diff --git a/docs/policy-management/Policy-language.md b/docs/policy-management/Policy-language.md index caa9ae7d..ba6f7d29 100644 --- a/docs/policy-management/Policy-language.md +++ b/docs/policy-management/Policy-language.md @@ -42,6 +42,7 @@ Keywords are reserved words that are dynamically interchanged for real values at | --------------- | ------------------- | -------------------------------------------- | | **activity** | Activity | The activity metadata of the request | | **eth.tx** | EthereumTransaction | The parsed Ethereum transaction payload | +| **wallet** | Wallet | The target wallet used in sign requests | | **private_key** | PrivateKey | The target private key used in sign requests | ## Types @@ -66,9 +67,10 @@ Keywords are reserved words that are dynamically interchanged for real values at | | tags | list | The collection of tags for the user | | | email | string | The email address of the user | | | alias | string | The alias of the user | -| **Activity** | type | string | The type of the activity (e.g. ACTIVITY_TYPE_SIGN_TRANSACTION) | -| | resource | string | The target resource of the activity (e.g. USER, PRIVATE_KEY, POLICY, CREDENTIAL, etc) | -| | action | string | The action of the activity (e.g. CREATE, UPDATE, DELETE, SIGN, etc) | +| **Activity** | type | string | The type of the activity (e.g. ACTIVITY_TYPE_SIGN_TRANSACTION_V2) | +| | resource | string | The resource type the activity targets (e.g. USER, PRIVATE_KEY, POLICY, etc) | +| | action | string | The action of the activity (e.g. CREATE, UPDATE, DELETE, SIGN, etc) | +| **Wallet** | id | string | The identifier of the wallet | | **PrivateKey** | id | string | The identifier of the private key | | | tags | list | The collection of tags for the private key | | **EthereumTransaction** | from | string | The sender address of the transaction | @@ -80,31 +82,35 @@ Keywords are reserved words that are dynamically interchanged for real values at | | chain_id | int | The chain identifier for the transaction | ## Activity Breakdown -| Type | Resource | Action | Notes | -| :----------------------------------------- | --------------- | ---------- | ----- | -| ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V2 | ORGANIZATION | CREATE | | -| ACTIVITY_TYPE_CREATE_INVITATIONS | INVITATION | CREATE | | -| ACTIVITY_TYPE_DELETE_INVITATION | INVITATION | DELETE | | -| ACTIVITY_TYPE_CREATE_POLICY_V3 | POLICY | CREATE | | -| ACTIVITY_TYPE_UPDATE_POLICY | POLICY | UPDATE | | -| ACTIVITY_TYPE_DELETE_POLICY | POLICY | DELETE | | -| ACTIVITY_TYPE_CREATE_PRIVATE_KEYS_V2 | PRIVATE_KEY | CREATE | | -| ACTIVITY_TYPE_CREATE_PRIVATE_KEY_TAG | PRIVATE_KEY | CREATE | | -| ACTIVITY_TYPE_UPDATE_PRIVATE_KEY_TAG | PRIVATE_KEY | UPDATE | | -| ACTIVITY_TYPE_DISABLE_PRIVATE_KEY | PRIVATE_KEY | DELETE | | -| ACTIVITY_TYPE_DELETE_PRIVATE_KEY_TAGS | PRIVATE_KEY | DELELE | | -| ACTIVITY_TYPE_SIGN_RAW_PAYLOAD | PRIVATE_KEY | SIGN | | -| ACTIVITY_TYPE_SIGN_TRANSACTION | PRIVATE_KEY | SIGN | | -| ACTIVITY_TYPE_CREATE_USERS_V2 | USER | CREATE | | -| ACTIVITY_TYPE_CREATE_USER_TAG | USER | CREATE | | -| ACTIVITY_TYPE_UPDATE_USER | USER | UPDATE | | -| ACTIVITY_TYPE_UPDATE_USER_TAG | USER | UPDATE | | -| ACTIVITY_TYPE_DELETE_USERS | USER | DELETE | | -| ACTIVITY_TYPE_DELETE_USER_TAG | USER | DELETE | | -| ACTIVITY_TYPE_CREATE_API_KEYS | CREDENTIAL | CREATE | | -| ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2 | CREDENTIAL | CREATE | | -| ACTIVITY_TYPE_DELETE_API_KEYS | CREDENTIAL | DELETE | | -| ACTIVITY_TYPE_DELETE_AUTHENTICATORS | CREDENTIAL | DELETE | | +| Resource Type | Action | Activity Type | +| --------------- | -------- | :----------------------------------------- | +| **ORGANIZATION** | CREATE | ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V4 | +| **INVITATION** | CREATE | ACTIVITY_TYPE_CREATE_INVITATIONS | +| | DELETE | ACTIVITY_TYPE_DELETE_INVITATION | +| **POLICY** | CREATE | ACTIVITY_TYPE_CREATE_POLICY_V3 | +| | UPDATE | ACTIVITY_TYPE_UPDATE_POLICY | +| | DELETE | ACTIVITY_TYPE_DELETE_POLICY | +| **WALLET** | CREATE | ACTIVITY_TYPE_CREATE_WALLET | +| | CREATE | ACTIVITY_TYPE_CREATE_WALLET_ACCOUNTS | +| | EXPORT | ACTIVITY_TYPE_EXPORT_WALLET | +| **PRIVATE_KEY** | CREATE | ACTIVITY_TYPE_CREATE_PRIVATE_KEYS_V2 | +| | CREATE | ACTIVITY_TYPE_CREATE_PRIVATE_KEY_TAG | +| | UPDATE | ACTIVITY_TYPE_UPDATE_PRIVATE_KEY_TAG | +| | DELETE | ACTIVITY_TYPE_DISABLE_PRIVATE_KEY | +| | DELELE | ACTIVITY_TYPE_DELETE_PRIVATE_KEY_TAGS | +| | EXPORT | ACTIVITY_TYPE_EXPORT_PRIVATE_KEY | +| | SIGN | ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2 | +| | SIGN | ACTIVITY_TYPE_SIGN_TRANSACTION_V2 | +| **USER** | CREATE | ACTIVITY_TYPE_CREATE_USERS_V2 | +| | CREATE | ACTIVITY_TYPE_CREATE_USER_TAG | +| | UPDATE | ACTIVITY_TYPE_UPDATE_USER | +| | UPDATE | ACTIVITY_TYPE_UPDATE_USER_TAG | +| | DELETE | ACTIVITY_TYPE_DELETE_USERS | +| | DELETE | ACTIVITY_TYPE_DELETE_USER_TAG | +| **CREDENTIAL** | CREATE | ACTIVITY_TYPE_CREATE_API_KEYS | +| | CREATE | ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2 | +| | DELETE | ACTIVITY_TYPE_DELETE_API_KEYS | +| | DELETE | ACTIVITY_TYPE_DELETE_AUTHENTICATORS | ## Coming soon diff --git a/static/specs/external/activity/v1/activity.swagger.json b/static/specs/external/activity/v1/activity.swagger.json index 5df74e94..dc0df45d 100644 --- a/static/specs/external/activity/v1/activity.swagger.json +++ b/static/specs/external/activity/v1/activity.swagger.json @@ -4,8 +4,12 @@ "title": "external/activity/v1/activity.proto", "version": "version not set" }, - "consumes": ["application/json"], - "produces": ["application/json"], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "paths": {}, "definitions": { "protobufAny": { diff --git a/static/specs/external/crypto/v1/crypto.swagger.json b/static/specs/external/crypto/v1/crypto.swagger.json index 1b387fec..d38bb021 100644 --- a/static/specs/external/crypto/v1/crypto.swagger.json +++ b/static/specs/external/crypto/v1/crypto.swagger.json @@ -4,8 +4,12 @@ "title": "external/crypto/v1/crypto.proto", "version": "version not set" }, - "consumes": ["application/json"], - "produces": ["application/json"], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "paths": {}, "definitions": { "protobufAny": { diff --git a/static/specs/external/data/v1/organization_data.swagger.json b/static/specs/external/data/v1/organization_data.swagger.json index 52b7974a..11d7bda3 100644 --- a/static/specs/external/data/v1/organization_data.swagger.json +++ b/static/specs/external/data/v1/organization_data.swagger.json @@ -4,8 +4,12 @@ "title": "external/data/v1/organization_data.proto", "version": "version not set" }, - "consumes": ["application/json"], - "produces": ["application/json"], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "paths": {}, "definitions": { "protobufAny": { diff --git a/static/specs/external/errors/v1/errors.swagger.json b/static/specs/external/errors/v1/errors.swagger.json index 989bb542..6825e63d 100644 --- a/static/specs/external/errors/v1/errors.swagger.json +++ b/static/specs/external/errors/v1/errors.swagger.json @@ -4,8 +4,12 @@ "title": "external/errors/v1/errors.proto", "version": "version not set" }, - "consumes": ["application/json"], - "produces": ["application/json"], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "paths": {}, "definitions": { "protobufAny": { diff --git a/static/specs/external/options/v1/options.swagger.json b/static/specs/external/options/v1/options.swagger.json index 63ca94f3..81702e0f 100644 --- a/static/specs/external/options/v1/options.swagger.json +++ b/static/specs/external/options/v1/options.swagger.json @@ -4,8 +4,12 @@ "title": "external/options/v1/options.proto", "version": "version not set" }, - "consumes": ["application/json"], - "produces": ["application/json"], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "paths": {}, "definitions": { "protobufAny": { diff --git a/static/specs/external/webauthn/v1/webauthn.swagger.json b/static/specs/external/webauthn/v1/webauthn.swagger.json index 0ea3589e..041eb851 100644 --- a/static/specs/external/webauthn/v1/webauthn.swagger.json +++ b/static/specs/external/webauthn/v1/webauthn.swagger.json @@ -4,8 +4,12 @@ "title": "external/webauthn/v1/webauthn.proto", "version": "version not set" }, - "consumes": ["application/json"], - "produces": ["application/json"], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "paths": {}, "definitions": { "protobufAny": { diff --git a/static/specs/services/coordinator/public/v1/public_api.swagger.json b/static/specs/services/coordinator/public/v1/public_api.swagger.json index 77f11d11..56e42a08 100644 --- a/static/specs/services/coordinator/public/v1/public_api.swagger.json +++ b/static/specs/services/coordinator/public/v1/public_api.swagger.json @@ -7,9 +7,6 @@ "contact": {} }, "tags": [ - { - "name": "PublicApiService" - }, { "name": "Organizations", "description": "An Organization is the highest level of hierarchy in Turnkey. It can contain many Users, Private Keys, and Policies managed by a Root Quorum. The Root Quorum consists of a set of Users with a consensus threshold. This consensus threshold must be reached by Quorum members in order for any actions to take place.\n\nSee [Root Quorum](../managing-users/root-quorum) for more information" @@ -22,9 +19,17 @@ "name": "Policies", "description": "Policies allow for deep customization of the security of your Organization. They can be used to grant permissions or restrict usage of Users and Private Keys. The Policy Engine analyzes all of your Policies on each request to determine whether an Activity is allowed.\n\nSee [Policy Overview](../managing-policies/overview) for more information" }, + { + "name": "Wallets", + "description": "Wallets contain collections of deterministically generated cryptographic public / private key pairs that share a common seed. Turnkey securely holds the common seed, but only you can access it. In most cases, Wallets should be preferred over Private Keys since they can be represented by a mnemonic phrase, used across a variety of cryptographic curves, and can derive many addresses." + }, + { + "name": "Signatures", + "description": "Signatures are used to validate the authenticity and integrity of a digital message. Signatures are a fundamental building block in blockchains. Turnkey makes it easy to produce signatures by allowing you to sign with an address. If Turnkey doesn't yet support an address format you need, you can generate and sign with the public key instead by using the address format `ADDRESS_FORMAT_COMPRESSED`." + }, { "name": "Private Keys", - "description": "Private Keys are cryptographic public / private key pairs that can be used for cryptocurrency needs or more generalized encryption. Think of Private Keys as your own programmable wallet. Turnkey securely holds all Private Key materials for you, but only you can access them." + "description": "Private Keys are cryptographic public / private key pairs that can be used for cryptocurrency needs or more generalized encryption. Turnkey securely holds all Private Key materials for you, but only you can access them." }, { "name": "Private Key Tags", @@ -56,9 +61,15 @@ } ], "host": "api.turnkey.