE_POLICY
        - ACTIVITY_TYPE_CREATE_USER_TAG
        - ACTIVITY_TYPE_DELETE_USER_TAGS
        - ACTIVITY_TYPE_CREATE_ORGANIZATION
        - ACTIVITY_TYPE_SIGN_TRANSACTION
        - ACTIVITY_TYPE_APPROVE_ACTIVITY
        - ACTIVITY_TYPE_REJECT_ACTIVITY
        - ACTIVITY_TYPE_DELETE_AUTHENTICATORS
        - ACTIVITY_TYPE_CREATE_AUTHENTICATORS
        - ACTIVITY_TYPE_CREATE_PRIVATE_KEY_TAG
        - ACTIVITY_TYPE_DELETE_PRIVATE_KEY_TAGS
        - ACTIVITY_TYPE_SET_PAYMENT_METHOD
        - ACTIVITY_TYPE_ACTIVATE_BILLING_TIER
        - ACTIVITY_TYPE_DELETE_PAYMENT_METHOD
        - ACTIVITY_TYPE_CREATE_POLICY_V2
        - ACTIVITY_TYPE_CREATE_POLICY_V3
        - ACTIVITY_TYPE_CREATE_API_ONLY_USERS
        - ACTIVITY_TYPE_UPDATE_ROOT_QUORUM
        - ACTIVITY_TYPE_UPDATE_USER_TAG
        - ACTIVITY_TYPE_UPDATE_PRIVATE_KEY_TAG
        - ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2
        - ACTIVITY_TYPE_CREATE_ORGANIZATION_V2
        - ACTIVITY_TYPE_CREATE_USERS_V2
        - ACTIVITY_TYPE_ACCEPT_INVITATION_V2
        - ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION
        - ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V2
        - ACTIVITY_TYPE_UPDATE_ALLOWED_ORIGINS
        - ACTIVITY_TYPE_CREATE_PRIVATE_KEYS_V2
        - ACTIVITY_TYPE_UPDATE_USER
        - ACTIVITY_TYPE_UPDATE_POLICY
        - ACTIVITY_TYPE_SET_PAYMENT_METHOD_V2
        - ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V3
        - ACTIVITY_TYPE_CREATE_WALLET
        - ACTIVITY_TYPE_CREATE_WALLET_ACCOUNTS
        - ACTIVITY_TYPE_INIT_USER_EMAIL_RECOVERY
        - ACTIVITY_TYPE_RECOVER_USER
        - ACTIVITY_TYPE_SET_ORGANIZATION_FEATURE
        - ACTIVITY_TYPE_REMOVE_ORGANIZATION_FEATURE
        - ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2
        - ACTIVITY_TYPE_SIGN_TRANSACTION_V2
        - ACTIVITY_TYPE_EXPORT_PRIVATE_KEY
        - ACTIVITY_TYPE_EXPORT_WALLET
        - ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V4
        - ACTIVITY_TYPE_EMAIL_AUTH
        - ACTIVITY_TYPE_EXPORT_WALLET_ACCOUNT
        - ACTIVITY_TYPE_INIT_IMPORT_WALLET
        - ACTIVITY_TYPE_IMPORT_WALLET
        - ACTIVITY_TYPE_INIT_IMPORT_PRIVATE_KEY
        - ACTIVITY_TYPE_IMPORT_PRIVATE_KEY
        - ACTIVITY_TYPE_CREATE_POLICIES
        - ACTIVITY_TYPE_SIGN_RAW_PAYLOADS
        - ACTIVITY_TYPE_CREATE_READ_ONLY_SESSION
        - ACTIVITY_TYPE_CREATE_OAUTH_PROVIDERS
        - ACTIVITY_TYPE_DELETE_OAUTH_PROVIDERS
        - ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V5
        - ACTIVITY_TYPE_OAUTH
        - ACTIVITY_TYPE_CREATE_API_KEYS_V2
        - ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION
        - ACTIVITY_TYPE_EMAIL_AUTH_V2
        - ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V6
        - ACTIVITY_TYPE_DELETE_PRIVATE_KEYS
        - ACTIVITY_TYPE_DELETE_WALLETS
        - ACTIVITY_TYPE_CREATE_READ_WRITE_SESSION_V2
        - ACTIVITY_TYPE_DELETE_SUB_ORGANIZATION
        - ACTIVITY_TYPE_INIT_OTP_AUTH
        - ACTIVITY_TYPE_OTP_AUTH
        - ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V7
        - ACTIVITY_TYPE_UPDATE_WALLET
        - ACTIVITY_TYPE_UPDATE_POLICY_V2
        - ACTIVITY_TYPE_CREATE_USERS_V3
        - ACTIVITY_TYPE_INIT_OTP_AUTH_V2
        - ACTIVITY_TYPE_INIT_OTP
        - ACTIVITY_TYPE_VERIFY_OTP
        - ACTIVITY_TYPE_OTP_LOGIN
        - ACTIVITY_TYPE_STAMP_LOGIN
        - ACTIVITY_TYPE_OAUTH_LOGIN
        - ACTIVITY_TYPE_UPDATE_USER_NAME
        - ACTIVITY_TYPE_UPDATE_USER_EMAIL
        - ACTIVITY_TYPE_UPDATE_USER_PHONE_NUMBER
        - ACTIVITY_TYPE_INIT_FIAT_ON_RAMP
        - ACTIVITY_TYPE_CREATE_SMART_CONTRACT_INTERFACE
        - ACTIVITY_TYPE_DELETE_SMART_CONTRACT_INTERFACE
        - ACTIVITY_TYPE_ENABLE_AUTH_PROXY
        - ACTIVITY_TYPE_DISABLE_AUTH_PROXY
        - ACTIVITY_TYPE_UPDATE_AUTH_PROXY_CONFIG
        - ACTIVITY_TYPE_CREATE_OAUTH2_CREDENTIAL
        - ACTIVITY_TYPE_UPDATE_OAUTH2_CREDENTIAL
        - ACTIVITY_TYPE_DELETE_OAUTH2_CREDENTIAL
        - ACTIVITY_TYPE_OAUTH2_AUTHENTICATE
        - ACTIVITY_TYPE_DELETE_WALLET_ACCOUNTS
        - ACTIVITY_TYPE_DELETE_POLICIES
        - ACTIVITY_TYPE_ETH_SEND_RAW_TRANSACTION
        - ACTIVITY_TYPE_ETH_SEND_TRANSACTION
        - ACTIVITY_TYPE_CREATE_FIAT_ON_RAMP_CREDENTIAL
        - ACTIVITY_TYPE_UPDATE_FIAT_ON_RAMP_CREDENTIAL
        - ACTIVITY_TYPE_DELETE_FIAT_ON_RAMP_CREDENTIAL
        - ACTIVITY_TYPE_EMAIL_AUTH_V3
        - ACTIVITY_TYPE_INIT_USER_EMAIL_RECOVERY_V2
        - ACTIVITY_TYPE_INIT_OTP_AUTH_V3
        - ACTIVITY_TYPE_INIT_OTP_V2
        - ACTIVITY_TYPE_UPSERT_GAS_USAGE_CONFIG
        - ACTIVITY_TYPE_CREATE_TVC_APP
        - ACTIVITY_TYPE_CREATE_TVC_DEPLOYMENT
        - ACTIVITY_TYPE_CREATE_TVC_MANIFEST_APPROVALS
        - ACTIVITY_TYPE_SOL_SEND_TRANSACTION
        - ACTIVITY_TYPE_INIT_OTP_V3
        - ACTIVITY_TYPE_VERIFY_OTP_V2
        - ACTIVITY_TYPE_OTP_LOGIN_V2
        - ACTIVITY_TYPE_UPDATE_ORGANIZATION_NAME
        - ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V8
        - ACTIVITY_TYPE_CREATE_OAUTH_PROVIDERS_V2
        - ACTIVITY_TYPE_CREATE_USERS_V4
      default: ACTIVITY_TYPE_UNSPECIFIED
      description: Type of Activity, such as Add User, or Sign Transaction.
    v1Intent:
      type: object
      properties:
        createOrganizationIntent:
          $ref: '#/components/schemas/v1CreateOrganizationIntent'
        createAuthenticatorsIntent:
          $ref: '#/components/schemas/v1CreateAuthenticatorsIntent'
        createUsersIntent:
          $ref: '#/components/schemas/v1CreateUsersIntent'
        createPrivateKeysIntent:
          $ref: '#/components/schemas/v1CreatePrivateKeysIntent'
        signRawPayloadIntent:
          $ref: '#/components/schemas/v1SignRawPayloadIntent'
        createInvitationsIntent:
          $ref: '#/components/schemas/v1CreateInvitationsIntent'
        acceptInvitationIntent:
          $ref: '#/components/schemas/v1AcceptInvitationIntent'
        createPolicyIntent:
          $ref: '#/components/schemas/v1CreatePolicyIntent'
        disablePrivateKeyIntent:
          $ref: '#/components/schemas/v1DisablePrivateKeyIntent'
        deleteUsersIntent:
          $ref: '#/components/schemas/v1DeleteUsersIntent'
        deleteAuthenticatorsIntent:
          $ref: '#/components/schemas/v1DeleteAuthenticatorsIntent'
        deleteInvitationIntent:
          $ref: '#/components/schemas/v1DeleteInvitationIntent'
        deleteOrganizationIntent:
          $ref: '#/components/schemas/v1DeleteOrganizationIntent'
        deletePolicyIntent:
          $ref: '#/components/schemas/v1DeletePolicyIntent'
        createUserTagIntent:
          $ref: '#/components/schemas/v1CreateUserTagIntent'
        deleteUserTagsIntent:
          $ref: '#/components/schemas/v1DeleteUserTagsIntent'
        signTransactionIntent:
          $ref: '#/components/schemas/v1SignTransactionIntent'
        createApiKeysIntent:
          $ref: '#/components/schemas/v1CreateApiKeysIntent'
        deleteApiKeysIntent:
          $ref: '#/components/schemas/v1DeleteApiKeysIntent'
        approveActivityIntent:
          $ref: '#/components/schemas/v1ApproveActivityIntent'
        rejectActivityIntent:
          $ref: '#/components/schemas/v1RejectActivityIntent'
        createPrivateKeyTagIntent:
          $ref: '#/components/schemas/v1CreatePrivateKeyTagIntent'
        deletePrivateKeyTagsIntent:
          $ref: '#/components/schemas/v1DeletePrivateKeyTagsIntent'
        createPolicyIntentV2:
          $ref: '#/components/schemas/v1CreatePolicyIntentV2'
        setPaymentMethodIntent:
          $ref: '#/components/schemas/billingSetPaymentMethodIntent'
        activateBillingTierIntent:
          $ref: '#/components/schemas/billingActivateBillingTierIntent'
        deletePaymentMethodIntent:
          $ref: '#/components/schemas/billingDeletePaymentMethodIntent'
        createPolicyIntentV3:
          $ref: '#/components/schemas/v1CreatePolicyIntentV3'
        createApiOnlyUsersIntent:
          $ref: '#/components/schemas/v1CreateApiOnlyUsersIntent'
        updateRootQuorumIntent:
          $ref: '#/components/schemas/v1UpdateRootQuorumIntent'
        updateUserTagIntent:
          $ref: '#/components/schemas/v1UpdateUserTagIntent'
        updatePrivateKeyTagIntent:
          $ref: '#/components/schemas/v1UpdatePrivateKeyTagIntent'
        createAuthenticatorsIntentV2:
          $ref: '#/components/schemas/v1CreateAuthenticatorsIntentV2'
        acceptInvitationIntentV2:
          $ref: '#/components/schemas/v1AcceptInvitationIntentV2'
        createOrganizationIntentV2:
          $ref: '#/components/schemas/v1CreateOrganizationIntentV2'
        createUsersIntentV2:
          $ref: '#/components/schemas/v1CreateUsersIntentV2'
        createSubOrganizationIntent:
          $ref: '#/components/schemas/v1CreateSubOrganizationIntent'
        createSubOrganizationIntentV2:
          $ref: '#/components/schemas/v1CreateSubOrganizationIntentV2'
        updateAllowedOriginsIntent:
          $ref: '#/components/schemas/v1UpdateAllowedOriginsIntent'
        createPrivateKeysIntentV2:
          $ref: '#/components/schemas/v1CreatePrivateKeysIntentV2'
        updateUserIntent:
          $ref: '#/components/schemas/v1UpdateUserIntent'
        updatePolicyIntent:
          $ref: '#/components/schemas/v1UpdatePolicyIntent'
        setPaymentMethodIntentV2:
          $ref: '#/components/schemas/billingSetPaymentMethodIntentV2'
        createSubOrganizationIntentV3:
          $ref: '#/components/schemas/v1CreateSubOrganizationIntentV3'
        createWalletIntent:
          $ref: '#/components/schemas/v1CreateWalletIntent'
        createWalletAccountsIntent:
          $ref: '#/components/schemas/v1CreateWalletAccountsIntent'
        initUserEmailRecoveryIntent:
          $ref: '#/components/schemas/v1InitUserEmailRecoveryIntent'
        recoverUserIntent:
          $ref: '#/components/schemas/v1RecoverUserIntent'
        setOrganizationFeatureIntent:
          $ref: '#/components/schemas/v1SetOrganizationFeatureIntent'
        removeOrganizationFeatureIntent:
          $ref: '#/components/schemas/v1RemoveOrganizationFeatureIntent'
        signRawPayloadIntentV2:
          $ref: '#/components/schemas/v1SignRawPayloadIntentV2'
        signTransactionIntentV2:
          $ref: '#/components/schemas/v1SignTransactionIntentV2'
        exportPrivateKeyIntent:
          $ref: '#/components/schemas/v1ExportPrivateKeyIntent'
        exportWalletIntent:
          $ref: '#/components/schemas/v1ExportWalletIntent'
        createSubOrganizationIntentV4:
          $ref: '#/components/schemas/v1CreateSubOrganizationIntentV4'
        emailAuthIntent:
          $ref: '#/components/schemas/v1EmailAuthIntent'
        exportWalletAccountIntent:
          $ref: '#/components/schemas/v1ExportWalletAccountIntent'
        initImportWalletIntent:
          $ref: '#/components/schemas/v1InitImportWalletIntent'
        importWalletIntent:
          $ref: '#/components/schemas/v1ImportWalletIntent'
        initImportPrivateKeyIntent:
          $ref: '#/components/schemas/v1InitImportPrivateKeyIntent'
        importPrivateKeyIntent:
          $ref: '#/components/schemas/v1ImportPrivateKeyIntent'
        createPoliciesIntent:
          $ref: '#/components/schemas/v1CreatePoliciesIntent'
        signRawPayloadsIntent:
          $ref: '#/components/schemas/v1SignRawPayloadsIntent'
        createReadOnlySessionIntent:
          $ref: '#/components/schemas/v1CreateReadOnlySessionIntent'
        createOauthProvidersIntent:
          $ref: '#/components/schemas/v1CreateOauthProvidersIntent'
        deleteOauthProvidersIntent:
          $ref: '#/components/schemas/v1DeleteOauthProvidersIntent'
        createSubOrganizationIntentV5:
          $ref: '#/components/schemas/v1CreateSubOrganizationIntentV5'
        oauthIntent:
          $ref: '#/components/schemas/v1OauthIntent'
        createApiKeysIntentV2:
          $ref: '#/components/schemas/v1CreateApiKeysIntentV2'
        createReadWriteSessionIntent:
          $ref: '#/components/schemas/v1CreateReadWriteSessionIntent'
        emailAuthIntentV2:
          $ref: '#/components/schemas/v1EmailAuthIntentV2'
        createSubOrganizationIntentV6:
          $ref: '#/components/schemas/v1CreateSubOrganizationIntentV6'
        deletePrivateKeysIntent:
          $ref: '#/components/schemas/v1DeletePrivateKeysIntent'
        deleteWalletsIntent:
          $ref: '#/components/schemas/v1DeleteWalletsIntent'
        createReadWriteSessionIntentV2:
          $ref: '#/components/schemas/v1CreateReadWriteSessionIntentV2'
        deleteSubOrganizationIntent:
          $ref: '#/components/schemas/v1DeleteSubOrganizationIntent'
        initOtpAuthIntent:
          $ref: '#/components/schemas/v1InitOtpAuthIntent'
        otpAuthIntent:
          $ref: '#/components/schemas/v1OtpAuthIntent'
        createSubOrganizationIntentV7:
          $ref: '#/components/schemas/v1CreateSubOrganizationIntentV7'
        updateWalletIntent:
          $ref: '#/components/schemas/v1UpdateWalletIntent'
        updatePolicyIntentV2:
          $ref: '#/components/schemas/v1UpdatePolicyIntentV2'
        createUsersIntentV3:
          $ref: '#/components/schemas/v1CreateUsersIntentV3'
        initOtpAuthIntentV2:
          $ref: '#/components/schemas/v1InitOtpAuthIntentV2'
        initOtpIntent:
          $ref: '#/components/schemas/v1InitOtpIntent'
        verifyOtpIntent:
          $ref: '#/components/schemas/v1VerifyOtpIntent'
        otpLoginIntent:
          $ref: '#/components/schemas/v1OtpLoginIntent'
        stampLoginIntent:
          $ref: '#/components/schemas/v1StampLoginIntent'
        oauthLoginIntent:
          $ref: '#/components/schemas/v1OauthLoginIntent'
        updateUserNameIntent:
          $ref: '#/components/schemas/v1UpdateUserNameIntent'
        updateUserEmailIntent:
          $ref: '#/components/schemas/v1UpdateUserEmailIntent'
        updateUserPhoneNumberIntent:
          $ref: '#/components/schemas/v1UpdateUserPhoneNumberIntent'
        initFiatOnRampIntent:
          $ref: '#/components/schemas/v1InitFiatOnRampIntent'
        createSmartContractInterfaceIntent:
          $ref: '#/components/schemas/v1CreateSmartContractInterfaceIntent'
        deleteSmartContractInterfaceIntent:
          $ref: '#/components/schemas/v1DeleteSmartContractInterfaceIntent'
        enableAuthProxyIntent:
          $ref: '#/components/schemas/v1EnableAuthProxyIntent'
        disableAuthProxyIntent:
          $ref: '#/components/schemas/v1DisableAuthProxyIntent'
        updateAuthProxyConfigIntent:
          $ref: '#/components/schemas/v1UpdateAuthProxyConfigIntent'
        createOauth2CredentialIntent:
          $ref: '#/components/schemas/v1CreateOauth2CredentialIntent'
        updateOauth2CredentialIntent:
          $ref: '#/components/schemas/v1UpdateOauth2CredentialIntent'
        deleteOauth2CredentialIntent:
          $ref: '#/components/schemas/v1DeleteOauth2CredentialIntent'
        oauth2AuthenticateIntent:
          $ref: '#/components/schemas/v1Oauth2AuthenticateIntent'
        deleteWalletAccountsIntent:
          $ref: '#/components/schemas/v1DeleteWalletAccountsIntent'
        deletePoliciesIntent:
          $ref: '#/components/schemas/v1DeletePoliciesIntent'
        ethSendRawTransactionIntent:
          $ref: '#/components/schemas/v1EthSendRawTransactionIntent'
        ethSendTransactionIntent:
          $ref: '#/components/schemas/v1EthSendTransactionIntent'
        createFiatOnRampCredentialIntent:
          $ref: '#/components/schemas/v1CreateFiatOnRampCredentialIntent'
        updateFiatOnRampCredentialIntent:
          $ref: '#/components/schemas/v1UpdateFiatOnRampCredentialIntent'
        deleteFiatOnRampCredentialIntent:
          $ref: '#/components/schemas/v1DeleteFiatOnRampCredentialIntent'
        emailAuthIntentV3:
          $ref: '#/components/schemas/v1EmailAuthIntentV3'
        initUserEmailRecoveryIntentV2:
          $ref: '#/components/schemas/v1InitUserEmailRecoveryIntentV2'
        initOtpIntentV2:
          $ref: '#/components/schemas/v1InitOtpIntentV2'
        initOtpAuthIntentV3:
          $ref: '#/components/schemas/v1InitOtpAuthIntentV3'
        upsertGasUsageConfigIntent:
          $ref: '#/components/schemas/v1UpsertGasUsageConfigIntent'
        createTvcAppIntent:
          $ref: '#/components/schemas/v1CreateTvcAppIntent'
        createTvcDeploymentIntent:
          $ref: '#/components/schemas/v1CreateTvcDeploymentIntent'
        createTvcManifestApprovalsIntent:
          $ref: '#/components/schemas/v1CreateTvcManifestApprovalsIntent'
        solSendTransactionIntent:
          $ref: '#/components/schemas/v1SolSendTransactionIntent'
        initOtpIntentV3:
          $ref: '#/components/schemas/v1InitOtpIntentV3'
        verifyOtpIntentV2:
          $ref: '#/components/schemas/v1VerifyOtpIntentV2'
        otpLoginIntentV2:
          $ref: '#/components/schemas/v1OtpLoginIntentV2'
        updateOrganizationNameIntent:
          $ref: '#/components/schemas/v1UpdateOrganizationNameIntent'
        createSubOrganizationIntentV8:
          $ref: '#/components/schemas/v1CreateSubOrganizationIntentV8'
        createOauthProvidersIntentV2:
          $ref: '#/components/schemas/v1CreateOauthProvidersIntentV2'
        createUsersIntentV4:
          $ref: '#/components/schemas/v1CreateUsersIntentV4'
      description: >-
        Intent object crafted by 0xkey based on the user request, used to assess
        the permissibility of an action.
