> ## Documentation Index > Fetch the complete documentation index at: https://www.dynamic.xyz/docs/llms.txt > Use this file to discover all available pages before exploring further. # Verify external auth assertion for elevated access token > Accepts a customer-signed assertion JWT and returns an elevated access token for step-up authentication. The assertion JWT must be signed with the same key registered in the environment's external auth JWKS URL. ## OpenAPI ````yaml https://app.dynamic.xyz/api-docs/public-api.yaml post /sdk/{environmentId}/externalAuth/verify openapi: 3.0.1 info: title: Dashboard API description: Dashboard API documentation version: 1.0.0 servers: - url: https://app.dynamicauth.com/api/v0 - url: https://app.dynamic.xyz/api/v0 - url: http://localhost:3333/api/v0 security: [] tags: - name: Analytics description: Query usage analytics and event counts for your environment. - name: SDK description: SDK-facing endpoints consumed by embedded Dynamic clients. - name: Organizations description: >- Manage organizations — the top-level container for all environments and projects. - name: Projects description: Manage projects that group related environments under an organization. - name: Environments description: >- Manage environments (live and sandbox) where your authentication configuration lives. - name: Users description: List, search, and manage authenticated users within an environment. - name: Invites description: >- Manage invitation links that grant specific external users access to your environment. - name: Tokens description: >- Create and manage API tokens used to authenticate requests to the Dynamic API. - name: Origins description: >- Configure allowed origins (CORS) for SDK and API access to your environment. - name: Allowlists description: >- Manage allowlists to control which wallet addresses or email addresses can access your environment. - name: Wallets description: View and manage wallets linked to users in your environment. - name: Members description: Manage team members and their roles within an organization. - name: Sessions description: View and revoke active user sessions within an environment. - name: Settings description: Read and update environment-level configuration settings. - name: Exchanges description: >- Configure exchange integrations (Coinbase, Binance, etc.) for fiat on-ramp within your environment. - name: Providers description: >- List, enable, disable, and configure authentication providers (OAuth, email, wallet, SMS, etc.) for your environment. - name: Captcha description: >- Configure captcha verification (provider, site key, secret key) for your environment. - name: Gates description: >- Define access gates that restrict environment entry to users who meet specific criteria. - name: Chains description: >- Manage the blockchain networks available for wallet connection in your environment. - name: Exports description: Export user and wallet data from your environment as downloadable files. - name: Events description: Browse the event log of actions performed within your environment. - name: Webhooks description: >- Create and manage webhooks to receive real-time events (user.created, wallet.linked, etc.) at your endpoint. - name: Custom Fields description: >- Define and manage custom metadata fields collected from users at sign-up or login. - name: MfaSettings description: >- Configure multi-factor authentication (MFA) policies for your organization. - name: Mfa description: Manage MFA enrollment and verification for individual users. - name: CustomHostnames description: >- Configure custom hostnames for white-labeling the Dynamic authentication experience. - name: TestAccount description: >- Manage test accounts used for automated testing and QA within an environment. - name: NameServices description: >- Configure name service integrations (ENS, Unstoppable Domains, etc.) for human-readable wallet addresses. - name: GlobalWallets description: >- Manage global wallets shared across multiple environments in an organization. - name: GlobalWalletConnections description: Configure which environments can access and use global wallets. - name: GlobalWalletAccessControl description: Control which users and roles can access and operate global wallets. - name: UserApiTokens description: >- Create and manage user-scoped API tokens for programmatic access on behalf of a user. - name: Waas description: Wallet-as-a-Service endpoints for creating and managing embedded wallets. - name: WalletConnect description: Configure WalletConnect integration settings for your environment. - name: Checkout description: >- Accept crypto payments and deposits from any wallet. Settle in any token you choose. - name: Flow description: >- Accept crypto payments, deposits, and withdrawals. Amount and destination are fixed server-side at create; the post-create lifecycle is driven with a capability session token. - name: Custom Networks description: >- Add and manage custom EVM-compatible networks beyond the built-in chain list. - name: Chainalysis description: >- Configure Chainalysis integration for blockchain address screening and risk assessment. - name: Visits description: Track and query user visit activity within your environment. - name: ExternalJwt description: >- Configure external JWT providers so existing auth tokens can be used with Dynamic. - name: SDK Views description: >- Manage SDK view configurations that customize the appearance of Dynamic modals and flows. - name: DeeplinkUrls description: Configure deep link URLs for mobile app integration with the Dynamic SDK. - name: OrganizationSettings description: >- Read and update organization-level settings such as approval workflow configuration. - name: AdminActions description: >- Manage admin action requests that require approval from another administrator. - name: ClientGrant description: | OAuth 2.0 Device Authorization Grant flow (RFC 8628) used by first-party Dynamic clients (CLI, MCP server, demo apps, IDE plugins) to obtain a revocable, 30-day client JWT without ever seeing the user's dashboard session token. - name: AuthorizedClients description: | Manage first-party clients (CLI / MCP / demo / IDE plugins) authorized to act as a dashboard user. Surfaced under Profile → Authorized Clients. paths: /sdk/{environmentId}/externalAuth/verify: post: tags: - SDK summary: Verify external auth assertion for elevated access token description: > Accepts a customer-signed assertion JWT and returns an elevated access token for step-up authentication. The assertion JWT must be signed with the same key registered in the environment's external auth JWKS URL. operationId: externalAuthVerify parameters: - $ref: '#/components/parameters/environmentId' requestBody: content: application/json: schema: $ref: '#/components/schemas/ExternalAuthSigninRequest' required: true responses: '200': description: Success content: application/json: schema: $ref: '#/components/schemas/ExternalAuthAssertionResponse' '400': $ref: '#/components/responses/BadRequest' '422': $ref: '#/components/responses/UnprocessableEntity' '500': $ref: '#/components/responses/InternalServerError' security: - bearerAuth: [] components: parameters: environmentId: in: path name: environmentId required: true description: ID of the environment schema: $ref: '#/components/schemas/uuid' schemas: ExternalAuthSigninRequest: type: object properties: jwt: $ref: '#/components/schemas/EncodedJwt' sessionPublicKey: $ref: '#/components/schemas/NonEmptyString' ExternalAuthAssertionResponse: type: object required: - elevatedAccessToken properties: elevatedAccessToken: type: string description: Elevated access token for step-up authentication uuid: type: string pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$ minLength: 36 maxLength: 36 example: 95b11417-f18f-457f-8804-68e361f9164f EncodedJwt: type: string description: >- Encoded JWT token. This will only be returned when cookie-based authentication is disabled in favor of standard Auth header based authentication. example: jwt_value NonEmptyString: type: string pattern: ^(?=\S)[\p{L}\p{N}a-zA-Z _.,:!?&%@\/+\-'|]+(?<=\S)$ example: An example name BadRequest: type: object properties: error: description: Human-readable error message type: string UnprocessableEntity: type: object properties: error: description: Human-readable error message describing the validation failure type: string example: Resources already exists for this Object code: $ref: '#/components/schemas/UnprocessableEntityErrorCode' payload: $ref: '#/components/schemas/UnprocessableEntityErrorPayload' required: - error InternalServerError: type: object properties: error: description: Human-readable error message type: string example: Internal Server Error UnprocessableEntityErrorCode: type: string enum: - email_cannot_be_null - exchange_cannot_be_enabled - transfer_amount_too_small - transfer_address_not_whitelisted - invalid_scopes - unknown_transfer_error - transfer_mfa_required - transfer_mfa_failed - invalid_transfer_funds - invalid_transfer_currency - invalid_exchange_provider - invalid_transfer_network - invalid_email - email_already_exists - allowlist_already_exists - allowlist_entry_already_exists - reassign_wallet_error - reassign_wallet_confirm - members_cannot_delete_themself - username_already_exists - wrong_email_verification_token - wrong_sms_verification_token - invalid_email_verification - invalid_sms_verification - invalid_verification - invalid_position - too_many_sms_verification_attempts - too_many_email_verification_attempts - too_many_verification_attempts - organization_name_already_exists - project_name_already_exists - wallet_not_deployed - email_verification_required - phone_verification_required - invite_address_required - provider_not_available - forbidden_unlink_request - invalid_unlink_request - too_many_api_tokens - lock_timeout - lock_too_many_attempts - nft_token_gating_not_supported_for_chain - empty_chain_name - no_enabled_email_provider - no_enabled_sms_provider - invalid_key_export_url - invalid_dynamic_props - too_many_requests - too_many_organizations_for_user - too_many_projects_for_organization - email_associated_with_different_provider - user_has_already_account_with_email - user_has_already_account_with_phone_number - other_verify_failure - email_tied_to_embedded_wallet - invalid_invite - social_account_already_exists - invalid_email_address - invalid_gate - conflicting_embedded_wallet_providers - invalid_user - invalid_cors_origins - invalid_mobile_deeplink_urls - unauthorized_mobile_deeplink_url - invalid_private_key_format - invalid_embedded_wallet_settings - wallet_not_support_passkey - recovery_email_unavailable_or_invalid - connect_error - invalid_wallet_name - invalid_wallet_address - email_recovery_disabled - no_compatible_wallet_service_enabled - missing_aa_project_id - linked_embedded_wallet - invalid_mpc_environment - invalid_regex - repeated_options - missing_phone_number_or_email - duplicate_exists - mfa_device_not_found - mfa_invalid_code - mfa_invalid_request - invalid_phone - gate_exists - invalid_embedded_wallet_chains_configuration - merge_accounts_confirmation - merge_accounts_invalid - invalid_wallet_id - unable_to_fetch_balances - cannot_switch_to_unique - custom_field_data_not_unique - metadata_size_exceeded - invalid_custom_hostname - blocked_user_cannot_transfer_wallet - feature_not_enabled_in_suborg - invalid_username - invalid_external_auth - invalid_chain_address_match - invalid_update - cannot_delete_last_project - no_hd_wallet_found - wallet_account_exists_for_chain - too_many_embedded_wallets_for_user - too_many_embedded_wallets_per_chain_for_user - invalid_session_public_key - custom_field_not_unique - invalid_aa_project_configuration - no_v1_embedded_wallet_found - embedded_wallet_address_already_linked - key_share_already_backed_up - invalid_key_shares_length - wallet_not_active - wallet_service_connection_error - no_global_wallet_found - invalid_metadata_value - max_passkeys_per_user - passkey_not_found - cannot_delete_passkey_linked_to_embedded_wallet - cannot_delete_last_sign_in_verified_credential - credential_not_enabled_for_sign_in - unsupported_chain - share_set_id_required - address_screening_byok_auth - address_screening_byok_quota - address_screening_byok_shape - address_screening_byok_upstream UnprocessableEntityErrorPayload: type: object description: >- Contains information which the integrating client of this API can use to tailor an experience to a customer to fix the underlying issue that triggered this error. properties: email: description: Email address that caused the validation error type: string format: email example: joe@email.com loginProvider: $ref: '#/components/schemas/ProviderEnum' embeddedWalletName: description: Embedded wallet name that caused the validation error type: string embeddedSocialSigninProvider: $ref: '#/components/schemas/ProviderEnum' mergeConflicts: $ref: '#/components/schemas/MergeConflicts' additionalMessages: description: List of additional validation error messages type: array items: type: string ProviderEnum: type: string description: >- The 'turnkey' value is deprecated and will be removed in a future version. enum: - emailOnly - magicLink - apple - bitbucket - coinbasesocial - discord - epicgames - facebook - farcaster - github - gitlab - google - instagram - linkedin - microsoft - twitch - twitter - blocto - banxa - coinbaseOnramp - cryptoDotCom - moonPay - dynamic - alchemy - zerodev - telegram - turnkey - coinbaseWaas - sms - spotify - tiktok - line - steam - shopify - zksync - kraken - blockaid - passkey - okta - sendgrid - resend - trmWalletScreening - chainalysisAddressScreening MergeConflicts: type: object description: >- Contains information needed for the SDK to surface merge conflicts when attempting to merge information from one user to another required: - fromUser - conflicts properties: fromUser: $ref: '#/components/schemas/SdkUser' conflicts: description: List of field-level merge conflicts between users type: array items: $ref: '#/components/schemas/MergeUserConflict' SdkUser: allOf: - $ref: '#/components/schemas/BaseUser' - type: object required: - verifiedCredentials MergeUserConflict: type: object description: >- Contains a merge conflict between two users with different values for the same user field data required: - field - fromUser - currentUser properties: field: $ref: '#/components/schemas/ProjectSettingsKyc' fromUser: $ref: '#/components/schemas/MergeUser' currentUser: $ref: '#/components/schemas/MergeUser' BaseUser: type: object required: - id - projectEnvironmentId properties: id: $ref: '#/components/schemas/uuid' projectEnvironmentId: $ref: '#/components/schemas/uuid' verifiedCredentials: description: >- List of verified credentials (wallets, emails, social accounts) linked to the user type: array items: $ref: '#/components/schemas/JwtVerifiedCredential' lastVerifiedCredentialId: $ref: '#/components/schemas/uuid' sessionId: $ref: '#/components/schemas/uuid' alias: $ref: '#/components/schemas/OptionalNullableNonEmptyStringWith255MaxLength' country: $ref: '#/components/schemas/CountryCode' email: description: Primary email address of the user type: string format: email nullable: true maxLength: 255 firstName: $ref: '#/components/schemas/OptionalNullableNonEmptyStringWith255MaxLength' jobTitle: $ref: '#/components/schemas/OptionalNullableNonEmptyStringWith255MaxLength' lastName: $ref: '#/components/schemas/OptionalNullableNonEmptyStringWith255MaxLength' phoneNumber: description: Phone number of the user type: string nullable: true maxLength: 255 policiesConsent: description: >- Whether the user has accepted the terms of service and privacy policy type: boolean nullable: true tShirtSize: $ref: '#/components/schemas/OptionalNullableNonEmptyStringWith255MaxLength' team: $ref: '#/components/schemas/OptionalNullableNonEmptyStringWith255MaxLength' username: $ref: '#/components/schemas/OptionalNullableNonEmptyStringWith255MaxLength' firstVisit: description: ISO 8601 timestamp of when the user first visited type: string format: date-time lastVisit: description: ISO 8601 timestamp of when the user last visited type: string format: date-time newUser: description: Whether this is a newly created user type: boolean metadata: description: Arbitrary key-value metadata associated with the user type: object mfaBackupCodeAcknowledgement: $ref: '#/components/schemas/MfaBackupCodeAcknowledgement' btcWallet: description: Bitcoin wallet address of the user type: string nullable: true kdaWallet: description: Kadena wallet address of the user type: string nullable: true ltcWallet: description: Litecoin wallet address of the user type: string nullable: true ckbWallet: description: Nervos CKB wallet address of the user type: string nullable: true kasWallet: description: Kaspa wallet address of the user type: string nullable: true dogeWallet: description: Dogecoin wallet address of the user type: string nullable: true emailNotification: description: Whether the user has opted in to email notifications type: boolean nullable: true discordNotification: description: Whether the user has opted in to Discord notifications type: boolean nullable: true newsletterNotification: description: Whether the user has opted in to newsletter notifications type: boolean nullable: true lists: type: array description: >- Access lists evaluated by Dynamic when considering access for the user. items: type: string scope: type: string description: >- A whitespace-separate list of permissions associated with the JWT token issued. This conforms to the JWT standard for scope claims: https://datatracker.ietf.org/doc/html/rfc8693#section-4.2 example: superuser marketing