models

type AcceptFDXConsentRequest struct {

	// granted scopes
	GrantedScopes GrantedScopes `json:"granted_scopes,omitempty" yaml:"granted_scopes,omitempty"`

	// login state
	LoginState string `json:"login_state,omitempty" yaml:"login_state,omitempty"`

	// resources
	Resources []*FDXResource `json:"resources" yaml:"resources"`
}

type AuthenticationContext map[string]interface{}

type AuthorizationDetailType string

type ClientInfo struct {

	// Human-readable name of a client application.
	// Example: My app
	ClientName string `json:"client_name,omitempty" yaml:"client_name,omitempty"`

	// URI of a client application.
	ClientURI string `json:"client_uri,omitempty" yaml:"client_uri,omitempty"`

	// Description of the client application.
	Description string `json:"description,omitempty" yaml:"description,omitempty"`

	// Logo URI.
	LogoURI string `json:"logo_uri,omitempty" yaml:"logo_uri,omitempty"`

	// External organization identifier. It is a unique string assigned by the CDR Register to identify an Accredited
	// Data Recipient Brand.
	//
	// The value obtained is used as the `aud` claim for message signing, for example, when a JSON Web Token (JWT) is
	// required for authorization, and represents the audience(s) the JWT is intended for.
	// Example: 5647fe90-f6bc-11eb-9a03-0242ac130003
	OrganisationID string `json:"organisation_id,omitempty" yaml:"organisation_id,omitempty"`

	// Policy URL to read about how the profile data is used.
	PolicyURI string `json:"policy_uri,omitempty" yaml:"policy_uri,omitempty"`

	// Terms of Service URL.
	TosURI string `json:"tos_uri,omitempty" yaml:"tos_uri,omitempty"`
}

type ClientJWK struct {

	// The "alg" (algorithm) parameter identifies the algorithm intended for
	// use with the key.  The values used should either be registered in the
	// IANA "JSON Web Signature and Encryption Algorithms" registry
	// established by [JWA] or be a value that contains a Collision-
	// Resistant Name.
	// Example: RS256
	Alg string `json:"alg,omitempty" yaml:"alg,omitempty"`

	// crv
	// Example: P-256
	Crv string `json:"crv,omitempty" yaml:"crv,omitempty"`

	// d
	// Example: T_N8I-6He3M8a7X1vWt6TGIx4xB_GP3Mb4SsZSA4v-orvJzzRiQhLlRR81naWYxfQAYt5isDI6_C2L9bdWo4FFPjGQFvNoRX-_sBJyBI_rl-TBgsZYoUlAj3J92WmY2inbA-PwyJfsaIIDceYBC-eX-xiCu6qMqkZi3MwQAFL6bMdPEM0z4JBcwFT3VdiWAIRUuACWQwrXMq672x7fMuaIaHi7XDGgt1ith23CLfaREmJku9PQcchbt_uEY-hqrFY6ntTtS4paWWQj86xLL94S-Tf6v6xkL918PfLSOTq6XCzxvlFwzBJqApnAhbwqLjpPhgUG04EDRrqrSBc5Y1BLevn6Ip5h1AhessBp3wLkQgz_roeckt-ybvzKTjESMuagnpqLvOT7Y9veIug2MwPJZI2VjczRc1vzMs25XrFQ8DpUy-bNdp89TmvAXwctUMiJdgHloJw23Cv03gIUAkDnsTqZmkpbIf-crpgNKFmQP_EDKoe8p_PXZZgfbRri3NoEVGP7Mk6yEu8LjJhClhZaBNjuWw2-KlBfOA3g79mhfBnkInee5KO9mGR50qPk1V-MorUYNTFMZIm0kFE6eYVWFBwJHLKYhHU34DoiK1VP-svZpC2uAMFNA_UJEwM9CQ2b8qe4-5e9aywMvwcuArRkAB5mBIfOaOJao3mfukKAE
	D string `json:"d,omitempty" yaml:"d,omitempty"`

	// dp
	// Example: G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0
	Dp string `json:"dp,omitempty" yaml:"dp,omitempty"`

	// dq
	// Example: s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk
	Dq string `json:"dq,omitempty" yaml:"dq,omitempty"`

	// e
	// Example: AQAB
	E string `json:"e,omitempty" yaml:"e,omitempty"`

	// k
	// Example: GawgguFyGrWKav7AX4VKUg
	K string `json:"k,omitempty" yaml:"k,omitempty"`

	// The "kid" (key ID) parameter is used to match a specific key.  This
	// is used, for instance, to choose among a set of keys within a JWK Set
	// during key rollover.  The structure of the "kid" value is
	// unspecified.  When "kid" values are used within a JWK Set, different
	// keys within the JWK Set SHOULD use distinct "kid" values.  (One
	// example in which different keys might use the same "kid" value is if
	// they have different "kty" (key type) values but are considered to be
	// equivalent alternatives by the application using them.)  The "kid"
	// value is a case-sensitive string.
	// Example: 1603dfe0af8f4596
	Kid string `json:"kid,omitempty" yaml:"kid,omitempty"`

	// The "kty" (key type) parameter identifies the cryptographic algorithm
	// family used with the key, such as "RSA" or "EC". "kty" values should
	// either be registered in the IANA "JSON Web Key Types" registry
	// established by [JWA] or be a value that contains a Collision-
	// Resistant Name.  The "kty" value is a case-sensitive string.
	// Example: RSA
	// Required: true
	Kty string `json:"kty" yaml:"kty"`

	// n
	// Example: vTqrxUyQPl_20aqf5kXHwDZrel-KovIp8s7ewJod2EXHl8tWlRB3_Rem34KwBfqlKQGp1nqah-51H4Jzruqe0cFP58hPEIt6WqrvnmJCXxnNuIB53iX_uUUXXHDHBeaPCSRoNJzNysjoJ30TIUsKBiirhBa7f235PXbKiHducLevV6PcKxJ5cY8zO286qJLBWSPm-OIevwqsIsSIH44Qtm9sioFikhkbLwoqwWORGAY0nl6XvVOlhADdLjBSqSAeT1FPuCDCnXwzCDR8N9IFB_IjdStFkC-rVt2K5BYfPd0c3yFp_vHR15eRd0zJ8XQ7woBC8Vnsac6Et1pKS59pX6256DPWu8UDdEOolKAPgcd_g2NpA76cAaF_jcT80j9KrEzw8Tv0nJBGesuCjPNjGs_KzdkWTUXt23Hn9QJsdc1MZuaW0iqXBepHYfYoqNelzVte117t4BwVp0kUM6we0IqyXClaZgOI8S-WDBw2_Ovdm8e5NmhYAblEVoygcX8Y46oH6bKiaCQfKCFDMcRgChme7AoE1yZZYsPbaG_3IjPrC4LBMHQw8rM9dWjJ8ImjicvZ1pAm0dx-KHCP3y5PVKrxBDf1zSOsBRkOSjB8TPODnJMz6-jd5hTtZxpZPwPoIdCanTZ3ZD6uRBpTmDwtpRGm63UQs1m5FWPwb0T2IF0
	N string `json:"n,omitempty" yaml:"n,omitempty"`

	// p
	// Example: 6NbkXwDWUhi-eR55Cgbf27FkQDDWIamOaDr0rj1q0f1fFEz1W5A_09YvG09Fiv1AO2-D8Rl8gS1Vkz2i0zCSqnyy8A025XOcRviOMK7nIxE4OH_PEsko8dtIrb3TmE2hUXvCkmzw9EsTF1LQBOGC6iusLTXepIC1x9ukCKFZQvdgtEObQ5kzd9Nhq-cdqmSeMVLoxPLd1blviVT9Vm8-y12CtYpeJHOaIDtVPLlBhJiBoPKWg3vxSm4XxIliNOefqegIlsmTIa3MpS6WWlCK3yHhat0Q-rRxDxdyiVdG_wzJvp0Iw_2wms7pe-PgNPYvUWH9JphWP5K38YqEBiJFXQ
	P string `json:"p,omitempty" yaml:"p,omitempty"`

	// q
	// Example: 0A1FmpOWR91_RAWpqreWSavNaZb9nXeKiBo0DQGBz32DbqKqQ8S4aBJmbRhJcctjCLjain-ivut477tAUMmzJwVJDDq2MZFwC9Q-4VYZmFU4HJityQuSzHYe64RjN-E_NQ02TWhG3QGW6roq6c57c99rrUsETwJJiwS8M5p15Miuz53DaOjv-uqqFAFfywN5WkxHbraBcjHtMiQuyQbQqkCFh-oanHkwYNeytsNhTu2mQmwR5DR2roZ2nPiFjC6nsdk-A7E3S3wMzYYFw7jvbWWoYWo9vB40_MY2Y0FYQSqcDzcBIcq_0tnnasf3VW4Fdx6m80RzOb2Fsnln7vKXAQ
	Q string `json:"q,omitempty" yaml:"q,omitempty"`

	// qi
	// Example: GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU
	Qi string `json:"qi,omitempty" yaml:"qi,omitempty"`

	// Use ("public key use") identifies the intended use of
	// the public key. The "use" parameter is employed to indicate whether
	// a public key is used for encrypting data or verifying the signature
	// on data. Values are commonly "sig" (signature) or "enc" (encryption).
	// Example: sig
	Use string `json:"use,omitempty" yaml:"use,omitempty"`

	// x
	// Example: f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU
	X string `json:"x,omitempty" yaml:"x,omitempty"`

