Skip to main content

nominal_api/conjure/endpoints/authentication/api/
authentication_service_v2.rs

1use conjure_http::endpoint;
2/// This service provides operations for managing user and org profiles/settings.
3/// Its name is a bit of a misnomer.
4#[conjure_http::conjure_endpoints(
5    name = "AuthenticationServiceV2",
6    use_legacy_error_serialization
7)]
8pub trait AuthenticationServiceV2 {
9    /// Gets the profile of the authenticated user.
10    #[endpoint(
11        method = GET,
12        path = "/authentication/v2/my/profile",
13        name = "getMyProfile",
14        produces = conjure_http::server::StdResponseSerializer
15    )]
16    fn get_my_profile(
17        &self,
18        #[auth]
19        auth_: conjure_object::BearerToken,
20    ) -> Result<
21        super::super::super::super::objects::authentication::api::UserV2,
22        conjure_http::private::Error,
23    >;
24    /// Updates the profile of the authenticated user.
25    #[endpoint(
26        method = PUT,
27        path = "/authentication/v2/my/profile",
28        name = "updateMyProfile",
29        produces = conjure_http::server::StdResponseSerializer
30    )]
31    fn update_my_profile(
32        &self,
33        #[auth]
34        auth_: conjure_object::BearerToken,
35        #[body(
36            deserializer = conjure_http::server::StdRequestDeserializer,
37            log_as = "updateMyProfileRequest"
38        )]
39        update_my_profile_request: super::super::super::super::objects::authentication::api::UpdateMyProfileRequest,
40    ) -> Result<
41        super::super::super::super::objects::authentication::api::UserV2,
42        conjure_http::private::Error,
43    >;
44    /// Gets the settings of the authenticated user.
45    #[endpoint(
46        method = GET,
47        path = "/authentication/v2/my/settings",
48        name = "getMySettings",
49        produces = conjure_http::server::StdResponseSerializer
50    )]
51    fn get_my_settings(
52        &self,
53        #[auth]
54        auth_: conjure_object::BearerToken,
55    ) -> Result<
56        super::super::super::super::objects::authentication::api::UserSettings,
57        conjure_http::private::Error,
58    >;
59    /// Updates the settings of the authenticated user.
60    #[endpoint(
61        method = PUT,
62        path = "/authentication/v2/my/settings",
63        name = "updateMySettings",
64        produces = conjure_http::server::StdResponseSerializer
65    )]
66    fn update_my_settings(
67        &self,
68        #[auth]
69        auth_: conjure_object::BearerToken,
70        #[body(
71            deserializer = conjure_http::server::StdRequestDeserializer,
72            log_as = "userSettings"
73        )]
74        user_settings: super::super::super::super::objects::authentication::api::UserSettings,
75    ) -> Result<
76        super::super::super::super::objects::authentication::api::UserSettings,
77        conjure_http::private::Error,
78    >;
79    /// Gets the settings of the org of the authenticated user.
80    #[endpoint(
81        method = GET,
82        path = "/authentication/v2/org/settings",
83        name = "getMyOrgSettings",
84        produces = conjure_http::server::StdResponseSerializer
85    )]
86    fn get_my_org_settings(
87        &self,
88        #[auth]
89        auth_: conjure_object::BearerToken,
90    ) -> Result<
91        super::super::super::super::objects::authentication::api::OrgSettings,
92        conjure_http::private::Error,
93    >;
94    /// Updates the settings of the org of the authenticated user.
95    #[endpoint(
96        method = PUT,
97        path = "/authentication/v2/org/settings",
98        name = "updateMyOrgSettings",
99        produces = conjure_http::server::StdResponseSerializer
100    )]
101    fn update_my_org_settings(
102        &self,
103        #[auth]
104        auth_: conjure_object::BearerToken,
105        #[body(
106            deserializer = conjure_http::server::StdRequestDeserializer,
107            log_as = "orgSettings",
108            safe
109        )]
110        org_settings: super::super::super::super::objects::authentication::api::OrgSettings,
111    ) -> Result<
112        super::super::super::super::objects::authentication::api::OrgSettings,
113        conjure_http::private::Error,
114    >;
115    /// Searches for users by email and displayName.