operations missingFields: description: List of required user fields that have not yet been provided type: array items: $ref: '#/components/schemas/ProjectSettingsKyc' ProjectSettingsKyc: type: object properties: name: description: Internal name identifier of the KYC field type: string required: description: Whether this KYC field is required for user onboarding type: boolean enabled: description: Whether this KYC field is enabled for collection type: boolean unique: description: Whether this KYC field value must be unique across all users type: boolean verify: description: Whether this KYC field requires verification type: boolean type: $ref: '#/components/schemas/KycFieldType' validationRules: $ref: '#/components/schemas/CustomFieldValidationRules' validationType: $ref: '#/components/schemas/CustomFieldType' label: description: Display label for the KYC field shown to users type: string position: description: Display position order of the KYC field in the form type: number required: - name - required - enabled - unique - verify MergeUser: type: object description: Contains the current field value for the user. required: - userId - value properties: userId: $ref: '#/components/schemas/uuid' value: $ref: '#/components/schemas/NonEmptyStringWith255MaxLength' JwtVerifiedCredential: type: object required: - id - format - signInEnabled properties: address: $ref: '#/components/schemas/WalletPublicKey' chain: description: Blockchain network for this credential type: string refId: $ref: '#/components/schemas/uuid' signerRefId: $ref: '#/components/schemas/uuid' email: description: Email address for email-based credentials type: string format: email id: $ref: '#/components/schemas/uuid' name_service: $ref: '#/components/schemas/NameServiceData' public_identifier: description: >- This is used to publicly identify a verified credential in a human-friendly way. For example, this will be the email address if credential format=email. type: string wallet_name: description: Name of the wallet provider type: string wallet_provider: $ref: '#/components/schemas/WalletProviderEnum' wallet_properties: $ref: '#/components/schemas/WalletProperties' format: $ref: '#/components/schemas/JwtVerifiedCredentialFormatEnum' oauth_provider: $ref: '#/components/schemas/ProviderEnum' oauth_username: description: Username from the OAuth provider type: string oauth_display_name: description: Display name from the OAuth provider type: string nullable: true oauth_account_id: description: Unique account identifier from the OAuth provider type: string nullable: true phoneNumber: description: >- This field contains the phone number in the country. This could also contain the area code within a country. example: '9171113333' type: string phoneCountryCode: description: >- This field contains the phone international country code. See https://countrycode.org/ example: '1' type: string isoCountryCode: description: >- ISO-3166 two-character country code. See https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes example: US type: string oauth_account_photos: description: List of profile photo URLs from the OAuth provider type: array items: type: string oauth_emails: description: List of email addresses from the OAuth provider type: array items: type: string oauth_metadata: type: object description: >- This object contains JSON metadata for a social-based verified credential. It may contain data about the user that does not fit into the other structured fields, and could include arbitrary fields about the user from the oauth provider's API. previous_users: description: >- This will only be provided in the responses for GET /users/{userId}.Previous user IDs that owned this verified credential and was tranfered to the current user ID. type: array items: $ref: '#/components/schemas/uuid' embedded_wallet_id: description: Identifier of the linked embedded wallet type: string nullable: true wallet_additional_addresses: description: List of additional addresses derived from this wallet type: array items: $ref: '#/components/schemas/WalletAdditionalAddress' lastSelectedAt: description: >- This timestamp indicates the last time this verified wallet was either connected to the user account or selected to become the primary wallet on the account. type: string format: date-time signInEnabled: type: boolean description: This indicates if the user can sign in with this credential verifiedAt: type: string format: date-time description: >- This timestamp indicates the last time this verified credential was verified. OptionalNullableNonEmptyStringWith255MaxLength: type: string pattern: ^$|^(?