	// The "x5c" (X.509 certificate chain) parameter contains a chain of one
	// or more PKIX certificates [RFC5280].  The certificate chain is
	// represented as a JSON array of certificate value strings.  Each
	// string in the array is a base64-encoded (Section 4 of [RFC4648] --
	// not base64url-encoded) DER [ITU.X690.1994] PKIX certificate value.
	// The PKIX certificate containing the key value MUST be the first
	// certificate.
	X5c []string `json:"x5c" yaml:"x5c"`

	// x5t
	// Example: GawgguFyGrWKav7AX4VKUg
	X5t string `json:"x5t,omitempty" yaml:"x5t,omitempty"`

	// x5t s256
	// Example: GawgguFyGrWKav7AX4VKUg
	X5tS256 string `json:"x5t#S256,omitempty" yaml:"x5t#S256,omitempty"`

	// y
	// Example: x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0
	Y string `json:"y,omitempty" yaml:"y,omitempty"`
}

type ClientJWKs struct {

	// keys
	// Example: []
	Keys []*ClientJWK `json:"keys" yaml:"keys"`
}

type ClientPrivacy struct {

	// optional privacy information mapping for scopes
	Scopes map[string]ScopePrivacyInformation `json:"scopes,omitempty" yaml:"scopes,omitempty"`
}

type ClientTokenExchangeConfiguration struct {

	// Additional actor token claims
	//
	// Claims from the actor token that will be injected into the exchanged token under the `act` claim.
	//
	// Applies for the token exchange delegation flow only.
	ActorClaims []string `json:"actor_claims" yaml:"actor_claims"`
}

type Confirmation struct {

	// jkt
	Jkt string `json:"jkt,omitempty" yaml:"jkt,omitempty"`

	// x5t s256
	X5tS256 string `json:"x5t#S256,omitempty" yaml:"x5t#S256,omitempty"`
}

type ConsentAccepted struct {

	// A URL to redirect the user.
	// It applies for the redirect flow only, i.e the consent page.
	// Example: https://authorization.cloudentity.com:8443/tenant/server/oauth2/authorize?client_id=bugkgm23g9kregtu051g\u0026consent_verified=true\u0026login_id=cavai7d8s9nelp7k792g\u0026login_state=cauq8fonbud6q8806bf0
	RedirectTo string `json:"redirect_to,omitempty" yaml:"redirect_to,omitempty"`
}

type ConsentRejected struct {

	// A URL to redirect the user.
	// It applies for the redirect flow only, i.e the consent page.
	// Example: https://authorization.cloudentity.com:8443/tenant/server/oauth2/authorize?client_id=bugkgm23g9kregtu051g\u0026consent_verified=true\u0026login_id=cavai7d8s9nelp7k792g\u0026login_state=cauq8fonbud6q8806bf0
	RedirectTo string `json:"redirect_to,omitempty" yaml:"redirect_to,omitempty"`
}

type ConsentRevocationByCLientID struct {

	// revocation details
	RevocationDetails *FDXConsentRevocation `json:"RevocationDetails,omitempty" yaml:"RevocationDetails,omitempty"`

	// Client ID
	ClientID string `json:"client_id,omitempty" yaml:"client_id,omitempty"`
}

type ConsentStatus string

type ConsentType string

type ConsentsRemovedResponse struct {

	// number of consents removed
	NumberOfConsentsRemoved int64 `json:"number_of_consents_removed,omitempty" yaml:"number_of_consents_removed,omitempty"`
}

type DurationType string

type Error struct {

	// details
	Details interface{} `json:"details,omitempty" yaml:"details,omitempty"`

	// error
	Error string `json:"error,omitempty" yaml:"error,omitempty"`

	// status code
	StatusCode int64 `json:"status_code,omitempty" yaml:"status_code,omitempty"`
}

type FDXClientStatus string

type FDXConsent struct {

	// authorization server id
	AuthorizationServerID string `json:"authorization_server_id,omitempty" yaml:"authorization_server_id,omitempty"`

	// client id
	ClientID string `json:"client_id,omitempty" yaml:"client_id,omitempty"`

	// Time of consent creation
	// Format: date-time
	CreatedTime strfmt.DateTime `json:"createdTime,omitempty" yaml:"createdTime,omitempty"`

	// Consent duration, in days, from day of original grant.
	DurationPeriod int64 `json:"durationPeriod,omitempty" yaml:"durationPeriod,omitempty"`

	// duration type
	DurationType DurationType `json:"durationType,omitempty" yaml:"durationType,omitempty"`

	// Time of consent expiration
	// Format: date-time
	ExpirationTime strfmt.DateTime `json:"expirationTime,omitempty" yaml:"expirationTime,omitempty"`

	// Enumeration of the Clusters of granted data elements permissioned by this Consent Grant.
	// Data Clusters are described in FDX RFC 0167.
	GrantedResources []*FDXGrantedResource `json:"granted_resources" yaml:"granted_resources"`

	// id
	ID FDXConsentID `json:"id,omitempty" yaml:"id,omitempty"`

	// Period, in days, for which historical data may be requested; period is measured from request time, not grant time
	LookbackPeriod int64 `json:"lookbackPeriod,omitempty" yaml:"lookbackPeriod,omitempty"`

	// A collection of parameters identifying the Parties (including the legal entity operating branded products or services)
	// in the data sharing chain. Descriptive information is collected during Data Recipient registration at Data Provider,
	// and populated during issuance by DataProvider from its registry;
	Parties []*FDXConsentGrantParty `json:"parties" yaml:"parties"`

	// Enumeration of the Clusters of requested data elements permissioned by this Consent Grant.
	// Data Clusters are described in FDX RFC 0167.
	Resources []*FDXRequestedResource `json:"resources" yaml:"resources"`

	// revocation reason
	RevocationReason *FDXConsentRevocation `json:"revocationReason,omitempty" yaml:"revocationReason,omitempty"`

	// status
	Status ConsentStatus `json:"status,omitempty" yaml:"status,omitempty"`

	// tenant id
	TenantID string `json:"tenant_id,omitempty" yaml:"tenant_id,omitempty"`

	// Time of last consent's status change
	// Format: date-time
	UpdatedTime strfmt.DateTime `json:"updatedTime,omitempty" yaml:"updatedTime,omitempty"`
}

type FDXConsentGrantParty struct {

	// URL for party, where an end user could learn more about the company or application involved in the data sharing chain
	HomeURI string `json:"homeUri,omitempty" yaml:"homeUri,omitempty"`

	// URL for a logo asset to be displayed to the end user
	LogoURI string `json:"logoUri,omitempty" yaml:"logoUri,omitempty"`

	// Common name for party, as it should be displayed to the end user
	Name string `json:"name,omitempty" yaml:"name,omitempty"`

	// Registered id of party
	RegisteredEntityIdentifier string `json:"registeredEntityIdentifier,omitempty" yaml:"registeredEntityIdentifier,omitempty"`

	// Registered name of party
	RegisteredEntityName string `json:"registeredEntityName,omitempty" yaml:"registeredEntityName,omitempty"`

	// The registry with the party's registered name and id
	RegistryName string `json:"registryName,omitempty" yaml:"registryName,omitempty"`
}

type FDXConsentGrantStatus string

type FDXConsentID string

type FDXConsentRevocation struct {

	// Revocation initiator
	// Example: \"INDIVIDUAL\
	// Enum: [DATA_ACCESS_PLATFORM DATA_PROVIDER DATA_RECIPIENT INDIVIDUAL MERCHANT VENDOR]
	Initiator string `json:"initiator,omitempty" yaml:"initiator,omitempty"`

	// Revocation reason
	// Example: \"USER_ACTION\
	// Enum: [BUSINESS_RULE USER_ACTION]
	Reason string `json:"reason,omitempty" yaml:"reason,omitempty"`
}

type FDXConsents struct {

	// consents
	Consents []*FDXConsent `json:"consents" yaml:"consents"`
}

type FDXConsentsRequest struct {

	// A consent identifier.
	//
	// Use it to navigate through the request pagination when the number of consents is greater than
	// the `limit` set for results in the response.
	//
	// With `after_consent_id`, the list you obtain starts from the subsequent consent after the specified one. Also,
	// the response depends on the `sort` and `order` parameters, if any are passed.
	AfterConsentID string `json:"after_consent_id,omitempty" yaml:"after_consent_id,omitempty"`

	// A consent identifier.
	//
	// Use it to navigate through the request pagination when the number of consents is greater than
	// the limit set for results in the response.
	//
	// With `before_consent_id`, the list you obtain comprises consents up to the specified one. The specified consent
	// isn't included. Also, the response depends on the `sort` and `order` parameters, if any are passed.
	BeforeConsentID string `json:"before_consent_id,omitempty" yaml:"before_consent_id,omitempty"`

	// A client identifier.
	ClientID string `json:"client_id,omitempty" yaml:"client_id,omitempty"`

	// Limit the number of results returned in the response.
	// Maximum: 100
	// Minimum: 1
	Limit int64 `json:"limit,omitempty" yaml:"limit,omitempty"`

	// Input: `acs` or `desc`.
	//
	// Set the order of results returned in the response.
	Order string `json:"order,omitempty" yaml:"order,omitempty"`

	// resource
	Resource *Resource `json:"resource,omitempty" yaml:"resource,omitempty"`

	// Sort results returned in the response.
	Sort string `json:"sort,omitempty" yaml:"sort,omitempty"`