    v1Result:
      type: object
      properties:
        createOrganizationResult:
          $ref: '#/components/schemas/v1CreateOrganizationResult'
        createAuthenticatorsResult:
          $ref: '#/components/schemas/v1CreateAuthenticatorsResult'
        createUsersResult:
          $ref: '#/components/schemas/v1CreateUsersResult'
        createPrivateKeysResult:
          $ref: '#/components/schemas/v1CreatePrivateKeysResult'
        createInvitationsResult:
          $ref: '#/components/schemas/v1CreateInvitationsResult'
        acceptInvitationResult:
          $ref: '#/components/schemas/v1AcceptInvitationResult'
        signRawPayloadResult:
          $ref: '#/components/schemas/v1SignRawPayloadResult'
        createPolicyResult:
          $ref: '#/components/schemas/v1CreatePolicyResult'
        disablePrivateKeyResult:
          $ref: '#/components/schemas/v1DisablePrivateKeyResult'
        deleteUsersResult:
          $ref: '#/components/schemas/v1DeleteUsersResult'
        deleteAuthenticatorsResult:
          $ref: '#/components/schemas/v1DeleteAuthenticatorsResult'
        deleteInvitationResult:
          $ref: '#/components/schemas/v1DeleteInvitationResult'
        deleteOrganizationResult:
          $ref: '#/components/schemas/v1DeleteOrganizationResult'
        deletePolicyResult:
          $ref: '#/components/schemas/v1DeletePolicyResult'
        createUserTagResult:
          $ref: '#/components/schemas/v1CreateUserTagResult'
        deleteUserTagsResult:
          $ref: '#/components/schemas/v1DeleteUserTagsResult'
        signTransactionResult:
          $ref: '#/components/schemas/v1SignTransactionResult'
        deleteApiKeysResult:
          $ref: '#/components/schemas/v1DeleteApiKeysResult'
        createApiKeysResult:
          $ref: '#/components/schemas/v1CreateApiKeysResult'
        createPrivateKeyTagResult:
          $ref: '#/components/schemas/v1CreatePrivateKeyTagResult'
        deletePrivateKeyTagsResult:
          $ref: '#/components/schemas/v1DeletePrivateKeyTagsResult'
        setPaymentMethodResult:
          $ref: '#/components/schemas/billingSetPaymentMethodResult'
        activateBillingTierResult:
          $ref: '#/components/schemas/billingActivateBillingTierResult'
        deletePaymentMethodResult:
          $ref: '#/components/schemas/billingDeletePaymentMethodResult'
        createApiOnlyUsersResult:
          $ref: '#/components/schemas/v1CreateApiOnlyUsersResult'
        updateRootQuorumResult:
          $ref: '#/components/schemas/v1UpdateRootQuorumResult'
        updateUserTagResult:
          $ref: '#/components/schemas/v1UpdateUserTagResult'
        updatePrivateKeyTagResult:
          $ref: '#/components/schemas/v1UpdatePrivateKeyTagResult'
        createSubOrganizationResult:
          $ref: '#/components/schemas/v1CreateSubOrganizationResult'
        updateAllowedOriginsResult:
          $ref: '#/components/schemas/v1UpdateAllowedOriginsResult'
        createPrivateKeysResultV2:
          $ref: '#/components/schemas/v1CreatePrivateKeysResultV2'
        updateUserResult:
          $ref: '#/components/schemas/v1UpdateUserResult'
        updatePolicyResult:
          $ref: '#/components/schemas/v1UpdatePolicyResult'
        createSubOrganizationResultV3:
          $ref: '#/components/schemas/v1CreateSubOrganizationResultV3'
        createWalletResult:
          $ref: '#/components/schemas/v1CreateWalletResult'
        createWalletAccountsResult:
          $ref: '#/components/schemas/v1CreateWalletAccountsResult'
        initUserEmailRecoveryResult:
          $ref: '#/components/schemas/v1InitUserEmailRecoveryResult'
        recoverUserResult:
          $ref: '#/components/schemas/v1RecoverUserResult'
        setOrganizationFeatureResult:
          $ref: '#/components/schemas/v1SetOrganizationFeatureResult'
        removeOrganizationFeatureResult:
          $ref: '#/components/schemas/v1RemoveOrganizationFeatureResult'
        exportPrivateKeyResult:
          $ref: '#/components/schemas/v1ExportPrivateKeyResult'
        exportWalletResult:
          $ref: '#/components/schemas/v1ExportWalletResult'
        createSubOrganizationResultV4:
          $ref: '#/components/schemas/v1CreateSubOrganizationResultV4'
        emailAuthResult:
          $ref: '#/components/schemas/v1EmailAuthResult'
        exportWalletAccountResult:
          $ref: '#/components/schemas/v1ExportWalletAccountResult'
        initImportWalletResult:
          $ref: '#/components/schemas/v1InitImportWalletResult'
        importWalletResult:
          $ref: '#/components/schemas/v1ImportWalletResult'
        initImportPrivateKeyResult:
          $ref: '#/components/schemas/v1InitImportPrivateKeyResult'
        importPrivateKeyResult:
          $ref: '#/components/schemas/v1ImportPrivateKeyResult'
        createPoliciesResult:
          $ref: '#/components/schemas/v1CreatePoliciesResult'
        signRawPayloadsResult:
          $ref: '#/components/schemas/v1SignRawPayloadsResult'
        createReadOnlySessionResult:
          $ref: '#/components/schemas/v1CreateReadOnlySessionResult'
        createOauthProvidersResult:
          $ref: '#/components/schemas/v1CreateOauthProvidersResult'
        deleteOauthProvidersResult:
          $ref: '#/components/schemas/v1DeleteOauthProvidersResult'
        createSubOrganizationResultV5:
          $ref: '#/components/schemas/v1CreateSubOrganizationResultV5'
        oauthResult:
          $ref: '#/components/schemas/v1OauthResult'
        createReadWriteSessionResult:
          $ref: '#/components/schemas/v1CreateReadWriteSessionResult'
        createSubOrganizationResultV6:
          $ref: '#/components/schemas/v1CreateSubOrganizationResultV6'
        deletePrivateKeysResult:
          $ref: '#/components/schemas/v1DeletePrivateKeysResult'
        deleteWalletsResult:
          $ref: '#/components/schemas/v1DeleteWalletsResult'
        createReadWriteSessionResultV2:
          $ref: '#/components/schemas/v1CreateReadWriteSessionResultV2'
        deleteSubOrganizationResult:
          $ref: '#/components/schemas/v1DeleteSubOrganizationResult'
        initOtpAuthResult:
          $ref: '#/components/schemas/v1InitOtpAuthResult'
        otpAuthResult:
          $ref: '#/components/schemas/v1OtpAuthResult'
        createSubOrganizationResultV7:
          $ref: '#/components/schemas/v1CreateSubOrganizationResultV7'
        updateWalletResult:
          $ref: '#/components/schemas/v1UpdateWalletResult'
        updatePolicyResultV2:
          $ref: '#/components/schemas/v1UpdatePolicyResultV2'
        initOtpAuthResultV2:
          $ref: '#/components/schemas/v1InitOtpAuthResultV2'
        initOtpResult:
          $ref: '#/components/schemas/v1InitOtpResult'
        verifyOtpResult:
          $ref: '#/components/schemas/v1VerifyOtpResult'
        otpLoginResult:
          $ref: '#/components/schemas/v1OtpLoginResult'
        stampLoginResult:
          $ref: '#/components/schemas/v1StampLoginResult'
        oauthLoginResult:
          $ref: '#/components/schemas/v1OauthLoginResult'
        updateUserNameResult:
          $ref: '#/components/schemas/v1UpdateUserNameResult'
        updateUserEmailResult:
          $ref: '#/components/schemas/v1UpdateUserEmailResult'
        updateUserPhoneNumberResult:
          $ref: '#/components/schemas/v1UpdateUserPhoneNumberResult'
        initFiatOnRampResult:
          $ref: '#/components/schemas/v1InitFiatOnRampResult'
        createSmartContractInterfaceResult:
          $ref: '#/components/schemas/v1CreateSmartContractInterfaceResult'
        deleteSmartContractInterfaceResult:
          $ref: '#/components/schemas/v1DeleteSmartContractInterfaceResult'
        enableAuthProxyResult:
          $ref: '#/components/schemas/v1EnableAuthProxyResult'
        disableAuthProxyResult:
          $ref: '#/components/schemas/v1DisableAuthProxyResult'
        updateAuthProxyConfigResult:
          $ref: '#/components/schemas/v1UpdateAuthProxyConfigResult'
        createOauth2CredentialResult:
          $ref: '#/components/schemas/v1CreateOauth2CredentialResult'
        updateOauth2CredentialResult:
          $ref: '#/components/schemas/v1UpdateOauth2CredentialResult'
        deleteOauth2CredentialResult:
          $ref: '#/components/schemas/v1DeleteOauth2CredentialResult'
        oauth2AuthenticateResult:
          $ref: '#/components/schemas/v1Oauth2AuthenticateResult'
        deleteWalletAccountsResult:
          $ref: '#/components/schemas/v1DeleteWalletAccountsResult'
        deletePoliciesResult:
          $ref: '#/components/schemas/v1DeletePoliciesResult'
        ethSendRawTransactionResult:
          $ref: '#/components/schemas/v1EthSendRawTransactionResult'
        createFiatOnRampCredentialResult:
          $ref: '#/components/schemas/v1CreateFiatOnRampCredentialResult'
        updateFiatOnRampCredentialResult:
          $ref: '#/components/schemas/v1UpdateFiatOnRampCredentialResult'
        deleteFiatOnRampCredentialResult:
          $ref: '#/components/schemas/v1DeleteFiatOnRampCredentialResult'
        ethSendTransactionResult:
          $ref: '#/components/schemas/v1EthSendTransactionResult'
        upsertGasUsageConfigResult:
          $ref: '#/components/schemas/v1UpsertGasUsageConfigResult'
        createTvcAppResult:
          $ref: '#/components/schemas/v1CreateTvcAppResult'
        createTvcDeploymentResult:
          $ref: '#/components/schemas/v1CreateTvcDeploymentResult'
        createTvcManifestApprovalsResult:
          $ref: '#/components/schemas/v1CreateTvcManifestApprovalsResult'
        solSendTransactionResult:
          $ref: '#/components/schemas/v1SolSendTransactionResult'
        initOtpResultV2:
          $ref: '#/components/schemas/v1InitOtpResultV2'
        updateOrganizationNameResult:
          $ref: '#/components/schemas/v1UpdateOrganizationNameResult'
        createSubOrganizationResultV8:
          $ref: '#/components/schemas/v1CreateSubOrganizationResultV8'
        createOauthProvidersResultV2:
          $ref: '#/components/schemas/v1CreateOauthProvidersResultV2'
      description: Result of the intended action.
    v1Vote:
      type: object
      properties:
        id:
          type: string
          description: Unique identifier for a given Vote object.
        userId:
          type: string
          description: Unique identifier for a given User.
        user:
          $ref: '#/components/schemas/v1User'
        activityId:
          type: string
          description: Unique identifier for a given Activity object.
        selection:
          type: string
          enum:
            - VOTE_SELECTION_APPROVED
            - VOTE_SELECTION_REJECTED
        message:
          type: string
          description: The raw message being signed within a Vote.
        publicKey:
          type: string
          description: >-
            The public component of a cryptographic key pair used to sign
            messages and transactions.
        signature:
          type: string
          description: The signature applied to a particular vote.
        scheme:
          type: string
          description: Method used to produce a signature.
        createdAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
      description: >-
        Object representing a particular User's approval or rejection of a
        Consensus request, including all relevant metadata.
      required:
        - id
        - userId
        - user
        - activityId
        - selection
        - message
        - publicKey
        - signature
        - scheme
        - createdAt
    v1AppProof:
      type: object
      properties:
        scheme:
          $ref: '#/components/schemas/externaldatav1SignatureScheme'
        publicKey:
          type: string
          description: Ephemeral public key.
        proofPayload:
          type: string
          description: JSON serialized AppProofPayload.
        signature:
          type: string
          description: Signature over hashed proof_payload.
      required:
        - scheme
        - publicKey
        - proofPayload
        - signature
    externaldatav1Timestamp:
      type: object
      properties:
        seconds:
          type: string
          title: Stringified int
        nanos:
          type: string
          title: Stringified int
      required:
        - seconds
        - nanos
    v1CreateOrganizationIntent:
      type: object
      properties:
        organizationName:
          type: string
          description: Human-readable name for an Organization.
          title: '@inject_tag: validate:"required,tk_label_length"'
        rootEmail:
          type: string
          description: The root user's email address.
          title: '@inject_tag: validate:"required,email,tk_email"'
        rootAuthenticator:
          $ref: '#/components/schemas/v1AuthenticatorParams'
        rootUserId:
          type: string
          description: Unique identifier for the root user object.
          title: '@inject_tag: validate:"uuid"'
      required:
        - organizationName
        - rootEmail
        - rootAuthenticator
    v1CreateAuthenticatorsIntent:
      type: object
      properties:
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParams'
          description: A list of Authenticators.
          title: '@inject_tag: validate:"dive,required"'
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - authenticators
        - userId
    v1CreateUsersIntent:
      type: object
      properties:
        users:
          type: array
          items:
            $ref: '#/components/schemas/v1UserParams'
          description: A list of Users.
          title: '@inject_tag: validate:"required,dive,required"'
      required:
        - users
    v1CreatePrivateKeysIntent:
      type: object
      properties:
        privateKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1PrivateKeyParams'
          description: A list of Private Keys.
          title: '@inject_tag: validate:"dive,required"'
      required:
        - privateKeys
    v1SignRawPayloadIntent:
      type: object
      properties:
        privateKeyId:
          type: string
          description: Unique identifier for a given Private Key.
          title: '@inject_tag: validate:"required,uuid"'
        payload:
          type: string
          description: Raw unsigned payload to be signed.
          title: '@inject_tag: validate:"required"'
        encoding:
          $ref: '#/components/schemas/v1PayloadEncoding'
        hashFunction:
          $ref: '#/components/schemas/v1HashFunction'
      required:
        - privateKeyId
        - payload
        - encoding
        - hashFunction
    v1CreateInvitationsIntent:
      type: object
      properties:
        invitations:
          type: array
          items:
            $ref: '#/components/schemas/v1InvitationParams'
          description: A list of Invitations.
          title: '@inject_tag: validate:"required,dive,required"'
      required:
        - invitations
    v1AcceptInvitationIntent:
      type: object
      properties:
        invitationId:
          type: string
          description: Unique identifier for a given Invitation object.
          title: '@inject_tag: validate:"required,uuid"'
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
        authenticator:
          $ref: '#/components/schemas/v1AuthenticatorParams'
      required:
        - invitationId
        - userId
        - authenticator
    v1CreatePolicyIntent:
      type: object
      properties:
        policyName:
          type: string
          description: Human-readable name for a Policy.
          title: '@inject_tag: validate:"required,tk_label_length"'
        selectors:
          type: array
          items:
            $ref: '#/components/schemas/v1Selector'
          description: >-
            A list of simple functions each including a subject, target and
            boolean. See Policy Engine Language section for additional details.
          title: '@inject_tag: validate:"required,dive,required"'
        effect:
          $ref: '#/components/schemas/v1Effect'
        notes:
          type: string
      required:
        - policyName
        - selectors
        - effect
    v1DisablePrivateKeyIntent:
      type: object
      properties:
        privateKeyId:
          type: string
          description: Unique identifier for a given Private Key.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - privateKeyId
    v1DeleteUsersIntent:
      type: object
      properties:
        userIds:
          type: array
          items:
            type: string
          description: A list of User IDs.
          title: '@inject_tag: validate:"required,dive,required,uuid"'
      required:
        - userIds
    v1DeleteAuthenticatorsIntent:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
        authenticatorIds:
          type: array
          items:
            type: string
          description: A list of Authenticator IDs.
          title: '@inject_tag: validate:"required,dive,required,uuid"'
      required:
        - userId
        - authenticatorIds
    v1DeleteInvitationIntent:
      type: object
      properties:
        invitationId:
          type: string
          description: Unique identifier for a given Invitation object.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - invitationId
    v1DeleteOrganizationIntent:
      type: object
      properties:
        organizationId:
          type: string
          description: Unique identifier for a given Organization.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - organizationId
    v1DeletePolicyIntent:
      type: object
      properties:
        policyId:
          type: string
          description: Unique identifier for a given Policy.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - policyId
    v1CreateUserTagIntent:
      type: object
      properties:
        userTagName:
          type: string
          description: Human-readable name for a User Tag.
          title: '@inject_tag: validate:"required,tk_label,tk_label_length"'
        userIds:
          type: array
          items:
            type: string
          description: A list of User IDs.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - userTagName
        - userIds
    v1DeleteUserTagsIntent:
      type: object
      properties:
        userTagIds:
          type: array
          items:
            type: string
          description: A list of User Tag IDs.
          title: '@inject_tag: validate:"required,dive,required,uuid"'
      required:
        - userTagIds
    v1SignTransactionIntent:
      type: object
      properties:
        privateKeyId:
          type: string
          description: Unique identifier for a given Private Key.
          title: '@inject_tag: validate:"required,uuid"'
        unsignedTransaction:
          type: string
          description: Raw unsigned transaction to be signed by a particular Private Key.
          title: '@inject_tag: validate:"required"'
        type:
          $ref: '#/components/schemas/v1TransactionType'
      required:
        - privateKeyId
        - unsignedTransaction
        - type
    v1CreateApiKeysIntent:
      type: object
      properties:
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/apiApiKeyParams'
          description: A list of API Keys.
          title: '@inject_tag: validate:"dive,required"'
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - apiKeys
        - userId
    v1DeleteApiKeysIntent:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
        apiKeyIds:
          type: array
          items:
            type: string
          description: A list of API Key IDs.
          title: '@inject_tag: validate:"required,dive,required,uuid"'
      required:
        - userId
        - apiKeyIds
    v1ApproveActivityIntent:
      type: object
      properties:
        fingerprint:
          type: string
          description: An artifact verifying a User's action.
          title: '@inject_tag: validate:"required"'
      required:
        - fingerprint
    v1RejectActivityIntent:
      type: object
      properties:
        fingerprint:
          type: string
          description: An artifact verifying a User's action.
          title: '@inject_tag: validate:"required"'
      required:
        - fingerprint
    v1CreatePrivateKeyTagIntent:
      type: object
      properties:
        privateKeyTagName:
          type: string
          description: Human-readable name for a Private Key Tag.
          title: '@inject_tag: validate:"required,tk_label,tk_label_length"'
        privateKeyIds:
          type: array
          items:
            type: string
          description: A list of Private Key IDs.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - privateKeyTagName
        - privateKeyIds
    v1DeletePrivateKeyTagsIntent:
      type: object
      properties:
        privateKeyTagIds:
          type: array
          items:
            type: string
          description: A list of Private Key Tag IDs.
          title: '@inject_tag: validate:"required,dive,required,uuid"'
      required:
        - privateKeyTagIds
    v1CreatePolicyIntentV2:
      type: object
      properties:
        policyName:
          type: string
          description: Human-readable name for a Policy.
          title: '@inject_tag: validate:"required,tk_label_length"'
        selectors:
          type: array
          items:
            $ref: '#/components/schemas/v1SelectorV2'
          description: >-
            A list of simple functions each including a subject, target and
            boolean. See Policy Engine Language section for additional details.
          title: '@inject_tag: validate:"required,dive,required"'
        effect:
          $ref: '#/components/schemas/v1Effect'
        notes:
          type: string
      required:
        - policyName
        - selectors
        - effect
    billingSetPaymentMethodIntent:
      type: object
      properties:
        number:
          type: string
          description: The account number of the customer's credit card.
          title: '@inject_tag: validate:"required,max=16,numeric"'
        cvv:
          type: string
          description: The verification digits of the customer's credit card.
          title: '@inject_tag: validate:"required,max=4,numeric"'
        expiryMonth:
          type: string
          description: The month that the credit card expires.
          title: '@inject_tag: validate:"required,numeric,len=2"'
        expiryYear:
          type: string
          description: The year that the credit card expires.
          title: '@inject_tag: validate:"required,numeric,len=4"'
        cardHolderEmail:
          type: string
          description: The email that will receive invoices for the credit card.
          title: '@inject_tag: validate:"required,email,tk_email"'
        cardHolderName:
          type: string
          description: The name associated with the credit card.
          title: '@inject_tag: validate:"required,tk_label_length"'
      required:
        - number
        - cvv
        - expiryMonth
        - expiryYear
        - cardHolderEmail
        - cardHolderName
    billingActivateBillingTierIntent:
      type: object
      properties:
        productId:
          type: string
          description: The product that the customer wants to subscribe to.
          title: '@inject_tag: validate:"required"'
      required:
        - productId
    billingDeletePaymentMethodIntent:
      type: object
      properties:
        paymentMethodId:
          type: string
          description: The payment method that the customer wants to remove.
      required:
        - paymentMethodId
    v1CreatePolicyIntentV3:
      type: object
      properties:
        policyName:
          type: string
          description: Human-readable name for a Policy.
          title: '@inject_tag: validate:"required,tk_label,tk_label_length"'
        effect:
          $ref: '#/components/schemas/v1Effect'
        condition:
          type: string
          description: The condition expression that triggers the Effect
        consensus:
          type: string
          description: The consensus expression that triggers the Effect
        notes:
          type: string
          description: Notes for a Policy.
      required:
        - policyName
        - effect
        - notes
    v1CreateApiOnlyUsersIntent:
      type: object
      properties:
        apiOnlyUsers:
          type: array
          items:
            $ref: '#/components/schemas/v1ApiOnlyUserParams'
          description: A list of API-only Users to create.
          title: '@inject_tag: validate:"required,dive,required"'
      required:
        - apiOnlyUsers
    v1UpdateRootQuorumIntent:
      type: object
      properties:
        threshold:
          type: integer
          format: int32
          description: The threshold of unique approvals to reach quorum.
          title: '@inject_tag: validate:"required"'
        userIds:
          type: array
          items:
            type: string
          description: The unique identifiers of users who comprise the quorum set.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - threshold
        - userIds
    v1UpdateUserTagIntent:
      type: object
      properties:
        userTagId:
          type: string
          description: Unique identifier for a given User Tag.
          title: '@inject_tag: validate:"uuid"'
        newUserTagName:
          type: string
          description: The new, human-readable name for the tag with the given ID.