116    #[endpoint(
117        method = POST,
118        path = "/authentication/v2/users",
119        name = "searchUsersV2",
120        produces = conjure_http::server::StdResponseSerializer
121    )]
122    fn search_users_v2(
123        &self,
124        #[auth]
125        auth_: conjure_object::BearerToken,
126        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
127        request: super::super::super::super::objects::authentication::api::SearchUsersRequest,
128    ) -> Result<
129        super::super::super::super::objects::authentication::api::SearchUsersResponseV2,
130        conjure_http::private::Error,
131    >;
132    /// Get users by RID.
133    #[endpoint(
134        method = POST,
135        path = "/authentication/v2/users/batch",
136        name = "getUsers",
137        produces = conjure_http::server::conjure::CollectionResponseSerializer
138    )]
139    fn get_users(
140        &self,
141        #[auth]
142        auth_: conjure_object::BearerToken,
143        #[body(
144            deserializer = conjure_http::server::StdRequestDeserializer,
145            log_as = "userRids",
146            safe
147        )]
148        user_rids: std::collections::BTreeSet<
149            super::super::super::super::objects::authentication::api::UserRid,
150        >,
151    ) -> Result<
152        std::collections::BTreeSet<
153            super::super::super::super::objects::authentication::api::UserV2,
154        >,
155        conjure_http::private::Error,
156    >;
157    /// Gets a user by RID.
158    #[endpoint(
159        method = GET,
160        path = "/authentication/v2/users/{userRid}",
161        name = "getUser",
162        produces = conjure_http::server::StdResponseSerializer
163    )]
164    fn get_user(
165        &self,
166        #[auth]
167        auth_: conjure_object::BearerToken,
168        #[path(
169            name = "userRid",
170            decoder = conjure_http::server::conjure::FromPlainDecoder,
171            log_as = "userRid",
172            safe
173        )]
174        user_rid: super::super::super::super::objects::authentication::api::UserRid,
175    ) -> Result<
176        super::super::super::super::objects::authentication::api::UserV2,
177        conjure_http::private::Error,
178    >;
179    /// Returns JWKS (JSON Web Key Set) for MediaMTX JWT verification.
180    /// Only available if MediaMTX integration is enabled.
181    #[endpoint(
182        method = GET,
183        path = "/authentication/v2/jwks",
184        name = "getJwks",
185        produces = conjure_http::server::StdResponseSerializer
186    )]
187    fn get_jwks(
188        &self,
189    ) -> Result<
190        super::super::super::super::objects::authentication::api::Jwks,
191        conjure_http::private::Error,
192    >;
193    /// Generates a JWT token for MediaMTX authentication with a 2-hour expiration.
194    /// The token is signed with the MediaMTX private key and contains the specified permissions.
195    /// Requires authentication with Nominal. This endpoint is intended for internal use only.
196    #[endpoint(
197        method = POST,
198        path = "/authentication/v2/mediamtx/token",
199        name = "generateMediaMtxToken",
200        produces = conjure_http::server::StdResponseSerializer
201    )]
202    fn generate_media_mtx_token(
203        &self,
204        #[auth]
205        auth_: conjure_object::BearerToken,
206        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
207        request: super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenRequest,
208    ) -> Result<
209        super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenResponse,
210        conjure_http::private::Error,
211    >;
212    /// Gets coachmark dismissals for the authenticated user.
213    /// Optionally filter by specific coachmark IDs.
214    #[endpoint(
215        method = POST,
216        path = "/authentication/v2/my/coachmarks/dismissals",
217        name = "getMyCoachmarkDismissals",
218        produces = conjure_http::server::StdResponseSerializer
219    )]
220    fn get_my_coachmark_dismissals(
221        &self,
222        #[auth]
223        auth_: conjure_object::BearerToken,
224        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
225        request: super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsRequest,
226    ) -> Result<
227        super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsResponse,
228        conjure_http::private::Error,
229    >;
230    /// Dismisses a coachmark for the authenticated user.
231    /// Records the dismissal timestamp and app version.
232    #[endpoint(
233        method = POST,
234        path = "/authentication/v2/my/coachmarks/dismiss",
235        name = "dismissMyCoachmark",
236        produces = conjure_http::server::StdResponseSerializer
237    )]
238    fn dismiss_my_coachmark(
239        &self,
240        #[auth]
241        auth_: conjure_object::BearerToken,
242        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
243        request: super::super::super::super::objects::authentication::api::DismissCoachmarkRequest,
244    ) -> Result<
245        super::super::super::super::objects::authentication::api::CoachmarkDismissal,
246        conjure_http::private::Error,
247    >;
248    /// Checks if a specific coachmark has been dismissed by the authenticated user.
249    #[endpoint(
250        method = GET,
251        path = "/authentication/v2/my/coachmarks/dismissed/{coachmarkId}",
252        name = "isMyCoachmarkDismissed",
253        produces = conjure_http::server::StdResponseSerializer
254    )]
255    fn is_my_coachmark_dismissed(
256        &self,
257        #[auth]
258        auth_: conjure_object::BearerToken,
259        #[path(
260            name = "coachmarkId",
261            decoder = conjure_http::server::conjure::FromPlainDecoder,
262            log_as = "coachmarkId"
263        )]
264        coachmark_id: String,
265    ) -> Result<bool, conjure_http::private::Error>;
266    /// Resets a coachmark dismissal for the authenticated user.
267    /// This allows the coachmark to be shown again.
268    /// Primarily intended for testing and debugging.
269    #[endpoint(
270        method = DELETE,
271        path = "/authentication/v2/my/coachmarks/dismissals/{coachmarkId}",
272        name = "resetMyCoachmarkDismissal"
273    )]
274    fn reset_my_coachmark_dismissal(
275        &self,
276        #[auth]
277        auth_: conjure_object::BearerToken,
278        #[path(
279            name = "coachmarkId",
280            decoder = conjure_http::server::conjure::FromPlainDecoder,
281            log_as = "coachmarkId"
282        )]
283        coachmark_id: String,
284    ) -> Result<(), conjure_http::private::Error>;
285    /// Batch preregister users in the caller's organization. Only creates new users for
286    /// emails that don't already exist — existing accounts are silently skipped and not
287    /// returned in the response. The caller must be an admin of the organization.
288    #[endpoint(
289        method = POST,
290        path = "/authentication/v2/batch-preregister-users",
291        name = "batchPreregisterUsers",
292        produces = conjure_http::server::StdResponseSerializer
293    )]
294    fn batch_preregister_users(
295        &self,
296        #[auth]
297        auth_: conjure_object::BearerToken,
298        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
299        request: super::super::super::super::objects::authentication::api::BatchPreregisterUsersRequest,
300    ) -> Result<
301        super::super::super::super::objects::authentication::api::BatchPreregisterUsersResponse,
302        conjure_http::private::Error,
303    >;
304}
305/// This service provides operations for managing user and org profiles/settings.
306/// Its name is a bit of a misnomer.
307#[conjure_http::conjure_endpoints(
308    name = "AuthenticationServiceV2",
309    use_legacy_error_serialization
310)]
311pub trait AsyncAuthenticationServiceV2 {
312    /// Gets the profile of the authenticated user.
313    #[endpoint(
314        method = GET,
315        path = "/authentication/v2/my/profile",
316        name = "getMyProfile",
317        produces = conjure_http::server::StdResponseSerializer
318    )]
319    async fn get_my_profile(
320        &self,
321        #[auth]
322        auth_: conjure_object::BearerToken,
323    ) -> Result<
324        super::super::super::super::objects::authentication::api::UserV2,
325        conjure_http::private::Error,
326    >;
327    /// Updates the profile of the authenticated user.
328    #[endpoint(
329        method = PUT,
330        path = "/authentication/v2/my/profile",
331        name = "updateMyProfile",
332        produces = conjure_http::server::StdResponseSerializer
333    )]
334    async fn update_my_profile(
335        &self,
336        #[auth]
337        auth_: conjure_object::BearerToken,
338        #[body(
339            deserializer = conjure_http::server::StdRequestDeserializer,
340            log_as = "updateMyProfileRequest"
341        )]
342        update_my_profile_request: super::super::super::super::objects::authentication::api::UpdateMyProfileRequest,
343    ) -> Result<
344        super::super::super::super::objects::authentication::api::UserV2,
345        conjure_http::private::Error,
346    >;
347    /// Gets the settings of the authenticated user.
348    #[endpoint(
349        method = GET,
350        path = "/authentication/v2/my/settings",
351        name = "getMySettings",
352        produces = conjure_http::server::StdResponseSerializer
353    )]
354    async fn get_my_settings(
355        &self,
356        #[auth]
357        auth_: conjure_object::BearerToken,
358    ) -> Result<
359        super::super::super::super::objects::authentication::api::UserSettings,
360        conjure_http::private::Error,
361    >;
362    /// Updates the settings of the authenticated user.
363    #[endpoint(
364        method = PUT,
365        path = "/authentication/v2/my/settings",
366        name = "updateMySettings",
367        produces = conjure_http::server::StdResponseSerializer
368    )]
369    async fn update_my_settings(
370        &self,
371        #[auth]
372        auth_: conjure_object::BearerToken,
373        #[body(
374            deserializer = conjure_http::server::StdRequestDeserializer,
375            log_as = "userSettings"
376        )]
377        user_settings: super::super::super::super::objects::authentication::api::UserSettings,
378    ) -> Result<
379        super::super::super::super::objects::authentication::api::UserSettings,
380        conjure_http::private::Error,
381    >;
382    /// Gets the settings of the org of the authenticated user.
383    #[endpoint(
384        method = GET,
385        path = "/authentication/v2/org/settings",
386        name = "getMyOrgSettings",
387        produces = conjure_http::server::StdResponseSerializer
388    )]
389    async fn get_my_org_settings(
390        &self,
391        #[auth]
392        auth_: conjure_object::BearerToken,
393    ) -> Result<
394        super::super::super::super::objects::authentication::api::OrgSettings,
395        conjure_http::private::Error,
396    >;
397    /// Updates the settings of the org of the authenticated user.
398    #[endpoint(
399        method = PUT,
400        path = "/authentication/v2/org/settings",
401        name = "updateMyOrgSettings",
402        produces = conjure_http::server::StdResponseSerializer
403    )]
404    async fn update_my_org_settings(
405        &self,
406        #[auth]
407        auth_: conjure_object::BearerToken,
408        #[body(
409            deserializer = conjure_http::server::StdRequestDeserializer,
410            log_as = "orgSettings",
411            safe
412        )]
413        org_settings: super::super::super::super::objects::authentication::api::OrgSettings,
414    ) -> Result<
415        super::super::super::super::objects::authentication::api::OrgSettings,
416        conjure_http::private::Error,
417    >;
418    /// Searches for users by email and displayName.
419    #[endpoint(
420        method = POST,
421        path = "/authentication/v2/users",
422        name = "searchUsersV2",
423        produces = conjure_http::server::StdResponseSerializer
424    )]
425    async fn search_users_v2(
426        &self,
427        #[auth]
428        auth_: conjure_object::BearerToken,
429        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
430        request: super::super::super::super::objects::authentication::api::SearchUsersRequest,
431    ) -> Result<
432        super::super::super::super::objects::authentication::api::SearchUsersResponseV2,
433        conjure_http::private::Error,
434    >;
435    /// Get users by RID.
436    #[endpoint(
437        method = POST,
438        path = "/authentication/v2/users/batch",
439        name = "getUsers",
440        produces = conjure_http::server::conjure::CollectionResponseSerializer
441    )]
442    async fn get_users(
443        &self,
444        #[auth]
445        auth_: conjure_object::BearerToken,
446        #[body(
447            deserializer = conjure_http::server::StdRequestDeserializer,
448            log_as = "userRids",
449            safe
450        )]
451        user_rids: std::collections::BTreeSet<
452            super::super::super::super::objects::authentication::api::UserRid,
453        >,
454    ) -> Result<
455        std::collections::BTreeSet<
456            super::super::super::super::objects::authentication::api::UserV2,
457        >,
458        conjure_http::private::Error,
459    >;
460    /// Gets a user by RID.
461    #[endpoint(
462        method = GET,
463        path = "/authentication/v2/users/{userRid}",
464        name = "getUser",
465        produces = conjure_http::server::StdResponseSerializer
466    )]
467    async fn get_user(
468        &self,
469        #[auth]
470        auth_: conjure_object::BearerToken,
471        #[path(
472            name = "userRid",
473            decoder = conjure_http::server::conjure::FromPlainDecoder,
474            log_as = "userRid",
475            safe
476        )]
477        user_rid: super::super::super::super::objects::authentication::api::UserRid,
478    ) -> Result<
479        super::super::super::super::objects::authentication::api::UserV2,
480        conjure_http::private::Error,
481    >;
482    /// Returns JWKS (JSON Web Key Set) for MediaMTX JWT verification.
483    /// Only available if MediaMTX integration is enabled.
484    #[endpoint(
485        method = GET,
486        path = "/authentication/v2/jwks",
487        name = "getJwks",
488        produces = conjure_http::server::StdResponseSerializer
489    )]
490    async fn get_jwks(
491        &self,
492    ) -> Result<
493        super::super::super::super::objects::authentication::api::Jwks,
494        conjure_http::private::Error,
495    >;
496    /// Generates a JWT token for MediaMTX authentication with a 2-hour expiration.
497    /// The token is signed with the MediaMTX private key and contains the specified permissions.
498    /// Requires authentication with Nominal. This endpoint is intended for internal use only.
499    #[endpoint(
500        method = POST,
501        path = "/authentication/v2/mediamtx/token",
502        name = "generateMediaMtxToken",
503        produces = conjure_http::server::StdResponseSerializer
504    )]
505    async fn generate_media_mtx_token(
506        &self,
507        #[auth]
508        auth_: conjure_object::BearerToken,
509        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
510        request: super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenRequest,
511    ) -> Result<
512        super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenResponse,
513        conjure_http::private::Error,
514    >;
515    /// Gets coachmark dismissals for the authenticated user.
516    /// Optionally filter by specific coachmark IDs.
517    #[endpoint(
518        method = POST,
519        path = "/authentication/v2/my/coachmarks/dismissals",
520        name = "getMyCoachmarkDismissals",
521        produces = conjure_http::server::StdResponseSerializer
522    )]
523    async fn get_my_coachmark_dismissals(
524        &self,
525        #[auth]
526        auth_: conjure_object::BearerToken,
527        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
528        request: super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsRequest,
529    ) -> Result<
530        super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsResponse,
531        conjure_http::private::Error,
532    >;
533    /// Dismisses a coachmark for the authenticated user.
534    /// Records the dismissal timestamp and app version.
535    #[endpoint(
536        method = POST,
537        path = "/authentication/v2/my/coachmarks/dismiss",
538        name = "dismissMyCoachmark",
539        produces = conjure_http::server::StdResponseSerializer
540    )]
541    async fn dismiss_my_coachmark(
542        &self,
543        #[auth]
544        auth_: conjure_object::BearerToken,
545        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
546        request: super::super::super::super::objects::authentication::api::DismissCoachmarkRequest,
547    ) -> Result<
548        super::super::super::super::objects::authentication::api::CoachmarkDismissal,
549        conjure_http::private::Error,
550    >;
551    /// Checks if a specific coachmark has been dismissed by the authenticated user.
552    #[endpoint(
553        method = GET,
554        path = "/authentication/v2/my/coachmarks/dismissed/{coachmarkId}",
555        name = "isMyCoachmarkDismissed",
556        produces = conjure_http::server::StdResponseSerializer
557    )]
558    async fn is_my_coachmark_dismissed(
559        &self,
560        #[auth]
561        auth_: conjure_object::BearerToken,
562        #[path(
563            name = "coachmarkId",
564            decoder = conjure_http::server::conjure::FromPlainDecoder,
565            log_as = "coachmarkId"
566        )]
567        coachmark_id: String,
568    ) -> Result<bool, conjure_http::private::Error>;
569    /// Resets a coachmark dismissal for the authenticated user.
570    /// This allows the coachmark to be shown again.
571    /// Primarily intended for testing and debugging.
572    #[endpoint(
573        method = DELETE,
574        path = "/authentication/v2/my/coachmarks/dismissals/{coachmarkId}",
575        name = "resetMyCoachmarkDismissal"
576    )]
577    async fn reset_my_coachmark_dismissal(
578        &self,
579        #[auth]
580        auth_: conjure_object::BearerToken,
581        #[path(
582            name = "coachmarkId",
583            decoder = conjure_http::server::conjure::FromPlainDecoder,
584            log_as = "coachmarkId"
585        )]
586        coachmark_id: String,
587    ) -> Result<(), conjure_http::private::Error>;
588    /// Batch preregister users in the caller's organization. Only creates new users for
589    /// emails that don't already exist — existing accounts are silently skipped and not
590    /// returned in the response. The caller must be an admin of the organization.
591    #[endpoint(
592        method = POST,
593        path = "/authentication/v2/batch-preregister-users",
594        name = "batchPreregisterUsers",
595        produces = conjure_http::server::StdResponseSerializer
596    )]
597    async fn batch_preregister_users(
598        &self,
599        #[auth]
600        auth_: conjure_object::BearerToken,
601        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
602        request: super::super::super::super::objects::authentication::api::BatchPreregisterUsersRequest,
603    ) -> Result<
604        super::super::super::super::objects::authentication::api::BatchPreregisterUsersResponse,
605        conjure_http::private::Error,
606    >;
607}
608/// This service provides operations for managing user and org profiles/settings.
609/// Its name is a bit of a misnomer.
610#[conjure_http::conjure_endpoints(
611    name = "AuthenticationServiceV2",
612    use_legacy_error_serialization,
613    local
614)]
615pub trait LocalAsyncAuthenticationServiceV2 {
616    /// Gets the profile of the authenticated user.
617    #[endpoint(
618        method = GET,
619        path = "/authentication/v2/my/profile",
620        name = "getMyProfile",
621        produces = conjure_http::server::StdResponseSerializer
622    )]
623    async fn get_my_profile(
624        &self,
625        #[auth]
626        auth_: conjure_object::BearerToken,
627    ) -> Result<
628        super::super::super::super::objects::authentication::api::UserV2,
629        conjure_http::private::Error,
630    >;
631    /// Updates the profile of the authenticated user.
632    #[endpoint(
633        method = PUT,
634        path = "/authentication/v2/my/profile",
635        name = "updateMyProfile",
636        produces = conjure_http::server::StdResponseSerializer
637    )]
638    async fn update_my_profile(
639        &self,
640        #[auth]
641        auth_: conjure_object::BearerToken,
642        #[body(
643            deserializer = conjure_http::server::StdRequestDeserializer,
644            log_as = "updateMyProfileRequest"
645        )]
646        update_my_profile_request: super::super::super::super::objects::authentication::api::UpdateMyProfileRequest,
647    ) -> Result<
648        super::super::super::super::objects::authentication::api::UserV2,
649        conjure_http::private::Error,
650    >;
651    /// Gets the settings of the authenticated user.
652    #[endpoint(
653        method = GET,
654        path = "/authentication/v2/my/settings",
655        name = "getMySettings",
656        produces = conjure_http::server::StdResponseSerializer
657    )]
658    async fn get_my_settings(
659        &self,
660        #[auth]
661        auth_: conjure_object::BearerToken,
662    ) -> Result<
663        super::super::super::super::objects::authentication::api::UserSettings,
664        conjure_http::private::Error,
665    >;
666    /// Updates the settings of the authenticated user.
667    #[endpoint(
668        method = PUT,
669        path = "/authentication/v2/my/settings",
670        name = "updateMySettings",
671        produces = conjure_http::server::StdResponseSerializer
672    )]
673    async fn update_my_settings(
674        &self,
675        #[auth]
676        auth_: conjure_object::BearerToken,
677        #[body(
678            deserializer = conjure_http::server::StdRequestDeserializer,
679            log_as = "userSettings"
680        )]
681        user_settings: super::super::super::super::objects::authentication::api::UserSettings,
682    ) -> Result<
683        super::super::super::super::objects::authentication::api::UserSettings,
684        conjure_http::private::Error,
685    >;
686    /// Gets the settings of the org of the authenticated user.