	// List of the consent statuses.
	Status []string `json:"status" yaml:"status"`

	// Consent types.
	//
	// in:query
	Types []string `json:"types" yaml:"types"`
}

type FDXDynamicClientRegistrationRequest struct {

	// The client application type.
	//
	// Client applications can be either of a `web` or `native` types.
	//
	// Web applications include clients like server web applications or service apps.
	//
	// Native applications include single-page applications (SPAs) and mobile or desktop
	// applications.
	//
	// Apply security measures according to the type of your application.
	// Example: web
	ApplicationType string `json:"application_type,omitempty" yaml:"application_type,omitempty"`

	// An array of dynamically calculated application types that can be used for filtering
	// Example: ["single_page","server_web","mobile_desktop","service","legacy","dcr"]
	// Read Only: true
	ApplicationTypes []string `json:"application_types" yaml:"application_types"`

	// Identity of the intended recipients (the audience).
	//
	// Typically, the audience is a single resource server or a list of resource servers.
	//
	// It is considered a good practice to limit the audience of the token for security purposes.
	Audience []string `json:"audience" yaml:"audience"`

	// Authorization details types
	//
	// Indicates what authorization details types the client can use.
	AuthorizationDetailsTypes []AuthorizationDetailType `json:"authorization_details_types" yaml:"authorization_details_types"`

	// Algorithm used for encrypting authorization responses.
	//
	// If both signing and encryption are requested, the response is first signed, and then encrypted.
	// As a result, a Nested JWT is obtained, as defined in JWT [RFC7519].
	//
	// If omitted, no encryption is applied by default.
	// Example: RSA-OAEP-256
	// Enum: [RSA-OAEP RSA-OAEP-256]
	AuthorizationEncryptedResponseAlg string `json:"authorization_encrypted_response_alg,omitempty" yaml:"authorization_encrypted_response_alg,omitempty"`

	// Algorithm used for encrypting authorization responses.
	//
	// With `authorization_encrypted_response_alg` specified, the default value is `A128CBC-HS256`.
	// When `authorization_encrypted_response_enc` is included, `authorization_encrypted_response_alg`
	// MUST also be provided in a request.
	// Example: A128CBC-HS256
	// Enum: [A256GCM A128CBC-HS256]
	AuthorizationEncryptedResponseEnc string `json:"authorization_encrypted_response_enc,omitempty" yaml:"authorization_encrypted_response_enc,omitempty"`

	// Algorithm used for signing authorization responses.
	//
	// With this parameter specified, the response is signed using JWS and according to the configured algorithm.
	//
	// `none` isn't allowed.
	// Example: RS256
	AuthorizationSignedResponseAlg string `json:"authorization_signed_response_alg,omitempty" yaml:"authorization_signed_response_alg,omitempty"`

	// OPTIONAL. The JWS alg algorithm value used by the client application to sign authentication requests.
	//
	// When omitted, the client application doesn't send signed authentication requests.
	BackchannelAuthenticationRequestSigningAlg string `` /* 127-byte string literal not displayed */

	// REQUIRED for requests when the client application uses CIBA as an authorization grant type, and the token
	// delivery mode is set to `ping` or `push`.
	//
	// This parameter is the endpoint where an OP (OpenID Provider) posts a notification after end-user authentication.
	//
	// Input: an HTTPS URL.
	BackchannelClientNotificationEndpoint string `json:"backchannel_client_notification_endpoint,omitempty" yaml:"backchannel_client_notification_endpoint,omitempty"`

	// REQUIRED for requests when the client application uses CIBA as an authorization grant type.
	//
	// Input: `poll`, `ping`, or `push`.
	BackchannelTokenDeliveryMode string `json:"backchannel_token_delivery_mode,omitempty" yaml:"backchannel_token_delivery_mode,omitempty"`

	// OPTIONAL. A boolean value indicating the `user_code` parameter support by the client application.
	//
	// If omitted, the default value is `false`.
	//
	// This applies only when the `backchannel_user_code_parameter_supported` OP parameter is `true`.
	BackchannelUserCodeParameter bool `json:"backchannel_user_code_parameter,omitempty" yaml:"backchannel_user_code_parameter,omitempty"`

	// The client identifier time of issue.
	//
	// The value is the number of seconds between 1970-01-01T00:00:00Z (UTC) and the date/time of issue.
	ClientIDIssuedAt int64 `json:"client_id_issued_at,omitempty" yaml:"client_id_issued_at,omitempty"`

	// Human-readable name of a client application.
	// Example: My app
	ClientName string `json:"client_name,omitempty" yaml:"client_name,omitempty"`

	// The client secret expiration time.
	//
	// If the client secret does not expire, `client_secret_expires_at` = `0`.
	ClientSecretExpiresAt int64 `json:"client_secret_expires_at,omitempty" yaml:"client_secret_expires_at,omitempty"`

	// URI of a client application.
	ClientURI string `json:"client_uri,omitempty" yaml:"client_uri,omitempty"`

	// Contact information of individuals responsible for the Data Recipient application
	Contacts []string `json:"contacts" yaml:"contacts"`

	// Date when the client application was created.
	// Example: 2022-04-07T19:17:31.323187Z
	// Format: date-time
	CreatedAt strfmt.DateTime `json:"created_at,omitempty" yaml:"created_at,omitempty"`

	// Description of the client application.
	Description string `json:"description,omitempty" yaml:"description,omitempty"`

	// Boolean value specifying whether the client always uses DPoP for token requests
	// If true, the authorization server will reject token requests from this client that do not contain the DPoP header.
	DpopBoundAccessTokens bool `json:"dpop_bound_access_tokens,omitempty" yaml:"dpop_bound_access_tokens,omitempty"`

	// The time window the end-user grants the consent for. Used when `duration_type`=`TIME_BOUND`.
	// If 0 or no value is provided, default value is applied.
	// Minimum: 1
	DurationPeriod int64 `json:"duration_period,omitempty" yaml:"duration_period,omitempty"`

	// The rule of consent granting by the end-user to indicate whether they must take action
	// to revoke access or the consent will be revoked automatically.
	//
	// One of: `ONE_TIME`, `PERSISTENT`, `TIME_BOUND`
	// Example: ONE_TIME
	DurationType []DurationType `json:"duration_type" yaml:"duration_type"`

	// An array of allowed OAuth client grant types.
	//
	// The `grantTypes` array stores OAuth flows that are allowed for a given client application.
	//
	// [Read more](https://cloudentity.com/developers/basics/oauth-grant-types/grant-types-overview/) about grant types.
	// Example: ["password","refresh_token","client_credentials","implicit","authorization_code"]
	GrantTypes []string `json:"grant_types" yaml:"grant_types"`

	// JWE alg algorithm for encrypting the ID token issued to this client application.
	// Enum: [RSA-OAEP RSA-OAEP-256]
	IDTokenEncryptedResponseAlg string `json:"id_token_encrypted_response_alg,omitempty" yaml:"id_token_encrypted_response_alg,omitempty"`

	// JWE enc algorithm for encrypting the ID token issued to this client application.
	// Enum: [A256GCM A128CBC-HS256]
	IDTokenEncryptedResponseEnc string `json:"id_token_encrypted_response_enc,omitempty" yaml:"id_token_encrypted_response_enc,omitempty"`

	// Algorithm for signing ID tokens issued for a client application.
	//
	// The default value depends on authorization server configuration.
	// Example: ES256
	// Enum: [RS256 ES256 PS256]
	IDTokenSignedResponseAlg string `json:"id_token_signed_response_alg,omitempty" yaml:"id_token_signed_response_alg,omitempty"`

	// An array of the intermediaries for this Data Recipient.
	Intermediaries []*Intermediary `json:"intermediaries" yaml:"intermediaries"`

	// An introspection endpoint authentication method configured for the client application (read-only).
	//
	// If empty, the `token_endpoint_auth_method` is used.
	//
	// Cloudentity supports the following client authentication methods:
	// `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`,
	// `self_signed_tls_client_auth`, `tls_client_auth`, `none`.
	//
	// [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication.
	// Example: client_secret_basic
	// Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none]
	IntrospectionEndpointAuthMethod string `json:"introspection_endpoint_auth_method,omitempty" yaml:"introspection_endpoint_auth_method,omitempty"`

	// jwks
	Jwks *ClientJWKs `json:"jwks,omitempty" yaml:"jwks,omitempty"`

	// A URL of JSON Web Key Set with the public keys used by a client application to authenticate to Cloudentity.
	JwksURI string `json:"jwks_uri,omitempty" yaml:"jwks_uri,omitempty"`

	// Logo URI.
	LogoURI string `json:"logo_uri,omitempty" yaml:"logo_uri,omitempty"`

	// The maximum number of days allowed for Data Recipient consumers to obtain in transaction history, effective from
	// the current date.
	// If 0 or no value is provided, default value is applied.
	// Minimum: 1
	LookbackPeriod int64 `json:"lookback_period,omitempty" yaml:"lookback_period,omitempty"`

	// External organization identifier. It is a unique string assigned by the CDR Register to identify an Accredited
	// Data Recipient Brand.
	//
	// The value obtained is used as the `aud` claim for message signing, for example, when a JSON Web Token (JWT) is
	// required for authorization, and represents the audience(s) the JWT is intended for.
	// Example: 5647fe90-f6bc-11eb-9a03-0242ac130003
	OrganisationID string `json:"organisation_id,omitempty" yaml:"organisation_id,omitempty"`

	// Policy URL to read about how the profile data is used.
	PolicyURI string `json:"policy_uri,omitempty" yaml:"policy_uri,omitempty"`

	// Array of URLs to which a relying party may request that the user be redirected after a logout has been performed.
	PostLogoutRedirectUris []string `json:"post_logout_redirect_uris" yaml:"post_logout_redirect_uris"`

	// privacy
	Privacy *ClientPrivacy `json:"privacy,omitempty" yaml:"privacy,omitempty"`

	// redirect uris
	RedirectUris RedirectURIs `json:"redirect_uris,omitempty" yaml:"redirect_uris,omitempty"`

	// The list of external registries where the Data Recipient is registered. It comprises the following details:
	// name, identifier, and the `registry` string with any additional info.
	RegistryReferences []*RegistryReference `json:"registry_references" yaml:"registry_references"`

	// Optional JWE alg algorithm the client is declaring that it may use for encrypting Request Objects
	// Example: RSA-OAEP
	// Enum: [RSA-OAEP RSA-OAEP-256]
	RequestObjectEncryptionAlg string `json:"request_object_encryption_alg,omitempty" yaml:"request_object_encryption_alg,omitempty"`

	// Optional JWE enc algorithm the client is declaring that it may use for encrypting Request Objects
	// When `request_object_encryption_enc` is included, `request_object_encryption_alg` MUST also be provided.
	// Example: A256GCM
	// Enum: [A256GCM A128CBC-HS256]
	RequestObjectEncryptionEnc string `json:"request_object_encryption_enc,omitempty" yaml:"request_object_encryption_enc,omitempty"`

	// Request object signing algorithm for the token endpoint
	//
	// Cloudentity supports signing tokens with the RS256, ES256, and PS256 algorithms. If you do not want
	// to use a signing algorithm, set the value of this parameter to `none`.
	// Example: none
	// Enum: [any none RS256 ES256 PS256]
	RequestObjectSigningAlg string `json:"request_object_signing_alg,omitempty" yaml:"request_object_signing_alg,omitempty"`

	// Array of absolute URIs that points to the Request Object that holds authorization request parameters.
	RequestUris []string `json:"request_uris" yaml:"request_uris"`

	// Boolean parameter indicating whether the only means of initiating an authorization request the client is allowed to use is PAR.
	RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests,omitempty" yaml:"require_pushed_authorization_requests,omitempty"`

	// response types
	ResponseTypes ResponseTypes `json:"response_types,omitempty" yaml:"response_types,omitempty"`

	// A revocation endpoint authentication method configured for the client application (read-only).
	// If empty, the `token_endpoint_auth_method` is used.
	//
	// Cloudentity supports the following client authentication methods:
	// `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`,
	// `self_signed_tls_client_auth`, `tls_client_auth`, `none`.
	//
	// [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication.
	// Example: client_secret_basic
	// Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none]
	RevocationEndpointAuthMethod string `json:"revocation_endpoint_auth_method,omitempty" yaml:"revocation_endpoint_auth_method,omitempty"`

	// Space-separated list of scopes for compatibility with the OAuth specification.
	// Example: email offline_access openid
	Scope string `json:"scope,omitempty" yaml:"scope,omitempty"`

	// An array of string represented scopes assigned to a client application
	// Example: ["email","offline_access","openid"]
	Scopes []string `json:"scopes" yaml:"scopes"`

	// OPTIONAL. [A URL using the HTTPS scheme](https://openid.net/specs/openid-connect-registration-1_0.html#SectorIdentifierValidation).
	// It must reference a JSON file with the array of `redirect_uri` values.
	//
	// Pass this parameter when you use multiple domains in your `redirect_uris` or need a mechanism to allow changes in
	// domain without affecting consumer consent.
	//
	// [Read more](https://openid.net/specs/openid-connect-core-1_0.html)
	SectorIdentifierURI string `json:"sector_identifier_uri,omitempty" yaml:"sector_identifier_uri,omitempty"`

	// Subject identifier type
	//
	// Stores information if the subject identifier is of the `public` or the `pairwise` type.
	//
	// Subject identifiers identify an end-user. They are locally unique and never reassigned within the Issuer,
	// and are intended to be consumed by client applications. There are two types
	// of subject identifiers: `public` and `pairwise`.
	//
	// For the `public` type, the value of the `sub` (subject) token claim is the same for all clients.
	//
	// For the `pairwise` type, a different `sub` (subject) token claim is provided for each client.
	// Using the `pairwise` subject identifier makes it impossible for client applications to correlate the end-user's
	// activity without their permission.
	// Example: public
	// Enum: [public pairwise]
	SubjectType string `json:"subject_type,omitempty" yaml:"subject_type,omitempty"`

	// A string containing the value of an expected dNSName SAN entry in the certificate.
	TLSClientAuthSanDNS string `json:"tls_client_auth_san_dns,omitempty" yaml:"tls_client_auth_san_dns,omitempty"`

	// A string containing the value of an expected rfc822Name SAN entry in the certificate.
	TLSClientAuthSanEmail string `json:"tls_client_auth_san_email,omitempty" yaml:"tls_client_auth_san_email,omitempty"`

	// A string representation of an IP address in either dotted decimal notation (for IPv4) or colon-delimited hexadecimal (for IPv6, as defined in [RFC5952]) that is expected to be present as an iPAddress SAN entry in the certificate.
	TLSClientAuthSanIP string `json:"tls_client_auth_san_ip,omitempty" yaml:"tls_client_auth_san_ip,omitempty"`

	// A string containing the value of an expected uniformResourceIdentifier SAN entry in the certificate.
	TLSClientAuthSanURI string `json:"tls_client_auth_san_uri,omitempty" yaml:"tls_client_auth_san_uri,omitempty"`

	// An [RFC4514] string representation of the expected subject distinguished name of the certificate.
	TLSClientAuthSubjectDn string `json:"tls_client_auth_subject_dn,omitempty" yaml:"tls_client_auth_subject_dn,omitempty"`

	// Boolean value indicating server support for mutual TLS client certificate-bound access tokens. If omitted, the default value is "false".
	TLSClientCertificateBoundAccessTokens bool `json:"tls_client_certificate_bound_access_tokens,omitempty" yaml:"tls_client_certificate_bound_access_tokens,omitempty"`

	// Token endpoint authentication method configured for a client application
	//
	// Cloudentity supports the following client authentication methods:
	// `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`,
	// `self_signed_tls_client_auth`, `tls_client_auth`, `none`.
	//
	// To learn more, go to the Authorization Basics > Client Authentication section of this guide.
	// Example: client_secret_basic
	// Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none]
	TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty" yaml:"token_endpoint_auth_method,omitempty"`

	// Signing algorithm for the token endpoint
	//
	// This field is optional. If empty, a client can use any algorithm supported by the server (see `token_endpoint_auth_signing_alg_values_supported` in the well-known endpoing).
	//
	// If provided, depending on the server configuration, client can use of one: HS256, RS256, ES256, PS256 algorithms.
	//
	// If your token endpoint authentication is set to the `private_key_jwt` method, the
	// `token_endpoint_auth_signing_alg` parameter must be either RS256, ES256, or PS256.
	//
	// If your token endpoint authentication is set to the `client_secret_jwt` method,
	// the `token_endpoint_auth_signing_alg` parameter must be HS256.
	// Example: ES256
	// Enum: [RS256 ES256 PS256 HS256 ]
	TokenEndpointAuthSigningAlg string `json:"token_endpoint_auth_signing_alg,omitempty" yaml:"token_endpoint_auth_signing_alg,omitempty"`

	// token exchange
	TokenExchange *ClientTokenExchangeConfiguration `json:"token_exchange,omitempty" yaml:"token_exchange,omitempty"`

	// Terms of Service URL.
	TosURI string `json:"tos_uri,omitempty" yaml:"tos_uri,omitempty"`

	// Date when the client application was updated.
	// Example: 2022-05-08T01:11:51.1262916Z
	// Format: date-time
	UpdatedAt strfmt.DateTime `json:"updated_at,omitempty" yaml:"updated_at,omitempty"`

	// JWS alg algorithm REQUIRED for signing UserInfo Responses.
	//
	// If specified, the response is a JWT serialized and signed with JWS.
	//
	// If omitted, then by default, UserInfo Response returns the Claims
	// as an UTF-8 encoded JSON object using the application/json content-type.
	// Example: none
	// Enum: [none RS256 ES256]
	UserinfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty" yaml:"userinfo_signed_response_alg,omitempty"`
}

type FDXDynamicClientRegistrationResponse struct {

	// The client application type.
	//
	// Client applications can be either of a `web` or `native` types.
	//
	// Web applications include clients like server web applications or service apps.
	//
	// Native applications include single-page applications (SPAs) and mobile or desktop
	// applications.
	//
	// Apply security measures according to the type of your application.
	// Example: web
	ApplicationType string `json:"application_type,omitempty" yaml:"application_type,omitempty"`

	// An array of dynamically calculated application types that can be used for filtering
	// Example: ["single_page","server_web","mobile_desktop","service","legacy","dcr"]
	// Read Only: true
	ApplicationTypes []string `json:"application_types" yaml:"application_types"`

	// Identity of the intended recipients (the audience).
	//
	// Typically, the audience is a single resource server or a list of resource servers.
	//
	// It is considered a good practice to limit the audience of the token for security purposes.
	Audience []string `json:"audience" yaml:"audience"`

	// Authorization details types
	//
	// Indicates what authorization details types the client can use.
	AuthorizationDetailsTypes []AuthorizationDetailType `json:"authorization_details_types" yaml:"authorization_details_types"`