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        addUserIds:
          type: array
          items:
            type: string
          description: A list of User IDs to add this tag to.
          title: '@inject_tag: validate:"dive,uuid"'
        removeUserIds:
          type: array
          items:
            type: string
          description: A list of User IDs to remove this tag from.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - userTagId
        - addUserIds
        - removeUserIds
    v1UpdatePrivateKeyTagIntent:
      type: object
      properties:
        privateKeyTagId:
          type: string
          description: Unique identifier for a given Private Key Tag.
          title: '@inject_tag: validate:"uuid"'
        newPrivateKeyTagName:
          type: string
          description: The new, human-readable name for the tag with the given ID.
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        addPrivateKeyIds:
          type: array
          items:
            type: string
          description: A list of Private Keys IDs to add this tag to.
          title: '@inject_tag: validate:"dive,uuid"'
        removePrivateKeyIds:
          type: array
          items:
            type: string
          description: A list of Private Key IDs to remove this tag from.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - privateKeyTagId
        - addPrivateKeyIds
        - removePrivateKeyIds
    v1CreateAuthenticatorsIntentV2:
      type: object
      properties:
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: A list of Authenticators.
          title: '@inject_tag: validate:"dive,required"'
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - authenticators
        - userId
    v1AcceptInvitationIntentV2:
      type: object
      properties:
        invitationId:
          type: string
          description: Unique identifier for a given Invitation object.
          title: '@inject_tag: validate:"required,uuid"'
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
        authenticator:
          $ref: '#/components/schemas/v1AuthenticatorParamsV2'
      required:
        - invitationId
        - userId
        - authenticator
    v1CreateOrganizationIntentV2:
      type: object
      properties:
        organizationName:
          type: string
          description: Human-readable name for an Organization.
          title: '@inject_tag: validate:"required,tk_label,tk_label_length"'
        rootEmail:
          type: string
          description: The root user's email address.
          title: '@inject_tag: validate:"required,email,tk_email"'
        rootAuthenticator:
          $ref: '#/components/schemas/v1AuthenticatorParamsV2'
        rootUserId:
          type: string
          description: Unique identifier for the root user object.
          title: '@inject_tag: validate:"uuid"'
      required:
        - organizationName
        - rootEmail
        - rootAuthenticator
    v1CreateUsersIntentV2:
      type: object
      properties:
        users:
          type: array
          items:
            $ref: '#/components/schemas/v1UserParamsV2'
          description: A list of Users.
          title: '@inject_tag: validate:"required,dive,required"'
      required:
        - users
    v1CreateSubOrganizationIntent:
      type: object
      properties:
        name:
          type: string
          description: Name for this sub-organization
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        rootAuthenticator:
          $ref: '#/components/schemas/v1AuthenticatorParamsV2'
      required:
        - name
        - rootAuthenticator
    v1CreateSubOrganizationIntentV2:
      type: object
      properties:
        subOrganizationName:
          type: string
          description: Name for this sub-organization
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        rootUsers:
          type: array
          items:
            $ref: '#/components/schemas/v1RootUserParams'
          description: Root users to create within this sub-organization
          title: '@inject_tag: validate:"required,dive"'
        rootQuorumThreshold:
          type: integer
          format: int32
          description: >-
            The threshold of unique approvals to reach root quorum. This value
            must be less than or equal to the number of root users
          title: '@inject_tag: validate:"required"'
      required:
        - subOrganizationName
        - rootUsers
        - rootQuorumThreshold
    v1UpdateAllowedOriginsIntent:
      type: object
      properties:
        allowedOrigins:
          type: array
          items:
            type: string
          description: Additional origins requests are allowed from besides 0xkey origins
          title: '@inject_tag: validate:"required"'
      required:
        - allowedOrigins
    v1CreatePrivateKeysIntentV2:
      type: object
      properties:
        privateKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1PrivateKeyParams'
          description: A list of Private Keys.
          title: '@inject_tag: validate:"dive,required"'
      required:
        - privateKeys
    v1UpdateUserIntent:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"uuid"'
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        userTagIds:
          type: array
          items:
            type: string
          description: >-
            An updated list of User Tags to apply to this User. This field, if
            not needed, should be an empty array in your request body.
          title: '@inject_tag: validate:"omitempty,dive,uuid"'
        userPhoneNumber:
          type: string
          description: The user's phone number in E.164 format e.g. +13214567890
          title: '@inject_tag: validate:"omitempty,e164"'
      required:
        - userId
    v1UpdatePolicyIntent:
      type: object
      properties:
        policyId:
          type: string
          description: Unique identifier for a given Policy.
          title: '@inject_tag: validate:"uuid"'
        policyName:
          type: string
          description: Human-readable name for a Policy.
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        policyEffect:
          $ref: '#/components/schemas/v1Effect'
        policyCondition:
          type: string
          description: The condition expression that triggers the Effect (optional).
        policyConsensus:
          type: string
          description: The consensus expression that triggers the Effect (optional).
        policyNotes:
          type: string
          description: Accompanying notes for a Policy (optional).
      required:
        - policyId
    billingSetPaymentMethodIntentV2:
      type: object
      properties:
        paymentMethodId:
          type: string
          description: The id of the payment method that was created clientside.
          title: '@inject_tag: validate:"required,max=256"'
        cardHolderEmail:
          type: string
          description: The email that will receive invoices for the credit card.
          title: '@inject_tag: validate:"required,email,tk_email"'
        cardHolderName:
          type: string
          description: The name associated with the credit card.
          title: '@inject_tag: validate:"required,tk_label_length"'
      required:
        - paymentMethodId
        - cardHolderEmail
        - cardHolderName
    v1CreateSubOrganizationIntentV3:
      type: object
      properties:
        subOrganizationName:
          type: string
          description: Name for this sub-organization
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        rootUsers:
          type: array
          items:
            $ref: '#/components/schemas/v1RootUserParams'
          description: Root users to create within this sub-organization
          title: '@inject_tag: validate:"required,dive"'
        rootQuorumThreshold:
          type: integer
          format: int32
          description: >-
            The threshold of unique approvals to reach root quorum. This value
            must be less than or equal to the number of root users
          title: '@inject_tag: validate:"required"'
        privateKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1PrivateKeyParams'
          description: A list of Private Keys.
          title: '@inject_tag: validate:"dive,required"'
      required:
        - subOrganizationName
        - rootUsers
        - rootQuorumThreshold
        - privateKeys
    v1CreateWalletIntent:
      type: object
      properties:
        walletName:
          type: string
          description: Human-readable name for a Wallet.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        accounts:
          type: array
          items:
            $ref: '#/components/schemas/v1WalletAccountParams'
          description: >-
            A list of wallet Accounts. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive,required"'
        mnemonicLength:
          type: integer
          format: int32
          description: >-
            Length of mnemonic to generate the Wallet seed. Defaults to 12.
            Accepted values: 12, 15, 18, 21, 24.
          title: '@inject_tag: validate:"omitempty"'
      required:
        - walletName
        - accounts
    v1CreateWalletAccountsIntent:
      type: object
      properties:
        walletId:
          type: string
          description: Unique identifier for a given Wallet.
          title: '@inject_tag: validate:"required,uuid"'
        accounts:
          type: array
          items:
            $ref: '#/components/schemas/v1WalletAccountParams'
          description: A list of wallet Accounts.
          title: '@inject_tag: validate:"dive,required"'
        persist:
          type: boolean
          description: >-
            Indicates if the wallet accounts should be persisted. This is
            helpful if you'd like to see the addresses of different derivation
            paths without actually creating the accounts. Defaults to true.
      required:
        - walletId
        - accounts
    v1InitUserEmailRecoveryIntent:
      type: object
      properties:
        email:
          type: string
          description: Email of the user starting recovery
          title: '@inject_tag: validate:"email,tk_email"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the recovery
            bundle will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the recovery
            credential is valid for. If not provided, a default of 15 minutes
            will be used.
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParams'
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the OTP email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - email
        - targetPublicKey
    v1RecoverUserIntent:
      type: object
      properties:
        authenticator:
          $ref: '#/components/schemas/v1AuthenticatorParamsV2'
        userId:
          type: string
          description: Unique identifier for the user performing recovery.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - authenticator
        - userId
    v1SetOrganizationFeatureIntent:
      type: object
      properties:
        name:
          $ref: '#/components/schemas/v1FeatureName'
        value:
          type: string
          description: >-
            Optional value for the feature. Will override existing values if
            feature is already set.
      required:
        - name
        - value
    v1RemoveOrganizationFeatureIntent:
      type: object
      properties:
        name:
          $ref: '#/components/schemas/v1FeatureName'
      required:
        - name
    v1SignRawPayloadIntentV2:
      type: object
      properties:
        signWith:
          type: string
          description: >-
            A Wallet account address, Private Key address, or Private Key
            identifier.
          title: '@inject_tag: validate:"required"'
        payload:
          type: string
          description: Raw unsigned payload to be signed.
          title: '@inject_tag: validate:"required"'
        encoding:
          $ref: '#/components/schemas/v1PayloadEncoding'
        hashFunction:
          $ref: '#/components/schemas/v1HashFunction'
      required:
        - signWith
        - payload
        - encoding
        - hashFunction
    v1SignTransactionIntentV2:
      type: object
      properties:
        signWith:
          type: string
          description: >-
            A Wallet account address, Private Key address, or Private Key
            identifier.
          title: '@inject_tag: validate:"required"'
        unsignedTransaction:
          type: string
          description: Raw unsigned transaction to be signed
          title: '@inject_tag: validate:"required"'
        type:
          $ref: '#/components/schemas/v1TransactionType'
      required:
        - signWith
        - unsignedTransaction
        - type
    v1ExportPrivateKeyIntent:
      type: object
      properties:
        privateKeyId:
          type: string
          description: Unique identifier for a given Private Key.
          title: '@inject_tag: validate:"required,uuid"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the export
            bundle will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
      required:
        - privateKeyId
        - targetPublicKey
    v1ExportWalletIntent:
      type: object
      properties:
        walletId:
          type: string
          description: Unique identifier for a given Wallet.
          title: '@inject_tag: validate:"required,uuid"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the export
            bundle will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
        language:
          $ref: '#/components/schemas/v1MnemonicLanguage'
      required:
        - walletId
        - targetPublicKey
    v1CreateSubOrganizationIntentV4:
      type: object
      properties:
        subOrganizationName:
          type: string
          description: Name for this sub-organization
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        rootUsers:
          type: array
          items:
            $ref: '#/components/schemas/v1RootUserParams'
          description: Root users to create within this sub-organization
          title: '@inject_tag: validate:"required,dive"'
        rootQuorumThreshold:
          type: integer
          format: int32
          description: >-
            The threshold of unique approvals to reach root quorum. This value
            must be less than or equal to the number of root users
          title: '@inject_tag: validate:"required"'
        wallet:
          $ref: '#/components/schemas/v1WalletParams'
        disableEmailRecovery:
          type: boolean
          description: Disable email recovery for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableEmailAuth:
          type: boolean
          description: Disable email auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
      required:
        - subOrganizationName
        - rootUsers
        - rootQuorumThreshold
    v1EmailAuthIntent:
      type: object
      properties:
        email:
          type: string
          description: Email of the authenticating user.
          title: '@inject_tag: validate:"email,tk_email"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the email
            auth bundle (credentials) will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
        apiKeyName:
          type: string
          description: >-
            Optional human-readable name for an API Key. If none provided,
            default to Email Auth - <Timestamp>
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the API key is
            valid for. If not provided, a default of 15 minutes will be used.
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParams'
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated Email Auth API keys
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - email
        - targetPublicKey
    v1ExportWalletAccountIntent:
      type: object
      properties:
        address:
          type: string
          description: Address to identify Wallet Account.
          title: '@inject_tag: validate:"required"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the export
            bundle will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
      required:
        - address
        - targetPublicKey
    v1InitImportWalletIntent:
      type: object
      properties:
        userId:
          type: string
          description: The ID of the User importing a Wallet.
      required:
        - userId
    v1ImportWalletIntent:
      type: object
      properties:
        userId:
          type: string
          description: The ID of the User importing a Wallet.
          title: '@inject_tag: validate:"required,uuid"'
        walletName:
          type: string
          description: Human-readable name for a Wallet.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        encryptedBundle:
          type: string
          description: >-
            Bundle containing a wallet mnemonic encrypted to the enclave's
            target public key.
          title: '@inject_tag: validate:"required"'
        accounts:
          type: array
          items:
            $ref: '#/components/schemas/v1WalletAccountParams'
          description: A list of wallet Accounts.
          title: '@inject_tag: validate:"dive,required"'
      required:
        - userId
        - walletName
        - encryptedBundle
        - accounts
    v1InitImportPrivateKeyIntent:
      type: object
      properties:
        userId:
          type: string
          description: The ID of the User importing a Private Key.
      required:
        - userId
    v1ImportPrivateKeyIntent:
      type: object
      properties:
        userId:
          type: string
          description: The ID of the User importing a Private Key.
          title: '@inject_tag: validate:"required,uuid"'
        privateKeyName:
          type: string
          description: Human-readable name for a Private Key.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        encryptedBundle:
          type: string
          description: >-
            Bundle containing a raw private key encrypted to the enclave's
            target public key.
          title: '@inject_tag: validate:"required"'
        curve:
          $ref: '#/components/schemas/v1Curve'
        addressFormats:
          type: array
          items:
            $ref: '#/components/schemas/v1AddressFormat'
          description: >-
            Cryptocurrency-specific formats for a derived address (e.g.,
            Ethereum).
          title: '@inject_tag: validate:"dive"'
      required:
        - userId
        - privateKeyName
        - encryptedBundle
        - curve
        - addressFormats
    v1CreatePoliciesIntent:
      type: object
      properties:
        policies:
          type: array
          items:
            $ref: '#/components/schemas/v1CreatePolicyIntentV3'
          description: An array of policy intents to be created.
          title: '@inject_tag: validate:"dive"'
      required:
        - policies
    v1SignRawPayloadsIntent:
      type: object
      properties:
        signWith:
          type: string
          description: >-
            A Wallet account address, Private Key address, or Private Key
            identifier.
          title: '@inject_tag: validate:"required"'
        payloads:
          type: array
          items:
            type: string
          description: An array of raw unsigned payloads to be signed.
          title: '@inject_tag: validate:"required"'
        encoding:
          $ref: '#/components/schemas/v1PayloadEncoding'
        hashFunction:
          $ref: '#/components/schemas/v1HashFunction'
      required:
        - signWith
        - payloads
        - encoding
        - hashFunction
    v1CreateReadOnlySessionIntent:
      type: object
    v1CreateOauthProvidersIntent:
      type: object
      properties:
        userId:
          type: string
          description: The ID of the User to add an Oauth provider to
          title: '@inject_tag: validate:"required,uuid"'
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProviderParams'
          description: A list of Oauth providers.
          title: '@inject_tag: validate:"required,dive,required"'
      required:
        - userId
        - oauthProviders
    v1DeleteOauthProvidersIntent:
      type: object
      properties:
        userId:
          type: string
          description: The ID of the User to remove an Oauth provider from
          title: '@inject_tag: validate:"required,uuid"'
        providerIds:
          type: array
          items:
            type: string
          description: Unique identifier for a given Provider.
          title: '@inject_tag: validate:"dive,required,uuid"'
      required:
        - userId
        - providerIds
    v1CreateSubOrganizationIntentV5:
      type: object
      properties:
        subOrganizationName:
          type: string
          description: Name for this sub-organization
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        rootUsers:
          type: array
          items:
            $ref: '#/components/schemas/v1RootUserParamsV2'
          description: Root users to create within this sub-organization
          title: '@inject_tag: validate:"required,dive"'
        rootQuorumThreshold:
          type: integer
          format: int32
          description: >-
            The threshold of unique approvals to reach root quorum. This value
            must be less than or equal to the number of root users
          title: '@inject_tag: validate:"required"'
        wallet:
          $ref: '#/components/schemas/v1WalletParams'
        disableEmailRecovery:
          type: boolean
          description: Disable email recovery for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableEmailAuth:
          type: boolean
          description: Disable email auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
      required:
        - subOrganizationName
        - rootUsers
        - rootQuorumThreshold
    v1OauthIntent:
      type: object
      properties:
        oidcToken:
          type: string
          description: Base64 encoded OIDC token
          title: '@inject_tag: validate:"required"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the oauth
            bundle (credentials) will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
        apiKeyName:
          type: string
          description: >-
            Optional human-readable name for an API Key. If none provided,
            default to Oauth - <Timestamp>
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the API key is
            valid for. If not provided, a default of 15 minutes will be used.
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated Oauth API keys
      required:
        - oidcToken
        - targetPublicKey
    v1CreateApiKeysIntentV2:
      type: object
      properties:
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1ApiKeyParamsV2'
          description: A list of API Keys.
          title: '@inject_tag: validate:"dive,required"'
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - apiKeys
        - userId
    v1CreateReadWriteSessionIntent:
      type: object
      properties:
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the read
            write session bundle (credentials) will be encrypted.
        email:
          type: string
          description: Email of the user to create a read write session for
          title: '@inject_tag: validate:"email,tk_email"'
        apiKeyName:
          type: string
          description: >-
            Optional human-readable name for an API Key. If none provided,
            default to Read Write Session - <Timestamp>
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the API key is
            valid for. If not provided, a default of 15 minutes will be used.
      required:
        - targetPublicKey
        - email
    v1EmailAuthIntentV2:
      type: object
      properties:
        email:
          type: string
          description: Email of the authenticating user.
          title: '@inject_tag: validate:"email,tk_email"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the email
            auth bundle (credentials) will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
        apiKeyName:
          type: string
          description: >-
            Optional human-readable name for an API Key. If none provided,
            default to Email Auth - <Timestamp>
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the API key is
            valid for. If not provided, a default of 15 minutes will be used.
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParams'
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated Email Auth API keys
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - email
        - targetPublicKey
    v1CreateSubOrganizationIntentV6:
      type: object
      properties:
        subOrganizationName:
          type: string
          description: Name for this sub-organization
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        rootUsers:
          type: array
          items:
            $ref: '#/components/schemas/v1RootUserParamsV3'
          description: Root users to create within this sub-organization
          title: '@inject_tag: validate:"required,dive"'
        rootQuorumThreshold:
          type: integer
          format: int32
          description: >-
            The threshold of unique approvals to reach root quorum. This value
            must be less than or equal to the number of root users
          title: '@inject_tag: validate:"required"'
        wallet:
          $ref: '#/components/schemas/v1WalletParams'
        disableEmailRecovery:
          type: boolean
          description: Disable email recovery for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableEmailAuth:
          type: boolean
          description: Disable email auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
      required:
        - subOrganizationName
        - rootUsers
        - rootQuorumThreshold
    v1DeletePrivateKeysIntent:
      type: object
      properties:
        privateKeyIds:
          type: array
          items:
            type: string
          description: List of unique identifiers for private keys within an organization
          title: '@inject_tag: validate:"required,dive,uuid"'
        deleteWithoutExport:
          type: boolean
          description: >-
            Optional parameter for deleting the private keys, even if any have
            not been previously exported. If they have been exported, this field
            is ignored.
      required:
        - privateKeyIds
    v1DeleteWalletsIntent:
      type: object
      properties:
        walletIds:
          type: array
          items:
            type: string
          description: List of unique identifiers for wallets within an organization
          title: '@inject_tag: validate:"required,dive,uuid"'
        deleteWithoutExport:
          type: boolean
          description: >-
            Optional parameter for deleting the wallets, even if any have not
            been previously exported. If they have been exported, this field is
            ignored.
      required:
        - walletIds
    v1CreateReadWriteSessionIntentV2:
      type: object
      properties:
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the read
            write session bundle (credentials) will be encrypted.
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"omitempty,uuid"'
        apiKeyName:
          type: string
          description: >-
            Optional human-readable name for an API Key. If none provided,
            default to Read Write Session - <Timestamp>
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the API key is
            valid for. If not provided, a default of 15 minutes will be used.