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "paths": { "/public/v1/query/get_activity": { "post": { @@ -89,7 +100,9 @@ } } ], - "tags": ["Activities"] + "tags": [ + "Activities" + ] } }, "/public/v1/query/get_authenticator": { @@ -121,7 +134,9 @@ } } ], - "tags": ["Authenticators"] + "tags": [ + "Authenticators" + ] } }, "/public/v1/query/get_authenticators": { @@ -153,39 +168,9 @@ } } ], - "tags": ["Authenticators"] - } - }, - "/public/v1/query/get_organization": { - "post": { - "summary": "Get Organization", - "description": "Get details about an Organization", - "operationId": "PublicApiService_GetOrganization", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/v1GetOrganizationResponse" - } - }, - "default": { - "description": "An unexpected error response.", - "schema": { - "$ref": "#/definitions/rpcStatus" - } - } - }, - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/v1GetOrganizationRequest" - } - } - ], - "tags": ["Organizations"] + "tags": [ + "Authenticators" + ] } }, "/public/v1/query/get_policy": { @@ -217,7 +202,9 @@ } } ], - "tags": ["Policies"] + "tags": [ + "Policies" + ] } }, "/public/v1/query/get_private_key": { @@ -249,7 +236,9 @@ } } ], - "tags": ["Private Keys"] + "tags": [ + "Private Keys" + ] } }, "/public/v1/query/get_user": { @@ -281,7 +270,9 @@ } } ], - "tags": ["Users"] + "tags": [ + "Users" + ] } }, "/public/v1/query/list_activities": { @@ -313,7 +304,9 @@ } } ], - "tags": ["Activities"] + "tags": [ + "Activities" + ] } }, "/public/v1/query/list_policies": { @@ -345,7 +338,9 @@ } } ], - "tags": ["Policies"] + "tags": [ + "Policies" + ] } }, "/public/v1/query/list_private_keys": { @@ -377,7 +372,9 @@ } } ], - "tags": ["Private Keys"] + "tags": [ + "Private Keys" + ] } }, "/public/v1/query/list_users": { @@ -409,7 +406,9 @@ } } ], - "tags": ["Users"] + "tags": [ + "Users" + ] } }, "/public/v1/query/whoami": { @@ -441,7 +440,9 @@ } } ], - "tags": ["Who am I?"] + "tags": [ + "Who am I?" + ] } }, "/public/v1/submit/approve_activity": { @@ -473,7 +474,9 @@ } } ], - "tags": ["Consensus"] + "tags": [ + "Consensus" + ] } }, "/public/v1/submit/create_api_keys": { @@ -505,39 +508,9 @@ } } ], - "tags": ["API Keys"] - } - }, - "/public/v1/submit/create_api_only_users": { - "post": { - "summary": "Create API-only Users", - "description": "Create API-only Users in an existing Organization", - "operationId": "PublicApiService_CreateApiOnlyUsers", - "responses": { - "200": { - "description": "A successful response.", - "schema": { - "$ref": "#/definitions/v1ActivityResponse" - } - }, - "default": { - "description": "An unexpected error response.", - "schema": { - "$ref": "#/definitions/rpcStatus" - } - } - }, - "parameters": [ - { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/v1CreateApiOnlyUsersRequest" - } - } - ], - "tags": ["Users"] + "tags": [ + "API Keys" + ] } }, "/public/v1/submit/create_authenticators": { @@ -569,7 +542,9 @@ } } ], - "tags": ["Authenticators"] + "tags": [ + "Authenticators" + ] } }, "/public/v1/submit/create_invitations": { @@ -601,7 +576,9 @@ } } ], - "tags": ["Invitations"] + "tags": [ + "Invitations" + ] } }, "/public/v1/submit/create_policy": { @@ -633,7 +610,9 @@ } } ], - "tags": ["Policies"] + "tags": [ + "Policies" + ] } }, "/public/v1/submit/create_private_key_tag": { @@ -665,7 +644,9 @@ } } ], - "tags": ["Private Key Tags"] + "tags": [ + "Private Key Tags" + ] } }, "/public/v1/submit/create_private_keys": { @@ -697,7 +678,9 @@ } } ], - "tags": ["Private Keys"] + "tags": [ + "Private Keys" + ] } }, "/public/v1/submit/create_sub_organization": { @@ -729,7 +712,9 @@ } } ], - "tags": ["Organizations"] + "tags": [ + "Organizations" + ] } }, "/public/v1/submit/create_user_tag": { @@ -761,7 +746,9 @@ } } ], - "tags": ["User Tags"] + "tags": [ + "User Tags" + ] } }, "/public/v1/submit/create_users": { @@ -793,7 +780,77 @@ } } ], - "tags": ["Users"] + "tags": [ + "Users" + ] + } + }, + "/public/v1/submit/create_wallet": { + "post": { + "summary": "Create Wallet", + "description": "Create a Wallet and derive addresses", + "operationId": "PublicApiService_CreateWallet", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ActivityResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/rpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1CreateWalletRequest" + } + } + ], + "tags": [ + "Wallets" + ] + } + }, + "/public/v1/submit/create_wallet_accounts": { + "post": { + "summary": "Create Wallet Accounts", + "description": "Derive additional addresses using an existing wallet", + "operationId": "PublicApiService_CreateWalletAccounts", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ActivityResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/rpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1CreateWalletAccountsRequest" + } + } + ], + "tags": [ + "Wallets" + ] } }, "/public/v1/submit/delete_api_keys": { @@ -825,7 +882,9 @@ } } ], - "tags": ["API Keys"] + "tags": [ + "API Keys" + ] } }, "/public/v1/submit/delete_authenticators": { @@ -857,10 +916,12 @@ } } ], - "tags": ["Authenticators"] + "tags": [ + "Authenticators" + ] } }, - "/public/v1/submit/delete_invitations": { + "/public/v1/submit/delete_invitation": { "post": { "summary": "Delete Invitation", "description": "Delete an existing Invitation", @@ -889,7 +950,9 @@ } } ], - "tags": ["Invitations"] + "tags": [ + "Invitations" + ] } }, "/public/v1/submit/delete_policy": { @@ -921,14 +984,16 @@ } } ], - "tags": ["Policies"] + "tags": [ + "Policies" + ] } }, - "/public/v1/submit/reject_activity": { + "/public/v1/submit/export_private_key": { "post": { - "summary": "Reject Activity", - "description": "Reject an Activity", - "operationId": "PublicApiService_RejectActivity", + "summary": "Export Private Key", + "description": "Exports a Private Key", + "operationId": "PublicApiService_ExportPrivateKey", "responses": { "200": { "description": "A successful response.", @@ -949,18 +1014,20 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1RejectActivityRequest" + "$ref": "#/definitions/v1ExportPrivateKeyRequest" } } ], - "tags": ["Consensus"] + "tags": [ + "Private Keys" + ] } }, - "/public/v1/submit/sign_raw_payload": { + "/public/v1/submit/export_wallet": { "post": { - "summary": "Sign Raw Payload", - "description": "Sign a raw payload with a Private Key", - "operationId": "PublicApiService_SignRawPayload", + "summary": "Export Wallet", + "description": "Exports a Wallet", + "operationId": "PublicApiService_ExportWallet", "responses": { "200": { "description": "A successful response.", @@ -981,18 +1048,20 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1SignRawPayloadRequest" + "$ref": "#/definitions/v1ExportWalletRequest" } } ], - "tags": ["Private Keys"] + "tags": [ + "Wallets" + ] } }, - "/public/v1/submit/sign_transaction": { + "/public/v1/submit/init_user_email_recovery": { "post": { - "summary": "Sign Transaction", - "description": "Sign a transaction with a Private Key", - "operationId": "PublicApiService_SignTransaction", + "summary": "Init Email Recovery", + "description": "Initializes a new email recovery", + "operationId": "PublicApiService_InitUserEmailRecovery", "responses": { "200": { "description": "A successful response.", @@ -1013,18 +1082,20 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1SignTransactionRequest" + "$ref": "#/definitions/v1InitUserEmailRecoveryRequest" } } ], - "tags": ["Private Keys"] + "tags": [ + "User Recovery" + ] } }, - "/public/v1/submit/update_allowed_origins": { + "/public/v1/submit/recover_user": { "post": { - "summary": "Update Allowable Origins", - "description": "Update the allowable origins for credentials and requests", - "operationId": "PublicApiService_UpdateAllowedOrigins", + "summary": "Recover a user", + "description": "Completes the process of recovering a user by adding an authenticator", + "operationId": "PublicApiService_RecoverUser", "responses": { "200": { "description": "A successful response.", @@ -1045,18 +1116,20 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1UpdateAllowedOriginsRequest" + "$ref": "#/definitions/v1RecoverUserRequest" } } ], - "tags": ["Organizations"] + "tags": [ + "User Recovery" + ] } }, - "/public/v1/submit/update_policy": { + "/public/v1/submit/reject_activity": { "post": { - "summary": "Update Policy", - "description": "Update an existing Policy", - "operationId": "PublicApiService_UpdatePolicy", + "summary": "Reject Activity", + "description": "Reject an Activity", + "operationId": "PublicApiService_RejectActivity", "responses": { "200": { "description": "A successful response.", @@ -1077,18 +1150,20 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1UpdatePolicyRequest" + "$ref": "#/definitions/v1RejectActivityRequest" } } ], - "tags": ["Policies"] + "tags": [ + "Consensus" + ] } }, - "/public/v1/submit/update_private_key_tag": { + "/public/v1/submit/remove_organization_feature": { "post": { - "summary": "Update Private Key Tag", - "description": "Update human-readable name or associated private keys. Note that this activity is atomic: all of the updates will succeed at once, or all of them will fail.", - "operationId": "PublicApiService_UpdatePrivateKeyTag", + "summary": "Remove Organization Feature", + "description": "Removes an organization feature", + "operationId": "PublicApiService_RemoveOrganizationFeature", "responses": { "200": { "description": "A successful response.", @@ -1109,18 +1184,20 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1UpdatePrivateKeyTagRequest" + "$ref": "#/definitions/v1RemoveOrganizationFeatureRequest" } } ], - "tags": ["Private Key Tags"] + "tags": [ + "Features" + ] } }, - "/public/v1/submit/update_root_quorum": { + "/public/v1/submit/set_organization_feature": { "post": { - "summary": "Update Root Quorum", - "description": "Set the threshold and members of the root quorum. This must be approved by the current root quorum.", - "operationId": "PublicApiService_UpdateRootQuorum", + "summary": "Set Organization Feature", + "description": "Sets an organization feature", + "operationId": "PublicApiService_SetOrganizationFeature", "responses": { "200": { "description": "A successful response.", @@ -1141,18 +1218,20 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1UpdateRootQuorumRequest" + "$ref": "#/definitions/v1SetOrganizationFeatureRequest" } } ], - "tags": ["Organizations"] + "tags": [ + "Features" + ] } }, - "/public/v1/submit/update_user": { + "/public/v1/submit/sign_raw_payload": { "post": { - "summary": "Update User", - "description": "Update a User in an existing Organization", - "operationId": "PublicApiService_UpdateUser", + "summary": "Sign Raw Payload", + "description": "Sign a raw payload", + "operationId": "PublicApiService_SignRawPayload", "responses": { "200": { "description": "A successful response.", @@ -1173,18 +1252,20 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1UpdateUserRequest" + "$ref": "#/definitions/v1SignRawPayloadRequest" } } ], - "tags": ["Users"] + "tags": [ + "Signatures" + ] } }, - "/public/v1/submit/update_user_tag": { + "/public/v1/submit/sign_transaction": { "post": { - "summary": "Update