	// Algorithm used for encrypting authorization responses.
	//
	// If both signing and encryption are requested, the response is first signed, and then encrypted.
	// As a result, a Nested JWT is obtained, as defined in JWT [RFC7519].
	//
	// If omitted, no encryption is applied by default.
	// Example: RSA-OAEP-256
	// Enum: [RSA-OAEP RSA-OAEP-256]
	AuthorizationEncryptedResponseAlg string `json:"authorization_encrypted_response_alg,omitempty" yaml:"authorization_encrypted_response_alg,omitempty"`

	// Algorithm used for encrypting authorization responses.
	//
	// With `authorization_encrypted_response_alg` specified, the default value is `A128CBC-HS256`.
	// When `authorization_encrypted_response_enc` is included, `authorization_encrypted_response_alg`
	// MUST also be provided in a request.
	// Example: A128CBC-HS256
	// Enum: [A256GCM A128CBC-HS256]
	AuthorizationEncryptedResponseEnc string `json:"authorization_encrypted_response_enc,omitempty" yaml:"authorization_encrypted_response_enc,omitempty"`

	// Algorithm used for signing authorization responses.
	//
	// With this parameter specified, the response is signed using JWS and according to the configured algorithm.
	//
	// `none` isn't allowed.
	// Example: RS256
	AuthorizationSignedResponseAlg string `json:"authorization_signed_response_alg,omitempty" yaml:"authorization_signed_response_alg,omitempty"`

	// OPTIONAL. The JWS alg algorithm value used by the client application to sign authentication requests.
	//
	// When omitted, the client application doesn't send signed authentication requests.
	BackchannelAuthenticationRequestSigningAlg string `` /* 127-byte string literal not displayed */

	// REQUIRED for requests when the client application uses CIBA as an authorization grant type, and the token
	// delivery mode is set to `ping` or `push`.
	//
	// This parameter is the endpoint where an OP (OpenID Provider) posts a notification after end-user authentication.
	//
	// Input: an HTTPS URL.
	BackchannelClientNotificationEndpoint string `json:"backchannel_client_notification_endpoint,omitempty" yaml:"backchannel_client_notification_endpoint,omitempty"`

	// REQUIRED for requests when the client application uses CIBA as an authorization grant type.
	//
	// Input: `poll`, `ping`, or `push`.
	BackchannelTokenDeliveryMode string `json:"backchannel_token_delivery_mode,omitempty" yaml:"backchannel_token_delivery_mode,omitempty"`

	// OPTIONAL. A boolean value indicating the `user_code` parameter support by the client application.
	//
	// If omitted, the default value is `false`.
	//
	// This applies only when the `backchannel_user_code_parameter_supported` OP parameter is `true`.
	BackchannelUserCodeParameter bool `json:"backchannel_user_code_parameter,omitempty" yaml:"backchannel_user_code_parameter,omitempty"`

	// OAuth client application identifier
	//
	// If not provided, a random client ID is generated.
	ClientID string `json:"client_id,omitempty" yaml:"client_id,omitempty"`

	// The client identifier time of issue.
	//
	// The value is the number of seconds between 1970-01-01T00:00:00Z (UTC) and the date/time of issue.
	ClientIDIssuedAt int64 `json:"client_id_issued_at,omitempty" yaml:"client_id_issued_at,omitempty"`

	// Human-readable name of a client application.
	// Example: My app
	ClientName string `json:"client_name,omitempty" yaml:"client_name,omitempty"`

	// OAuth client secret
	//
	// If not provided, a random client secret is generated.
	// Min Length: 32
	ClientSecret string `json:"client_secret,omitempty" yaml:"client_secret,omitempty"`

	// The client secret expiration time.
	//
	// If the client secret does not expire, `client_secret_expires_at` = `0`.
	ClientSecretExpiresAt int64 `json:"client_secret_expires_at,omitempty" yaml:"client_secret_expires_at,omitempty"`

	// Defines whether the client application is active or not.
	//
	// Only clients with the `Active` status can preform authorization, authentication, and PAR requests.
	// Enum: [active inactive]
	ClientStatus string `json:"client_status,omitempty" yaml:"client_status,omitempty"`

	// URI of a client application.
	ClientURI string `json:"client_uri,omitempty" yaml:"client_uri,omitempty"`

	// Contact information of individuals responsible for the Data Recipient application.
	Contacts []string `json:"contacts" yaml:"contacts"`

	// Date when the client application was created.
	// Example: 2022-04-07T19:17:31.323187Z
	// Format: date-time
	CreatedAt strfmt.DateTime `json:"created_at,omitempty" yaml:"created_at,omitempty"`

	// Description of the client application.
	Description string `json:"description,omitempty" yaml:"description,omitempty"`

	// Optional developer owner of the client application.
	DeveloperID string `json:"developer_id,omitempty" yaml:"developer_id,omitempty"`

	// Boolean value specifying whether the client always uses DPoP for token requests
	// If true, the authorization server will reject token requests from this client that do not contain the DPoP header.
	DpopBoundAccessTokens bool `json:"dpop_bound_access_tokens,omitempty" yaml:"dpop_bound_access_tokens,omitempty"`

	// The time window the end-user grants the consent for. Used when `duration_type`=`TIME_BOUND`.
	DurationPeriod int64 `json:"duration_period,omitempty" yaml:"duration_period,omitempty"`

	// The rule of consent granting by the end-user to indicate whether they must take action
	// to revoke access or the consent will be revoked automatically.
	//
	// One of: `ONE_TIME`, `PERSISTENT`, `TIME_BOUND`
	// Example: ONE_TIME
	DurationType []DurationType `json:"duration_type" yaml:"duration_type"`

	// An array of allowed OAuth client grant types.
	//
	// The `grantTypes` array stores OAuth flows that are allowed for a given client application.
	//
	// [Read more](https://cloudentity.com/developers/basics/oauth-grant-types/grant-types-overview/) about grant types.
	// Example: ["password","refresh_token","client_credentials","implicit","authorization_code"]
	GrantTypes []string `json:"grant_types" yaml:"grant_types"`

	// An array of hashed rotated client secrets
	HashedRotatedSecrets []string `json:"hashed_rotated_secrets" yaml:"hashed_rotated_secrets"`

	// Hashed client secret
	//
	// Hashing client secrets provides additional security for your secrets storage as it hides
	// plaintext secrets from being viewed both in the UI and the database.
	HashedSecret string `json:"hashed_secret,omitempty" yaml:"hashed_secret,omitempty"`

	// JWE alg algorithm for encrypting the ID token issued to this client application.
	// Enum: [RSA-OAEP RSA-OAEP-256]
	IDTokenEncryptedResponseAlg string `json:"id_token_encrypted_response_alg,omitempty" yaml:"id_token_encrypted_response_alg,omitempty"`

	// JWE enc algorithm for encrypting the ID token issued to this client application.
	// Enum: [A256GCM A128CBC-HS256]
	IDTokenEncryptedResponseEnc string `json:"id_token_encrypted_response_enc,omitempty" yaml:"id_token_encrypted_response_enc,omitempty"`

	// Algorithm for signing ID tokens issued for a client application.
	//
	// The default value depends on authorization server configuration.
	// Example: ES256
	// Enum: [RS256 ES256 PS256]
	IDTokenSignedResponseAlg string `json:"id_token_signed_response_alg,omitempty" yaml:"id_token_signed_response_alg,omitempty"`

	// An array of the intermediaries for this Data Recipient.
	Intermediaries []*Intermediary `json:"intermediaries" yaml:"intermediaries"`

	// An introspection endpoint authentication method configured for the client application (read-only).
	//
	// If empty, the `token_endpoint_auth_method` is used.
	//
	// Cloudentity supports the following client authentication methods:
	// `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`,
	// `self_signed_tls_client_auth`, `tls_client_auth`, `none`.
	//
	// [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication.
	// Example: client_secret_basic
	// Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none]
	IntrospectionEndpointAuthMethod string `json:"introspection_endpoint_auth_method,omitempty" yaml:"introspection_endpoint_auth_method,omitempty"`

	// jwks
	Jwks *ClientJWKs `json:"jwks,omitempty" yaml:"jwks,omitempty"`

	// A URL of JSON Web Key Set with the public keys used by a client application to authenticate to Cloudentity.
	JwksURI string `json:"jwks_uri,omitempty" yaml:"jwks_uri,omitempty"`

	// Logo URI.
	LogoURI string `json:"logo_uri,omitempty" yaml:"logo_uri,omitempty"`

	// The maximum number of days allowed for Data Recipient consumers to obtain in transaction history, effective from
	// the current date
	LookbackPeriod int64 `json:"lookback_period,omitempty" yaml:"lookback_period,omitempty"`

	// External organization identifier. It is a unique string assigned by the CDR Register to identify an Accredited
	// Data Recipient Brand.
	//
	// The value obtained is used as the `aud` claim for message signing, for example, when a JSON Web Token (JWT) is
	// required for authorization, and represents the audience(s) the JWT is intended for.
	// Example: 5647fe90-f6bc-11eb-9a03-0242ac130003
	OrganisationID string `json:"organisation_id,omitempty" yaml:"organisation_id,omitempty"`

	// Policy URL to read about how the profile data is used.
	PolicyURI string `json:"policy_uri,omitempty" yaml:"policy_uri,omitempty"`

	// Array of URLs to which a relying party may request that the user be redirected after a logout has been performed.
	PostLogoutRedirectUris []string `json:"post_logout_redirect_uris" yaml:"post_logout_redirect_uris"`

	// privacy
	Privacy *ClientPrivacy `json:"privacy,omitempty" yaml:"privacy,omitempty"`

	// redirect uris
	RedirectUris RedirectURIs `json:"redirect_uris,omitempty" yaml:"redirect_uris,omitempty"`

	// Fully qualified URI for subsequent DCR calls (GET, PUT, DELETE) for managing the Data Recipient registration
	RegistrationClientURI string `json:"registration_client_uri,omitempty" yaml:"registration_client_uri,omitempty"`

	// The list of external registries where the Data Recipient is registered. It comprises the following details:
	// name, identifier, and the `registry` string with any additional info.
	RegistryReferences []*RegistryReference `json:"registry_references" yaml:"registry_references"`

	// Optional JWE alg algorithm the client is declaring that it may use for encrypting Request Objects
	// Example: RSA-OAEP
	// Enum: [RSA-OAEP RSA-OAEP-256]
	RequestObjectEncryptionAlg string `json:"request_object_encryption_alg,omitempty" yaml:"request_object_encryption_alg,omitempty"`

	// Optional JWE enc algorithm the client is declaring that it may use for encrypting Request Objects
	// When `request_object_encryption_enc` is included, `request_object_encryption_alg` MUST also be provided.
	// Example: A256GCM
	// Enum: [A256GCM A128CBC-HS256]
	RequestObjectEncryptionEnc string `json:"request_object_encryption_enc,omitempty" yaml:"request_object_encryption_enc,omitempty"`

	// Request object signing algorithm for the token endpoint
	//
	// Cloudentity supports signing tokens with the RS256, ES256, and PS256 algorithms. If you do not want
	// to use a signing algorithm, set the value of this parameter to `none`.
	// Example: none
	// Enum: [any none RS256 ES256 PS256]
	RequestObjectSigningAlg string `json:"request_object_signing_alg,omitempty" yaml:"request_object_signing_alg,omitempty"`

	// Array of absolute URIs that points to the Request Object that holds authorization request parameters.
	RequestUris []string `json:"request_uris" yaml:"request_uris"`

	// Boolean parameter indicating whether the only means of initiating an authorization request the client is allowed to use is PAR.
	RequirePushedAuthorizationRequests bool `json:"require_pushed_authorization_requests,omitempty" yaml:"require_pushed_authorization_requests,omitempty"`

	// response types
	ResponseTypes ResponseTypes `json:"response_types,omitempty" yaml:"response_types,omitempty"`

	// A revocation endpoint authentication method configured for the client application (read-only).
	// If empty, the `token_endpoint_auth_method` is used.
	//
	// Cloudentity supports the following client authentication methods:
	// `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`,
	// `self_signed_tls_client_auth`, `tls_client_auth`, `none`.
	//
	// [Read more](https://cloudentity.com/developers/basics/oauth-client-authentication/client-authentication-overview/) about client authentication.
	// Example: client_secret_basic
	// Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none]
	RevocationEndpointAuthMethod string `json:"revocation_endpoint_auth_method,omitempty" yaml:"revocation_endpoint_auth_method,omitempty"`

	// An array of rotated OAuth client secrets
	RotatedSecrets []string `json:"rotated_secrets" yaml:"rotated_secrets"`

	// Space-separated list of scopes for compatibility with the OAuth specification.
	// Example: email offline_access openid
	Scope string `json:"scope,omitempty" yaml:"scope,omitempty"`

	// An array of string represented scopes assigned to a client application
	// Example: ["email","offline_access","openid"]
	Scopes []string `json:"scopes" yaml:"scopes"`

	// OPTIONAL. [A URL using the HTTPS scheme](https://openid.net/specs/openid-connect-registration-1_0.html#SectorIdentifierValidation).
	// It must reference a JSON file with the array of `redirect_uri` values.
	//
	// Pass this parameter when you use multiple domains in your `redirect_uris` or need a mechanism to allow changes in
	// domain without affecting consumer consent.
	//
	// [Read more](https://openid.net/specs/openid-connect-core-1_0.html)
	SectorIdentifierURI string `json:"sector_identifier_uri,omitempty" yaml:"sector_identifier_uri,omitempty"`

	// status
	Status FDXClientStatus `json:"status,omitempty" yaml:"status,omitempty"`

	// Subject identifier type
	//
	// Stores information if the subject identifier is of the `public` or the `pairwise` type.
	//
	// Subject identifiers identify an end-user. They are locally unique and never reassigned within the Issuer,
	// and are intended to be consumed by client applications. There are two types
	// of subject identifiers: `public` and `pairwise`.
	//
	// For the `public` type, the value of the `sub` (subject) token claim is the same for all clients.
	//
	// For the `pairwise` type, a different `sub` (subject) token claim is provided for each client.
	// Using the `pairwise` subject identifier makes it impossible for client applications to correlate the end-user's
	// activity without their permission.
	// Example: public
	// Enum: [public pairwise]
	SubjectType string `json:"subject_type,omitempty" yaml:"subject_type,omitempty"`

	// Defines whether the client application is a system tenant's application or not.
	System bool `json:"system,omitempty" yaml:"system,omitempty"`

	// A string containing the value of an expected dNSName SAN entry in the certificate.
	TLSClientAuthSanDNS string `json:"tls_client_auth_san_dns,omitempty" yaml:"tls_client_auth_san_dns,omitempty"`

	// A string containing the value of an expected rfc822Name SAN entry in the certificate.
	TLSClientAuthSanEmail string `json:"tls_client_auth_san_email,omitempty" yaml:"tls_client_auth_san_email,omitempty"`

	// A string representation of an IP address in either dotted decimal notation (for IPv4) or colon-delimited hexadecimal (for IPv6, as defined in [RFC5952]) that is expected to be present as an iPAddress SAN entry in the certificate.
	TLSClientAuthSanIP string `json:"tls_client_auth_san_ip,omitempty" yaml:"tls_client_auth_san_ip,omitempty"`

	// A string containing the value of an expected uniformResourceIdentifier SAN entry in the certificate.
	TLSClientAuthSanURI string `json:"tls_client_auth_san_uri,omitempty" yaml:"tls_client_auth_san_uri,omitempty"`

	// An [RFC4514] string representation of the expected subject distinguished name of the certificate.
	TLSClientAuthSubjectDn string `json:"tls_client_auth_subject_dn,omitempty" yaml:"tls_client_auth_subject_dn,omitempty"`

	// Boolean value indicating server support for mutual TLS client certificate-bound access tokens. If omitted, the default value is "false".
	TLSClientCertificateBoundAccessTokens bool `json:"tls_client_certificate_bound_access_tokens,omitempty" yaml:"tls_client_certificate_bound_access_tokens,omitempty"`

	// Token endpoint authentication method configured for a client application
	//
	// Cloudentity supports the following client authentication methods:
	// `client_secret_basic`, `client_secret_post`, `client_secret_jwt`, `private_key_jwt`,
	// `self_signed_tls_client_auth`, `tls_client_auth`, `none`.
	//
	// To learn more, go to the Authorization Basics > Client Authentication section of this guide.
	// Example: client_secret_basic
	// Enum: [client_secret_basic client_secret_post client_secret_jwt private_key_jwt self_signed_tls_client_auth tls_client_auth none]
	TokenEndpointAuthMethod string `json:"token_endpoint_auth_method,omitempty" yaml:"token_endpoint_auth_method,omitempty"`

	// Signing algorithm for the token endpoint
	//
	// This field is optional. If empty, a client can use any algorithm supported by the server (see `token_endpoint_auth_signing_alg_values_supported` in the well-known endpoing).
	//
	// If provided, depending on the server configuration, client can use of one: HS256, RS256, ES256, PS256 algorithms.
	//
	// If your token endpoint authentication is set to the `private_key_jwt` method, the
	// `token_endpoint_auth_signing_alg` parameter must be either RS256, ES256, or PS256.
	//
	// If your token endpoint authentication is set to the `client_secret_jwt` method,
	// the `token_endpoint_auth_signing_alg` parameter must be HS256.
	// Example: ES256
	// Enum: [RS256 ES256 PS256 HS256 ]
	TokenEndpointAuthSigningAlg string `json:"token_endpoint_auth_signing_alg,omitempty" yaml:"token_endpoint_auth_signing_alg,omitempty"`

	// token exchange
	TokenExchange *ClientTokenExchangeConfiguration `json:"token_exchange,omitempty" yaml:"token_exchange,omitempty"`

	// token ttls
	TokenTtls *TokenTTLs `json:"token_ttls,omitempty" yaml:"token_ttls,omitempty"`

	// Terms of Service URL.
	TosURI string `json:"tos_uri,omitempty" yaml:"tos_uri,omitempty"`

	// Defines whether the client application is trusted or not.
	//
	// For trusted clients, consent pages are skipped during the authorization process.
	Trusted bool `json:"trusted,omitempty" yaml:"trusted,omitempty"`

	// Date when the client application was updated.
	// Example: 2022-05-08T01:11:51.1262916Z
	// Format: date-time
	UpdatedAt strfmt.DateTime `json:"updated_at,omitempty" yaml:"updated_at,omitempty"`

	// If enabled the client application will be able to set its own token TTLs.
	UseCustomTokenTtls bool `json:"use_custom_token_ttls,omitempty" yaml:"use_custom_token_ttls,omitempty"`

	// JWS alg algorithm REQUIRED for signing UserInfo Responses.
	//
	// If specified, the response is a JWT serialized and signed with JWS.
	//
	// If omitted, then by default, UserInfo Response returns the Claims
	// as an UTF-8 encoded JSON object using the application/json content-type.
	// Example: none
	// Enum: [none RS256 ES256]
	UserinfoSignedResponseAlg string `json:"userinfo_signed_response_alg,omitempty" yaml:"userinfo_signed_response_alg,omitempty"`
}

type FDXError struct {

	// Long term persistent identifier
	// which can be used to trace error condition back to log information
	Code string `json:"code,omitempty" yaml:"code,omitempty"`

	// End user displayable information which might help the customer diagnose an error
	Message string `json:"message,omitempty" yaml:"message,omitempty"`
}

type FDXErrorResponse struct {

	// error
	Error *FDXError `json:"error,omitempty" yaml:"error,omitempty"`
}

type FDXGrantedResource struct {

	// The names of clusters with data elements permitted.
	// Example: ["ACCOUNT_DETAILED","TRANSACTIONS","STATEMENTS"]
	DataClusters []string `json:"dataClusters" yaml:"dataClusters"`

	// resource ID
	// Example: b14e1e714693bc00
	ID string `json:"id,omitempty" yaml:"id,omitempty"`

	// A type of resource that holds the permitted data elements. This parameter can be extended to support additional resource types.
	// Example: ACCOUNT
	ResourceType string `json:"resourceType,omitempty" yaml:"resourceType,omitempty"`
}

type FDXRequestedResource struct {

	// The names of clusters with data elements permitted.
	// Example: ["ACCOUNT_DETAILED","TRANSACTIONS","STATEMENTS"]
	DataClusters []string `json:"dataClusters" yaml:"dataClusters"`

	// A type of resource that holds the permitted data elements. This parameter can be extended to support additional resource types.
	// Example: ACCOUNT
	ResourceType string `json:"resourceType,omitempty" yaml:"resourceType,omitempty"`
}

type FDXResource struct {

	// The names of clusters with data elements permitted.
	DataClusters []string `json:"dataClusters" yaml:"dataClusters"`

	// Resource identifier.
	ID string `json:"id,omitempty" yaml:"id,omitempty"`

	// A type of resource that holds the permitted data elements. This parameter can be extended to support additional resource types.
	ResouceType string `json:"resouceType,omitempty" yaml:"resouceType,omitempty"`
}

type FDXUpdateClientStatusRequest struct {

	// New Status
	// Example: Approved
	NewStatus string `json:"new_status,omitempty" yaml:"new_status,omitempty"`
}

type GenericError struct {

	// error
	// Example: The requested resource could not be found
	// Required: true
	Error string `json:"error" yaml:"error"`

	// Code represents the error status code (404, 403, 401, ...).
	// Example: 404
	ErrorCode int64 `json:"error_code,omitempty" yaml:"error_code,omitempty"`

	// error hint
	// Example: Object with ID 12345 does not exist
	ErrorHint string `json:"error_hint,omitempty" yaml:"error_hint,omitempty"`
}

type GetFDXConsent struct {

	// Time of consent creation
	// Format: date-time
	CreatedTime strfmt.DateTime `json:"createdTime,omitempty" yaml:"createdTime,omitempty"`

	// Consent duration, in days, from day of original grant.
	DurationPeriod int64 `json:"durationPeriod,omitempty" yaml:"durationPeriod,omitempty"`

	// duration type
	DurationType DurationType `json:"durationType,omitempty" yaml:"durationType,omitempty"`

	// Time of consent expiration
	// Format: date-time
	ExpirationTime strfmt.DateTime `json:"expirationTime,omitempty" yaml:"expirationTime,omitempty"`

	// id
	ID FDXConsentID `json:"id,omitempty" yaml:"id,omitempty"`

	// Period, in days, for which historical data may be requested; period is measured from request time, not grant time
	LookbackPeriod int64 `json:"lookbackPeriod,omitempty" yaml:"lookbackPeriod,omitempty"`

	// A collection of parameters identifying the Parties (including the legal entity operating branded products or services)
	// in the data sharing chain. Descriptive information is collected during Data Recipient registration at Data Provider,
	// and populated during issuance by DataProvider from its registry;
	Parties []*FDXConsentGrantParty `json:"parties" yaml:"parties"`

	// Enumeration of the Clusters of granted data elements permissioned by this Consent Grant.
	// Data Clusters are described in FDX RFC 0167.
	Resources []*FDXGrantedResource `json:"resources" yaml:"resources"`

	// status
	Status FDXConsentGrantStatus `json:"status,omitempty" yaml:"status,omitempty"`
}

type GetFDXConsentResponse struct {

	// List of account identifiers
	AccountIds []string `json:"account_ids" yaml:"account_ids"`

	// authentication context
	AuthenticationContext AuthenticationContext `json:"authentication_context,omitempty" yaml:"authentication_context,omitempty"`

	// Client application identifier.
	// Example: \"cauqo9c9vpbs0aj2b2v0\
	ClientID string `json:"client_id,omitempty" yaml:"client_id,omitempty"`

	// client info
	ClientInfo *ClientInfo `json:"client_info,omitempty" yaml:"client_info,omitempty"`

	// consent id
	ConsentID string `json:"consent_id,omitempty" yaml:"consent_id,omitempty"`

	// Consent creation time
	// Format: date-time
	CreatedAt strfmt.DateTime `json:"created_at,omitempty" yaml:"created_at,omitempty"`

	// fdx consent
	FdxConsent *FDXConsent `json:"fdx_consent,omitempty" yaml:"fdx_consent,omitempty"`

	// List of requested scopes
	RequestedScopes []*RequestedScope `json:"requested_scopes" yaml:"requested_scopes"`

	// Server / Workspace identifier.
	// Example: \"server\
	ServerID string `json:"server_id,omitempty" yaml:"server_id,omitempty"`

	// Consent status
	Status string `json:"status,omitempty" yaml:"status,omitempty"`

	// Subject
	Subject string `json:"subject,omitempty" yaml:"subject,omitempty"`

	// Tenant identifier.
	// Example: \"tenant\
	TenantID string `json:"tenant_id,omitempty" yaml:"tenant_id,omitempty"`

	// type
	Type ConsentType `json:"type,omitempty" yaml:"type,omitempty"`
}

type GetFDXConsentRevocation struct {

	// Consent revocation initiator
	// Example: DATA_RECIPIENT
	// Enum: [DATA_ACCESS_PLATFORM DATA_PROVIDER DATA_RECIPIENT INDIVIDUAL MERCHANT VENDOR]
	Initiator string `json:"initiator,omitempty" yaml:"initiator,omitempty"`

	// Consent revocation reason
	// Example: BUSINESS_RULE
	// Enum: [BUSINESS_RULE USER_ACTION]
	Reason string `json:"reason,omitempty" yaml:"reason,omitempty"`

	// status
	Status FDXConsentGrantStatus `json:"status,omitempty" yaml:"status,omitempty"`

	// Time of last consent's status change
	// Format: date-time
	UpdatedTime strfmt.DateTime `json:"updatedTime,omitempty" yaml:"updatedTime,omitempty"`
}

type GrantedScopes []string

type Intermediary struct {

	// Array of strings representing ways to contact people responsible for this intermediary
	Contacts []string `json:"contacts" yaml:"contacts"`

	// A short description of the intermediary
	Description string `json:"description,omitempty" yaml:"description,omitempty"`

	// A URL string that references a logo for this intermediary
	LogoURI string `json:"logo_uri,omitempty" yaml:"logo_uri,omitempty"`

	// Name of intermediary party
	Name string `json:"name,omitempty" yaml:"name,omitempty"`

	// Registry references for this intermediary
	RegistryReferences []*RegistryReference `json:"registry_references" yaml:"registry_references"`

	// A URL string of a web page providing information about the intermediary
	URI string `json:"uri,omitempty" yaml:"uri,omitempty"`
}

type IntrospectResponse struct {

	// Authentication context class reference
	Acr string `json:"acr,omitempty" yaml:"acr,omitempty"`

	// Actor claims used in the Token Exchange flow.
	Act map[string]interface{} `json:"act,omitempty" yaml:"act,omitempty"`

	// Active is a boolean indicator of whether or not the presented token
	// is currently active. The specifics of a token's `active` state
	// varies depending on the implementation of an authorization
	// server and the information it keeps about its token. Still, the `true`
	// value returned for the `active` property generally indicates
	// that a given token has been issued by this authorization server,
	// has not been revoked by the resource owner, and is within its
	// given time window of validity (e.g., between its issuance and
	// expiration time).
	Active bool `json:"active,omitempty" yaml:"active,omitempty"`

	// Authentication method references
	Amr []string `json:"amr" yaml:"amr"`

	// Audience contains the list of the audiences the token is intended for.
	Aud []string `json:"aud" yaml:"aud"`

	// A client application identifier for the OAuth 2.0 client that
	// requested this token.
	ClientID string `json:"client_id,omitempty" yaml:"client_id,omitempty"`

	// cnf
	Cnf *Confirmation `json:"cnf,omitempty" yaml:"cnf,omitempty"`

	// ExpiredAt is the integer timestamp measured in the number of seconds
	// since January 1 1970 UTC (1970-01-01T00:00:00Z). It indicates when this token will expire.
	Exp int64 `json:"exp,omitempty" yaml:"exp,omitempty"`

	// Extra is arbitrary data set by the session.
	Ext map[string]interface{} `json:"ext,omitempty" yaml:"ext,omitempty"`

	// IssuedAt is the integer timestamp measured in the number of seconds
	// since January 1 1970 UTC. It indicates when this token was
	// originally issued.
	Iat int64 `json:"iat,omitempty" yaml:"iat,omitempty"`

	// The identifier of an identity provider that user authenticated with.
	Idp string `json:"idp,omitempty" yaml:"idp,omitempty"`

	// IDP subject
	IdpSub string `json:"idp_sub,omitempty" yaml:"idp_sub,omitempty"`

	// Issuer URL is a string representing the issuer of this token.
	Iss string `json:"iss,omitempty" yaml:"iss,omitempty"`

	// May act claims used in the Token Exchange flow.s
	MayAct map[string]interface{} `json:"may_act,omitempty" yaml:"may_act,omitempty"`

	// NotBefore is an integer timestamp measured in the number of seconds
	// since January 1 1970 UTC. It indicates this token was not
	// used before the specified time.
	Nbf int64 `json:"nbf,omitempty" yaml:"nbf,omitempty"`

	// Scope is a JSON string containing a space-separated list of
	// scopes associated with this token.
	Scope string `json:"scope,omitempty" yaml:"scope,omitempty"`

	// The OAuth 2.0 authorization server identifier that
	// issued this token.
	ServerID string `json:"server_id,omitempty" yaml:"server_id,omitempty"`

	// Subject of the token, as defined in JWT [RFC7519].
	// Usually a machine-readable identifier of the resource owner who
	// authorized this token.
	Sub string `json:"sub,omitempty" yaml:"sub,omitempty"`

	// TenantID identifies a tenant holding the authorization server that
	// issued this token.
	TenantID string `json:"tenant_id,omitempty" yaml:"tenant_id,omitempty"`

	// TokenType is the type of the introspected token. For example, `access_token` or `refresh_token`.
	TokenType string `json:"token_type,omitempty" yaml:"token_type,omitempty"`

	// Username is a human-readable identifier for the resource owner who
	// authorized this token.
	Username string `json:"username,omitempty" yaml:"username,omitempty"`
}

type Metadata map[string]interface{}

type PIICategory struct {

	// name
	// Example: HIPAA
	Name string `json:"name,omitempty" yaml:"name,omitempty"`
}

type RFC6749Error struct {

	// cause
	Cause string `json:"cause,omitempty" yaml:"cause,omitempty"`

	// error
	Error string `json:"error,omitempty" yaml:"error,omitempty"`

	// error description
	ErrorDescription string `json:"error_description,omitempty" yaml:"error_description,omitempty"`

	// error hint
	ErrorHint string `json:"error_hint,omitempty" yaml:"error_hint,omitempty"`

	// status code
	StatusCode int64 `json:"status_code,omitempty" yaml:"status_code,omitempty"`
}

type RedirectURIs []string

type RegistryReference struct {

	// An identifier of the intermediary that can be looked up from a legal identity registry source.
	RegisteredEntityID string `json:"registered_entity_id,omitempty" yaml:"registered_entity_id,omitempty"`

	// The legal company name for the intermediary.
	RegisteredEntityName string `json:"registered_entity_name,omitempty" yaml:"registered_entity_name,omitempty"`

	// registry
	Registry string `json:"registry,omitempty" yaml:"registry,omitempty"`
}

type RejectConsentRequest struct {

	// Rejection error indication.
	// Example: Rejected
	Error string `json:"error,omitempty" yaml:"error,omitempty"`

	// Rejection cause.
	// Example: Rejected by the user.
	ErrorCause string `json:"error_cause,omitempty" yaml:"error_cause,omitempty"`

	// Rejection error description.
	// Example: The user rejected authentication.
	ErrorDescription string `json:"error_description,omitempty" yaml:"error_description,omitempty"`

	// Login identifier.
	ID string `json:"id,omitempty" yaml:"id,omitempty"`

	// Random string generated by Cloudentity used to mitigate cross-site request forgery (CSRF) attacks.
	// Cloudentity sends state as the `login_state` query parameter when redirecting to the consent page.
	// Example: cauq8fonbud6q8806bf0
	LoginState string `json:"login_state,omitempty" yaml:"login_state,omitempty"`

	// Rejection HTTP status code.
	// Example: 403
	StatusCode int64 `json:"status_code,omitempty" yaml:"status_code,omitempty"`
}

type RequestedScope struct {

	// Authorization server identifier
	// Example: my-server
	AuthorizationServerID string `json:"authorization_server_id,omitempty" yaml:"authorization_server_id,omitempty"`

	// The scope description displayed as a hint on a consent page
	// Example: This scope value requests offline access using refresh token
	Description string `json:"description,omitempty" yaml:"description,omitempty"`

	// The scope name displayed on a consent page
	// Example: Offline Access
	DisplayName string `json:"display_name,omitempty" yaml:"display_name,omitempty"`

	// Scope identifier
	// Example: scope-1
	ID string `json:"id,omitempty" yaml:"id,omitempty"`

	// Request this scope by default for all clients who subscribed to this scope
	Implicit bool `json:"implicit,omitempty" yaml:"implicit,omitempty"`

	// metadata
	Metadata Metadata `json:"metadata,omitempty" yaml:"metadata,omitempty"`

	// Scope name
	// Example: offline_access
	Name string `json:"name,omitempty" yaml:"name,omitempty"`

	// params
	Params []string `json:"params" yaml:"params"`

	// requested name
	RequestedName string `json:"requested_name,omitempty" yaml:"requested_name,omitempty"`

	// service
	Service *Service `json:"service,omitempty" yaml:"service,omitempty"`

	// Tenant identifier
	// Example: my-company
	TenantID string `json:"tenant_id,omitempty" yaml:"tenant_id,omitempty"`

	// Disable storage of scope grants
	Transient bool `json:"transient,omitempty" yaml:"transient,omitempty"`

	// with service
	WithService bool `json:"with_service,omitempty" yaml:"with_service,omitempty"`
}

type Resource struct {

	// Resource identifiers/values.
	Ids []string `json:"ids" yaml:"ids"`

	// The type of the resource.
	// Example: ACCOUNT
	ResourceType string `json:"resourceType,omitempty" yaml:"resourceType,omitempty"`
}

type ResponseTypes []string

type ScopePrivacyInformation struct {

	// pii categories
	PiiCategories []*PIICategory `json:"pii_categories" yaml:"pii_categories"`

	// purpose
	Purpose string `json:"purpose,omitempty" yaml:"purpose,omitempty"`
}

type Service struct {

	// Authorization server identifier
	// Example: my-server
	AuthorizationServerID string `json:"authorization_server_id,omitempty" yaml:"authorization_server_id,omitempty"`

	// Custom service audience
	// Example: https://api.example.com
	CustomAudience string `json:"custom_audience,omitempty" yaml:"custom_audience,omitempty"`

	// Service description
	// Example: Service description
	Description string `json:"description,omitempty" yaml:"description,omitempty"`

	// Gateway identifier
	// Example: gateway-1
	GatewayID string `json:"gateway_id,omitempty" yaml:"gateway_id,omitempty"`

	// A unique identifier of a service
	// Example: service-1
	ID string `json:"id,omitempty" yaml:"id,omitempty"`

	// Service name
	// Example: My service
	Name string `json:"name,omitempty" yaml:"name,omitempty"`

	// `true` when the service is a system service
	// Example: false
	System bool `json:"system,omitempty" yaml:"system,omitempty"`

	// Tenant identifier
	// Example: my-company
	TenantID string `json:"tenant_id,omitempty" yaml:"tenant_id,omitempty"`

	// Service type
	// Enum: [oauth2 oidc system user openbanking]
	Type string `json:"type,omitempty" yaml:"type,omitempty"`

	// The date of service update
	// Format: date-time
	UpdatedAt strfmt.DateTime `json:"updated_at,omitempty" yaml:"updated_at,omitempty"`

	// `true` when the service has the OpenAPI 3.0 specification
	WithSpecification bool `json:"with_specification,omitempty" yaml:"with_specification,omitempty"`
}

type TokenTTLs struct {

	// Access token time to live
	//
	// After an access token reaches its time to live, it expires and it cannot be used to
	// authenticate the client application.
	// Example: 1h10m30s
	// Format: duration
	AccessTokenTTL strfmt.Duration `json:"access_token_ttl,omitempty" yaml:"access_token_ttl,omitempty"`

	// Authorization code time to live
	//
	// After an authorization code reaches its time to live, it expires and it cannot be used to
	// authorize the request to the `/token` endpoint.
	// Example: 10m0s
	// Format: duration
	AuthorizationCodeTTL strfmt.Duration `json:"authorization_code_ttl,omitempty" yaml:"authorization_code_ttl,omitempty"`

	// ID token time to live
	//
	// After an ID token reaches its time to live, it expires and it cannot be used to provide
	// user profile information to a client application.
	// Example: 1h10m30s
	// Format: duration
	IDTokenTTL strfmt.Duration `json:"id_token_ttl,omitempty" yaml:"id_token_ttl,omitempty"`

	// Refresh token time to live
	//
	// After a refresh token reaches its time to live, it expires and it cannot be used to obtain
	// new access tokens for a client application.
	// Example: 720h0m0s
	// Format: duration
	RefreshTokenTTL strfmt.Duration `json:"refresh_token_ttl,omitempty" yaml:"refresh_token_ttl,omitempty"`
}