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated ReadWriteSession API keys
      required:
        - targetPublicKey
    v1DeleteSubOrganizationIntent:
      type: object
      properties:
        deleteWithoutExport:
          type: boolean
          description: >-
            Sub-organization deletion, by default, requires associated wallets
            and private keys to be exported for security reasons. Set this
            boolean to true to force sub-organization deletion even if some
            wallets or private keys within it have not been exported yet.
            Default: false.
    v1InitOtpAuthIntent:
      type: object
      properties:
        otpType:
          type: string
          description: Enum to specifiy whether to send OTP via SMS or email
          title: '@inject_tag: validate:"required,oneof=OTP_TYPE_SMS OTP_TYPE_EMAIL"'
        contact:
          type: string
          description: Email or phone number to send the OTP code to
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParams'
        smsCustomization:
          $ref: '#/components/schemas/v1SmsCustomizationParams'
        userIdentifier:
          type: string
          description: >-
            Optional client-generated user identifier to enable per-user rate
            limiting for SMS auth. We recommend using a hash of the client-side
            IP address.
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the OTP email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - otpType
        - contact
    v1OtpAuthIntent:
      type: object
      properties:
        otpId:
          type: string
          description: ID representing the result of an init OTP activity.
          title: '@inject_tag: validate:"required"'
        otpCode:
          type: string
          description: OTP sent out to a user's contact (email or SMS)
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the OTP
            bundle (credentials) will be encrypted.
          title: '@inject_tag: validate:"omitempty,hexadecimal"'
        apiKeyName:
          type: string
          description: >-
            Optional human-readable name for an API Key. If none provided,
            default to OTP Auth - <Timestamp>
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the API key is
            valid for. If not provided, a default of 15 minutes will be used.
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated OTP Auth API keys
      required:
        - otpId
        - otpCode
        - targetPublicKey
    v1CreateSubOrganizationIntentV7:
      type: object
      properties:
        subOrganizationName:
          type: string
          description: Name for this sub-organization
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        rootUsers:
          type: array
          items:
            $ref: '#/components/schemas/v1RootUserParamsV4'
          description: Root users to create within this sub-organization
          title: '@inject_tag: validate:"required,dive"'
        rootQuorumThreshold:
          type: integer
          format: int32
          description: >-
            The threshold of unique approvals to reach root quorum. This value
            must be less than or equal to the number of root users
          title: '@inject_tag: validate:"required"'
        wallet:
          $ref: '#/components/schemas/v1WalletParams'
        disableEmailRecovery:
          type: boolean
          description: Disable email recovery for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableEmailAuth:
          type: boolean
          description: Disable email auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableSmsAuth:
          type: boolean
          description: Disable OTP SMS auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableOtpEmailAuth:
          type: boolean
          description: Disable OTP email auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        verificationToken:
          type: string
          description: >-
            Signed JWT containing a unique id, expiry, verification type,
            contact
        clientSignature:
          $ref: '#/components/schemas/v1ClientSignature'
      required:
        - subOrganizationName
        - rootUsers
        - rootQuorumThreshold
    v1UpdateWalletIntent:
      type: object
      properties:
        walletId:
          type: string
          description: Unique identifier for a given Wallet.
          title: '@inject_tag: validate:"uuid"'
        walletName:
          type: string
          description: Human-readable name for a Wallet.
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
      required:
        - walletId
    v1UpdatePolicyIntentV2:
      type: object
      properties:
        policyId:
          type: string
          description: Unique identifier for a given Policy.
          title: '@inject_tag: validate:"uuid"'
        policyName:
          type: string
          description: Human-readable name for a Policy.
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        policyEffect:
          $ref: '#/components/schemas/v1Effect'
        policyCondition:
          type: string
          description: The condition expression that triggers the Effect (optional).
        policyConsensus:
          type: string
          description: The consensus expression that triggers the Effect (optional).
        policyNotes:
          type: string
          description: Accompanying notes for a Policy (optional).
      required:
        - policyId
    v1CreateUsersIntentV3:
      type: object
      properties:
        users:
          type: array
          items:
            $ref: '#/components/schemas/v1UserParamsV3'
          description: A list of Users.
          title: '@inject_tag: validate:"required,dive,required"'
      required:
        - users
    v1InitOtpAuthIntentV2:
      type: object
      properties:
        otpType:
          type: string
          description: Enum to specifiy whether to send OTP via SMS or email
          title: '@inject_tag: validate:"required,oneof=OTP_TYPE_SMS OTP_TYPE_EMAIL"'
        contact:
          type: string
          description: Email or phone number to send the OTP code to
        otpLength:
          type: integer
          format: int32
          description: Optional length of the OTP code. Default = 9
          title: '@inject_tag: validate:"omitempty,min=6,max=9"'
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParams'
        smsCustomization:
          $ref: '#/components/schemas/v1SmsCustomizationParams'
        userIdentifier:
          type: string
          description: >-
            Optional client-generated user identifier to enable per-user rate
            limiting for SMS auth. We recommend using a hash of the client-side
            IP address.
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the OTP email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        alphanumeric:
          type: boolean
          description: >-
            Optional flag to specify if the OTP code should be alphanumeric
            (Crockford’s Base32). Default = true
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - otpType
        - contact
    v1InitOtpIntent:
      type: object
      properties:
        otpType:
          type: string
          description: >-
            Whether to send OTP via SMS or email. Possible values: OTP_TYPE_SMS,
            OTP_TYPE_EMAIL
          title: '@inject_tag: validate:"required,oneof=OTP_TYPE_SMS OTP_TYPE_EMAIL"'
        contact:
          type: string
          description: Email or phone number to send the OTP code to
        otpLength:
          type: integer
          format: int32
          description: Optional length of the OTP code. Default = 9
          title: '@inject_tag: validate:"omitempty,min=6,max=9"'
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParams'
        smsCustomization:
          $ref: '#/components/schemas/v1SmsCustomizationParams'
        userIdentifier:
          type: string
          description: >-
            Optional client-generated user identifier to enable per-user rate
            limiting for SMS auth. We recommend using a hash of the client-side
            IP address.
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the OTP email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        alphanumeric:
          type: boolean
          description: >-
            Optional flag to specify if the OTP code should be alphanumeric
            (Crockford’s Base32). Default = true
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the OTP is valid
            for. If not provided, a default of 5 minutes will be used. Maximum
            value is 600 seconds (10 minutes)
          title: '@inject_tag: validate:"omitempty,numeric,max=600"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - otpType
        - contact
    v1VerifyOtpIntent:
      type: object
      properties:
        otpId:
          type: string
          description: ID representing the result of an init OTP activity.
          title: '@inject_tag: validate:"required"'
        otpCode:
          type: string
          description: OTP sent out to a user's contact (email or SMS)
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the verification
            token is valid for. If not provided, a default of 1 hour will be
            used. Maximum value is 86400 seconds (24 hours)
          title: '@inject_tag: validate:"omitempty,numeric,max=86400"'
        publicKey:
          type: string
          description: >-
            Client-side public key generated by the user, which will be added to
            the JWT response and verified in subsequent requests via a client
            proof signature
          title: '@inject_tag: validate:"omitempty,hexadecimal"'
      required:
        - otpId
        - otpCode
    v1OtpLoginIntent:
      type: object
      properties:
        verificationToken:
          type: string
          description: >-
            Signed JWT containing a unique id, expiry, verification type,
            contact
        publicKey:
          type: string
          description: >-
            Client-side public key generated by the user, which will be
            conditionally added to org data based on the validity of the
            verification token
          title: '@inject_tag: validate:"omitempty,hexadecimal"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the Session is
            valid for. If not provided, a default of 15 minutes will be used.
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated Login API keys
        clientSignature:
          $ref: '#/components/schemas/v1ClientSignature'
      required:
        - verificationToken
        - publicKey
    v1StampLoginIntent:
      type: object
      properties:
        publicKey:
          type: string
          description: >-
            Client-side public key generated by the user, which will be
            conditionally added to org data based on the passkey stamp
            associated with this request
          title: '@inject_tag: validate:"omitempty,hexadecimal"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the Session is
            valid for. If not provided, a default of 15 minutes will be used.
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated Login API keys
      required:
        - publicKey
    v1OauthLoginIntent:
      type: object
      properties:
        oidcToken:
          type: string
          description: Base64 encoded OIDC token
          title: '@inject_tag: validate:"required"'
        publicKey:
          type: string
          description: >-
            Client-side public key generated by the user, which will be
            conditionally added to org data based on the validity of the oidc
            token associated with this request
          title: '@inject_tag: validate:"omitempty,hexadecimal"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the Session is
            valid for. If not provided, a default of 15 minutes will be used.
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated Login API keys
      required:
        - oidcToken
        - publicKey
    v1UpdateUserNameIntent:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"uuid"'
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label,tk_label_length"'
      required:
        - userId
        - userName
    v1UpdateUserEmailIntent:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"uuid"'
        userEmail:
          type: string
          description: >-
            The user's email address. Setting this to an empty string will
            remove the user's email.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        verificationToken:
          type: string
          description: >-
            Signed JWT containing a unique id, expiry, verification type,
            contact
      required:
        - userId
        - userEmail
    v1InitFiatOnRampIntent:
      type: object
      properties:
        onrampProvider:
          $ref: '#/components/schemas/v1FiatOnRampProvider'
        walletAddress:
          type: string
          description: Destination wallet address for the buy transaction.
          title: '@inject_tag: validate:"required"'
        network:
          $ref: '#/components/schemas/v1FiatOnRampBlockchainNetwork'
        cryptoCurrencyCode:
          $ref: '#/components/schemas/v1FiatOnRampCryptoCurrency'
        fiatCurrencyCode:
          $ref: '#/components/schemas/v1FiatOnRampCurrency'
        fiatCurrencyAmount:
          type: string
          description: >-
            Specifies a preset fiat amount for the transaction, e.g., '100'.
            Must be greater than '20'. If not provided, the user will be
            prompted to enter an amount.
        paymentMethod:
          $ref: '#/components/schemas/v1FiatOnRampPaymentMethod'
        countryCode:
          type: string
          description: >-
            ISO 3166-1 two-digit country code for Coinbase representing the
            purchasing user’s country of residence, e.g., US, GB.
        countrySubdivisionCode:
          type: string
          description: >-
            ISO 3166-2 two-digit country subdivision code for Coinbase
            representing the purchasing user’s subdivision of residence within
            their country, e.g. NY. Required if country_code=US.
        sandboxMode:
          type: boolean
          description: >-
            Optional flag to indicate whether to use the sandbox mode to
            simulate transactions for the on-ramp provider. Default is false.
        urlForSignature:
          type: string
          description: >-
            Optional MoonPay Widget URL to sign when using MoonPay client SDKs
            with URL Signing enabled.
      required:
        - onrampProvider
        - walletAddress
        - network
        - cryptoCurrencyCode
    v1CreateSmartContractInterfaceIntent:
      type: object
      properties:
        smartContractAddress:
          type: string
          description: Corresponding contract address or program ID
          title: '@inject_tag: validate:"required"'
        smartContractInterface:
          type: string
          description: ABI/IDL as a JSON string. Limited to 400kb
          title: '@inject_tag: validate:"required,tk_max_length=400000"'
        type:
          $ref: '#/components/schemas/v1SmartContractInterfaceType'
        label:
          type: string
          description: Human-readable name for a Smart Contract Interface.
          title: '@inject_tag: validate:"required,tk_label,tk_label_length"'
        notes:
          type: string
          description: Notes for a Smart Contract Interface.
      required:
        - smartContractAddress
        - smartContractInterface
        - type
        - label
    v1DeleteSmartContractInterfaceIntent:
      type: object
      properties:
        smartContractInterfaceId:
          type: string
          description: The ID of a Smart Contract Interface intended for deletion.
          title: '@inject_tag: validate:"required"'
      required:
        - smartContractInterfaceId
    v1EnableAuthProxyIntent:
      type: object
    v1DisableAuthProxyIntent:
      type: object
    v1UpdateAuthProxyConfigIntent:
      type: object
      properties:
        allowedOrigins:
          type: array
          items:
            type: string
          description: Updated list of allowed origins for CORS.
          title: '@inject_tag: validate:"omitempty,dive"'
        allowedAuthMethods:
          type: array
          items:
            type: string
          description: Updated list of allowed proxy authentication methods.
          title: '@inject_tag: validate:"omitempty,dive"'
        sendFromEmailAddress:
          type: string
          description: Custom 'from' address for auth-related emails.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        replyToEmailAddress:
          type: string
          description: Custom reply-to address for auth-related emails.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        emailAuthTemplateId:
          type: string
          description: Template ID for email-auth messages.
          title: '@inject_tag: validate:"omitempty"'
        otpTemplateId:
          type: string
          description: Template ID for OTP SMS messages.
          title: '@inject_tag: validate:"omitempty,uuid"'
        emailCustomizationParams:
          $ref: '#/components/schemas/v1EmailCustomizationParams'
        smsCustomizationParams:
          $ref: '#/components/schemas/v1SmsCustomizationParams'
        walletKitSettings:
          $ref: '#/components/schemas/v1WalletKitSettingsParams'
        otpExpirationSeconds:
          type: integer
          format: int32
          description: OTP code lifetime in seconds.
          title: '@inject_tag: validate:"omitempty,numeric"'
        verificationTokenExpirationSeconds:
          type: integer
          format: int32
          description: Verification-token lifetime in seconds.
          title: '@inject_tag: validate:"omitempty,numeric"'
        sessionExpirationSeconds:
          type: integer
          format: int32
          description: Session lifetime in seconds.
          title: '@inject_tag: validate:"omitempty,numeric"'
        otpAlphanumeric:
          type: boolean
          description: Enable alphanumeric OTP codes.
          title: '@inject_tag: validate:"omitempty"'
        otpLength:
          type: integer
          format: int32
          description: Desired OTP code length (6–9).
          title: '@inject_tag: validate:"omitempty,numeric,min=6,max=9"'
        sendFromEmailSenderName:
          type: string
          description: Custom 'from' email sender for auth-related emails.
        verificationTokenRequiredForGetAccountPii:
          type: boolean
          description: >-
            Verification token required for get account with PII (email/phone
            number). Default false.
          title: '@inject_tag: validate:"omitempty"'
    v1CreateOauth2CredentialIntent:
      type: object
      properties:
        provider:
          $ref: '#/components/schemas/v1Oauth2Provider'
        clientId:
          type: string
          description: The Client ID issued by the OAuth 2.0 provider
          title: '@inject_tag: validate:"required"'
        encryptedClientSecret:
          type: string
          description: >-
            The client secret issued by the OAuth 2.0 provider encrypted to the
            TLS Fetcher quorum key
          title: '@inject_tag: validate:"required"'
      required:
        - provider
        - clientId
        - encryptedClientSecret
    v1UpdateOauth2CredentialIntent:
      type: object
      properties:
        oauth2CredentialId:
          type: string
          description: The ID of the OAuth 2.0 credential to update
          title: '@inject_tag: validate:"required"'
        provider:
          $ref: '#/components/schemas/v1Oauth2Provider'
        clientId:
          type: string
          description: The Client ID issued by the OAuth 2.0 provider
          title: '@inject_tag: validate:"required"'
        encryptedClientSecret:
          type: string
          description: >-
            The client secret issued by the OAuth 2.0 provider encrypted to the
            TLS Fetcher quorum key
          title: '@inject_tag: validate:"required"'
      required:
        - oauth2CredentialId
        - provider
        - clientId
        - encryptedClientSecret
    v1DeleteOauth2CredentialIntent:
      type: object
      properties:
        oauth2CredentialId:
          type: string
          description: The ID of the OAuth 2.0 credential to delete
          title: '@inject_tag: validate:"required"'
      required:
        - oauth2CredentialId
    v1Oauth2AuthenticateIntent:
      type: object
      properties:
        oauth2CredentialId:
          type: string
          description: >-
            The OAuth 2.0 credential id whose client_id and client_secret will
            be used in the OAuth 2.0 flow
          title: '@inject_tag: validate:"required"'
        authCode:
          type: string
          description: >-
            The auth_code provided by the OAuth 2.0 provider to the end user to
            be exchanged for a Bearer token in the OAuth 2.0 flow
          title: '@inject_tag: validate:"required"'
        redirectUri:
          type: string
          description: >-
            The URI the user is redirected to after they have authenticated with
            the OAuth 2.0 provider
          title: '@inject_tag: validate:"required"'
        codeVerifier:
          type: string
          description: The code verifier used by OAuth 2.0 PKCE providers
          title: '@inject_tag: validate:"required"'
        nonce:
          type: string
          description: >-
            An optional nonce used by the client to prevent replay/substitution
            of an ID token
        bearerTokenTargetPublicKey:
          type: string
          description: >-
            An optional P256 public key to which, if provided, the bearer token
            will be encrypted and returned via the `encrypted_bearer_token`
            claim of the OIDC Token
      required:
        - oauth2CredentialId
        - authCode
        - redirectUri
        - codeVerifier
    v1DeleteWalletAccountsIntent:
      type: object
      properties:
        walletAccountIds:
          type: array
          items:
            type: string
          description: >-
            List of unique identifiers for wallet accounts within an
            organization
          title: '@inject_tag: validate:"required,dive,uuid"'
        deleteWithoutExport:
          type: boolean
          description: >-
            Optional parameter for deleting the wallet accounts, even if any
            have not been previously exported. If they have been exported, this
            field is ignored.
      required:
        - walletAccountIds
    v1DeletePoliciesIntent:
      type: object
      properties:
        policyIds:
          type: array
          items:
            type: string
          description: List of unique identifiers for policies within an organization
          title: '@inject_tag: validate:"required,dive,uuid"'
      required:
        - policyIds
    v1EthSendRawTransactionIntent:
      type: object
      properties:
        signedTransaction:
          type: string
          description: The raw, signed transaction to be sent.
          title: '@inject_tag: validate:"required"'
        caip2:
          type: string
          enum:
            - eip155:1
            - eip155:11155111
            - eip155:8453
            - eip155:84532
          description: CAIP-2 chain ID (e.g., 'eip155:1' for Ethereum mainnet).
          title: '@inject_tag: validate:"required"'
      required:
        - signedTransaction
        - caip2
    v1EthSendTransactionIntent:
      type: object
      properties:
        from:
          type: string
          description: >-
            A wallet or private key address to sign with. This does not support
            private key IDs.
          title: '@inject_tag: validate:"required"'
        sponsor:
          type: boolean
          description: Whether to sponsor this transaction via Gas Station.
        caip2:
          type: string
          enum:
            - eip155:1
            - eip155:11155111
            - eip155:8453
            - eip155:84532
            - eip155:137
            - eip155:80002
          description: CAIP-2 chain ID (e.g., 'eip155:1' for Ethereum mainnet).
          title: '@inject_tag: validate:"required"'
        to:
          type: string
          description: Recipient address as a hex string with 0x prefix.
          title: '@inject_tag: validate:"required"'
        value:
          type: string
          description: Amount of native asset to send in wei.
        data:
          type: string
          description: Hex-encoded call data for contract interactions.
        nonce:
          type: string
          description: >-
            Transaction nonce, for EIP-1559 and 0xkey Gas Station
            authorizations.
        gasLimit:
          type: string
          description: >-
            Maximum amount of gas to use for this transaction, for EIP-1559
            transactions.
        maxFeePerGas:
          type: string
          description: >-
            Maximum total fee per gas unit (base fee + priority fee) in wei.
            Required for non-sponsored (EIP-1559) transactions. Not used for
            sponsored transactions.
        maxPriorityFeePerGas:
          type: string
          description: >-
            Maximum priority fee (tip) per gas unit in wei. Required for
            non-sponsored (EIP-1559) transactions. Not used for sponsored
            transactions.
        gasStationNonce:
          type: string
          description: >-
            The gas station delegate contract nonce. Only used when
            sponsor=true. Include this if you want maximal security posture.
      required:
        - from
        - caip2
        - to
    v1CreateFiatOnRampCredentialIntent:
      type: object
      properties:
        onrampProvider:
          $ref: '#/components/schemas/v1FiatOnRampProvider'
        projectId:
          type: string
          description: >-
            Project ID for the on-ramp provider. Some providers, like Coinbase,
            require this additional identifier
          title: '@inject_tag: validate:"omitempty"'
        publishableApiKey:
          type: string
          description: Publishable API key for the on-ramp provider
          title: '@inject_tag: validate:"required"'
        encryptedSecretApiKey:
          type: string
          description: >-
            Secret API key for the on-ramp provider encrypted to our on-ramp
            encryption public key
          title: '@inject_tag: validate:"required"'
        encryptedPrivateApiKey:
          type: string
          description: >-
            Private API key for the on-ramp provider encrypted to our on-ramp
            encryption public key. Some providers, like Coinbase, require this
            additional key.
          title: '@inject_tag: validate:"omitempty"'
        sandboxMode:
          type: boolean
          description: If the on-ramp credential is a sandbox credential
          title: '@inject_tag: validate:"omitempty"'
      required:
        - onrampProvider
        - publishableApiKey
        - encryptedSecretApiKey
    v1UpdateFiatOnRampCredentialIntent:
      type: object
      properties:
        fiatOnrampCredentialId:
          type: string
          description: The ID of the fiat on-ramp credential to update
          title: '@inject_tag: validate:"required"'
        onrampProvider:
          $ref: '#/components/schemas/v1FiatOnRampProvider'
        projectId:
          type: string
          description: >-
            Project ID for the on-ramp provider. Some providers, like Coinbase,
            require this additional identifier.
          title: '@inject_tag: validate:"omitempty"'
        publishableApiKey:
          type: string
          description: Publishable API key for the on-ramp provider
          title: '@inject_tag: validate:"required"'
        encryptedSecretApiKey:
          type: string
          description: >-
            Secret API key for the on-ramp provider encrypted to our on-ramp
            encryption public key
          title: '@inject_tag: validate:"required"'
        encryptedPrivateApiKey:
          type: string
          description: >-
            Private API key for the on-ramp provider encrypted to our on-ramp
            encryption public key. Some providers, like Coinbase, require this
            additional key.
          title: '@inject_tag: validate:"omitempty"'
      required:
        - fiatOnrampCredentialId
        - onrampProvider
        - publishableApiKey
        - encryptedSecretApiKey
    v1DeleteFiatOnRampCredentialIntent:
      type: object
      properties:
        fiatOnrampCredentialId:
          type: string
          description: The ID of the fiat on-ramp credential to delete
          title: '@inject_tag: validate:"required"'
      required:
        - fiatOnrampCredentialId
    v1EmailAuthIntentV3:
      type: object
      properties:
        email:
          type: string
          description: Email of the authenticating user.
          title: '@inject_tag: validate:"email,tk_email"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the email
            auth bundle (credentials) will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
        apiKeyName:
          type: string
          description: >-
            Optional human-readable name for an API Key. If none provided,
            default to Email Auth - <Timestamp>
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the API key is
            valid for. If not provided, a default of 15 minutes will be used.
        emailCustomization:
          $ref: '#/components/schemas/v1EmailAuthCustomizationParams'
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated Email Auth API keys
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - email
        - targetPublicKey
        - emailCustomization
    v1InitUserEmailRecoveryIntentV2:
      type: object
      properties:
        email:
          type: string
          description: Email of the user starting recovery
          title: '@inject_tag: validate:"email,tk_email"'
        targetPublicKey:
          type: string
          description: >-
            Client-side public key generated by the user, to which the recovery
            bundle will be encrypted.
          title: '@inject_tag: validate:"hexadecimal"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the recovery
            credential is valid for. If not provided, a default of 15 minutes
            will be used.
        emailCustomization:
          $ref: '#/components/schemas/v1EmailAuthCustomizationParams'
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the OTP email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - email
        - targetPublicKey
        - emailCustomization
    v1InitOtpIntentV2:
      type: object
      properties:
        otpType:
          type: string
          description: >-
            Whether to send OTP via SMS or email. Possible values: OTP_TYPE_SMS,
            OTP_TYPE_EMAIL
          title: '@inject_tag: validate:"required,oneof=OTP_TYPE_SMS OTP_TYPE_EMAIL"'
        contact:
          type: string
          description: Email or phone number to send the OTP code to
        otpLength:
          type: integer
          format: int32
          description: Optional length of the OTP code. Default = 9
          title: '@inject_tag: validate:"omitempty,min=6,max=9"'
        appName:
          type: string
          description: >-
            The name of the application. This field is required and will be used
            in email notifications if an email template is not provided.
          title: '@inject_tag: validate:"tk_label_length,tk_label"'
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParamsV2'
        smsCustomization:
          $ref: '#/components/schemas/v1SmsCustomizationParams'
        userIdentifier:
          type: string
          description: >-
            Optional client-generated user identifier to enable per-user rate
            limiting for SMS auth. We recommend using a hash of the client-side
            IP address.
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the OTP email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        alphanumeric:
          type: boolean
          description: >-
            Optional flag to specify if the OTP code should be alphanumeric
            (Crockford’s Base32). Default = true
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the OTP is valid
            for. If not provided, a default of 5 minutes will be used. Maximum
            value is 600 seconds (10 minutes)
          title: '@inject_tag: validate:"omitempty,numeric,max=600"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - otpType
        - contact
        - appName
    v1InitOtpAuthIntentV3:
      type: object
      properties:
        otpType:
          type: string
          description: >-
            Whether to send OTP via SMS or email. Possible values: OTP_TYPE_SMS,
            OTP_TYPE_EMAIL
          title: '@inject_tag: validate:"required,oneof=OTP_TYPE_SMS OTP_TYPE_EMAIL"'
        contact:
          type: string
          description: Email or phone number to send the OTP code to
        otpLength:
          type: integer
          format: int32
          description: Optional length of the OTP code. Default = 9
          title: '@inject_tag: validate:"omitempty,min=6,max=9"'
        appName:
          type: string
          description: >-
            The name of the application. This field is required and will be used
            in email notifications if an email template is not provided.
          title: '@inject_tag: validate:"tk_label_length,tk_label"'
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParamsV2'
        smsCustomization:
          $ref: '#/components/schemas/v1SmsCustomizationParams'
        userIdentifier:
          type: string
          description: >-
            Optional client-generated user identifier to enable per-user rate
            limiting for SMS auth. We recommend using a hash of the client-side
            IP address.
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the OTP email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        alphanumeric:
          type: boolean
          description: >-
            Optional flag to specify if the OTP code should be alphanumeric
            (Crockford’s Base32). Default = true
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the OTP is valid
            for. If not provided, a default of 5 minutes will be used. Maximum
            value is 600 seconds (10 minutes)
          title: '@inject_tag: validate:"omitempty,numeric,max=600"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - otpType
        - contact
        - appName
    v1UpsertGasUsageConfigIntent:
      type: object
      properties:
        orgWindowLimitUsd:
          type: string
          description: Gas sponsorship USD limit for the billing organization window.
          title: '@inject_tag: validate:"required,numeric"'
        subOrgWindowLimitUsd:
          type: string
          description: >-
            Gas sponsorship USD limit for sub-organizations under the billing
            organization.
          title: '@inject_tag: validate:"required,numeric"'
        windowDurationMinutes:
          type: string
          description: Rolling sponsorship window duration, expressed in minutes.
          title: '@inject_tag: validate:"required,numeric"'
      required:
        - orgWindowLimitUsd
        - subOrgWindowLimitUsd
        - windowDurationMinutes
    v1CreateTvcAppIntent:
      type: object
      properties:
        name:
          type: string
          description: The name of the new TVC application
          title: '@inject_tag: validate:"required"'
        quorumPublicKey:
          type: string
          description: Quorum public key to use for this application
          title: '@inject_tag: validate:"required"'
        manifestSetId:
          type: string
          description: >-
            Unique identifier for an existing TVC operator set to use as the
            Manifest Set for this TVC application. If left empty, a new Manifest
            Set configuration is required
        manifestSetParams:
          $ref: '#/components/schemas/v1TvcOperatorSetParams'
        shareSetId:
          type: string
          description: >-
            Unique identifier for an existing TVC operator set to use as the
            Share Set for this TVC application. If left empty, a new Share Set
            configuration is required
        shareSetParams:
          $ref: '#/components/schemas/v1TvcOperatorSetParams'
        externalConnectivity:
          type: boolean
          description: >-
            Enables external connectivity for this TVC app. Default if not
            provided: false.
      required:
        - name
        - quorumPublicKey
    v1CreateTvcDeploymentIntent:
      type: object
      properties:
        appId:
          type: string
          description: The unique identifier of the to-be-deployed TVC application
          title: '@inject_tag: validate:"required"'
        qosVersion:
          type: string
          description: The QuorumOS version to use to deploy this application
          title: '@inject_tag: validate:"required"'
        pivotContainerImageUrl:
          type: string
          description: URL of the container containing the pivot binary
          title: '@inject_tag: validate:"required"'
        pivotPath:
          type: string
          description: Location of the binary in the pivot container
          title: '@inject_tag: validate:"required"'
        pivotArgs:
          type: array
          items:
            type: string
          description: >-
            Arguments to pass to the pivot binary at startup. Encoded as a list
            of strings, for example ["--foo", "bar"]
        expectedPivotDigest:
          type: string
          description: >-
            Digest of the pivot binary in the pivot container. This value will
            be inserted in the QOS manifest to ensure application integrity.
          title: '@inject_tag: validate:"required"'
        hostContainerImageUrl:
          type: string
          description: URL of the container containing the host binary
          title: '@inject_tag: validate:"required"'
        hostPath:
          type: string
          description: Location of the binary inside the host container
          title: '@inject_tag: validate:"required"'
        hostArgs:
          type: array
          items:
            type: string
          description: >-
            Arguments to pass to the host binary at startup. Encoded as a list
            of strings, for example ["--foo", "bar"]
        nonce:
          type: integer
          format: int64
          description: >-
            Optional nonce to ensure uniqueness of the deployment manifest. If
            not provided, it defaults to the current Unix timestamp in seconds.
      required:
        - appId
        - qosVersion
        - pivotContainerImageUrl
        - pivotPath
        - pivotArgs
        - expectedPivotDigest
        - hostContainerImageUrl
        - hostPath
        - hostArgs
    v1CreateTvcManifestApprovalsIntent:
      type: object
      properties:
        manifestId:
          type: string
          description: Unique identifier of the TVC deployment to approve
          title: '@inject_tag: validate:"required,uuid"'
        approvals:
          type: array
          items:
            $ref: '#/components/schemas/v1TvcManifestApproval'
          description: List of manifest approvals
          title: '@inject_tag: validate:"required"'
      required:
        - manifestId
        - approvals
    v1SolSendTransactionIntent:
      type: object
      properties:
        unsignedTransaction:
          type: string
          description: Base64-encoded serialized unsigned Solana transaction
          title: '@inject_tag: validate:"required"'
        signWith:
          type: string
          description: >-
            A wallet or private key address to sign with. This does not support
            private key IDs.
          title: '@inject_tag: validate:"required"'
        sponsor:
          type: boolean
          description: Whether to sponsor this transaction via Gas Station.
          title: If true, 0xkey acts as fee payer and may inject a fresh blockhash
        caip2:
          type: string
          enum:
            - solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp
            - solana:EtWTRABZaYq6iMfeYKouRu166VU2xqa1wcaWoxPkrZBG
            - solana:4uhcVJyU9pJkvQyS88uRDiswHXSCkY3zQawwpjk2NsNY
          description: >-
            CAIP-2 chain ID (e.g., 'solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp' for
            Solana mainnet).
          title: '@inject_tag: validate:"required"'
        recentBlockhash:
          type: string
          description: >-
            user-provided blockhash for replay protection / deadline control. If
            omitted and sponsor=true, we fetch a fresh blockhash during
            execution
      required:
        - unsignedTransaction
        - signWith
        - caip2
    v1InitOtpIntentV3:
      type: object
      properties:
        otpType:
          type: string
          description: >-
            Whether to send OTP via SMS or email. Possible values: OTP_TYPE_SMS,
            OTP_TYPE_EMAIL
          title: '@inject_tag: validate:"required,oneof=OTP_TYPE_SMS OTP_TYPE_EMAIL"'
        contact:
          type: string
          description: Email or phone number to send the OTP code to
        appName:
          type: string
          description: The name of the application.
          title: '@inject_tag: validate:"tk_label_length,tk_label"'
        otpLength:
          type: integer
          format: int32
          description: Optional length of the OTP code. Default = 9
          title: '@inject_tag: validate:"omitempty,min=6,max=9"'
        emailCustomization:
          $ref: '#/components/schemas/v1EmailCustomizationParamsV2'
        smsCustomization:
          $ref: '#/components/schemas/v1SmsCustomizationParams'
        userIdentifier:
          type: string
          description: >-
            Optional client-generated user identifier to enable per-user rate
            limiting for SMS auth. We recommend using a hash of the client-side
            IP address.
        sendFromEmailAddress:
          type: string
          description: Optional custom email address from which to send the OTP email
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        alphanumeric:
          type: boolean
          description: >-
            Optional flag to specify if the OTP code should be alphanumeric
            (Crockford's Base32). If set to false, OTP code will only be
            numeric. Default = true
        sendFromEmailSenderName:
          type: string
          description: >-
            Optional custom sender name for use with sendFromEmailAddress; if
            left empty, will default to 'Notifications'
          title: '@inject_tag: validate:"omitempty,tk_label_length,tk_label"'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the OTP is valid
            for. If not provided, a default of 5 minutes will be used. Maximum
            value is 600 seconds (10 minutes)
          title: '@inject_tag: validate:"omitempty,numeric,max=600"'
        replyToEmailAddress:
          type: string
          description: Optional custom email address to use as reply-to
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
      required:
        - otpType
        - contact
        - appName
    v1VerifyOtpIntentV2:
      type: object
      properties:
        otpId:
          type: string
          description: >-
            UUID representing an OTP flow. A new UUID is created for each init
            OTP activity.
          title: '@inject_tag: validate:"required"'
        encryptedOtpBundle:
          type: string
          description: >-
            Encrypted bundle containing the OTP code and a client-generated
            public key. 0xkey's secure enclaves will decrypt this bundle, verify
            the OTP code, and issue a new Verification Token. Encrypted using
            the target encryption key provided in the INIT_OTP activity result.
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the verification
            token is valid for. If not provided, a default of 1 hour will be
            used. Maximum value is 86400 seconds (24 hours)
          title: '@inject_tag: validate:"omitempty,numeric,max=86400"'
      required:
        - otpId
        - encryptedOtpBundle
    v1OtpLoginIntentV2:
      type: object
      properties:
        verificationToken:
          type: string
          description: >-
            Signed Verification Token containing a unique id, expiry,
            verification type, contact
        publicKey:
          type: string
          description: >-
            Client-side public key generated by the user, used as the session
            public key upon successful login
          title: '@inject_tag: validate:"omitempty,hexadecimal"'
        clientSignature:
          $ref: '#/components/schemas/v1ClientSignature'
        expirationSeconds:
          type: string
          description: >-
            Expiration window (in seconds) indicating how long the Session is
            valid for. If not provided, a default of 15 minutes will be used.
        invalidateExisting:
          type: boolean
          description: Invalidate all other previously generated Login sessions
      required:
        - verificationToken
        - publicKey
        - clientSignature
    v1UpdateOrganizationNameIntent:
      type: object
      properties:
        organizationName:
          type: string
          description: New name for the Organization.
          title: '@inject_tag: validate:"required,tk_label,tk_label_length"'
      required:
        - organizationName
    v1CreateSubOrganizationIntentV8:
      type: object
      properties:
        subOrganizationName:
          type: string
          description: Name for this sub-organization
          title: '@inject_tag: validate:"omitempty,tk_label,tk_label_length"'
        rootUsers:
          type: array
          items:
            $ref: '#/components/schemas/v1RootUserParamsV5'
          description: Root users to create within this sub-organization
          title: '@inject_tag: validate:"required,dive"'
        rootQuorumThreshold:
          type: integer
          format: int32
          description: >-
            The threshold of unique approvals to reach root quorum. This value
            must be less than or equal to the number of root users
          title: '@inject_tag: validate:"required"'
        wallet:
          $ref: '#/components/schemas/v1WalletParams'
        disableEmailRecovery:
          type: boolean
          description: Disable email recovery for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableEmailAuth:
          type: boolean
          description: Disable email auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableSmsAuth:
          type: boolean
          description: Disable OTP SMS auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        disableOtpEmailAuth:
          type: boolean
          description: Disable OTP email auth for the sub-organization
          title: '@inject_tag: validate:"omitempty"'
        verificationToken:
          type: string
          description: >-
            Signed JWT containing a unique id, expiry, verification type,
            contact
        clientSignature:
          $ref: '#/components/schemas/v1ClientSignature'
      required:
        - subOrganizationName
        - rootUsers
        - rootQuorumThreshold
    v1CreateOauthProvidersIntentV2:
      type: object
      properties:
        userId:
          type: string
          description: The ID of the User to add an Oauth provider to
          title: '@inject_tag: validate:"required,uuid"'
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProviderParamsV2'
          description: A list of Oauth providers.
          title: '@inject_tag: validate:"required,dive,required"'
      required:
        - userId
        - oauthProviders
    v1CreateUsersIntentV4:
      type: object
      properties:
        users:
          type: array
          items:
            $ref: '#/components/schemas/v1UserParamsV4'
          description: A list of Users.
          title: '@inject_tag: validate:"required,dive,required"'
      required:
        - users
    v1CreateOrganizationResult:
      type: object
      properties:
        organizationId:
          type: string
          description: Unique identifier for a given Organization.
      required:
        - organizationId
    v1CreateAuthenticatorsResult:
      type: object
      properties:
        authenticatorIds:
          type: array
          items:
            type: string
          description: A list of Authenticator IDs.
      required:
        - authenticatorIds
    v1CreateUsersResult:
      type: object
      properties:
        userIds:
          type: array
          items:
            type: string
          description: A list of User IDs.
      required:
        - userIds
    v1CreatePrivateKeysResult:
      type: object
      properties:
        privateKeyIds:
          type: array
          items:
            type: string
          description: A list of Private Key IDs.
      required:
        - privateKeyIds
    v1CreateInvitationsResult:
      type: object
      properties:
        invitationIds:
          type: array
          items:
            type: string
          description: A list of Invitation IDs
      required:
        - invitationIds
    v1AcceptInvitationResult:
      type: object
      properties:
        invitationId:
          type: string
          description: Unique identifier for a given Invitation.
        userId:
          type: string
          description: Unique identifier for a given User.
      required:
        - invitationId
        - userId
    v1SignRawPayloadResult:
      type: object
      properties:
        r:
          type: string
          description: Component of an ECSDA signature.
        s:
          type: string
          description: Component of an ECSDA signature.
        v:
          type: string
          description: Component of an ECSDA signature.
      required:
        - r
        - s
        - v
    v1CreatePolicyResult:
      type: object
      properties:
        policyId:
          type: string
          description: Unique identifier for a given Policy.
      required:
        - policyId
    v1DisablePrivateKeyResult:
      type: object
      properties:
        privateKeyId:
          type: string
          description: Unique identifier for a given Private Key.
      required:
        - privateKeyId
    v1DeleteUsersResult:
      type: object
      properties:
        userIds:
          type: array
          items:
            type: string
          description: A list of User IDs.
      required:
        - userIds
    v1DeleteAuthenticatorsResult:
      type: object
      properties:
        authenticatorIds:
          type: array
          items:
            type: string
          description: Unique identifier for a given Authenticator.
      required:
        - authenticatorIds
    v1DeleteInvitationResult:
      type: object
      properties:
        invitationId:
          type: string
          description: Unique identifier for a given Invitation.
      required:
        - invitationId
    v1DeleteOrganizationResult:
      type: object
      properties:
        organizationId:
          type: string
          description: Unique identifier for a given Organization.
      required:
        - organizationId
    v1DeletePolicyResult:
      type: object
      properties:
        policyId:
          type: string
          description: Unique identifier for a given Policy.
      required:
        - policyId
    v1CreateUserTagResult:
      type: object
      properties:
        userTagId:
          type: string
          description: Unique identifier for a given User Tag.
        userIds:
          type: array
          items:
            type: string
          description: A list of User IDs.
      required:
        - userTagId
        - userIds
    v1DeleteUserTagsResult:
      type: object
      properties:
        userTagIds:
          type: array
          items:
            type: string
          description: A list of User Tag IDs.
        userIds:
          type: array
          items:
            type: string
          description: A list of User IDs.
      required:
        - userTagIds
        - userIds
    v1SignTransactionResult:
      type: object
      properties:
        signedTransaction:
          type: string
      required:
        - signedTransaction
    v1DeleteApiKeysResult:
      type: object
      properties:
        apiKeyIds:
          type: array
          items:
            type: string
          description: A list of API Key IDs.
      required:
        - apiKeyIds
    v1CreateApiKeysResult:
      type: object
      properties:
        apiKeyIds:
          type: array
          items:
            type: string
          description: A list of API Key IDs.
      required:
        - apiKeyIds
    v1CreatePrivateKeyTagResult:
      type: object
      properties:
        privateKeyTagId:
          type: string
          description: Unique identifier for a given Private Key Tag.
        privateKeyIds:
          type: array
          items:
            type: string
          description: A list of Private Key IDs.
      required:
        - privateKeyTagId
        - privateKeyIds
    v1DeletePrivateKeyTagsResult:
      type: object
      properties:
        privateKeyTagIds:
          type: array
          items:
            type: string
          description: A list of Private Key Tag IDs.
        privateKeyIds:
          type: array
          items:
            type: string
          description: A list of Private Key IDs.
      required:
        - privateKeyTagIds
        - privateKeyIds
    billingSetPaymentMethodResult:
      type: object
      properties:
        lastFour:
          type: string
          description: The last four digits of the credit card added.
        cardHolderName:
          type: string
          description: The name associated with the payment method.
        cardHolderEmail:
          type: string
          description: The email address associated with the payment method.
      required:
        - lastFour
        - cardHolderName
        - cardHolderEmail
    billingActivateBillingTierResult:
      type: object
      properties:
        productId:
          type: string
          description: The id of the product being subscribed to.
      required:
        - productId
    billingDeletePaymentMethodResult:
      type: object
      properties:
        paymentMethodId:
          type: string
          description: The payment method that was removed.
      required:
        - paymentMethodId
    v1CreateApiOnlyUsersResult:
      type: object
      properties:
        userIds:
          type: array
          items:
            type: string
          description: A list of API-only User IDs.
      required:
        - userIds
    v1UpdateRootQuorumResult:
      type: object
      title: 'TODO: this should include the new root quorum'
    v1UpdateUserTagResult:
      type: object
      properties:
        userTagId:
          type: string
          description: Unique identifier for a given User Tag.
      required:
        - userTagId
    v1UpdatePrivateKeyTagResult:
      type: object
      properties:
        privateKeyTagId:
          type: string
          description: Unique identifier for a given Private Key Tag.
      required:
        - privateKeyTagId
    v1CreateSubOrganizationResult:
      type: object
      properties:
        subOrganizationId:
          type: string
        rootUserIds:
          type: array
          items:
            type: string
      required:
        - subOrganizationId
    v1UpdateAllowedOriginsResult:
      type: object
      title: 'TODO: this should include the new origins'
    v1CreatePrivateKeysResultV2:
      type: object
      properties:
        privateKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1PrivateKeyResult'
          description: A list of Private Key IDs and addresses.
      required:
        - privateKeys
    v1UpdateUserResult:
      type: object
      properties:
        userId:
          type: string
          description: A User ID.
      required:
        - userId
    v1UpdatePolicyResult:
      type: object
      properties:
        policyId:
          type: string
          description: Unique identifier for a given Policy.
      required:
        - policyId
    v1CreateSubOrganizationResultV3:
      type: object
      properties:
        subOrganizationId:
          type: string
        privateKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1PrivateKeyResult'
          description: A list of Private Key IDs and addresses.
        rootUserIds:
          type: array
          items:
            type: string
      title: Going directly to V3 to have it in parity with intent versioning
      required:
        - subOrganizationId
        - privateKeys
    v1CreateWalletResult:
      type: object
      properties:
        walletId:
          type: string
          description: Unique identifier for a Wallet.
        addresses:
          type: array
          items:
            type: string
          description: A list of account addresses.
      required:
        - walletId
        - addresses
    v1CreateWalletAccountsResult:
      type: object
      properties:
        addresses:
          type: array
          items:
            type: string
          description: A list of derived addresses.
      required:
        - addresses
    v1InitUserEmailRecoveryResult:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for the user being recovered.
      required:
        - userId
    v1RecoverUserResult:
      type: object
      properties:
        authenticatorId:
          type: array
          items:
            type: string
          description: ID of the authenticator created.
      required:
        - authenticatorId
    v1SetOrganizationFeatureResult:
      type: object
      properties:
        features:
          type: array
          items:
            $ref: '#/components/schemas/v1Feature'
          description: Resulting list of organization features.
      required:
        - features
    v1RemoveOrganizationFeatureResult:
      type: object
      properties:
        features:
          type: array
          items:
            $ref: '#/components/schemas/v1Feature'
          description: Resulting list of organization features.
      required:
        - features
    v1ExportPrivateKeyResult:
      type: object
      properties:
        privateKeyId:
          type: string
          description: Unique identifier for a given Private Key.
        exportBundle:
          type: string
          description: >-
            Export bundle containing a private key encrypted to the client's
            target public key.
      required:
        - privateKeyId
        - exportBundle
    v1ExportWalletResult:
      type: object
      properties:
        walletId:
          type: string
          description: Unique identifier for a given Wallet.
        exportBundle:
          type: string
          description: >-
            Export bundle containing a wallet mnemonic + optional newline
            passphrase encrypted by the client's target public key.
      required:
        - walletId
        - exportBundle
    v1CreateSubOrganizationResultV4:
      type: object
      properties:
        subOrganizationId:
          type: string
        wallet:
          $ref: '#/components/schemas/v1WalletResult'
        rootUserIds:
          type: array
          items:
            type: string
      title: Going directly to V4 to have it in parity with intent versioning
      required:
        - subOrganizationId
    v1EmailAuthResult:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for the authenticating User.
        apiKeyId:
          type: string
          description: Unique identifier for the created API key.
        credentialBundle:
          type: string
          description: >-
            HPKE-encrypted credential bundle. Present only in dev/console mailer
            mode.
      required:
        - userId
        - apiKeyId
    v1ExportWalletAccountResult:
      type: object
      properties:
        address:
          type: string
          description: Address to identify Wallet Account.
        exportBundle:
          type: string
          description: >-
            Export bundle containing a private key encrypted by the client's
            target public key.
      required:
        - address
        - exportBundle
    v1InitImportWalletResult:
      type: object
      properties:
        importBundle:
          type: string
          description: >-
            Import bundle containing a public key and signature to use for
            importing client data.
      required:
        - importBundle
    v1ImportWalletResult:
      type: object
      properties:
        walletId:
          type: string
          description: Unique identifier for a Wallet.
        addresses:
          type: array
          items:
            type: string
          description: A list of account addresses.
      required:
        - walletId
        - addresses
    v1InitImportPrivateKeyResult:
      type: object
      properties:
        importBundle:
          type: string
          description: >-
            Import bundle containing a public key and signature to use for
            importing client data.
      required:
        - importBundle
    v1ImportPrivateKeyResult:
      type: object
      properties:
        privateKeyId:
          type: string
          description: Unique identifier for a Private Key.
        addresses:
          type: array
          items:
            $ref: '#/components/schemas/immutableactivityv1Address'
          description: A list of addresses.
      required:
        - privateKeyId
        - addresses
    v1CreatePoliciesResult:
      type: object
      properties:
        policyIds:
          type: array
          items:
            type: string
          description: A list of unique identifiers for the created policies.
      required:
        - policyIds
    v1SignRawPayloadsResult:
      type: object
      properties:
        signatures:
          type: array
          items:
            $ref: '#/components/schemas/v1SignRawPayloadResult'
    v1CreateReadOnlySessionResult:
      type: object
      properties:
        organizationId:
          type: string
          description: >-
            Unique identifier for a given Organization. If the request is being
            made by a user and their Sub-Organization ID is unknown, this can be
            the Parent Organization ID. However, using the Sub-Organization ID
            is preferred due to performance reasons.
        organizationName:
          type: string
          description: Human-readable name for an Organization.
        userId:
          type: string
          description: Unique identifier for a given User.
        username:
          type: string
          description: Human-readable name for a User.
        session:
          type: string
          description: String representing a read only session
        sessionExpiry:
          type: string
          format: uint64
          description: >-
            UTC timestamp in seconds representing the expiry time for the read
            only session.
      required:
        - organizationId
        - organizationName
        - userId
        - username
        - session
        - sessionExpiry
    v1CreateOauthProvidersResult:
      type: object
      properties:
        providerIds:
          type: array
          items:
            type: string
          description: A list of unique identifiers for Oauth Providers
      required:
        - providerIds
    v1DeleteOauthProvidersResult:
      type: object
      properties:
        providerIds:
          type: array
          items:
            type: string
          description: A list of unique identifiers for Oauth Providers
      required:
        - providerIds
    v1CreateSubOrganizationResultV5:
      type: object
      properties:
        subOrganizationId:
          type: string
        wallet:
          $ref: '#/components/schemas/v1WalletResult'
        rootUserIds:
          type: array
          items:
            type: string
      required:
        - subOrganizationId
    v1OauthResult:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for the authenticating User.
        apiKeyId:
          type: string
          description: Unique identifier for the created API key.
        credentialBundle:
          type: string
          description: HPKE encrypted credential bundle
      required:
        - userId
        - apiKeyId
        - credentialBundle
    v1CreateReadWriteSessionResult:
      type: object
      properties:
        organizationId:
          type: string
          description: >-
            Unique identifier for a given Organization. If the request is being
            made by a user and their Sub-Organization ID is unknown, this can be
            the Parent Organization ID. However, using the Sub-Organization ID
            is preferred due to performance reasons.
        organizationName:
          type: string
          description: Human-readable name for an Organization.
        userId:
          type: string
          description: Unique identifier for a given User.
        username:
          type: string
          description: Human-readable name for a User.
        apiKeyId:
          type: string
          description: Unique identifier for the created API key.
        credentialBundle:
          type: string
          description: HPKE encrypted credential bundle
      required:
        - organizationId
        - organizationName
        - userId
        - username
        - apiKeyId
        - credentialBundle
    v1CreateSubOrganizationResultV6:
      type: object
      properties:
        subOrganizationId:
          type: string
        wallet:
          $ref: '#/components/schemas/v1WalletResult'
        rootUserIds:
          type: array
          items:
            type: string
      required:
        - subOrganizationId
    v1DeletePrivateKeysResult:
      type: object
      properties:
        privateKeyIds:
          type: array
          items:
            type: string
          description: A list of private key unique identifiers that were removed
      required:
        - privateKeyIds
    v1DeleteWalletsResult:
      type: object
      properties:
        walletIds:
          type: array
          items:
            type: string
          description: A list of wallet unique identifiers that were removed
      required:
        - walletIds
    v1CreateReadWriteSessionResultV2:
      type: object
      properties:
        organizationId:
          type: string
          description: >-
            Unique identifier for a given Organization. If the request is being
            made by a user and their Sub-Organization ID is unknown, this can be
            the Parent Organization ID. However, using the Sub-Organization ID
            is preferred due to performance reasons.
        organizationName:
          type: string
          description: Human-readable name for an Organization.
        userId:
          type: string
          description: Unique identifier for a given User.
        username:
          type: string
          description: Human-readable name for a User.
        apiKeyId:
          type: string
          description: Unique identifier for the created API key.
        credentialBundle:
          type: string
          description: HPKE encrypted credential bundle
      required:
        - organizationId
        - organizationName
        - userId
        - username
        - apiKeyId
        - credentialBundle
    v1DeleteSubOrganizationResult:
      type: object
      properties:
        subOrganizationUuid:
          type: string
          description: Unique identifier of the sub organization that was removed
      required:
        - subOrganizationUuid
    v1InitOtpAuthResult:
      type: object
      properties:
        otpId:
          type: string
          description: Unique identifier for an OTP authentication
      required:
        - otpId
    v1OtpAuthResult:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for the authenticating User.
        apiKeyId:
          type: string
          description: Unique identifier for the created API key.
        credentialBundle:
          type: string
          description: HPKE encrypted credential bundle
      required:
        - userId
    v1CreateSubOrganizationResultV7:
      type: object
      properties:
        subOrganizationId:
          type: string
        wallet:
          $ref: '#/components/schemas/v1WalletResult'
        rootUserIds:
          type: array
          items:
            type: string
      required:
        - subOrganizationId
    v1UpdateWalletResult:
      type: object
      properties:
        walletId:
          type: string
          description: A Wallet ID.
      required:
        - walletId
    v1UpdatePolicyResultV2:
      type: object
      properties:
        policyId:
          type: string
          description: Unique identifier for a given Policy.
      required:
        - policyId
    v1InitOtpAuthResultV2:
      type: object
      properties:
        otpId:
          type: string
          description: Unique identifier for an OTP authentication
      required:
        - otpId
    v1InitOtpResult:
      type: object
      properties:
        otpId:
          type: string
          description: Unique identifier for an OTP authentication
      required:
        - otpId
    v1VerifyOtpResult:
      type: object
      properties:
        verificationToken:
          type: string
          description: >-
            Signed JWT containing a unique id, expiry, verification type,
            contact. Verification status of a user is updated when the token is
            consumed (in OTP_LOGIN requests)
      required:
        - verificationToken
    v1OtpLoginResult:
      type: object
      properties:
        session:
          type: string
          description: >-
            Signed JWT containing an expiry, public key, session type, user id,
            and organization id
      required:
        - session
    v1StampLoginResult:
      type: object
      properties:
        session:
          type: string
          description: >-
            Signed JWT containing an expiry, public key, session type, user id,
            and organization id
      required:
        - session
    v1OauthLoginResult:
      type: object
      properties:
        session:
          type: string
          description: >-
            Signed JWT containing an expiry, public key, session type, user id,
            and organization id
      required:
        - session
    v1UpdateUserNameResult:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier of the User whose name was updated.
      required:
        - userId
    v1UpdateUserEmailResult:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier of the User whose email was updated.
      required:
        - userId
    v1UpdateUserPhoneNumberResult:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier of the User whose phone number was updated.
      required:
        - userId
    v1InitFiatOnRampResult:
      type: object
      properties:
        onRampUrl:
          type: string
          description: Unique URL for a given fiat on-ramp flow.
        onRampTransactionId:
          type: string
          description: >-
            Unique identifier used to retrieve transaction statuses for a given
            fiat on-ramp flow.
        onRampUrlSignature:
          type: string
          description: >-
            Optional signature of the MoonPay Widget URL. The signature is
            generated if the Init Fiat On Ramp intent includes the
            urlForSignature field. The signature can be used to initialize the
            MoonPay SDKs when URL signing is enabled for your project.
      required:
        - onRampUrl
        - onRampTransactionId
    v1CreateSmartContractInterfaceResult:
      type: object
      properties:
        smartContractInterfaceId:
          type: string
          description: The ID of the created Smart Contract Interface.
      required:
        - smartContractInterfaceId
    v1DeleteSmartContractInterfaceResult:
      type: object
      properties:
        smartContractInterfaceId:
          type: string
          description: The ID of the deleted Smart Contract Interface.
      required:
        - smartContractInterfaceId
    v1EnableAuthProxyResult:
      type: object
      properties:
        userId:
          type: string
          description: A User ID with permission to initiate authentication.
        encryptedApiKey:
          type: string
          format: byte
          description: >-
            The proxy signing key generated by the Notarizer (dev: plaintext
            hex, prod: HPKE-encrypted).
      required:
        - userId
        - encryptedApiKey
    v1DisableAuthProxyResult:
      type: object
    v1UpdateAuthProxyConfigResult:
      type: object
      properties:
        configId:
          type: string
          description: >-
            Unique identifier for a given User. (representing the 0xkey signer
            user id)
          title: '@inject_tag: validate:"required,uuid"'
    v1CreateOauth2CredentialResult:
      type: object
      properties:
        oauth2CredentialId:
          type: string
          description: Unique identifier of the OAuth 2.0 credential that was created
      required:
        - oauth2CredentialId
    v1UpdateOauth2CredentialResult:
      type: object
      properties:
        oauth2CredentialId:
          type: string
          description: Unique identifier of the OAuth 2.0 credential that was updated
      required:
        - oauth2CredentialId
    v1DeleteOauth2CredentialResult:
      type: object
      properties:
        oauth2CredentialId:
          type: string
          description: Unique identifier of the OAuth 2.0 credential that was deleted
      required:
        - oauth2CredentialId
    v1Oauth2AuthenticateResult:
      type: object
      properties:
        oidcToken:
          type: string
          description: >-
            Base64 encoded OIDC token issued by 0xkey to be used with the
            LoginWithOAuth activity
          title: '@inject_tag: validate:"required"'
      required:
        - oidcToken
    v1DeleteWalletAccountsResult:
      type: object
      properties:
        walletAccountIds:
          type: array
          items:
            type: string
          description: A list of wallet account unique identifiers that were removed
      required:
        - walletAccountIds
    v1DeletePoliciesResult:
      type: object
      properties:
        policyIds:
          type: array
          items:
            type: string
          description: A list of unique identifiers for the deleted policies.
      required:
        - policyIds
    v1EthSendRawTransactionResult:
      type: object
      properties:
        transactionHash:
          type: string
          description: The transaction hash of the sent transaction
      required:
        - transactionHash
    v1CreateFiatOnRampCredentialResult:
      type: object
      properties:
        fiatOnRampCredentialId:
          type: string
          description: Unique identifier of the Fiat On-Ramp credential that was created
      required:
        - fiatOnRampCredentialId
    v1UpdateFiatOnRampCredentialResult:
      type: object
      properties:
        fiatOnRampCredentialId:
          type: string
          description: Unique identifier of the Fiat On-Ramp credential that was updated
      required:
        - fiatOnRampCredentialId
    v1DeleteFiatOnRampCredentialResult:
      type: object
      properties:
        fiatOnRampCredentialId:
          type: string
          description: Unique identifier of the Fiat On-Ramp credential that was deleted
      required:
        - fiatOnRampCredentialId
    v1EthSendTransactionResult:
      type: object
      properties:
        sendTransactionStatusId:
          type: string
          description: >-
            The send_transaction_status ID associated with the transaction
            submission
      required:
        - sendTransactionStatusId
    v1UpsertGasUsageConfigResult:
      type: object
      properties:
        gasUsageConfigId:
          type: string
          description: >-
            Unique identifier for the gas usage configuration that was created
            or updated.
          title: '@inject_tag: validate:"required,uuid4"'
      required:
        - gasUsageConfigId
    v1CreateTvcAppResult:
      type: object
      properties:
        appId:
          type: string
          description: The unique identifier for the TVC application
        manifestSetId:
          type: string
          description: The unique identifier for the TVC manifest set
        manifestSetOperatorIds:
          type: array
          items:
            type: string
          description: The unique identifier(s) of the manifest set operators
        manifestSetThreshold:
          type: integer
          format: int64
          description: The required number of approvals for the manifest set
      required:
        - appId
        - manifestSetId
        - manifestSetOperatorIds
        - manifestSetThreshold
    v1CreateTvcDeploymentResult:
      type: object
      properties:
        deploymentId:
          type: string
          description: The unique identifier for the TVC deployment
        manifestId:
          type: string
          description: The unique identifier for the TVC manifest
      required:
        - deploymentId
        - manifestId
    v1CreateTvcManifestApprovalsResult:
      type: object
      properties:
        approvalIds:
          type: array
          items:
            type: string
          description: The unique identifier(s) for the manifest approvals
      required:
        - approvalIds
    v1SolSendTransactionResult:
      type: object
      properties:
        sendTransactionStatusId:
          type: string
          description: >-
            The send_transaction_status ID associated with the transaction
            submission
      required:
        - sendTransactionStatusId
    v1InitOtpResultV2:
      type: object
      properties:
        otpId:
          type: string
          description: Unique identifier for an OTP flow
        otpEncryptionTargetBundle:
          type: string
          description: >-
            Signed bundle containing a target encryption key to use when
            submitting OTP codes.
      required:
        - otpId
        - otpEncryptionTargetBundle
    v1UpdateOrganizationNameResult:
      type: object
      properties:
        organizationId:
          type: string
          description: Unique identifier for the Organization.
        organizationName:
          type: string
          description: The updated organization name.
      required:
        - organizationId
        - organizationName
    v1CreateSubOrganizationResultV8:
      type: object
      properties:
        subOrganizationId:
          type: string
        wallet:
          $ref: '#/components/schemas/v1WalletResult'
        rootUserIds:
          type: array
          items:
            type: string
      required:
        - subOrganizationId
    v1CreateOauthProvidersResultV2:
      type: object
      properties:
        providerIds:
          type: array
          items:
            type: string
          description: A list of unique identifiers for Oauth Providers
      required:
        - providerIds
    v1User:
      type: object
      properties:
        userId:
          type: string
          description: Unique identifier for a given User.
        userName:
          type: string
          description: Human-readable name for a User.
        userEmail:
          type: string
          description: The user's email address.
          title: some users do not have emails (programmatic users)
        userPhoneNumber:
          type: string
          description: The user's phone number in E.164 format e.g. +13214567890
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1Authenticator'
          description: A list of Authenticator parameters.
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1ApiKey'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
        userTags:
          type: array
          items:
            type: string
          description: A list of User Tag IDs.
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProvider'
          description: A list of Oauth Providers.
        createdAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
        updatedAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
      required:
        - userId
        - userName
        - authenticators
        - apiKeys
        - userTags
        - oauthProviders
        - createdAt
        - updatedAt
    externaldatav1SignatureScheme:
      type: string
      enum:
        - SIGNATURE_SCHEME_UNSPECIFIED
        - SIGNATURE_SCHEME_EPHEMERAL_KEY_P256
      default: SIGNATURE_SCHEME_UNSPECIFIED
      title: >-
        - SIGNATURE_SCHEME_EPHEMERAL_KEY_P256: Scheme used by our enclave
        applications
    v1AuthenticatorParams:
      type: object
      properties:
        authenticatorName:
          type: string
          description: Human-readable name for an Authenticator.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userId:
          type: string
          description: Unique identifier for a given User.
          title: '@inject_tag: validate:"required,uuid"'
        attestation:
          $ref: '#/components/schemas/v1PublicKeyCredentialWithAttestation'
        challenge:
          type: string
          description: Challenge presented for authentication purposes.
          title: '@inject_tag: validate:"required,max=256"'
      required:
        - authenticatorName
        - userId
        - attestation
        - challenge
    v1UserParams:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        accessType:
          $ref: '#/components/schemas/v1AccessType'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/apiApiKeyParams'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive,uuid"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParams'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        userTags:
          type: array
          items:
            type: string
          description: >-
            A list of User Tag IDs. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - userName
        - accessType
        - apiKeys
        - authenticators
        - userTags
    v1PrivateKeyParams:
      type: object
      properties:
        privateKeyName:
          type: string
          description: Human-readable name for a Private Key.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        curve:
          $ref: '#/components/schemas/v1Curve'
        privateKeyTags:
          type: array
          items:
            type: string
          description: >-
            A list of Private Key Tag IDs. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive,uuid"'
        addressFormats:
          type: array
          items:
            $ref: '#/components/schemas/v1AddressFormat'
          description: >-
            Cryptocurrency-specific formats for a derived address (e.g.,
            Ethereum).
          title: '@inject_tag: validate:"dive"'
      required:
        - privateKeyName
        - curve
        - privateKeyTags
        - addressFormats
    v1PayloadEncoding:
      type: string
      enum:
        - PAYLOAD_ENCODING_UNSPECIFIED
        - PAYLOAD_ENCODING_HEXADECIMAL
        - PAYLOAD_ENCODING_TEXT_UTF8
        - PAYLOAD_ENCODING_EIP712
        - PAYLOAD_ENCODING_EIP7702_AUTHORIZATION
      default: PAYLOAD_ENCODING_UNSPECIFIED
      title: >-
        - PAYLOAD_ENCODING_UNSPECIFIED: Default value if payload encoding is not
        set explicitly
         - PAYLOAD_ENCODING_HEXADECIMAL: Payload is encoded in hexadecimal
        We accept 0x-prefixed or non-0x prefixed payloads.