687    #[endpoint(
688        method = GET,
689        path = "/authentication/v2/org/settings",
690        name = "getMyOrgSettings",
691        produces = conjure_http::server::StdResponseSerializer
692    )]
693    async fn get_my_org_settings(
694        &self,
695        #[auth]
696        auth_: conjure_object::BearerToken,
697    ) -> Result<
698        super::super::super::super::objects::authentication::api::OrgSettings,
699        conjure_http::private::Error,
700    >;
701    /// Updates the settings of the org of the authenticated user.
702    #[endpoint(
703        method = PUT,
704        path = "/authentication/v2/org/settings",
705        name = "updateMyOrgSettings",
706        produces = conjure_http::server::StdResponseSerializer
707    )]
708    async fn update_my_org_settings(
709        &self,
710        #[auth]
711        auth_: conjure_object::BearerToken,
712        #[body(
713            deserializer = conjure_http::server::StdRequestDeserializer,
714            log_as = "orgSettings",
715            safe
716        )]
717        org_settings: super::super::super::super::objects::authentication::api::OrgSettings,
718    ) -> Result<
719        super::super::super::super::objects::authentication::api::OrgSettings,
720        conjure_http::private::Error,
721    >;
722    /// Searches for users by email and displayName.
723    #[endpoint(
724        method = POST,
725        path = "/authentication/v2/users",
726        name = "searchUsersV2",
727        produces = conjure_http::server::StdResponseSerializer
728    )]
729    async fn search_users_v2(
730        &self,
731        #[auth]
732        auth_: conjure_object::BearerToken,
733        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
734        request: super::super::super::super::objects::authentication::api::SearchUsersRequest,
735    ) -> Result<
736        super::super::super::super::objects::authentication::api::SearchUsersResponseV2,
737        conjure_http::private::Error,
738    >;
739    /// Get users by RID.
740    #[endpoint(
741        method = POST,
742        path = "/authentication/v2/users/batch",
743        name = "getUsers",
744        produces = conjure_http::server::conjure::CollectionResponseSerializer
745    )]
746    async fn get_users(
747        &self,
748        #[auth]
749        auth_: conjure_object::BearerToken,
750        #[body(
751            deserializer = conjure_http::server::StdRequestDeserializer,
752            log_as = "userRids",
753            safe
754        )]
755        user_rids: std::collections::BTreeSet<
756            super::super::super::super::objects::authentication::api::UserRid,
757        >,
758    ) -> Result<
759        std::collections::BTreeSet<
760            super::super::super::super::objects::authentication::api::UserV2,
761        >,
762        conjure_http::private::Error,
763    >;
764    /// Gets a user by RID.
765    #[endpoint(
766        method = GET,
767        path = "/authentication/v2/users/{userRid}",
768        name = "getUser",
769        produces = conjure_http::server::StdResponseSerializer
770    )]
771    async fn get_user(
772        &self,
773        #[auth]
774        auth_: conjure_object::BearerToken,
775        #[path(
776            name = "userRid",
777            decoder = conjure_http::server::conjure::FromPlainDecoder,
778            log_as = "userRid",
779            safe
780        )]
781        user_rid: super::super::super::super::objects::authentication::api::UserRid,
782    ) -> Result<
783        super::super::super::super::objects::authentication::api::UserV2,
784        conjure_http::private::Error,
785    >;
786    /// Returns JWKS (JSON Web Key Set) for MediaMTX JWT verification.
787    /// Only available if MediaMTX integration is enabled.
788    #[endpoint(
789        method = GET,
790        path = "/authentication/v2/jwks",
791        name = "getJwks",
792        produces = conjure_http::server::StdResponseSerializer
793    )]
794    async fn get_jwks(
795        &self,
796    ) -> Result<
797        super::super::super::super::objects::authentication::api::Jwks,
798        conjure_http::private::Error,
799    >;
800    /// Generates a JWT token for MediaMTX authentication with a 2-hour expiration.
801    /// The token is signed with the MediaMTX private key and contains the specified permissions.
802    /// Requires authentication with Nominal. This endpoint is intended for internal use only.