=\S)[\p{L}\p{N} _.,:!?&%@\/+-]+(?<=\S)$ example: An example name nullable: true maxLength: 255 CountryCode: type: string nullable: true description: Standard ISO 3166-1 alpha-2 two-letter country code pattern: ^[A-Z]{2}$ example: US maxLength: 255 MfaBackupCodeAcknowledgement: type: string nullable: true enum: - pending - complete KycFieldType: type: string enum: - standard - custom CustomFieldValidationRules: type: object properties: unique: type: boolean description: If this field must be unique for every user in the environment regex: type: string maxLength: 255 description: The regex pattern that the text field must match example: ^0x validOptions: type: array items: $ref: '#/components/schemas/CustomFieldValidValue' description: The dropdown options for the select field example: - label: small - label: medium - label: large checkboxText: type: string maxLength: 255 description: The text that will be displayed for the checkbox field example: Agree to the terms and conditions description: Optional validation rules for the custom field CustomFieldType: type: string enum: - text - checkbox - select NonEmptyStringWith255MaxLength: type: string pattern: ^(?=\S)[\p{L}\p{N}a-zA-Z _.,:!?&%@\/+\-'|]+(?<=\S)$ maxLength: 255 example: An example name WalletPublicKey: type: string pattern: ^[A-Za-z0-9_-]{18,100}$ description: >- Valid blockchain wallet address, must be an alphanumeric string (underscores allowed for chains like Midnight, hyphens allowed for chains using base64url-encoded addresses like TON) example: '0xbF394748301603f18d953C90F0b087CBEC0E1834' maxLength: 255 NameServiceData: type: object properties: avatar: description: URL of the avatar associated with the name service record type: string name: description: Resolved name from the name service (e.g. ENS name) type: string WalletProviderEnum: type: string enum: - browserExtension - custodialService - walletConnect - qrCode - deepLink - embeddedWallet - smartContractWallet WalletProperties: anyOf: - $ref: '#/components/schemas/TurnkeyWalletProperties' - $ref: '#/components/schemas/HardwareWalletProperties' - $ref: '#/components/schemas/CoinbaseMpcWalletProperties' - $ref: '#/components/schemas/SmartWalletProperties' - $ref: '#/components/schemas/WaasWalletProperties' JwtVerifiedCredentialFormatEnum: type: string enum: - blockchain - email - oauth - passkey - phoneNumber - externalUser - totp WalletAdditionalAddress: type: object description: An additional address associated with a wallet. required: - address - type properties: address: type: string description: An address associated with a wallet. publicKey: type: string description: The public key associated with the address. type: $ref: '#/components/schemas/WalletAddressType' CustomFieldValidValue: type: object required: - label properties: label: $ref: '#/components/schemas/NonEmptyStringWith255MaxLengthAndSpecialChars' key: $ref: '#/components/schemas/NonEmptyStringWith255MaxLengthAndSpecialChars' TurnkeyWalletProperties: deprecated: true type: object properties: turnkeySubOrganizationId: allOf: - $ref: '#/components/schemas/uuid' deprecated: true turnkeyPrivateKeyId: allOf: - $ref: '#/components/schemas/uuid' deprecated: true turnkeyHDWalletId: allOf: - $ref: '#/components/schemas/uuid' deprecated: true isAuthenticatorAttached: type: boolean description: >- Whether or not the wallet has an authenticator (passkey, api key, etc) attached to it. turnkeyUserId: allOf: - $ref: '#/components/schemas/uuid' deprecated: true isSessionKeyCompatible: description: Whether this wallet supports session key operations type: boolean version: $ref: '#/components/schemas/EmbeddedWalletVersionEnum' ecdsaProviderType: $ref: '#/components/schemas/ecdsaValidatorOptions' entryPointVersion: $ref: '#/components/schemas/ProviderEntryPointVersionEnum' kernelVersion: $ref: '#/components/schemas/ProviderKernelVersionEnum' HardwareWalletProperties: type: object properties: hardwareWallet: $ref: '#/components/schemas/HardwareWalletEnum' CoinbaseMpcWalletProperties: deprecated: true type: object properties: claimed: type: boolean description: Dynamic pregenerated this wallet and stored the passcode source: $ref: '#/components/schemas/PasswordSourceTypeEnum' SmartWalletProperties: type: object