        We accept any casing (uppercase, lowercase, or mixed)
         - PAYLOAD_ENCODING_TEXT_UTF8: Payload is encoded as utf-8 text
        Will be converted to bytes for signature with Rust's standard
        String.as_bytes()
         - PAYLOAD_ENCODING_EIP712: Payload is encoded as EIP-712 typed data
        See JSON schema definition in EIP-712 documentation here:
        https://eips.ethereum.org/EIPS/eip-712#parameters

        Will be converted to bytes for signing using serde_json::from_str
         - PAYLOAD_ENCODING_EIP7702_AUTHORIZATION: Payload is encoded as an EIP-7702 Authorization
        See spec here: https://eips.ethereum.org/EIPS/eip-7702#behavior

        Will be converted to bytes for signing using serde_json::from_str
    v1HashFunction:
      type: string
      enum:
        - HASH_FUNCTION_UNSPECIFIED
        - HASH_FUNCTION_NO_OP
        - HASH_FUNCTION_SHA256
        - HASH_FUNCTION_KECCAK256
        - HASH_FUNCTION_NOT_APPLICABLE
      default: HASH_FUNCTION_UNSPECIFIED
    v1InvitationParams:
      type: object
      properties:
        receiverUserName:
          type: string
          description: The name of the intended Invitation recipient.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        receiverUserEmail:
          type: string
          description: The email address of the intended Invitation recipient.
          title: '@inject_tag: validate:"required,email,tk_email"'
        receiverUserTags:
          type: array
          items:
            type: string
          description: >-
            A list of tags assigned to the Invitation recipient. This field, if
            not needed, should be an empty array in your request body.
          title: '@inject_tag: validate:"dive,uuid"'
        accessType:
          $ref: '#/components/schemas/v1AccessType'
        senderUserId:
          type: string
          description: Unique identifier for the Sender of an Invitation.
          title: '@inject_tag: validate:"required,uuid"'
      required:
        - receiverUserName
        - receiverUserEmail
        - receiverUserTags
        - accessType
        - senderUserId
    v1Selector:
      type: object
      properties:
        subject:
          type: string
        operator:
          $ref: '#/components/schemas/v1Operator'
        target:
          type: string
    v1Effect:
      type: string
      enum:
        - EFFECT_UNSPECIFIED
        - EFFECT_ALLOW
        - EFFECT_DENY
      default: EFFECT_UNSPECIFIED
    v1TransactionType:
      type: string
      enum:
        - TRANSACTION_TYPE_UNSPECIFIED
        - TRANSACTION_TYPE_ETHEREUM
        - TRANSACTION_TYPE_SOLANA
        - TRANSACTION_TYPE_TRON
        - TRANSACTION_TYPE_BITCOIN
      default: TRANSACTION_TYPE_UNSPECIFIED
      title: >-
        - TRANSACTION_TYPE_ETHEREUM: Unsigned Ethereum transaction, RLP-encoded
        and hex-encoded
         - TRANSACTION_TYPE_SOLANA: Unsigned Solana transaction in hex bytes
         - TRANSACTION_TYPE_TRON: Unsigned Tron transaction, protobuf encoded and hex encoded
         - TRANSACTION_TYPE_BITCOIN: Unsigned Bitcoin transaction, hex encoded
    apiApiKeyParams:
      type: object
      properties:
        apiKeyName:
          type: string
          description: Human-readable name for an API Key.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        publicKey:
          type: string
          description: >-
            The public component of a cryptographic key pair used to sign
            messages and transactions.
          title: '@inject_tag: validate:"hexadecimal,len=66"'
        expirationSeconds:
          type: string
          description: >-
            Optional window (in seconds) indicating how long the API Key should
            last.
      required:
        - apiKeyName
        - publicKey
    v1SelectorV2:
      type: object
      properties:
        subject:
          type: string
        operator:
          $ref: '#/components/schemas/v1Operator'
        targets:
          type: array
          items:
            type: string
    v1ApiOnlyUserParams:
      type: object
      properties:
        userName:
          type: string
          description: The name of the new API-only User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The email address for this API-only User (optional).
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        userTags:
          type: array
          items:
            type: string
          description: >-
            A list of tags assigned to the new API-only User. This field, if not
            needed, should be an empty array in your request body.
          title: '@inject_tag: validate:"dive,uuid"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/apiApiKeyParams'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
      required:
        - userName
        - userTags
        - apiKeys
    v1AuthenticatorParamsV2:
      type: object
      properties:
        authenticatorName:
          type: string
          description: Human-readable name for an Authenticator.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        challenge:
          type: string
          description: Challenge presented for authentication purposes.
          title: '@inject_tag: validate:"required,max=256"'
        attestation:
          $ref: '#/components/schemas/v1Attestation'
      required:
        - authenticatorName
        - challenge
        - attestation
    v1UserParamsV2:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/apiApiKeyParams'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        userTags:
          type: array
          items:
            type: string
          description: >-
            A list of User Tag IDs. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - userName
        - apiKeys
        - authenticators
        - userTags
    v1RootUserParams:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/apiApiKeyParams'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
      required:
        - userName
        - apiKeys
        - authenticators
    v1WalletAccountParams:
      type: object
      properties:
        curve:
          $ref: '#/components/schemas/v1Curve'
        pathFormat:
          $ref: '#/components/schemas/v1PathFormat'
        path:
          type: string
          description: Path used to generate a wallet Account.
          title: '@inject_tag: validate:"required"'
        addressFormat:
          $ref: '#/components/schemas/v1AddressFormat'
      required:
        - curve
        - pathFormat
        - path
        - addressFormat
    v1EmailCustomizationParams:
      type: object
      properties:
        appName:
          type: string
          description: The name of the application.
        logoUrl:
          type: string
          description: >-
            A URL pointing to a logo in PNG format. Note this logo will be
            resized to fit into 340px x 124px.
        magicLinkTemplate:
          type: string
          description: >-
            A template for the URL to be used in a magic link button, e.g.
            `https://dapp.xyz/%s`. The auth bundle will be interpolated into the
            `%s`.
        templateVariables:
          type: string
          description: >-
            JSON object containing key/value pairs to be used with custom
            templates.
        templateId:
          type: string
          description: >-
            Unique identifier for a given Email Template. If not specified, the
            default is the most recent Email Template.
      description: >-
        Each of these customization parameters are optional; resort to defaults
        if any are not provided.
    v1FeatureName:
      type: string
      enum:
        - FEATURE_NAME_UNSPECIFIED
        - FEATURE_NAME_ROOT_USER_EMAIL_RECOVERY
        - FEATURE_NAME_WEBAUTHN_ORIGINS
        - FEATURE_NAME_EMAIL_AUTH
        - FEATURE_NAME_EMAIL_RECOVERY
        - FEATURE_NAME_WEBHOOK
        - FEATURE_NAME_SMS_AUTH
        - FEATURE_NAME_OTP_EMAIL_AUTH
        - FEATURE_NAME_AUTH_PROXY
      default: FEATURE_NAME_UNSPECIFIED
      title: >-
        - FEATURE_NAME_ROOT_USER_EMAIL_RECOVERY: to be deprecated in favor of
        rename: `FEATURE_NAME_EMAIL_RECOVERY`
    v1MnemonicLanguage:
      type: string
      enum:
        - MNEMONIC_LANGUAGE_UNSPECIFIED
        - MNEMONIC_LANGUAGE_ENGLISH
        - MNEMONIC_LANGUAGE_SIMPLIFIED_CHINESE
        - MNEMONIC_LANGUAGE_TRADITIONAL_CHINESE
        - MNEMONIC_LANGUAGE_CZECH
        - MNEMONIC_LANGUAGE_FRENCH
        - MNEMONIC_LANGUAGE_ITALIAN
        - MNEMONIC_LANGUAGE_JAPANESE
        - MNEMONIC_LANGUAGE_KOREAN
        - MNEMONIC_LANGUAGE_SPANISH
      default: MNEMONIC_LANGUAGE_UNSPECIFIED
    v1WalletParams:
      type: object
      properties:
        walletName:
          type: string
          description: Human-readable name for a Wallet.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        accounts:
          type: array
          items:
            $ref: '#/components/schemas/v1WalletAccountParams'
          description: >-
            A list of wallet Accounts. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive,required"'
        mnemonicLength:
          type: integer
          format: int32
          description: >-
            Length of mnemonic to generate the Wallet seed. Defaults to 12.
            Accepted values: 12, 15, 18, 21, 24.
          title: '@inject_tag: validate:"omitempty"'
      required:
        - walletName
        - accounts
    v1Curve:
      type: string
      enum:
        - CURVE_UNSPECIFIED
        - CURVE_SECP256K1
        - CURVE_ED25519
      default: CURVE_UNSPECIFIED
      description: Cryptographic Curve used to generate a given Private Key.
    v1AddressFormat:
      type: string
      enum:
        - ADDRESS_FORMAT_UNSPECIFIED
        - ADDRESS_FORMAT_UNCOMPRESSED
        - ADDRESS_FORMAT_COMPRESSED
        - ADDRESS_FORMAT_ETHEREUM
        - ADDRESS_FORMAT_SOLANA
        - ADDRESS_FORMAT_COSMOS
        - ADDRESS_FORMAT_TRON
        - ADDRESS_FORMAT_SUI
        - ADDRESS_FORMAT_APTOS
        - ADDRESS_FORMAT_BITCOIN_MAINNET_P2PKH
        - ADDRESS_FORMAT_BITCOIN_MAINNET_P2SH
        - ADDRESS_FORMAT_BITCOIN_MAINNET_P2WPKH
        - ADDRESS_FORMAT_BITCOIN_MAINNET_P2WSH
        - ADDRESS_FORMAT_BITCOIN_MAINNET_P2TR
        - ADDRESS_FORMAT_BITCOIN_TESTNET_P2PKH
        - ADDRESS_FORMAT_BITCOIN_TESTNET_P2SH
        - ADDRESS_FORMAT_BITCOIN_TESTNET_P2WPKH
        - ADDRESS_FORMAT_BITCOIN_TESTNET_P2WSH
        - ADDRESS_FORMAT_BITCOIN_TESTNET_P2TR
        - ADDRESS_FORMAT_BITCOIN_SIGNET_P2PKH
        - ADDRESS_FORMAT_BITCOIN_SIGNET_P2SH
        - ADDRESS_FORMAT_BITCOIN_SIGNET_P2WPKH
        - ADDRESS_FORMAT_BITCOIN_SIGNET_P2WSH
        - ADDRESS_FORMAT_BITCOIN_SIGNET_P2TR
        - ADDRESS_FORMAT_BITCOIN_REGTEST_P2PKH
        - ADDRESS_FORMAT_BITCOIN_REGTEST_P2SH
        - ADDRESS_FORMAT_BITCOIN_REGTEST_P2WPKH
        - ADDRESS_FORMAT_BITCOIN_REGTEST_P2WSH
        - ADDRESS_FORMAT_BITCOIN_REGTEST_P2TR
        - ADDRESS_FORMAT_SEI
        - ADDRESS_FORMAT_XLM
        - ADDRESS_FORMAT_DOGE_MAINNET
        - ADDRESS_FORMAT_DOGE_TESTNET
        - ADDRESS_FORMAT_TON_V3R2
        - ADDRESS_FORMAT_TON_V4R2
        - ADDRESS_FORMAT_TON_V5R1
        - ADDRESS_FORMAT_XRP
      default: ADDRESS_FORMAT_UNSPECIFIED
      title: |-
        - ADDRESS_FORMAT_UNCOMPRESSED: 04<X_COORDINATE><Y_COORDINATE>
         - ADDRESS_FORMAT_COMPRESSED: 02 or 03, followed by the X coordinate
         - ADDRESS_FORMAT_BITCOIN_MAINNET_P2PKH: Bitcoin Mainnet address types
         - ADDRESS_FORMAT_BITCOIN_TESTNET_P2PKH: Bitcoin Testnet address types
         - ADDRESS_FORMAT_BITCOIN_SIGNET_P2PKH: Bitcoin Signet address types
         - ADDRESS_FORMAT_BITCOIN_REGTEST_P2PKH: Bitcoin Regtest address types
         - ADDRESS_FORMAT_DOGE_MAINNET: Doge Addresses
         - ADDRESS_FORMAT_TON_V3R2: TON Addresses
    v1OauthProviderParams:
      type: object
      properties:
        providerName:
          type: string
          description: Human-readable name to identify a Provider.
        oidcToken:
          type: string
          description: Base64 encoded OIDC token
      required:
        - providerName
        - oidcToken
    v1RootUserParamsV2:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/apiApiKeyParams'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProviderParams'
          description: >-
            A list of Oauth providers. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive"'
      required:
        - userName
        - apiKeys
        - authenticators
        - oauthProviders
    v1ApiKeyParamsV2:
      type: object
      properties:
        apiKeyName:
          type: string
          description: Human-readable name for an API Key.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        publicKey:
          type: string
          description: >-
            The public component of a cryptographic key pair used to sign
            messages and transactions.
          title: '@inject_tag: validate:"hexadecimal,tk_api_key"'
        curveType:
          $ref: '#/components/schemas/v1ApiKeyCurve'
        expirationSeconds:
          type: string
          description: >-
            Optional window (in seconds) indicating how long the API Key should
            last.
      required:
        - apiKeyName
        - publicKey
        - curveType
    v1RootUserParamsV3:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1ApiKeyParamsV2'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProviderParams'
          description: >-
            A list of Oauth providers. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive"'
      required:
        - userName
        - apiKeys
        - authenticators
        - oauthProviders
    v1SmsCustomizationParams:
      type: object
      properties:
        template:
          type: string
          description: >-
            Template containing references to .OtpCode i.e Your OTP is
            {{.OtpCode}}
      description: >-
        Each of these customization parameters are optional; resort to defaults
        if any are not provided.
    v1RootUserParamsV4:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        userPhoneNumber:
          type: string
          description: The user's phone number in E.164 format e.g. +13214567890
          title: '@inject_tag: validate:"omitempty,e164"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1ApiKeyParamsV2'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProviderParams'
          description: >-
            A list of Oauth providers. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive"'
      required:
        - userName
        - apiKeys
        - authenticators
        - oauthProviders
    v1ClientSignature:
      type: object
      properties:
        publicKey:
          type: string
          description: >-
            The public component of a cryptographic key pair used to create the
            signature.
        scheme:
          $ref: '#/components/schemas/v1ClientSignatureScheme'
        message:
          type: string
          description: The message that was signed.
        signature:
          type: string
          description: The cryptographic signature over the message.
      required:
        - publicKey
        - scheme
        - message
        - signature
    v1UserParamsV3:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        userPhoneNumber:
          type: string
          description: The user's phone number in E.164 format e.g. +13214567890
          title: '@inject_tag: validate:"omitempty,e164"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1ApiKeyParamsV2'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProviderParams'
          description: >-
            A list of Oauth providers. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        userTags:
          type: array
          items:
            type: string
          description: >-
            A list of User Tag IDs. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - userName
        - apiKeys
        - authenticators
        - oauthProviders
        - userTags
    v1FiatOnRampProvider:
      type: string
      enum:
        - FIAT_ON_RAMP_PROVIDER_UNSPECIFIED
        - FIAT_ON_RAMP_PROVIDER_COINBASE
        - FIAT_ON_RAMP_PROVIDER_MOONPAY
      default: FIAT_ON_RAMP_PROVIDER_UNSPECIFIED
      description: The supported Fiat On Ramp Providers.
    v1FiatOnRampBlockchainNetwork:
      type: string
      enum:
        - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_UNSPECIFIED
        - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_BITCOIN
        - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_ETHEREUM
        - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_SOLANA
        - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_BASE
      default: FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_UNSPECIFIED
      title: |-
        - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_UNSPECIFIED: Unspecified
         - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_BITCOIN: bitcoin
         - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_ETHEREUM: ethereum
         - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_SOLANA: solana
         - FIAT_ON_RAMP_BLOCKCHAIN_NETWORK_BASE: base
    v1FiatOnRampCryptoCurrency:
      type: string
      enum:
        - FIAT_ON_RAMP_CRYPTO_CURRENCY_UNSPECIFIED
        - FIAT_ON_RAMP_CRYPTO_CURRENCY_BTC
        - FIAT_ON_RAMP_CRYPTO_CURRENCY_ETH
        - FIAT_ON_RAMP_CRYPTO_CURRENCY_SOL
        - FIAT_ON_RAMP_CRYPTO_CURRENCY_USDC
      default: FIAT_ON_RAMP_CRYPTO_CURRENCY_UNSPECIFIED
      title: |-
        - FIAT_ON_RAMP_CRYPTO_CURRENCY_UNSPECIFIED: Unspecified
         - FIAT_ON_RAMP_CRYPTO_CURRENCY_BTC: Bitcoin
         - FIAT_ON_RAMP_CRYPTO_CURRENCY_ETH: Ethereum
         - FIAT_ON_RAMP_CRYPTO_CURRENCY_SOL: Solana
         - FIAT_ON_RAMP_CRYPTO_CURRENCY_USDC: USDC
    v1FiatOnRampCurrency:
      type: string
      enum:
        - FIAT_ON_RAMP_CURRENCY_UNSPECIFIED
        - FIAT_ON_RAMP_CURRENCY_AUD
        - FIAT_ON_RAMP_CURRENCY_BGN
        - FIAT_ON_RAMP_CURRENCY_BRL
        - FIAT_ON_RAMP_CURRENCY_CAD
        - FIAT_ON_RAMP_CURRENCY_CHF
        - FIAT_ON_RAMP_CURRENCY_COP
        - FIAT_ON_RAMP_CURRENCY_CZK
        - FIAT_ON_RAMP_CURRENCY_DKK
        - FIAT_ON_RAMP_CURRENCY_DOP
        - FIAT_ON_RAMP_CURRENCY_EGP
        - FIAT_ON_RAMP_CURRENCY_EUR
        - FIAT_ON_RAMP_CURRENCY_GBP
        - FIAT_ON_RAMP_CURRENCY_HKD
        - FIAT_ON_RAMP_CURRENCY_IDR
        - FIAT_ON_RAMP_CURRENCY_ILS
        - FIAT_ON_RAMP_CURRENCY_JOD
        - FIAT_ON_RAMP_CURRENCY_KES
        - FIAT_ON_RAMP_CURRENCY_KWD
        - FIAT_ON_RAMP_CURRENCY_LKR
        - FIAT_ON_RAMP_CURRENCY_MXN
        - FIAT_ON_RAMP_CURRENCY_NGN
        - FIAT_ON_RAMP_CURRENCY_NOK
        - FIAT_ON_RAMP_CURRENCY_NZD
        - FIAT_ON_RAMP_CURRENCY_OMR
        - FIAT_ON_RAMP_CURRENCY_PEN
        - FIAT_ON_RAMP_CURRENCY_PLN
        - FIAT_ON_RAMP_CURRENCY_RON
        - FIAT_ON_RAMP_CURRENCY_SEK
        - FIAT_ON_RAMP_CURRENCY_THB
        - FIAT_ON_RAMP_CURRENCY_TRY
        - FIAT_ON_RAMP_CURRENCY_TWD
        - FIAT_ON_RAMP_CURRENCY_USD
        - FIAT_ON_RAMP_CURRENCY_VND
        - FIAT_ON_RAMP_CURRENCY_ZAR
      default: FIAT_ON_RAMP_CURRENCY_UNSPECIFIED
      title: |-
        - FIAT_ON_RAMP_CURRENCY_UNSPECIFIED: Unspecified
         - FIAT_ON_RAMP_CURRENCY_AUD: Australian Dollar
         - FIAT_ON_RAMP_CURRENCY_BGN: Bulgarian Lev
         - FIAT_ON_RAMP_CURRENCY_BRL: Brazilian Real
         - FIAT_ON_RAMP_CURRENCY_CAD: Canadian Dollar
         - FIAT_ON_RAMP_CURRENCY_CHF: Swiss Franc
         - FIAT_ON_RAMP_CURRENCY_COP: Colombian Peso
         - FIAT_ON_RAMP_CURRENCY_CZK: Czech Koruna
         - FIAT_ON_RAMP_CURRENCY_DKK: Danish Krone
         - FIAT_ON_RAMP_CURRENCY_DOP: Dominican Peso
         - FIAT_ON_RAMP_CURRENCY_EGP: Egyptian Pound
         - FIAT_ON_RAMP_CURRENCY_EUR: Euro
         - FIAT_ON_RAMP_CURRENCY_GBP: Pound Sterling
         - FIAT_ON_RAMP_CURRENCY_HKD: Hong Kong Dollar
         - FIAT_ON_RAMP_CURRENCY_IDR: Indonesian Rupiah
         - FIAT_ON_RAMP_CURRENCY_ILS: Israeli New Shekel
         - FIAT_ON_RAMP_CURRENCY_JOD: Jordanian Dinar
         - FIAT_ON_RAMP_CURRENCY_KES: Kenyan Shilling
         - FIAT_ON_RAMP_CURRENCY_KWD: Kuwaiti Dinar
         - FIAT_ON_RAMP_CURRENCY_LKR: Sri Lankan Rupee
         - FIAT_ON_RAMP_CURRENCY_MXN: Mexican Peso
         - FIAT_ON_RAMP_CURRENCY_NGN: Nigerian Naira
         - FIAT_ON_RAMP_CURRENCY_NOK: Norwegian Krone
         - FIAT_ON_RAMP_CURRENCY_NZD: New Zealand Dollar
         - FIAT_ON_RAMP_CURRENCY_OMR: Omani Rial
         - FIAT_ON_RAMP_CURRENCY_PEN: Peruvian Sol
         - FIAT_ON_RAMP_CURRENCY_PLN: Polish Złoty
         - FIAT_ON_RAMP_CURRENCY_RON: Romanian Leu
         - FIAT_ON_RAMP_CURRENCY_SEK: Swedish Krona
         - FIAT_ON_RAMP_CURRENCY_THB: Thai Baht
         - FIAT_ON_RAMP_CURRENCY_TRY: Turkish Lira
         - FIAT_ON_RAMP_CURRENCY_TWD: Taiwan Dollar
         - FIAT_ON_RAMP_CURRENCY_USD: US Dollar
         - FIAT_ON_RAMP_CURRENCY_VND: Vietnamese Dong
         - FIAT_ON_RAMP_CURRENCY_ZAR: South African Rand
    v1FiatOnRampPaymentMethod:
      type: string
      enum:
        - FIAT_ON_RAMP_PAYMENT_METHOD_UNSPECIFIED
        - FIAT_ON_RAMP_PAYMENT_METHOD_CREDIT_DEBIT_CARD
        - FIAT_ON_RAMP_PAYMENT_METHOD_APPLE_PAY
        - FIAT_ON_RAMP_PAYMENT_METHOD_GBP_BANK_TRANSFER
        - FIAT_ON_RAMP_PAYMENT_METHOD_GBP_OPEN_BANKING_PAYMENT
        - FIAT_ON_RAMP_PAYMENT_METHOD_GOOGLE_PAY
        - FIAT_ON_RAMP_PAYMENT_METHOD_SEPA_BANK_TRANSFER
        - FIAT_ON_RAMP_PAYMENT_METHOD_PIX_INSTANT_PAYMENT
        - FIAT_ON_RAMP_PAYMENT_METHOD_PAYPAL
        - FIAT_ON_RAMP_PAYMENT_METHOD_VENMO
        - FIAT_ON_RAMP_PAYMENT_METHOD_MOONPAY_BALANCE
        - FIAT_ON_RAMP_PAYMENT_METHOD_CRYPTO_ACCOUNT
        - FIAT_ON_RAMP_PAYMENT_METHOD_FIAT_WALLET
        - FIAT_ON_RAMP_PAYMENT_METHOD_ACH_BANK_ACCOUNT
      default: FIAT_ON_RAMP_PAYMENT_METHOD_UNSPECIFIED
      description: |-
        MoonPay: CREDIT_DEBIT_CARD, Coinbase: CARD
         - FIAT_ON_RAMP_PAYMENT_METHOD_APPLE_PAY: MoonPay: APPLE_PAY, Coinbase: APPLE_PAY
         - FIAT_ON_RAMP_PAYMENT_METHOD_GBP_BANK_TRANSFER: MoonPay-specific methods

        MoonPay: GBP_BANK_TRANSFER
         - FIAT_ON_RAMP_PAYMENT_METHOD_GBP_OPEN_BANKING_PAYMENT: MoonPay: GBP_OPEN_BANKING_PAYMENT
         - FIAT_ON_RAMP_PAYMENT_METHOD_GOOGLE_PAY: MoonPay: GOOGLE_PAY
         - FIAT_ON_RAMP_PAYMENT_METHOD_SEPA_BANK_TRANSFER: MoonPay: SEPA_BANK_TRANSFER
         - FIAT_ON_RAMP_PAYMENT_METHOD_PIX_INSTANT_PAYMENT: MoonPay: PIX_INSTANT_PAYMENT
         - FIAT_ON_RAMP_PAYMENT_METHOD_PAYPAL: MoonPay: PAYPAL
         - FIAT_ON_RAMP_PAYMENT_METHOD_VENMO: MoonPay: VENMO
         - FIAT_ON_RAMP_PAYMENT_METHOD_MOONPAY_BALANCE: MoonPay: MOONPAY_BALANCE
         - FIAT_ON_RAMP_PAYMENT_METHOD_CRYPTO_ACCOUNT: Coinbase-specific methods

        Coinbase: CRYPTO_ACCOUNT
         - FIAT_ON_RAMP_PAYMENT_METHOD_FIAT_WALLET: Coinbase: FIAT_WALLET
         - FIAT_ON_RAMP_PAYMENT_METHOD_ACH_BANK_ACCOUNT: Coinbase: ACH_BANK_ACCOUNT
      title: |-
        - FIAT_ON_RAMP_PAYMENT_METHOD_UNSPECIFIED: Unspecified
         - FIAT_ON_RAMP_PAYMENT_METHOD_CREDIT_DEBIT_CARD: Shared methods (supported by both MoonPay and Coinbase)
    v1SmartContractInterfaceType:
      type: string
      enum:
        - SMART_CONTRACT_INTERFACE_TYPE_UNSPECIFIED
        - SMART_CONTRACT_INTERFACE_TYPE_ETHEREUM
        - SMART_CONTRACT_INTERFACE_TYPE_SOLANA
      default: SMART_CONTRACT_INTERFACE_TYPE_UNSPECIFIED
    v1WalletKitSettingsParams:
      type: object
      properties:
        enabledSocialProviders:
          type: array
          items:
            type: string
          description: >-
            List of enabled social login providers (e.g., 'apple', 'google',
            'facebook')
          title: Enabled Social Providers
        oauthClientIds:
          type: object
          additionalProperties:
            type: string
          description: Mapping of social login providers to their Oauth client IDs.
          title: Oauth Client IDs
        oauthRedirectUrl:
          type: string
          description: Oauth redirect URL to be used for social login flows.
          title: Oauth Redirect URL
      title: >-
        The Wallet Kit pulls from these settings automatically. They can be
        overwritten locally by passing them into the OxkeyProvider
    v1Oauth2Provider:
      type: string
      enum:
        - OAUTH2_PROVIDER_UNSPECIFIED
        - OAUTH2_PROVIDER_X
        - OAUTH2_PROVIDER_DISCORD
      default: OAUTH2_PROVIDER_UNSPECIFIED
      title: A list of OAuth 2.0 providers that are supported
    v1EmailAuthCustomizationParams:
      type: object
      properties:
        appName:
          type: string
          description: >-
            The name of the application. This field is required and will be used
            in email notifications if an email template is not provided.
          title: '@inject_tag: validate:"tk_label_length,tk_label"'
        logoUrl:
          type: string
          description: >-
            A URL pointing to a logo in PNG format. Note this logo will be
            resized to fit into 340px x 124px.
        magicLinkTemplate:
          type: string
          description: >-
            A template for the URL to be used in a magic link button, e.g.
            `https://dapp.xyz/%s`. The auth bundle will be interpolated into the
            `%s`.
        templateVariables:
          type: string
          description: >-
            JSON object containing key/value pairs to be used with custom
            templates.
        templateId:
          type: string
          description: >-
            Unique identifier for a given Email Template. If not specified, the
            default is the most recent Email Template.
      description: >-
        A new proto message specifically for "legacy" endpoints: Email Auth and
        Email Recovery.

        Note that app_name is now a required parameter for newer versions of
        these activities.

        All other fields remain optional and will fall back to defaults.
      required:
        - appName
    v1EmailCustomizationParamsV2:
      type: object
      properties:
        logoUrl:
          type: string
          description: >-
            A URL pointing to a logo in PNG format. Note this logo will be
            resized to fit into 340px x 124px.
        magicLinkTemplate:
          type: string
          description: >-
            A template for the URL to be used in a magic link button, e.g.
            `https://dapp.xyz/%s`. The auth bundle will be interpolated into the
            `%s`.
        templateVariables:
          type: string
          description: >-
            JSON object containing key/value pairs to be used with custom
            templates.
        templateId:
          type: string
          description: >-
            Unique identifier for a given Email Template. If not specified, the
            default is the most recent Email Template.
      description: >-
        This proto message is to be used for newer email-related activities
        (OTP).

        Note that app_name is no longer a parameter here, as it is required in
        the top-level intent for these activities.

        All other fields remain optional and will fall back to defaults.
    v1TvcOperatorSetParams:
      type: object
      properties:
        name:
          type: string
          description: Short description for this new operator set
          title: '@inject_tag: validate:"required"'
        newOperators:
          type: array
          items:
            $ref: '#/components/schemas/v1TvcOperatorParams'
          description: Operators to create as part of this new operator set
        existingOperatorIds:
          type: array
          items:
            type: string
          description: Existing operators to use as part of this new operator set
        threshold:
          type: integer
          format: int64
          description: >-
            The threshold of operators needed to reach consensus in this new
            Operator Set
          title: '@inject_tag: validate:"required"'
      required:
        - name
        - threshold
    v1TvcManifestApproval:
      type: object
      properties:
        operatorId:
          type: string
          description: Unique identifier of the operator providing this approval
          title: '@inject_tag: validate:"required,uuid"'
        signature:
          type: string
          description: Signature from the operator approving the manifest
          title: '@inject_tag: validate:"required"'
      required:
        - operatorId
        - signature
    v1RootUserParamsV5:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        userPhoneNumber:
          type: string
          description: The user's phone number in E.164 format e.g. +13214567890
          title: '@inject_tag: validate:"omitempty,e164"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1ApiKeyParamsV2'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProviderParamsV2'
          description: >-
            A list of Oauth providers. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive"'
      required:
        - userName
        - apiKeys
        - authenticators
        - oauthProviders
    v1OauthProviderParamsV2:
      type: object
      properties:
        providerName:
          type: string
          description: Human-readable name to identify a Provider.
        oidcToken:
          type: string
          description: Base64 encoded OIDC token
        oidcClaims:
          $ref: '#/components/schemas/v1OidcClaims'
      required:
        - providerName
    v1UserParamsV4:
      type: object
      properties:
        userName:
          type: string
          description: Human-readable name for a User.
          title: '@inject_tag: validate:"required,tk_label_length,tk_label"'
        userEmail:
          type: string
          description: The user's email address.
          title: '@inject_tag: validate:"omitempty,email,tk_email"'
        userPhoneNumber:
          type: string
          description: The user's phone number in E.164 format e.g. +13214567890
          title: '@inject_tag: validate:"omitempty,e164"'
        apiKeys:
          type: array
          items:
            $ref: '#/components/schemas/v1ApiKeyParamsV2'
          description: >-
            A list of API Key parameters. This field, if not needed, should be
            an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        authenticators:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorParamsV2'
          description: >-
            A list of Authenticator parameters. This field, if not needed,
            should be an empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        oauthProviders:
          type: array
          items:
            $ref: '#/components/schemas/v1OauthProviderParamsV2'
          description: >-
            A list of Oauth providers. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive"'
        userTags:
          type: array
          items:
            type: string
          description: >-
            A list of User Tag IDs. This field, if not needed, should be an
            empty array in your request body.
          title: '@inject_tag: validate:"dive,uuid"'
      required:
        - userName
        - apiKeys
        - authenticators
        - oauthProviders
        - userTags
    v1PrivateKeyResult:
      type: object
      properties:
        privateKeyId:
          type: string
        addresses:
          type: array
          items:
            $ref: '#/components/schemas/immutableactivityv1Address'
    v1Feature:
      type: object
      properties:
        name:
          $ref: '#/components/schemas/v1FeatureName'
        value:
          type: string
    v1WalletResult:
      type: object
      properties:
        walletId:
          type: string
        addresses:
          type: array
          items:
            type: string
          description: A list of account addresses.
      required:
        - walletId
        - addresses
    immutableactivityv1Address:
      type: object
      properties:
        format:
          $ref: '#/components/schemas/v1AddressFormat'
        address:
          type: string
    v1Authenticator:
      type: object
      properties:
        transports:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorTransport'
          description: >-
            Types of transports that may be used by an Authenticator (e.g., USB,
            NFC, BLE).
        attestationType:
          type: string
        aaguid:
          type: string
          description: Identifier indicating the type of the Security Key.
        credentialId:
          type: string
          description: Unique identifier for a WebAuthn credential.
        model:
          type: string
          description: The type of Authenticator device.
        credential:
          $ref: '#/components/schemas/externaldatav1Credential'
        authenticatorId:
          type: string
          description: Unique identifier for a given Authenticator.
        authenticatorName:
          type: string
          description: Human-readable name for an Authenticator.
        createdAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
        updatedAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
      required:
        - transports
        - attestationType
        - aaguid
        - credentialId
        - model
        - credential
        - authenticatorId
        - authenticatorName
        - createdAt
        - updatedAt
    v1ApiKey:
      type: object
      properties:
        credential:
          $ref: '#/components/schemas/externaldatav1Credential'
        apiKeyId:
          type: string
          description: Unique identifier for a given API Key.
        apiKeyName:
          type: string
          description: Human-readable name for an API Key.
        createdAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
        updatedAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
        expirationSeconds:
          type: string
          format: uint64
          description: >-
            Optional window (in seconds) indicating how long the API Key should
            last.
      required:
        - credential
        - apiKeyId
        - apiKeyName
        - createdAt
        - updatedAt
    v1OauthProvider:
      type: object
      properties:
        providerId:
          type: string
          description: Unique identifier for an OAuth Provider
        providerName:
          type: string
          description: Human-readable name to identify a Provider.
        issuer:
          type: string
          description: >-
            The issuer of the token, typically a URL indicating the
            authentication server, e.g https://accounts.google.com
        audience:
          type: string
          description: >-
            Expected audience ('aud' attribute of the signed token) which
            represents the app ID
        subject:
          type: string
          description: >-
            Expected subject ('sub' attribute of the signed token) which
            represents the user ID
        createdAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
        updatedAt:
          $ref: '#/components/schemas/externaldatav1Timestamp'
      required:
        - providerId
        - providerName
        - issuer
        - audience
        - subject
        - createdAt
        - updatedAt
    v1PublicKeyCredentialWithAttestation:
      type: object
      properties:
        id:
          type: string
        type:
          type: string
          enum:
            - public-key
          title: Must be literal string "public-key"
        rawId:
          type: string
          title: 'ENCODING: base64url'
        authenticatorAttachment:
          type: string
          enum:
            - cross-platform
            - platform
          nullable: true
        response:
          $ref: '#/components/schemas/v1AuthenticatorAttestationResponse'
        clientExtensionResults:
          $ref: '#/components/schemas/v1SimpleClientExtensionResults'
      required:
        - id
        - type
        - rawId
        - response
        - clientExtensionResults
    v1AccessType:
      type: string
      enum:
        - ACCESS_TYPE_UNSPECIFIED
        - ACCESS_TYPE_WEB
        - ACCESS_TYPE_API
        - ACCESS_TYPE_ALL
      default: ACCESS_TYPE_UNSPECIFIED
    v1Operator:
      type: string
      enum:
        - OPERATOR_UNSPECIFIED
        - OPERATOR_EQUAL
        - OPERATOR_MORE_THAN
        - OPERATOR_MORE_THAN_OR_EQUAL
        - OPERATOR_LESS_THAN
        - OPERATOR_LESS_THAN_OR_EQUAL
        - OPERATOR_CONTAINS
        - OPERATOR_NOT_EQUAL
        - OPERATOR_IN
        - OPERATOR_NOT_IN
        - OPERATOR_CONTAINS_ONE
        - OPERATOR_CONTAINS_ALL
      default: OPERATOR_UNSPECIFIED
    v1Attestation:
      type: object
      properties:
        credentialId:
          type: string
          description: The cbor encoded then base64 url encoded id of the credential.
          title: '@inject_tag: validate:"required,max=256"'
        clientDataJson:
          type: string
          description: >-
            A base64 url encoded payload containing metadata about the signing
            context and the challenge.
          title: '@inject_tag: validate:"required"'
        attestationObject:
          type: string
          description: >-
            A base64 url encoded payload containing authenticator data and any
            attestation the webauthn provider chooses.
          title: '@inject_tag: validate:"required"'
        transports:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorTransport'
          description: The type of authenticator transports.
          title: '@inject_tag: validate:"dive"'
      required:
        - credentialId
        - clientDataJson
        - attestationObject
        - transports
    v1PathFormat:
      type: string
      enum:
        - PATH_FORMAT_UNSPECIFIED
        - PATH_FORMAT_BIP32
      default: PATH_FORMAT_UNSPECIFIED
    v1ApiKeyCurve:
      type: string
      enum:
        - API_KEY_CURVE_UNSPECIFIED
        - API_KEY_CURVE_P256
        - API_KEY_CURVE_SECP256K1
        - API_KEY_CURVE_ED25519
      default: API_KEY_CURVE_UNSPECIFIED
      title: Cryptographic Curve used to generate a given API key
    v1ClientSignatureScheme:
      type: string
      enum:
        - CLIENT_SIGNATURE_SCHEME_UNSPECIFIED
        - CLIENT_SIGNATURE_SCHEME_API_P256
      default: CLIENT_SIGNATURE_SCHEME_UNSPECIFIED
    v1TvcOperatorParams:
      type: object
      properties:
        name:
          type: string
          description: The name for this new operator
          title: '@inject_tag: validate:"required"'
        publicKey:
          type: string
          description: Public key for this operator
          title: '@inject_tag: validate:"required"'
      required:
        - name
        - publicKey
    v1OidcClaims:
      type: object
      properties:
        iss:
          type: string
          description: The issuer identifier from the OIDC token (iss claim)
          title: '@inject_tag: validate:"required"'
        sub:
          type: string
          description: The subject identifier from the OIDC token (sub claim)
          title: '@inject_tag: validate:"required"'
        aud:
          type: string
          description: The audience from the OIDC token (aud claim)
          title: '@inject_tag: validate:"required"'
      required:
        - iss
        - sub
        - aud
    v1AuthenticatorTransport:
      type: string
      enum:
        - AUTHENTICATOR_TRANSPORT_UNSPECIFIED
        - AUTHENTICATOR_TRANSPORT_BLE
        - AUTHENTICATOR_TRANSPORT_INTERNAL
        - AUTHENTICATOR_TRANSPORT_NFC
        - AUTHENTICATOR_TRANSPORT_USB
        - AUTHENTICATOR_TRANSPORT_HYBRID
      default: AUTHENTICATOR_TRANSPORT_UNSPECIFIED
    externaldatav1Credential:
      type: object
      properties:
        publicKey:
          type: string
          description: >-
            The public component of a cryptographic key pair used to sign
            messages and transactions.
        type:
          $ref: '#/components/schemas/v1CredentialType'
      required:
        - publicKey
        - type
    v1AuthenticatorAttestationResponse:
      type: object
      properties:
        clientDataJson:
          type: string
          title: 'ENCODING: base64url'
        attestationObject:
          type: string
          title: 'ENCODING: base64url'
        transports:
          type: array
          items:
            $ref: '#/components/schemas/v1AuthenticatorTransport'
        authenticatorAttachment:
          type: string
          enum:
            - cross-platform
            - platform
          nullable: true
      required:
        - clientDataJson
        - attestationObject
    v1SimpleClientExtensionResults:
      type: object
      properties:
        appid:
          type: boolean
        appidExclude:
          type: boolean
        credProps:
          $ref: >-
            #/components/schemas/v1CredPropsAuthenticationExtensionsClientOutputs
    v1CredentialType:
      type: string
      enum:
        - CREDENTIAL_TYPE_UNSPECIFIED
        - CREDENTIAL_TYPE_WEBAUTHN_AUTHENTICATOR
        - CREDENTIAL_TYPE_API_KEY_P256
        - CREDENTIAL_TYPE_RECOVER_USER_KEY_P256
        - CREDENTIAL_TYPE_API_KEY_SECP256K1
        - CREDENTIAL_TYPE_EMAIL_AUTH_KEY_P256
        - CREDENTIAL_TYPE_API_KEY_ED25519
        - CREDENTIAL_TYPE_OTP_AUTH_KEY_P256
        - CREDENTIAL_TYPE_READ_WRITE_SESSION_KEY_P256
        - CREDENTIAL_TYPE_OAUTH_KEY_P256
        - CREDENTIAL_TYPE_LOGIN
      default: CREDENTIAL_TYPE_UNSPECIFIED
    v1CredPropsAuthenticationExtensionsClientOutputs:
      type: object
      properties:
        rk:
          type: boolean
      required:
        - rk
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      name: X-Stamp
      in: header
    AuthenticatorAuth:
      type: apiKey
      name: X-Stamp-WebAuthn
      in: header

````