User Tag", - "description": "Update human-readable name or associated users. Note that this activity is atomic: all of the updates will succeed at once, or all of them will fail.", - "operationId": "PublicApiService_UpdateUserTag", + "summary": "Sign Transaction", + "description": "Sign a transaction", + "operationId": "PublicApiService_SignTransaction", "responses": { "200": { "description": "A successful response.", @@ -1205,58 +1286,245 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/v1UpdateUserTagRequest" + "$ref": "#/definitions/v1SignTransactionRequest" } } ], - "tags": ["User Tags"] + "tags": [ + "Signatures" + ] } - } - }, - "definitions": { - "datav1Tag": { - "type": "object", - "properties": { - "tagId": { - "type": "string", - "description": "Unique identifier for a given Tag." - }, - "tagName": { - "type": "string", - "description": "Human-readable name for a Tag." - }, - "tagType": { - "$ref": "#/definitions/v1TagType" - }, - "createdAt": { - "$ref": "#/definitions/v1Timestamp" - }, - "updatedAt": { - "$ref": "#/definitions/v1Timestamp" - } - }, - "required": ["tagId", "tagName", "tagType", "createdAt", "updatedAt"] }, - "externaldatav1AccessType": { - "type": "string", - "enum": ["ACCESS_TYPE_WEB", "ACCESS_TYPE_API", "ACCESS_TYPE_ALL"] + "/public/v1/submit/update_allowed_origins": { + "post": { + "summary": "Update Allowable Origins", + "description": "Update the allowable origins for credentials and requests", + "operationId": "PublicApiService_UpdateAllowedOrigins", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ActivityResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/rpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1UpdateAllowedOriginsRequest" + } + } + ], + "tags": [ + "Features" + ] + } }, - "externaldatav1Address": { - "type": "object", - "properties": { - "format": { - "$ref": "#/definitions/externaldatav1AddressFormat" + "/public/v1/submit/update_policy": { + "post": { + "summary": "Update Policy", + "description": "Update an existing Policy", + "operationId": "PublicApiService_UpdatePolicy", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ActivityResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/rpcStatus" + } + } }, - "address": { - "type": "string" - } + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1UpdatePolicyRequest" + } + } + ], + "tags": [ + "Policies" + ] } }, - "externaldatav1AddressFormat": { - "type": "string", - "enum": [ - "ADDRESS_FORMAT_UNCOMPRESSED", - "ADDRESS_FORMAT_COMPRESSED", + "/public/v1/submit/update_private_key_tag": { + "post": { + "summary": "Update Private Key Tag", + "description": "Update human-readable name or associated private keys. Note that this activity is atomic: all of the updates will succeed at once, or all of them will fail.", + "operationId": "PublicApiService_UpdatePrivateKeyTag", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ActivityResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/rpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1UpdatePrivateKeyTagRequest" + } + } + ], + "tags": [ + "Private Key Tags" + ] + } + }, + "/public/v1/submit/update_root_quorum": { + "post": { + "summary": "Update Root Quorum", + "description": "Set the threshold and members of the root quorum. This must be approved by the current root quorum.", + "operationId": "PublicApiService_UpdateRootQuorum", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ActivityResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/rpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1UpdateRootQuorumRequest" + } + } + ], + "tags": [ + "Organizations" + ] + } + }, + "/public/v1/submit/update_user": { + "post": { + "summary": "Update User", + "description": "Update a User in an existing Organization", + "operationId": "PublicApiService_UpdateUser", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ActivityResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/rpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1UpdateUserRequest" + } + } + ], + "tags": [ + "Users" + ] + } + }, + "/public/v1/submit/update_user_tag": { + "post": { + "summary": "Update User Tag", + "description": "Update human-readable name or associated users. Note that this activity is atomic: all of the updates will succeed at once, or all of them will fail.", + "operationId": "PublicApiService_UpdateUserTag", + "responses": { + "200": { + "description": "A successful response.", + "schema": { + "$ref": "#/definitions/v1ActivityResponse" + } + }, + "default": { + "description": "An unexpected error response.", + "schema": { + "$ref": "#/definitions/rpcStatus" + } + } + }, + "parameters": [ + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/v1UpdateUserTagRequest" + } + } + ], + "tags": [ + "User Tags" + ] + } + } + }, + "definitions": { + "externaldatav1AccessType": { + "type": "string", + "enum": [ + "ACCESS_TYPE_WEB", + "ACCESS_TYPE_API", + "ACCESS_TYPE_ALL" + ] + }, + "externaldatav1Address": { + "type": "object", + "properties": { + "format": { + "$ref": "#/definitions/externaldatav1AddressFormat" + }, + "address": { + "type": "string" + } + } + }, + "externaldatav1AddressFormat": { + "type": "string", + "enum": [ + "ADDRESS_FORMAT_UNCOMPRESSED", + "ADDRESS_FORMAT_COMPRESSED", "ADDRESS_FORMAT_ETHEREUM" ] }, @@ -1270,13 +1538,43 @@ "AUTHENTICATOR_TRANSPORT_HYBRID" ] }, + "externaldatav1Credential": { + "type": "object", + "properties": { + "publicKey": { + "type": "string", + "description": "The public component of a cryptographic key pair used to sign messages and transactions." + }, + "type": { + "$ref": "#/definitions/externaldatav1CredentialType" + } + }, + "required": [ + "publicKey", + "type" + ] + }, + "externaldatav1CredentialType": { + "type": "string", + "enum": [ + "CREDENTIAL_TYPE_WEBAUTHN_AUTHENTICATOR", + "CREDENTIAL_TYPE_API_KEY_P256", + "CREDENTIAL_TYPE_RECOVER_USER_KEY_P256" + ] + }, "externaldatav1Curve": { "type": "string", - "enum": ["CURVE_SECP256K1", "CURVE_ED25519"] + "enum": [ + "CURVE_SECP256K1", + "CURVE_ED25519" + ] }, "externaldatav1Effect": { "type": "string", - "enum": ["EFFECT_ALLOW", "EFFECT_DENY"] + "enum": [ + "EFFECT_ALLOW", + "EFFECT_DENY" + ] }, "externaldatav1Operator": { "type": "string", @@ -1313,38 +1611,61 @@ "description": "The specific parameter from the subject being referenced, like a specific user ID." } }, - "required": ["subject", "operator", "targets"] + "required": [ + "subject", + "operator", + "targets" + ] + }, + "externaldatav1Timestamp": { + "type": "object", + "properties": { + "seconds": { + "type": "string" + }, + "nanos": { + "type": "string" + } + }, + "required": [ + "seconds", + "nanos" + ] }, "immutableactivityv1AccessType": { "type": "string", - "enum": ["ACCESS_TYPE_WEB", "ACCESS_TYPE_API", "ACCESS_TYPE_ALL"] + "enum": [ + "ACCESS_TYPE_WEB", + "ACCESS_TYPE_API", + "ACCESS_TYPE_ALL" + ] }, "immutableactivityv1Address": { "type": "object", "properties": { "format": { - "$ref": "#/definitions/immutableactivityv1AddressFormat" + "$ref": "#/definitions/immutablecommonv1AddressFormat" }, "address": { "type": "string" } } }, - "immutableactivityv1AddressFormat": { + "immutableactivityv1Effect": { "type": "string", "enum": [ - "ADDRESS_FORMAT_UNCOMPRESSED", - "ADDRESS_FORMAT_COMPRESSED", - "ADDRESS_FORMAT_ETHEREUM" + "EFFECT_ALLOW", + "EFFECT_DENY" ] }, - "immutableactivityv1Curve": { - "type": "string", - "enum": ["CURVE_SECP256K1", "CURVE_ED25519"] - }, - "immutableactivityv1Effect": { + "immutableactivityv1HashFunction": { "type": "string", - "enum": ["EFFECT_ALLOW", "EFFECT_DENY"] + "enum": [ + "HASH_FUNCTION_NO_OP", + "HASH_FUNCTION_SHA256", + "HASH_FUNCTION_KECCAK256", + "HASH_FUNCTION_NOT_APPLICABLE" + ] }, "immutableactivityv1Operator": { "type": "string", @@ -1362,6 +1683,13 @@ "OPERATOR_CONTAINS_ALL" ] }, + "immutableactivityv1PayloadEncoding": { + "type": "string", + "enum": [ + "PAYLOAD_ENCODING_HEXADECIMAL", + "PAYLOAD_ENCODING_TEXT_UTF8" + ] + }, "immutableactivityv1Selector": { "type": "object", "properties": { @@ -1376,9 +1704,22 @@ } } }, - "immutableactivityv1TransactionType": { + "immutablecommonv1AddressFormat": { + "type": "string", + "enum": [ + "ADDRESS_FORMAT_UNCOMPRESSED", + "ADDRESS_FORMAT_COMPRESSED", + "ADDRESS_FORMAT_ETHEREUM", + "ADDRESS_FORMAT_SOLANA", + "ADDRESS_FORMAT_COSMOS" + ] + }, + "immutablecommonv1Curve": { "type": "string", - "enum": ["TRANSACTION_TYPE_ETHEREUM"] + "enum": [ + "CURVE_SECP256K1", + "CURVE_ED25519" + ] }, "immutablewebauthnv1AuthenticatorTransport": { "type": "string", @@ -1434,7 +1775,11 @@ "description": "WebAuthN hardware devices that can be used to log in to the Turnkey web app." } }, - "required": ["invitationId", "userId", "authenticator"] + "required": [ + "invitationId", + "userId", + "authenticator" + ] }, "v1AcceptInvitationIntentV2": { "type": "object", @@ -1452,7 +1797,11 @@ "description": "WebAuthN hardware devices that can be used to log in to the Turnkey web app." } }, - "required": ["invitationId", "userId", "authenticator"] + "required": [ + "invitationId", + "userId", + "authenticator" + ] }, "v1AcceptInvitationResult": { "type": "object", @@ -1466,7 +1815,10 @@ "description": "Unique identifier for a given User." } }, - "required": ["invitationId", "userId"] + "required": [ + "invitationId", + "userId" + ] }, "v1ActivateBillingTierIntent": { "type": "object", @@ -1476,7 +1828,9 @@ "description": "The product that the customer wants to subscribe to." } }, - "required": ["productId"] + "required": [ + "productId" + ] }, "v1ActivateBillingTierResult": { "type": "object", @@ -1486,7 +1840,9 @@ "description": "The id of the product being subscribed to." } }, - "required": ["productId"] + "required": [ + "productId" + ] }, "v1Activity": { "type": "object", @@ -1534,10 +1890,10 @@ "type": "boolean" }, "createdAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" }, "updatedAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" } }, "required": [ @@ -1563,7 +1919,9 @@ "description": "An action that can that can be taken within the Turnkey infrastructure." } }, - "required": ["activity"] + "required": [ + "activity" + ] }, "v1ActivityStatus": { "type": "string", @@ -1622,14 +1980,25 @@ "ACTIVITY_TYPE_UPDATE_USER", "ACTIVITY_TYPE_UPDATE_POLICY", "ACTIVITY_TYPE_SET_PAYMENT_METHOD_V2", - "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V3" + "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V3", + "ACTIVITY_TYPE_CREATE_WALLET", + "ACTIVITY_TYPE_CREATE_WALLET_ACCOUNTS", + "ACTIVITY_TYPE_INIT_USER_EMAIL_RECOVERY", + "ACTIVITY_TYPE_RECOVER_USER", + "ACTIVITY_TYPE_SET_ORGANIZATION_FEATURE", + "ACTIVITY_TYPE_REMOVE_ORGANIZATION_FEATURE", + "ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2", + "ACTIVITY_TYPE_SIGN_TRANSACTION_V2", + "ACTIVITY_TYPE_EXPORT_PRIVATE_KEY", + "ACTIVITY_TYPE_EXPORT_WALLET", + "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V4" ] }, "v1ApiKey": { "type": "object", "properties": { "credential": { - "$ref": "#/definitions/v1Credential", + "$ref": "#/definitions/externaldatav1Credential", "description": "A User credential that can be used to authenticate to Turnkey." }, "apiKeyId": { @@ -1641,10 +2010,10 @@ "description": "Human-readable name for an API Key." }, "createdAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" }, "updatedAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" } }, "required": [ @@ -1667,7 +2036,10 @@ "description": "The public component of a cryptographic key pair used to sign messages and transactions." } }, - "required": ["apiKeyName", "publicKey"] + "required": [ + "apiKeyName", + "publicKey" + ] }, "v1ApiOnlyUserParams": { "type": "object", @@ -1696,7 +2068,11 @@ "description": "A list of API Key parameters." } }, - "required": ["userName", "userTags", "apiKeys"] + "required": [ + "userName", + "userTags", + "apiKeys" + ] }, "v1ApproveActivityIntent": { "type": "object", @@ -1706,14 +2082,18 @@ "description": "An artifact verifying a User's action." } }, - "required": ["fingerprint"] + "required": [ + "fingerprint" + ] }, "v1ApproveActivityRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_APPROVE_ACTIVITY"] + "enum": [ + "ACTIVITY_TYPE_APPROVE_ACTIVITY" + ] }, "timestampMs": { "type": "string", @@ -1727,7 +2107,12 @@ "$ref": "#/definitions/v1ApproveActivityIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1Attestation": { "type": "object", @@ -1785,7 +2170,7 @@ "description": "The type of Authenticator device." }, "credential": { - "$ref": "#/definitions/v1Credential", + "$ref": "#/definitions/externaldatav1Credential", "description": "A User credential that can be used to authenticate to Turnkey." }, "authenticatorId": { @@ -1797,10 +2182,10 @@ "description": "Human-readable name for an Authenticator." }, "createdAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" }, "updatedAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" } }, "required": [ @@ -1833,11 +2218,17 @@ }, "authenticatorAttachment": { "type": "string", - "enum": ["cross-platform", "platform"], + "enum": [ + "cross-platform", + "platform" + ], "x-nullable": true } }, - "required": ["clientDataJson", "attestationObject"] + "required": [ + "clientDataJson", + "attestationObject" + ] }, "v1AuthenticatorParams": { "type": "object", @@ -1858,7 +2249,12 @@ "description": "Challenge presented for authentication purposes." } }, - "required": ["authenticatorName", "userId", "attestation", "challenge"] + "required": [ + "authenticatorName", + "userId", + "attestation", + "challenge" + ] }, "v1AuthenticatorParamsV2": { "type": "object", @@ -1876,7 +2272,11 @@ "description": "The attestation that proves custody of the authenticator and provides metadata about it." } }, - "required": ["authenticatorName", "challenge", "attestation"] + "required": [ + "authenticatorName", + "challenge", + "attestation" + ] }, "v1CreateApiKeysIntent": { "type": "object", @@ -1894,14 +2294,19 @@ "description": "Unique identifier for a given User." } }, - "required": ["apiKeys", "userId"] + "required": [ + "apiKeys", + "userId" + ] }, "v1CreateApiKeysRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_API_KEYS"] + "enum": [ + "ACTIVITY_TYPE_CREATE_API_KEYS" + ] }, "timestampMs": { "type": "string", @@ -1915,10 +2320,15 @@ "$ref": "#/definitions/v1CreateApiKeysIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] - }, - "v1CreateApiKeysResult": { - "type": "object", + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1CreateApiKeysResult": { + "type": "object", "properties": { "apiKeyIds": { "type": "array", @@ -1928,7 +2338,9 @@ "description": "A list of API Key IDs." } }, - "required": ["apiKeyIds"] + "required": [ + "apiKeyIds" + ] }, "v1CreateApiOnlyUsersIntent": { "type": "object", @@ -1942,28 +2354,9 @@ "description": "A list of API-only Users to create." } }, - "required": ["apiOnlyUsers"] - }, - "v1CreateApiOnlyUsersRequest": { - "type": "object", - "properties": { - "type": { - "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_API_ONLY_USERS"] - }, - "timestampMs": { - "type": "string", - "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." - }, - "organizationId": { - "type": "string", - "description": "Unique identifier for a given Organization." - }, - "parameters": { - "$ref": "#/definitions/v1CreateApiOnlyUsersIntent" - } - }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "apiOnlyUsers" + ] }, "v1CreateApiOnlyUsersResult": { "type": "object", @@ -1976,7 +2369,9 @@ "description": "A list of API-only User IDs." } }, - "required": ["userIds"] + "required": [ + "userIds" + ] }, "v1CreateAuthenticatorsIntent": { "type": "object", @@ -1994,7 +2389,10 @@ "description": "Unique identifier for a given User." } }, - "required": ["authenticators", "userId"] + "required": [ + "authenticators", + "userId" + ] }, "v1CreateAuthenticatorsIntentV2": { "type": "object", @@ -2012,14 +2410,19 @@ "description": "Unique identifier for a given User." } }, - "required": ["authenticators", "userId"] + "required": [ + "authenticators", + "userId" + ] }, "v1CreateAuthenticatorsRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2"] + "enum": [ + "ACTIVITY_TYPE_CREATE_AUTHENTICATORS_V2" + ] }, "timestampMs": { "type": "string", @@ -2033,7 +2436,12 @@ "$ref": "#/definitions/v1CreateAuthenticatorsIntentV2" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1CreateAuthenticatorsResult": { "type": "object", @@ -2046,7 +2454,9 @@ "description": "A list of Authenticator IDs." } }, - "required": ["authenticatorIds"] + "required": [ + "authenticatorIds" + ] }, "v1CreateInvitationsIntent": { "type": "object", @@ -2060,14 +2470,18 @@ "description": "A list of Invitations." } }, - "required": ["invitations"] + "required": [ + "invitations" + ] }, "v1CreateInvitationsRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_INVITATIONS"] + "enum": [ + "ACTIVITY_TYPE_CREATE_INVITATIONS" + ] }, "timestampMs": { "type": "string", @@ -2081,7 +2495,12 @@ "$ref": "#/definitions/v1CreateInvitationsIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1CreateInvitationsResult": { "type": "object", @@ -2094,7 +2513,9 @@ "description": "A list of Invitation IDs" } }, - "required": ["invitationIds"] + "required": [ + "invitationIds" + ] }, "v1CreateOrganizationIntent": { "type": "object", @@ -2116,7 +2537,11 @@ "description": "Unique identifier for the root user object." } }, - "required": ["organizationName", "rootEmail", "rootAuthenticator"] + "required": [ + "organizationName", + "rootEmail", + "rootAuthenticator" + ] }, "v1CreateOrganizationIntentV2": { "type": "object", @@ -2138,7 +2563,11 @@ "description": "Unique identifier for the root user object." } }, - "required": ["organizationName", "rootEmail", "rootAuthenticator"] + "required": [ + "organizationName", + "rootEmail", + "rootAuthenticator" + ] }, "v1CreateOrganizationResult": { "type": "object", @@ -2148,7 +2577,9 @@ "description": "Unique identifier for a given Organization." } }, - "required": ["organizationId"] + "required": [ + "organizationId" + ] }, "v1CreatePolicyIntent": { "type": "object", @@ -2173,7 +2604,11 @@ "type": "string" } }, - "required": ["policyName", "selectors", "effect"] + "required": [ + "policyName", + "selectors", + "effect" + ] }, "v1CreatePolicyIntentV2": { "type": "object", @@ -2198,7 +2633,11 @@ "type": "string" } }, - "required": ["policyName", "selectors", "effect"] + "required": [ + "policyName", + "selectors", + "effect" + ] }, "v1CreatePolicyIntentV3": { "type": "object", @@ -2223,14 +2662,19 @@ "type": "string" } }, - "required": ["policyName", "effect"] + "required": [ + "policyName", + "effect" + ] }, "v1CreatePolicyRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_POLICY_V3"] + "enum": [ + "ACTIVITY_TYPE_CREATE_POLICY_V3" + ] }, "timestampMs": { "type": "string", @@ -2244,7 +2688,12 @@ "$ref": "#/definitions/v1CreatePolicyIntentV3" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1CreatePolicyResult": { "type": "object", @@ -2254,7 +2703,9 @@ "description": "Unique identifier for a given Policy." } }, - "required": ["policyId"] + "required": [ + "policyId" + ] }, "v1CreatePrivateKeyTagIntent": { "type": "object", @@ -2271,14 +2722,19 @@ "description": "A list of Private Key IDs." } }, - "required": ["privateKeyTagName", "privateKeyIds"] + "required": [ + "privateKeyTagName", + "privateKeyIds" + ] }, "v1CreatePrivateKeyTagRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_PRIVATE_KEY_TAG"] + "enum": [ + "ACTIVITY_TYPE_CREATE_PRIVATE_KEY_TAG" + ] }, "timestampMs": { "type": "string", @@ -2292,7 +2748,12 @@ "$ref": "#/definitions/v1CreatePrivateKeyTagIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1CreatePrivateKeyTagResult": { "type": "object", @@ -2309,7 +2770,10 @@ "description": "A list of Private Key IDs." } }, - "required": ["privateKeyTagId", "privateKeyIds"] + "required": [ + "privateKeyTagId", + "privateKeyIds" + ] }, "v1CreatePrivateKeysIntent": { "type": "object", @@ -2323,7 +2787,9 @@ "description": "A list of Private Keys." } }, - "required": ["privateKeys"] + "required": [ + "privateKeys" + ] }, "v1CreatePrivateKeysIntentV2": { "type": "object", @@ -2337,14 +2803,18 @@ "description": "A list of Private Keys." } }, - "required": ["privateKeys"] + "required": [ + "privateKeys" + ] }, "v1CreatePrivateKeysRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_PRIVATE_KEYS_V2"] + "enum": [ + "ACTIVITY_TYPE_CREATE_PRIVATE_KEYS_V2" + ] }, "timestampMs": { "type": "string", @@ -2358,7 +2828,12 @@ "$ref": "#/definitions/v1CreatePrivateKeysIntentV2" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1CreatePrivateKeysResult": { "type": "object", @@ -2371,7 +2846,9 @@ "description": "A list of Private Key IDs." } }, - "required": ["privateKeyIds"] + "required": [ + "privateKeyIds" + ] }, "v1CreatePrivateKeysResultV2": { "type": "object", @@ -2385,7 +2862,9 @@ "description": "A list of Private Key IDs and addresses." } }, - "required": ["privateKeys"] + "required": [ + "privateKeys" + ] }, "v1CreateSubOrganizationIntent": { "type": "object", @@ -2399,7 +2878,10 @@ "description": "Root User authenticator for this new sub-organization" } }, - "required": ["name", "rootAuthenticator"] + "required": [ + "name", + "rootAuthenticator" + ] }, "v1CreateSubOrganizationIntentV2": { "type": "object", @@ -2422,7 +2904,11 @@ "description": "The threshold of unique approvals to reach root quorum. This value must be less than or equal to the number of root users" } }, - "required": ["subOrganizationName", "rootUsers", "rootQuorumThreshold"] + "required": [ + "subOrganizationName", + "rootUsers", + "rootQuorumThreshold" + ] }, "v1CreateSubOrganizationIntentV3": { "type": "object", @@ -2460,12 +2946,49 @@ "privateKeys" ] }, + "v1CreateSubOrganizationIntentV4": { + "type": "object", + "properties": { + "subOrganizationName": { + "type": "string", + "description": "Name for this sub-organization" + }, + "rootUsers": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1RootUserParams" + }, + "description": "Root users to create within this sub-organization" + }, + "rootQuorumThreshold": { + "type": "integer", + "format": "int32", + "description": "The threshold of unique approvals to reach root quorum. This value must be less than or equal to the number of root users" + }, + "wallet": { + "$ref": "#/definitions/v1WalletParams", + "description": "The wallet to create for the sub-organization" + }, + "disableEmailRecovery": { + "type": "boolean", + "description": "Disable email recovery for the sub-organization" + } + }, + "required": [ + "subOrganizationName", + "rootUsers", + "rootQuorumThreshold" + ] + }, "v1CreateSubOrganizationRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V3"] + "enum": [ + "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V3" + ] }, "timestampMs": { "type": "string", @@ -2476,10 +2999,15 @@ "description": "Unique identifier for a given Organization." }, "parameters": { - "$ref": "#/definitions/v1CreateSubOrganizationIntentV3" + "$ref": "#/definitions/v1CreateSubOrganizationIntentV4" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1CreateSubOrganizationResult": { "type": "object", @@ -2488,7 +3016,9 @@ "type": "string" } }, - "required": ["subOrganizationId"] + "required": [ + "subOrganizationId" + ] }, "v1CreateSubOrganizationResultV3": { "type": "object", @@ -2505,7 +3035,24 @@ "description": "A list of Private Key IDs and addresses." } }, - "required": ["subOrganizationId", "privateKeys"] + "required": [ + "subOrganizationId", + "privateKeys" + ] + }, + "v1CreateSubOrganizationResultV4": { + "type": "object", + "properties": { + "subOrganizationId": { + "type": "string" + }, + "wallet": { + "$ref": "#/definitions/v1WalletResult" + } + }, + "required": [ + "subOrganizationId" + ] }, "v1CreateUserTagIntent": { "type": "object", @@ -2522,14 +3069,19 @@ "description": "A list of User IDs." } }, - "required": ["userTagName", "userIds"] + "required": [ + "userTagName", + "userIds" + ] }, "v1CreateUserTagRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_USER_TAG"] + "enum": [ + "ACTIVITY_TYPE_CREATE_USER_TAG" + ] }, "timestampMs": { "type": "string", @@ -2543,7 +3095,12 @@ "$ref": "#/definitions/v1CreateUserTagIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1CreateUserTagResult": { "type": "object", @@ -2560,7 +3117,10 @@ "description": "A list of User IDs." } }, - "required": ["userTagId", "userIds"] + "required": [ + "userTagId", + "userIds" + ] }, "v1CreateUsersIntent": { "type": "object", @@ -2574,7 +3134,9 @@ "description": "A list of Users." } }, - "required": ["users"] + "required": [ + "users" + ] }, "v1CreateUsersIntentV2": { "type": "object", @@ -2588,14 +3150,18 @@ "description": "A list of Users." } }, - "required": ["users"] + "required": [ + "users" + ] }, "v1CreateUsersRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_CREATE_USERS_V2"] + "enum": [ + "ACTIVITY_TYPE_CREATE_USERS_V2" + ] }, "timestampMs": { "type": "string", @@ -2609,7 +3175,12 @@ "$ref": "#/definitions/v1CreateUsersIntentV2" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1CreateUsersResult": { "type": "object", @@ -2622,35 +3193,152 @@ "description": "A list of User IDs." } }, - "required": ["userIds"] + "required": [ + "userIds" + ] }, - "v1CredPropsAuthenticationExtensionsClientOutputs": { + "v1CreateWalletAccountsIntent": { "type": "object", "properties": { - "rk": { - "type": "boolean" + "walletId": { + "type": "string", + "description": "Unique identifier for a given Wallet." + }, + "accounts": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1WalletAccountParams" + }, + "description": "A list of wallet Accounts." } }, - "required": ["rk"] + "required": [ + "walletId", + "accounts" + ] }, - "v1Credential": { + "v1CreateWalletAccountsRequest": { "type": "object", "properties": { - "publicKey": { + "type": { "type": "string", - "description": "The public component of a cryptographic key pair used to sign messages and transactions." + "enum": [ + "ACTIVITY_TYPE_CREATE_WALLET_ACCOUNTS" + ] + }, + "timestampMs": { + "type": "string", + "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." + }, + "organizationId": { + "type": "string", + "description": "Unique identifier for a given Organization." + }, + "parameters": { + "$ref": "#/definitions/v1CreateWalletAccountsIntent" + } + }, + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1CreateWalletAccountsResult": { + "type": "object", + "properties": { + "addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of derived addresses." + } + }, + "required": [ + "addresses" + ] + }, + "v1CreateWalletIntent": { + "type": "object", + "properties": { + "walletName": { + "type": "string", + "description": "Human-readable name for a Wallet." }, + "accounts": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1WalletAccountParams" + }, + "description": "A list of wallet Accounts." + } + }, + "required": [ + "walletName", + "accounts" + ] + }, + "v1CreateWalletRequest": { + "type": "object", + "properties": { "type": { - "$ref": "#/definitions/v1CredentialType" + "type": "string", + "enum": [ + "ACTIVITY_TYPE_CREATE_WALLET" + ] + }, + "timestampMs": { + "type": "string", + "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." + }, + "organizationId": { + "type": "string", + "description": "Unique identifier for a given Organization." + }, + "parameters": { + "$ref": "#/definitions/v1CreateWalletIntent" + } + }, + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1CreateWalletResult": { + "type": "object", + "properties": { + "walletId": { + "type": "string", + "description": "A list of Wallet IDs." + }, + "addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of account addresses." } }, - "required": ["publicKey", "type"] + "required": [ + "walletId", + "addresses" + ] }, - "v1CredentialType": { - "type": "string", - "enum": [ - "CREDENTIAL_TYPE_WEBAUTHN_AUTHENTICATOR", - "CREDENTIAL_TYPE_API_KEY_P256" + "v1CredPropsAuthenticationExtensionsClientOutputs": { + "type": "object", + "properties": { + "rk": { + "type": "boolean" + } + }, + "required": [ + "rk" ] }, "v1DeleteApiKeysIntent": { @@ -2668,14 +3356,19 @@ "description": "A list of API Key IDs." } }, - "required": ["userId", "apiKeyIds"] + "required": [ + "userId", + "apiKeyIds" + ] }, "v1DeleteApiKeysRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_DELETE_API_KEYS"] + "enum": [ + "ACTIVITY_TYPE_DELETE_API_KEYS" + ] }, "timestampMs": { "type": "string", @@ -2689,7 +3382,12 @@ "$ref": "#/definitions/v1DeleteApiKeysIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1DeleteApiKeysResult": { "type": "object", @@ -2702,7 +3400,9 @@ "description": "A list of API Key IDs." } }, - "required": ["apiKeyIds"] + "required": [ + "apiKeyIds" + ] }, "v1DeleteAuthenticatorsIntent": { "type": "object", @@ -2719,14 +3419,19 @@ "description": "A list of Authenticator IDs." } }, - "required": ["userId", "authenticatorIds"] + "required": [ + "userId", + "authenticatorIds" + ] }, "v1DeleteAuthenticatorsRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_DELETE_AUTHENTICATORS"] + "enum": [ + "ACTIVITY_TYPE_DELETE_AUTHENTICATORS" + ] }, "timestampMs": { "type": "string", @@ -2740,7 +3445,12 @@ "$ref": "#/definitions/v1DeleteAuthenticatorsIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1DeleteAuthenticatorsResult": { "type": "object", @@ -2753,7 +3463,9 @@ "description": "Unique identifier for a given Authenticator." } }, - "required": ["authenticatorIds"] + "required": [ + "authenticatorIds" + ] }, "v1DeleteInvitationIntent": { "type": "object", @@ -2763,14 +3475,18 @@ "description": "Unique identifier for a given Invitation object." } }, - "required": ["invitationId"] + "required": [ + "invitationId" + ] }, "v1DeleteInvitationRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_DELETE_INVITATION"] + "enum": [ + "ACTIVITY_TYPE_DELETE_INVITATION" + ] }, "timestampMs": { "type": "string", @@ -2784,7 +3500,12 @@ "$ref": "#/definitions/v1DeleteInvitationIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1DeleteInvitationResult": { "type": "object", @@ -2794,7 +3515,9 @@ "description": "Unique identifier for a given Invitation." } }, - "required": ["invitationId"] + "required": [ + "invitationId" + ] }, "v1DeleteOrganizationIntent": { "type": "object", @@ -2804,7 +3527,9 @@ "description": "Unique identifier for a given Organization." } }, - "required": ["organizationId"] + "required": [ + "organizationId" + ] }, "v1DeleteOrganizationResult": { "type": "object", @@ -2814,7 +3539,9 @@ "description": "Unique identifier for a given Organization." } }, - "required": ["organizationId"] + "required": [ + "organizationId" + ] }, "v1DeletePaymentMethodIntent": { "type": "object", @@ -2824,7 +3551,9 @@ "description": "The payment method that the customer wants to remove." } }, - "required": ["paymentMethodId"] + "required": [ + "paymentMethodId" + ] }, "v1DeletePaymentMethodResult": { "type": "object", @@ -2834,7 +3563,9 @@ "description": "The payment method that was removed." } }, - "required": ["paymentMethodId"] + "required": [ + "paymentMethodId" + ] }, "v1DeletePolicyIntent": { "type": "object", @@ -2844,14 +3575,18 @@ "description": "Unique identifier for a given Policy." } }, - "required": ["policyId"] + "required": [ + "policyId" + ] }, "v1DeletePolicyRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_DELETE_POLICY"] + "enum": [ + "ACTIVITY_TYPE_DELETE_POLICY" + ] }, "timestampMs": { "type": "string", @@ -2865,7 +3600,12 @@ "$ref": "#/definitions/v1DeletePolicyIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1DeletePolicyResult": { "type": "object", @@ -2875,7 +3615,9 @@ "description": "Unique identifier for a given Policy." } }, - "required": ["policyId"] + "required": [ + "policyId" + ] }, "v1DeletePrivateKeyTagsIntent": { "type": "object", @@ -2888,7 +3630,9 @@ "description": "A list of Private Key Tag IDs." } }, - "required": ["privateKeyTagIds"] + "required": [ + "privateKeyTagIds" + ] }, "v1DeletePrivateKeyTagsResult": { "type": "object", @@ -2908,7 +3652,10 @@ "description": "A list of Private Key IDs." } }, - "required": ["privateKeyTagIds", "privateKeyIds"] + "required": [ + "privateKeyTagIds", + "privateKeyIds" + ] }, "v1DeleteUserTagsIntent": { "type": "object", @@ -2921,7 +3668,9 @@ "description": "A list of User Tag IDs." } }, - "required": ["userTagIds"] + "required": [ + "userTagIds" + ] }, "v1DeleteUserTagsResult": { "type": "object", @@ -2941,7 +3690,10 @@ "description": "A list of User IDs." } }, - "required": ["userTagIds", "userIds"] + "required": [ + "userTagIds", + "userIds" + ] }, "v1DeleteUsersIntent": { "type": "object", @@ -2954,7 +3706,9 @@ "description": "A list of User IDs." } }, - "required": ["userIds"] + "required": [ + "userIds" + ] }, "v1DeleteUsersResult": { "type": "object", @@ -2967,7 +3721,9 @@ "description": "A list of User IDs." } }, - "required": ["userIds"] + "required": [ + "userIds" + ] }, "v1DisablePrivateKeyIntent": { "type": "object", @@ -2977,7 +3733,9 @@ "description": "Unique identifier for a given Private Key." } }, - "required": ["privateKeyId"] + "required": [ + "privateKeyId" + ] }, "v1DisablePrivateKeyResult": { "type": "object", @@ -2987,7 +3745,154 @@ "description": "Unique identifier for a given Private Key." } }, - "required": ["privateKeyId"] + "required": [ + "privateKeyId" + ] + }, + "v1ExportPrivateKeyIntent": { + "type": "object", + "properties": { + "privateKeyId": { + "type": "string", + "description": "Unique identifier for a given Private Key." + }, + "targetPublicKey": { + "type": "string", + "description": "Client-side public key generated by the user, to which the export bundle will be encrypted." + } + }, + "required": [ + "privateKeyId", + "targetPublicKey" + ] + }, + "v1ExportPrivateKeyRequest": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACTIVITY_TYPE_EXPORT_PRIVATE_KEY" + ] + }, + "timestampMs": { + "type": "string", + "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." + }, + "organizationId": { + "type": "string", + "description": "Unique identifier for a given Organization." + }, + "parameters": { + "$ref": "#/definitions/v1ExportPrivateKeyIntent" + } + }, + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1ExportPrivateKeyResult": { + "type": "object", + "properties": { + "privateKeyId": { + "type": "string", + "description": "Unique identifier for a given Private Key." + }, + "exportBundle": { + "type": "string", + "description": "Export bundle containing a private key encrypted to the client's target public key." + } + }, + "required": [ + "privateKeyId", + "exportBundle" + ] + }, + "v1ExportWalletIntent": { + "type": "object", + "properties": { + "walletId": { + "type": "string", + "description": "Unique identifier for a given Wallet." + }, + "targetPublicKey": { + "type": "string", + "description": "Client-side public key generated by the user, to which the export bundle will be encrypted." + }, + "language": { + "$ref": "#/definitions/v1MnemonicLanguage", + "description": "The language of the mnemonic to export. Defaults to English." + } + }, + "required": [ + "walletId", + "targetPublicKey" + ] + }, + "v1ExportWalletRequest": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACTIVITY_TYPE_EXPORT_WALLET" + ] + }, + "timestampMs": { + "type": "string", + "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." + }, + "organizationId": { + "type": "string", + "description": "Unique identifier for a given Organization." + }, + "parameters": { + "$ref": "#/definitions/v1ExportWalletIntent" + } + }, + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1ExportWalletResult": { + "type": "object", + "properties": { + "walletId": { + "type": "string", + "description": "Unique identifier for a given Wallet." + }, + "exportBundle": { + "type": "string", + "description": "Export bundle containing a wallet mnemonic + optional newline passphrase encrypted by the client's target public key." + } + }, + "required": [ + "walletId", + "exportBundle" + ] + }, + "v1Feature": { + "type": "object", + "properties": { + "name": { + "$ref": "#/definitions/v1FeatureName" + }, + "value": { + "type": "string" + } + } + }, + "v1FeatureName": { + "type": "string", + "enum": [ + "FEATURE_NAME_ROOT_USER_EMAIL_RECOVERY" + ] }, "v1GetActivitiesRequest": { "type": "object", @@ -3015,7 +3920,9 @@ "description": "Array of Activity Types filtering which Activities will be listed in the response." } }, - "required": ["organizationId"] + "required": [ + "organizationId" + ] }, "v1GetActivitiesResponse": { "type": "object", @@ -3029,7 +3936,9 @@ "description": "A list of Activities." } }, - "required": ["activities"] + "required": [ + "activities" + ] }, "v1GetActivityRequest": { "type": "object", @@ -3043,7 +3952,10 @@ "description": "Unique identifier for a given Activity object." } }, - "required": ["organizationId", "activityId"] + "required": [ + "organizationId", + "activityId" + ] }, "v1GetAuthenticatorRequest": { "type": "object", @@ -3057,7 +3969,10 @@ "description": "Unique identifier for a given Authenticator." } }, - "required": ["organizationId", "authenticatorId"] + "required": [ + "organizationId", + "authenticatorId" + ] }, "v1GetAuthenticatorResponse": { "type": "object", @@ -3067,7 +3982,9 @@ "description": "An authenticator." } }, - "required": ["authenticator"] + "required": [ + "authenticator" + ] }, "v1GetAuthenticatorsRequest": { "type": "object", @@ -3081,7 +3998,10 @@ "description": "Unique identifier for a given User." } }, - "required": ["organizationId", "userId"] + "required": [ + "organizationId", + "userId" + ] }, "v1GetAuthenticatorsResponse": { "type": "object", @@ -3095,27 +4015,9 @@ "description": "A list of authenticators." } }, - "required": ["authenticators"] - }, - "v1GetOrganizationRequest": { - "type": "object", - "properties": { - "organizationId": { - "type": "string", - "description": "Unique identifier for a given Organization." - } - }, - "required": ["organizationId"] - }, - "v1GetOrganizationResponse": { - "type": "object", - "properties": { - "organizationData": { - "$ref": "#/definitions/v1OrganizationData", - "description": "Object representing the full current and deleted / disabled collection of Users, Policies, Private Keys, and Invitations attributable to a particular Organization." - } - }, - "required": ["organizationData"] + "required": [ + "authenticators" + ] }, "v1GetPoliciesRequest": { "type": "object", @@ -3125,7 +4027,9 @@ "description": "Unique identifier for a given Organization." } }, - "required": ["organizationId"] + "required": [ + "organizationId" + ] }, "v1GetPoliciesResponse": { "type": "object", @@ -3139,7 +4043,9 @@ "description": "A list of Policies." } }, - "required": ["policies"] + "required": [ + "policies" + ] }, "v1GetPolicyRequest": { "type": "object", @@ -3153,7 +4059,10 @@ "description": "Unique identifier for a given Policy." } }, - "required": ["organizationId", "policyId"] + "required": [ + "organizationId", + "policyId" + ] }, "v1GetPolicyResponse": { "type": "object", @@ -3163,7 +4072,9 @@ "description": "Object that codifies rules defining the actions that are permissible within an Organization." } }, - "required": ["policy"] + "required": [ + "policy" + ] }, "v1GetPrivateKeyRequest": { "type": "object", @@ -3177,7 +4088,10 @@ "description": "Unique identifier for a given Private Key." } }, - "required": ["organizationId", "privateKeyId"] + "required": [ + "organizationId", + "privateKeyId" + ] }, "v1GetPrivateKeyResponse": { "type": "object", @@ -3187,7 +4101,9 @@ "description": "Cryptographic public/private key pair that can be used for cryptocurrency needs or more generalized encryption." } }, - "required": ["privateKey"] + "required": [ + "privateKey" + ] }, "v1GetPrivateKeysRequest": { "type": "object", @@ -3197,7 +4113,9 @@ "description": "Unique identifier for a given Organization." } }, - "required": ["organizationId"] + "required": [ + "organizationId" + ] }, "v1GetPrivateKeysResponse": { "type": "object", @@ -3211,7 +4129,9 @@ "description": "A list of Private Keys." } }, - "required": ["privateKeys"] + "required": [ + "privateKeys" + ] }, "v1GetUserRequest": { "type": "object", @@ -3225,7 +4145,10 @@ "description": "Unique identifier for a given User." } }, - "required": ["organizationId", "userId"] + "required": [ + "organizationId", + "userId" + ] }, "v1GetUserResponse": { "type": "object", @@ -3235,7 +4158,9 @@ "description": "Web and/or API user within your Organization." } }, - "required": ["user"] + "required": [ + "user" + ] }, "v1GetUsersRequest": { "type": "object", @@ -3245,7 +4170,9 @@ "description": "Unique identifier for a given Organization." } }, - "required": ["organizationId"] + "required": [ + "organizationId" + ] }, "v1GetUsersResponse": { "type": "object", @@ -3259,7 +4186,9 @@ "description": "A list of Users." } }, - "required": ["users"] + "required": [ + "users" + ] }, "v1GetWhoamiRequest": { "type": "object", @@ -3269,7 +4198,9 @@ "description": "Unique identifier for a given Organization. If the request is being made by a WebAuthN user and their Sub-Organization ID is unknown, this can be the Parent Organization ID; using the Sub-Organization ID when possible is preferred due to performance reasons." } }, - "required": ["organizationId"] + "required": [ + "organizationId" + ] }, "v1GetWhoamiResponse": { "type": "object", @@ -3291,15 +4222,68 @@ "description": "Human-readable name for a User." } }, - "required": ["organizationId", "organizationName", "userId", "username"] + "required": [ + "organizationId", + "organizationName", + "userId", + "username" + ] }, - "v1HashFunction": { - "type": "string", - "enum": [ - "HASH_FUNCTION_NO_OP", - "HASH_FUNCTION_SHA256", - "HASH_FUNCTION_KECCAK256", - "HASH_FUNCTION_NOT_APPLICABLE" + "v1InitUserEmailRecoveryIntent": { + "type": "object", + "properties": { + "email": { + "type": "string", + "description": "Email of the user starting recovery" + }, + "targetPublicKey": { + "type": "string", + "description": "Client-side public key generated by the user, to which the recovery bundle will be encrypted." + } + }, + "required": [ + "email", + "targetPublicKey" + ] + }, + "v1InitUserEmailRecoveryRequest": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACTIVITY_TYPE_INIT_USER_EMAIL_RECOVERY" + ] + }, + "timestampMs": { + "type": "string", + "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." + }, + "organizationId": { + "type": "string", + "description": "Unique identifier for a given Organization." + }, + "parameters": { + "$ref": "#/definitions/v1InitUserEmailRecoveryIntent" + } + }, + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1InitUserEmailRecoveryResult": { + "type": "object", + "properties": { + "userId": { + "type": "string", + "description": "Unique identifier for the user being recovered." + } + }, + "required": [ + "userId" ] }, "v1Intent": { @@ -3436,61 +4420,43 @@ }, "createSubOrganizationIntentV3": { "$ref": "#/definitions/v1CreateSubOrganizationIntentV3" - } - }, - "required": ["createOrganizationIntent"] - }, - "v1Invitation": { - "type": "object", - "properties": { - "invitationId": { - "type": "string", - "description": "Unique identifier for a given Invitation object." }, - "receiverUserName": { - "type": "string", - "description": "The name of the intended Invitation recipient." + "createWalletIntent": { + "$ref": "#/definitions/v1CreateWalletIntent" }, - "receiverEmail": { - "type": "string", - "description": "The email address of the intended Invitation recipient." + "createWalletAccountsIntent": { + "$ref": "#/definitions/v1CreateWalletAccountsIntent" }, - "receiverUserTags": { - "type": "array", - "items": { - "type": "string" - }, - "description": "A list of tags assigned to the Invitation recipient." + "initUserEmailRecoveryIntent": { + "$ref": "#/definitions/v1InitUserEmailRecoveryIntent" }, - "accessType": { - "$ref": "#/definitions/externaldatav1AccessType", - "description": "The User's permissible access method(s)." + "recoverUserIntent": { + "$ref": "#/definitions/v1RecoverUserIntent" }, - "status": { - "$ref": "#/definitions/v1InvitationStatus", - "description": "The current processing status of a specified Invitation." + "setOrganizationFeatureIntent": { + "$ref": "#/definitions/v1SetOrganizationFeatureIntent" }, - "createdAt": { - "$ref": "#/definitions/v1Timestamp" + "removeOrganizationFeatureIntent": { + "$ref": "#/definitions/v1RemoveOrganizationFeatureIntent" }, - "updatedAt": { - "$ref": "#/definitions/v1Timestamp" + "signRawPayloadIntentV2": { + "$ref": "#/definitions/v1SignRawPayloadIntentV2" }, - "senderUserId": { - "type": "string", - "description": "Unique identifier for the Sender of an Invitation." + "signTransactionIntentV2": { + "$ref": "#/definitions/v1SignTransactionIntentV2" + }, + "exportPrivateKeyIntent": { + "$ref": "#/definitions/v1ExportPrivateKeyIntent" + }, + "exportWalletIntent": { + "$ref": "#/definitions/v1ExportWalletIntent" + }, + "createSubOrganizationIntentV4": { + "$ref": "#/definitions/v1CreateSubOrganizationIntentV4" } }, "required": [ - "invitationId", - "receiverUserName", - "receiverEmail", - "receiverUserTags", - "accessType", - "status", - "createdAt", - "updatedAt", - "senderUserId" + "createOrganizationIntent" ] }, "v1InvitationParams": { @@ -3528,85 +4494,20 @@ "senderUserId" ] }, - "v1InvitationStatus": { + "v1MnemonicLanguage": { "type": "string", "enum": [ - "INVITATION_STATUS_CREATED", - "INVITATION_STATUS_ACCEPTED", - "INVITATION_STATUS_REVOKED" + "MNEMONIC_LANGUAGE_ENGLISH", + "MNEMONIC_LANGUAGE_SIMPLIFIED_CHINESE", + "MNEMONIC_LANGUAGE_TRADITIONAL_CHINESE", + "MNEMONIC_LANGUAGE_CZECH", + "MNEMONIC_LANGUAGE_FRENCH", + "MNEMONIC_LANGUAGE_ITALIAN", + "MNEMONIC_LANGUAGE_JAPANESE", + "MNEMONIC_LANGUAGE_KOREAN", + "MNEMONIC_LANGUAGE_SPANISH" ] }, - "v1NOOPCodegenAnchorResponse": { - "type": "object", - "properties": { - "stamp": { - "$ref": "#/definitions/v1WebAuthnStamp" - } - }, - "required": ["stamp"] - }, - "v1OrganizationData": { - "type": "object", - "properties": { - "organizationId": { - "type": "string" - }, - "name": { - "type": "string" - }, - "users": { - "type": "array", - "items": { - "type": "object", - "$ref": "#/definitions/v1User" - } - }, - "policies": { - "type": "array", - "items": { - "type": "object", - "$ref": "#/definitions/v1Policy" - } - }, - "privateKeys": { - "type": "array", - "items": { - "type": "object", - "$ref": "#/definitions/v1PrivateKey" - } - }, - "invitations": { - "type": "array", - "items": { - "type": "object", - "$ref": "#/definitions/v1Invitation" - } - }, - "tags": { - "type": "array", - "items": { - "type": "object", - "$ref": "#/definitions/datav1Tag" - } - }, - "disabledPrivateKeys": { - "type": "array", - "items": { - "type": "object", - "$ref": "#/definitions/v1PrivateKey" - } - }, - "rootQuorum": { - "$ref": "#/definitions/v1Quorum" - }, - "allowedOrigins": { - "type": "array", - "items": { - "type": "string" - } - } - } - }, "v1Pagination": { "type": "object", "properties": { @@ -3624,9 +4525,11 @@ } } }, - "v1PayloadEncoding": { + "v1PathFormat": { "type": "string", - "enum": ["PAYLOAD_ENCODING_HEXADECIMAL", "PAYLOAD_ENCODING_TEXT_UTF8"] + "enum": [ + "PATH_FORMAT_BIP32" + ] }, "v1Policy": { "type": "object", @@ -3652,10 +4555,10 @@ "description": "A list of simple functions each including a subject, target and boolean. See Policy Engine Language section for additional details." }, "createdAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" }, "updatedAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" }, "notes": { "type": "string", @@ -3717,7 +4620,14 @@ "description": "A list of Private Key Tag IDs." }, "createdAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" + }, + "updatedAt": { + "$ref": "#/definitions/externaldatav1Timestamp" + }, + "exported": { + "type": "boolean", + "description": "True when a given Private Key is exported, false otherwise." } }, "required": [ @@ -3727,7 +4637,9 @@ "curve", "addresses", "privateKeyTags", - "createdAt" + "createdAt", + "updatedAt", + "exported" ] }, "v1PrivateKeyParams": { @@ -3738,7 +4650,7 @@ "description": "Human-readable name for a Private Key." }, "curve": { - "$ref": "#/definitions/immutableactivityv1Curve", + "$ref": "#/definitions/immutablecommonv1Curve", "description": "Cryptographic Curve used to generate a given Private Key." }, "privateKeyTags": { @@ -3751,7 +4663,7 @@ "addressFormats": { "type": "array", "items": { - "$ref": "#/definitions/immutableactivityv1AddressFormat" + "$ref": "#/definitions/immutablecommonv1AddressFormat" }, "description": "Cryptocurrency-specific formats for a derived address (e.g., Ethereum)." } @@ -3786,14 +4698,19 @@ }, "type": { "type": "string", - "enum": ["public-key"] + "enum": [ + "public-key" + ] }, "rawId": { "type": "string" }, "authenticatorAttachment": { "type": "string", - "enum": ["cross-platform", "platform"], + "enum": [ + "cross-platform", + "platform" + ], "x-nullable": true }, "response": { @@ -3803,25 +4720,73 @@ "$ref": "#/definitions/v1SimpleClientExtensionResults" } }, - "required": ["id", "type", "rawId", "response", "clientExtensionResults"] + "required": [ + "id", + "type", + "rawId", + "response", + "clientExtensionResults" + ] }, - "v1Quorum": { + "v1RecoverUserIntent": { "type": "object", "properties": { - "threshold": { - "type": "integer", - "format": "int32", - "description": "Count of unique approvals required to meet quorum." + "authenticator": { + "$ref": "#/definitions/v1AuthenticatorParamsV2", + "description": "The new authenticator to register." }, - "userIds": { + "userId": { + "type": "string", + "description": "Unique identifier for the user performing recovery." + } + }, + "required": [ + "authenticator", + "userId" + ] + }, + "v1RecoverUserRequest": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACTIVITY_TYPE_RECOVER_USER" + ] + }, + "timestampMs": { + "type": "string", + "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." + }, + "organizationId": { + "type": "string", + "description": "Unique identifier for a given Organization." + }, + "parameters": { + "$ref": "#/definitions/v1RecoverUserIntent" + } + }, + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1RecoverUserResult": { + "type": "object", + "properties": { + "authenticatorId": { "type": "array", "items": { "type": "string" }, - "description": "Unique identifiers of quorum set members." + "description": "ID of the authenticator created." } }, - "required": ["threshold", "userIds"] + "required": [ + "authenticatorId" + ] }, "v1RejectActivityIntent": { "type": "object", @@ -3831,14 +4796,18 @@ "description": "An artifact verifying a User's action." } }, - "required": ["fingerprint"] + "required": [ + "fingerprint" + ] }, "v1RejectActivityRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_REJECT_ACTIVITY"] + "enum": [ + "ACTIVITY_TYPE_REJECT_ACTIVITY" + ] }, "timestampMs": { "type": "string", @@ -3852,7 +4821,68 @@ "$ref": "#/definitions/v1RejectActivityIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1RemoveOrganizationFeatureIntent": { + "type": "object", + "properties": { + "name": { + "$ref": "#/definitions/v1FeatureName", + "description": "Name of the feature to remove" + } + }, + "required": [ + "name" + ] + }, + "v1RemoveOrganizationFeatureRequest": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACTIVITY_TYPE_REMOVE_ORGANIZATION_FEATURE" + ] + }, + "timestampMs": { + "type": "string", + "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." + }, + "organizationId": { + "type": "string", + "description": "Unique identifier for a given Organization." + }, + "parameters": { + "$ref": "#/definitions/v1RemoveOrganizationFeatureIntent" + } + }, + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1RemoveOrganizationFeatureResult": { + "type": "object", + "properties": { + "features": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1Feature" + }, + "description": "Resulting list of organization features." + } + }, + "required": [ + "features" + ] }, "v1Result": { "type": "object", @@ -3958,6 +4988,33 @@ }, "createSubOrganizationResultV3": { "$ref": "#/definitions/v1CreateSubOrganizationResultV3" + }, + "createWalletResult": { + "$ref": "#/definitions/v1CreateWalletResult" + }, + "createWalletAccountsResult": { + "$ref": "#/definitions/v1CreateWalletAccountsResult" + }, + "initUserEmailRecoveryResult": { + "$ref": "#/definitions/v1InitUserEmailRecoveryResult" + }, + "recoverUserResult": { + "$ref": "#/definitions/v1RecoverUserResult" + }, + "setOrganizationFeatureResult": { + "$ref": "#/definitions/v1SetOrganizationFeatureResult" + }, + "removeOrganizationFeatureResult": { + "$ref": "#/definitions/v1RemoveOrganizationFeatureResult" + }, + "exportPrivateKeyResult": { + "$ref": "#/definitions/v1ExportPrivateKeyResult" + }, + "exportWalletResult": { + "$ref": "#/definitions/v1ExportWalletResult" + }, + "createSubOrganizationResultV4": { + "$ref": "#/definitions/v1CreateSubOrganizationResultV4" } } }, @@ -3989,7 +5046,11 @@ "description": "A list of Authenticator parameters." } }, - "required": ["userName", "apiKeys", "authenticators"] + "required": [ + "userName", + "apiKeys", + "authenticators" + ] }, "v1SelectorV2": { "type": "object", @@ -4008,6 +5069,67 @@ } } }, + "v1SetOrganizationFeatureIntent": { + "type": "object", + "properties": { + "name": { + "$ref": "#/definitions/v1FeatureName", + "description": "Name of the feature to set" + }, + "value": { + "type": "string", + "description": "Optional value for the feature. Will override existing values if feature is already set." + } + }, + "required": [ + "name", + "value" + ] + }, + "v1SetOrganizationFeatureRequest": { + "type": "object", + "properties": { + "type": { + "type": "string", + "enum": [ + "ACTIVITY_TYPE_SET_ORGANIZATION_FEATURE" + ] + }, + "timestampMs": { + "type": "string", + "description": "Timestamp (in milliseconds) of the request, used to verify liveness of user requests." + }, + "organizationId": { + "type": "string", + "description": "Unique identifier for a given Organization." + }, + "parameters": { + "$ref": "#/definitions/v1SetOrganizationFeatureIntent" + } + }, + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] + }, + "v1SetOrganizationFeatureResult": { + "type": "object", + "properties": { + "features": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1Feature" + }, + "description": "Resulting list of organization features." + } + }, + "required": [ + "features" + ] + }, "v1SetPaymentMethodIntent": { "type": "object", "properties": { @@ -4061,7 +5183,11 @@ "description": "The name associated with the credit card." } }, - "required": ["paymentMethodId", "cardHolderEmail", "cardHolderName"] + "required": [ + "paymentMethodId", + "cardHolderEmail", + "cardHolderName" + ] }, "v1SetPaymentMethodResult": { "type": "object", @@ -4079,7 +5205,11 @@ "description": "The email address associated with the payment method." } }, - "required": ["lastFour", "cardHolderName", "cardHolderEmail"] + "required": [ + "lastFour", + "cardHolderName", + "cardHolderEmail" + ] }, "v1SignRawPayloadIntent": { "type": "object", @@ -4093,22 +5223,56 @@ "description": "Raw unsigned payload to be signed." }, "encoding": { - "$ref": "#/definitions/v1PayloadEncoding", + "$ref": "#/definitions/immutableactivityv1PayloadEncoding", + "description": "Encoding of the `payload` string. Turnkey uses this information to convert `payload` into bytes with the correct decoder (e.g. hex, utf8)." + }, + "hashFunction": { + "$ref": "#/definitions/immutableactivityv1HashFunction", + "description": "Hash function to apply to payload bytes before signing. This field must be set to HASH_FUNCTION_NOT_APPLICABLE for EdDSA/ed25519 signature requests; configurable payload hashing is not supported by RFC 8032." + } + }, + "required": [ + "privateKeyId", + "payload", + "encoding", + "hashFunction" + ] + }, + "v1SignRawPayloadIntentV2": { + "type": "object", + "properties": { + "signWith": { + "type": "string", + "description": "A Wallet account address, Private Key address, or Private Key identifier." + }, + "payload": { + "type": "string", + "description": "Raw unsigned payload to be signed." + }, + "encoding": { + "$ref": "#/definitions/immutableactivityv1PayloadEncoding", "description": "Encoding of the `payload` string. Turnkey uses this information to convert `payload` into bytes with the correct decoder (e.g. hex, utf8)." }, "hashFunction": { - "$ref": "#/definitions/v1HashFunction", + "$ref": "#/definitions/immutableactivityv1HashFunction", "description": "Hash function to apply to payload bytes before signing. This field must be set to HASH_FUNCTION_NOT_APPLICABLE for EdDSA/ed25519 signature requests; configurable payload hashing is not supported by RFC 8032." } }, - "required": ["privateKeyId", "payload", "encoding", "hashFunction"] + "required": [ + "signWith", + "payload", + "encoding", + "hashFunction" + ] }, "v1SignRawPayloadRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_SIGN_RAW_PAYLOAD"] + "enum": [ + "ACTIVITY_TYPE_SIGN_RAW_PAYLOAD_V2" + ] }, "timestampMs": { "type": "string", @@ -4119,10 +5283,15 @@ "description": "Unique identifier for a given Organization." }, "parameters": { - "$ref": "#/definitions/v1SignRawPayloadIntent" + "$ref": "#/definitions/v1SignRawPayloadIntentV2" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1SignRawPayloadResult": { "type": "object", @@ -4140,7 +5309,11 @@ "description": "Component of an ECSDA signature." } }, - "required": ["r", "s", "v"] + "required": [ + "r", + "s", + "v" + ] }, "v1SignTransactionIntent": { "type": "object", @@ -4154,17 +5327,44 @@ "description": "Raw unsigned transaction to be signed by a particular Private Key." }, "type": { - "$ref": "#/definitions/immutableactivityv1TransactionType" + "$ref": "#/definitions/v1TransactionType" + } + }, + "required": [ + "privateKeyId", + "unsignedTransaction", + "type" + ] + }, + "v1SignTransactionIntentV2": { + "type": "object", + "properties": { + "signWith": { + "type": "string", + "description": "A Wallet account address, Private Key address, or Private Key identifier." + }, + "unsignedTransaction": { + "type": "string", + "description": "Raw unsigned transaction to be signed" + }, + "type": { + "$ref": "#/definitions/v1TransactionType" } }, - "required": ["privateKeyId", "unsignedTransaction", "type"] + "required": [ + "signWith", + "unsignedTransaction", + "type" + ] }, "v1SignTransactionRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_SIGN_TRANSACTION"] + "enum": [ + "ACTIVITY_TYPE_SIGN_TRANSACTION_V2" + ] }, "timestampMs": { "type": "string", @@ -4175,10 +5375,15 @@ "description": "Unique identifier for a given Organization." }, "parameters": { - "$ref": "#/definitions/v1SignTransactionIntent" + "$ref": "#/definitions/v1SignTransactionIntentV2" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1SignTransactionResult": { "type": "object", @@ -4187,7 +5392,9 @@ "type": "string" } }, - "required": ["signedTransaction"] + "required": [ + "signedTransaction" + ] }, "v1SimpleClientExtensionResults": { "type": "object", @@ -4203,21 +5410,11 @@ } } }, - "v1TagType": { + "v1TransactionType": { "type": "string", - "enum": ["TAG_TYPE_USER", "TAG_TYPE_PRIVATE_KEY"] - }, - "v1Timestamp": { - "type": "object", - "properties": { - "seconds": { - "type": "string" - }, - "nanos": { - "type": "string" - } - }, - "required": ["seconds", "nanos"] + "enum": [ + "TRANSACTION_TYPE_ETHEREUM" + ] }, "v1UpdateAllowedOriginsIntent": { "type": "object", @@ -4230,14 +5427,18 @@ "description": "Additional origins requests are allowed from besides Turnkey origins" } }, - "required": ["allowedOrigins"] + "required": [ + "allowedOrigins" + ] }, "v1UpdateAllowedOriginsRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_UPDATE_ALLOWED_ORIGINS"] + "enum": [ + "ACTIVITY_TYPE_UPDATE_ALLOWED_ORIGINS" + ] }, "timestampMs": { "type": "string", @@ -4251,7 +5452,12 @@ "$ref": "#/definitions/v1UpdateAllowedOriginsIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1UpdateAllowedOriginsResult": { "type": "object" @@ -4284,14 +5490,18 @@ "description": "Accompanying notes for a Policy (optional)." } }, - "required": ["policyId"] + "required": [ + "policyId" + ] }, "v1UpdatePolicyRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_UPDATE_POLICY"] + "enum": [ + "ACTIVITY_TYPE_UPDATE_POLICY" + ] }, "timestampMs": { "type": "string", @@ -4305,7 +5515,12 @@ "$ref": "#/definitions/v1UpdatePolicyIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1UpdatePolicyResult": { "type": "object", @@ -4315,7 +5530,9 @@ "description": "Unique identifier for a given Policy." } }, - "required": ["policyId"] + "required": [ + "policyId" + ] }, "v1UpdatePrivateKeyTagIntent": { "type": "object", @@ -4343,14 +5560,20 @@ "description": "A list of Private Key IDs to remove this tag from." } }, - "required": ["privateKeyTagId", "addPrivateKeyIds", "removePrivateKeyIds"] + "required": [ + "privateKeyTagId", + "addPrivateKeyIds", + "removePrivateKeyIds" + ] }, "v1UpdatePrivateKeyTagRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_UPDATE_PRIVATE_KEY_TAG"] + "enum": [ + "ACTIVITY_TYPE_UPDATE_PRIVATE_KEY_TAG" + ] }, "timestampMs": { "type": "string", @@ -4364,7 +5587,12 @@ "$ref": "#/definitions/v1UpdatePrivateKeyTagIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1UpdatePrivateKeyTagResult": { "type": "object", @@ -4374,7 +5602,9 @@ "description": "Unique identifier for a given Private Key Tag." } }, - "required": ["privateKeyTagId"] + "required": [ + "privateKeyTagId" + ] }, "v1UpdateRootQuorumIntent": { "type": "object", @@ -4392,14 +5622,19 @@ "description": "The unique identifiers of users who comprise the quorum set." } }, - "required": ["threshold", "userIds"] + "required": [ + "threshold", + "userIds" + ] }, "v1UpdateRootQuorumRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_UPDATE_ROOT_QUORUM"] + "enum": [ + "ACTIVITY_TYPE_UPDATE_ROOT_QUORUM" + ] }, "timestampMs": { "type": "string", @@ -4413,7 +5648,12 @@ "$ref": "#/definitions/v1UpdateRootQuorumIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1UpdateRootQuorumResult": { "type": "object" @@ -4441,14 +5681,18 @@ "description": "An updated list of User Tags to apply to this User." } }, - "required": ["userId"] + "required": [ + "userId" + ] }, "v1UpdateUserRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_UPDATE_USER"] + "enum": [ + "ACTIVITY_TYPE_UPDATE_USER" + ] }, "timestampMs": { "type": "string", @@ -4462,7 +5706,12 @@ "$ref": "#/definitions/v1UpdateUserIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1UpdateUserResult": { "type": "object", @@ -4472,7 +5721,9 @@ "description": "A User ID." } }, - "required": ["userId"] + "required": [ + "userId" + ] }, "v1UpdateUserTagIntent": { "type": "object", @@ -4500,14 +5751,20 @@ "description": "A list of User IDs to remove this tag from." } }, - "required": ["userTagId", "addUserIds", "removeUserIds"] + "required": [ + "userTagId", + "addUserIds", + "removeUserIds" + ] }, "v1UpdateUserTagRequest": { "type": "object", "properties": { "type": { "type": "string", - "enum": ["ACTIVITY_TYPE_UPDATE_USER_TAG"] + "enum": [ + "ACTIVITY_TYPE_UPDATE_USER_TAG" + ] }, "timestampMs": { "type": "string", @@ -4521,7 +5778,12 @@ "$ref": "#/definitions/v1UpdateUserTagIntent" } }, - "required": ["type", "timestampMs", "organizationId", "parameters"] + "required": [ + "type", + "timestampMs", + "organizationId", + "parameters" + ] }, "v1UpdateUserTagResult": { "type": "object", @@ -4531,7 +5793,9 @@ "description": "Unique identifier for a given User Tag." } }, - "required": ["userTagId"] + "required": [ + "userTagId" + ] }, "v1User": { "type": "object", @@ -4576,10 +5840,10 @@ "description": "A list of User Tag IDs." }, "createdAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" }, "updatedAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" } }, "required": [ @@ -4708,7 +5972,10 @@ }, "selection": { "type": "string", - "enum": ["VOTE_SELECTION_APPROVED", "VOTE_SELECTION_REJECTED"] + "enum": [ + "VOTE_SELECTION_APPROVED", + "VOTE_SELECTION_REJECTED" + ] }, "message": { "type": "string", @@ -4727,7 +5994,7 @@ "description": "Method used to produce a signature." }, "createdAt": { - "$ref": "#/definitions/v1Timestamp" + "$ref": "#/definitions/externaldatav1Timestamp" } }, "required": [ @@ -4743,31 +6010,71 @@ "createdAt" ] }, - "v1WebAuthnStamp": { + "v1WalletAccountParams": { "type": "object", "properties": { - "credentialId": { - "type": "string", - "description": "A base64 url encoded Unique identifier for a given credential." + "curve": { + "$ref": "#/definitions/immutablecommonv1Curve", + "description": "Cryptographic curve used to generate a wallet Account." }, - "clientDataJson": { - "type": "string", - "description": "A base64 encoded payload containing metadata about the signing context and the challenge." + "pathFormat": { + "$ref": "#/definitions/v1PathFormat", + "description": "Path format used to generate a wallet Account." }, - "authenticatorData": { + "path": { "type": "string", - "description": "A base64 encoded payload containing metadata about the authenticator." + "description": "Path used to generate a wallet Account." }, - "signature": { + "addressFormat": { + "$ref": "#/definitions/immutablecommonv1AddressFormat", + "description": "Address format used to generate a wallet Acccount." + } + }, + "required": [ + "curve", + "pathFormat", + "path", + "addressFormat" + ] + }, + "v1WalletParams": { + "type": "object", + "properties": { + "walletName": { "type": "string", - "description": "The base64 url encoded signature bytes contained within the WebAuthn assertion response." + "description": "Human-readable name for a Wallet." + }, + "accounts": { + "type": "array", + "items": { + "type": "object", + "$ref": "#/definitions/v1WalletAccountParams" + }, + "description": "A list of wallet Accounts." } }, "required": [ - "credentialId", - "clientDataJson", - "authenticatorData", - "signature" + "walletName", + "accounts" + ] + }, + "v1WalletResult": { + "type": "object", + "properties": { + "walletId": { + "type": "string" + }, + "addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of account addresses." + } + }, + "required": [ + "walletId", + "addresses" ] } }, @@ -4794,19 +6101,44 @@ "x-tagGroups": [ { "name": "ORGANIZATIONS", - "tags": ["Organizations", "Invitations", "Policies"] + "tags": [ + "Organizations", + "Invitations", + "Policies", + "Features" + ] }, { "name": "PRIVATE KEYS", - "tags": ["Private Keys", "Private Key Tags"] + "tags": [ + "Wallets", + "Signatures", + "Private Keys", + "Private Key Tags" + ] }, { "name": "USERS", - "tags": ["Users", "User Tags", "Authenticators", "API Keys", "Who am I?"] + "tags": [ + "Users", + "User Tags", + "User Recovery" + ] + }, + { + "name": "CREDENTIALS", + "tags": [ + "Authenticators", + "API Keys", + "Who am I?" + ] }, { "name": "ACTIVITIES", - "tags": ["Activities", "Consensus"] + "tags": [ + "Activities", + "Consensus" + ] } ] }