803    #[endpoint(
804        method = POST,
805        path = "/authentication/v2/mediamtx/token",
806        name = "generateMediaMtxToken",
807        produces = conjure_http::server::StdResponseSerializer
808    )]
809    async fn generate_media_mtx_token(
810        &self,
811        #[auth]
812        auth_: conjure_object::BearerToken,
813        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
814        request: super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenRequest,
815    ) -> Result<
816        super::super::super::super::objects::authentication::api::GenerateMediaMtxTokenResponse,
817        conjure_http::private::Error,
818    >;
819    /// Gets coachmark dismissals for the authenticated user.
820    /// Optionally filter by specific coachmark IDs.
821    #[endpoint(
822        method = POST,
823        path = "/authentication/v2/my/coachmarks/dismissals",
824        name = "getMyCoachmarkDismissals",
825        produces = conjure_http::server::StdResponseSerializer
826    )]
827    async fn get_my_coachmark_dismissals(
828        &self,
829        #[auth]
830        auth_: conjure_object::BearerToken,
831        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
832        request: super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsRequest,
833    ) -> Result<
834        super::super::super::super::objects::authentication::api::GetCoachmarkDismissalsResponse,
835        conjure_http::private::Error,
836    >;
837    /// Dismisses a coachmark for the authenticated user.
838    /// Records the dismissal timestamp and app version.
839    #[endpoint(
840        method = POST,
841        path = "/authentication/v2/my/coachmarks/dismiss",
842        name = "dismissMyCoachmark",
843        produces = conjure_http::server::StdResponseSerializer
844    )]
845    async fn dismiss_my_coachmark(
846        &self,
847        #[auth]
848        auth_: conjure_object::BearerToken,
849        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
850        request: super::super::super::super::objects::authentication::api::DismissCoachmarkRequest,
851    ) -> Result<
852        super::super::super::super::objects::authentication::api::CoachmarkDismissal,
853        conjure_http::private::Error,
854    >;
855    /// Checks if a specific coachmark has been dismissed by the authenticated user.
856    #[endpoint(
857        method = GET,
858        path = "/authentication/v2/my/coachmarks/dismissed/{coachmarkId}",
859        name = "isMyCoachmarkDismissed",
860        produces = conjure_http::server::StdResponseSerializer
861    )]
862    async fn is_my_coachmark_dismissed(
863        &self,
864        #[auth]
865        auth_: conjure_object::BearerToken,
866        #[path(
867            name = "coachmarkId",
868            decoder = conjure_http::server::conjure::FromPlainDecoder,
869            log_as = "coachmarkId"
870        )]
871        coachmark_id: String,
872    ) -> Result<bool, conjure_http::private::Error>;
873    /// Resets a coachmark dismissal for the authenticated user.
874    /// This allows the coachmark to be shown again.
875    /// Primarily intended for testing and debugging.
876    #[endpoint(
877        method = DELETE,
878        path = "/authentication/v2/my/coachmarks/dismissals/{coachmarkId}",
879        name = "resetMyCoachmarkDismissal"
880    )]
881    async fn reset_my_coachmark_dismissal(
882        &self,
883        #[auth]
884        auth_: conjure_object::BearerToken,
885        #[path(
886            name = "coachmarkId",
887            decoder = conjure_http::server::conjure::FromPlainDecoder,
888            log_as = "coachmarkId"
889        )]
890        coachmark_id: String,
891    ) -> Result<(), conjure_http::private::Error>;
892    /// Batch preregister users in the caller's organization. Only creates new users for
893    /// emails that don't already exist — existing accounts are silently skipped and not
894    /// returned in the response. The caller must be an admin of the organization.
895    #[endpoint(
896        method = POST,
897        path = "/authentication/v2/batch-preregister-users",
898        name = "batchPreregisterUsers",
899        produces = conjure_http::server::StdResponseSerializer
900    )]
901    async fn batch_preregister_users(
902        &self,
903        #[auth]
904        auth_: conjure_object::BearerToken,
905        #[body(deserializer = conjure_http::server::StdRequestDeserializer)]
906        request: super::super::super::super::objects::authentication::api::BatchPreregisterUsersRequest,
907    ) -> Result<
908        super::super::super::super::objects::authentication::api::BatchPreregisterUsersResponse,
909        conjure_http::private::Error,
910    >;
911}