nominal-api 0.1239.0

use conjure_http::endpoint;
/// This service provides operations for managing user and org profiles/settings.
/// Its name is a bit of a misnomer.
#[conjure_http::conjure_endpoints(
    name = "AuthenticationServiceV2",
    use_legacy_error_serialization
)]
pub trait AuthenticationServiceV2 {
    /// Gets the profile of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/profile",
        name = "getMyProfile",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn get_my_profile(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Updates the profile of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/my/profile",
        name = "updateMyProfile",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn update_my_profile(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "updateMyProfileRequest"
        )]
        update_my_profile_request: super::super::super::super::objects::authentication::api::UpdateMyProfileRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Gets the settings of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/settings",
        name = "getMySettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn get_my_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserSettings,
        conjure_http::private::Error,
    >;
    /// Updates the settings of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/my/settings",
        name = "updateMySettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn update_my_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "userSettings"
        )]
        user_settings: super::super::super::super::objects::authentication::api::UserSettings,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserSettings,
        conjure_http::private::Error,
    >;
    /// Gets the settings of the org of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/org/settings",
        name = "getMyOrgSettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn get_my_org_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::OrgSettings,
        conjure_http::private::Error,
    >;
    /// Updates the settings of the org of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/org/settings",
        name = "updateMyOrgSettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn update_my_org_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "orgSettings",
            safe
        )]
        org_settings: super::super::super::super::objects::authentication::api::OrgSettings,
    ) -> Result<
        super::super::super::super::objects::authentication::api::OrgSettings,
        conjure_http::private::Error,
    >;
    /// Searches for users by email and displayName.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/users",
        name = "searchUsersV2",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn search_users_v2(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::SearchUsersRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::SearchUsersResponseV2,
        conjure_http::private::Error,
    >;
    /// Get users by RID.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/users/batch",
        name = "getUsers",
        produces = conjure_http::server::conjure::CollectionResponseSerializer
    )]
    fn get_users(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "userRids",
            safe
        )]
        user_rids: std::collections::BTreeSet<
            super::super::super::super::objects::authentication::api::UserRid,
        >,
    ) -> Result<
        std::collections::BTreeSet<
            super::super::super::super::objects::authentication::api::UserV2,
        >,
        conjure_http::private::Error,
    >;
    /// Gets a user by RID.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/users/{userRid}",
        name = "getUser",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn get_user(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "userRid",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "userRid",
            safe
        )]
        user_rid: super::super::super::super::objects::authentication::api::UserRid,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Returns JWKS (JSON Web Key Set) for MediaMTX JWT verification.
    /// Only available if MediaMTX integration is enabled.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/jwks",
        name = "getJwks",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn get_jwks(
        &self,
    ) -> Result<
        super::super::super::super::objects::authentication::api::Jwks,
        conjure_http::private::Error,
    >;
    /// Generates a JWT token for MediaMTX authentication with a 2-hour expiration.
    /// The token is signed with the MediaMTX private key and contains the specified permissions.
    /// Requires authentication with Nominal. This endpoint is intended for internal use only.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/mediamtx/token",
        name = "generateMediaMtxToken",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn generate_media_mtx_token(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenResponse,
        conjure_http::private::Error,
    >;
    /// Gets coachmark dismissals for the authenticated user.
    /// Optionally filter by specific coachmark IDs.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/my/coachmarks/dismissals",
        name = "getMyCoachmarkDismissals",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn get_my_coachmark_dismissals(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsResponse,
        conjure_http::private::Error,
    >;
    /// Dismisses a coachmark for the authenticated user.
    /// Records the dismissal timestamp and app version.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/my/coachmarks/dismiss",
        name = "dismissMyCoachmark",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn dismiss_my_coachmark(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::DismissCoachmarkRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::CoachmarkDismissal,
        conjure_http::private::Error,
    >;
    /// Checks if a specific coachmark has been dismissed by the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/coachmarks/dismissed/{coachmarkId}",
        name = "isMyCoachmarkDismissed",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn is_my_coachmark_dismissed(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "coachmarkId",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "coachmarkId"
        )]
        coachmark_id: String,
    ) -> Result<bool, conjure_http::private::Error>;
    /// Resets a coachmark dismissal for the authenticated user.
    /// This allows the coachmark to be shown again.
    /// Primarily intended for testing and debugging.
    #[endpoint(
        method = DELETE,
        path = "/authentication/v2/my/coachmarks/dismissals/{coachmarkId}",
        name = "resetMyCoachmarkDismissal"
    )]
    fn reset_my_coachmark_dismissal(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "coachmarkId",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "coachmarkId"
        )]
        coachmark_id: String,
    ) -> Result<(), conjure_http::private::Error>;
    /// Batch preregister users in the caller's organization. Only creates new users for
    /// emails that don't already exist — existing accounts are silently skipped and not
    /// returned in the response. The caller must be an admin of the organization.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/batch-preregister-users",
        name = "batchPreregisterUsers",
        produces = conjure_http::server::StdResponseSerializer
    )]
    fn batch_preregister_users(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::BatchPreregisterUsersRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::BatchPreregisterUsersResponse,
        conjure_http::private::Error,
    >;
}
/// This service provides operations for managing user and org profiles/settings.
/// Its name is a bit of a misnomer.
#[conjure_http::conjure_endpoints(
    name = "AuthenticationServiceV2",
    use_legacy_error_serialization
)]
pub trait AsyncAuthenticationServiceV2 {
    /// Gets the profile of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/profile",
        name = "getMyProfile",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_my_profile(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Updates the profile of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/my/profile",
        name = "updateMyProfile",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn update_my_profile(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "updateMyProfileRequest"
        )]
        update_my_profile_request: super::super::super::super::objects::authentication::api::UpdateMyProfileRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Gets the settings of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/settings",
        name = "getMySettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_my_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserSettings,
        conjure_http::private::Error,
    >;
    /// Updates the settings of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/my/settings",
        name = "updateMySettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn update_my_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "userSettings"
        )]
        user_settings: super::super::super::super::objects::authentication::api::UserSettings,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserSettings,
        conjure_http::private::Error,
    >;
    /// Gets the settings of the org of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/org/settings",
        name = "getMyOrgSettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_my_org_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::OrgSettings,
        conjure_http::private::Error,
    >;
    /// Updates the settings of the org of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/org/settings",
        name = "updateMyOrgSettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn update_my_org_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "orgSettings",
            safe
        )]
        org_settings: super::super::super::super::objects::authentication::api::OrgSettings,
    ) -> Result<
        super::super::super::super::objects::authentication::api::OrgSettings,
        conjure_http::private::Error,
    >;
    /// Searches for users by email and displayName.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/users",
        name = "searchUsersV2",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn search_users_v2(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::SearchUsersRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::SearchUsersResponseV2,
        conjure_http::private::Error,
    >;
    /// Get users by RID.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/users/batch",
        name = "getUsers",
        produces = conjure_http::server::conjure::CollectionResponseSerializer
    )]
    async fn get_users(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "userRids",
            safe
        )]
        user_rids: std::collections::BTreeSet<
            super::super::super::super::objects::authentication::api::UserRid,
        >,
    ) -> Result<
        std::collections::BTreeSet<
            super::super::super::super::objects::authentication::api::UserV2,
        >,
        conjure_http::private::Error,
    >;
    /// Gets a user by RID.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/users/{userRid}",
        name = "getUser",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_user(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "userRid",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "userRid",
            safe
        )]
        user_rid: super::super::super::super::objects::authentication::api::UserRid,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Returns JWKS (JSON Web Key Set) for MediaMTX JWT verification.
    /// Only available if MediaMTX integration is enabled.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/jwks",
        name = "getJwks",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_jwks(
        &self,
    ) -> Result<
        super::super::super::super::objects::authentication::api::Jwks,
        conjure_http::private::Error,
    >;
    /// Generates a JWT token for MediaMTX authentication with a 2-hour expiration.
    /// The token is signed with the MediaMTX private key and contains the specified permissions.
    /// Requires authentication with Nominal. This endpoint is intended for internal use only.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/mediamtx/token",
        name = "generateMediaMtxToken",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn generate_media_mtx_token(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenResponse,
        conjure_http::private::Error,
    >;
    /// Gets coachmark dismissals for the authenticated user.
    /// Optionally filter by specific coachmark IDs.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/my/coachmarks/dismissals",
        name = "getMyCoachmarkDismissals",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_my_coachmark_dismissals(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsResponse,
        conjure_http::private::Error,
    >;
    /// Dismisses a coachmark for the authenticated user.
    /// Records the dismissal timestamp and app version.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/my/coachmarks/dismiss",
        name = "dismissMyCoachmark",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn dismiss_my_coachmark(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::DismissCoachmarkRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::CoachmarkDismissal,
        conjure_http::private::Error,
    >;
    /// Checks if a specific coachmark has been dismissed by the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/coachmarks/dismissed/{coachmarkId}",
        name = "isMyCoachmarkDismissed",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn is_my_coachmark_dismissed(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "coachmarkId",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "coachmarkId"
        )]
        coachmark_id: String,
    ) -> Result<bool, conjure_http::private::Error>;
    /// Resets a coachmark dismissal for the authenticated user.
    /// This allows the coachmark to be shown again.
    /// Primarily intended for testing and debugging.
    #[endpoint(
        method = DELETE,
        path = "/authentication/v2/my/coachmarks/dismissals/{coachmarkId}",
        name = "resetMyCoachmarkDismissal"
    )]
    async fn reset_my_coachmark_dismissal(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "coachmarkId",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "coachmarkId"
        )]
        coachmark_id: String,
    ) -> Result<(), conjure_http::private::Error>;
    /// Batch preregister users in the caller's organization. Only creates new users for
    /// emails that don't already exist — existing accounts are silently skipped and not
    /// returned in the response. The caller must be an admin of the organization.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/batch-preregister-users",
        name = "batchPreregisterUsers",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn batch_preregister_users(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::BatchPreregisterUsersRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::BatchPreregisterUsersResponse,
        conjure_http::private::Error,
    >;
}
/// This service provides operations for managing user and org profiles/settings.
/// Its name is a bit of a misnomer.
#[conjure_http::conjure_endpoints(
    name = "AuthenticationServiceV2",
    use_legacy_error_serialization,
    local
)]
pub trait LocalAsyncAuthenticationServiceV2 {
    /// Gets the profile of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/profile",
        name = "getMyProfile",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_my_profile(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Updates the profile of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/my/profile",
        name = "updateMyProfile",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn update_my_profile(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "updateMyProfileRequest"
        )]
        update_my_profile_request: super::super::super::super::objects::authentication::api::UpdateMyProfileRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Gets the settings of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/settings",
        name = "getMySettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_my_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserSettings,
        conjure_http::private::Error,
    >;
    /// Updates the settings of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/my/settings",
        name = "updateMySettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn update_my_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "userSettings"
        )]
        user_settings: super::super::super::super::objects::authentication::api::UserSettings,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserSettings,
        conjure_http::private::Error,
    >;
    /// Gets the settings of the org of the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/org/settings",
        name = "getMyOrgSettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_my_org_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
    ) -> Result<
        super::super::super::super::objects::authentication::api::OrgSettings,
        conjure_http::private::Error,
    >;
    /// Updates the settings of the org of the authenticated user.
    #[endpoint(
        method = PUT,
        path = "/authentication/v2/org/settings",
        name = "updateMyOrgSettings",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn update_my_org_settings(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "orgSettings",
            safe
        )]
        org_settings: super::super::super::super::objects::authentication::api::OrgSettings,
    ) -> Result<
        super::super::super::super::objects::authentication::api::OrgSettings,
        conjure_http::private::Error,
    >;
    /// Searches for users by email and displayName.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/users",
        name = "searchUsersV2",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn search_users_v2(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::SearchUsersRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::SearchUsersResponseV2,
        conjure_http::private::Error,
    >;
    /// Get users by RID.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/users/batch",
        name = "getUsers",
        produces = conjure_http::server::conjure::CollectionResponseSerializer
    )]
    async fn get_users(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(
            deserializer = conjure_http::server::StdRequestDeserializer,
            log_as = "userRids",
            safe
        )]
        user_rids: std::collections::BTreeSet<
            super::super::super::super::objects::authentication::api::UserRid,
        >,
    ) -> Result<
        std::collections::BTreeSet<
            super::super::super::super::objects::authentication::api::UserV2,
        >,
        conjure_http::private::Error,
    >;
    /// Gets a user by RID.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/users/{userRid}",
        name = "getUser",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_user(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "userRid",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "userRid",
            safe
        )]
        user_rid: super::super::super::super::objects::authentication::api::UserRid,
    ) -> Result<
        super::super::super::super::objects::authentication::api::UserV2,
        conjure_http::private::Error,
    >;
    /// Returns JWKS (JSON Web Key Set) for MediaMTX JWT verification.
    /// Only available if MediaMTX integration is enabled.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/jwks",
        name = "getJwks",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_jwks(
        &self,
    ) -> Result<
        super::super::super::super::objects::authentication::api::Jwks,
        conjure_http::private::Error,
    >;
    /// Generates a JWT token for MediaMTX authentication with a 2-hour expiration.
    /// The token is signed with the MediaMTX private key and contains the specified permissions.
    /// Requires authentication with Nominal. This endpoint is intended for internal use only.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/mediamtx/token",
        name = "generateMediaMtxToken",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn generate_media_mtx_token(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenResponse,
        conjure_http::private::Error,
    >;
    /// Gets coachmark dismissals for the authenticated user.
    /// Optionally filter by specific coachmark IDs.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/my/coachmarks/dismissals",
        name = "getMyCoachmarkDismissals",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn get_my_coachmark_dismissals(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsResponse,
        conjure_http::private::Error,
    >;
    /// Dismisses a coachmark for the authenticated user.
    /// Records the dismissal timestamp and app version.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/my/coachmarks/dismiss",
        name = "dismissMyCoachmark",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn dismiss_my_coachmark(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::DismissCoachmarkRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::CoachmarkDismissal,
        conjure_http::private::Error,
    >;
    /// Checks if a specific coachmark has been dismissed by the authenticated user.
    #[endpoint(
        method = GET,
        path = "/authentication/v2/my/coachmarks/dismissed/{coachmarkId}",
        name = "isMyCoachmarkDismissed",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn is_my_coachmark_dismissed(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "coachmarkId",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "coachmarkId"
        )]
        coachmark_id: String,
    ) -> Result<bool, conjure_http::private::Error>;
    /// Resets a coachmark dismissal for the authenticated user.
    /// This allows the coachmark to be shown again.
    /// Primarily intended for testing and debugging.
    #[endpoint(
        method = DELETE,
        path = "/authentication/v2/my/coachmarks/dismissals/{coachmarkId}",
        name = "resetMyCoachmarkDismissal"
    )]
    async fn reset_my_coachmark_dismissal(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[path(
            name = "coachmarkId",
            decoder = conjure_http::server::conjure::FromPlainDecoder,
            log_as = "coachmarkId"
        )]
        coachmark_id: String,
    ) -> Result<(), conjure_http::private::Error>;
    /// Batch preregister users in the caller's organization. Only creates new users for
    /// emails that don't already exist — existing accounts are silently skipped and not
    /// returned in the response. The caller must be an admin of the organization.
    #[endpoint(
        method = POST,
        path = "/authentication/v2/batch-preregister-users",
        name = "batchPreregisterUsers",
        produces = conjure_http::server::StdResponseSerializer
    )]
    async fn batch_preregister_users(
        &self,
        #[auth]
        auth_: conjure_object::BearerToken,
        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
        request: super::super::super::super::objects::authentication::api::BatchPreregisterUsersRequest,
    ) -> Result<
        super::super::super::super::objects::authentication::api::BatchPreregisterUsersResponse,
        conjure_http::private::Error,
    >;
}