properties: entryPointVersion: $ref: '#/components/schemas/ProviderEntryPointVersionEnum' kernelVersion: $ref: '#/components/schemas/ProviderKernelVersionEnum' ecdsaProviderType: $ref: '#/components/schemas/ecdsaValidatorOptions' WaasWalletProperties: type: object properties: keyShares: description: >- List of key share information for the primary share set (the one this auth principal signs with). type: array items: $ref: '#/components/schemas/WalletKeyShareInfo' thresholdSignatureScheme: $ref: '#/components/schemas/ThresholdSignatureScheme' derivationPath: type: string description: The derivation path for the wallet settings: $ref: '#/components/schemas/WaasWalletSettings' shareSetId: type: string format: uuid description: >- Identifier of the primary share set (the one whose `keyShares`, `thresholdSignatureScheme`, `derivationPath`, and `settings` are inlined at the top level). Browser context: rootUser. Delegated-server context: delegated. shareSetType: $ref: '#/components/schemas/WaasWalletShareSetType' otherShareSets: type: array description: >- All other active share sets that exist on this wallet (i.e., owned by other auth principals). Returned for awareness so consumers can see, e.g., that a delegated share set is set up alongside their rootUser. Server-typed share sets are never exposed. items: $ref: '#/components/schemas/WaasShareSet' version: $ref: '#/components/schemas/EmbeddedWalletVersionEnum' WalletAddressType: type: string enum: - ordinals - payment - cosmos - evm - stellar - ton - midnight_unshielded - midnight_dust - midnight_shielded NonEmptyStringWith255MaxLengthAndSpecialChars: type: string pattern: ^(?=\S)[\p{L}\p{N}a-zA-Z _.,:!?&%@\/+\-'()\[\]*]+(?<=\S)$ maxLength: 255 example: An example name EmbeddedWalletVersionEnum: type: string enum: - V1 - V2 - V3 ecdsaValidatorOptions: type: string enum: - zerodev_signer_to_ecdsa - zerodev_multi_chain ProviderEntryPointVersionEnum: type: string enum: - v6 - v7 ProviderKernelVersionEnum: type: string enum: - v2_4 - v3_0 - v3_1 - v3_2 - v3_3 HardwareWalletEnum: type: string enum: - ledger PasswordSourceTypeEnum: type: string enum: - dynamic - user WalletKeyShareInfo: type: object required: - id - backupLocation - passwordEncrypted properties: id: $ref: '#/components/schemas/uuid' backupLocation: description: >- Where this key share is stored (e.g. "user", "dynamic", "googleDrive", "iCloud") type: string passwordEncrypted: description: >- Whether this key share is additionally encrypted with a user-provided password type: boolean walletShareDeveloperKeyEncrypted: description: >- Whether this key share is encrypted with the developer's encryption public key type: boolean externalKeyShareId: $ref: '#/components/schemas/uuid' keygenId: description: Identifier of the key generation ceremony that produced this share type: string ThresholdSignatureScheme: type: string enum: - TWO_OF_TWO - TWO_OF_THREE - THREE_OF_FIVE WaasWalletSettings: type: object properties: hasDeniedDelegatedAccess: description: Whether the user has denied delegated access for this wallet type: boolean shouldRefreshOnNextSignOn: description: Whether to refresh wallet key shares on the user's next sign-on type: boolean reshareOnNextSignOn: $ref: '#/components/schemas/ThresholdSignatureScheme' revokeOnNextSignOn: description: Whether to revoke delegated access on the user's next sign-on type: boolean WaasWalletShareSetType: type: string enum: - delegated - rootUser - server - businessAccountUser description: The role this share set plays for the wallet WaasShareSet: type: object required: - shareSetId - shareSetType - thresholdSignatureScheme - createdAt properties: shareSetId: type: string format: uuid description: Identifier of the share set (WaasWallets row id). shareSetType: $ref: '#/components/schemas/WaasWalletShareSetType' thresholdSignatureScheme: $ref: '#/components/schemas/ThresholdSignatureScheme' createdAt: type: string format: date-time description: Timestamp when this share set was created. responses: BadRequest: description: Bad Request content: application/json: schema: $ref: '#/components/schemas/BadRequest' UnprocessableEntity: description: Unprocessable Entity content: application/json: schema: $ref: '#/components/schemas/UnprocessableEntity' InternalServerError: description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/InternalServerError' securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT ````