import { AxiosRequestConfig, AxiosResponse, AxiosInstance } from 'axios';
import { IAxiosRetryConfig } from 'axios-retry';
import { Reader } from 'properties-reader';

type ResourceConfig = {
    apiVersion?: string;
};
type RetryNothingStrategy = 'nothing';
type RetryNetworkStrategy = 'network';
type RetryEverythingStrategy = 'everything';
type RetryStrategy = RetryNothingStrategy | RetryNetworkStrategy | RetryEverythingStrategy;

interface NoIdObjectSkeletonInterface {
    _rev?: string;
    [k: string]: string | number | boolean | string[] | IdObjectSkeletonInterface | object | undefined;
}
interface IdObjectSkeletonInterface extends NoIdObjectSkeletonInterface {
    _id?: string;
}
interface AmConfigEntityInterface extends IdObjectSkeletonInterface {
    _type?: EntityType;
}
type Readable<Type> = Type;
type Writable<Type> = {
    inherited: boolean;
    value?: Type;
};
type PagedResult<Type> = {
    result: Type[];
    resultCount: number;
    pagedResultsCookie: string;
    totalPagedResultsPolicy: 'EXACT' | 'NONE';
    totalPagedResults: number;
    remainingPagedResults: number;
};
type EntityType = IdObjectSkeletonInterface & {
    name: string;
    collection: boolean;
};
type SearchTargetOperator = 'AND' | 'EQUALS' | 'CONTAINS' | 'ALL' | 'OR' | 'STARTS_WITH' | 'ENDS_WITH' | 'EXISTS' | 'GTE' | 'GT' | 'LTE' | 'LT' | 'NOT';
interface SearchTargetFilterOperation {
    operator: SearchTargetOperator;
    operand: SearchTargetFilterOperation[] | {
        targetName: string;
        targetValue: string | number | boolean;
    };
}
type Metadata = {
    modifiedDate: string;
    createdDate: string;
};
/**
 * See {@link https://backstage.forgerock.com/docs/idm/7.5/crest/crest-patch.html}.
 */
interface PatchOperationInterface {
    operation: 'add' | 'copy' | 'increment' | 'move' | 'remove' | 'replace' | 'transform';
    field: string;
    value?: any;
    from?: string;
}

interface FeatureInterface extends IdObjectSkeletonInterface {
    installedVersion: string;
    availableVersions: string[];
}

type CallbackType = 'NameCallback' | 'PasswordCallback' | 'TextInputCallback' | 'HiddenValueCallback' | 'SelectIdPCallback';
type CallbackKeyValuePair = {
    name: string;
    value: any;
};
type Callback = {
    type: CallbackType;
    output: CallbackKeyValuePair[];
    input: CallbackKeyValuePair[];
};
type CallbackHandler = (callback: Callback) => Callback;

type AuthenticateSuccessResponse = {
    tokenId: string;
    successUrl: string;
    realm: string;
};

type Jose = {
    createJwkRsa(): Promise<JwkRsa>;
    getJwkRsaPublic(jwkJson: JwkRsa): Promise<JwkRsaPublic>;
    createJwks(...keys: JwkInterface[]): JwksInterface;
    createSignedJwtToken(payload: string | object, jwkJson: JwkRsa): Promise<any>;
    verifySignedJwtToken(jwt: string, jwkJson: JwkRsaPublic): Promise<any>;
};
interface JwkInterface {
    kty: string;
    use?: string;
    key_ops?: string[];
    alg: string;
    kid?: string;
    x5u?: string;
    x5c?: string;
    x5t?: string;
    'x5t#S256'?: string;
}
type JwkRsa = JwkInterface & {
    d: string;
    dp: string;
    dq: string;
    e: string;
    n: string;
    p: string;
    q: string;
    qi: string;
};
type JwkRsaPublic = JwkInterface & {
    e: string;
    n: string;
};
interface JwksInterface {
    keys: JwkInterface[];
}

type AccessTokenResponseType = {
    access_token: string;
    id_token?: string;
    scope: string;
    token_type: string;
    expires_in: number;
};
type TokenInfoResponseType = {
    sub: string;
    cts: string;
    auditTrackingId: string;
    subname: string;
    iss: string;
    tokenName: string;
    token_type: string;
    authGrantId: string;
    access_token: string;
    aud: string;
    nbf: number;
    grant_type: string;
    scope: string[];
    auth_time: number;
    sessionToken?: string;
    realm: string;
    exp: number;
    iat: number;
    expires_in: number;
    jti: string;
    [k: string]: string | number | string[];
};

type AccessTokenMetaType = AccessTokenResponseType & {
    expires: number;
    from_cache?: boolean;
};
type OAuth2Oidc = {
    authorize(amBaseUrl: string, data: string, config: AxiosRequestConfig): Promise<AxiosResponse<any, any>>;
    accessToken(amBaseUrl: string, data: any, config: AxiosRequestConfig): Promise<AccessTokenMetaType>;
    accessTokenRfc7523AuthZGrant(clientId: string, jwt: string, scope: string[], config?: AxiosRequestConfig): Promise<AccessTokenMetaType>;
    getTokenInfo(amBaseUrl: string, config: AxiosRequestConfig): Promise<TokenInfoResponseType>;
    clientCredentialsGrant(amBaseUrl: string, clientId: string, clientSecret: string, scope: string): Promise<AccessTokenMetaType>;
};

type Authenticate = {
    /**
     * Get tokens and store them in State
     * @param {boolean} forceLoginAsUser true to force login as user even if a service account or Amster account is available (default: false)
     * @param {boolean} autoRefresh true to automatically refresh tokens before they expire (default: true)
     * @param {string[]} types Array of supported deployment types. The function will throw an error if an unsupported type is detected (default: ['classic', 'cloud', 'forgeops'])
     * @param {CallbackHandler} callbackHandler function allowing the library to collect responses from the user through callbacks
     * @returns {Promise<Tokens>} object containing the tokens
     */
    getTokens(forceLoginAsUser?: boolean, autoRefresh?: boolean, types?: string[], callbackHandler?: CallbackHandler): Promise<Tokens>;
};
type UserSessionMetaType = AuthenticateSuccessResponse & {
    expires: number;
    from_cache?: boolean;
};
type Tokens = {
    bearerToken?: AccessTokenMetaType;
    userSessionToken?: UserSessionMetaType;
    pfBearerToken?: AccessTokenMetaType;
    subject?: string;
    host?: string;
    realm?: string;
};

type ProgressIndicatorType = 'determinate' | 'indeterminate';
type ProgressIndicatorStatusType = 'none' | 'success' | 'warn' | 'fail';

type State = {
    /**
     * Get a clone of the full state as an object
     * @returns a clone of the state
     */
    getState(): StateInterface;
    /**
     * Set the AM host base URL
     * @param host Access Management base URL, e.g.: https://cdk.iam.example.com/am. To use a connection profile, just specify a unique substring or alias.
     */
    setHost(host: string): void;
    /**
     * Get the AM host base URL
     * @returns the AM host base URL
     */
    getHost(): string;
    /**
     * Set the IDM host base URL
     * @param host Identity Management base URL, e.g.: https://cdk.iam.example.com/openidm. To use a connection profile, just specify a unique substring or alias.
     */
    setIdmHost(host: string): void;
    /**
     * Get the IDM host base URL
     * @returns the IDM host base URL
     */
    getIdmHost(): string;
    setAlias(alias: string): void;
    getAlias(): string | undefined;
    setUsername(username: string): void;
    getUsername(): string;
    setPassword(password: string): void;
    getPassword(): string;
    setRealm(realm: string): void;
    getRealm(): string;
    setUseRealmPrefixOnManagedObjects(useRealmPrefixOnManagedObjects: boolean): void;
    getUseRealmPrefixOnManagedObjects(): boolean;
    setDeploymentType(type: string): void;
    getDeploymentType(): string;
    setIsIGA(isIGA: boolean): void;
    getIsIGA(): boolean | undefined;
    setIsPingFed(isPingFed: boolean): void;
    getIsPingFed(): boolean | undefined;
    setAdminClientId(type: string): void;
    getAdminClientId(): string;
    setAdminClientRedirectUri(type: string): void;
    getAdminClientRedirectUri(): string;
    setAllowInsecureConnection(allowInsecureConnection: boolean): void;
    getAllowInsecureConnection(): boolean;
    setCookieName(name: string): void;
    getCookieName(): string;
    setUserSessionTokenMeta(value: UserSessionMetaType): void;
    getCookieValue(): string;
    getUserSessionTokenMeta(): UserSessionMetaType;
    setFeatures(features: FeatureInterface[]): void;
    getFeatures(): FeatureInterface[];
    setAuthenticationHeaderOverrides(overrides: Record<string, string>): void;
    getAuthenticationHeaderOverrides(): Record<string, string>;
    setAuthenticationService(service: string): void;
    getAuthenticationService(): string;
    setConfigurationHeaderOverrides(overrides: Record<string, string>): void;
    getConfigurationHeaderOverrides(): Record<string, string>;
    setServiceAccountId(uuid: string): void;
    getServiceAccountId(): string;
    setServiceAccountJwk(jwk: JwkRsa): void;
    getServiceAccountJwk(): JwkRsa;
    setServiceAccountScope(scope: string): void;
    getServiceAccountScope(): string;
    setAmsterPrivateKey(key: string): void;
    getAmsterPrivateKey(): string;
    setUseBearerTokenForAmApis(useBearerTokenForAmApis: boolean): void;
    getUseBearerTokenForAmApis(): boolean;
    setBearerTokenMeta(token: AccessTokenMetaType): void;
    getBearerToken(): string;
    getBearerTokenMeta(): AccessTokenMetaType;
    setPfBearerTokenMeta(token: AccessTokenMetaType): void;
    getPfBearerToken(): string;
    getPfBearerTokenMeta(): AccessTokenMetaType;
    setLogApiKey(key: string): void;
    getLogApiKey(): string;
    setLogApiSecret(secret: string): void;
    getLogApiSecret(): string;
    setAmVersion(version: string): void;
    getAmVersion(): string;
    setFrodoVersion(version: string): void;
    getFrodoVersion(): string;
    setConnectionProfilesPath(path: string): void;
    getConnectionProfilesPath(): string;
    setUseTokenCache(useTokenCache: boolean): void;
    getUseTokenCache(): boolean;
    setTokenCachePath(path: string): void;
    getTokenCachePath(): string;
    setMasterKeyPath(path: string): void;
    getMasterKeyPath(): string;
    setOutputFile(file: string): void;
    getOutputFile(): string;
    setDirectory(directory: string): void;
    getDirectory(): string;
    setAutoRefreshTimer(timer: NodeJS.Timeout): void;
    getAutoRefreshTimer(): NodeJS.Timeout;
    setCurlirizeHandler(handler: (message: string) => void): void;
    getCurlirizeHandler(): (message: string) => void;
    setCurlirize(curlirize: boolean): void;
    getCurlirize(): boolean;
    setCreateProgressHandler(handler: (type: ProgressIndicatorType, total?: number, message?: string) => string): void;
    getCreateProgressHandler(): (type: ProgressIndicatorType, total?: number, message?: string) => string;
    setUpdateProgressHandler(handler: (id: string, message: string) => void): void;
    getUpdateProgressHandler(): (id: string, message: string) => void;
    setStopProgressHandler(handler: (id: string, message: string, status?: ProgressIndicatorStatusType) => void): void;
    getStopProgressHandler(): (id: string, message: string, status?: ProgressIndicatorStatusType) => void;
    setPrintHandler(handler: (message: string | object, type?: string, newline?: boolean) => void): void;
    getPrintHandler(): (message: string | object, type?: string, newline?: boolean) => void;
    setErrorHandler(handler: (error: Error, message?: string) => void): void;
    getErrorHandler(): (error: Error, message?: string) => void;
    setVerboseHandler(handler: (message: string | object) => void): void;
    getVerboseHandler(): (message: string | object) => void;
    setVerbose(verbose: boolean): void;
    getVerbose(): boolean;
    setDebugHandler(handler: (message: string | object) => void): void;
    getDebugHandler(): (message: string | object) => void;
    setDebug(debug: boolean): void;
    getDebug(): boolean;
    getAxiosRetryConfig(): IAxiosRetryConfig;
    setAxiosRetryConfig(axiosRetryConfig: IAxiosRetryConfig): void;
    setAxiosRetryStrategy(strategy: RetryStrategy): void;
    /**
     * Reset the state to default values
     */
    reset(): void;
    /**
     * @deprecated since v0.17.0 use `setHost(host: string)` instead
     */
    setTenant(tenant: string): void;
    /**
     * @deprecated since v0.17.0 use `getHost` instead
     */
    getTenant(): string;
};
interface StateInterface {
    host?: string;
    idmHost?: string;
    alias?: string;
    username?: string;
    password?: string;
    realm?: string;
    useRealmPrefixOnManagedObjects?: boolean;
    deploymentType?: string;
    isIGA?: boolean;
    isPingFed?: boolean;
    adminClientId?: string;
    adminClientRedirectUri?: string;
    allowInsecureConnection?: boolean;
    authenticationHeaderOverrides?: Record<string, string>;
    authenticationService?: string;
    configurationHeaderOverrides?: Record<string, string>;
    cookieName?: string;
    userSessionToken?: UserSessionMetaType;
    features?: FeatureInterface[];
    serviceAccountId?: string;
    serviceAccountJwk?: JwkRsa;
    serviceAccountScope?: string;
    amsterPrivateKey?: string;
    useBearerTokenForAmApis?: boolean;
    bearerToken?: AccessTokenMetaType;
    pfBearerToken?: AccessTokenMetaType;
    logApiKey?: string;
    logApiSecret?: string;
    amVersion?: string;
    frodoVersion?: string;
    connectionProfilesPath?: string;
    useTokenCache?: boolean;
    tokenCachePath?: string;
    masterKeyPath?: string;
    outputFile?: string;
    directory?: string;
    autoRefreshTimer?: NodeJS.Timeout;
    printHandler?: (message: string | object, type?: string, newline?: boolean) => void;
    errorHandler?: (error: Error, message: string) => void;
    verboseHandler?: (message: string | object) => void;
    verbose?: boolean;
    debugHandler?: (message: string | object) => void;
    debug?: boolean;
    curlirizeHandler?: (message: string) => void;
    curlirize?: boolean;
    createProgressHandler?: (type: ProgressIndicatorType, total?: number, message?: string) => string;
    updateProgressHandler?: (id: string, message: string) => void;
    stopProgressHandler?: (id: string, message: string, status?: string) => void;
    axiosRetryConfig?: IAxiosRetryConfig;
}

type OAuth2ClientSkeleton = AmConfigEntityInterface & {
    overrideOAuth2ClientConfig?: {
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    advancedOAuth2ClientConfig?: {
        descriptions: {
            inherited: boolean;
            value: string[];
        };
        grantTypes?: Readable<string[]> | Writable<string[]>;
        isConsentImplied?: Readable<boolean> | Writable<boolean>;
        tokenEndpointAuthMethod?: Readable<string> | Writable<string>;
        responseTypes?: Readable<string[]> | Writable<string[]>;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    signEncOAuth2ClientConfig?: {
        jwkSet?: Readable<string> | Writable<string>;
        publicKeyLocation?: Readable<string> | Writable<string>;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    coreOpenIDClientConfig?: {
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    coreOAuth2ClientConfig?: {
        userpassword?: string;
        clientName?: Readable<string[]> | Writable<string[]>;
        clientType?: Readable<string> | Writable<string>;
        accessTokenLifetime?: Readable<number> | Writable<number>;
        scopes?: Readable<string[]> | Writable<string[]>;
        defaultScopes?: {
            value: string[];
            [k: string]: string | number | boolean | string[] | object | undefined;
        };
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    coreUmaClientConfig?: {
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
};

type OAuth2TrustedJwtIssuerSkeleton = IdObjectSkeletonInterface & {
    allowedSubjects?: Readable<string[]> | Writable<string[]>;
    jwksCacheTimeout?: Readable<number> | Writable<number>;
    jwkSet?: Readable<string> | Writable<string>;
    consentedScopesClaim?: Readable<string> | Writable<string>;
    issuer: Readable<string> | Writable<string>;
    jwkStoreCacheMissCacheTime?: Readable<number> | Writable<number>;
    resourceOwnerIdentityClaim?: Readable<string> | Writable<string>;
    jwksUri?: Readable<string> | Writable<string>;
    _type: {
        _id: 'TrustedJwtIssuer';
        name: 'OAuth2 Trusted JWT Issuer';
        collection: true;
    };
};

type Admin = {
    generateRfc7523AuthZGrantArtefacts(clientId: string, iss: string, jwk?: JwkRsa, sub?: string, scope?: string[], options?: {
        save: boolean;
    }): Promise<{
        jwk: JwkRsa;
        jwks: JwksInterface;
        client: OAuth2ClientSkeleton;
        issuer: OAuth2TrustedJwtIssuerSkeleton;
    }>;
    executeRfc7523AuthZGrantFlow(clientId: string, iss: string, jwk: JwkRsa, sub: string, scope?: string[]): Promise<AccessTokenResponseType>;
    generateRfc7523ClientAuthNArtefacts(clientId: string, aud?: string, jwk?: JwkRsa, options?: {
        save: boolean;
    }): Promise<{
        jwk: JwkRsa;
        jwks: JwksInterface;
        jwt: any;
        client: OAuth2ClientSkeleton;
    }>;
    trainAA(apiKey: string, apiSecret: string, customUsernames?: string[], customUserAgents?: string[], customIPs?: string[], loginsPerUser?: number, service?: string): Promise<void>;
};

type PolicyAgentType = '2.2_Agent';
type GatewayAgentType = 'IdentityGatewayAgent';
type JavaAgentType = 'J2EEAgent';
type OAuth2ClientType = 'OAuth2Client';
type OAuth2ThingType = 'OAuth2Thing';
type RemoteConsentAgentType = 'RemoteConsentAgent';
type SharedAgentType = 'SharedAgent';
type SoapSTSAgentType = 'SoapSTSAgent';
type SoftwarePublisherType = 'SoftwarePublisher';
type WebAgentType = 'WebAgent';
type AIAgentType = 'AIAgent';
type AgentType = PolicyAgentType | GatewayAgentType | JavaAgentType | OAuth2ClientType | OAuth2ThingType | RemoteConsentAgentType | SharedAgentType | SoapSTSAgentType | SoftwarePublisherType | WebAgentType | AIAgentType | EntityType;
type AgentSkeleton = AmConfigEntityInterface;
type AgentGroupSkeleton = AmConfigEntityInterface;

declare class FrodoError extends Error {
    originalErrors: Error[];
    isHttpError: boolean;
    httpCode: string;
    httpStatus: number;
    httpMessage: string;
    httpDetail: string;
    httpErrorText: string;
    httpErrorReason: string;
    httpDescription: string;
    constructor(message: string, originalErrors?: Error | Error[]);
    getOriginalErrors(): Error[];
    getCombinedMessage(level?: number): string;
    toString(): string;
}

interface ExportMetaData {
    origin: string;
    originAmVersion: string;
    exportedBy: string;
    exportDate: string;
    exportTool: string;
    exportToolVersion: string;
}
type ResultCallback<R> = (error?: FrodoError, result?: R) => void;

type Agent = {
    /**
     * Read all agent types.
     * @returns {Promise<AgentType[]>} a promise that resolves to an array of agent type strings
     */
    readAgentTypes(): Promise<AgentType[]>;
    /**
     * Read agent by type and id
     * @param {string} agentType agent type (IdentityGatewayAgent, J2EEAgent, WebAgent)
     * @param {string} agentId agent id/name
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an agent object
     */
    readAgentByTypeAndId(agentType: AgentType, agentId: string): Promise<AgentSkeleton>;
    /**
     * Read all agents.
     * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of agent objects
     */
    readAgents(globalConfig: boolean): Promise<AgentSkeleton[]>;
    /**
     * Read agent
     * @param {string} agentId agent id/name
     * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an agent object
     */
    readAgent(agentId: string, globalConfig: boolean): Promise<AgentSkeleton>;
    /**
     * Delete all agents
     */
    deleteAgents(): Promise<void>;
    /**
     * Delete agent
     * @param agentId agent id/name
     */
    deleteAgent(agentId: string): Promise<void>;
    /**
     * Export all agents. The response can be saved to file as is.
     * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportAgents(globalConfig: boolean): Promise<AgentExportInterface>;
    /**
     * Export agent. The response can be saved to file as is.
     * @param agentId agent id/name
     * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportAgent(agentId: string, globalConfig: boolean): Promise<AgentExportInterface>;
    /**
     * Import agents. The import data is usually read from an agent export file.
     * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false.
     * @param {AgentExportInterface} importData agent import data.
     * @returns {Promise<AgentSkeleton[]>} The agents that were imported.
     */
    importAgents(importData: AgentExportInterface, globalConfig: boolean): Promise<AgentSkeleton[]>;
    /**
     * Import agent. The import data is usually read from an agent export file.
     * @param {string} agentId agent id/name
     * @param {AgentExportInterface} importData agent import data.
     * @param {boolean} globalConfig true if global agent is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object.
     */
    importAgent(agentId: string, importData: AgentExportInterface, globalConfig: boolean): Promise<AgentSkeleton>;
    /**
     * Read identity gateway agents
     * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of IdentityGatewayAgent objects
     */
    readIdentityGatewayAgents(): Promise<AgentSkeleton[]>;
    /**
     * Read identity gateway agent
     * @param {string} gatewayId gateway id
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an IdentityGatewayAgent object
     */
    readIdentityGatewayAgent(gatewayId: string): Promise<AgentSkeleton>;
    /**
     * Create identity gateway agent
     * @param {string} gatewayId gateway id
     * @param {AgentSkeleton} gatewayData IdentityGatewayAgent object
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an IdentityGatewayAgent object
     */
    createIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise<AgentSkeleton>;
    /**
     * Update or create identity gateway agent
     * @param {string} gatewayId gateway id
     * @param {AgentSkeleton} gatewayData IdentityGatewayAgent object
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an IdentityGatewayAgent object
     */
    updateIdentityGatewayAgent(gatewayId: string, gatewayData: AgentSkeleton): Promise<AgentSkeleton>;
    /**
     * Delete all identity gateway agents
     */
    deleteIdentityGatewayAgents(): Promise<void>;
    /**
     * Delete identity gateway agent
     * @param agentId agent id/name
     */
    deleteIdentityGatewayAgent(agentId: string): Promise<void>;
    /**
     * Export all identity gateway agents. The response can be saved to file as is.
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportIdentityGatewayAgents(): Promise<AgentExportInterface>;
    /**
     * Export identity gateway agent. The response can be saved to file as is.
     * @param agentId agent id/name
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportIdentityGatewayAgent(agentId: string): Promise<AgentExportInterface>;
    /**
     * Import identity gateway agents. The import data is usually read from an agent export file.
     * @param {AgentExportInterface} importData agent import data.
     */
    importIdentityGatewayAgents(importData: AgentExportInterface): Promise<void>;
    /**
     * Import identity gateway agent. The import data is usually read from an agent export file.
     * @param {string} agentId agent id/name
     * @param {AgentExportInterface} importData agent import data.
     * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object.
     */
    importIdentityGatewayAgent(agentId: string, importData: AgentExportInterface): Promise<AgentSkeleton>;
    /**
     * Read java agents
     * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of J2EEAgent objects
     */
    readJavaAgents(): Promise<AgentSkeleton[]>;
    /**
     * Read java agent
     * @param {string} agentId java agent id
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an J2EEAgent object
     */
    readJavaAgent(agentId: string): Promise<AgentSkeleton>;
    /**
     * Create java agent
     * @param {string} agentId java agent id
     * @param {AgentSkeleton} agentData java agent object
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an java agent object
     */
    createJavaAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>;
    /**
     * Update or create java agent
     * @param {string} agentId java agent id
     * @param {AgentSkeleton} agentData java agent object
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an java agent object
     */
    updateJavaAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>;
    /**
     * Delete all java agents
     */
    deleteJavaAgents(): Promise<void>;
    /**
     * Delete java agent
     * @param agentId agent id/name
     */
    deleteJavaAgent(agentId: string): Promise<void>;
    /**
     * Export all java agents. The response can be saved to file as is.
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportJavaAgents(): Promise<AgentExportInterface>;
    /**
     * Export java agent. The response can be saved to file as is.
     * @param agentId agent id/name
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportJavaAgent(agentId: string): Promise<AgentExportInterface>;
    /**
     * Import java agents. The import data is usually read from an agent export file.
     * @param {AgentExportInterface} importData agent import data.
     */
    importJavaAgents(importData: AgentExportInterface): Promise<void>;
    /**
     * Import java agent. The import data is usually read from an agent export file.
     * @param {string} agentId agent id/name
     * @param {AgentExportInterface} importData agent import data.
     * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object.
     */
    importJavaAgent(agentId: string, importData: AgentExportInterface): Promise<AgentSkeleton>;
    /**
     * Read web agents
     * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of WebAgent objects
     */
    readWebAgents(): Promise<AgentSkeleton[]>;
    /**
     * Read web agent
     * @param {string} agentId web agent id
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an WebAgent object
     */
    readWebAgent(agentId: string): Promise<AgentSkeleton>;
    /**
     * Create web agent
     * @param {string} agentId web agent id
     * @param {AgentSkeleton} agentData WebAgent object
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an WebAgent object
     */
    createWebAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>;
    /**
     * Update or create web agent
     * @param {string} agentId web agent id
     * @param {AgentSkeleton} agentData WebAgent object
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an WebAgent object
     */
    updateWebAgent(agentId: string, agentData: AgentSkeleton): Promise<AgentSkeleton>;
    /**
     * Delete all web agents
     */
    deleteWebAgents(): Promise<void>;
    /**
     * Delete web agent
     * @param agentId agent id/name
     */
    deleteWebAgent(agentId: string): Promise<void>;
    /**
     * Export all web agents. The response can be saved to file as is.
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportWebAgents(): Promise<AgentExportInterface>;
    /**
     * Export web agent. The response can be saved to file as is.
     * @param agentId agent id/name
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportWebAgent(agentId: string): Promise<AgentExportInterface>;
    /**
     * Import web agents. The import data is usually read from an agent export file.
     * @param {AgentExportInterface} importData agent import data.
     */
    importWebAgents(importData: AgentExportInterface): Promise<void>;
    /**
     * Import web agent. The import data is usually read from an agent export file.
     * @param {string} agentId agent id/name
     * @param {AgentExportInterface} importData agent import data.
     * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object.
     */
    importWebAgent(agentId: string, importData: AgentExportInterface): Promise<AgentSkeleton>;
    /**
     * Read AI agents
     * @param {boolean} includeAgentIdentity whether to include related AI agent identity details
     * @returns {Promise<AgentSkeleton[]>} a promise that resolves to an array of AIAgent objects
     */
    readAIAgents(includeAgentIdentity?: boolean): Promise<AgentSkeleton[]>;
    /**
     * Read AI agent
     * @param {string} agentId AI agent id
     * @param {boolean} includeAgentIdentity whether to include related AI agent identity details
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an AIAgent object
     */
    readAIAgent(agentId: string, includeAgentIdentity?: boolean): Promise<AgentSkeleton>;
    /**
     * Create AI agent
     * @param {string} agentId AI agent id
     * @param {AgentSkeleton} agentData AIAgent object
     * @param {boolean} includeAgentIdentity whether to create related AI agent identity objects
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an AIAgent object
     */
    createAIAgent(agentId: string, agentData: AgentSkeleton, includeAgentIdentity?: boolean): Promise<AgentSkeleton>;
    /**
     * Update or create AI agent
     * @param {string} agentId AI agent id
     * @param {AgentSkeleton} agentData AIAgent object
     * @param {boolean} includeAgentIdentity whether to update related AI agent identity objects
     * @returns {Promise<AgentSkeleton>} a promise that resolves to an object containing an AIAgent object
     */
    updateAIAgent(agentId: string, agentData: AgentSkeleton, includeAgentIdentity?: boolean): Promise<AgentSkeleton>;
    /**
     * Delete all AI agents and their agent identity and privileges
     */
    deleteAIAgents(): Promise<void>;
    /**
     * Delete AI agent and agent identity and privileges
     * @param {string} agentId agent id/name
     */
    deleteAIAgent(agentId: string): Promise<void>;
    /**
     * Export all AI agents. The response can be saved to file as is.
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportAIAgents(): Promise<AgentExportInterface>;
    /**
     * Export AI agent. The response can be saved to file as is.
     * @param agentId agent id/name
     * @param {boolean} includeAgentIdentity whether to export related AI agent identity details
     * @returns {Promise<AgentExportInterface>} Promise resolving to an AgentExportInterface object.
     */
    exportAIAgent(agentId: string, includeAgentIdentity?: boolean): Promise<AgentExportInterface>;
    /**
     * Import AI agents. The import data is usually read from an agent export file.
     * @param {AgentExportInterface} importData agent import data.
     * @param {boolean} includeAgentIdentity whether to import related AI agent identity objects
     */
    importAIAgents(importData: AgentExportInterface, includeAgentIdentity?: boolean): Promise<void>;
    /**
     * Import AI agent. The import data is usually read from an agent export file.
     * @param {string} agentId agent id/name
     * @param {AgentExportInterface} importData agent import data.
     * @param {boolean} includeAgentIdentity whether to import related AI agent identity objects
     * @returns {Promise<AgentSkeleton>} Promise resolving to an agent object.
     */
    importAIAgent(agentId: string, importData: AgentExportInterface, includeAgentIdentity?: boolean): Promise<AgentSkeleton>;
    /**
     * Read agent group by id
     * @param {string} groupId Group id
     * @returns {Promise<AgentGroupSkeleton>} a promise that resolves to a agent group object
     */
    readAgentGroup(groupId: string): Promise<AgentGroupSkeleton>;
    /**
     * Read all agent groups.
     * @returns {Promise<AgentGroupSkeleton[]>} a promise that resolves to an array of agent group objects
     */
    readAgentGroups(): Promise<AgentGroupSkeleton[]>;
    /**
     * Export a single agent group by id. The response can be saved to file as is.
     * @param {string} groupId Group id
     * @returns {Promise<AgentGroupExportInterface>} Promise resolving to a AgentGroupExportInterface object.
     */
    exportAgentGroup(groupId: string): Promise<AgentGroupExportInterface>;
    /**
     * Export all agent groups. The response can be saved to file as is.
     * @returns {Promise<AgentGroupExportInterface>} Promise resolving to a AgentGroupExportInterface object.
     */
    exportAgentGroups(): Promise<AgentGroupExportInterface>;
    /**
     * Import agents groups. The import data is usually read from an agent group export file.
     * @param {AgentExportInterface} importData agent import data.
     * @returns {Promise<AgentGroupSkeleton[]>} The agent groups that were imported.
     */
    importAgentGroups(importData: AgentGroupExportInterface): Promise<AgentGroupSkeleton[]>;
    /**
     * Import agent group. The import data is usually read from an agent group export file.
     * @param {string} agentGroupId agent group id/name
     * @param {AgentGroupExportInterface} importData agent group import data.
     * @returns {Promise<AgentGroupSkeleton>} Promise resolving to an agent group object.
     */
    importAgentGroup(agentGroupId: string, importData: AgentGroupExportInterface): Promise<AgentGroupSkeleton>;
    /**
     * Create an empty agent export template
     * @returns {AgentExportInterface} an empty agent export template
     */
    createAgentExportTemplate(): AgentExportInterface;
    /**
     * Create an empty agent group export template
     * @returns {AgentGroupExportInterface} an empty agent export template
     */
    createAgentGroupExportTemplate(): AgentGroupExportInterface;
};
interface AgentExportInterface {
    meta?: ExportMetaData;
    agent: Record<string, AgentSkeleton>;
}
interface AgentGroupExportInterface {
    meta?: ExportMetaData;
    agentGroup: Record<string, AgentGroupSkeleton>;
}

interface AmConfigEntitiesInterface {
    applicationTypes: AmConfigEntityInterface;
    authenticationChains: AmConfigEntityInterface;
    authenticationModules: AmConfigEntityInterface;
    authenticationTreesConfiguration: AmConfigEntityInterface;
    conditionTypes: AmConfigEntityInterface;
    decisionCombiners: AmConfigEntityInterface;
    secrets: AmConfigEntityInterface;
    serverInformation: AmConfigEntityInterface;
    serverVersion: AmConfigEntityInterface;
    subjectAttributes: AmConfigEntityInterface;
    subjectTypes: AmConfigEntityInterface;
    webhookService: AmConfigEntityInterface;
    wsEntity: AmConfigEntityInterface;
}
type ConfigSkeleton = {
    global: AmConfigEntitiesInterface;
    realm: Record<string, AmConfigEntitiesInterface>;
};

type AmConfig = {
    /**
     * Create an empty config entity export template
     * @returns {Promise<ConfigEntityExportInterface>} an empty config entity export template
     */
    createConfigEntityExportTemplate(realms?: string[]): Promise<ConfigEntityExportInterface$1>;
    /**
     * Export all other AM config entities
     * @param {boolean} includeReadOnly Include read only config in the export
     * @param {boolean} onlyRealm Export config only from the active realm. If onlyGlobal is also active, then it will also export the global config.
     * @param {boolean} onlyGlobal Export global config only. If onlyRealm is also active, then it will also export the active realm config.
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<ConfigEntityExportInterface>} promise resolving to a ConfigEntityExportInterface object
     */
    exportAmConfigEntities(includeReadOnly: boolean, onlyRealm: boolean, onlyGlobal: boolean, resultCallback?: ResultCallback<AmConfigEntityInterface>): Promise<ConfigEntityExportInterface$1>;
    /**
     * Import all other AM config entities
     * @param {ConfigEntityExportInterface} importData The config import data
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<ConfigSkeleton | null>} a promise that resolves to a config object containing global and realm config entities, or null if no import was performed
     */
    importAmConfigEntities(importData: ConfigEntityExportInterface$1, resultCallback?: ResultCallback<AmConfigEntityInterface>): Promise<ConfigSkeleton | null>;
};
interface ConfigEntityExportInterface$1 {
    meta?: ExportMetaData;
    global: Record<string, Record<string, AmConfigEntityInterface>>;
    realm: Record<string, Record<string, Record<string, AmConfigEntityInterface>>>;
}

type ApiFactory = {
    /**
     * Generates an AM Axios API instance
     * @param {ResourceConfig} resource Takes an object takes a resource object. example:
     * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either
     * add on extra information or override default properties https://github.com/axios/axios#request-config
     *
     * @returns {AxiosInstance} Returns a reaady to use Axios instance
     */
    generateAmApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance;
    /**
     * Generates an OAuth2 Axios API instance
     * @param {ResourceConfig} resource Takes a resource object. example:
     * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either
     * add on extra information or override default properties https://github.com/axios/axios#request-config
     *
     * @returns {AxiosInstance} Returns a reaady to use Axios instance
     */
    generateOauth2Api(resource: ResourceConfig, requestOverride?: AxiosRequestConfig, authenticate?: boolean): AxiosInstance;
    /**
     * Generates an IDM Axios API instance
     * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add
     * on extra information or override default properties https://github.com/axios/axios#request-config
     *
     * @returns {AxiosInstance} Returns a reaady to use Axios instance
     */
    generateIdmApi(requestOverride?: AxiosRequestConfig): AxiosInstance;
    /**
     * Generates a LogKeys API Axios instance
     * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add
     * on extra information or override default properties https://github.com/axios/axios#request-config
     *
     * @returns {AxiosInstance} Returns a reaady to use Axios instance
     */
    generateLogKeysApi(requestOverride?: AxiosRequestConfig): AxiosInstance;
    /**
     * Generates a Log API Axios instance
     * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add
     * on extra information or override default properties https://github.com/axios/axios#request-config
     *
     * @returns {AxiosInstance} Returns a reaady to use Axios instance
     */
    generateLogApi(requestOverride?: AxiosRequestConfig): AxiosInstance;
    /**
     * Generates an Axios instance for the Identity Cloud Environment API
     * @param {ResourceConfig} resource Resource config object.
     * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add
     * on extra information or override default properties https://github.com/axios/axios#request-config
     *
     * @returns {AxiosInstance} Returns a reaady to use Axios instance
     */
    generateEnvApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance;
    /**
     * Generates an Axios instance for the Identity Cloud Governance API
     * @param {ResourceConfig} resource Resource config object.
     * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add
     * on extra information or override default properties https://github.com/axios/axios#request-config
     *
     * @returns {AxiosInstance} Returns a reaady to use Axios instance
     */
    generateGovernanceApi(resource: ResourceConfig, requestOverride?: AxiosRequestConfig): AxiosInstance;
    /**
     * Generates a release (Github or Npm) Axios API instance
     * @param {string} baseUrl Base URL for the request
     * @param {AxiosRequestConfig} requestOverride Takes an object of AXIOS parameters that can be used to either add
     * on extra information or override default properties https://github.com/axios/axios#request-config
     *
     * @returns {AxiosInstance} Returns a reaady to use Axios instance
     */
    generateReleaseApi(baseUrl: string, requestOverride?: AxiosRequestConfig): AxiosInstance;
};

type CircleOfTrustSkeleton = AmConfigEntityInterface & {
    status?: string;
    trustedProviders?: string[];
};

type GlossaryObjectType = '/openidm/managed/role' | '/openidm/managed/assignment' | '/openidm/managed/application' | '/iga/governance/account';
type GlossaryItemType = 'string' | 'integer' | 'float' | 'boolean' | 'date' | 'managedObject';
type GlossaryManagedObjectType = '/openidm/managed/user' | '/openidm/managed/role' | '/openidm/managed/organization' | null;
interface GlossarySchemaItemSkeleton<T extends string | number> {
    name: string;
    id: string;
    description: string;
    displayName: string;
    type: GlossaryItemType;
    objectType: GlossaryObjectType;
    isMultiValue: boolean;
    enumeratedValues: {
        text: T;
        value: T;
    }[];
    managedObjectType?: GlossaryManagedObjectType;
    searchable: boolean;
    allowedValues: T[];
    isInternal?: boolean;
    isIndexed?: boolean;
    metadata?: Metadata;
}
type GlossarySkeleton = Record<string, string | boolean | number | string[] | number[]>;

type RequestFormType = 'lcmRequest' | 'request' | 'applicationRequest';
type RequestFormOperationType = 'create' | 'update' | 'delete';
type Field = TextField | TextAreaField | CheckboxField | SelectField | MultiSelectField | DateField | FormTextField | SectionField;
type FieldType = 'string' | 'textarea' | 'checkbox' | 'select' | 'multiselect' | 'date' | 'section' | 'formText';
type SelectFieldObjectType = 'entitlement' | 'application' | 'organization' | 'role' | 'user';
interface RequestFormEvent {
    type?: 'script';
    script?: string | string[];
}
interface FieldRow {
    id: string;
    fields: Field[];
}
interface RequestFormField {
    id: string;
    type: FieldType;
    customSlot: 'formText' | false;
    validation: {
        required?: boolean;
        regex?: {
            pattern?: string;
            message?: string;
        };
    };
    layout: {
        columns: number;
        offset: number;
    };
}
interface CustomFormField extends RequestFormField {
    model: string;
    label: string;
    description?: string;
    readOnly: boolean;
    onChangeEvent: RequestFormEvent;
}
interface TextField extends CustomFormField {
    defaultValue: string;
}
interface TextAreaField extends TextField {
}
interface CheckboxField extends CustomFormField {
    defaultValue: boolean;
}
interface SelectField extends CustomFormField {
    options: {
        object: SelectFieldObjectType;
        queryFilter?: string;
    } | {
        value: string;
        label: string;
        selectedByDefault?: boolean;
    }[];
}
interface MultiSelectField extends SelectField {
}
interface DateField extends CustomFormField {
}
interface FormTextField extends RequestFormField {
    formText: string;
}
interface SectionField extends RequestFormField {
    model: string;
    header: string;
    footer: string;
    fields: FieldRow[];
}
interface RequestFormForm {
    fields?: FieldRow[];
    events?: {
        onLoad?: RequestFormEvent;
    };
}
interface RequestFormSkeleton {
    name: string;
    type: RequestFormType;
    id: string;
    description: string;
    categories: {
        applicationType: string | null;
        objectType: string | null;
        operation: RequestFormOperationType;
        lcmType?: string | null;
        requestType?: string;
    };
    form: RequestFormForm;
    _rev?: number;
    metadata?: Metadata;
    assignments?: RequestFormAssignment[];
}
interface RequestFormAssignment {
    formId: string;
    /**
     * objectId looks different depending on the request form type, but uses data from the categories if it's the first assignment:
     *
     * Applications: application/<applicationType>/<objectType>/<operation>
     * LCM: lcm/<lcmType>/<operation>
     * Custom Request: requestType/<requestType>
     */
    objectId: string;
    metadata?: Metadata;
}

type PropertyType = 'text' | 'boolean' | 'object' | 'number';
interface RequestTypeProperty {
    isRequired: boolean;
    isInternal?: boolean;
    isChangable?: boolean;
    isMultiValue?: boolean;
    lookup?: {
        path: string;
        query: string;
    };
    display?: {
        name: string;
        isVisible: boolean;
        order?: number;
        description?: string;
    };
    text?: {
        defaultValue: string;
    };
}
interface RequestTypeSchema {
    _meta: {
        type: string;
        display?: string;
        displayName?: string;
        properties: Record<string, RequestTypeProperty>;
    };
    properties: Record<string, {
        type: PropertyType;
    }>;
}
interface RequestTypeSchemas {
    common?: (string | RequestTypeSchema)[];
    entitlement?: (string | RequestTypeSchema)[];
    user?: (string | RequestTypeSchema)[];
    entity?: (string | RequestTypeSchema)[];
    custom?: (string | RequestTypeSchema)[];
}
interface RequestTypeSkeleton {
    id: string;
    _rev?: number;
    displayName: string;
    description?: string;
    notModifiableProperties?: string[];
    workflow?: {
        id?: string | null;
        type?: string;
    };
    schemas?: RequestTypeSchemas;
    custom?: boolean;
    validation?: null | {
        source?: string | string[];
    };
    uniqueKeys?: string[];
    metadata?: Metadata;
    customValidation?: null | {
        source?: string | string[];
    };
}

type Saml2ProiderLocation = 'hosted' | 'remote';
type Saml2ProviderStub = IdObjectSkeletonInterface & {
    entityId: string;
    location: Saml2ProiderLocation;
    roles: string[];
};
type Saml2ProviderSkeleton = IdObjectSkeletonInterface & {
    entityId: string;
    entityLocation: Saml2ProiderLocation;
    serviceProvider: unknown;
    identityProvider: {
        assertionProcessing?: {
            attributeMapper?: {
                attributeMapperScript?: string;
            };
        };
        advanced?: {
            idpAdapter?: {
                idpAdapterScript?: string;
            };
        };
    };
    attributeQueryProvider: unknown;
    xacmlPolicyEnforcementPoint: unknown;
};

type ScriptLanguage = 'GROOVY' | 'JAVASCRIPT';
type ScriptContext = 'OAUTH2_ACCESS_TOKEN_MODIFICATION' | 'AUTHENTICATION_CLIENT_SIDE' | 'AUTHENTICATION_TREE_DECISION_NODE' | 'AUTHENTICATION_SERVER_SIDE' | 'SOCIAL_IDP_PROFILE_TRANSFORMATION' | 'OAUTH2_VALIDATE_SCOPE' | 'CONFIG_PROVIDER_NODE' | 'OAUTH2_AUTHORIZE_ENDPOINT_DATA_PROVIDER' | 'OAUTH2_EVALUATE_SCOPE' | 'POLICY_CONDITION' | 'OIDC_CLAIMS' | 'SAML2_IDP_ADAPTER' | 'SAML2_IDP_ATTRIBUTE_MAPPER' | 'OAUTH2_MAY_ACT' | 'LIBRARY';
type ScriptSkeleton = IdObjectSkeletonInterface & {
    name: string;
    description: string;
    default: boolean;
    script: string | string[];
    language: ScriptLanguage;
    context: ScriptContext;
    createdBy: string;
    creationDate: number;
    lastModifiedBy: string;
    lastModifiedDate: number;
    exports?: {
        arity?: number;
        id: string;
        type: string;
    }[];
};

type Mapping = {
    /**
     * Create an empty mapping export template
     * @returns {MappingExportInterface} an empty mapping export template
     */
    createMappingExportTemplate(): MappingExportInterface;
    /**
     * Read mappings from sync.json (legacy)
     * @returns {Promise<MappingSkeleton[]>} a promise that resolves to an array of mapping objects
     */
    readSyncMappings(): Promise<MappingSkeleton[]>;
    /**
     * Read mappings
     * @param {string} connectorId limit mappings to connector
     * @param {string} moType limit mappings to managed object type
     * @returns {Promise<MappingSkeleton[]>} a promise that resolves to an array of mapping objects
     */
    readMappings(connectorId?: string, moType?: string): Promise<MappingSkeleton[]>;
    /**
     * Read mapping
     * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>')
     * @returns {Promise<MappingSkeleton>} a promise that resolves an mapping object
     */
    readMapping(mappingId: string): Promise<MappingSkeleton>;
    /**
     * Create mapping
     * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>')
     * @param {MappingSkeleton} mappingData mapping object
     * @returns {Promise<MappingSkeleton>} a promise that resolves to an mapping object
     */
    createMapping(mappingId: string, mappingData: MappingSkeleton): Promise<MappingSkeleton>;
    /**
     * Update or create mapping
     * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>')
     * @param {MappingSkeleton} mappingData mapping object
     * @returns {Promise<MappingSkeleton>} a promise that resolves to an mapping object
     */
    updateMapping(mappingId: string, mappingData: MappingSkeleton): Promise<MappingSkeleton>;
    /**
     * Update or create mappings in sync.json (legacy)
     * @param {MappingSkeleton} mappingData mapping object
     * @returns {Promise<MappingSkeleton>} a promise that resolves to an mapping object
     */
    updateSyncMappings(mappings: MappingSkeleton[]): Promise<MappingSkeleton[]>;
    /**
     * Delete all mappings
     * @param {string} connectorId limit mappings to connector
     * @param {string} moType limit mappings to managed object type
     * @returns {Promise<MappingSkeleton[]>} a promise that resolves to an array of mapping objects
     */
    deleteMappings(connectorId?: string, moType?: string): Promise<MappingSkeleton[]>;
    /**
     * Delete mapping
     * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>')
     * @returns {Promise<MappingSkeleton>} a promise that resolves an mapping object
     */
    deleteMapping(mappingId: string): Promise<MappingSkeleton>;
    /**
     * Export mapping
     * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>')
     * @param {MappingExportOptions} options export options
     * @returns {Promise<MappingExportInterface>} a promise that resolves to a MappingExportInterface object
     */
    exportMapping(mappingId: string, options?: MappingExportOptions): Promise<MappingExportInterface>;
    /**
     * Export all mappings
     * @param {MappingExportOptions} options export options
     * @returns {Promise<MappingExportInterface>} a promise that resolves to a MappingExportInterface object
     */
    exportMappings(options?: MappingExportOptions): Promise<MappingExportInterface>;
    /**
     * Import mapping
     * @param {string} mappingId id of the mapping (new: 'mapping/\<name>', legacy: 'sync/\<name>')
     * @param {MappingExportInterface} importData import data
     * @param {MappingImportOptions} options import options
     * @returns {Promise<MappingSkeleton>} a promise resolving to a MappingSkeleton object
     */
    importMapping(mappingId: string, importData: MappingExportInterface, options?: MappingImportOptions): Promise<MappingSkeleton>;
    /**
     * Import first mapping
     * @param {MappingExportInterface} importData import data
     * @param {MappingImportOptions} options import options
     * @returns {Promise<MappingSkeleton>} a promise resolving to a MappingSkeleton object
     */
    importFirstMapping(importData: MappingExportInterface, options?: MappingImportOptions): Promise<MappingSkeleton>;
    /**
     * Import all mappings
     * @param {MappingExportInterface} importData import data
     * @param {MappingImportOptions} options import options
     * @returns {Promise<MappingSkeleton[]>} a promise resolving to an array of MappingSkeleton objects
     */
    importMappings(importData: MappingExportInterface, options?: MappingImportOptions): Promise<MappingSkeleton[]>;
    /**
     * Helper that returns a boolean indicating whether the mapping is a legacy mapping or not given the id
     * @param {string} mappingId the mapping id
     * @returns {boolean} true if the mapping is a legacy mapping, false otherwise
     * @throws {FrodoError} if the id is invalid
     */
    isLegacyMapping(mappingId: string): boolean;
};
type MappingPolicy = {
    action: 'CREATE' | 'DELETE' | 'EXCEPTION' | 'IGNORE' | 'UPDATE';
    situation: 'ABSENT' | 'ALL_GONE' | 'AMBIGUOUS' | 'CONFIRMED' | 'FOUND' | 'FOUND_ALREADY_LINKED' | 'LINK_ONLY' | 'MISSING' | 'SOURCE_IGNORED' | 'SOURCE_MISSING' | 'TARGET_IGNORED' | 'UNASSIGNED' | 'UNQUALIFIED';
};
type MappingProperty = {
    source?: string;
    target: string;
    transform?: {
        globals: any;
        source: string;
        type: string;
    };
};
type MappingSkeleton = IdObjectSkeletonInterface & {
    name: string;
    displayName?: string;
    linkQualifiers?: string[];
    consentRequired?: boolean;
    policies?: MappingPolicy[];
    properties?: MappingProperty[];
    source?: string;
    target?: string;
    syncAfter?: string[];
};
type SyncSkeleton = IdObjectSkeletonInterface & {
    mappings: MappingSkeleton[];
};
interface MappingExportInterface {
    meta?: ExportMetaData;
    mapping: Record<string, MappingSkeleton>;
    sync: SyncSkeleton;
}
/**
 * Mapping export options
 */
interface MappingExportOptions {
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
    /**
     * Include any dependencies.
     */
    deps: boolean;
    /**
     * limit mappings to connector
     */
    connectorId?: string;
    /**
     * limit mappings to managed object type
     */
    moType?: string;
}
/**
 * Mapping import options
 */
interface MappingImportOptions {
    /**
     * Include any dependencies.
     */
    deps: boolean;
}

type Connector = {
    /**
     * Connector type key used to build the IDM id: '<type>/<id>'
     */
    CONNECTOR_TYPE: string;
    /**
     * Create an empty connector export template
     * @returns {ConnectorExportInterface} an empty connector export template
     */
    createConnectorExportTemplate(): ConnectorExportInterface;
    /**
     * Get all connectors
     * @returns {Promise<ConnectorSkeleton[]>} a promise that resolves to an array of connector objects
     */
    readConnectors(): Promise<ConnectorSkeleton[]>;
    /**
     * Get connector
     * @param {string} connectorId id/name of the connector without the type prefix
     * @returns {Promise<ConnectorSkeleton>} a promise that resolves an connector object
     */
    readConnector(connectorId: string): Promise<ConnectorSkeleton>;
    /**
     * Create connector
     * @param {string} connectorId id/name of the connector without the type prefix
     * @param {ConnectorSkeleton} connectorData connector object
     * @returns {Promise<ConnectorSkeleton>} a promise that resolves to an connector object
     */
    createConnector(connectorId: string, connectorData: ConnectorSkeleton): Promise<ConnectorSkeleton>;
    /**
     * Update or create connector
     * @param {string} connectorId id/name of the connector without the type prefix
     * @param {ConnectorSkeleton} connectorData connector object
     * @returns {Promise<ConnectorSkeleton>} a promise that resolves to an connector object
     */
    updateConnector(connectorId: string, connectorData: ConnectorSkeleton): Promise<ConnectorSkeleton>;
    /**
     * Delete all connectors
     * @param {boolean} deep deep delete (remove dependencies)
     * @returns {Promise<ConnectorSkeleton[]>} a promise that resolves to an array of connector objects
     */
    deleteConnectors(deep?: boolean): Promise<ConnectorSkeleton[]>;
    /**
     * Delete connector
     * @param {string} connectorId id/name of the connector without the type prefix
     * @param {boolean} deep deep delete (remove dependencies)
     * @returns {Promise<ConnectorSkeleton>} a promise that resolves an connector object
     */
    deleteConnector(connectorId: string, deep?: boolean): Promise<ConnectorSkeleton>;
    /**
     * Export connector
     * @param {string} connectorId id/name of the connector without the type prefix
     * @param {ConnectorExportOptions} options export options
     * @returns {Promise<ConnectorExportInterface>} a promise that resolves to a ConnectorExportInterface object
     */
    exportConnector(connectorId: string, options?: ConnectorExportOptions): Promise<ConnectorExportInterface>;
    /**
     * Export all connectors
     * @returns {Promise<ConnectorExportInterface>} a promise that resolves to a ConnectorExportInterface object
     */
    exportConnectors(): Promise<ConnectorExportInterface>;
    /**
     * Import connector
     * @param {string} connectorId id/name of the connector without the type prefix
     * @param {ConnectorExportInterface} importData import data
     * @param {ConnectorImportOptions} options import options
     * @returns {Promise<ConnectorSkeleton>} a promise resolving to a ConnectorSkeleton object
     */
    importConnector(connectorId: string, importData: ConnectorExportInterface, options?: ConnectorImportOptions): Promise<ConnectorSkeleton>;
    /**
     * Import first connector
     * @param {ConnectorExportInterface} importData import data
     * @param {ConnectorImportOptions} options import options
     * @returns {Promise<ConnectorSkeleton>} a promise resolving to a ConnectorSkeleton object
     */
    importFirstConnector(importData: ConnectorExportInterface, options?: ConnectorImportOptions): Promise<ConnectorSkeleton>;
    /**
     * Import all connectors
     * @param {ConnectorExportInterface} importData import data
     * @param {ConnectorImportOptions} options import options
     * @returns {Promise<ConnectorSkeleton[]>} a promise resolving to an array of ConnectorSkeleton objects
     */
    importConnectors(importData: ConnectorExportInterface, options?: ConnectorImportOptions): Promise<ConnectorSkeleton[]>;
};
type ObjectPropertyFlag = 'NOT_CREATABLE' | 'NOT_READABLE' | 'NOT_RETURNED_BY_DEFAULT' | 'NOT_UPDATEABLE';
type ObjectPropertyType = 'array' | 'boolean' | 'string';
type ObjectPropertyNativeType = 'array' | 'boolean' | 'string' | 'JAVA_TYPE_BIGDECIMAL' | 'JAVA_TYPE_BIGINTEGER' | 'JAVA_TYPE_BYTE' | 'JAVA_TYPE_BYTE_ARRAY' | 'JAVA_TYPE_CHAR' | 'JAVA_TYPE_CHARACTER' | 'JAVA_TYPE_DATE' | 'JAVA_TYPE_DOUBLE' | 'JAVA_TYPE_FILE' | 'JAVA_TYPE_FLOAT' | 'JAVA_TYPE_GUARDEDBYTEARRAY' | 'JAVA_TYPE_GUARDEDSTRING' | 'JAVA_TYPE_INT' | 'JAVA_TYPE_INTEGER' | 'JAVA_TYPE_LONG' | 'JAVA_TYPE_OBJECT' | 'JAVA_TYPE_PRIMITIVE_BOOLEAN' | 'JAVA_TYPE_PRIMITIVE_BYTE' | 'JAVA_TYPE_PRIMITIVE_DOUBLE' | 'JAVA_TYPE_PRIMITIVE_FLOAT' | 'JAVA_TYPE_PRIMITIVE_LONG' | 'JAVA_TYPE_STRING';
type ObjectPropertySkeleton = {
    flags?: ObjectPropertyFlag[];
    nativeName: string;
    nativeType: ObjectPropertyNativeType;
    type: ObjectPropertyType;
    runAsUser?: boolean;
    required?: boolean;
    items?: {
        nativeType: ObjectPropertyNativeType;
        type: ObjectPropertyType;
    };
};
type ObjectTypeSkeleton = {
    $schema: string;
    id: string;
    nativeType: string;
    properties: Record<string, ObjectPropertySkeleton>;
    type: 'object';
};
type ConnectorSkeleton = IdObjectSkeletonInterface & {
    configurationProperties: any;
    connectorRef: {
        bundleName: string;
        bundleVersion: string;
        connectorHostRef: string;
        connectorName: string;
        displayName: string;
        systemType: 'provisioner.openicf';
    };
    enabled: boolean;
    objectTypes: Record<string, ObjectTypeSkeleton>;
};
/**
 * Connector export options
 */
interface ConnectorExportOptions {
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
    /**
     * Include any dependencies (mappings).
     */
    deps: boolean;
}
/**
 * Connector import options
 */
interface ConnectorImportOptions {
    /**
     * Include any dependencies (mappings).
     */
    deps: boolean;
}
interface ConnectorExportInterface {
    meta?: ExportMetaData;
    connector: Record<string, ConnectorSkeleton>;
    mapping?: Record<string, MappingSkeleton>;
}

type Application = {
    /**
     * Create an empty application export template
     * @returns {ApplicationExportInterface} an empty application export template
     */
    createApplicationExportTemplate(): ApplicationExportInterface;
    /**
     * Get application managed object type
     * @returns {String} application managed object type in this realm
     */
    getRealmManagedApplication(): string;
    /**
     * Create application
     * @param {string} applicationId application id/name
     * @param {ApplicationGlossarySkeleton} applicationData application data
     * @returns {Promise<ApplicationGlossarySkeleton>} a promise that resolves to an application object
     */
    createApplication(applicationId: string, applicationData: ApplicationGlossarySkeleton): Promise<ApplicationGlossarySkeleton>;
    /**
     * Read application
     * @param {string} applicationId application uuid
     * @returns {Promise<ApplicationSkeleton>} a promise that resolves to an application object
     */
    readApplication(applicationId: string): Promise<ApplicationSkeleton>;
    /**
     * Read application by name
     * @param {string} applicationName application name
     * @returns {Promise<ApplicationSkeleton>} a promise that resolves to an application object
     */
    readApplicationByName(applicationName: string): Promise<ApplicationSkeleton>;
    /**
     * Read all applications. Results are sorted aphabetically.
     * @returns {Promise<ApplicationSkeleton[]>} a promise that resolves to an array of application objects
     */
    readApplications(): Promise<ApplicationSkeleton[]>;
    /**
     * Update application
     * @param {string} applicationId application uuid
     * @param {ApplicationSkeleton} applicationData application data
     * @returns {Promise<ApplicationSkeleton>} a promise that resolves to an application object
     */
    updateApplication(applicationId: string, applicationData: ApplicationSkeleton): Promise<ApplicationSkeleton>;
    /**
     * Delete application
     * @param {string} applicationId application uuid
     * @param {boolean} deep deep delete (remove dependencies)
     * @returns {Promise<ApplicationGlossarySkeleton>} a promise that resolves to an application object
     */
    deleteApplication(applicationId: string, deep?: boolean): Promise<ApplicationGlossarySkeleton>;
    /**
     * Delete application by name
     * @param {string} applicationName application name
     * @param {boolean} deep deep delete (remove dependencies)
     * @returns {Promise<ApplicationGlossarySkeleton>} a promise that resolves to an application object
     */
    deleteApplicationByName(applicationName: string, deep?: boolean): Promise<ApplicationGlossarySkeleton>;
    /**
     * Delete all applications
     * @param {boolean} deep deep delete (remove dependencies)
     * @returns {Promise<ApplicationGlossarySkeleton[]>} a promise that resolves to an array of application objects
     */
    deleteApplications(deep?: boolean): Promise<ApplicationGlossarySkeleton[]>;
    /**
     * Query applications
     * @param filter CREST search filter
     * @param fields array of fields to return
     */
    queryApplications(filter: string, fields?: string[]): Promise<ApplicationSkeleton[]>;
    /**
     * Export application. The response can be saved to file as is.
     * @param {string} applicationId application uuid
     * @param {ApplicationExportOptions} options export options
     * @returns {Promise<ApplicationExportInterface>} Promise resolving to an ApplicationExportInterface object.
     */
    exportApplication(applicationId: string, options: ApplicationExportOptions): Promise<ApplicationExportInterface>;
    /**
     * Export application by name. The response can be saved to file as is.
     * @param {string} applicationName application name
     * @param {ApplicationExportOptions} options export options
     * @returns {Promise<ApplicationExportInterface>} Promise resolving to an ApplicationExportInterface object.
     */
    exportApplicationByName(applicationName: string, options: ApplicationExportOptions): Promise<ApplicationExportInterface>;
    /**
     * Export all applications. The response can be saved to file as is.
     * @returns {Promise<ApplicationExportInterface>} Promise resolving to an ApplicationExportInterface object.
     */
    exportApplications(options?: ApplicationExportOptions): Promise<ApplicationExportInterface>;
    /**
     * Import application. The import data is usually read from an application export file.
     * @param {string} applicationId application uuid
     * @param {ApplicationExportInterface} importData application import data.
     * @returns {Promise<ApplicationGlossarySkeleton>} Promise resolving to an application object.
     */
    importApplication(applicationId: string, importData: ApplicationExportInterface, options: ApplicationImportOptions): Promise<ApplicationGlossarySkeleton>;
    /**
     * Import application by name. The import data is usually read from an application export file.
     * @param {string} applicationName application name
     * @param {ApplicationExportInterface} importData application import data.
     * @returns {Promise<ApplicationGlossarySkeleton>} Promise resolving to an application object.
     */
    importApplicationByName(applicationName: string, importData: ApplicationExportInterface, options: ApplicationImportOptions): Promise<ApplicationGlossarySkeleton>;
    /**
     * Import first application. The import data is usually read from an application export file.
     * @param {ApplicationExportInterface} importData application import data.
     */
    importFirstApplication(importData: ApplicationExportInterface, options: ApplicationImportOptions): Promise<ApplicationGlossarySkeleton[]>;
    /**
     * Import applications. The import data is usually read from an application export file.
     * @param {ApplicationExportInterface} importData application import data.
     */
    importApplications(importData: ApplicationExportInterface, options: ApplicationImportOptions): Promise<ApplicationGlossarySkeleton[]>;
};
type ApplicationSkeleton = IdObjectSkeletonInterface & {
    authoritative: boolean;
    connectorId: string;
    description: string;
    icon: string;
    mappingNames: string[];
    members: any;
    name: string;
    owners: any;
    roles: any;
    ssoEntities: {
        idpLocation: string;
        idpPrivateId: string;
        spLocation: string;
        spPrivate: string;
    };
    templateName: string;
    templateVersion: string;
    uiConfig: object;
    url: string;
};
type ApplicationGlossarySkeleton = ApplicationSkeleton & {
    glossary?: GlossarySkeleton;
};
/**
 * Export format for applications
 */
interface ApplicationExportInterface {
    /**
     * Metadata
     */
    meta?: ExportMetaData;
    /**
     * Managed applications
     */
    managedApplication: Record<string, ApplicationGlossarySkeleton>;
    /**
     * Scripts
     */
    script?: Record<string, ScriptSkeleton>;
    /**
     * OAuth2 clients
     */
    application?: Record<string, OAuth2ClientSkeleton>;
    /**
     * Saml providers, circles of trust, and metadata
     */
    saml?: {
        hosted?: Record<string, Saml2ProviderSkeleton>;
        remote?: Record<string, Saml2ProviderSkeleton>;
        metadata?: Record<string, string[]>;
        cot?: Record<string, CircleOfTrustSkeleton>;
    };
    /**
     * connectors
     */
    connector?: Record<string, ConnectorSkeleton>;
    /**
     * mappings
     */
    mapping?: Record<string, MappingSkeleton>;
    /**
     * Glossary Schema
     */
    glossarySchema?: Record<string, GlossarySchemaItemSkeleton<any>>;
    requestForm?: Record<string, RequestFormSkeleton>;
    requestType?: Record<string, RequestTypeSkeleton>;
}
/**
 * Application export options
 */
type ApplicationExportOptions = {
    /**
     * Include any dependencies (scripts, oauth2 clients, saml providers, circles of trust, etc).
     */
    deps: boolean;
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
};
/**
 * Application export options
 */
type ApplicationImportOptions = {
    /**
     * Import any dependencies (scripts).
     */
    deps: boolean;
};

type AuthenticationSettingsSkeleton = IdObjectSkeletonInterface & {
    _id: '';
    _type: {
        _id: 'EMPTY';
        name: 'Core';
        collection: false;
    };
};

type AuthenticationSettings = {
    /**
     * Read authentication settings
     * @param {boolean} globalConfig true if global authentication settings is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<AuthenticationSettingsSkeleton>} a promise that resolves an authentication settings object
     */
    readAuthenticationSettings(globalConfig: boolean): Promise<AuthenticationSettingsSkeleton>;
    /**
     * Update authentication settings
     * @param {AuthenticationSettingsSkeleton} settings authentication settings data
     * @param {boolean} globalConfig true if global authentication settings are the target of the operation, false otherwise. Default: false.
     * @returns {Promise<AuthenticationSettingsSkeleton>} a promise that resolves an authentication settings object
     */
    updateAuthenticationSettings(settings: AuthenticationSettingsSkeleton, globalConfig: boolean): Promise<AuthenticationSettingsSkeleton>;
    /**
     * Export authentication settings
     * @param {boolean} globalConfig true if global authentication settings is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<AuthenticationSettingsExportInterface>} a promise that resolves to an AuthenticationSettingsExportInterface object
     */
    exportAuthenticationSettings(globalConfig: boolean): Promise<AuthenticationSettingsExportInterface>;
    /**
     * Import authentication settings
     * @param {AuthenticationSettingsExportInterface} importData import data
     * @param {boolean} globalConfig true if global authentication settings are the target of the operation, false otherwise. Default: false.
     */
    importAuthenticationSettings(importData: AuthenticationSettingsExportInterface, globalConfig: boolean): Promise<AuthenticationSettingsSkeleton>;
};
interface AuthenticationSettingsExportInterface {
    meta?: ExportMetaData;
    authentication: AuthenticationSettingsSkeleton;
}

type CirclesOfTrust = {
    /**
     * Create an empty agent export template
     * @returns {CirclesOfTrustExportInterface} an empty agent export template
     */
    createCirclesOfTrustExportTemplate(): CirclesOfTrustExportInterface;
    /**
     * Read all circles of trust
     * @param {string[]} entityProviders filter by entity providers
     */
    readCirclesOfTrust(entityProviders?: string[]): Promise<CircleOfTrustSkeleton[]>;
    /**
     * Read circle of trust
     * @param {string} cotId circle of trust id/name
     */
    readCircleOfTrust(cotId: string): Promise<CircleOfTrustSkeleton>;
    /**
     * Create circle of trust
     * @param {string} cotId circle of trust id/name
     * @param {CircleOfTrustSkeleton} cotData circle of trust data
     */
    createCircleOfTrust(cotId?: string, cotData?: CircleOfTrustSkeleton): Promise<CircleOfTrustSkeleton>;
    /**
     * Update circle of trust
     * @param {string} cotId circle of trust id/name
     * @param cotData circle of trust data
     */
    updateCircleOfTrust(cotId: string, cotData: CircleOfTrustSkeleton): Promise<CircleOfTrustSkeleton>;
    /**
     * Delete circle of trust
     * @param {string} cotId circle of trust id/name
     */
    deleteCircleOfTrust(cotId: string): Promise<CircleOfTrustSkeleton>;
    /**
     * Delete circles of trust
     * @param {string[]} entityProviders filter by entity providers
     */
    deleteCirclesOfTrust(entityProviders?: string[]): Promise<CircleOfTrustSkeleton[]>;
    /**
     * Export circle of trust
     * @param {string} cotId circle of trust id/name
     */
    exportCircleOfTrust(cotId: string): Promise<CirclesOfTrustExportInterface>;
    /**
     * Export all circles of trust
     * @param {string[]} entityProviders filter by entity providers
     */
    exportCirclesOfTrust(entityProviders?: string[]): Promise<CirclesOfTrustExportInterface>;
    /**
     * Import a circle of trust by id/name from file
     * @param {string} cotId Circle of trust id/name
     * @param {CirclesOfTrustExportInterface} importData Import data
     * @returns {Promise<CircleOfTrustSkeleton[]>} a promise resolving to the circle of trust object that was created or updated. Note: If the circle of trust already exists and does not need updating, null is returned.
     */
    importCircleOfTrust(cotId: string, importData: CirclesOfTrustExportInterface): Promise<CircleOfTrustSkeleton>;
    /**
     * Import first circle of trust
     * @param {CirclesOfTrustExportInterface} importData Import data
     * @returns {Promise<CircleOfTrustSkeleton[]>} a promise resolving to the circle of trust object that was created or updated. Note: If the circle of trust already exists and does not need updating, null is returned.
     */
    importFirstCircleOfTrust(importData: CirclesOfTrustExportInterface): Promise<CircleOfTrustSkeleton>;
    /**
     * Import all circles of trust
     * @param {string[]} entityProviders filter by entity providers
     * @param {CirclesOfTrustExportInterface} importData Import data
     * @returns {Promise<CircleOfTrustSkeleton[]>} a promise resolving to an array of circle of trust objects that were created or updated. Note: If a circle of trust already exists and does not need updating, it is omitted from the response array.
     */
    importCirclesOfTrust(importData: CirclesOfTrustExportInterface, entityProviders?: string[]): Promise<CircleOfTrustSkeleton[]>;
};
interface CirclesOfTrustExportInterface {
    meta?: ExportMetaData;
    script: Record<string, ScriptSkeleton>;
    saml: {
        hosted: Record<string, Saml2ProviderSkeleton>;
        remote: Record<string, Saml2ProviderSkeleton>;
        metadata: Record<string, string[]>;
        cot: Record<string, CircleOfTrustSkeleton>;
    };
}

type ServerSkeleton = IdObjectSkeletonInterface & {
    url: string;
    siteName: string;
};
type ServerPropertiesSkeleton = {
    advanced: object;
    cts: object;
    directoryConfiguration: object;
    general: object;
    sdk: object;
    security: object;
    session: object;
    uma: object;
};

type Server = {
    /**
     * Create an empty server export template
     * @returns {ServerExportInterface} an empty server export template
     */
    createServerExportTemplate(): ServerExportInterface;
    /**
     * Read server by id
     * @param {string} serverId Server id
     * @returns {Promise<ServerSkeleton>} a promise that resolves to a server object
     */
    readServer(serverId: string): Promise<ServerSkeleton>;
    /**
     * Read server by url
     * @param {string} serverUrl Server url
     * @returns {Promise<ServerSkeleton>} a promise that resolves to a server object
     */
    readServerByUrl(serverUrl: string): Promise<ServerSkeleton>;
    /**
     * Read all servers.
     * @returns {Promise<ServerSkeleton[]>} a promise that resolves to an array of server objects
     */
    readServers(): Promise<ServerSkeleton[]>;
    /**
     * Export a single server by id. The response can be saved to file as is.
     * @param {string} serverId Server id
     * @param {ServerExportOptions} options Server export options
     * @returns {Promise<ServerExportInterface>} Promise resolving to a ServerExportInterface object.
     */
    exportServer(serverId: string, options: ServerExportOptions): Promise<ServerExportInterface>;
    /**
     * Export a single server by url. The response can be saved to file as is.
     * @param {string} serverUrl Server url
     * @param {ServerExportOptions} options Server export options
     * @returns {Promise<ServerExportInterface>} Promise resolving to a ServerExportInterface object.
     */
    exportServerByUrl(serverUrl: string, options: ServerExportOptions): Promise<ServerExportInterface>;
    /**
     * Export all servers. The response can be saved to file as is.
     * @param {ServerExportOptions} options Server export options
     * @returns {Promise<ServerExportInterface>} Promise resolving to a ServerExportInterface object.
     */
    exportServers(options: ServerExportOptions): Promise<ServerExportInterface>;
    /**
     * Creates a server
     * @param {ServerSkeleton} serverData server object
     * @returns {Promise<ServerSkeleton>} a promise that resolves to a server object
     */
    createServer(serverData: ServerSkeleton): Promise<ServerSkeleton>;
    /**
     * Imports the first server from the importData
     * @param importData server import data
     * @param options server import options
     */
    importFirstServer(importData: ServerExportInterface, options: ServerImportOptions): Promise<ServerExportInterface>;
    /**
     * Imports servers along with their properties
     * @param {ServerExportInterface} importData server import data
     * @param {ServerImportOptions} options server import options
     * @param {string} serverId Optional server id. If supplied, only the server (and its properties) of that id is imported. Takes priority over serverUrl if both are provided.
     * @param {string} serverUrl Optional server url. If supplied, only the server of that url is imported.
     * @returns {Promise<ServerExportInterface>} a promise that resolves to a server export object
     */
    importServers(importData: ServerExportInterface, options: ServerImportOptions, serverId?: string, serverUrl?: string): Promise<ServerExportInterface>;
};
/**
 * Server export options
 */
interface ServerExportOptions {
    /**
     * True to export the default server properties, false otherwise
     */
    includeDefault: boolean;
}
/**
 * Server import options
 */
interface ServerImportOptions {
    /**
     * True to import the default server properties, false otherwise
     */
    includeDefault: boolean;
}
type ServerExportSkeleton = ServerSkeleton & {
    properties: ServerPropertiesSkeleton;
};
interface ServerExportInterface {
    meta?: ExportMetaData;
    server: Record<string, ServerExportSkeleton>;
    defaultProperties: ServerPropertiesSkeleton;
}

type SiteSkeleton = IdObjectSkeletonInterface & {
    id: string;
    url: string;
    secondaryURLs: string[];
    servers: {
        id: string;
        url: string;
    }[];
};

type Site = {
    /**
     * Create an empty site export template
     * @returns {SiteExportInterface} an empty site export template
     */
    createSiteExportTemplate(): SiteExportInterface;
    /**
     * Read site by id
     * @param {string} siteId Site id
     * @returns {Promise<SiteSkeleton>} a promise that resolves to a site object
     */
    readSite(siteId: string): Promise<SiteSkeleton>;
    /**
     * Read all sites.
     * @returns {Promise<SiteSkeleton[]>} a promise that resolves to an array of site objects
     */
    readSites(): Promise<SiteSkeleton[]>;
    /**
     * Export a single site by id. The response can be saved to file as is.
     * @param {string} siteId Site id
     * @returns {Promise<SiteExportInterface>} Promise resolving to a SiteExportInterface object.
     */
    exportSite(siteId: string): Promise<SiteExportInterface>;
    /**
     * Export all sites. The response can be saved to file as is.
     * @returns {Promise<SiteExportInterface>} Promise resolving to a SiteExportInterface object.
     */
    exportSites(): Promise<SiteExportInterface>;
    /**
     * Update site
     * @param {string} siteId site id
     * @param {SiteSkeleton} siteData site data
     * @returns {Promise<SiteSkeleton>} a promise resolving to a site object
     */
    updateSite(siteId: string, siteData: SiteSkeleton): Promise<SiteSkeleton>;
    /**
     * Import sites
     * @param {SiteExportInterface} importData site import data
     * @param {string} siteId Optional site id. If supplied, only the site of that id is imported. Takes priority over siteUrl if both are provided.
     * @param {string} siteUrl Optional site url. If supplied, only the site of that url is imported.
     * @returns {Promise<SiteSkeleton[]>} the imported sites
     */
    importSites(importData: SiteExportInterface, siteId?: string, siteUrl?: string): Promise<SiteSkeleton[]>;
};
interface SiteExportInterface {
    meta?: ExportMetaData;
    site: Record<string, SiteSkeleton>;
}

type SocialIdpSkeleton = AmConfigEntityInterface & {
    authenticationIdKey: string;
    authorizationEndpoint: string;
    clientAuthenticationMethod: string;
    clientId: string;
    clientSecret?: string | null;
    clientSecretLabelIdentifier?: string;
    enabled: boolean;
    introspectEndpoint?: string;
    issuerComparisonCheckType: string;
    jwksUriEndpoint?: string;
    jwtEncryptionAlgorithm: string;
    jwtEncryptionMethod: string;
    jwtSigningAlgorithm: string;
    pkceMethod: string;
    privateKeyJwtExpTime: number;
    redirectAfterFormPostURI?: string;
    redirectURI: string;
    responseMode: string;
    revocationCheckOptions: string[];
    scopeDelimiter: string;
    scopes: string[];
    tokenEndpoint: string;
    transform: string;
    uiConfig: Record<string, string>;
    useCustomTrustStore: boolean;
    userInfoEndpoint?: string;
};

type AdminFederationConfigSkeleton = IdObjectSkeletonInterface & {
    groups: {
        claim: string;
        mappings: {
            'super-admins': string[];
            'tenant-admins': string[];
        };
    };
};

type AdminFederation = {
    /**
     * Create an empty idp export template
     * @returns {AdminFederationExportInterface} an empty idp export template
     */
    createAdminFederationExportTemplate(): AdminFederationExportInterface;
    /**
     * Read all admin federation providers
     * @returns {Promise} a promise that resolves to an object containing an array of admin federation providers
     */
    readAdminFederationProviders(): Promise<SocialIdpSkeleton[]>;
    /**
     * Read admin federation provider
     * @param {string} providerId social identity provider id/name
     * @returns {Promise<SocialIdpSkeleton>} a promise that resolves a social admin federation object
     */
    readAdminFederationProvider(providerId: string): Promise<SocialIdpSkeleton>;
    /**
     * Create admin federation provider
     * @param {string} providerType social identity provider type
     * @param {string} providerId social identity provider id/name
     * @param {SocialIdpSkeleton} providerData social identity provider data
     * @returns {Promise<SocialIdpSkeleton>} a promise that resolves a social admin federation object
     */
    createAdminFederationProvider(providerType: string, providerData: SocialIdpSkeleton, providerId?: string): Promise<SocialIdpSkeleton>;
    /**
     * Update or create admin federation provider
     * @param {string} providerType social identity provider type
     * @param {string} providerId social identity provider id/name
     * @param {SocialIdpSkeleton} providerData social identity provider data
     * @returns {Promise<SocialIdpSkeleton>} a promise that resolves a social admin federation object
     */
    updateAdminFederationProvider(providerType: string, providerId: string, providerData: SocialIdpSkeleton): Promise<SocialIdpSkeleton>;
    /**
     * Delete admin federation provider by id
     * @param {String} providerId admin federation provider id/name
     * @returns {Promise} a promise that resolves to an admin federation provider object
     */
    deleteAdminFederationProvider(providerId: string): Promise<SocialIdpSkeleton>;
    /**
     * Export admin federation provider by id
     * @param {string} providerId provider id/name
     * @returns {Promise<AdminFederationExportInterface>} a promise that resolves to a SocialProviderExportInterface object
     */
    exportAdminFederationProvider(providerId: string): Promise<AdminFederationExportInterface>;
    /**
     * Export all providers
     * @returns {Promise<AdminFederationExportInterface>} a promise that resolves to a SocialProviderExportInterface object
     */
    exportAdminFederationProviders(): Promise<AdminFederationExportInterface>;
    /**
     * Import admin federation provider by id/name
     * @param {string} providerId provider id/name
     * @param {AdminFederationExportInterface} importData import data
     */
    importAdminFederationProvider(providerId: string, importData: AdminFederationExportInterface): Promise<SocialIdpSkeleton>;
    /**
     * Import first provider
     * @param {AdminFederationExportInterface} importData import data
     */
    importFirstAdminFederationProvider(importData: AdminFederationExportInterface): Promise<SocialIdpSkeleton>;
    /**
     * Import all providers
     * @param {AdminFederationExportInterface} importData import data
     */
    importAdminFederationProviders(importData: AdminFederationExportInterface): Promise<SocialIdpSkeleton[]>;
};
interface AdminFederationExportInterface {
    meta?: ExportMetaData;
    config: Record<string, AdminFederationConfigSkeleton>;
    idp: Record<string, SocialIdpSkeleton>;
}

type EnvAIAgent = {
    /**
     * Enable AI agent feature
     * @returns {Promise<any>} a promise that resolves to an empty result object if successful
     */
    enableAIAgentFeature(): Promise<any>;
};

/**
 * Certificate object skeleton
 */
type CertificateResponse = NoIdObjectSkeletonInterface & {
    active: boolean;
    certificate: string;
    expireTime: string;
    id: string;
    issuer: string;
    live: boolean;
    subject: string;
    subjectAlternativeNames: string[];
    validFromTime: string;
};

type EnvCertificate = {
    /**
     * Read certificate by id
     * @param {string} certificateId certificate id
     * @returns {Promise<CertificateResponse>} a promise that resolves to a certificate object
     */
    readCertificate(certificateId: string): Promise<CertificateResponse>;
    /**
     * Read all certificates
     * @param {boolean} noDecode Do not decode values (default: false)
     * @returns {Promise<CertificateResponse[]>} a promise that resolves to an array of certificate objects
     */
    readCertificates(noDecode?: boolean): Promise<CertificateResponse[]>;
    /**
     * Create certificate
     * @param {boolean} active The active status of the certificate. Set this to true for the certificate to actively be served.
     * @param {string} certificate The PEM formatted certificate.
     * @param {string} privateKey The private key for the certificate. For security reasons, only insert requests include this field.
     * @param {boolean} wait Wait until certificate is live (use interval and retries to modify default behavior)
     * @param {number} interval Only applies when wait=true: Time (in milliseconds) to wait between retries (default: 5000)
     * @param {number} retries Only applies when wait=true: How many times to retry (default: 24)
     * @returns {Promise<CertificateResponse>} a promise that resolves to a certificate object
     */
    createCertificate(active: boolean, certificate: string, privateKey: string, wait?: boolean, interval?: number, retries?: number): Promise<CertificateResponse>;
    /**
     * Update certificate
     * @param {string} certificateId ID of the certificate
     * @param {boolean} active The active status of the certificate. Set this to true for the certificate to actively be served.
     * @returns {Promise<CertificateResponse>} a promise that resolves to a certificate object
     */
    updateCertificate(certificateId: string, active: boolean): Promise<CertificateResponse>;
    /**
     * Activate certificate
     * @param {string} certificateId ID of the certificate
     * @param {boolean} wait Wait until certificate is live (use interval and retries to modify default behavior)
     * @param {number} interval Only applies when wait=true: Time (in milliseconds) to wait between retries (default: 5000)
     * @param {number} retries Only applies when wait=true: How many times to retry (default: 24)
     * @returns {Promise<CertificateResponse>} a promise that resolves to a certificate object
     */
    activateCertificate(certificateId: string, wait?: boolean, interval?: number, retries?: number): Promise<CertificateResponse>;
    /**
     * Deactivate certificate
     * @param {string} certificateId ID of the certificate
     * @param {boolean} wait Wait until certificate is live (use interval and retries to modify default behavior)
     * @param {number} interval Only applies when wait=true: Time (in milliseconds) to wait between retries (default: 5000)
     * @param {number} retries Only applies when wait=true: How many times to retry (default: 24)
     * @returns {Promise<CertificateResponse>} a promise that resolves to a certificate object
     */
    deactivateCertificate(certificateId: string, wait?: boolean, interval?: number, retries?: number): Promise<CertificateResponse>;
    /**
     * Check if certificate is active
     * @param {string} certificateId ID of the certificate
     * @returns {Promise<boolean>} a promise that resolves to true or false
     */
    isCertificateActive(certificateId: string): Promise<boolean>;
    /**
     * Check if certificate is live
     * @param {string} certificateId ID of the certificate
     * @returns {Promise<boolean>} a promise that resolves to true or false
     */
    isCertificateLive(certificateId: string): Promise<boolean>;
    /**
     * Delete certificate
     * @param {string} certificateId certificate id/name
     * @param {boolean} force force deletion of active certificate by attempting to deactivate it (use interval and retries to modify default behavior)
     * @param {number} interval Only applies when force=true: Time (in milliseconds) to wait between retries (default: 5000)
     * @param {number} retries Only applies when force=true: How many times to retry (default: 24)
     * @returns {Promise<CertificateResponse>} a promise that resolves to a certificate object
     */
    deleteCertificate(certificateId: string, force?: boolean, interval?: number, retries?: number): Promise<CertificateResponse>;
    /**
     * Delete all certificates
     * @param {boolean} force force deletion of active certificate by attempting to deactivate it (use interval and retries to modify default behavior)
     * @param {number} interval Only applies when force=true: Time (in milliseconds) to wait between retries (default: 5000)
     * @param {number} retries Only applies when force=true: How many times to retry (default: 24)
     * @returns {Promise<CertificateResponse>} a promise that resolves to a certificate object
     */
    deleteCertificates(force?: boolean, interval?: number, retries?: number): Promise<CertificateResponse[]>;
};

type DirectiveEnabled = [];
type DirectiveSource = string;
type AllFlag = '*';
type AllowDuplicatesFlag = "'allow-duplicates'";
type NoneFlag = "'none'";
type ScriptFlag = "'script'";
type SelfFlag = "'self'";
type DirectiveFlag = AllFlag | NoneFlag | SelfFlag | DirectiveSource;
type DirectiveSourceFlag = 'data:' | "'unsafe-inline'" | "'unsafe-eval'" | "'unsafe-hashes'" | DirectiveFlag;
type SandboxDirectiveFlag = "'allow-forms'" | "'allow-same-origin'" | "'allow-scripts'" | "'allow-popups'" | "'allow-pointer-lock'" | "'allow-top-navigation'";
type RefererDirectiveFlag = "'no-referrer'" | "'none-when-downgrade'" | "'origin'" | "'origin-when-cross-origin'" | "'unsafe-url'";
/**
 * Content Security Policy object
 */
type ContentSecurityPolicy = {
    active: boolean;
    directives: {
        'base-uri'?: DirectiveFlag[];
        'block-all-mixed-content'?: DirectiveEnabled;
        'child-src'?: DirectiveSourceFlag[];
        'connect-src'?: DirectiveSourceFlag[];
        'default-src'?: DirectiveSourceFlag[];
        'font-src'?: DirectiveSourceFlag[];
        'form-action'?: DirectiveFlag[];
        'frame-ancestors'?: DirectiveFlag[];
        'frame-src'?: DirectiveSourceFlag[];
        'img-src'?: DirectiveSourceFlag[];
        'manifest-src'?: DirectiveSourceFlag[];
        'media-src'?: DirectiveSourceFlag[];
        'navigate-to'?: DirectiveFlag[];
        'object-src'?: DirectiveSourceFlag[];
        'plugin-types'?: DirectiveSource[];
        'prefetch-src'?: DirectiveSourceFlag[];
        referrer?: RefererDirectiveFlag[];
        'report-to'?: DirectiveSource;
        'report-uri'?: DirectiveSource;
        'require-trusted-types-for'?: ScriptFlag;
        sandbox?: SandboxDirectiveFlag[];
        'script-src'?: DirectiveSourceFlag[];
        'script-src-attr'?: DirectiveSourceFlag[];
        'script-src-elem'?: DirectiveSourceFlag[];
        'style-src'?: DirectiveSourceFlag[];
        'style-src-attr'?: DirectiveSourceFlag[];
        'style-src-elem'?: DirectiveSourceFlag;
        'trusted-types'?: NoneFlag | AllowDuplicatesFlag;
        'upgrade-insecure-requests'?: DirectiveEnabled;
        'worker-src'?: DirectiveSourceFlag[];
    };
};

type EnvContentSecurityPolicy = {
    /**
     * Read enforced content security policy
     * @returns {Promise<ContentSecurityPolicy>} a promise that resolves to a ContentSecurityPolicy object
     */
    readEnforcedContentSecurityPolicy(): Promise<ContentSecurityPolicy>;
    /**
     * Update enforced content security policy
     * @param {ContentSecurityPolicy} policy ContentSecurityPolicy object
     * @returns {Promise<ContentSecurityPolicy>} a promise that resolves to a ContentSecurityPolicy object.
     */
    updateEnforcedContentSecurityPolicy(policy: ContentSecurityPolicy): Promise<ContentSecurityPolicy>;
    /**
     * Read report-only content security policy
     * @returns {Promise<ContentSecurityPolicy>} a promise that resolves to a ContentSecurityPolicy object
     */
    readReportOnlyContentSecurityPolicy(): Promise<ContentSecurityPolicy>;
    /**
     * Update report-only content security policy
     * @param {ContentSecurityPolicy} policy ContentSecurityPolicy object
     * @returns {Promise<ContentSecurityPolicy>} a promise that resolves to a ContentSecurityPolicy object.
     */
    updateReportOnlyContentSecurityPolicy(policy: ContentSecurityPolicy): Promise<ContentSecurityPolicy>;
};

/**
 * Cookie Domains object
 */
type CookieDomains = {
    domains: string[];
};

type EnvCookieDomains = {
    /**
     * Read cookie domains
     * @returns {Promise<ContentSecurityPolicy>} a promise that resolves to a CookieDomains object
     */
    readCookieDomains(): Promise<CookieDomains>;
    /**
     * Update cookie domains
     * @param {CookieDomains} domains CookieDomains object
     * @returns {Promise<CookieDomains>} a promise that resolves to a CookieDomains object.
     */
    updateCookieDomains(domains: CookieDomains): Promise<CookieDomains>;
};

/**
 * CSR object
 */
type CSR = {
    /**
     * The algorithm for the private key. The encryption algorithm will either be
     * RSA-2048 or ECDSA P-256 depending on the algorithm choice. The default is RSA-2048.
     */
    algorithm: 'rsa' | 'ecdsa';
    /**
     * Category of business, such as "Private Organization", “Government Entity”,
     * “Business Entity”, or “Non-Commercial Entity”. Relevant for EV certificates.
     */
    businessCategory: string;
    /**
     * City
     */
    city: string;
    /**
     * Domain name that the SSL certificate is securing
     */
    commonName: string;
    /**
     * Two-letter ISO-3166 country code: string[A-Z]{2}
     */
    country: string;
    /**
     * Email: string^\S+@\S+$
     */
    email: string;
    /**
     * This field contains only information relevant to the Jurisdiction
     * of Incorporation or Registration. Relevant for EV certificates.
     */
    jurisdictionCity: string;
    /**
     * This field contains only information relevant to the Jurisdiction
     * of Incorporation or Registration. Relevant for EV certificates.
     */
    jurisdictionCountry: string;
    /**
     * This field contains only information relevant to the Jurisdiction
     * of Incorporation or Registration. Relevant for EV certificates.
     */
    jurisdictionState: string;
    /**
     * Full name of company
     */
    organization: string;
    /**
     * Company section or department
     */
    organizationalUnit: string;
    /**
     * Zip code
     */
    postalCode: string;
    /**
     * The Registration (or similar) Number assigned to the Subject by the Incorporating
     * or Registration Agency in its Jurisdiction of Incorporation or Registration.
     * Relevant for EV certificates.
     */
    serialNumber: string;
    /**
     * State
     */
    state: string;
    /**
     * Address
     */
    streetAddress: string;
    /**
     * Additional domain or domains that the SSL certificate is securing
     */
    subjectAlternativeNames: string[];
};
/**
 * CSR response object skeleton
 */
type CSRResponse = NoIdObjectSkeletonInterface & {
    /**
     * The algorithm for the private key. The encryption algorithm will either be RSA-2048 or ECDSA P-256 depending on the algorithm choice. The default is RSA-2048.
     */
    algorithm: string;
    /**
     * The ID of the certificate created from this CSR if the CSR has been completed.
     */
    certificateID: string;
    /**
     * Creation timestamp: eg '2006-01-02T15:04:05Z07:00'
     */
    createdDate: string;
    /**
     * The unique identifier for the CSR
     */
    id: string;
    /**
     * PEM formatted CSR.
     */
    request: string;
    /**
     * the CSR subject
     */
    subject: string;
    /**
     * Additional domain or domains that the SSL certificate is securing
     */
    subjectAlternativeNames: string[];
};

type EnvCSR = {
    /**
     * Read CSR by id
     * @param {string} csrId ID of the CSR
     * @returns {Promise<CSRResponse>} a promise that resolves to a CSRResponse object
     */
    readCSR(csrId: string): Promise<CSRResponse>;
    /**
     * Read all CSRs
     * @returns {Promise<CSRResponse[]>} a promise that resolves to an array of CSRResponse objects
     */
    readCSRs(): Promise<CSRResponse[]>;
    /**
     * Create CSR
     * @param {CSR} csr CSR object
     * @returns {Promise<CSRResponse>} a promise that resolves to a CSRResponse object
     */
    createCSR(csr: CSR): Promise<CSRResponse>;
    /**
     * Create CSR
     * @param {'rsa' | 'ecdsa'} algorithm The algorithm for the private key. The encryption algorithm will either be RSA-2048 or ECDSA P-256 depending on the algorithm choice. The default is RSA-2048.
     * @param {string} businessCategory Category of business, such as "Private Organization", “Government Entity”, “Business Entity”, or “Non-Commercial Entity”. Relevant for EV certificates.
     * @param {string} city City
     * @param {string} commonName Domain name that the SSL certificate is securing
     * @param {string} country Two-letter ISO-3166 country code: string[A-Z]{2}
     * @param {string} email Email: string^\S+@\S+$
     * @param {string} jurisdictionCity This field contains only information relevant to the Jurisdiction of Incorporation or Registration. Relevant for EV certificates.
     * @param {string} jurisdictionCountry This field contains only information relevant to the Jurisdiction of Incorporation or Registration. Relevant for EV certificates.
     * @param {string} jurisdictionState This field contains only information relevant to the Jurisdiction of Incorporation or Registration. Relevant for EV certificates.
     * @param {string} organization Full name of company
     * @param {string} organizationalUnit Company section or department
     * @param {string} postalCode Zip code
     * @param {string} serialNumber The Registration (or similar) Number assigned to the Subject by the Incorporating or Registration Agency in its Jurisdiction of Incorporation or Registration. Relevant for EV certificates.
     * @param {string} state State
     * @param {string} streetAddress Address
     * @param {string[]} subjectAlternativeNames Additional domain or domains that the SSL certificate is securing
     * @returns {Promise<CSRResponse>} a promise that resolves to a CSRResponse object
     */
    createCSR2(algorithm: 'rsa' | 'ecdsa', businessCategory: string, city: string, commonName: string, country: string, email: string, jurisdictionCity: string, jurisdictionCountry: string, jurisdictionState: string, organization: string, organizationalUnit: string, postalCode: string, serialNumber: string, state: string, streetAddress: string, subjectAlternativeNames: string[]): Promise<CSRResponse>;
    /**
     * Update CSR
     * @param {string} csrId ID of the CSR
     * @param {string} certificate The matching signed certificate for the request. This should only be set on update requests to upload the certificate.
     * @returns {Promise<CSRResponse>} a promise that resolves to a CSRResponse object
     */
    updateCSR(csrId: string, certificate: string): Promise<CSRResponse>;
    /**
     * Delete CSR
     * @param {string} csrId ID of the CSR
     * @returns {Promise<CSRResponse>} a promise that resolves to a CSRResponse object
     */
    deleteCSR(csrId: string): Promise<CSRResponse>;
    /**
     * Delete all CSRs
     * @returns {Promise<CSRResponse[]>} a promise that resolves to an array of CSRResponse objects
     */
    deleteCSRs(): Promise<CSRResponse[]>;
};

/**
 * Custom Domains object
 */
type CustomDomains = {
    domains: string[];
};

type EnvCustomDomains = {
    /**
     * Verify CNAME
     * @param {string} name CNAME to verify
     * @returns {Promise<boolean>} a promise that resolves to true if successul, false otherwise.
     */
    verifyCNAME(name: string): Promise<boolean>;
    /**
     * Read custom domains
     * @returns {Promise<CustomDomains>} a promise that resolves to a CustomDomains object
     */
    readCustomDomains(): Promise<CustomDomains>;
    /**
     * Update custom domains
     * @param {CustomDomains} domains CustomDomains object
     * @returns {Promise<CustomDomains>} a promise that resolves to a CustomDomains object.
     */
    updateCustomDomains(domains: CustomDomains): Promise<CustomDomains>;
};

/**
 * Direct Configuration Session State object
 */
type DirectConfigurationSessionState = {
    editable: boolean;
    status: string;
};

type EnvDirectConfigurationSession = {
    /**
     * Initiate direct configuration session
     * @returns {Promise<DirectConfigurationSessionState>} a promise that resolves to a DirectConfigurationSessionState object
     */
    initDirectConfigurationSession(): Promise<DirectConfigurationSessionState>;
    /**
     * Apply direct configuration session
     * @returns {Promise<DirectConfigurationSessionState>} a promise that resolves to a DirectConfigurationSessionState object
     */
    applyDirectConfigurationSession(): Promise<DirectConfigurationSessionState>;
    /**
     * Abort direct configuration session
     * @returns {Promise<DirectConfigurationSessionState>} a promise that resolves to a DirectConfigurationSessionState object
     */
    abortDirectConfigurationSession(): Promise<DirectConfigurationSessionState>;
    /**
     * Read direct configuration session state
     * @returns {Promise<DirectConfigurationSessionState>} a promise that resolves to a DirectConfigurationSessionState object
     */
    readDirectConfigurationSessionState(): Promise<DirectConfigurationSessionState>;
};

/**
 * Federation Enforcement object
 */
type FederationEnforcement = {
    groups: 'none' | 'non-global' | 'all';
};

type EnvFederationEnforcement = {
    /**
     * Read federation enforcement configuration
     * @returns {Promise<FederationEnforcement>} a promise that resolves to a FederationEnforcement object
     */
    readFederationEnforcement(): Promise<FederationEnforcement>;
    /**
     * Update federation enforcement configuration
     * @param {FederationEnforcement} config FederationEnforcement object
     * @returns {Promise<FederationEnforcement>} a promise that resolves to a FederationEnforcement object.
     */
    updateFederationEnforcement(config: FederationEnforcement): Promise<FederationEnforcement>;
    /**
     * Enforce federation for a group of admins
     * @param {EnforcementGroup} group Group of admins to enforce federation for
     * @returns {Promise<FederationEnforcement>} a promise that resolves to a FederationEnforcement object.
     */
    enforceFederationFor(group: EnforcementGroup): Promise<FederationEnforcement>;
};
declare enum EnforcementGroup {
    Nobody = "none",
    TenantAdmins = "non-global",
    AllAdmins = "all"
}

/**
 * Lock response
 */
type LockResponse = {
    description: string;
    promotionId: string;
    result: string;
};
/**
 * Lock status
 */
type LockStatus = {
    description: string;
    lowerEnv: {
        promotionId: string;
        proxyState: string;
        state: string;
    };
    promotionId: string;
    result: 'unlocked' | 'locking' | 'unlocking' | 'locked' | 'error';
    upperEnv: {
        promotionId: string;
        proxyState: string;
        state: string;
    };
};
/**
 * Promotion request config
 */
type PromotionRequestConfig = {
    dryRun: boolean;
    ignoreEncryptedSecrets: boolean;
    promoter: string;
    promotionDescription: string;
    unlockEnvironmentsAfterPromotion: boolean;
    zendeskTicketReference: string;
};
/**
 * Promotion response
 */
type PromotionResponse = {
    result: string;
};
type PromotionType = 'promotion' | 'rollback';
/**
 * Promotion status
 */
type PromotionStatus = {
    blockingError: boolean;
    encryptedSecrets: string[];
    globalLock: string;
    message: string;
    missingESVs: string[];
    promotionId: string;
    status: string;
    timeStamp: string;
    type: PromotionType;
};
type PromotionConfigChange = {
    name: string;
    realm: string;
    uid: string;
};
type PromotionConfig = {
    configChange: {
        added: PromotionConfigChange[];
        deleted: PromotionConfigChange[];
        modified: PromotionConfigChange[];
    };
    configItem: string;
};
type PromotionReport = {
    createdDate: string;
    dryRun: boolean;
    missingESVs: string[];
    previouslyIgnoredEncryptedSecrets: string[];
    promoter: string;
    promotionDescription: string;
    promotionId: string;
    report: {
        AMConfig: PromotionConfig[];
        IDMConfig: PromotionConfig[];
    };
    reportId: string;
    reportName: string;
    type: PromotionType;
};
type PromotionReportStub = {
    createdDate: '2022-01-19T13:04:00Z';
    dryRun: true;
    promotionId: '7575f185-cd0b-4823-b8b1-f677895291d4';
    reportId: 'd19e140-8325-4669-b9f3-1cd82784e24e';
    type: 'rollback';
};
/**
 * Rollback request
 */
type RollbackConfig = {
    promoter: string;
    promotionDescription: string;
    unlockEnvironmentsAfterPromotion: boolean;
    zendeskTicketReference: string;
};
/**
 * Rollback response
 */
type RollbackResponse = {
    result: string;
};

type EnvPromotion = {
    /**
     * Lock environment
     * @returns {Promise<LockResponse>} a promise that resolves to a LockResponse object.
     */
    lockEnvironment(): Promise<LockResponse>;
    /**
     * Unlock environment
     * @param {string} promotionId Promotion id.
     * @returns {Promise<LockResponse>} a promise that resolves to a LockResponse object
     */
    unlockEnvironment(promotionId: string): Promise<LockResponse>;
    /**
     * Read lock status
     * @returns {Promise<LockStatus>} a promise that resolves to a LockStatus object
     */
    readLockStatus(): Promise<LockStatus>;
    /**
     * Promote configuration
     * @param {PromotionRequestConfig} config Promotion request config
     * @returns {Promise<PromotionResponse>} a promise that resolves to a PromotionResponse object.
     */
    promoteConfiguration(config: PromotionRequestConfig): Promise<PromotionResponse>;
    /**
     * Read promotion status
     * @returns {Promise<PromotionStatus>} a promise that resolves to a PromotionStatus object
     */
    readPromotionStatus(): Promise<PromotionStatus>;
    /**
     * Read last promotion report
     * @returns {Promise<PromotionReport>} a promise that resolves to a PromotionReport object
     */
    readLastPromotionReport(): Promise<PromotionReport>;
    /**
     * Read promotion report
     * @param {string} reportId Promotion id
     * @returns {Promise<PromotionReport>} a promise that resolves to a PromotionReport object
     */
    readPromotionReport(reportId: string): Promise<PromotionReport>;
    /**
     * Run a provisional report of changes since the last time the lower environment was promoted to the upper environment.
     * The report generated is for informational purposes only and may not reflect all the changes in a full promotion.
     * A dry-run promotion is always recommended prior to a full promotion between environments.
     * @returns {Promise<PromotionReport>} a promise that resolves to a PromotionReport object
     */
    runProvisionalPromotionReport(): Promise<PromotionReport>;
    /**
     * Run a provisional rollback report of changes when we rollback the configuration to the previous promotion.
     * @returns {Promise<PromotionReport>} a promise that resolves to a PromotionReport object
     */
    runProvisionalRollbackReport(): Promise<PromotionReport>;
    /**
     * Read a list of promotion reports in date order.
     * @returns {Promise<PromotionReportStub[]>} a promise that resolves to an array of PromotionReportStub objects
     */
    readPromotionReports(): Promise<PromotionReportStub[]>;
    /**
     * Rollback a promotion
     * @param {RollbackConfig} config Rollback config
     * @returns {Promise<RollbackResponse>} a promise that resolves to a RollbackResponse object.
     */
    rollbackPromotion(config: RollbackConfig): Promise<RollbackResponse>;
};

/**
 * Release object
 */
type Release = {
    currentVersion: string;
    nextUpgrade: string;
};

type EnvRelease = {
    /**
     * Read release information
     * @returns {Promise<Release>} a promise that resolves to a Release object
     */
    readRelease(): Promise<Release>;
};

/**
 * Service Account Scopes object
 */
type ServiceAccountScope = {
    scope: string;
    description?: string;
    childScopes?: ServiceAccountScope[];
};

type EnvServiceAccountScopes = {
    /**
     * Read available service account scopes
     * @returns {Promise<SSOCookieConfig>} a promise that resolves to an array of ServiceAccountScope objects or a flattened array of scope strings
     */
    readServiceAccountScopes(flatten?: boolean): Promise<ServiceAccountScope[] | string[]>;
};

/**
 * SSO Cookie Configuration object
 */
type SSOCookieConfig = {
    name: string;
};

type EnvSSOCookieConfig = {
    /**
     * Read SSO cookie configuration
     * @returns {Promise<SSOCookieConfig>} a promise that resolves to an SSOCookieConfig object.
     */
    readSSOCookieConfig(): Promise<SSOCookieConfig>;
    /**
     * Reset SSO cookie configuration
     * @returns {Promise<SSOCookieConfig>} a promise that resolves to an SSOCookieConfig object.
     */
    resetSSOCookieConfig(): Promise<SSOCookieConfig>;
    /**
     * Update SSO cookie configuration
     * @param {SSOCookieConfig} config SSOCookieConfig object
     * @returns {Promise<SSOCookieConfig>} a promise that resolves to an SSOCookieConfig object.
     */
    updateSSOCookieConfig(config: SSOCookieConfig): Promise<SSOCookieConfig>;
};

type EsvCountResponse = {
    secrets: number;
    variables: number;
};

type EsvCount = {
    /**
     * Get count of ESV secrets and variables in the environment.
     * @returns {Promise<EsvCountResponse>} a promise that resolves to an object with counts of secrets and variables
     */
    getEsvCount(): Promise<EsvCountResponse>;
};

type Feature = {
    /**
     * Read all features
     * @returns {Promise<FeatureInterface[]>} a promise that resolves to an array of feature objects
     */
    readFeatures(): Promise<FeatureInterface[]>;
    /**
     * Check if feature is available
     * @param {string} featureId feature id (e.g. 'service-accounts')
     * @returns {Promise<boolean>} a promise that resolves to true if the feature is available and to false otherwise
     */
    hasFeature(featureId: string): Promise<boolean>;
};

type CertificationTemplateType = 'identity' | 'entitlement' | 'entitlementComposition' | 'roleMembership' | 'role-definition' | 'application';
interface UserInfo {
    id: string;
    mail: string;
    userName: string;
    givenName: string;
    sn: string;
}
interface RoleInfo {
    id: string;
    name: string;
}
interface EmailTemplateNotificationEvent {
    notification: string;
    frequency?: number;
    includeActor?: boolean;
    includeManager?: boolean;
    day?: number;
    action?: string;
    actors?: {
        type: string;
        id: string;
    }[];
}
type ObjectInfo = UserInfo | RoleInfo;
interface CertificationTemplateSkeleton {
    id: string;
    status: 'pending' | 'active';
    name: string;
    description: string;
    isEventBased: boolean;
    stagingEnabled: boolean;
    schedule?: {
        _id: string;
        enabled: boolean;
        persisted: boolean;
        recoverable: boolean;
        misfirePolicy: 'fireAndProceed' | 'doNothing';
        schedule: string | null;
        repeatInterval: number;
        repeatCount: number;
        type: 'simple' | 'cron';
        invokeService: string;
        invokeContext: {
            script: {
                globals: {
                    scanType?: string;
                    templateId?: string;
                };
                type: 'text/javascript';
                source: string;
            };
            numberOfThreads?: number;
            scan?: {
                object: string;
                taskState: {
                    started: string;
                    completed: string;
                };
                _queryFilter: string;
            };
        };
        invokeLogLevel: 'error' | 'warn' | 'info' | 'debug' | 'trace';
        startTime: string | null;
        endTime: string | null;
        concurrentExecution: boolean;
        previousRunDate: string | null;
        nextRunDate: string | null;
        triggers: object[];
    } | null;
    skipInactiveCertifiers: boolean;
    allowSelfCertification: boolean;
    selfCertificationRule: 'none' | 'restricted' | 'all';
    enableForward: boolean;
    enableReassign: boolean;
    exceptionDuration: number;
    allowBulkCertify: boolean;
    allowPartialSignoff: boolean;
    remediationRule: string | null;
    initializeRule: string;
    finalizeRule: string;
    certificationType: CertificationTemplateType;
    ownerId: string;
    stageDuration: number;
    expirationAction: string | null;
    expirationActionDelay: number;
    expirationReassignee: string | null;
    defaultCertifierId: string | null;
    assignmentNotification: string | null;
    assignmentNotificationIncludeManager: boolean;
    reassignNotification: string | null;
    expirationNotification: string | null;
    reminderNotification: string | null;
    reminderFrequency: number | null;
    escalationNotification: string | null;
    escalationFrequency: number | null;
    escalationOwner: string | null;
    remediationDelay: number;
    excludeConditionalAccess: boolean;
    excludeRoleBasedAccess: boolean;
    scheduleId?: string;
    metadata?: Metadata;
    reassignPermissions: {
        certify: boolean;
        comment: boolean;
        claim: boolean;
        delegate: boolean;
        exception: boolean;
        forward: boolean;
        reassign: boolean;
        reset: boolean;
        revoke: boolean;
        save: boolean;
        signoff: boolean;
    };
    stages: {
        certifierId: string | null;
        certifierType: 'user' | 'custom' | 'organization' | 'manager' | 'authzGroup';
        certifierScript: string | null;
        certifierPath: string | null;
        certifierInfo?: ObjectInfo;
    }[];
    targetFilter: {
        type: ('accountGrant' | 'entitlementGrant' | 'roleMembership' | 'AccountGrant' | 'ResourceGrant' | 'entitlement')[];
        user?: SearchTargetFilterOperation;
        application?: SearchTargetFilterOperation;
        account: SearchTargetFilterOperation;
        memberOfOrg: string[];
        entitlement?: SearchTargetFilterOperation;
        role?: SearchTargetFilterOperation;
        decision: SearchTargetFilterOperation;
    };
    requireJustification: {
        revoke: boolean;
        exceptionAllowed: boolean;
    };
    uiConfig: {
        columnConfig: {
            accounts?: string[];
            entitlements?: string[];
            roles?: string[];
        };
    };
    events: {
        assignment?: EmailTemplateNotificationEvent;
        reassign?: EmailTemplateNotificationEvent;
        reminder?: EmailTemplateNotificationEvent;
        escalation?: EmailTemplateNotificationEvent;
        expirationNotification?: EmailTemplateNotificationEvent;
    };
    ownerInfo: UserInfo;
    defaultCertifierInfo: UserInfo;
    expirationReassigneeInfo?: UserInfo;
    escalationOwnerInfo?: UserInfo;
    expirationNotificationDay: number;
    templateEventType?: string;
    parameters?: {
        id: string;
        displayName: string;
        type: string;
    }[];
}
interface CertificationTemplateDeleteSkeleton {
    indexName: string;
    indices: {
        latest: string;
    };
}

type EmailTemplate = {
    /**
     * Email template type key used to build the IDM id: 'emailTemplate/<id>'
     */
    EMAIL_TEMPLATE_TYPE: string;
    /**
     * Create an empty email template export template
     * @returns {EmailTemplateExportInterface} an empty email template export template
     */
    createEmailTemplateExportTemplate(): EmailTemplateExportInterface;
    /**
     * Get all email templates
     * @param {boolean} includeDefault Include default email templates if true, false to exclude them. Default: false
     * @returns {Promise<EmailTemplateSkeleton[]>} a promise that resolves to an array of email template objects
     */
    readEmailTemplates(includeDefault?: boolean): Promise<EmailTemplateSkeleton[]>;
    /**
     * Get email template
     * @param {string} templateId id/name of the email template without the type prefix
     * @returns {Promise<EmailTemplateSkeleton>} a promise that resolves an email template object
     */
    readEmailTemplate(templateId: string): Promise<EmailTemplateSkeleton>;
    /**
     * Export all email templates. The response can be saved to file as is.
     * @param {boolean} includeDefault Include default email templates if true, false to exclude them. Default: false
     * @returns {Promise<EmailTemplateExportInterface>} Promise resolving to a EmailTemplateExportInterface object.
     */
    exportEmailTemplates(includeDefault?: boolean): Promise<EmailTemplateExportInterface>;
    /**
     * Create email template
     * @param {string} templateId id/name of the email template without the type prefix
     * @param {EmailTemplateSkeleton} templateData email template object
     * @returns {Promise<EmailTemplateSkeleton>} a promise that resolves to an email template object
     */
    createEmailTemplate(templateId: string, templateData: EmailTemplateSkeleton): Promise<EmailTemplateSkeleton>;
    /**
     * Update or create email template
     * @param {string} templateId id/name of the email template without the type prefix
     * @param {EmailTemplateSkeleton} templateData email template object
     * @returns {Promise<EmailTemplateSkeleton>} a promise that resolves to an email template object
     */
    updateEmailTemplate(templateId: string, templateData: EmailTemplateSkeleton): Promise<EmailTemplateSkeleton>;
    /**
     * Import all email templates
     * @param {EmailTemplateExportInterface} importData import data
     * @returns {Promise<IdObjectSkeletonInterface[]>} a promise resolving to an array of email template objects
     */
    importEmailTemplates(importData: EmailTemplateExportInterface): Promise<EmailTemplateSkeleton[]>;
    /**
     * Delete all email templates
     * @returns {Promise<EmailTemplateSkeleton[]>} a promise that resolves to an array of email template objects
     */
    deleteEmailTemplates(): Promise<EmailTemplateSkeleton[]>;
    /**
     * Delete email template
     * @param {string} templateId id/name of the email template without the type prefix 'emailTemplate/'
     * @returns {Promise<EmailTemplateSkeleton>} a promise that resolves an email template object
     */
    deleteEmailTemplate(templateId: string): Promise<EmailTemplateSkeleton>;
};
type EmailTemplateSkeleton = IdObjectSkeletonInterface & {
    defaultLocale?: string;
    displayName?: string;
    enabled?: boolean;
    from: string;
    subject: Record<string, string>;
    message?: Record<string, string>;
    html?: Record<string, string>;
};
interface EmailTemplateExportInterface {
    meta?: ExportMetaData;
    emailTemplate: Record<string, EmailTemplateSkeleton>;
}

type CertificationTemplate = {
    /**
     * Create certification template
     * @param {CertificationTemplateSkeleton} templateData the certification template object
     * @returns {Promise<CertificationTemplateSkeleton>} a promise that resolves to a certification template object
     */
    createCertificationTemplate(templateData: CertificationTemplateSkeleton): Promise<CertificationTemplateSkeleton>;
    /**
     * Read certification template
     * @param {string} templateId The certification template id
     * @returns {Promise<CertificationTemplateSkeleton>} a promise that resolves to a certification template object
     */
    readCertificationTemplate(templateId: string): Promise<CertificationTemplateSkeleton>;
    /**
     * Read certification template by its name.
     * @param {string} templateName the certification template name
     * @returns {Promise<CertificationTemplateSkeleton>} a promise that resolves to a certification template object
     */
    readCertificationTemplateByName(templateName: string): Promise<CertificationTemplateSkeleton>;
    /**
     * Read all certification templates
     * @returns {Promise<CertificationTemplateSkeleton[]>} a promise that resolves to an array of certification template objects
     */
    readCertificationTemplates(): Promise<CertificationTemplateSkeleton[]>;
    /**
     * Export certification template
     * @param {string} templateId the certification template id
     * @param {CertificationTemplateExportOptions} options export options
     * @returns {Promise<CertificationTemplateExportInterface>} a promise that resolves to a certification template export object
     */
    exportCertificationTemplate(templateId: string, options?: CertificationTemplateExportOptions): Promise<CertificationTemplateExportInterface>;
    /**
     * Export certification template by its name.
     * @param {string} templateName the certification template name
     * @param {CertificationTemplateExportOptions} options export options
     * @returns {Promise<CertificationTemplateExportInterface>} a promise that resolves to a certification template export object
     */
    exportCertificationTemplateByName(templateName: string, options?: CertificationTemplateExportOptions): Promise<CertificationTemplateExportInterface>;
    /**
     * Export all certification templates
     * @param {CertificationTemplateExportOptions} options export options
     * @param {ResultCallback<CertificationTemplateExportInterface>} resultCallback Optional callback to process individual results
     * @returns {Promise<CertificationTemplateExportInterface>} a promise that resolves to a certification template export object
     */
    exportCertificationTemplates(options?: CertificationTemplateExportOptions, resultCallback?: ResultCallback<CertificationTemplateExportInterface>): Promise<CertificationTemplateExportInterface>;
    /**
     * Update certification template
     * @param {string} templateId the certification template id
     * @param {CertificationTemplateSkeleton} templateData the certification template object
     * @returns {Promise<CertificationTemplateSkeleton>} a promise that resolves to a certification template object
     */
    updateCertificationTemplate(templateId: string, templateData: CertificationTemplateSkeleton): Promise<CertificationTemplateSkeleton>;
    /**
     * Import certification templates
     * @param {string} templateId The certification template id. If supplied, only the certification template of that id is imported. Takes priority over templateName if it is provided.
     * @param {string} templateName The certification template name. If supplied, only the certification template of that name is imported.
     * @param {CertificationTemplateExportInterface} importData certification template import data
     * @param {CertificationTemplateImportOptions} options import options
     * @param {ResultCallback<CertificationTemplateSkeleton>} resultCallback Optional callback to process individual results
     * @returns {Promise<CertificationTemplateSkeleton[]>} the imported certification templates
     */
    importCertificationTemplates(importData: CertificationTemplateExportInterface, templateId?: string, templateName?: string, options?: CertificationTemplateImportOptions, resultCallback?: ResultCallback<CertificationTemplateSkeleton>): Promise<CertificationTemplateSkeleton[]>;
    /**
     * Delete certification template
     * @param {string} templateId the certification template id
     * @returns {Promise<CertificationTemplateDeleteSkeleton>} a promise that resolves to a certification template object
     */
    deleteCertificationTemplate(templateId: string): Promise<CertificationTemplateDeleteSkeleton>;
    /**
     * Delete certification template by its name.
     * @param {string} templateName the certification template name
     * @returns {Promise<CertificationTemplateDeleteSkeleton>} a promise that resolves to a certification template object
     */
    deleteCertificationTemplateByName(templateName: string): Promise<CertificationTemplateDeleteSkeleton>;
    /**
     * Delete certification templates
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<CertificationTemplateDeleteSkeleton[]>} promise that resolves to an array of certification template objects
     */
    deleteCertificationTemplates(resultCallback?: ResultCallback<CertificationTemplateDeleteSkeleton>): Promise<CertificationTemplateDeleteSkeleton[]>;
};
interface CertificationTemplateExportInterface {
    meta?: ExportMetaData;
    certificationTemplate: Record<string, CertificationTemplateSkeleton>;
    emailTemplate?: Record<string, EmailTemplateSkeleton>;
}
/**
 * Certification template import options
 */
interface CertificationTemplateImportOptions {
    /**
     * Include any dependencies (email templates).
     */
    deps: boolean;
}
/**
 * Certification template export options
 */
interface CertificationTemplateExportOptions {
    /**
     * Include any dependencies (email templates).
     */
    deps: boolean;
}

type EventType = 'certification' | 'orchestration';
type ConditionGroupOperator = 'and' | 'or';
type ConditionOperator = 'contains' | 'not_contains' | 'equals' | 'not_equals' | 'starts_with' | 'ends_with' | 'gte' | 'gt' | 'lt' | 'lte';
type ConditionFilter = {
    [k in ConditionGroupOperator]?: (ConditionFilter | {
        [k in ConditionOperator]?: {
            left?: string | {
                literal: string | number;
            };
            right?: string | {
                literal: string | number;
            };
            search_string?: string | {
                literal: string | number;
            };
            in_string?: string | {
                literal: string | number;
            };
            prefix?: string | {
                literal: string | number;
            };
            suffix?: string | {
                literal: string | number;
            };
            value?: string | {
                literal: string | number;
            };
        };
    })[];
};
interface EventOwner {
    id: string;
    userName: string;
    mail: string;
    givenName: string;
    sn: string;
}
interface EventSkeleton {
    name: string;
    description: string;
    owners: EventOwner[];
    entityType: 'user';
    mutationType: 'create' | 'update';
    condition: {
        version?: string;
        filter?: ConditionFilter;
    };
    action: {
        type: EventType;
        template?: {
            id: string;
        } | CertificationTemplateSkeleton;
        name?: string;
        parameters?: Record<string, string>;
    };
    status: 'active' | 'inactive';
    metadata?: Metadata;
    id: string;
    _rev?: number;
}

type IgaEvent = {
    /**
     * Create event
     * @param {EventSkeleton} eventData the event object
     * @returns {Promise<EventSkeleton>} a promise that resolves to an event object
     */
    createEvent(eventData: EventSkeleton): Promise<EventSkeleton>;
    /**
     * Read Event
     * @param {string} eventId The event id
     * @returns {Promise<EventSkeleton>} A promise that resolves to a event object
     */
    readEvent(eventId: string): Promise<EventSkeleton>;
    /**
     * Read event by its name. Since names are NOT necessarily unique, this method will throw if it finds multiple of the same name.
     * @param {string} eventName the event name
     * @returns {Promise<EventSkeleton>} a promise that resolves to a event object
     */
    readEventByName(eventName: string): Promise<EventSkeleton>;
    /**
     * Read all events
     * @returns {Promise<EventSkeleton[]>} a promise that resolves to an array of event objects
     */
    readEvents(): Promise<EventSkeleton[]>;
    /**
     * Export event
     * @param {string} eventId The event id
     * @param {EventExportOptions} options Export options
     * @returns {Promise<EventExportInterface>} A promise that resolves to a event export object
     */
    exportEvent(eventId: string, options?: EventExportOptions): Promise<EventExportInterface>;
    /**
     * Export event by its name. Since names are NOT necessarily unique, this method will throw if it finds multiple of the same name.
     * @param {string} eventName the event name
     * @param {EventExportOptions} options export options
     * @returns {Promise<EventExportInterface>} a promise that resolves to a event export object
     */
    exportEventByName(eventName: string, options?: EventExportOptions): Promise<EventExportInterface>;
    /**
     * Export all events
     * @param {EventExportOptions} options Export options
     * @param {ResultCallback<EventExportInterface>} resultCallback Optional callback to process individual results
     * @returns {Promise<EventExportInterface>} A promise that resolves to a event export object
     */
    exportEvents(options?: EventExportOptions, resultCallback?: ResultCallback<EventExportInterface>): Promise<EventExportInterface>;
    /**
     * Update event
     * @param {string} eventId The event id
     * @param {EventSkeleton} eventData The event object
     * @returns {Promise<EventSkeleton>} A promise that resolves to a event object
     */
    updateEvent(eventId: string, eventData: EventSkeleton): Promise<EventSkeleton>;
    /**
     * Import events
     * @param {string} eventId The event id. If supplied, only the event of that id is imported. Takes priority over eventName if it is provided.
     * @param {string} eventName The event name. If supplied, only the event(s) of that name is imported.
     * @param {EventExportInterface} importData Event import data
     * @param {EventImportOptions} options Import options
     * @param {ResultCallback<EventSkeleton>} resultCallback Optional callback to process individual results
     * @returns {Promise<EventSkeleton[]>} The imported events
     */
    importEvents(importData: EventExportInterface, eventId?: string, eventName?: string, options?: EventImportOptions, resultCallback?: ResultCallback<EventSkeleton>): Promise<EventSkeleton[]>;
    /**
     * Delete event
     * @param {string} eventId The event id
     * @returns {Promise<EventSkeleton>} A promise that resolves to a event object
     */
    deleteEvent(eventId: string): Promise<EventSkeleton>;
    /**
     * Delete event by its name. Since names are NOT necessarily unique, this method will throw if it finds multiple of the same name.
     * @param {string} eventName The event name
     * @returns {Promise<EventSkeleton>} A promise that resolves to a event object
     */
    deleteEventByName(eventName: string): Promise<EventSkeleton>;
    /**
     * Delete events
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<EventSkeleton[]>} A promise that resolves to an array of event objects
     */
    deleteEvents(resultCallback?: ResultCallback<EventSkeleton>): Promise<EventSkeleton[]>;
};
interface EventExportInterface {
    meta?: ExportMetaData;
    event: Record<string, EventSkeleton>;
    emailTemplate?: Record<string, EmailTemplateSkeleton>;
}
/**
 * Event import options
 */
interface EventImportOptions {
    /**
     * Include any dependencies (e.g. email templates).
     */
    deps: boolean;
}
/**
 * Event export options
 */
interface EventExportOptions {
    /**
     * Include any dependencies (e.g. email templates).
     */
    deps: boolean;
}

type Glossary = {
    /**
     * Create glossary schema
     * @param {GlossarySchemaItemSkeleton} glossarySchemaData the glossary schema object
     * @returns {Promise<GlossarySchemaItemSkeleton>} a promise that resolves to a glossary schema object
     */
    createGlossarySchema(glossarySchemaData: GlossarySchemaItemSkeleton<any>): Promise<GlossarySchemaItemSkeleton<any>>;
    /**
     * Read glossary schema
     * @param {string} glossaryId the glossary schema id
     * @returns {Promise<GlossarySchemaItemSkeleton>} a promise that resolves to a glossary schema object
     */
    readGlossarySchema(glossaryId: string): Promise<GlossarySchemaItemSkeleton<any>>;
    /**
     * Read glossary schema by its name and object type
     * @param {string} glossaryName the glossary schema name
     * @param {GlossaryObjectType} objectType the glossary schema object type
     * @returns {Promise<GlossarySchemaItemSkeleton>} a promise that resolves to a glossary schema object
     */
    readGlossarySchemaByNameAndObjectType(glossaryName: string, objectType: GlossaryObjectType): Promise<GlossarySchemaItemSkeleton<any>>;
    /**
     * Read all glossary schemas
     * @returns {Promise<GlossarySchemaItemSkeleton[]>} a promise that resolves to an array of glossary schema objects
     */
    readGlossarySchemas(): Promise<GlossarySchemaItemSkeleton<any>[]>;
    /**
     * Export glossary schema
     * @param {string} glossaryId the glossary schema id
     * @returns {Promise<GlossarySchemaExportInterface>} a promise that resolves to a glossary schema export object
     */
    exportGlossarySchema(glossaryId: string): Promise<GlossarySchemaExportInterface>;
    /**
     * Export glossary schema by its name and object type
     * @param {string} glossaryName the glossary schema name
     * @param {GlossaryObjectType} objectType the glossary schema object type
     * @returns {Promise<GlossarySchemaExportInterface>} a promise that resolves to a glossary schema export object
     */
    exportGlossarySchemaByNameAndObjectType(glossaryName: string, objectType: GlossaryObjectType): Promise<GlossarySchemaExportInterface>;
    /**
     * Export all glossary schemas
     * @param {GlossarySchemaExportOptions} options export options
     * @returns {Promise<GlossarySchemaExportInterface>} a promise that resolves to a glossary schema export object
     */
    exportGlossarySchemas(options?: GlossarySchemaExportOptions): Promise<GlossarySchemaExportInterface>;
    /**
     * Update glossary schema
     * @param {string} glossaryId the glossary schema id
     * @param {GlossarySchemaItemSkeleton} glossarySchemaData the glossary schema object
     * @returns {Promise<GlossarySchemaItemSkeleton>} a promise that resolves to a glossary schema object
     */
    updateGlossarySchema(glossaryId: string, glossarySchemaData: GlossarySchemaItemSkeleton<any>): Promise<GlossarySchemaItemSkeleton<any>>;
    /**
     * Import glossary schemas
     * @param {string} glossaryId The glossary schema id.  If supplied, only the glossary schema of that id is imported. Takes priority over glossaryName/objectType if they are all provided.
     * @param {string} glossaryName The glossary schema name. If supplied along with the objectType, only the glossary schema of that name/objectType is imported.
     * @param {GlossaryObjectType} objectType the glossary schema object type
     * @param {GlossarySchemaExportInterface} importData glossary schema import data
     * @param {GlossarySchemaImportOptions} options import options
     * @param {ResultCallback<GlossarySchemaItemSkeleton>} resultCallback Optional callback to process individual results
     * @returns {Promise<GlossarySchemaItemSkeleton[]>} the imported glossary schemas
     */
    importGlossarySchemas(importData: GlossarySchemaExportInterface, glossaryId?: string, glossaryName?: string, objectType?: GlossaryObjectType, options?: GlossarySchemaImportOptions, resultCallback?: ResultCallback<GlossarySchemaItemSkeleton<any>>): Promise<GlossarySchemaItemSkeleton<any>[]>;
    /**
     * Delete glossary schema
     * @param {string} glossaryId the glossary schema id
     * @returns {Promise<GlossarySchemaItemSkeleton>} a promise that resolves to a glossary schema object
     */
    deleteGlossarySchema(glossaryId: string): Promise<GlossarySchemaItemSkeleton<any>>;
    /**
     * Delete glossary schema by its name and object type
     * @param {string} glossaryName the glossary schema name
     * @param {GlossaryObjectType} objectType the glossary schema object type
     * @returns {Promise<GlossarySchemaItemSkeleton>} a promise that resolves to a glossary schema object
     */
    deleteGlossarySchemaByNameAndObjectType(glossaryName: string, objectType: GlossaryObjectType): Promise<GlossarySchemaItemSkeleton<any>>;
    /**
     * Delete glossary schemas
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<GlossarySchemaItemSkeleton[]>} promise that resolves to an array of glossary schema objects
     */
    deleteGlossarySchemas(resultCallback?: ResultCallback<GlossarySchemaItemSkeleton<any>>): Promise<GlossarySchemaItemSkeleton<any>[]>;
};
interface GlossarySchemaExportInterface {
    meta?: ExportMetaData;
    glossarySchema: Record<string, GlossarySchemaItemSkeleton<any>>;
}
/**
 * Glossary schema import options
 */
interface GlossarySchemaImportOptions {
    /**
     * Include internal glossary schema in import if true
     */
    includeInternal: boolean;
}
/**
 * Glossary schema export options
 */
interface GlossarySchemaExportOptions {
    /**
     * Include internal glossary schema in export if true
     */
    includeInternal: boolean;
}

type RequestForm = {
    /**
     * Read request form
     * @param {string} formId The request form id
     * @returns {Promise<RequestFormSkeleton>} a promise that resolves to a request form object
     */
    readRequestForm(formId: string): Promise<RequestFormSkeleton>;
    /**
     * Read request form by its name. Since names are NOT necessarily unique, this method will throw if it finds multiple of the same name.
     * @param {string} formName the request form name
     * @returns {Promise<RequestFormSkeleton>} a promise that resolves to a request form object
     */
    readRequestFormByName(formName: string): Promise<RequestFormSkeleton>;
    /**
     * Read all request forms
     * @returns {Promise<RequestFormSkeleton[]>} a promise that resolves to an array of request form objects
     */
    readRequestForms(): Promise<RequestFormSkeleton[]>;
    /**
     * Export request form
     * @param {string} formId the request form id
     * @param {RequestFormExportOptions} options export options
     * @returns {Promise<RequestFormExportInterface>} a promise that resolves to a request form export object
     */
    exportRequestForm(formId: string, options?: RequestFormExportOptions): Promise<RequestFormExportInterface>;
    /**
     * Export request form by its name. Since names are NOT necessarily unique, this method will throw if it finds multiple of the same name.
     * @param {string} formName the request form name
     * @param {RequestFormExportOptions} options export options
     * @returns {Promise<RequestFormExportInterface>} a promise that resolves to a request form export object
     */
    exportRequestFormByName(formName: string, options?: RequestFormExportOptions): Promise<RequestFormExportInterface>;
    /**
     * Export all request forms
     * @param {RequestFormExportOptions} options export options
     * @param {ResultCallback<RequestFormExportInterface>} resultCallback Optional callback to process individual results
     * @returns {Promise<RequestFormExportInterface>} a promise that resolves to a request form export object
     */
    exportRequestForms(options?: RequestFormExportOptions, resultCallback?: ResultCallback<RequestFormExportInterface>): Promise<RequestFormExportInterface>;
    /**
     * Update request form
     * @param {string} formId the request form id
     * @param {RequestFormSkeleton} formData the request form object
     * @returns {Promise<RequestFormSkeleton>} a promise that resolves to a request form object
     */
    updateRequestForm(formId: string, formData: RequestFormSkeleton): Promise<RequestFormSkeleton>;
    /**
     * Import request forms
     * @param {string} formId The request form id. If supplied, only the request form of that id is imported. Takes priority over formName if it is provided.
     * @param {string} formName The request form name. If supplied, only the request form(s) of that name is imported.
     * @param {RequestFormExportInterface} importData request form import data
     * @param {RequestFormImportOptions} options import options
     * @param {ResultCallback<RequestFormSkeleton>} resultCallback Optional callback to process individual results
     * @returns {Promise<RequestFormSkeleton[]>} the imported request forms
     */
    importRequestForms(importData: RequestFormExportInterface, formId?: string, formName?: string, options?: RequestFormImportOptions, resultCallback?: ResultCallback<RequestFormSkeleton>): Promise<RequestFormSkeleton[]>;
    /**
     * Delete request form
     * @param {string} formId the request form id
     * @returns {Promise<RequestFormSkeleton>} a promise that resolves to a request form object
     */
    deleteRequestForm(formId: string): Promise<RequestFormSkeleton>;
    /**
     * Delete request form by its name. Since names are NOT necessarily unique, this method will throw if it finds multiple of the same name.
     * @param {string} formName the request form name
     * @returns {Promise<RequestFormSkeleton>} a promise that resolves to a request form object
     */
    deleteRequestFormByName(formName: string): Promise<RequestFormSkeleton>;
    /**
     * Delete request forms
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<RequestFormSkeleton[]>} promise that resolves to an array of request form objects
     */
    deleteRequestForms(resultCallback?: ResultCallback<RequestFormSkeleton>): Promise<RequestFormSkeleton[]>;
    /**
     * Delete orphaned request form assignments. If no ids are specified, it will remove all orphans
     * @param {string} formId The optional request form id. If specified, deletes orphaned assignments for the specified form.
     * @param {string} workflowId The optional workflow id. If specified, deletes orphaned assignments for the specified workflow.
     * @param {string} applicationId The optional application id. If specified, deletes orphaned assignments for the specified application.
     * @param {string} requestTypeId The optional request type id. If specified, deletes orphaned assignments for the specified request type.
     * @param {boolean} onlyWorkflow Optional flag to return only workflow related assignments. Default: false
     * @param {ResultCallback<RequestFormAssignment>} resultCallback Optional callback to process individual results
     * @returns {RequestFormAssignment[]} the deleted orphaned form assignments
     */
    deleteOrphanedRequestFormAssignments(formId?: string, workflowId?: string, applicationId?: string, requestTypeId?: string, onlyWorkflow?: boolean, resultCallback?: ResultCallback<RequestFormAssignment>): Promise<RequestFormAssignment[]>;
};
interface RequestFormExportInterface {
    meta?: ExportMetaData;
    requestForm: Record<string, RequestFormSkeleton>;
    requestType?: Record<string, RequestTypeSkeleton>;
}
/**
 * Request form import options
 */
interface RequestFormImportOptions {
    /**
     * Include any dependencies (request types).
     */
    deps: boolean;
}
/**
 * Request form export options
 */
interface RequestFormExportOptions {
    /**
     * Include any dependencies (request types).
     */
    deps: boolean;
    /**
     * Use string arrays to store script code
     */
    useStringArrays: boolean;
}

type RequestType = {
    /**
     * Create request type
     * @param {RequestTypeSkeleton} typeData the request type object
     * @returns {Promise<RequestTypeSkeleton>} a promise that resolves to a request type object
     */
    createRequestType(typeData: RequestTypeSkeleton): Promise<RequestTypeSkeleton>;
    /**
     * Read request type
     * @param {string} typeId the request type id
     * @returns {Promise<RequestTypeSkeleton>} a promise that resolves to a request type object
     */
    readRequestType(typeId: string): Promise<RequestTypeSkeleton>;
    /**
     * Read request type by its display name
     * @param {string} typeName the request type display name
     * @returns {Promise<RequestTypeSkeleton>} a promise that resolves to a request type object
     */
    readRequestTypeByName(typeName: string): Promise<RequestTypeSkeleton>;
    /**
     * Read all request types
     * @returns {Promise<RequestTypeSkeleton[]>} a promise that resolves to an array of request type objects
     */
    readRequestTypes(): Promise<RequestTypeSkeleton[]>;
    /**
     * Export request type
     * @param {string} typeId the request type id
     * @param {RequestTypeExportOptions} options export options
     * @returns {Promise<RequestTypeExportInterface>} a promise that resolves to a request type export object
     */
    exportRequestType(typeId: string, options?: RequestTypeExportOptions): Promise<RequestTypeExportInterface>;
    /**
     * Export request type by its display name
     * @param {string} typeName the request type display name
     * @param {RequestTypeExportOptions} options export options
     * @returns {Promise<RequestTypeExportInterface>} a promise that resolves to a request type export object
     */
    exportRequestTypeByName(typeName: string, options?: RequestTypeExportOptions): Promise<RequestTypeExportInterface>;
    /**
     * Export all request types
     * @param {RequestTypeExportOptions} options export options
     * @returns {Promise<RequestTypeExportInterface>} a promise that resolves to a request type export object
     */
    exportRequestTypes(options?: RequestTypeExportOptions): Promise<RequestTypeExportInterface>;
    /**
     * Update request type
     * @param {string} typeId the request type id
     * @param {RequestTypeSkeleton} typeData the request type object
     * @returns {Promise<RequestTypeSkeleton>} a promise that resolves to a request type object
     */
    updateRequestType(typeId: string, typeData: RequestTypeSkeleton): Promise<RequestTypeSkeleton>;
    /**
     * Import request types
     * @param {string} typeId The request type id. If supplied, only the request type of that id is imported. Takes priority over typeName if they are all provided.
     * @param {string} typeName The request type display name. If supplied, only the request type of that display name is imported.
     * @param {RequestTypeExportInterface} importData request type import data
     * @param {RequestTypeImportOptions} options import options
     * @param {ResultCallback<RequestTypeSkeleton>} resultCallback Optional callback to process individual results
     * @returns {Promise<RequestTypeSkeleton[]>} the imported request types
     */
    importRequestTypes(importData: RequestTypeExportInterface, typeId?: string, typeName?: string, options?: RequestTypeImportOptions, resultCallback?: ResultCallback<RequestTypeSkeleton>): Promise<RequestTypeSkeleton[]>;
    /**
     * Delete request type
     * @param {string} typeId the request type id
     * @returns {Promise<RequestTypeSkeleton>} a promise that resolves to a request type object
     */
    deleteRequestType(typeId: string): Promise<RequestTypeSkeleton>;
    /**
     * Delete request type by its display name
     * @param {string} typeName the request type display name
     * @returns {Promise<RequestTypeSkeleton>} a promise that resolves to a request type object
     */
    deleteRequestTypeByName(typeName: string): Promise<RequestTypeSkeleton>;
    /**
     * Delete request types
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<RequestTypeSkeleton[]>} promise that resolves to an array of request type objects
     */
    deleteRequestTypes(resultCallback?: ResultCallback<RequestTypeSkeleton>): Promise<RequestTypeSkeleton[]>;
};
interface RequestTypeExportInterface {
    meta?: ExportMetaData;
    requestType: Record<string, RequestTypeSkeleton>;
}
/**
 * Request type import options
 */
interface RequestTypeImportOptions {
    /**
     * Include only custom request types in import if true
     */
    onlyCustom: boolean;
}
/**
 * Request type export options
 */
interface RequestTypeExportOptions {
    /**
     * Include only custom request types in export if true
     */
    onlyCustom: boolean;
    /**
     * Use string arrays to store script code
     */
    useStringArrays: boolean;
}

interface NodeRefSkeletonInterface {
    connections: Record<string, string>;
    displayName: string;
    nodeType: string;
    x: number;
    y: number;
}
interface StaticNodeRefSkeletonInterface {
    x: number;
    y: number;
}
interface InnerNodeRefSkeletonInterface {
    _id: string;
    displayName: string;
    nodeType: string;
}
type CustomNodeProperty = {
    title: string;
    description: string;
    type: 'NUMBER' | 'STRING' | 'OBJECT' | 'BOOLEAN';
    required: boolean;
    defaultValue?: string | number | boolean | Record<string, string> | string[] | number[];
    multivalued: boolean;
    options?: Record<string, string>;
};
type CustomNodeSkeleton = IdObjectSkeletonInterface & {
    serviceName: string;
    displayName: string;
    description: string;
    outcomes: string[];
    outputs: string[];
    inputs: string[];
    script: string | string[];
    errorOutcome: boolean;
    tags: string[];
    properties: Record<string, CustomNodeProperty>;
};
type NodeSkeleton = AmConfigEntityInterface & {
    nodes?: InnerNodeRefSkeletonInterface[];
    tree?: string;
    identityResource?: string;
    script?: string;
    emailTemplateName?: string;
    filteredProviders?: string[];
    useScript?: boolean;
    useFilterScript?: boolean;
};
/**
 * Object that is layed out as follows: <realm-path>.<journey-name> = array of nodes where custom node type is used in the journey in the specified realm
 */
type CustomNodeUsage = Record<string, Record<string, string[]>>;

type StepType = 'scriptTask' | 'violationTask' | 'fulfillmentTask' | 'emailTask' | 'waitTask' | 'approvalTask';
type ApprovalMode = 'any';
interface TaskConfiguration {
    nextStep: {
        condition: null | string;
        outcome: string;
        step: null | string;
    }[];
}
interface ScriptTask extends TaskConfiguration {
    language: 'javascript';
    script: string;
    gatewayType?: 'inclusive';
}
interface ViolationTask extends TaskConfiguration {
    approvalMode: ApprovalMode;
    actors: WorkflowExpression | WorkflowActor[];
    events: {
        assignment?: WorkflowNotification;
        reassign?: WorkflowNotification;
        reminder?: WorkflowNotification;
        escalation?: WorkflowNotification;
        expiration?: WorkflowNotification;
    };
}
interface FulfillmentTask extends ViolationTask {
}
interface EmailTask extends TaskConfiguration {
    to: string | WorkflowExpression;
    cc: string | WorkflowExpression;
    bcc: string | WorkflowExpression;
    object: Record<string, string | number | boolean>;
    templateName: string;
}
interface WaitTask extends TaskConfiguration {
    resumeDate: WorkflowExpression;
}
interface ApprovalTask extends ViolationTask {
}
interface WorkflowActor {
    id: string | WorkflowExpression;
    permissions?: {
        approve?: boolean;
        fulfill?: boolean;
        allow?: boolean;
        reject?: boolean;
        deny?: boolean;
        exception?: boolean;
        remediate?: boolean;
        modify?: boolean;
        reassign: boolean;
        comment: boolean;
    };
    type?: 'user' | 'role' | 'applicationOwner' | 'manager' | 'entitlementOwner' | 'roleOwner';
}
interface WorkflowExpression {
    isExpression?: boolean;
    value: string;
}
interface WorkflowNotification {
    action?: 'reassign';
    notification?: string;
    frequency?: number;
    date?: WorkflowExpression;
    actors?: WorkflowActor[];
}
interface WorkflowSkeleton {
    id: string;
    name: string;
    displayName: string;
    description: string;
    type?: string;
    childType: boolean;
    _rev: number;
    steps: WorkflowStep[];
    staticNodes: {
        startNode: WorkflowStaticNode;
        endNode: WorkflowStaticNode;
        uiConfig: Record<string, StepStaticNode>;
    };
    status: 'published' | 'draft';
    mutable: boolean;
}
type WorkflowStep = {
    [s in StepType]?: ApprovalTask | ViolationTask | FulfillmentTask | ScriptTask | WaitTask | EmailTask;
} & {
    name: string;
    displayName: string;
    type: StepType;
    approvalMode?: ApprovalMode;
};
interface WorkflowStaticNode extends StaticNodeRefSkeletonInterface {
    id: string;
    connections: null | {
        start?: string;
    };
    name?: string;
    nodeType?: string;
    displayType?: string;
    isDroppable?: boolean;
    isDeleteable?: boolean;
    isEditable?: boolean;
    isHovered?: boolean;
    hasError?: boolean;
    displayDetails?: {
        icon: string;
        variant: string;
        value: string;
    };
    _outcomes?: {
        id: string;
        displayName: string;
    }[];
    template?: null;
    schema?: null;
}
interface StepStaticNode extends StaticNodeRefSkeletonInterface {
    actors?: WorkflowExpression | WorkflowActor[];
    events?: {
        resumeDateType?: string;
        resumeDateNumber?: number;
        resumeDateTimeSpan?: string;
        escalationDate?: number;
        escalationTimeSpan?: string;
        escalationType?: string;
        expirationDate?: number;
        expirationTimeSpan?: string;
        reminderDate?: number;
        reminderTimeSpan?: string;
        expirationDateType?: string;
        expirationDateVariable?: string;
        reassignedActors?: WorkflowActor[];
        resumeDateRequestProperty?: string;
        resumeDateVariable?: string;
    };
}

/**
 * Variable types
 *
 * @summary
 * You can use the expressionType parameter to set a type when you create an ESV variable.
 * This lets Identity Cloud correctly transform the value of the ESV
 * to match the configuration property type when substituting it into configuration.
 *
 * The type is set when the ESV is created, and cannot be modified after creation.
 * If you do not specify a type, it will default to string.
 *
 * Before the expressionType parameter was introduced, it was only possible to set types
 * from within configuration, using expression level syntax; for example,
 * {"$int": "&{esv.journey.ldap.port|1389}"}.
 * The expressionType parameter supplements this expression level syntax and allows the
 * ESV type to be identified without inspecting configuration.
 *
 * @see
 * {@link https://backstage.forgerock.com/docs/idcloud/latest/tenants/esvs.html#variable_types | ForgeRock Documentation}
 */
type VariableExpressionType = 'array' | 'base64encodedinlined' | 'bool' | 'int' | 'keyvaluelist' | 'list' | 'number' | 'object' | 'string';
/**
 * Variable object skeleton
 */
type VariableSkeleton = IdObjectSkeletonInterface & {
    valueBase64?: string;
    value?: string;
    description?: string;
    loaded?: boolean;
    lastChangedBy?: string;
    lastChangeDate?: string;
    expressionType?: VariableExpressionType;
};

type Workflow = {
    /**
     * Publish an existing draft workflow
     * @param {string} workflowId the workflow id
     * @returns {Promise<WorkflowSkeleton>} a promise that resolves to the published workflow object
     */
    publishWorkflow(workflowId: string): Promise<WorkflowSkeleton>;
    /**
     * Read draft workflow
     * @param {string} workflowId the workflow id
     * @returns {Promise<WorkflowSkeleton>} a promise that resolves to a workflow object
     */
    readDraftWorkflow(workflowId: string): Promise<WorkflowSkeleton>;
    /**
     * Read published workflow
     * @param {string} workflowId the workflow id
     * @returns {Promise<WorkflowSkeleton>} a promise that resolves to a workflow object
     */
    readPublishedWorkflow(workflowId: string): Promise<WorkflowSkeleton>;
    /**
     * Read workflow group
     * @param {string} workflowId the workflow id
     * @returns {Promise<WorkflowGroup>} a promise that resolves to a grouped workflow object (contains both draft and published versions)
     */
    readWorkflowGroup(workflowId: string): Promise<WorkflowGroup>;
    /**
     * Read all workflows
     * @returns {Promise<WorkflowSkeleton[]>} a promise that resolves to an array of workflow objects
     */
    readWorkflows(): Promise<WorkflowSkeleton[]>;
    /**
     * Read all workflow groups
     * @returns {Promise<WorkflowGroup[]>} a promise that resolves to an array of grouped workflow objects (contain both draft and published versions)
     */
    readWorkflowGroups(): Promise<WorkflowGroup[]>;
    /**
     * Export workflow
     * @param {string} workflowId the workflow id
     * @param {WorkflowExportOptions} options workflow export options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<WorkflowExportInterface>} a promise that resolves to a workflow export object
     */
    exportWorkflow(workflowId: string, options?: WorkflowExportOptions, resultCallback?: ResultCallback<WorkflowExportInterface>): Promise<WorkflowExportInterface>;
    /**
     * Export all workflows
     * @param {WorkflowExportOptions} options workflow export options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<WorkflowExportInterface>} a promise that resolves to a workflow export object
     */
    exportWorkflows(options?: WorkflowExportOptions, resultCallback?: ResultCallback<WorkflowExportInterface>): Promise<WorkflowExportInterface>;
    /**
     * Update workflow
     * @param {string} workflowId the workflow id
     * @param {WorkflowSkeleton} workflowData the workflow object
     * @returns {Promise<WorkflowSkeleton>} a promise that resolves to a workflow object
     */
    updateWorkflow(workflowId: string, workflowData: WorkflowSkeleton): Promise<WorkflowSkeleton>;
    /**
     * Import workflows
     * @param {string} workflowId The workflow id. If supplied, only the workflow of that id is imported.
     * @param {WorkflowExportInterface} importData workflow import data
     * @param {WorkflowImportOptions} options workflow import options
     * @param {ResultCallback<WorkflowSkeleton>} resultCallback Optional callback to process individual results
     * @returns {Promise<WorkflowSkeleton[]>} the imported workflows
     */
    importWorkflows(workflowId: string, importData: WorkflowExportInterface, options?: WorkflowImportOptions, resultCallback?: ResultCallback<WorkflowSkeleton>): Promise<WorkflowSkeleton[]>;
    /**
     * Delete draft workflow
     * @param {string} workflowId the workflow id
     * @returns {Promise<WorkflowSkeleton>} a promise that resolves to a workflow object
     */
    deleteDraftWorkflow(workflowId: string): Promise<WorkflowSkeleton>;
    /**
     * Delete published workflow
     * @param {string} workflowId the workflow id
     * @returns {Promise<WorkflowSkeleton>} a promise that resolves to a workflow object
     */
    deletePublishedWorkflow(workflowId: string): Promise<WorkflowSkeleton>;
    /**
     * Delete workflows
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<WorkflowSkeleton[]>} promise that resolves to an array of workflow objects
     */
    deleteWorkflows(resultCallback?: ResultCallback<WorkflowSkeleton>): Promise<WorkflowSkeleton[]>;
};
interface WorkflowGroup {
    draft?: null | WorkflowSkeleton;
    published?: null | WorkflowSkeleton;
}
type WorkflowGroups = Record<string, WorkflowGroup>;
interface WorkflowExportInterface {
    meta?: ExportMetaData;
    workflow: WorkflowGroups;
    emailTemplate: Record<string, EmailTemplateSkeleton>;
    event: Record<string, EventSkeleton>;
    requestForm: Record<string, RequestFormSkeleton>;
    requestType: Record<string, RequestTypeSkeleton>;
    variable: Record<string, VariableSkeleton>;
}
/**
 * Workflow import options
 */
interface WorkflowImportOptions {
    /**
     * Include any dependencies (email templates).
     */
    deps: boolean;
}
/**
 * Workflow export options
 */
interface WorkflowExportOptions {
    /**
     * Include any dependencies (email templates, request forms, request types, events).
     */
    deps: boolean;
    /**
     * Use string arrays to store script code
     */
    useStringArrays: boolean;
    /**
     * Include x and y coordinate positions of the workflow nodes.
     */
    coords: boolean;
    /**
     * Export the read only (non-mutable) workflows
     */
    includeReadOnly: boolean;
}

type LogApiKey = {
    name: string;
    api_key_id: string;
    api_key_secret?: string;
    created_at: string;
};
type LogEventPayloadSkeleton = NoIdObjectSkeletonInterface & {
    context: string;
    level: string;
    logger: string;
    mdc: {
        transactionId: string;
    };
    message: string;
    thread: string;
    timestamp: string;
    transactionId: string;
};
type LogEventSkeleton = NoIdObjectSkeletonInterface & {
    payload: string | LogEventPayloadSkeleton;
    timestamp: string;
    type: string;
    source: string;
};

type Log = {
    /**
     * Get default noise filter
     * @returns {string[]} array of default event types and loggers to be filtered out
     */
    getDefaultNoiseFilter(): string[];
    /**
     * Resolve log level to an array of effective log levels
     * @param level string or numeric log level: 'FATAL', 'ERROR', 'WARN', 'INFO', 'DEBUG', 'TRACE', 'ALL', 0, 1, 2, 3, 4
     * @returns {string[]} array of effective log levels
     */
    resolveLevel(level: string | number): string[];
    /**
     * Resolve a log event's level
     * @param {object} log log event
     * @returns {string} log level
     */
    resolvePayloadLevel(log: LogEventSkeleton): string;
    /**
     * Get available log sources
     * @returns {Promise<string[]>} promise resolving to an array of available log sources
     */
    getLogSources(): Promise<string[]>;
    /**
     * Get log api key
     * @param {string} keyId key id
     * @returns {Promise<LogApiKey>} promise resolving to a LogApiKey objects
     */
    getLogApiKey(keyId: string): Promise<LogApiKey>;
    /**
     * Validate log api key and secret
     * @param {string} keyId log api key id
     * @param {string} secret log api secret
     * @returns {Promise<boolean>} a promise resolving to true if the key is valid, false otherwise
     */
    isLogApiKeyValid(keyId: string, secret: string): Promise<boolean>;
    /**
     * Get log api keys
     * @returns {Promise<LogApiKey[]>} promise resolving to an array of LogApiKey objects
     */
    getLogApiKeys(): Promise<LogApiKey[]>;
    /**
     * Create log api key
     * @param {string} keyName human-readable key name
     * @returns {Promise<LogApiKey>} a promise resolving to an object containing the log api key and secret
     */
    createLogApiKey(keyName: string): Promise<LogApiKey>;
    /**
     * Delete log api key
     * @param {string} keyId key id
     * @returns {Promise<LogApiKey>} a promise resolving to an object containing the log api key
     */
    deleteLogApiKey(keyId: string): Promise<LogApiKey>;
    /**
     * Delete all log api keys
     * @returns {Promise<LogApiKey>} a promise resolving to an array of log api key objects
     */
    deleteLogApiKeys(): Promise<LogApiKey[]>;
    /**
     * Tail logs
     * @param {string} source log source(s) to tail
     * @param {string} cookie paged results cookie
     * @returns {Promise<PagedResult<LogEventSkeleton>>} promise resolving to paged log event result
     */
    tail(source: string, cookie: string): Promise<PagedResult<LogEventSkeleton>>;
    /**
     * Fetch logs
     * @param {string} source log source(s) to tail
     * @param {string} startTs start timestamp
     * @param {string} endTs end timestamp
     * @param {string} cookie paged results cookie
     * @param {string} txid transaction id
     * @param {string} filter query filter
     * @returns {Promise<PagedResult<LogEventSkeleton>>} promise resolving to paged log event result
     */
    fetch(source: string, startTs: string, endTs: string, cookie: string, txid: string, filter: string): Promise<PagedResult<LogEventSkeleton>>;
};

/**
 * Secret encoding
 *
 * @summary
 * You can use the encoding parameter to set an encoding format when you create an ESV secret.
 * You can only choose an encoding format using the API. The UI currently creates secrets only
 * with the generic encoding format.
 *
 * @see
 * {@link https://backstage.forgerock.com/docs/idcloud/latest/tenants/esvs.html#encoding_format | ForgeRock Documentation}
 */
type SecretEncodingType = 'generic' | 'pem' | 'base64hmac' | 'base64aes';
/**
 * Secret object skeleton
 */
type SecretSkeleton = IdObjectSkeletonInterface & {
    description: string;
    encoding: SecretEncodingType;
    lastChangedBy?: string;
    lastChangeDate?: string;
    useInPlaceholders: boolean;
    loaded?: boolean;
    loadedVersion?: string;
    activeVersion?: string;
    activeValue?: any;
};
type VersionOfSecretStatus = 'DISABLED' | 'ENABLED' | 'DESTROYED';
/**
 * Secret version skeleton
 */
type VersionOfSecretSkeleton = IdObjectSkeletonInterface & {
    /**
     * Base64-encoded value. Only used when creating a new version of a secret
     */
    valueBase64?: string;
    /**
     * Version string. Returned when reading a version of a secret
     */
    version?: string;
    /**
     * Date string. Returned when reading a version of a secret
     */
    createDate?: string;
    /**
     * True if loaded, false otherwise. Returned when reading a version of a secret
     */
    loaded?: boolean;
    /**
     * Status string. Returned when reading a version of a secret
     */
    status?: VersionOfSecretStatus;
};

type Secret = {
    /**
     * Read all secrets
     * @returns {Promise<SecretSkeleton[]>} a promise that resolves to an array of secrets
     */
    readSecrets(): Promise<SecretSkeleton[]>;
    /**
     * Read secret
     * @param {string} secretId secret id/name
     * @returns {Promise<SecretSkeleton>} a promise that resolves to a secret
     */
    readSecret(secretId: string): Promise<SecretSkeleton>;
    /**
     * Read the value of a secret
     * @param {string} secretId secret id/name
     * @param {string} target Host URL of target environment to encrypt secret value for
     * @param {boolean} decrypt retrieve secret value in the clear (default: false)
     * @returns {Promise<string>} a promise that resolves to the value of the secret
     */
    readSecretValue(secretId: string, target?: string, decrypt?: boolean): Promise<any>;
    /**
     * Read the values of an array of secrets
     * @param {string} secretIds secret id/name
     * @param {string} target Host URL of target environment to encrypt secret values for
     * @param {boolean} decrypt retrieve secret values in the clear (default: false)
     * @returns {Promise<{ [key: string]: string }>} a promise that resolves to a map of secret ids and values
     */
    readSecretValues(secretIds: string[], target?: string, decrypt?: boolean): Promise<{
        [key: string]: string;
    }>;
    /**
     * Export secret. The response can be saved to file as is.
     * @param {string} secretId secret id/name
     * @param {boolean} includeActiveValue include active value of secret (default: false)
     * @param {string} target Host URL of target environment to encrypt secret value for
     * @returns {Promise<SecretsExportInterface>} Promise resolving to a SecretsExportInterface object.
     */
    exportSecret(secretId: string, includeActiveValue?: boolean, target?: string): Promise<SecretsExportInterface>;
    /**
     * Export all secrets
     * @param {boolean} includeActiveValues include active values of secrets (default: false)
     * @param {string} target Host URL of target environment to encrypt secret values for
     * @returns {Promise<SecretsExportInterface>} Promise resolving to an SecretsExportInterface object.
     */
    exportSecrets(includeActiveValues?: boolean, target?: string): Promise<SecretsExportInterface>;
    /**
     * Import secret by id
     * @param {string} secretId secret id/name
     * @param {SecretsExportInterface} importData import data
     * @param {boolean} includeActiveValue include active value of secret (default: false)
     * @param {string} source Host URL of source environment where the secret was exported from
     * @returns {Promise<SecretSkeleton>} imported secret object
     */
    importSecret(secretId: string, importData: SecretsExportInterface, includeActiveValue?: boolean, source?: string): Promise<SecretSkeleton>;
    /**
     * Import secrets
     * @param {SecretsExportInterface} importData import data
     * @param {boolean} includeActiveValues include active values of secrets (default: false)
     * @param {string} source Host URL of source environment where the secrets were exported from
     * @returns {Promise<SecretSkeleton[]>} array of imported secret objects
     */
    importSecrets(importData: SecretsExportInterface, includeActiveValues?: boolean, source?: string): Promise<SecretSkeleton[]>;
    /**
     * Create secret
     * @param {string} secretId secret id/name
     * @param {string} value secret value
     * @param {string} description secret description
     * @param {string} encoding secret encoding (only `generic` is supported)
     * @param {boolean} useInPlaceholders flag indicating if the secret can be used in placeholders
     * @returns {Promise<SecretSkeleton>} a promise that resolves to a secret
     */
    createSecret(secretId: string, value: string, description: string, encoding?: string, useInPlaceholders?: boolean): Promise<SecretSkeleton>;
    /**
     * Update secret description
     * @param {string} secretId secret id/name
     * @param {string} description secret description
     * @returns {Promise<any>} a promise that resolves to an empty string
     */
    updateSecretDescription(secretId: string, description: string): Promise<any>;
    /**
     * Delete secret
     * @param {string} secretId secret id/name
     * @returns {Promise<SecretSkeleton>} a promise that resolves to a secret object
     */
    deleteSecret(secretId: string): Promise<SecretSkeleton>;
    /**
     * Read versions of secret
     * @param {string} secretId secret id/name
     * @returns {Promise<VersionOfSecretSkeleton[]>} a promise that resolves to an array of secret versions
     */
    readVersionsOfSecret(secretId: string): Promise<VersionOfSecretSkeleton[]>;
    /**
     * Create version of secret
     * @param {string} secretId secret id/name
     * @param {string} value secret value
     * @returns {Promise<VersionOfSecretSkeleton>} a promise that resolves to a version object
     */
    createVersionOfSecret(secretId: string, value: string): Promise<VersionOfSecretSkeleton>;
    /**
     * Read version of secret
     * @param {string} secretId secret id/name
     * @param {string} version secret version
     * @returns {Promise<VersionOfSecretSkeleton>} a promise that resolves to a version object
     */
    readVersionOfSecret(secretId: string, version: string): Promise<VersionOfSecretSkeleton>;
    /**
     * Enable a version of a secret
     * @param {string} secretId secret id/name
     * @param {string} version secret version
     * @returns {Promise<VersionOfSecretSkeleton>} a promise that resolves to a status object
     */
    enableVersionOfSecret(secretId: string, version: string): Promise<VersionOfSecretSkeleton>;
    /**
     * Disable a version of a secret
     * @param {string} secretId secret id/name
     * @param {string} version secret version
     * @returns {Promise<VersionOfSecretSkeleton>} a promise that resolves to a status object
     */
    disableVersionOfSecret(secretId: string, version: string): Promise<VersionOfSecretSkeleton>;
    /**
     * Delete version of secret
     * @param {string} secretId secret id/name
     * @param {string} version secret version
     * @returns {Promise<VersionOfSecretSkeleton>} a promise that resolves to a version object
     */
    deleteVersionOfSecret(secretId: string, version: string): Promise<VersionOfSecretSkeleton>;
};
interface SecretsExportInterface {
    meta?: ExportMetaData;
    secret: Record<string, SecretSkeleton>;
}

type ServiceAccount = {
    /**
     * Check if service accounts are available
     * @returns {Promise<boolean>} true if service accounts are available, false otherwise
     */
    isServiceAccountsFeatureAvailable(): Promise<boolean>;
    /**
     * Create service account
     * @param {string} name Human-readable name of service account
     * @param {string} description Description of service account
     * @param {'Active' | 'Inactive'} accountStatus Service account status
     * @param {string[]} scopes Scopes.
     * @param {JwksInterface} jwks Java Web Key Set
     * @returns {Promise<IdObjectSkeletonInterface>} A promise resolving to a service account object
     */
    createServiceAccount(name: string, description: string, accountStatus: 'active' | 'inactive', scopes: string[], jwks: JwksInterface): Promise<IdObjectSkeletonInterface>;
    /**
     * Get service account
     * @param {string} serviceAccountId service account id
     * @returns {Promise<ServiceAccountType>} a promise resolving to a service account object
     */
    getServiceAccount(serviceAccountId: string): Promise<ServiceAccountType>;
    /**
     * Validate service account
     * @param {string} saId optional service account id
     * @param {JwkRsa} saJwk optional service account JWK
     * @returns {Promise<AccessTokenMetaType | null>} Access token or null if validation fails
     */
    validateServiceAccount(saId?: string, saJwk?: JwkRsa): Promise<AccessTokenMetaType | null>;
};
type ServiceAccountType = IdObjectSkeletonInterface & {
    name: string;
    description: string;
    accountStatus: 'active' | 'inactive';
    scopes: string[];
    jwks: string;
};

type Startup = {
    /**
     * Check for updates that need applying
     * @returns {Promise<Updates>} true if there are updates that need to be applied, false otherwise
     */
    checkForUpdates(): Promise<Updates>;
    /**
     * Apply updates
     * @param {boolean} wait wait for the operation to complete or not
     * @param {number} timeout timeout in milliseconds
     * @returns {Promise<boolean>} true if successful, false otherwise
     */
    applyUpdates(wait: boolean, timeout?: number): Promise<boolean>;
};
/**
 * Updates that need to be applied.
 */
interface Updates {
    /**
     * Array of secrets that need applying
     */
    secrets?: unknown[];
    /**
     * Array of variables that need applying
     */
    variables?: unknown[];
}

type Variable = {
    /**
     * Read variable by id/name
     * @param {string} variableId variable id/name
     * @param {boolean} noDecode Do not decode value (default: false)
     * @returns {Promise<VariableSkeleton>} a promise that resolves to a variable object
     */
    readVariable(variableId: string, noDecode?: boolean): Promise<VariableSkeleton>;
    /**
     * Read all variables
     * @param {boolean} noDecode Do not decode values (default: false)
     * @returns {Promise<VariableSkeleton[]>} a promise that resolves to an array of variable objects
     */
    readVariables(noDecode?: boolean): Promise<VariableSkeleton[]>;
    /**
     * Export variable. The response can be saved to file as is.
     * @param {string} variableId variable id/name
     * @param {boolean} noDecode Do not decode value (default: false)
     * @returns {Promise<VariablesExportInterface>} Promise resolving to a VariablesExportInterface object.
     */
    exportVariable(variableId: string, noDecode?: boolean): Promise<VariablesExportInterface>;
    /**
     * Export all variables
     * @param {boolean} noDecode Do not decode values (default: false)
     * @returns {Promise<VariablesExportInterface>} Promise resolving to an VariablesExportInterface object.
     */
    exportVariables(noDecode?: boolean): Promise<VariablesExportInterface>;
    /**
     * Import variable by id
     * @param {string} variableId variable id/name
     * @param {VariablesExportInterface} importData import data
     * @returns {Promise<VariableSkeleton>} imported variable object
     */
    importVariable(variableId: string, importData: VariablesExportInterface): Promise<VariableSkeleton>;
    /**
     * Import variables
     * @param {VariablesExportInterface} importData import data
     * @returns {Promise<VariableSkeleton[]>} array of imported variable objects
     */
    importVariables(importData: VariablesExportInterface): Promise<VariableSkeleton[]>;
    /**
     * Create variable
     * @param {string} variableId variable id/name
     * @param {string} value variable value
     * @param {string} description variable description
     * @param {VariableExpressionType} expressionType type of the value
     * @param {boolean} noEncode do not encode if passing a pre-encoded (base64) value
     * @returns {Promise<VariableSkeleton>} a promise that resolves to a variable object
     */
    createVariable(variableId: string, value: string, description: string, expressionType?: VariableExpressionType, noEncode?: boolean): Promise<VariableSkeleton>;
    /**
     * Update or create variable
     * @param {string} variableId variable id/name
     * @param {string} value variable value
     * @param {string} description variable description
     * @param {VariableExpressionType} expressionType type of the value
     * @param {boolean} noEncode do not encode if passing a pre-encoded (base64) value
     * @returns {Promise<VariableSkeleton>} a promise that resolves to a variable object
     */
    updateVariable(variableId: string, value: string, description: string, expressionType?: VariableExpressionType, noEncode?: boolean): Promise<VariableSkeleton>;
    /**
     * Update variable description
     * @param {string} variableId variable id/name
     * @param {string} description variable description
     * @returns {Promise<VariableSkeleton>} a promise that resolves to a status object
     */
    updateVariableDescription(variableId: string, description: string): Promise<VariableSkeleton>;
    /**
     * Delete variable by id/name
     * @param {string} variableId variable id/name
     * @returns {Promise<VariableSkeleton>} a promise that resolves to a variable object
     */
    deleteVariable(variableId: string): Promise<VariableSkeleton>;
    /**
     * Attempt to resolve a string to an ESV variable in AIC deployments.
     * @param {string} input Input string to be evaluated as a possible ESV.
     * @param {Map<string, VariableSkeleton>} variables Provide an empty or prepopulated map of ESV variables. The function adds any resolved variables to the map that don't exist.
     * @returns {string} Returns the resolved value of the ESV or the original input string
     */
    resolveVariable(input: string, variables: Record<string, VariableSkeleton>): Promise<string>;
    /**
     * Get variable by id/name
     * @param {string} variableId variable id/name
     * @returns {Promise<VariableSkeleton>} a promise that resolves to a variable object
     * @deprecated since v2.0.0 use {@link Variable.readVariable | readVariable} instead
     * ```javascript
     * readVariable(variableId: string): Promise<VariableSkeleton>
     * ```
     * @group Deprecated
     */
    getVariable(variableId: string): Promise<VariableSkeleton>;
    /**
     * Get all variables
     * @returns {Promise<VariableSkeleton[]>} a promise that resolves to an array of variable objects
     * @deprecated since v2.0.0 use {@link Variable.readVariables | readVariables} instead
     * ```javascript
     * readVariables(): Promise<VariableSkeleton[]>
     * ```
     * @group Deprecated
     */
    getVariables(): Promise<VariableSkeleton[]>;
    /**
     * Create variable
     * @param {string} variableId variable id/name
     * @param {string} valueBase64 base64-encoded variable value
     * @param {string} description variable description
     * @param {VariableExpressionType} expressionType type of the value
     * @returns {Promise<VariableSkeleton>} a promise that resolves to a variable object
     * @deprecated since v2.0.0 use {@link Variable.createVariable | createVariable} instead
     * ```javascript
     * createVariable(variableId: string, value: string, description: string, expressionType?: VariableExpressionType): Promise<VariableSkeleton>
     * ```
     * @group Deprecated
     */
    putVariable(variableId: string, valueBase64: string, description: string, expressionType?: VariableExpressionType): Promise<VariableSkeleton>;
    /**
     * Set variable description
     * @param {string} variableId variable id/name
     * @param {string} description variable description
     * @returns {Promise<any>} a promise that resolves to an empty string
     * @deprecated since v2.0.0 use {@link Variable.updateVariableDescription | updateVariableDescription} instead
     * ```javascript
     * updateVariableDescription(variableId: string, description: string): Promise<any>
     * ```
     * @group Deprecated
     */
    setVariableDescription(variableId: string, description: string): Promise<any>;
};
interface VariablesExportInterface {
    meta?: ExportMetaData;
    variable: Record<string, VariableSkeleton>;
}

/**
 * SpConnection object skeleton
 */
type WSFedSpConnection = NoIdObjectSkeletonInterface & {
    type: 'SP';
    id: string;
    name: string;
    entityId: string;
    active: boolean;
    contactInfo: object;
    loggingMode: string;
    defaultVirtualEntityId: string;
    virtualEntityIds: string[];
    credentials: {
        certs: [];
        signingSettings: {
            signingKeyPairRef: {
                id: string;
                location: string;
            };
            algorithm: string;
            includeRawKeyInSignature: boolean;
        };
    };
    modificationDate: string;
    creationDate: string;
    replicationStatus: string;
    spBrowserSso: {
        protocol: string;
        alwaysSignArtifactResponse: boolean;
        ssoServiceEndpoints: [
            {
                url: string;
            }
        ];
        spWsFedIdentityMapping: string;
        assertionLifetime: {
            minutesBefore: number;
            minutesAfter: number;
        };
        attributeContract: {
            coreAttributes: [
                {
                    name: string;
                }
            ];
            extendedAttributes: [
                {
                    name: string;
                    nameFormat: string;
                }
            ];
        };
        adapterMappings: [];
        authenticationPolicyContractAssertionMappings: [
            {
                attributeSources: [];
                attributeContractFulfillment: {
                    SAML_SUBJECT: {
                        source: {
                            type: string;
                        };
                        value: string;
                    };
                    SAML_NAME_FORMAT: {
                        source: {
                            type: string;
                        };
                        value: string;
                    };
                };
                issuanceCriteria: {
                    conditionalCriteria: [];
                };
                authenticationPolicyContractRef: {
                    id: string;
                    location: string;
                };
                restrictVirtualEntityIds: boolean;
                restrictedVirtualEntityIds: string[];
                abortSsoTransactionAsFailSafe: boolean;
            }
        ];
        wsFedTokenType: string;
        wsTrustVersion: string;
    };
    connectionTargetType: string;
};
type WSFedAuthenticationPolicyContractAttribute = {
    name: string;
};
type WSFedAuthenticationPolicyContract = {
    id: string;
    name: string;
    coreAttributes: WSFedAuthenticationPolicyContractAttribute[];
    extendedAttributes: WSFedAuthenticationPolicyContractAttribute[];
    lastModified?: string;
};
type WSFedAuthenticationPolicyContractRequest = Omit<WSFedAuthenticationPolicyContract, 'id' | 'lastModified'> & Partial<Pick<WSFedAuthenticationPolicyContract, 'id' | 'lastModified'>>;
type WSFedSigningKeyPairRequest = {
    commonName: string;
    organization: string;
    country: string;
    validDays: number;
    keyAlgorithm: string;
    keySize: number;
    signatureAlgorithm: string;
};
type WSFedSigningKeyPair = {
    id: string;
    serialNumber: string;
    subjectDN: string;
    subjectAlternativeNames: string[];
    issuerDN: string;
    validFrom: string;
    expires: string;
    keyAlgorithm: string;
    keySize: number;
    signatureAlgorithm: string;
    version: number;
    sha1Fingerprint: string;
    sha256Fingerprint: string;
    status: string;
};
type WSFedFederationInfo = {
    baseUrl: string;
    saml2EntityId: string;
    saml1xIssuerId: string;
    saml1xSourceId: string;
    wsfedRealm: string;
    [key: string]: unknown;
};
type WSFedIdpAdapterConfigTable = {
    name: string;
    rows: WSFedIdpAdapterConfigTableRow[];
};
type WSFedIdpAdapterConfigField = {
    name: string;
    value: string;
};
type WSFedIdpAdapterConfigTableRow = {
    fields: WSFedIdpAdapterConfigField[];
    defaultRow: boolean;
};
type WSFedIdpAdapterAttribute = {
    name: string;
    masked: boolean;
    pseudonym: boolean;
};
type WSFedIdpAdapterPluginDescriptorRef = {
    id: string;
    location: string;
};
type WSFedIdpAdapterAttributeContractFulfillment = {
    subject: {
        source: {
            type: string;
        };
        value: string;
    };
};
type WSFedIdpAdapter = {
    id: string;
    name: string;
    pluginDescriptorRef: WSFedIdpAdapterPluginDescriptorRef;
    configuration: {
        tables: WSFedIdpAdapterConfigTable[];
        fields: WSFedIdpAdapterConfigField[];
    };
    attributeContract: {
        coreAttributes: WSFedIdpAdapterAttribute[];
        extendedAttributes: WSFedIdpAdapterAttribute[];
        uniqueUserKeyAttribute: string;
        maskOgnlValues: boolean;
    };
    attributeMapping: {
        attributeContractFulfillment: WSFedIdpAdapterAttributeContractFulfillment;
    };
    [key: string]: unknown;
};
type WSFedAuthenticationAction = {
    type: string;
    authenticationSource?: {
        type: string;
        sourceRef: {
            id: string;
        };
    };
    inputUserIdMapping?: {
        source: {
            type: string;
        };
        value: string;
    };
    userIdAuthenticated?: boolean;
    authenticationPolicyContractRef?: {
        id: string;
        location: string;
    };
    attributeMapping?: {
        attributeSources: [];
        attributeContractFulfillment: {
            subject: {
                source: {
                    type: string;
                    id: string;
                };
                value: string;
            };
        };
        issuanceCriteria: {
            conditionalCriteria: [];
        };
    };
    context?: string;
    [key: string]: unknown;
};
type WSFedAuthenticationPolicyNode = {
    action: WSFedAuthenticationAction;
    children: WSFedAuthenticationPolicyNode[];
};
type WSFedAuthenticationPolicy = {
    id: string;
    name: string;
    enabled: boolean;
    rootNode: WSFedAuthenticationPolicyNode;
    handleFailuresLocally: boolean;
    [key: string]: unknown;
};
type WSFedAuthenticationPolicyRequest = Omit<Partial<WSFedAuthenticationPolicy>, 'id'> & Pick<WSFedAuthenticationPolicy, 'name'>;

type WSFed = {
    /**
     * Read SP connections
     * @returns {Promise<WSFedSpConnection[]>} a promise resolving to an array of SP connection objects
     */
    readSpConnections(): Promise<WSFedSpConnection[]>;
    /**
     * Read SP connection by ID
     * @param {string} id SP connection ID
     */
    readSpConnectionById(id: string): Promise<WSFedSpConnection>;
    /**
     * Create SP connection
     * @param {WSFedSpConnection} spConnection SP connection object
     * @returns {Promise<WSFedSpConnection>} a promise resolving to the created SP connection object
     */
    createSpConnection(spConnection: WSFedSpConnection): Promise<WSFedSpConnection>;
    /**
     * Update SP connection
     * @param {string} id SP connection ID
     * @param {WSFedSpConnection} spConnection SP connection object
     * @returns {Promise<WSFedSpConnection>} a promise resolving to the updated SP connection object
     */
    updateSpConnectionById(id: string, spConnection: WSFedSpConnection): Promise<WSFedSpConnection>;
    /**
     * Read authentication policy contract by ID
     * @param {string} id authentication policy contract ID
     * @returns {Promise<WSFedAuthenticationPolicyContract>} a promise resolving to the authentication policy contract object
     */
    readAuthenticationPolicyContractById(id: string): Promise<WSFedAuthenticationPolicyContract>;
    /**
     * Create authentication policy contract
     * @param {WSFedAuthenticationPolicyContractRequest} authenticationPolicyContractRequest authentication policy contract object
     * @returns {Promise<WSFedAuthenticationPolicyContract>} a promise resolving to the created authentication policy contract object
     */
    createAuthenticationPolicyContract(authenticationPolicyContractRequest: WSFedAuthenticationPolicyContractRequest): Promise<WSFedAuthenticationPolicyContract>;
    /**
     * Update authentication policy contract
     * @param {string} id authentication policy contract ID
     * @param {WSFedAuthenticationPolicyContractRequest} authenticationPolicyContractRequest authentication policy contract object
     * @returns {Promise<WSFedAuthenticationPolicyContract>} a promise resolving to the updated authentication policy contract object
     */
    updateAuthenticationPolicyContractById(id: string, authenticationPolicyContractRequest: WSFedAuthenticationPolicyContractRequest): Promise<WSFedAuthenticationPolicyContract>;
    /**
     * Generate signing key pair
     * add params for key type and key size to be passed to the API. Also, update the return type to be string instead of unknown to be consistent with the rest of the codebase.
     * @param {WSFedSigningKeyPairRequest} params parameters for generating the signing key pair
     * @returns {Promise<string>} a promise resolving to the generated public key
     */
    generateSigningKeyPair(params: WSFedSigningKeyPairRequest): Promise<string>;
    /**
     * Read signing key pair by id
     * @param {string} id signing key pair ID
     * @returns {Promise<string>} a promise resolving to the signing key pair object
     */
    readSigningKeyPairById(id: string): Promise<WSFedSigningKeyPair>;
    /**
     * Read signing key pair certificate
     * @param {string} keyPairId signing key pair ID
     * @returns {Promise<string>} a promise resolving to the signing key pair certificate
     */
    readSigningKeyPairCertificate(keyPairId: string): Promise<string>;
    /**
     * Update or create signing key pair certificate
     * @param {string} keyPairId signing key pair ID
     * @param {string} certificate the certificate to update or create for the signing key pair
     * @returns {Promise<string>} a promise resolving to the updated or created signing key pair certificate
     */
    updateOrCreateSigningKeyPairCertificate(keyPairId: string, certificate: string): Promise<string>;
    /**
     * Delete signing key pair by id
     * @param {string} id signing key pair ID
     * @returns {Promise<void>} a promise that resolves when the signing key pair is deleted
     */
    deleteSigningKeyPairById(id: string): Promise<void>;
    /**
     * Delete signing key pair certificate
     * @param {string} keyPairId signing key pair ID
     * @returns {Promise<void>} a promise that resolves when the signing key pair certificate is deleted
     */
    deleteSigningKeyPairCertificate(keyPairId: string): Promise<void>;
    /**
     * Read federation info
     * @returns {Promise<WSFedFederationInfo>} a promise resolving to the federation info object
     */
    readFederationInfo(): Promise<WSFedFederationInfo>;
    /**
     * Update federation info
     * @param {WSFedFederationInfo} federationInfo federation info object
     * @returns {Promise<WSFedFederationInfo>} a promise resolving to the updated federation info object
     */
    updateFederationInfo(federationInfo: WSFedFederationInfo): Promise<WSFedFederationInfo>;
    /**
     * Read virtual host names
     * @returns {Promise<string[]>} a promise resolving to an array of virtual host names
     */
    readVirtualHostNames(): Promise<string[]>;
    /**
     * Read IdP adapters
     * @returns {Promise<WSFedIdpAdapter[]>} a promise resolving to an array of IdP adapter objects
     */
    readIdpAdapters(): Promise<WSFedIdpAdapter[]>;
    /**
     * Read IdP adapter by ID
     * @param {string} id IdP adapter ID
     * @returns {Promise<WSFedIdpAdapter>} a promise resolving to the IdP adapter object
     */
    readIdpAdapterById(id: string): Promise<WSFedIdpAdapter>;
    /**
     * Update IdP adapter by ID
     * @param {string} id IdP adapter ID
     * @param {WSFedIdpAdapter} idpAdapter IdP adapter object
     * @returns {Promise<WSFedIdpAdapter>} a promise resolving to the updated IdP adapter object
     */
    updateIdpAdapterById(id: string, idpAdapter: WSFedIdpAdapter): Promise<WSFedIdpAdapter>;
    /**
     * Create IdP adapter
     * @param {WSFedIdpAdapter} idpAdapter IdP adapter object
     * @returns {Promise<WSFedIdpAdapter>} a promise resolving to the created IdP adapter object
     */
    createIdpAdapter(idpAdapter: WSFedIdpAdapter): Promise<WSFedIdpAdapter>;
    /**
     * Delete IdP adapter by ID
     * @param {string} id IdP adapter ID
     * @returns {Promise<void>} a promise that resolves when the IdP adapter is deleted
     */
    deleteIdpAdapterById(id: string): Promise<void>;
    /**
     * Read authentication policy by ID
     * @param {string} id Authentication policy ID
     * @returns {Promise<WSFedAuthenticationPolicy>} a promise resolving to the authentication policy object
     */
    readAuthenticationPolicyById(id: string): Promise<WSFedAuthenticationPolicy>;
    /**
     * Create authentication policy
     * @param {WSFedAuthenticationPolicyRequest} authenticationPolicyRequest authentication policy request object
     * @returns {Promise<WSFedAuthenticationPolicy>} a promise resolving to the created authentication policy object
     */
    createAuthenticationPolicy(authenticationPolicyRequest: WSFedAuthenticationPolicyRequest): Promise<WSFedAuthenticationPolicy>;
    /**
     * Update authentication policy by ID
     * @param {string} id Authentication policy ID
     * @param {WSFedAuthenticationPolicyRequest} authenticationPolicyRequest authentication policy request object
     * @returns {Promise<WSFedAuthenticationPolicy>} a promise resolving to the updated authentication policy object
     */
    updateAuthenticationPolicyById(id: string, authenticationPolicyRequest: WSFedAuthenticationPolicyRequest): Promise<WSFedAuthenticationPolicy>;
};

type PolicyConditionType = 'Script' | 'AMIdentityMembership' | 'IPv6' | 'IPv4' | 'SimpleTime' | 'LEAuthLevel' | 'LDAPFilter' | 'AuthScheme' | 'Session' | 'AND' | 'AuthenticateToRealm' | 'ResourceEnvIP' | 'Policy' | 'OAuth2Scope' | 'SessionProperty' | 'OR' | 'Transaction' | 'NOT' | 'AuthLevel' | 'AuthenticateToService';
type PolicyCondition = NoIdObjectSkeletonInterface & {
    type: PolicyConditionType;
    condition?: PolicyCondition;
    conditions?: PolicyCondition[];
};
type PolicySkeleton = IdObjectSkeletonInterface & {
    name: string;
    applicationName: string;
    condition?: PolicyCondition;
    resourceTypeUuid: string;
};

type PolicySetSkeleton = NoIdObjectSkeletonInterface & {
    name: string;
    resourceTypeUuids: string[];
};

type RealmSkeleton = IdObjectSkeletonInterface & {
    parentPath: string;
    active: boolean;
    name: string;
    aliases: string[];
};

type ResourceTypeSkeleton = NoIdObjectSkeletonInterface & {
    uuid: string;
    name: string;
};

type AmServiceSkeleton = AmConfigEntityInterface & {
    [key: string]: any;
};
interface ServiceNextDescendent {
    [key: string]: any;
}
interface FullService extends AmServiceSkeleton {
    nextDescendents?: ServiceNextDescendent[];
}

type InternalRole = {
    /**
     * Create an empty internal role export template
     * @returns {InternalRoleExportInterface} an empty internal role export template
     */
    createInternalRoleExportTemplate(): InternalRoleExportInterface;
    /**
     * Create internal role
     * @param {InternalRoleSkeleton} roleData internal role data
     * @returns {Promise<InternalRoleSkeleton>} a promise that resolves to an internal role object
     */
    createInternalRole(roleData: InternalRoleSkeleton): Promise<InternalRoleSkeleton>;
    /**
     * Read internal role
     * @param {string} roleId internal role uuid
     * @returns {Promise<InternalRoleSkeleton>} a promise that resolves to an internal role object
     */
    readInternalRole(roleId: string): Promise<InternalRoleSkeleton>;
    /**
     * Read internal role by name
     * @param {string} roleName internal role name
     * @returns {Promise<InternalRoleSkeleton>} a promise that resolves to an internal role object
     */
    readInternalRoleByName(roleName: string): Promise<InternalRoleSkeleton>;
    /**
     * Read all internal roles. Results are sorted aphabetically.
     * @returns {Promise<InternalRoleSkeleton[]>} a promise that resolves to an array of internal role objects
     */
    readInternalRoles(): Promise<InternalRoleSkeleton[]>;
    /**
     * Update internal role
     * @param {string} roleId internal role uuid
     * @param {InternalRoleSkeleton} roleData internal role data
     * @returns {Promise<InternalRoleSkeleton>} a promise that resolves to an internal role object
     */
    updateInternalRole(roleId: string, roleData: InternalRoleSkeleton): Promise<InternalRoleSkeleton>;
    /**
     * Delete internal role
     * @param {string} roleId internal role uuid
     * @returns {Promise<InternalRoleSkeleton>} a promise that resolves to an internal role object
     */
    deleteInternalRole(roleId: string): Promise<InternalRoleSkeleton>;
    /**
     * Delete internal role by name
     * @param {string} roleName internal role name
     * @returns {Promise<InternalRoleSkeleton>} a promise that resolves to an internal role object
     */
    deleteInternalRoleByName(roleName: string): Promise<InternalRoleSkeleton>;
    /**
     * Delete all internal roles
     * @returns {Promise<InternalRoleSkeleton[]>} a promise that resolves to an array of internal role objects
     */
    deleteInternalRoles(): Promise<InternalRoleSkeleton[]>;
    /**
     * Query internal roles
     * @param filter CREST search filter
     * @param fields array of fields to return
     */
    queryInternalRoles(filter: string, fields?: string[]): Promise<InternalRoleSkeleton[]>;
    /**
     * Export internal role. The response can be saved to file as is.
     * @param {string} roleId internal role uuid
     * @returns {Promise<InternalRoleExportInterface} Promise resolving to an InternalRoleExportInterface object.
     */
    exportInternalRole(roleId: string): Promise<InternalRoleExportInterface>;
    /**
     * Export internal role by name. The response can be saved to file as is.
     * @param {string} roleName internal role name
     * @returns {Promise<InternalRoleExportInterface} Promise resolving to an InternalRoleExportInterface object.
     */
    exportInternalRoleByName(roleName: string): Promise<InternalRoleExportInterface>;
    /**
     * Export all internal roles. The response can be saved to file as is.
     * @returns {Promise<InternalRoleExportInterface>} Promise resolving to an InternalRoleExportInterface object.
     */
    exportInternalRoles(): Promise<InternalRoleExportInterface>;
    /**
     * Import internal role. The import data is usually read from an internal role export file.
     * @param {string} roleId internal role uuid
     * @param {InternalRoleExportInterface} importData internal role import data.
     * @returns {Promise<InternalRoleSkeleton>} Promise resolving to an internal role object.
     */
    importInternalRole(roleId: string, importData: InternalRoleExportInterface): Promise<InternalRoleSkeleton>;
    /**
     * Import internal role by name. The import data is usually read from an internal role export file.
     * @param {string} roleName internal role name
     * @param {InternalRoleExportInterface} importData internal role import data.
     * @returns {Promise<InternalRoleSkeleton>} Promise resolving to an internal role object.
     */
    importInternalRoleByName(roleName: string, importData: InternalRoleExportInterface): Promise<InternalRoleSkeleton>;
    /**
     * Import first internal role. The import data is usually read from an internal role export file.
     * @param {InternalRoleExportInterface} importData internal role import data.
     */
    importFirstInternalRole(importData: InternalRoleExportInterface): Promise<InternalRoleSkeleton[]>;
    /**
     * Import internal roles. The import data is usually read from an internal role export file.
     * @param {InternalRoleExportInterface} importData internal role import data.
     */
    importInternalRoles(importData: InternalRoleExportInterface): Promise<InternalRoleSkeleton[]>;
};
type InternalRoleSkeleton = IdObjectSkeletonInterface & {
    condition: string;
    description: string;
    name: string;
    privileges: {
        accessFlags: {
            attribute: string;
            readOnly: boolean;
        }[];
        actions: string[];
        filter: string;
        name: string;
        path: string;
        permissions: string[];
    }[];
    temporalConstraints: {
        duration: string;
    }[];
};
/**
 * Export format for internal roles
 */
interface InternalRoleExportInterface {
    /**
     * Metadata
     */
    meta?: ExportMetaData;
    /**
     * Internal roles
     */
    internalRole: Record<string, InternalRoleSkeleton>;
}

interface UiConfigInterface {
    categories: string;
}
type TreeSkeleton = IdObjectSkeletonInterface & {
    entryNodeId: string;
    nodes: Record<string, NodeRefSkeletonInterface>;
    identityResource?: string;
    uiConfig?: UiConfigInterface;
    enabled?: boolean;
    innerTreeOnly?: boolean;
    mustRun?: boolean;
    noSession?: boolean;
    transactionalOnly?: boolean;
};

type ThemeSkeleton = IdObjectSkeletonInterface & {
    name: string;
    isDefault: boolean;
    linkedTrees: string[];
};
type Theme = {
    /**
     * Create an empty theme export template
     * @returns {ThemeExportInterface} an empty theme export template
     */
    createThemeExportTemplate(): ThemeExportInterface;
    /**
     * Read all themes
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton[]>} a promise that resolves to an array of themes
     */
    readThemes(): Promise<ThemeSkeleton[]>;
    /**
     * Read theme by id
     * @param {string} themeId theme id
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton>} a promise that resolves to a theme object
     */
    readTheme(themeId: string, realm?: string): Promise<ThemeSkeleton>;
    /**
     * Read theme by name
     * @param {string} themeName theme name
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton>} a promise that resolves to a theme object
     */
    readThemeByName(themeName: string, realm?: string): Promise<ThemeSkeleton>;
    /**
     * Export all themes. The response can be saved to file as is.
     * @returns {Promise<ThemeExportInterface>} Promise resolving to a ThemeExportInterface object.
     */
    exportThemes(): Promise<ThemeExportInterface>;
    /**
     * Update theme
     * @param {ThemeSkeleton} themeData theme object
     * @param {string} themeId theme id
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton>} a promise that resolves to a theme object
     */
    createTheme(themeData: ThemeSkeleton, themeId?: string, realm?: string): Promise<ThemeSkeleton>;
    /**
     * Update theme
     * @param {string} themeId theme id
     * @param {ThemeSkeleton} themeData theme object
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton>} a promise that resolves to a theme object
     */
    updateTheme(themeId: string, themeData: ThemeSkeleton, realm?: string): Promise<ThemeSkeleton>;
    /**
     * Update theme by name
     * @param {String} themeName theme name
     * @param {ThemeSkeleton} themeData theme object
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton>} a promise that resolves to a theme object
     */
    updateThemeByName(themeName: string, themeData: ThemeSkeleton, realm?: string): Promise<ThemeSkeleton>;
    /**
     * Update all themes
     * @param {Map<string, ThemeSkeleton>} allThemesData themes object containing all themes for all realms
     * @param {string} realm realm name
     * @returns {Promise<Map<string, ThemeSkeleton>>} a promise that resolves to a themes object
     */
    updateThemes(themeMap: Record<string, ThemeSkeleton>): Promise<Record<string, ThemeSkeleton>>;
    /**
     * Import themes
     * @param {ThemeExportInterface} importData import data
     * @returns {Promise<ThemeSkeleton[]>} a promise resolving to an array of theme objects
     */
    importThemes(importData: ThemeExportInterface): Promise<ThemeSkeleton[]>;
    /**
     * Delete theme by id
     * @param {string} themeId theme id
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton>} a promise that resolves to a themes object
     */
    deleteTheme(themeId: string, realm?: string): Promise<ThemeSkeleton>;
    /**
     * Delete theme by name
     * @param {string} themeName theme name
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton>} a promise that resolves to a themes object
     */
    deleteThemeByName(themeName: string, realm?: string): Promise<ThemeSkeleton>;
    /**
     * Delete all themes
     * @param {string} realm realm name
     * @returns {Promise<ThemeSkeleton[]>} a promise that resolves to an array of themes
     */
    deleteThemes(realm?: string): Promise<ThemeSkeleton[]>;
};
interface ThemeExportInterface {
    meta?: ExportMetaData;
    theme: Record<string, ThemeSkeleton>;
}

type Journey = {
    /**
     * Create an empty single tree export template
     * @returns {SingleTreeExportInterface} an empty single tree export template
     */
    createSingleTreeExportTemplate(): SingleTreeExportInterface;
    /**
     * Create an empty multi tree export template
     * @returns {MultiTreeExportInterface} an empty multi tree export template
     */
    createMultiTreeExportTemplate(): MultiTreeExportInterface;
    /**
     * Create export data for a tree/journey with all its nodes and dependencies. The export data can be written to a file as is.
     * @param {string} treeId tree id/name
     * @param {TreeExportOptions} options export options
     * @returns {Promise<SingleTreeExportInterface>} a promise that resolves to an object containing the tree and all its nodes and dependencies
     */
    exportJourney(treeId: string, options?: TreeExportOptions): Promise<SingleTreeExportInterface>;
    /**
     * Create export data for all trees/journeys with all their nodes and dependencies. The export data can be written to a file as is.
     * @param {TreeExportOptions} options export options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<MultiTreeExportInterface>} a promise that resolves to an object containing the trees and all their nodes and dependencies
     */
    exportJourneys(options?: TreeExportOptions, resultCallback?: ResultCallback<SingleTreeExportInterface>): Promise<MultiTreeExportInterface>;
    /**
     * Read all journeys without dependencies.
     * @returns {Promise<TreeSkeleton[]>} a promise that resolves to an array of journey objects
     */
    readJourneys(): Promise<TreeSkeleton[]>;
    /**
     * Count all journeys in the active realm.
     * @returns {Promise<number>} exact count when supported by the backing API
     */
    countJourneys(): Promise<number>;
    /**
     * Read journey without dependencies.
     * @param {string} journeyId journey id/name
     * @returns {Promise<TreeSkeleton>} a promise that resolves to a journey object
     */
    readJourney(journeyId: string): Promise<TreeSkeleton>;
    /**
     * Create journey without dependencies.
     * @param {string} journeyId journey id/name
     * @returns {Promise<TreeSkeleton>} a promise that resolves to a journey object
     */
    createJourney(journeyId: string, journeyData: TreeSkeleton): Promise<TreeSkeleton>;
    /**
     * Update journey without dependencies.
     * @param {string} journeyId journey id/name
     * @returns {Promise<TreeSkeleton>} a promise that resolves to a journey object
     */
    updateJourney(journeyId: string, journeyData: TreeSkeleton): Promise<TreeSkeleton>;
    /**
     * Import journey
     * @param {SingleTreeExportInterface} treeObject tree object containing tree and all its dependencies
     * @param {TreeImportOptions} options import options
     * @returns {Promise<TreeSkeleton>} a promise that resolves to a journey object
     */
    importJourney(treeObject: SingleTreeExportInterface, options: TreeImportOptions): Promise<TreeSkeleton>;
    /**
     * Resolve journey dependencies
     * @param {string[]} installedJorneys Map of installed journeys
     * @param {Record<string, SingleTreeExportInterface>} journeyMap Map of journeys to resolve dependencies for
     * @param {string[]} unresolvedJourneys Map to hold the names of unresolved journeys and their dependencies
     * @param {string[]} resolvedJourneys Array to hold the names of resolved journeys
     * @param {int} index Depth of recursion
     */
    resolveDependencies(installedJorneys: any, journeyMap: any, unresolvedJourneys: any, resolvedJourneys: any, index?: number): Promise<void>;
    /**
     * Import journeys
     * @param {MultiTreeExportInterface} importData map of trees object
     * @param {TreeImportOptions} options import options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     */
    importJourneys(importData: MultiTreeExportInterface, options: TreeImportOptions, resultCallback?: ResultCallback<TreeSkeleton>): Promise<TreeSkeleton[]>;
    /**
     * Get the node reference obbject for a node object. Node reference objects
     * are used in a tree flow definition and within page nodes to reference
     * nodes. Among other things, node references contain all the non-configuration
     * meta data that exists for readaility, like the x/y coordinates of the node
     * and the display name chosen by the tree designer. The dislay name is the
     * only intuitive link between the graphical representation of the tree and
     * the node configurations that make up the tree.
     * @param nodeObj node object to retrieve the node reference object for
     * @param singleTreeExport tree export with or without dependencies
     * @returns {NodeRefSkeletonInterface | InnerNodeRefSkeletonInterface} node reference object
     */
    getNodeRef(nodeObj: NodeSkeleton, singleTreeExport: SingleTreeExportInterface): NodeRefSkeletonInterface | InnerNodeRefSkeletonInterface;
    /**
     * Default tree export resolver used to resolve a tree id/name to a full export
     * w/o dependencies of that tree from a platform instance.
     * @param {string} treeId id/name of the tree to resolve
     * @returns {TreeExportResolverInterface} tree export
     */
    onlineTreeExportResolver: TreeExportResolverInterface;
    /**
     * Tree export resolver used to resolve a tree id/name to a full export
     * of that tree from individual `treename.journey.json` export files.
     * @param {string} treeId id/name of the tree to resolve
     * @returns {TreeExportResolverInterface} tree export
     */
    fileByIdTreeExportResolver: TreeExportResolverInterface;
    /**
     * Factory that creates a tree export resolver used to resolve a tree id
     * to a full export of that tree from a multi-tree export file.
     * @param {string} file multi-tree export file
     * @returns {TreeExportResolverInterface} tree export resolver
     */
    createFileParamTreeExportResolver(file: string): TreeExportResolverInterface;
    /**
     * Get tree dependencies (all descendent inner trees)
     * @param {SingleTreeExportInterface} treeExport single tree export
     * @param {string[]} resolvedTreeIds list of tree ids wich have already been resolved
     * @param {TreeExportResolverInterface} resolveTreeExport tree export resolver callback function
     * @returns {Promise<TreeDependencyMapInterface>} a promise that resolves to a tree dependency map
     */
    getTreeDescendents(treeExport: SingleTreeExportInterface, resolveTreeExport: TreeExportResolverInterface, resolvedTreeIds?: string[]): Promise<TreeDependencyMapInterface>;
    /**
     * Delete a journey
     * @param {string} journeyId journey id/name
     * @param {Object} options deep=true also delete all the nodes and inner nodes, verbose=true print verbose info
     */
    deleteJourney(journeyId: string, options: {
        deep: boolean;
        verbose: boolean;
        progress?: boolean;
    }): Promise<DeleteJourneyStatus>;
    /**
     * Delete all journeys
     * @param {Object} options deep=true also delete all the nodes and inner nodes, verbose=true print verbose info
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     */
    deleteJourneys(options: {
        deep: boolean;
        verbose: boolean;
    }, resultCallback?: ResultCallback<DeleteJourneyStatus>): Promise<DeleteJourneysStatus>;
    /**
     * Enable a journey
     * @param journeyId journey id/name
     * @returns {Promise<TreeSkeleton>} the updated tree/journey object
     */
    enableJourney(journeyId: string): Promise<TreeSkeleton>;
    /**
     * Disable a journey
     * @param journeyId journey id/name
     * @returns {Promise<TreeSkeleton>} the updated tree/journey object
     */
    disableJourney(journeyId: string): Promise<TreeSkeleton>;
    /**
     * Analyze if a journey contains any custom nodes considering the detected or the overridden version.
     * @param {SingleTreeExportInterface} journey Journey/tree configuration object
     * @returns {boolean} True if the journey/tree contains any custom nodes, false otherwise.
     * @deprecated since v4.0.0 Frodo no longer classifies journeys as "custom" or "standard" or "cloud-only" or "premium"
     */
    isCustomJourney(journey: SingleTreeExportInterface): boolean;
    /**
     * Analyze if a journey contains any premium nodes considering the detected or the overridden version.
     * @param {SingleTreeExportInterface} journey Journey/tree configuration object
     * @returns {boolean} True if the journey/tree contains any custom nodes, false otherwise.
     * @deprecated since v4.0.0 Frodo no longer classifies journeys as "custom" or "standard" or "cloud-only" or "premium"
     */
    isPremiumJourney(journey: SingleTreeExportInterface): boolean;
    /**
     * Analyze if a journey contains any cloud-only nodes considering the detected or the overridden version.
     * @param {SingleTreeExportInterface} journey Journey/tree configuration object
     * @returns {boolean} True if the journey/tree contains any cloud-only nodes, false otherwise.
     * @deprecated since v4.0.0 Frodo no longer classifies journeys as "custom" or "standard" or "cloud-only" or "premium"
     */
    isCloudOnlyJourney(journey: SingleTreeExportInterface): boolean;
    /**
     * Get a journey's classifications, which can be one or multiple of:
     * - standard: can run on any instance of a ForgeRock platform
     * - cloud: utilize nodes, which are exclusively available in the ForgeRock Identity Cloud
     * - premium: utilizes nodes, which come at a premium
     * - custom: utilizes nodes not included in the ForgeRock platform release
     * @param {SingleTreeExportInterface} journey journey export data
     * @returns {JourneyClassificationType[]} an array of one or multiple classifications
     * @deprecated since v4.0.0 Frodo no longer classifies journeys as "custom" or "standard" or "cloud-only" or "premium". This function will be removed in a future major release.
     */
    getJourneyClassification(journey: SingleTreeExportInterface): JourneyClassificationType[];
};
/**
 * Tree export options
 */
interface TreeExportOptions {
    /**
     * Where applicable, use string arrays to store multi-line text (e.g. scripts).
     */
    useStringArrays: boolean;
    /**
     * Include any dependencies specific to AIC (scripts, email templates, SAML entity providers and circles of trust, social identity providers, themes).
     */
    deps: boolean;
    /**
     * Include x and y coordinate positions of the journey/tree nodes.
     */
    coords: boolean;
}
/**
 * Tree import options
 */
interface TreeImportOptions {
    /**
     * Generate new UUIDs for all nodes during import.
     */
    reUuid: boolean;
    /**
     * Include any dependencies specific to AIC or Frodo (scripts, email templates, SAML entity providers and circles of trust, social identity providers, themes, custom nodes).
     */
    deps: boolean;
}
interface SingleTreeExportInterface {
    meta?: ExportMetaData;
    innerNodes?: Record<string, NodeSkeleton>;
    innernodes?: Record<string, NodeSkeleton>;
    nodeTypes?: Record<string, CustomNodeSkeleton>;
    nodes: Record<string, NodeSkeleton>;
    scripts: Record<string, ScriptSkeleton>;
    emailTemplates: Record<string, EmailTemplateSkeleton>;
    socialIdentityProviders: Record<string, SocialIdpSkeleton>;
    themes: ThemeSkeleton[];
    saml2Entities: Record<string, Saml2ProviderSkeleton>;
    circlesOfTrust: Record<string, CircleOfTrustSkeleton>;
    tree: TreeSkeleton;
    variable: Record<string, VariableSkeleton>;
}
interface MultiTreeExportInterface {
    meta?: ExportMetaData;
    trees: Record<string, SingleTreeExportInterface>;
}
type JourneyClassificationType = 'standard' | 'custom' | 'cloud' | 'premium';
interface TreeDependencyMapInterface {
    [k: string]: TreeDependencyMapInterface[];
}
interface TreeExportResolverInterface {
    (treeId: string, state: State): Promise<SingleTreeExportInterface>;
}
type DeleteJourneyStatus = {
    status: string;
    nodes: {
        status?: string;
    };
};
type DeleteJourneysStatus = {
    [k: string]: DeleteJourneyStatus;
};

type ScriptTypeSkeleton = AmConfigEntityInterface & {
    defaultScript: string;
    languages: string[];
};
type EngineConfigurationSkeleton = AmConfigEntityInterface & {
    blackList: string[];
    coreThreads: number;
    idleTimeout: number;
    maxThreads: number;
    propertyNamePrefix: string;
    queueSize: number;
    serverTimeout: number;
    useSecurityManager: boolean;
    whiteList: string[];
};
type ScriptingContextSkeleton = IdObjectSkeletonInterface & {
    allowLists: Record<string, string[]>;
    evaluatorVersions: Record<string, string[]>;
};

type ScriptType = {
    /**
     * Create an empty scriptType export template
     * @returns {ScriptTypeExportInterface} an empty scriptType export template
     */
    createScriptTypeExportTemplate(): ScriptTypeExportInterface;
    /**
     * Read scriptType by id
     * @param {string} scriptTypeId ScriptType id
     * @returns {Promise<ScriptTypeSkeleton>} a promise that resolves to a scriptType object
     */
    readScriptType(scriptTypeId: string): Promise<ScriptTypeSkeleton>;
    /**
     * Read all scriptTypes.
     * @returns {Promise<ScriptTypeSkeleton[]>} a promise that resolves to an array of scriptType objects
     */
    readScriptTypes(): Promise<ScriptTypeSkeleton[]>;
    /**
     * Export all scriptTypes. The response can be saved to file as is.
     * @returns {Promise<ScriptTypeExportInterface>} Promise resolving to a ScriptTypeExportInterface object.
     */
    exportScriptTypes(): Promise<ScriptTypeExportInterface>;
    /**
     * Update script type
     * @param {string} scriptTypeId script type id
     * @param {ScriptTypeSkeleton} scriptTypeData script type data
     * @returns {Promise<ScriptTypeSkeleton>} a promise resolving to a script type object
     */
    updateScriptType(scriptTypeId: string, scriptTypeData: ScriptTypeSkeleton): Promise<ScriptTypeSkeleton>;
    /**
     * Import script types
     * @param {ScriptTypeExportInterface} importData script type import data
     * @param {string} scriptTypeId Optional script type id. If supplied, only the script type of that id is imported. Takes priority over scriptTypeUrl if both are provided.
     * @returns {Promise<ScriptTypeSkeleton[]>} the imported script types
     */
    importScriptTypes(importData: ScriptTypeExportInterface, scriptTypeId?: string): Promise<ScriptTypeSkeleton[]>;
};
type ScriptTypeExportSkeleton = ScriptTypeSkeleton & {
    engineConfiguration: EngineConfigurationSkeleton;
    context: ScriptingContextSkeleton;
};
interface ScriptTypeExportInterface {
    meta?: ExportMetaData;
    scripttype: Record<string, ScriptTypeExportSkeleton>;
}

type SecretStoreSkeleton = KeyStoreSecretStoreSkeleton | HsmSecretStoreSkeleton | FileSystemSecretStoreSkeleton | GoogleKeyManagementServiceSecretStoreSkeleton | GoogleSecretManagerSecretStoreProviderSkeleton | EnvironmentAndSystemPropertySecretStoreSkeleton;
type SecretStoreMappingSkeleton = AmConfigEntityInterface & {
    secretId: string;
    aliases: string[];
};
type SecretStoreSchemaSkeleton = {
    type: string;
    properties: Record<string, {
        title: string;
        description: string;
        propertyOrder: number;
        required: boolean;
        type: string;
        exampleValue: string;
    }>;
};
type KeyStoreSecretStoreSkeleton = AmConfigEntityInterface & {
    storePassword: string;
    file: string;
    leaseExpiryDuration: number;
    providerName: string;
    storetype: string;
    keyEntryPassword: string;
};
type HsmSecretStoreSkeleton = AmConfigEntityInterface & {
    file: string;
    leaseExpiryDuration: number;
    storePassword: string;
    providerGuiceKey: string;
};
type FileSystemSecretStoreSkeleton = AmConfigEntityInterface & {
    suffix: string;
    versionSuffix: string;
    directory: string;
    format: string;
};
type GoogleKeyManagementServiceSecretStoreSkeleton = AmConfigEntityInterface & {
    publicKeyCacheMaxSize: number;
    keyRing: string;
    publicKeyCacheDuration: number;
    project: string;
    location: string;
};
type GoogleSecretManagerSecretStoreProviderSkeleton = AmConfigEntityInterface & {
    expiryDurationSeconds: number;
    secretFormat: string;
    project: string;
    serviceAccount: string;
};
type EnvironmentAndSystemPropertySecretStoreSkeleton = AmConfigEntityInterface & {
    format: string;
};

type SecretStore = {
    /**
     * Create an empty secret store export template
     * @returns {SecretStoreExportInterface} an empty secret store export template
     */
    createSecretStoreExportTemplate(): SecretStoreExportInterface;
    /**
     * Create secret store mapping. Will throw if type is not defined and multiple secret stores with the same id are found.
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {SecretStoreMappingSkeleton} secretStoreMappingData The secret store mapping data,
     * @param {boolean} globalConfig true if the secret store is global, false otherwise. Default: false.
     * @returns {Promise<SecretStoreMappingSkeleton>} a promise that resolves to a secret store mapping object of the mapping created
     */
    createSecretStoreMapping(secretStoreId: string, secretStoreTypeId: string | undefined, secretStoreMappingData: SecretStoreMappingSkeleton, globalConfig: boolean): Promise<SecretStoreMappingSkeleton>;
    /**
     * Read secret store by id. Will throw if type is not defined and multiple secret stores with the same id are found.
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {boolean} globalConfig true if global secret store is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<SecretStoreSkeleton>} a promise that resolves to a secret store object
     */
    readSecretStore(secretStoreId: string, secretStoreTypeId: string | undefined, globalConfig: boolean): Promise<SecretStoreSkeleton>;
    /**
     * Read secret store schema
     * @param {string} secretStoreTypeId Secret store type id
     * @param {boolean} globalConfig true if the secret store is global, false otherwise. Default: false.
     * @returns {Promise<SecretStoreSchemaSkeleton>} a promise that resolves to a secret store schema object
     */
    readSecretStoreSchema(secretStoreTypeId: string, globalConfig: boolean): Promise<SecretStoreSchemaSkeleton>;
    /**
     * Read all secret stores.
     * @param {boolean} globalConfig true if global secret stores are the target of the operation, false otherwise. Default: false.
     * @returns {Promise<SecretStoreSkeleton[]>} a promise that resolves to an array of secret store objects
     */
    readSecretStores(globalConfig: boolean): Promise<SecretStoreSkeleton[]>;
    /**
     * Read secret store mapping. Will throw if type is not defined and multiple secret stores with the same id are found.
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {string} secretId Secret store mapping label
     * @param {boolean} globalConfig true if the secret store is global, false otherwise. Default: false.
     * @returns {Promise<SecretStoreMappingSkeleton>} a promise that resolves to an array of secret store mapping objects
     */
    readSecretStoreMapping(secretStoreId: string, secretStoreTypeId: string | undefined, secretId: string, globalConfig: boolean): Promise<SecretStoreMappingSkeleton>;
    /**
     * Read secret store mappings. Will throw if type is not defined and multiple secret stores with the same id are found.
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {boolean} globalConfig true if the secret store is global, false otherwise. Default: false.
     * @returns {Promise<SecretStoreMappingSkeleton[]>} a promise that resolves to an array of secret store mapping objects
     */
    readSecretStoreMappings(secretStoreId: string, secretStoreTypeId: string | undefined, globalConfig: boolean): Promise<SecretStoreMappingSkeleton[]>;
    /**
     * Export a single secret store by id. The response can be saved to file as is. Will throw if type is not defined and multiple secret stores with the same id are found.
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {boolean} globalConfig true if global secret store is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<SecretStoreExportInterface>} Promise resolving to a SecretStoreExportInterface object.
     */
    exportSecretStore(secretStoreId: string, secretStoreTypeId: string | undefined, globalConfig: boolean): Promise<SecretStoreExportInterface>;
    /**
     * Export all secret stores. The response can be saved to file as is.
     * @param {boolean} globalConfig true if global secret stores are the target of the operation, false otherwise. Default: false.
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<SecretStoreExportInterface>} Promise resolving to a SecretStoreExportInterface object.
     */
    exportSecretStores(globalConfig: boolean, resultCallback?: ResultCallback<SecretStoreSkeleton>): Promise<SecretStoreExportInterface>;
    /**
     * Update secret store
     * @param {SecretStoreSkeleton} secretStoreData secret store to import
     * @param {boolean} globalConfig true if the secret store is global, false otherwise. Default: false.
     * @returns {Promise<SecretStoreSkeleton>} a promise that resolves to a secret store object
     */
    updateSecretStore(secretStoreData: SecretStoreSkeleton, globalConfig: boolean): Promise<SecretStoreSkeleton>;
    /**
     * Update secret store mapping. Will throw if type is not defined and multiple secret stores with the same id are found.
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {SecretStoreMappingSkeleton} secretStoreMappingData secret store mapping to import
     * @param {boolean} globalConfig true if the secret store mapping is global, false otherwise. Default: false.
     * @returns {Promise<SecretStoreMappingSkeleton>} a promise that resolves to a secret store mapping object
     */
    updateSecretStoreMapping(secretStoreId: string, secretStoreTypeId: string | undefined, secretStoreMappingData: SecretStoreMappingSkeleton, globalConfig: boolean): Promise<SecretStoreMappingSkeleton>;
    /**
     * Import secret stores and mappings
     * @param {SecretStoreExportInterface} importData secret store import data
     * @param {boolean} globalConfig true if the secret store mapping is global, false otherwise. Default: false.
     * @param {string} secretStoreId optional secret store id. If supplied, only the secret store of that id is imported.
     * @param {string} secretStoreTypeId optional secret store type id
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<SecretStoreExportSkeleton[]>} the imported secret stores and mappings
     */
    importSecretStores(importData: SecretStoreExportInterface, globalConfig: boolean, secretStoreId?: string, secretStoreTypeId?: string, resultCallback?: ResultCallback<SecretStoreSkeleton>): Promise<SecretStoreExportSkeleton[]>;
    /**
     * Delete secret store by id
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {boolean} globalConfig true if the secret store mapping is global, false otherwise. Default: false.
     * @returns {Promise<SecretStoreSkeleton>} a promise that resolves to a secret store object
     */
    deleteSecretStore(secretStoreId: string, secretStoreTypeId: string | undefined, globalConfig: boolean): Promise<SecretStoreSkeleton>;
    /**
     * Delete all secret stores
     * @param {boolean} globalConfig true if the secret store mappings are global, false otherwise. Default: false.
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<SecretStoreSkeleton[]>} a promise that resolves to an array of secret store objects
     */
    deleteSecretStores(globalConfig: boolean, resultCallback?: ResultCallback<SecretStoreSkeleton>): Promise<SecretStoreSkeleton[]>;
    /**
     * Delete secret store mapping
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {string} secretId Secret store mapping label
     * @param {boolean} globalConfig true if the secret store mapping is global, false otherwise. Default: false.
     * @returns {Promise<SecretStoreMappingSkeleton>} a promise that resolves to a secret store mapping object
     */
    deleteSecretStoreMapping(secretStoreId: string, secretStoreTypeId: string | undefined, secretId: string, globalConfig: boolean): Promise<SecretStoreMappingSkeleton>;
    /**
     * Delete secret store mappings
     * @param {string} secretStoreId Secret store id
     * @param {string | undefined} secretStoreTypeId Secret store type id (optional)
     * @param {boolean} globalConfig true if the secret store mapping is global, false otherwise. Default: false.
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<SecretStoreMappingSkeleton[]>} a promise that resolves to a secret store mapping object
     */
    deleteSecretStoreMappings(secretStoreId: string, secretStoreTypeId: string | undefined, globalConfig: boolean, resultCallback?: ResultCallback<SecretStoreMappingSkeleton>): Promise<SecretStoreMappingSkeleton[]>;
    /**
     * Function that returns true if the given secret store type can have mappings, false otherwise
     * @param secretStoreTypeId The secret store type
     * @returns true if the given secret store type can have mappings, false otherwise
     */
    canSecretStoreHaveMappings(secretStoreTypeId: string): boolean;
};
type SecretStoreExportSkeleton = SecretStoreSkeleton & {
    mappings?: SecretStoreMappingSkeleton[];
};
interface SecretStoreExportInterface {
    meta?: ExportMetaData;
    secretstore: Record<string, SecretStoreExportSkeleton>;
}

type Config = {
    /**
     * Export full configuration
     * @param {FullExportOptions} options export options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<FullExportInterface>} a promise resolving to a full export object
     */
    exportFullConfiguration(options: FullExportOptions, resultCallback: ResultCallback<any>): Promise<FullExportInterface>;
    /**
     * Import full configuration
     * @param {FullExportInterface} importData import data
     * @param {FullImportOptions} options import options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     */
    importFullConfiguration(importData: FullExportInterface, options: FullImportOptions, resultCallback: ResultCallback<any>): Promise<(object | any[])[]>;
};
/**
 * Full export options
 */
interface FullExportOptions {
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
    /**
     * Do not include decoded variable value in export
     */
    noDecode: boolean;
    /**
     * Include x and y coordinate positions of the journey/tree/workflow nodes.
     */
    coords: boolean;
    /**
     * Include default scripts in export if true
     */
    includeDefault: boolean;
    /**
     * Include active and loaded secret values
     */
    includeActiveValues: boolean;
    /**
     * Host URL of target environment to encrypt secret values for
     */
    target?: string;
    /**
     * Include read only config in export if true
     */
    includeReadOnly: boolean;
    /**
     * Export config only for the current realm
     */
    onlyRealm: boolean;
    /**
     * Export only global config
     */
    onlyGlobal: boolean;
}
/**
 * Full import options
 */
interface FullImportOptions {
    /**
     * Generate new UUIDs for all journey nodes during import.
     */
    reUuidJourneys: boolean;
    /**
     * Generate new UUIDs for all scripts during import.
     */
    reUuidScripts: boolean;
    /**
     * Generate new UUIDs and service names for all custom nodes during import.
     */
    reUuidCustomNodes: boolean;
    /**
     * Indicates whether to remove previously existing services of the same id before importing
     */
    cleanServices: boolean;
    /**
     * Include default scripts in import if true
     */
    includeDefault: boolean;
    /**
     * Include active secret values
     */
    includeActiveValues: boolean;
    /**
     * Host URL of source environment to decrypt secret values from
     */
    source?: string;
}
interface FullExportInterface {
    meta?: ExportMetaData;
    global: FullGlobalExportInterface;
    realm: Record<string, FullRealmExportInterface>;
}
interface FullGlobalExportInterface extends AmConfigEntitiesInterface {
    agent: Record<string, AgentSkeleton> | undefined;
    authentication: AuthenticationSettingsSkeleton | undefined;
    certificationTemplate: Record<string, CertificationTemplateSkeleton> | undefined;
    emailTemplate: Record<string, EmailTemplateSkeleton> | undefined;
    event: Record<string, EventSkeleton> | undefined;
    glossarySchema: Record<string, GlossarySchemaItemSkeleton<any>> | undefined;
    idm: Record<string, IdObjectSkeletonInterface> | undefined;
    internalRole: Record<string, InternalRoleSkeleton>;
    mapping: Record<string, MappingSkeleton> | undefined;
    nodeTypes: Record<string, CustomNodeSkeleton> | undefined;
    realm: Record<string, RealmSkeleton> | undefined;
    requestForm: Record<string, RequestFormSkeleton> | undefined;
    requestType: Record<string, RequestTypeSkeleton> | undefined;
    scripttype: Record<string, ScriptTypeExportSkeleton> | undefined;
    secret: Record<string, SecretSkeleton> | undefined;
    secretstore: Record<string, SecretStoreExportSkeleton> | undefined;
    server: ServerExportInterface | undefined;
    service: Record<string, AmServiceSkeleton> | undefined;
    site: Record<string, SiteSkeleton> | undefined;
    sync: SyncSkeleton | undefined;
    variable: Record<string, VariableSkeleton> | undefined;
    workflow: WorkflowGroups | undefined;
}
interface FullRealmExportInterface extends AmConfigEntitiesInterface {
    agentGroup: Record<string, AgentGroupSkeleton> | undefined;
    agent: Record<string, AgentSkeleton> | undefined;
    application: Record<string, OAuth2ClientSkeleton> | undefined;
    authentication: AuthenticationSettingsSkeleton | undefined;
    idp: Record<string, SocialIdpSkeleton> | undefined;
    managedApplication: Record<string, ApplicationGlossarySkeleton> | undefined;
    policy: Record<string, PolicySkeleton> | undefined;
    policyset: Record<string, PolicySetSkeleton> | undefined;
    resourcetype: Record<string, ResourceTypeSkeleton> | undefined;
    saml: {
        hosted: Record<string, Saml2ProviderSkeleton>;
        remote: Record<string, Saml2ProviderSkeleton>;
        metadata: Record<string, string[]>;
        cot: Record<string, CircleOfTrustSkeleton> | undefined;
    } | undefined;
    script: Record<string, ScriptSkeleton> | undefined;
    secretstore: Record<string, SecretStoreExportSkeleton> | undefined;
    service: Record<string, AmServiceSkeleton> | undefined;
    theme: Record<string, ThemeSkeleton> | undefined;
    trees: Record<string, SingleTreeExportInterface> | undefined;
    trustedJwtIssuer: Record<string, OAuth2TrustedJwtIssuerSkeleton> | undefined;
}

type ConnectionProfile = {
    /**
     * Get connection profiles file name
     * @returns {string} connection profiles file name
     */
    getConnectionProfilesPath(): string;
    /**
     * Find connection profiles
     * @param {ConnectionsFileInterface} connectionProfiles connection profile object
     * @param {string} host host url, unique substring, or alias
     * @returns {SecureConnectionProfileInterface[]} Array of connection profiles
     */
    findConnectionProfiles(connectionProfiles: ConnectionsFileInterface, host: string): SecureConnectionProfileInterface[];
    /**
     * Initialize connection profiles
     *
     * This method is called from app.ts and runs before any of the message handlers are registered.
     * Therefore none of the Console message functions will produce any output.
     */
    initConnectionProfiles(): Promise<void>;
    /**
     * Get connection profile by host
     * @param {String} host host tenant, host url, unique substring, or alias
     * @returns {Object} connection profile or null
     */
    getConnectionProfileByHost(host: string): Promise<ConnectionProfileInterface>;
    /**
     * Get connection profile
     * @returns {Object} connection profile or null
     */
    getConnectionProfile(): Promise<ConnectionProfileInterface>;
    /**
     * Load a connection profile into library state
     * @param {string} host AM host URL, unique substring, or alias
     * @returns {Promise<boolean>} A promise resolving to true if successful
     */
    loadConnectionProfileByHost(host: string): Promise<boolean>;
    /**
     * Load a connection profile into library state
     * @returns {Promise<boolean>} A promise resolving to true if successful
     */
    loadConnectionProfile(): Promise<boolean>;
    /**
     * Save connection profile
     * @param {string} host host url for new profiles, unique substring or alias for existing profiles
     * @returns {Promise<boolean>} true if the operation succeeded, false otherwise
     */
    saveConnectionProfile(host: string): Promise<boolean>;
    /**
     * Set an alias for an existing connection profile
     * @param {string} host host url, unique substring, or alias of existing connection profile
     * @param {string} alias alias to be assigned to connection profile
     */
    setConnectionProfileAlias(host: string, alias: string): void;
    /**
     * Set an alias for an existing connection profile
     * @param {string} host host url, unique substring, or alias of existing connection profile
     */
    deleteConnectionProfileAlias(host: string): void;
    /**
     * Delete connection profile
     * @param {string} host host tenant, host url, unique substring, or alias
     */
    deleteConnectionProfile(host: string): void;
    /**
     * Create a new service account using auto-generated parameters
     * @returns {Promise<IdObjectSkeletonInterface>} A promise resolving to a service account object
     */
    addNewServiceAccount(): Promise<IdObjectSkeletonInterface>;
};
interface SecureConnectionProfileInterface {
    tenant: string;
    idmHost?: string;
    alias?: string;
    allowInsecureConnection?: boolean;
    deploymentType?: string;
    isIGA?: boolean;
    username?: string | null;
    encodedPassword?: string | null;
    logApiKey?: string | null;
    encodedLogApiSecret?: string | null;
    authenticationService?: string | null;
    authenticationHeaderOverrides?: Record<string, string>;
    configurationHeaderOverrides?: Record<string, string>;
    adminClientId?: string | null;
    adminClientRedirectUri?: string | null;
    svcacctId?: string | null;
    encodedSvcacctJwk?: string | null;
    svcacctName?: string | null;
    svcacctScope?: string | null;
    encodedAmsterPrivateKey?: string | null;
}
interface ConnectionProfileInterface {
    tenant: string;
    idmHost?: string;
    alias?: string;
    allowInsecureConnection?: boolean;
    deploymentType?: string;
    isIGA?: boolean;
    username?: string | null;
    password?: string | null;
    logApiKey?: string | null;
    logApiSecret?: string | null;
    authenticationService?: string | null;
    authenticationHeaderOverrides?: Record<string, string>;
    configurationHeaderOverrides?: Record<string, string>;
    adminClientId?: string | null;
    adminClientRedirectUri?: string | null;
    svcacctId?: string | null;
    svcacctJwk?: JwkRsa;
    svcacctName?: string | null;
    svcacctScope?: string | null;
    amsterPrivateKey?: string | null;
}
interface ConnectionsFileInterface {
    [key: string]: SecureConnectionProfileInterface;
}

type IdmConfigStub = IdObjectSkeletonInterface & {
    _id: string;
    pid: string;
    factoryPid: string | null;
};

type IdmConfig = {
    /**
     * Read available config entity types
     * @returns {string[]} promise resolving to an array of config entity types
     */
    readConfigEntityTypes(): Promise<string[]>;
    /**
     * Read all config entity stubs. For full entities use {@link IdmConfig.readConfigEntities | readConfigEntities}.
     * @returns {IdmConfigStub[]} promise resolving to an array of config entity stubs
     */
    readConfigEntityStubs(): Promise<IdmConfigStub[]>;
    /**
     * Read all config entities
     * @returns {IdObjectSkeletonInterface[]} promise reolving to an array of config entities
     */
    readConfigEntities(): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Read all config entities of a type
     * @param {string} type config entity type
     * @param {boolean} includeDefault Include default email templates if true, false to exclude them. Default: false
     * @returns {IdObjectSkeletonInterface[]} promise resolving to an array of config entities of a type
     */
    readConfigEntitiesByType(type: string, includeDefault?: boolean): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Read config entity
     * @param {string} entityId config entity id/name
     * @returns {IdObjectSkeletonInterface} promise resolving to a config entity
     */
    readConfigEntity(entityId: string): Promise<IdObjectSkeletonInterface>;
    /**
     * Export a single IDM config entity
     * @param {string} entityId config entity id
     * @param {ConfigEntityExportOptions} options export options
     * @returns {ConfigEntityExportInterface} promise resolving to a ConfigEntityExportInterface object
     */
    exportConfigEntity(entityId: string, options?: ConfigEntityExportOptions): Promise<ConfigEntityExportInterface>;
    /**
     * Export all IDM config entities
     * @param {ConfigEntityExportOptions} options export options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {ConfigEntityExportInterface} promise resolving to a ConfigEntityExportInterface object
     */
    exportConfigEntities(options?: ConfigEntityExportOptions, resultCallback?: ResultCallback<IdObjectSkeletonInterface>): Promise<ConfigEntityExportInterface>;
    /**
     * Create config entity
     * @param {string} entityId config entity id/name
     * @param {IdObjectSkeletonInterface} entityData config entity data
     * @param {boolean} wait delay the response until an OSGi service event confirms the change has been consumed by the corresponding service or the request times out.
     * @returns {IdObjectSkeletonInterface} promise resolving to a config entity
     */
    createConfigEntity(entityId: string, entityData: IdObjectSkeletonInterface, wait?: boolean): Promise<IdObjectSkeletonInterface>;
    /**
     * Update or create config entity
     * @param {string} entityId config entity id/name
     * @param {IdObjectSkeletonInterface} entityData config entity data
     * @param {boolean} wait delay the response until an OSGi service event confirms the change has been consumed by the corresponding service or the request times out.
     * @returns {IdObjectSkeletonInterface} promise resolving to a config entity
     */
    updateConfigEntity(entityId: string, entityData: IdObjectSkeletonInterface, wait?: boolean): Promise<IdObjectSkeletonInterface>;
    /**
     * Import idm config entities.
     * @param {ConfigEntityExportInterface} importData idm config entity import data.
     * @param {string} entityId Optional entity id that, when provided, will only import the entity of that id from the importData
     * @param {ConfigEntityImportOptions} options import options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<IdObjectSkeletonInterface[]>} a promise resolving to an array of config entity objects
     */
    importConfigEntities(importData: ConfigEntityExportInterface, entityId?: string, options?: ConfigEntityImportOptions, resultCallback?: ResultCallback<IdObjectSkeletonInterface>): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Delete all config entities
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {IdObjectSkeletonInterface[]} promise reolving to an array of config entities
     */
    deleteConfigEntities(resultCallback?: ResultCallback<IdObjectSkeletonInterface>): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Delete all config entities of a type
     * @param {string} type config entity type
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {IdObjectSkeletonInterface[]} promise resolving to an array of config entities of a type
     */
    deleteConfigEntitiesByType(type: string, resultCallback?: ResultCallback<IdObjectSkeletonInterface>): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Delete config entity
     * @param {string} entityId config entity id/name
     * @returns {IdObjectSkeletonInterface} promise resolving to a config entity
     */
    deleteConfigEntity(entityId: string): Promise<IdObjectSkeletonInterface>;
    /**
     * Read a idm sub config entity.
     * @param {string} entityId entity id for the parent config entity of the sub config entity that is being read
     * @param {string} name name of the sub config entity that is being read
     * @param {ConfigEntityExportOptions} options export options
     * @returns {Promise<IdObjectSkeletonInterface>} a promise resolving to a sub config entity object
     */
    readSubConfigEntity(entityId: string, name: string, options?: ConfigEntityExportOptions): Promise<NoIdObjectSkeletonInterface>;
    /**
     * Import a idm sub config entity.
     * @param {string} entityId entity id for parent config entity of the sub config that is being updated
     * @param {NoIdObjectSkeletonInterface} updatedSubConfigEntity the updated sub config entity
     * @param {ConfigEntityImportOptions} options import options
     * @returns {Promise<IdObjectSkeletonInterface[]>} a promise resolving to an array of config entity objects
     */
    importSubConfigEntity(entityId: string, updatedSubConfigEntity: IdObjectSkeletonInterface, options?: ConfigEntityImportOptions): Promise<IdObjectSkeletonInterface[]>;
};
/**
 * Idm export options
 */
interface ConfigEntityExportOptions {
    /**
     * Gives a list of entities to export. If undefined or empty, it will export all entities.
     */
    entitiesToExport?: string[];
    /**
     * Gives the list of key-value pairs of env replacements. Replaces each occurrence of the value with '${key}', where key is the correspond key to the value.
     */
    envReplaceParams?: string[][];
}
/**
 * Config entity import options
 */
interface ConfigEntityImportOptions {
    /**
     * Gives a list of entities to import. If undefined or empty, it will import all entities.
     */
    entitiesToImport?: string[];
    /**
     * Gives the list of key-value pairs of env replacements. Replaces each occurrence of '${key}' with its value.
     */
    envReplaceParams?: string[][];
    /**
     * validate script hooks
     */
    validate: boolean;
}
interface ConfigEntityExportInterface {
    meta?: ExportMetaData;
    idm: Record<string, IdObjectSkeletonInterface>;
}

type IdmCrypto = {
    /**
     * Test if a value is encrypted
     * @param {any} value value to test
     * @returns {boolean} true if the value is encrypted, false otherwise
     */
    isEncrypted(value: any): boolean;
    /**
     * Encrypt a value
     * @param {any} value value to encrypt
     * @returns {Promise<any>} a promise resolving to the encrypted value
     */
    encrypt(value: any): Promise<any>;
    /**
     * Encrypt a map of values
     * @param {{ [key: string]: any }} map map of values to encrypt
     * @returns {Promise<{ [key: string]: any }>} a promise resolving to a map of encrypted values
     */
    encryptMap(map: {
        [key: string]: any;
    }): Promise<{
        [key: string]: any;
    }>;
    /**
     * Decrypt a value
     * @returns {Promise<SystemStatusInterface[]>} a promise resolving to the decrypted value
     */
    decrypt(script: string): Promise<any>;
    /**
     * Decrypt a map of values
     * @param {{ [key: string]: any }} map map of values to decrypt
     * @returns {Promise<{ [key: string]: any }>} a promise resolving to a map of decrypted values
     */
    decryptMap(map: {
        [key: string]: any;
    }): Promise<{
        [key: string]: any;
    }>;
};

type IdmScript = {
    /**
     * Compile a JS script
     * @returns {Promise<string | object>} a promise resolving to 'true' or an error message
     */
    compileScript(script: string): Promise<string | object>;
    /**
     * Run a JS script
     * @returns {Promise<SystemStatusInterface[]>} a promise resolving to the script result
     */
    evaluateScript(script: string, globals?: {
        [key: string]: any;
    }): Promise<any>;
};

interface ConnectorServerStatusInterface {
    name: string;
    type: string;
    ok: boolean;
}
interface SystemStatusInterface {
    name: string;
    enabled: boolean;
    config: string;
    connectorRef: {
        connectorHostRef: string;
        bundleVersion: string;
        bundleName: string;
        connectorName: string;
    };
    displayName: string;
    objectTypes: string[];
    ok: boolean;
}
interface SystemObjectPatchOperationInterface {
    operation: 'add' | 'copy' | 'increment' | 'move' | 'remove' | 'replace' | 'transform';
    field: string;
    value?: any;
    from?: string;
}

type IdmSystem = {
    /**
     * Test connector servers
     * @returns {Promise<ConnectorServerStatusInterface[]>} a promise that resolves to an array of ConnectorServerStatusInterface objects
     */
    testConnectorServers(): Promise<ConnectorServerStatusInterface[]>;
    /**
     * Read available systems/connectors status
     * @returns {Promise<SystemStatusInterface[]>} a promise resolving to an array of system status objects
     */
    readAvailableSystems(): Promise<SystemStatusInterface[]>;
    /**
     * Read system/connector status
     * @returns {Promise<SystemStatusInterface>} a promise resolving to a system status object
     */
    readSystemStatus(systemName: string): Promise<SystemStatusInterface>;
    /**
     * Authenticate a system object using username and password (pass-through authentication)
     * @param {string} systemName name of system/connector
     * @param {string} systemObjectType type of system object
     * @param {string} username system object username
     * @param {string} password system object password
     * @returns {Promise<IdObjectSkeletonInterface>} a promise resolving to an IdObjectSkeletonInterface object containing only the _id
     */
    authenticateSystemObject(systemName: string, systemObjectType: string, username: string, password: string): Promise<IdObjectSkeletonInterface>;
    /**
     * Run system script
     * @param {string} systemName name of system/connector
     * @param {string} scriptName name of script
     * @returns {Promise<any>} a promise resolving to a status object
     */
    runSystemScript(systemName: string, scriptName: string): Promise<any>;
    /**
     * Query all system object ids
     * @param {string} systemName name of system/connector
     * @param {string} systemObjectType type of system object
     * @param {number} pageSize page size (default value: 1000)
     * @param {string} pageCookie paged results cookie
     * @returns {Promise<PagedResult<IdObjectSkeletonInterface>>} a promise resolving to an array of IdObjectSkeletonInterface objects
     */
    queryAllSystemObjectIds(systemName: string, systemObjectType: string, pageSize?: number, pageCookie?: string): Promise<PagedResult<IdObjectSkeletonInterface>>;
    /**
     * Query system objects using a search filter
     * @param {string} systemName name of system/connector
     * @param {string} systemObjectType type of system object
     * @param {string} filter search filter
     * @param {string[]} fields array of fields to return
     * @param {number} pageSize page size (default value: 1000)
     * @param {string} pageCookie paged results cookie
     * @returns {Promise<PagedResult<IdObjectSkeletonInterface>>} a promise resolving to an array of IdObjectSkeletonInterface objects
     */
    querySystemObjects(systemName: string, systemObjectType: string, filter: string, fields?: string[], pageSize?: number, pageCookie?: string): Promise<PagedResult<IdObjectSkeletonInterface>>;
    /**
     * Read system object
     * @param {string} systemName name of system/connector
     * @param {string} systemObjectType type of system object
     * @param {string} systemObjectId id of system object
     * @param {string[]} fields array of fields to return (default: `['*']`)
     * @returns {Promise<IdObjectSkeletonInterface>} a promise resolving to an IdObjectSkeletonInterface object
     */
    readSystemObject(systemName: string, systemObjectType: string, systemObjectId: string, fields?: string[]): Promise<IdObjectSkeletonInterface>;
    /**
     * Create system object
     * @param {string} systemName name of system/connector
     * @param {string} systemObjectType type of system object
     * @param {IdObjectSkeletonInterface} systemObjectData system object data
     * @returns {Promise<IdObjectSkeletonInterface>} a promise resolving to an IdObjectSkeletonInterface object
     */
    createSystemObject(systemName: string, systemObjectType: string, systemObjectData: IdObjectSkeletonInterface): Promise<IdObjectSkeletonInterface>;
    /**
     * Update or create system object
     * @param {string} systemName name of system/connector
     * @param {string} systemObjectType type of system object
     * @param {string} systemObjectId id of system object
     * @param {IdObjectSkeletonInterface} systemObjectData system object data
     * @param {boolean} failIfExists fail if object exists (default value: false)
     * @returns {Promise<IdObjectSkeletonInterface>} a promise resolving to an IdObjectSkeletonInterface object
     */
    updateSystemObject(systemName: string, systemObjectType: string, systemObjectId: string, systemObjectData: IdObjectSkeletonInterface, failIfExists?: boolean): Promise<IdObjectSkeletonInterface>;
    /**
     * Partially update system object through a collection of patch operations.
     * @param {string} systemName name of system/connector
     * @param {string} systemObjectType type of system object
     * @param {string} systemObjectId id of system object
     * @param {SystemObjectPatchOperationInterface[]} operations collection of patch operations to perform on the object
     * @returns {Promise<IdObjectSkeletonInterface>} a promise resolving to an IdObjectSkeletonInterface object
     */
    updateSystemObjectProperties(systemName: string, systemObjectType: string, systemObjectId: string, operations: SystemObjectPatchOperationInterface[]): Promise<IdObjectSkeletonInterface>;
    /**
     * Delete system object
     * @param {string} systemName name of system/connector
     * @param {string} systemObjectType type of system object
     * @param {string} systemObjectId id of system object
     * @returns {Promise<IdObjectSkeletonInterface>} a promise resolving to an IdObjectSkeletonInterface object
     */
    deleteSystemObject(systemName: string, systemObjectType: string, systemObjectId: string): Promise<IdObjectSkeletonInterface>;
    /**
     * Read system schema
     * @param {string} systemName name of system/connector
     * @returns {Promise<Record<string, ObjectTypeSkeleton>>} a promise resolving to a map of Record<string, ObjectTypeSkeleton>
     */
    readSystemSchema(systemName: string): Promise<Record<string, ObjectTypeSkeleton>>;
};

type Idp = {
    /**
     * Read all social identity providers
     * @returns {Promise<SocialIdpSkeleton[]>} a promise that resolves to an array of social identity providers
     */
    readSocialIdentityProviders(): Promise<SocialIdpSkeleton[]>;
    /**
     * Read social identity provider
     * @param {string} providerId identity provider id/name
     * @returns {Promise<SocialIdpSkeleton>} a promise that resolves a social identity provider object
     */
    readSocialIdentityProvider(providerId: string): Promise<SocialIdpSkeleton>;
    /**
     * Create social identity provider
     * @param {string} providerType identity provider type
     * @param {string} providerId identity provider id/name
     * @param {SocialIdpSkeleton} providerData identity provider data
     * @returns {Promise<SocialIdpSkeleton>} a promise that resolves a social identity provider object
     */
    createSocialIdentityProvider(providerType: string, providerId: string, providerData: SocialIdpSkeleton): Promise<SocialIdpSkeleton>;
    /**
     * Update or create social identity provider
     * @param {string} providerType identity provider type
     * @param {string} providerId identity provider id/name
     * @param {SocialIdpSkeleton} providerData identity provider data
     * @returns {Promise<SocialIdpSkeleton>} a promise that resolves a social identity provider object
     */
    updateSocialIdentityProvider(providerType: string, providerId: string, providerData: SocialIdpSkeleton): Promise<SocialIdpSkeleton>;
    /**
     * Delete all social identity providers
     * @returns {Promise<SocialIdpSkeleton[]>} a promise that resolves to an array of social identity provider objects
     */
    deleteSocialIdentityProviders(): Promise<SocialIdpSkeleton[]>;
    /**
     * Delete social identity provider
     * @param {string} providerId social identity provider id/name
     * @returns {Promise<SocialIdpSkeleton>} a promise that resolves a social identity provider object
     */
    deleteSocialIdentityProvider(providerId: string): Promise<SocialIdpSkeleton>;
    /**
     * Export social identity provider
     * @param {string} providerId provider id/name
     * @returns {Promise<SocialProviderExportInterface>} a promise that resolves to a SocialProviderExportInterface object
     */
    exportSocialIdentityProvider(providerId: string): Promise<SocialProviderExportInterface>;
    /**
     * Export all social identity providers
     * @param {SocialIdentityProviderExportOptions} options export options
     * @returns {Promise<SocialProviderExportInterface>} a promise that resolves to a SocialProviderExportInterface object
     */
    exportSocialIdentityProviders(options?: SocialIdentityProviderExportOptions): Promise<SocialProviderExportInterface>;
    /**
     * Import social identity provider
     * @param {string} providerId provider id/name
     * @param {SocialProviderExportInterface} importData import data
     * @param {SocialIdentityProviderImportOptions} options import options
     * @returns {Promise<SocialIdpSkeleton>} a promise resolving to a social identity provider object
     */
    importSocialIdentityProvider(providerId: string, importData: SocialProviderExportInterface, options: SocialIdentityProviderImportOptions): Promise<SocialIdpSkeleton>;
    /**
     * Import first social identity provider
     * @param {SocialProviderExportInterface} importData import data
     * @param {SocialIdentityProviderImportOptions} options import options
     * @returns {Promise<SocialIdpSkeleton>} a promise resolving to a social identity provider object
     */
    importFirstSocialIdentityProvider(importData: SocialProviderExportInterface, options: SocialIdentityProviderImportOptions): Promise<SocialIdpSkeleton>;
    /**
     * Import all social identity providers
     * @param {SocialProviderExportInterface} importData import data
     * @param {SocialIdentityProviderImportOptions} options import options
     * @returns {Promise<SocialIdpSkeleton[]>} a promise resolving to an array of social identity provider objects
     */
    importSocialIdentityProviders(importData: SocialProviderExportInterface, options: SocialIdentityProviderImportOptions): Promise<SocialIdpSkeleton[]>;
};
/**
 * Social identity provider export options
 */
interface SocialIdentityProviderExportOptions {
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
}
/**
 * Social identity provider import options
 */
interface SocialIdentityProviderImportOptions {
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
}
interface SocialProviderExportInterface {
    meta?: ExportMetaData;
    script: Record<string, ScriptSkeleton>;
    idp: Record<string, SocialIdpSkeleton>;
}

interface EnvInfoInterface {
    immutable: boolean;
    locked: boolean;
    region: string;
    tier: string;
    warning_message_html: string;
    message_box_title: string;
    message_box_html: string;
    message_variant: string;
    config_promotion_done: boolean;
    placeholder_management: 'CUSTOMER' | 'SRE';
    placeholder_management_migration_date: string;
}

type Info = {
    /**
     * Get info about the platform instance
     * @returns {Promise<PlatformInfo>} a promise that resolves to a json blob with information about the instance and tokens
     */
    getInfo(): Promise<PlatformInfo>;
};
interface PlatformInfoInterface {
    host: string;
    authenticatedSubject: string;
    amVersion: string;
    cookieName: string;
    sessionToken: string;
    bearerToken?: string;
    deploymentType: string;
}
type PlatformInfo = PlatformInfoInterface & Partial<EnvInfoInterface>;

type ManagedObjectSchemaPropertyType = 'string' | 'number' | 'integer' | 'boolean' | 'array' | 'relationship' | 'object';
type ManagedObjectSchemaLeafPropertyType = Extract<ManagedObjectSchemaPropertyType, 'string' | 'number' | 'integer' | 'boolean'>;
type ManagedObjectSchemaPropertyBase = {
    description?: string;
    title?: string;
    searchable?: boolean;
    userEditable?: boolean;
    viewable?: boolean;
    returnByDefault?: boolean;
};
interface ManagedObjectSchemaLeafProperty extends ManagedObjectSchemaPropertyBase {
    type: ManagedObjectSchemaLeafPropertyType;
    propName?: string;
    required?: boolean;
}
interface ManagedObjectSchemaObjectProperty extends ManagedObjectSchemaPropertyBase {
    type: Extract<ManagedObjectSchemaPropertyType, 'object'>;
    order?: string[];
    properties?: Record<string, ManagedObjectSchemaProperty>;
}
type ManagedObjectSchemaRelationshipResourceQuery = {
    fields: string[];
    queryFilter: string;
    sortKeys: string[];
};
type ManagedObjectSchemaRelationshipResourceCollectionItem = {
    label: string;
    notify: boolean;
    path: string;
    query: ManagedObjectSchemaRelationshipResourceQuery;
};
interface ManagedObjectSchemaRelationshipProperty extends ManagedObjectSchemaPropertyBase {
    id: string;
    notifySelf: boolean;
    properties: Record<string, ManagedObjectSchemaProperty>;
    resourceCollection: ManagedObjectSchemaRelationshipResourceCollectionItem[];
    reverseRelationship: boolean;
    reversePropertyName?: string;
    title: string;
    type: Extract<ManagedObjectSchemaPropertyType, 'relationship'>;
    validate: boolean;
}
interface ManagedObjectSchemaArrayProperty<TItem extends ManagedObjectSchemaProperty = ManagedObjectSchemaProperty> extends ManagedObjectSchemaPropertyBase {
    type: Extract<ManagedObjectSchemaPropertyType, 'array'>;
    items: TItem;
}
type ManagedObjectSchemaProperty = ManagedObjectSchemaLeafProperty | ManagedObjectSchemaObjectProperty | ManagedObjectSchemaRelationshipProperty | ManagedObjectSchemaArrayProperty;
type ManagedObjectSchema<TProperties extends Record<string, ManagedObjectSchemaProperty> = Record<string, ManagedObjectSchemaProperty>> = {
    $schema: string;
    icon?: string;
    order: Array<keyof TProperties & string>;
    properties: TProperties;
    required: Array<keyof TProperties & string>;
    title: string;
    type: 'object';
    resourceCollection: string;
};

type ManagedObject = {
    /**
     * Read managed object schema
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {boolean} refreshCache whether to refresh the schema cache for the specified type
     * @param {ManagedObjectSchemaOptions} options options to filter the returned schema
     * @returns {Promise<ManagedObjectSchema>} a promise that resolves to a managed object schema
     */
    readManagedObjectSchema(type: string, refreshCache?: boolean, options?: ManagedObjectSchemaOptions): Promise<ManagedObjectSchema>;
    /**
     * Create managed object
     * @param {string} type managed object type, e.g. teammember or alpha_user
     * @param {IdObjectSkeletonInterface} moData managed object data
     * @param {string} id managed object _id
     */
    createManagedObject(type: string, moData: IdObjectSkeletonInterface, id?: string): Promise<IdObjectSkeletonInterface>;
    /**
     * Read managed object
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} id managed object id
     * @param {string[]} fields array of fields to include
     * @returns {Promise<IdObjectSkeletonInterface>} a promise that resolves to an IdObjectSkeletonInterface
     */
    readManagedObject(type: string, id: string, fields?: string[]): Promise<IdObjectSkeletonInterface>;
    /**
     * Read all managed object of the specified type
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string[]} fields array of fields to return
     * @returns {Promise<IdObjectSkeletonInterface[]>} a promise that resolves to an array of IdObjectSkeletonInterfaces
     */
    readManagedObjects(type: string, fields?: string[]): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Count managed objects of the specified type.
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} filter CREST search filter
     * @returns {Promise<number>} a promise that resolves to the object count
     */
    countManagedObjects(type: string, filter?: string): Promise<number>;
    /**
     * Update managed object
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} id managed object id
     * @param {IdObjectSkeletonInterface} moData managed object data
     * @returns {Promise<IdObjectSkeletonInterface>} a promise that resolves to an IdObjectSkeletonInterface
     */
    updateManagedObject(type: string, id: string, moData: IdObjectSkeletonInterface): Promise<IdObjectSkeletonInterface>;
    /**
     * Partially update managed object through a collection of patch operations.
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} id managed object id
     * @param {PatchOperationInterface[]} operations collection of patch operations to perform on the object
     * @param {string} rev managed object revision
     * @returns {Promise<IdObjectSkeletonInterface>} a promise that resolves to an IdObjectSkeletonInterface
     */
    updateManagedObjectProperties(type: string, id: string, operations: PatchOperationInterface[], rev?: string): Promise<IdObjectSkeletonInterface>;
    /**
     * Partially update multiple managed object through a collection of patch operations.
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} filter CREST search filter
     * @param {PatchOperationInterface[]} operations collection of patch operations to perform on the object
     * @param {string} rev managed object revision
     * @param {number} pageSize page size
     * @returns {Promise<IdObjectSkeletonInterface>} a promise that resolves to an IdObjectSkeletonInterface
     */
    updateManagedObjectsProperties(type: string, filter: string, operations: PatchOperationInterface[], rev?: string, pageSize?: number): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Delete managed object
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} id managed object id
     * @returns {Promise<IdObjectSkeletonInterface>} a promise that resolves to an IdObjectSkeletonInterface
     */
    deleteManagedObject(type: string, id: string): Promise<IdObjectSkeletonInterface>;
    /**
     * Delete managed objects by filter
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} filter filter
     * @returns {Promise<number>} a promise that resolves the number of deleted objects
     */
    deleteManagedObjects(type: string, filter: string): Promise<number>;
    /**
     * Query managed objects
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} filter CREST search filter
     * @param {string[]} fields array of fields to return
     * @return {Promise<IdObjectSkeletonInterface[]>} a promise resolving to an array of managed objects
     */
    queryManagedObjects(type: string, filter?: string, fields?: string[], pageSize?: number): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Query related managed objects
     * @param {string} type managed object type, e.g. alpha_user or user
     * @param {string} id managed object id
     * @param {string} relationship name of the relationship to query, e.g. "members" for team membership relationships
     * @param {string[]} fields array of fields to return
     * @return {Promise<IdObjectSkeletonInterface[]>} a promise resolving to an array of managed objects
     */
    queryRelatedManagedObjects(type: string, id: string, relationship: string, fields?: string[], pageSize?: number): Promise<IdObjectSkeletonInterface[]>;
    /**
     * Resolve a managed object's uuid to a human readable username
     * @param {string} type managed object type, e.g. teammember or alpha_user
     * @param {string} id managed object _id
     * @returns {Promise<string>} resolved username or uuid if any error occurs during reslution
     */
    resolveUserName(type: string, id: string): Promise<string>;
    /**
     * Resolve a managed object's uuid to a human readable full name
     * @param {string} type managed object type, e.g. teammember or alpha_user
     * @param {string} id managed object _id
     * @returns {Promise<string>} resolved full name or uuid if any error occurs during reslution
     */
    resolveFullName(type: string, id: string): Promise<string>;
    /**
     * Resolve a perpetrator's uuid to a human readable string identifying the perpetrator
     * @param {string} id managed object _id
     * @returns {Promise<string>} resolved perpetrator descriptive string or uuid if any error occurs during reslution
     */
    resolvePerpetratorUuid(id: string): Promise<string>;
};
type ManagedObjectSchemaOptions = {
    /**
     * Whether to exclude virtual properties from the returned schema.
     * Virtual properties are non-persisted properties that are calculated
     * or derived at runtime.
     * */
    excludeVirtual?: boolean;
    /**
     * Whether to exclude relationship properties from the returned schema.
     */
    excludeRelationships?: boolean;
    /**
     * If specified, only relationship properties whose resourceCollection
     * path matches any of the values in this array will be included in the
     * returned schema when excludeRelationships is true. This option is
     * ignored if excludeRelationships is false.
     */
    includeRelationshipsFilter?: string[];
};

/**
 * Semver-style filter used by readNodesByVersion to select node type versions.
 *
 * Supported comparisons:
 * - `eq`: exact version match
 * - `gt` / `gte`: greater than / greater than or equal
 * - `lt` / `lte`: less than / less than or equal
 * - `from` / `to`: inclusive range bounds by default
 * - `includeFrom` / `includeTo`: override range bound inclusivity
 */
type NodeVersionFilter = {
    /** Exact version match. */
    eq?: string;
    /** Strictly greater than the supplied version. */
    gt?: string;
    /** Greater than or equal to the supplied version. */
    gte?: string;
    /** Strictly less than the supplied version. */
    lt?: string;
    /** Less than or equal to the supplied version. */
    lte?: string;
    /** Range lower bound. Inclusive unless includeFrom is set to false. */
    from?: string;
    /** Range upper bound. Inclusive unless includeTo is set to false. */
    to?: string;
    /** Whether the from bound is inclusive. Defaults to true. */
    includeFrom?: boolean;
    /** Whether the to bound is inclusive. Defaults to true. */
    includeTo?: boolean;
};
type Node = {
    /**
     * Read all node types
     * @returns {Promise<any>} a promise that resolves to an array of node type objects
     */
    readNodeTypes(): Promise<any>;
    /**
     * Read a specific node type
     * @param {string} nodeType node type
     * @param {string} nodeTypeVersion node type version
     * @returns {Promise<any>} a promise that resolves to a node type object
     */
    readNodeType(nodeType: string, nodeTypeVersion?: string): Promise<any>;
    /**
     * Read all nodes
     * @returns {Promise<NodeSkeleton[]>} a promise that resolves to an object containing an array of node objects
     */
    readNodes(): Promise<NodeSkeleton[]>;
    /**
     * Read all nodes across types and versions with optional version filtering.
     * @param {NodeVersionFilter} nodeVersionFilter optional node version filter
     * @returns {Promise<NodeSkeleton[]>} matched node instances
     */
    readNodesByVersion(nodeVersionFilter?: NodeVersionFilter): Promise<NodeSkeleton[]>;
    /**
     * Read all nodes by type
     * @param {string} nodeType node type
     * @param {string} nodeTypeVersion node type version
     * @returns {Promise<NodeSkeleton[]>} a promise that resolves to an object containing an array of node objects of the requested type
     */
    readNodesByType(nodeType: string, nodeTypeVersion?: string): Promise<NodeSkeleton[]>;
    /**
     * Read node by uuid and type
     * @param {string} nodeId node uuid
     * @param {string} nodeType node type
     * @param {string} nodeTypeVersion node type version
     * @returns {Promise<NodeSkeleton>} a promise that resolves to a node object
     */
    readNode(nodeId: string, nodeType: string, nodeTypeVersion?: string): Promise<NodeSkeleton>;
    /**
     * Export all nodes
     * @returns {Promise<NodeExportInterface>} a promise that resolves to an array of node objects
     */
    exportNodes(): Promise<NodeExportInterface>;
    /**
     * Create node by type
     * @param {string} nodeType node type
     * @param {NodeSkeleton} nodeData node object
     * @returns {Promise<NodeSkeleton>} a promise that resolves to an object containing a node object
     */
    createNode(nodeType: string, nodeData: NodeSkeleton): Promise<NodeSkeleton>;
    /**
     * Update or create node by uuid and type
     * @param {string} nodeId node uuid
     * @param {string} nodeType node type
     * @param {NodeSkeleton} nodeData node object
     * @returns {Promise<NodeSkeleton>} a promise that resolves to an object containing a node object
     */
    updateNode(nodeId: string, nodeType: string, nodeData: NodeSkeleton): Promise<NodeSkeleton>;
    /**
     * Delete node by uuid and type
     * @param {string} nodeId node uuid
     * @param {string} nodeType node type
     * @returns {Promise<NodeSkeleton>} a promise that resolves to an object containing a node object
     */
    deleteNode(nodeId: string, nodeType: string): Promise<NodeSkeleton>;
    /**
     * Read custom node. Either ID or name must be provided.
     * @param {string} nodeId ID or service name of custom node. Takes priority over node display name if both are provided.
     * @param {string} nodeName Display name of custom node.
     * @returns {Promise<CustomNodeSkeleton>} a promise that resolves to a custom node object
     */
    readCustomNode(nodeId?: string, nodeName?: string): Promise<CustomNodeSkeleton>;
    /**
     * Read all custom nodes
     * @returns {Promise<CustomNodeSkeleton[]>} a promise that resolves to an array of custom nodes objects
     */
    readCustomNodes(): Promise<CustomNodeSkeleton[]>;
    /**
     * Export custom node. Either ID or name must be provided.
     * @param {string} nodeId ID or service name of custom node. Takes priority over node display name if both are provided.
     * @param {string} nodeName Display name of custom node.
     * @param {CustomNodeExportOptions} options Custom node export options
     * @returns {Promise<CustomNodeExportInterface>} a promise that resolves to a custom node export object
     */
    exportCustomNode(nodeId?: string, nodeName?: string, options?: CustomNodeExportOptions): Promise<CustomNodeExportInterface>;
    /**
     * Export all custom nodes
     * @param {CustomNodeExportOptions} options Custom node export options
     * @returns {Promise<CustomNodeExportInterface>} a promise that resolves to a custom node export object
     */
    exportCustomNodes(options?: CustomNodeExportOptions): Promise<CustomNodeExportInterface>;
    /**
     * Update custom node by ID
     * @param {string} nodeId ID or service name of custom node.
     * @param {CustomNodeSkeleton} nodeData node object
     * @returns {Promise<CustomNodeSkeleton>} a promise that resolves to a custom node object
     */
    updateCustomNode(nodeId: string, nodeData: CustomNodeSkeleton): Promise<CustomNodeSkeleton>;
    /**
     * Import custom nodes
     * @param {string} nodeId ID or service name of custom node. If supplied, only the custom node of that id is imported. Takes priority over node display name if both are provided.
     * @param {string} nodeName Display name of custom node. If supplied, only the custom node of that name is imported
     * @param {CustomNodeExportInterface} importData Custom node import data
     * @param {CustomNodeImportOptions} options Custom node import options
     * @param {ResultCallback<CustomNodeSkeleton>} resultCallback Optional callback to process individual results
     * @returns {Promise<CustomNodeSkeleton[]>} the imported custom nodes
     */
    importCustomNodes(nodeId: string, nodeName: string, importData: CustomNodeExportInterface, options?: CustomNodeImportOptions, resultCallback?: ResultCallback<CustomNodeSkeleton>): Promise<CustomNodeSkeleton[]>;
    /**
     * Delete custom node. Either ID or name must be provided.
     * @param {string} nodeId ID or service name of custom node. Takes priority over node display name if both are provided.
     * @param {string} nodeName Display name of custom node.
     * @returns {Promise<CustomNodeSkeleton>} promise that resolves to a custom node object
     */
    deleteCustomNode(nodeId?: string, nodeName?: string): Promise<CustomNodeSkeleton>;
    /**
     * Delete custom nodes
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<CustomNodeSkeleton[]>} promise that resolves to an array of custom node objects
     */
    deleteCustomNodes(resultCallback?: ResultCallback<CustomNodeSkeleton>): Promise<CustomNodeSkeleton[]>;
    /**
     * Find all node configuration objects that are no longer referenced by any tree
     * @returns {Promise<NodeSkeleton[]>} a promise that resolves to an array of orphaned nodes
     */
    findOrphanedNodes(): Promise<NodeSkeleton[]>;
    /**
     * Remove orphaned nodes
     * @param {NodeSkeleton[]} orphanedNodes Pass in an array of orphaned node configuration objects to remove
     * @returns {Promise<NodeSkeleton[]>} a promise that resolves to an array nodes that encountered errors deleting
     */
    removeOrphanedNodes(orphanedNodes: NodeSkeleton[]): Promise<NodeSkeleton[]>;
    /**
     * Get custom node usage by ID
     * @param {String} nodeId ID or service name of the custom node
     * @returns {Promise<CustomNodeUsage>} a promise that resolves to an object containing a custom node usage object
     */
    getCustomNodeUsage(nodeId: string): Promise<CustomNodeUsage>;
    /**
     * Analyze if a node type is premium.
     * @param {string} nodeType Node type
     * @returns {boolean} True if the node type is premium, false otherwise.
     * @deprecated since v4.0.0 Frodo no longer classifies nodes as premium vs standard. This method will be removed in a future major release.
     * @group Deprecated
     */
    isPremiumNode(nodeType: string): boolean;
    /**
     * Analyze if a node type is a cloud-only node.
     * @param {string} nodeType Node type
     * @returns {boolean} True if the node type is cloud-only, false otherwise.
     * @deprecated since v4.0.0 Frodo no longer classifies nodes as cloud-only vs standard. This method will be removed in a future major release.
     * @group Deprecated
     */
    isCloudOnlyNode(nodeType: string): boolean;
    /**
     * Analyze if a node type is a cloud-excluded node. Cloud excluded nodes are OOTB nodes in self-hosted AM deployments but have been excluded in cloud.
     * @param {string} nodeType node type.
     * @returns {boolean} True if node type is cloud-excluded, false otherwise.
     * @deprecated since v4.0.0 Frodo no longer classifies nodes as cloud-excluded vs standard. This method will be removed in a future major release.
     * @group Deprecated
     */
    isCloudExcludedNode(nodeType: string): boolean;
    /**
     * Analyze if a node type has been deprecated
     * @param {string} nodeType node type.
     * @returns {boolean} True if node type is deprecated, false otherwise.
     * @deprecated since v4.0.0 Frodo no longer classifies nodes as deprecated vs standard. This method will be removed in a future major release.
     * @group Deprecated
     */
    isDeprecatedNode(nodeType: string): boolean;
    /**
     * Analyze if a node is custom.
     * @param {string} nodeType Node type
     * @returns {boolean} True if the node type is custom, false otherwise.
     * @deprecated since v4.0.0 Frodo no longer classifies nodes as custom vs standard. This method will be removed in a future major release.
     * @group Deprecated
     */
    isCustomNode(nodeType: string): boolean;
    /**
     * Get a node's classifications, which can be one or multiple of:
     * - standard: can run on any instance of a ForgeRock platform
     * - cloud: utilize nodes, which are exclusively available in the ForgeRock Identity Cloud
     * - premium: utilizes nodes, which come at a premium
     * - deprecated: nodes that are no longer supported
     * - custom: nodes that are user-defined
     * - excluded: nodes that are excluded from certain environments
     * @param {string} nodeType Node type
     * @returns {NodeClassificationType[]} an array of one or multiple classifications
     * @deprecated since v4.0.0 Frodo no longer classifies nodes as "standard" vs "custom" vs "cloud" vs "excluded" vs "premium" vs "deprecated". This method will be removed in a future major release.
     * @group Deprecated
     */
    getNodeClassification(nodeType: string): NodeClassificationType[];
};
interface NodeExportInterface {
    meta?: ExportMetaData;
    node: Record<string, NodeSkeleton>;
}
interface CustomNodeExportInterface {
    meta?: ExportMetaData;
    nodeTypes: Record<string, CustomNodeSkeleton>;
}
/**
 * Custom node import options
 */
interface CustomNodeImportOptions {
    /**
     * Generate new UUIDs and service names for all custom nodes during import.
     */
    reUuid: boolean;
    /**
     * Wait for AM to load new custom nodes before returning.
     */
    wait: boolean;
}
/**
 * Custom node export options
 */
interface CustomNodeExportOptions {
    /**
     * Use string arrays to store script code
     */
    useStringArrays: boolean;
}
/**
 * Node classification types. Note that a node can have multiple classifications, e.g. a node can be both "cloud" and "premium" if it's a node that's exclusively available in the ForgeRock Identity Cloud and comes at a premium.
 * - standard: can run on any instance of a ForgeRock platform
 * - cloud: utilize nodes, which are exclusively available in the ForgeRock Identity Cloud
 * - custom: nodes that are user-defined
 * - excluded: nodes that are excluded from certain environments
 * - premium: nodes that come at a premium
 * - deprecated: nodes that are no longer supported
 * @deprecated since v4.0.0 Frodo no longer classifies nodes as "standard" vs "custom" vs "cloud" vs "excluded" vs "premium" vs "deprecated". This type will be removed in a future major release.
 */
type NodeClassificationType = 'standard' | 'custom' | 'cloud' | 'excluded' | 'premium' | 'deprecated';

type OAuth2Client = {
    /**
     * Create an empty OAuth2 client export template
     * @returns {OAuth2ClientExportInterface} an empty OAuth2 client export template
     */
    createOAuth2ClientExportTemplate(): OAuth2ClientExportInterface;
    /**
     * Read all OAuth2 clients
     * @returns {Promise<OAuth2ClientSkeleton[]>} a promise that resolves to an array of oauth2client objects
     */
    readOAuth2Clients(): Promise<OAuth2ClientSkeleton[]>;
    /**
     * Read OAuth2 client
     * @param {string} clientId client id
     * @returns {Promise<OAuth2ClientSkeleton>} a promise that resolves to an oauth2client object
     */
    readOAuth2Client(clientId: string): Promise<OAuth2ClientSkeleton>;
    /**
     * Create OAuth2 client
     * @param {string} clientId client id
     * @param {any} clientData oauth2client object
     * @returns {Promise<OAuth2ClientSkeleton>} a promise that resolves to an oauth2client object
     */
    createOAuth2Client(clientId: string, clientData: OAuth2ClientSkeleton): Promise<OAuth2ClientSkeleton>;
    /**
     * Update or create OAuth2 client
     * @param {string} clientId client id
     * @param {any} clientData oauth2client object
     * @returns {Promise<any>} a promise that resolves to an oauth2client object
     */
    updateOAuth2Client(clientId: string, clientData: OAuth2ClientSkeleton): Promise<OAuth2ClientSkeleton>;
    /**
     * Delete all OAuth2 clients
     * @returns {Promise<OAuth2ClientSkeleton[]>} a promise that resolves to an array of oauth2client objects
     */
    deleteOAuth2Clients(): Promise<OAuth2ClientSkeleton[]>;
    /**
     * Delete OAuth2 client
     * @param {string} clientId client id
     * @returns {Promise<OAuth2ClientSkeleton>} a promise that resolves to an oauth2client object
     */
    deleteOAuth2Client(clientId: string): Promise<OAuth2ClientSkeleton>;
    /**
     * Export all OAuth2 clients
     * @param {OAuth2ClientExportOptions} options export options
     * @returns {OAuth2ClientExportInterface} export data
     */
    exportOAuth2Clients(options?: OAuth2ClientExportOptions): Promise<OAuth2ClientExportInterface>;
    /**
     * Export OAuth2 client by ID
     * @param {string} clientId oauth2 client id
     * @param {OAuth2ClientExportOptions} options export options
     * @returns {OAuth2ClientExportInterface} export data
     */
    exportOAuth2Client(clientId: string, options?: OAuth2ClientExportOptions): Promise<OAuth2ClientExportInterface>;
    /**
     * Import OAuth2 Client by ID
     * @param {string} clientId client id
     * @param {OAuth2ClientExportInterface} importData import data
     * @param {OAuth2ClientImportOptions} options import options
     * @returns {Promise<OAuth2ClientSkeleton>} a promise resolving to an oauth2 client
     */
    importOAuth2Client(clientId: string, importData: OAuth2ClientExportInterface, options?: OAuth2ClientImportOptions): Promise<OAuth2ClientSkeleton>;
    /**
     * Import first OAuth2 Client
     * @param {OAuth2ClientExportInterface} importData import data
     * @param {OAuth2ClientImportOptions} options import options
     * @returns {Promise<OAuth2ClientSkeleton>} a promise resolving to an oauth2 client
     */
    importFirstOAuth2Client(importData: OAuth2ClientExportInterface, options?: OAuth2ClientImportOptions): Promise<OAuth2ClientSkeleton>;
    /**
     * Import OAuth2 Clients
     * @param {OAuth2ClientExportInterface} importData import data
     * @param {OAuth2ClientImportOptions} options import options
     * @returns {Promise<OAuth2ClientSkeleton[]>} a promise resolving to an array of oauth2 clients
     */
    importOAuth2Clients(importData: OAuth2ClientExportInterface, options?: OAuth2ClientImportOptions): Promise<OAuth2ClientSkeleton[]>;
};
/**
 * OAuth2 client export options
 */
interface OAuth2ClientExportOptions {
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
}
/**
 * OAuth2 client import options
 */
interface OAuth2ClientImportOptions {
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
}
interface OAuth2ClientExportInterface {
    meta?: ExportMetaData;
    script?: Record<string, ScriptSkeleton>;
    application: Record<string, OAuth2ClientSkeleton>;
}

type OAuth2ProviderSkeleton = AmConfigEntityInterface & {
    advancedOIDCConfig: {
        supportedRequestParameterEncryptionEnc?: string[];
        authorisedOpenIdConnectSSOClients?: string[];
        supportedUserInfoEncryptionAlgorithms?: string[];
        supportedAuthorizationResponseEncryptionEnc?: string[];
        supportedTokenIntrospectionResponseEncryptionAlgorithms?: string[];
        useForceAuthnForPromptLogin?: boolean;
        useForceAuthnForMaxAge?: boolean;
        alwaysAddClaimsToToken?: boolean;
        supportedTokenIntrospectionResponseSigningAlgorithms?: string[];
        supportedTokenEndpointAuthenticationSigningAlgorithms?: string[];
        supportedRequestParameterSigningAlgorithms?: string[];
        includeAllKtyAlgCombinationsInJwksUri?: boolean;
        amrMappings?: any;
        loaMapping?: any;
        authorisedIdmDelegationClients?: string[];
        idTokenInfoClientAuthenticationEnabled?: boolean;
        storeOpsTokens?: boolean;
        supportedUserInfoSigningAlgorithms?: string[];
        supportedAuthorizationResponseSigningAlgorithms?: string[];
        supportedUserInfoEncryptionEnc?: string[];
        claimsParameterSupported?: boolean;
        supportedTokenIntrospectionResponseEncryptionEnc?: string[];
        supportedAuthorizationResponseEncryptionAlgorithms?: string[];
        supportedRequestParameterEncryptionAlgorithms?: string[];
        defaultACR?: string[];
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    advancedOAuth2Config?: {
        passwordGrantAuthService?: string;
        tokenCompressionEnabled?: boolean;
        tokenEncryptionEnabled?: boolean;
        requirePushedAuthorizationRequests?: boolean;
        tlsCertificateBoundAccessTokensEnabled?: boolean;
        defaultScopes?: string[];
        moduleMessageEnabledInPasswordGrant?: boolean;
        allowClientCredentialsInTokenRequestQueryParameters?: boolean;
        supportedSubjectTypes?: string[];
        refreshTokenGracePeriod?: number;
        tlsClientCertificateHeaderFormat?: string;
        hashSalt?: string;
        macaroonTokenFormat?: string;
        maxAgeOfRequestObjectNbfClaim?: number;
        tlsCertificateRevocationCheckingEnabled?: boolean;
        nbfClaimRequiredInRequestObject?: boolean;
        requestObjectProcessing?: string;
        maxDifferenceBetweenRequestObjectNbfAndExp?: number;
        responseTypeClasses?: string[];
        expClaimRequiredInRequestObject?: boolean;
        tokenValidatorClasses?: string[];
        tokenSigningAlgorithm?: string;
        codeVerifierEnforced?: string;
        displayNameAttribute?: string;
        tokenExchangeClasses?: string[];
        parRequestUriLifetime?: number;
        allowedAudienceValues?: string[];
        persistentClaims?: string[];
        supportedScopes?: string[];
        authenticationAttributes?: string[];
        grantTypes?: string[];
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    clientDynamicRegistrationConfig?: {
        dynamicClientRegistrationScope: string;
        allowDynamicRegistration: boolean;
        requiredSoftwareStatementAttestedAttributes: string[];
        dynamicClientRegistrationSoftwareStatementRequired: boolean;
        generateRegistrationAccessTokens: boolean;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    coreOIDCConfig?: {
        overrideableOIDCClaims: string[];
        oidcDiscoveryEndpointEnabled: boolean;
        supportedIDTokenEncryptionMethods: string[];
        supportedClaims: string[];
        supportedIDTokenSigningAlgorithms: string[];
        supportedIDTokenEncryptionAlgorithms: string[];
        jwtTokenLifetime: number;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    coreOAuth2Config?: {
        refreshTokenLifetime: number;
        scopesPolicySet: string;
        accessTokenMayActScript: '[Empty]' | string;
        accessTokenLifetime: number;
        macaroonTokensEnabled: boolean;
        codeLifetime: number;
        statelessTokensEnabled: boolean;
        usePolicyEngineForScope: boolean;
        issueRefreshToken: boolean;
        oidcMayActScript: '[Empty]' | string;
        issueRefreshTokenOnRefreshedToken: boolean;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    consent?: {
        supportedRcsRequestSigningAlgorithms: string[];
        supportedRcsResponseEncryptionAlgorithms: string[];
        supportedRcsRequestEncryptionMethods: string[];
        enableRemoteConsent: boolean;
        supportedRcsRequestEncryptionAlgorithms: string[];
        clientsCanSkipConsent: boolean;
        supportedRcsResponseSigningAlgorithms: string[];
        supportedRcsResponseEncryptionMethods: string[];
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    deviceCodeConfig?: {
        deviceUserCodeLength: number;
        deviceCodeLifetime: number;
        deviceUserCodeCharacterSet: string;
        devicePollInterval: number;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    pluginsConfig?: {
        evaluateScopeClass?: string;
        validateScopeScript?: '[Empty]' | string;
        accessTokenEnricherClass?: string;
        oidcClaimsPluginType?: string;
        authorizeEndpointDataProviderClass?: string;
        authorizeEndpointDataProviderPluginType?: 'JAVA' | 'SCRIPTED';
        userCodeGeneratorClass?: string;
        evaluateScopeScript?: '[Empty]' | string;
        oidcClaimsClass?: string;
        evaluateScopePluginType?: 'JAVA' | 'SCRIPTED';
        authorizeEndpointDataProviderScript?: '[Empty]' | string;
        accessTokenModifierClass?: string;
        accessTokenModificationScript?: '[Empty]' | string;
        validateScopePluginType?: 'JAVA' | 'SCRIPTED';
        accessTokenModificationPluginType?: 'JAVA' | 'SCRIPTED';
        oidcClaimsScript?: '[Empty]' | string;
        validateScopeClass?: string;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    cibaConfig?: {
        cibaMinimumPollingInterval: number;
        supportedCibaSigningAlgorithms: string[];
        cibaAuthReqIdLifetime: number;
        [k: string]: string | number | boolean | string[] | object | undefined;
    };
    [k: string]: string | number | boolean | string[] | object | undefined;
};

type OAuth2Provider = {
    /**
     * Read oauth2 provider
     * @returns {Promise<OAuth2ProviderSkeleton>} a promise resolving to an oauth2 provider object
     */
    readOAuth2Provider(): Promise<OAuth2ProviderSkeleton | null>;
    /**
     * Create oauth2 provider
     * @param {OAuth2ProviderSkeleton} providerData oauth2 provider data
     * @returns {Promise<OAuth2ProviderSkeleton>} a promise resolving to an oauth2 provider object
     */
    createOAuth2Provider(providerData?: OAuth2ProviderSkeleton): Promise<OAuth2ProviderSkeleton>;
    /**
     * Update or create oauth2 provider
     * @param {OAuth2ProviderSkeleton} providerData oauth2 provider data
     * @returns {Promise<OAuth2ProviderSkeleton>} a promise resolving to an oauth2 provider object
     */
    updateOAuth2Provider(providerData: OAuth2ProviderSkeleton): Promise<OAuth2ProviderSkeleton>;
    /**
     * Delete oauth2 provider
     * @returns {Promise<OAuth2ProviderSkeleton>} a promise resolving to an oauth2 provider object
     */
    deleteOAuth2Provider(): Promise<OAuth2ProviderSkeleton>;
};

type OAuth2TrustedJwtIssuer = {
    /**
     * Create an empty OAuth2 trusted jwt issuer export template
     * @returns {OAuth2TrustedJwtIssuerExportInterface} an empty OAuth2 trusted jwt issuer export template
     */
    createOAuth2TrustedJwtIssuerExportTemplate(): OAuth2TrustedJwtIssuerExportInterface;
    /**
     * Read all OAuth2 trusted jwt issuers
     * @returns {Promise<OAuth2TrustedJwtIssuerSkeleton[]>} a promise that resolves to an array of trusted jwt issuer objects
     */
    readOAuth2TrustedJwtIssuers(): Promise<OAuth2TrustedJwtIssuerSkeleton[]>;
    /**
     * Read OAuth2 trusted jwt issuer
     * @param {string} issuerId trusted jwt issuer id
     * @returns {Promise<OAuth2TrustedJwtIssuerSkeleton>} a promise that resolves to an trusted jwt issuer object
     */
    readOAuth2TrustedJwtIssuer(issuerId: string): Promise<OAuth2TrustedJwtIssuerSkeleton>;
    /**
     * Create OAuth2 trusted jwt issuer
     * @param {string} issuerId trusted jwt issuer id
     * @param {any} issuerData trusted jwt issuer object
     * @returns {Promise<OAuth2TrustedJwtIssuerSkeleton>} a promise that resolves to an trusted jwt issuer object
     */
    createOAuth2TrustedJwtIssuer(issuerId: string, issuerData: OAuth2TrustedJwtIssuerSkeleton): Promise<OAuth2TrustedJwtIssuerSkeleton>;
    /**
     * Update or create OAuth2 trusted jwt issuer
     * @param {string} issuerId trusted jwt issuer id
     * @param {any} issuerData trusted jwt issuer object
     * @returns {Promise<any>} a promise that resolves to an trusted jwt issuer object
     */
    updateOAuth2TrustedJwtIssuer(issuerId: string, issuerData: OAuth2TrustedJwtIssuerSkeleton): Promise<OAuth2TrustedJwtIssuerSkeleton>;
    /**
     * Delete all OAuth2 trusted jwt issuers
     * @returns {Promise<OAuth2TrustedJwtIssuerSkeleton[]>} a promise that resolves to an array of trusted jwt issuer objects
     */
    deleteOAuth2TrustedJwtIssuers(): Promise<OAuth2TrustedJwtIssuerSkeleton[]>;
    /**
     * Delete OAuth2 trusted jwt issuer
     * @param {string} issuerId trusted jwt issuer id
     * @returns {Promise<OAuth2TrustedJwtIssuerSkeleton>} a promise that resolves to an trusted jwt issuer object
     */
    deleteOAuth2TrustedJwtIssuer(issuerId: string): Promise<OAuth2TrustedJwtIssuerSkeleton>;
    /**
     * Export all OAuth2 trusted jwt issuers
     * @param {OAuth2TrustedJwtIssuerExportOptions} options export options
     * @returns {OAuth2TrustedJwtIssuerExportInterface} export data
     */
    exportOAuth2TrustedJwtIssuers(options?: OAuth2TrustedJwtIssuerExportOptions): Promise<OAuth2TrustedJwtIssuerExportInterface>;
    /**
     * Export OAuth2 trusted jwt issuer by ID
     * @param {string} issuerId oauth2 trusted jwt issuer id
     * @param {OAuth2TrustedJwtIssuerExportOptions} options export options
     * @returns {OAuth2TrustedJwtIssuerExportInterface} export data
     */
    exportOAuth2TrustedJwtIssuer(issuerId: string, options?: OAuth2TrustedJwtIssuerExportOptions): Promise<OAuth2TrustedJwtIssuerExportInterface>;
    /**
     * Import OAuth2 Client by ID
     * @param {string} issuerId trusted jwt issuer id
     * @param {OAuth2TrustedJwtIssuerExportInterface} importData import data
     * @param {OAuth2TrustedJwtIssuerImportOptions} options import options
     * @returns {Promise<OAuth2TrustedJwtIssuerSkeleton>} a promise resolving to an oauth2 trusted jwt issuer
     */
    importOAuth2TrustedJwtIssuer(issuerId: string, importData: OAuth2TrustedJwtIssuerExportInterface, options?: OAuth2TrustedJwtIssuerImportOptions): Promise<OAuth2TrustedJwtIssuerSkeleton>;
    /**
     * Import first OAuth2 Client
     * @param {OAuth2TrustedJwtIssuerExportInterface} importData import data
     * @param {OAuth2TrustedJwtIssuerImportOptions} options import options
     * @returns {Promise<OAuth2TrustedJwtIssuerSkeleton>} a promise resolving to an oauth2 trusted jwt issuer
     */
    importFirstOAuth2TrustedJwtIssuer(importData: OAuth2TrustedJwtIssuerExportInterface, options?: OAuth2TrustedJwtIssuerImportOptions): Promise<OAuth2TrustedJwtIssuerSkeleton>;
    /**
     * Import OAuth2 Clients
     * @param {OAuth2TrustedJwtIssuerExportInterface} importData import data
     * @param {OAuth2TrustedJwtIssuerImportOptions} options import options
     * @returns {Promise<OAuth2TrustedJwtIssuerSkeleton[]>} a promise resolving to an array of oauth2 trusted jwt issuers
     */
    importOAuth2TrustedJwtIssuers(importData: OAuth2TrustedJwtIssuerExportInterface, options?: OAuth2TrustedJwtIssuerImportOptions): Promise<OAuth2TrustedJwtIssuerSkeleton[]>;
};
/**
 * OAuth2 trusted jwt issuer export options
 */
interface OAuth2TrustedJwtIssuerExportOptions {
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
}
/**
 * OAuth2 trusted jwt issuer import options
 */
interface OAuth2TrustedJwtIssuerImportOptions {
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
}
interface OAuth2TrustedJwtIssuerExportInterface {
    meta?: ExportMetaData;
    trustedJwtIssuer: Record<string, OAuth2TrustedJwtIssuerSkeleton>;
}

type Organization = {
    /**
     * Get organization managed object type
     * @returns {string} organization managed object type in this realm
     */
    getRealmManagedOrganization(): string;
    /**
     * Read all organizations
     * @returns {Promise<IdObjectSkeletonInterface[]>} promise resolving to an array of organization objects
     */
    readOrganizations(): Promise<IdObjectSkeletonInterface[]>;
};

type Policy = {
    /**
     * Create policy export template
     */
    createPolicyExportTemplate(): PolicyExportInterface;
    /**
     * Read all policies
     * @returns {Promise<PolicySkeleton>} a promise that resolves to an array of policy set objects
     */
    readPolicies(): Promise<PolicySkeleton[]>;
    /**
     * Get policies by policy set
     * @param {string} policySetId policy set id/name
     * @returns {Promise<PolicySkeleton[]>} a promise resolving to an array of policy objects
     */
    readPoliciesByPolicySet(policySetId: string): Promise<PolicySkeleton[]>;
    /**
     * Get policy
     * @param {string} policyId policy id/name
     * @returns {Promise<PolicySkeleton>} promise resolving to a policy object
     */
    readPolicy(policyId: string): Promise<PolicySkeleton>;
    /**
     * Update or create policy
     * @param {string} policyId policy id/name
     * @param {PolicySkeleton} policyData policy object
     * @returns {Promise<PolicySkeleton>} promise resolving to a policy object
     */
    createPolicy(policyId: string, policyData: PolicySkeleton): Promise<PolicySkeleton>;
    /**
     * Update or create policy
     * @param {string} policyId policy id/name
     * @param {PolicySkeleton} policyData policy object
     * @returns {Promise<PolicySkeleton>} promise resolving to a policy object
     */
    updatePolicy(policyId: string, policyData: PolicySkeleton): Promise<PolicySkeleton>;
    /**
     * Delete policy
     * @param {string} policyId policy id/name
     * @returns {Promise<PolicySkeleton>} promise resolving to a policy object
     */
    deletePolicy(policyId: string): Promise<any>;
    /**
     * Export policy
     * @param {string} policyId policy id/name
     * @returns {Promise<PolicyExportInterface>} a promise that resolves to a PolicyExportInterface object
     */
    exportPolicy(policyId: string, options?: PolicyExportOptions): Promise<PolicyExportInterface>;
    /**
     * Export policies
     * @param {PolicyExportOptions} options export options
     * @returns {Promise<PolicyExportInterface>} a promise that resolves to an PolicyExportInterface object
     */
    exportPolicies(options?: PolicyExportOptions): Promise<PolicyExportInterface>;
    /**
     * Export policies by policy set
     * @param {string} policySetName policy set id/name
     * @param {PolicyExportOptions} options export options
     * @returns {Promise<PolicyExportInterface>} a promise that resolves to an PolicyExportInterface object
     */
    exportPoliciesByPolicySet(policySetName: string, options?: PolicyExportOptions): Promise<PolicyExportInterface>;
    /**
     * Import policy by id
     * @param {string} policyId policy id
     * @param {PolicyExportInterface} importData import data
     * @param {PolicyImportOptions} options import options
     * @returns {Promise<PolicySkeleton>} imported policy object
     */
    importPolicy(policyId: string, importData: PolicyExportInterface, options?: PolicyImportOptions): Promise<PolicySkeleton>;
    /**
     * Import first policy
     * @param {PolicyExportInterface} importData import data
     * @param {PolicyImportOptions} options import options
     * @returns {Promise<PolicySkeleton>} imported policy object
     */
    importFirstPolicy(importData: PolicyExportInterface, options?: PolicyImportOptions): Promise<PolicySkeleton>;
    /**
     * Import policies
     * @param {PolicyExportInterface} importData import data
     * @param {PolicyImportOptions} options import options
     * @returns {Promise<PolicySkeleton[]>} array of imported policy objects
     */
    importPolicies(importData: PolicyExportInterface, options?: PolicyImportOptions): Promise<PolicySkeleton[]>;
};
interface PolicyExportInterface {
    meta?: ExportMetaData;
    script: Record<string, ScriptSkeleton>;
    resourcetype: Record<string, ResourceTypeSkeleton>;
    policy: Record<string, PolicySkeleton>;
    policyset: Record<string, PolicySetSkeleton>;
}
/**
 * Policy export options
 */
interface PolicyExportOptions {
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
    /**
     * Include any prerequisites (policy sets, resource types).
     */
    prereqs: boolean;
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
}
/**
 * Policy import options
 */
interface PolicyImportOptions {
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
    /**
     * Include any prerequisites (policy sets, resource types).
     */
    prereqs: boolean;
    /**
     * Import policies into different policy set
     */
    policySetName?: string;
}

type PolicySet = {
    /**
     * Create policy export template
     * @returns {PolicySetExportInterface} policy export interface
     */
    createPolicySetExportTemplate(): PolicySetExportInterface;
    /**
     * Read all policy sets
     * @returns {Promise<PolicySetSkeleton[]>} a promise that resolves to an array of policy set objects
     */
    readPolicySets(): Promise<PolicySetSkeleton[]>;
    /**
     * Read policy set
     * @param {string} policySetName policy set name
     * @returns {Promise<PolicySetSkeleton>} a promise that resolves to a policy set object
     */
    readPolicySet(policySetName: string): Promise<PolicySetSkeleton>;
    createPolicySet(policySetData: PolicySetSkeleton, policySetName?: string): Promise<PolicySetSkeleton>;
    updatePolicySet(policySetData: PolicySetSkeleton, policySetName?: string): Promise<PolicySetSkeleton>;
    deletePolicySet(policySetName: string): Promise<PolicySetSkeleton>;
    /**
     * Export policy set
     * @param {string} policySetName policy set name
     * @param {PolicySetExportOptions} options export options
     * @returns {Promise<PolicySetExportInterface>} a promise that resolves to an PolicySetExportInterface object
     */
    exportPolicySet(policySetName: string, options?: PolicySetExportOptions): Promise<PolicySetExportInterface>;
    /**
     * Export policy sets
     * @param {PolicySetExportOptions} options export options
     * @returns {Promise<PolicySetExportInterface>} a promise that resolves to an PolicySetExportInterface object
     */
    exportPolicySets(options?: PolicySetExportOptions): Promise<PolicySetExportInterface>;
    /**
     * Import policy set
     * @param {string} policySetName policy set name
     * @param {PolicySetExportInterface} importData import data
     * @param {PolicySetImportOptions} options import options
     */
    importPolicySet(policySetName: string, importData: PolicySetExportInterface, options?: PolicySetImportOptions): Promise<any>;
    /**
     * Import first policy set
     * @param {PolicySetExportInterface} importData import data
     * @param {PolicySetImportOptions} options import options
     */
    importFirstPolicySet(importData: PolicySetExportInterface, options?: PolicySetImportOptions): Promise<any>;
    /**
     * Import policy sets
     * @param {PolicySetExportInterface} importData import data
     * @param {PolicySetImportOptions} options import options
     * @returns {any[]} The imported policy sets
     */
    importPolicySets(importData: PolicySetExportInterface, options?: PolicySetImportOptions): Promise<any[]>;
};
interface PolicySetExportInterface {
    meta?: ExportMetaData;
    script: Record<string, ScriptSkeleton>;
    resourcetype: Record<string, ResourceTypeSkeleton>;
    policy: Record<string, PolicySkeleton>;
    policyset: Record<string, PolicySetSkeleton>;
}
/**
 * Application/policy set export options
 */
interface PolicySetExportOptions {
    /**
     * Include any dependencies (policies, scripts, resource types).
     */
    deps: boolean;
    /**
     * Include any prerequisites (policy sets, resource types).
     */
    prereqs: boolean;
    /**
     * Use string arrays to store multi-line text in scripts.
     */
    useStringArrays: boolean;
}
/**
 * Policy set import options
 */
interface PolicySetImportOptions {
    /**
     * Include any dependencies (policies, scripts, resource types).
     */
    deps: boolean;
    /**
     * Include any prerequisites (policy sets, resource types).
     */
    prereqs: boolean;
}

type ApiVersion = {
    protocol: string;
    resource: string;
};

type RawConfig = {
    /**
     * Exports raw configuration
     * @param {RawExportOptions} options The export options, including the path to the resource
     * @returns {Promise<IdObjectSkeletonInterface>} The raw configuration JSON object at the specified path
     */
    exportRawConfig(options: RawExportOptions): Promise<IdObjectSkeletonInterface>;
    /**
     * Imports raw configuration
     * @param {RawImportOptions} options The import options, including the path to the resource
     * @param {IdObjectSkeletonInterface} data the import data that will be pushed
     * @returns {Promise<IdObjectSkeletonInterface>} The raw configuration JSON object at the specified path
     */
    importRawConfig(options: RawImportOptions, data: IdObjectSkeletonInterface): Promise<IdObjectSkeletonInterface>;
};
/**
 * Raw config export options from fr-config-manager (https://github.com/ForgeRock/fr-config-manager/blob/main/docs/raw.md)
 */
interface RawExportOptions {
    /**
     * The URL path for the configuration object, relative to the tenant base URL
     */
    path: string;
    /**
     * An optional partial configuration object which should override the corresponding properties of the object exported from the tenant.
     */
    overrides?: IdObjectSkeletonInterface;
    /**
     * An optional object containing the properties 'protocol' and 'resource' to be used in the API version header. This allows specific values for specific configuration. The default is { protocol: "2.0". resource: "1.0" }. Only used for configuration under /am or /environment
     */
    pushApiVersion?: ApiVersion;
}
/**
 * Raw config import options from fr-config-manager (https://github.com/ForgeRock/fr-config-manager/blob/main/docs/raw.md)
 */
interface RawImportOptions {
    /**
     * The URL path for the configuration object, relative to the tenant base URL
     */
    path: string;
}

type Realm = {
    /**
     * Read all realms
     * @returns {Promise<RealmSkeleton[]>} a promise resolving to an array of realm objects
     */
    readRealms(): Promise<RealmSkeleton[]>;
    /**
     * Read realm
     * @param {string} realmId realm id
     * @returns {Promise<RealmSkeleton>} a promise resolving to a realm object
     */
    readRealm(realmId: string): Promise<RealmSkeleton>;
    /**
     * Read realm by name
     * @param {string} realmName realm name
     * @returns {Promise<RealmSkeleton>} a promise resolving to a realm object
     */
    readRealmByName(realmName: string): Promise<RealmSkeleton>;
    /**
     * Export all realms. The response can be saved to file as is.
     * @returns {Promise<RealmExportInterface>} Promise resolving to a RealmExportInterface object.
     */
    exportRealms(): Promise<RealmExportInterface>;
    /**
     * Create realm
     * @param {string} realmName realm name
     * @param {RealmSkeleton} realmData realm data
     * @returns {Promise<RealmSkeleton>} a promise resolving to a realm object
     */
    createRealm(realmName: string, realmData?: RealmSkeleton): Promise<RealmSkeleton>;
    /**
     * Update realm
     * @param {string} realmId realm id
     * @param {RealmSkeleton} realmData realm data
     * @returns {Promise<RealmSkeleton>} a promise resolving to a realm object
     */
    updateRealm(realmId: string, realmData: RealmSkeleton): Promise<RealmSkeleton>;
    /**
     * Import realms
     * @param {RealmExportInterface} importData realm import data
     * @param {string} realmId Optional realm id. If supplied, only the realm of that id is imported. Takes priority over realmName if both are provided.
     * @param {string} realmName Optional realm name. If supplied, only the realm of that name is imported.
     * @returns {Promise<RealmSkeleton[]>} the imported realms
     */
    importRealms(importData: RealmExportInterface, realmId?: string, realmName?: string): Promise<RealmSkeleton[]>;
    /**
     * Delete realm
     * @param {string} realmId realm id
     * @returns {Promise<RealmSkeleton>} a promise resolving to a realm object
     */
    deleteRealm(realmId: string): Promise<RealmSkeleton>;
    /**
     * Delete realm by name
     * @param {string} realmName realm name
     * @returns {Promise<RealmSkeleton>} a promise resolving to a realm object
     */
    deleteRealmByName(realmName: string): Promise<RealmSkeleton>;
    /**
     * Add custom DNS domain name (realm DNS alias)
     * @param {string} realmName realm name
     * @param {string} domain domain name
     * @returns {Promise<RealmSkeleton>} a promise resolving to a realm object
     */
    addCustomDomain(realmName: string, domain: string): Promise<RealmSkeleton>;
    /**
     * Remove custom DNS domain name (realm DNS alias)
     * @param {string} realmName realm name
     * @param {string} domain domain name
     * @returns {Promise<RealmSkeleton>} a promise resolving to a realm object
     */
    removeCustomDomain(realmName: string, domain: string): Promise<RealmSkeleton>;
};
interface RealmExportInterface {
    meta?: ExportMetaData;
    realm: Record<string, RealmSkeleton>;
}

type ReconType = IdObjectSkeletonInterface & {
    mapping: string;
    state: 'SUCCESS' | string;
    stage: 'COMPLETED_SUCCESS' | string;
    stageDescription: string;
    progress: {
        source: {
            existing: {
                processed: number;
                total: string;
            };
        };
        target: {
            existing: {
                processed: number;
                total: string;
            };
            created: number;
            unchanged: number;
            updated: number;
            deleted: number;
        };
        links: {
            existing: {
                processed: number;
                total: string;
            };
            created: number;
        };
    };
    situationSummary: {
        SOURCE_IGNORED: number;
        TARGET_CHANGED: number;
        SOURCE_TARGET_CONFLICT: number;
        FOUND_ALREADY_LINKED: number;
        UNQUALIFIED: number;
        ABSENT: number;
        TARGET_IGNORED: number;
        MISSING: number;
        ALL_GONE: number;
        UNASSIGNED: number;
        AMBIGUOUS: number;
        CONFIRMED: number;
        LINK_ONLY: number;
        SOURCE_MISSING: number;
        FOUND: number;
    };
    statusSummary: {
        SUCCESS: number;
        FAILURE: number;
    };
    durationSummary: {
        sourceQuery: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
        auditLog: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
        defaultPropertyMapping: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
        sourceLinkQuery: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
        updateTargetObject: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
        propertyMappingScript: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
        updateLastSync: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
        targetObjectQuery: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
        sourcePhase: {
            min: number;
            max: number;
            mean: number;
            count: number;
            sum: number;
            stdDev: number;
        };
    };
    parameters: {
        sourceIds: [string];
        sourceQuery: {
            resourceName: string;
            _queryFilter: string;
            _fields: string;
        };
        targetQuery: {
            resourceName: string;
            queryFilter: string;
            _fields: string;
        };
    };
    started: string;
    ended: string;
    duration: number;
    sourceProcessedByNode: object;
};
type ReconStatusType = IdObjectSkeletonInterface & {
    state: 'ACTIVE' | string;
    action: 'cancel' | string;
    status: 'INITIATED' | string;
};

type Recon = {
    /**
     * Read all reconciliation runs
     * @returns {Promise<ReconType[]>} a promise resolving to an array of recon objects
     */
    readRecons(): Promise<ReconType[]>;
    /**
     * Read recon
     * @param {string} reconId id of the recon
     * @returns {Promise<ReconType>} a promise resolving to a recon object
     */
    readRecon(reconId: string): Promise<ReconType>;
    /**
     * Start a reconciliation
     * @param {string} mappingName mapping to reconcile
     * @returns {Promise<ReconStatusType>} a promise resolving to a recon status object
     */
    startRecon(mappingName: string): Promise<ReconStatusType>;
    /**
     * Start a reconciliation by Id
     * @param {string} mappingName mapping to reconcile
     * @param {string} objectId id of object to reconcile
     * @returns {Promise<ReconStatusType>} a promise resolving to a recon status object
     */
    startReconById(mappingName: string, objectId: string): Promise<ReconStatusType>;
    /**
     * Cancel a reconciliation
     * @param {string} reconId id of the recon to cancel
     * @returns {Promise<ReconStatusType>} a promise resolving to a recon status object
     */
    cancelRecon(reconId: string): Promise<ReconStatusType>;
};

type ResourceType = {
    /**
     * Read resource type
     * @param resourceTypeUuid resource type uuid
     * @returns {Promise<ResourceTypeSkeleton>} a promise that resolves to a resource type object
     */
    readResourceType(resourceTypeUuid: string): Promise<ResourceTypeSkeleton>;
    /**
     * Read all resource types
     * @returns {Promise<ResourceTypeSkeleton[]>} a promise that resolves to an array of resource type objects
     */
    readResourceTypes(): Promise<ResourceTypeSkeleton[]>;
    /**
     * Read resource type by name
     * @param {string} resourceTypeName resource type name
     * @returns {Promise<ResourceTypeSkeleton>} a promise that resolves to a resource type object
     */
    readResourceTypeByName(resourceTypeName: string): Promise<ResourceTypeSkeleton>;
    /**
     * Create resource type
     * @param resourceTypeData resource type data
     * @param resourceTypeUuid resource type uuid
     * @returns {Promise<ResourceTypeSkeleton>} a promise that resolves to a resource type object
     */
    createResourceType(resourceTypeData: ResourceTypeSkeleton, resourceTypeUuid?: string): Promise<ResourceTypeSkeleton>;
    /**
     * Update resource type
     * @param {string} resourceTypeData resource type data
     * @returns {Promise<ResourceTypeSkeleton>} a promise that resolves to a resource type object
     */
    updateResourceType(resourceTypeUuid: string, resourceTypeData: ResourceTypeSkeleton): Promise<ResourceTypeSkeleton>;
    /**
     * Delete resource type
     * @param {string} resourceTypeUuid resource type uuid
     * @returns {Promise<ResourceTypeSkeleton>} Promise resolvig to a resource type object
     */
    deleteResourceType(resourceTypeUuid: string): Promise<ResourceTypeSkeleton>;
    /**
     * Delete resource type by name
     * @param {string} resourceTypeName resource type name
     * @returns {Promise<ResourceTypeSkeleton>} Promise resolvig to a resource type object
     */
    deleteResourceTypeByName(resourceTypeName: string): Promise<ResourceTypeSkeleton>;
    /**
     * Export resource type
     * @param {string} resourceTypeUuid resource type uuid
     * @returns {Promise<ResourceTypeExportInterface>} a promise that resolves to an ResourceTypeExportInterface object
     */
    exportResourceType(resourceTypeUuid: string): Promise<ResourceTypeExportInterface>;
    /**
     * Export resource type by name
     * @param {string} resourceTypeName resource type name
     * @returns {Promise<ResourceTypeExportInterface>} a promise that resolves to an ResourceTypeExportInterface object
     */
    exportResourceTypeByName(resourceTypeName: string): Promise<ResourceTypeExportInterface>;
    /**
     * Export resource types
     * @returns {Promise<ResourceTypeExportInterface>} a promise that resolves to an ResourceTypeExportInterface object
     */
    exportResourceTypes(): Promise<ResourceTypeExportInterface>;
    /**
     * Import resource type by uuid
     * @param {string} resourceTypeUuid client uuid
     * @param {ResourceTypeExportInterface} importData import data
     */
    importResourceType(resourceTypeUuid: string, importData: ResourceTypeExportInterface): Promise<any>;
    /**
     * Import resource type by name
     * @param {string} resourceTypeName client id
     * @param {ResourceTypeExportInterface} importData import data
     */
    importResourceTypeByName(resourceTypeName: string, importData: ResourceTypeExportInterface): Promise<any>;
    /**
     * Import first resource type
     * @param {ResourceTypeExportInterface} importData import data
     */
    importFirstResourceType(importData: ResourceTypeExportInterface): Promise<any>;
    /**
     * Import resource types
     * @param {ResourceTypeExportInterface} importData import data
     */
    importResourceTypes(importData: ResourceTypeExportInterface): Promise<any[]>;
};
interface ResourceTypeExportInterface {
    meta?: ExportMetaData;
    resourcetype: Record<string, ResourceTypeSkeleton>;
}

type Saml2 = {
    /**
     * Read all SAML2 entity provider stubs
     * @returns {Promise<Saml2ProviderStub[]>} a promise that resolves to an array of saml2 entity stubs
     */
    readSaml2ProviderStubs(): Promise<Saml2ProviderStub[]>;
    /**
     *
     * @param {string} entityId Provider entity id
     * @returns {Promise<Saml2ProviderStub>} Promise resolving to a Saml2ExportInterface object.
     */
    readSaml2ProviderStub(entityId: string): Promise<Saml2ProviderStub>;
    /**
     * Export a single entity provider. The response can be saved to file as is.
     * @param {string} entityId Provider entity id
     * @returns {Promise<Saml2ProviderSkeleton>} Promise resolving to a Saml2ExportInterface object.
     */
    readSaml2Provider(entityId: string): Promise<Saml2ProviderSkeleton>;
    /**
     * Create a SAML2 entity provider
     * @param {Saml2ProiderLocation} location 'hosted' or 'remote'
     * @param {Saml2ProviderSkeleton} providerData Object representing a SAML entity provider
     * @param {string} metaData Base64-encoded metadata XML. Only required for remote providers
     * @returns {Promise<Saml2ProviderSkeleton>} a promise that resolves to a saml2 entity provider object
     */
    createSaml2Provider(location: Saml2ProiderLocation, providerData: Saml2ProviderSkeleton, metaData: string): Promise<Saml2ProviderSkeleton>;
    /**
     * Update SAML2 entity provider
     * @param {Saml2ProiderLocation} location Entity provider location (hosted or remote)
     * @param {string} entityId SAML2 entity id
     * @param {Saml2ProviderSkeleton} providerData Object representing a SAML entity provider
     * @returns {Promise<Saml2ProviderSkeleton>} a promise that resolves to a saml2 entity provider object
     */
    updateSaml2Provider(location: Saml2ProiderLocation, providerData: Saml2ProviderSkeleton, entityId?: string): Promise<Saml2ProviderSkeleton>;
    /**
     * Delete an entity provider. The response can be saved to file as is.
     * @param {string} entityId Provider entity id
     * @returns {Promise<Saml2ProviderSkeleton>} Promise resolving to a Saml2ExportInterface object.
     */
    deleteSaml2Provider(entityId: string): Promise<Saml2ProviderSkeleton>;
    /**
     * Delete all entity providers.
     * @returns {Promise<Saml2ProviderSkeleton[]>} Promise resolving to an array of Saml2ProviderSkeleton objects.
     */
    deleteSaml2Providers(): Promise<Saml2ProviderSkeleton[]>;
    /**
     * Get a SAML2 entity provider's metadata URL by entity id
     * @param {string} entityId SAML2 entity id
     * @returns {string} the URL to get the metadata from
     */
    getSaml2ProviderMetadataUrl(entityId: string): string;
    /**
     * Get a SAML2 entity provider's metadata by entity id
     * @param {string} entityId SAML2 entity id
     * @returns {Promise<object>} a promise that resolves to an object containing a SAML2 metadata
     */
    getSaml2ProviderMetadata(entityId: string): Promise<any>;
    /**
     * Export a single entity provider. The response can be saved to file as is.
     * @param {string} entityId Provider entity id
     * @param {Saml2EntitiesExportOptions} options export options
     * @returns {Promise<Saml2ExportInterface>} Promise resolving to a Saml2ExportInterface object.
     */
    exportSaml2Provider(entityId: string, options?: Saml2EntitiesExportOptions): Promise<Saml2ExportInterface>;
    /**
     * Export all entity providers. The response can be saved to file as is.
     * @param {Saml2EntitiesExportOptions} options export options
     * @returns {Promise<Saml2ExportInterface>} Promise resolving to a Saml2ExportInterface object.
     */
    exportSaml2Providers(options?: Saml2EntitiesExportOptions): Promise<Saml2ExportInterface>;
    /**
     * Import a SAML entity provider
     * @param {string} entityId Provider entity id
     * @param {Saml2ExportInterface} importData Import data
     * @param {Saml2EntitiesImportOptions} options import options
     * @returns {Promise<Saml2ProviderSkeleton>} a promise resolving to a provider object
     */
    importSaml2Provider(entityId: string, importData: Saml2ExportInterface, options?: Saml2EntitiesImportOptions): Promise<Saml2ProviderSkeleton>;
    /**
     * Import SAML entity providers
     * @param {Saml2ExportInterface} importData Import data
     * @param {Saml2EntitiesImportOptions} options import options
     * @returns {Promise<Saml2ProviderSkeleton[]>} a promise resolving to an array of provider objects
     */
    importSaml2Providers(importData: Saml2ExportInterface, options?: Saml2EntitiesImportOptions): Promise<Saml2ProviderSkeleton[]>;
};
interface Saml2EntitiesImportOptions {
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
}
interface Saml2EntitiesExportOptions {
    /**
     * Include any dependencies (scripts).
     */
    deps: boolean;
}
interface Saml2ExportInterface {
    meta?: ExportMetaData;
    script: Record<string, ScriptSkeleton>;
    saml: {
        hosted: Record<string, Saml2ProviderSkeleton>;
        remote: Record<string, Saml2ProviderSkeleton>;
        metadata: Record<string, string[]>;
    };
}

type Script = {
    /**
     * Create an empty script export template
     * @returns {ScriptExportInterface} an empty script export template
     */
    createScriptExportTemplate(): ScriptExportInterface;
    /**
     * Read all scripts
     * @returns {Promise<ScriptSkeleton[]>} a promise that resolves to an array of script objects
     */
    readScripts(): Promise<ScriptSkeleton[]>;
    /**
     * Get the names of library scripts required by the input script object
     *
     * @param {ScriptSkeleton} scriptObj the script object
     * @returns an array of required library script names
     */
    getLibraryScriptNames(scriptObj: ScriptSkeleton): string[];
    /**
     * Read script
     * @param {string} scriptId script id
     * @returns {Promise<ScriptSkeleton>} promise that resolves to a script object
     */
    readScript(scriptId: string): Promise<ScriptSkeleton>;
    /**
     * Read script by name
     * @param {string} scriptName name of the script
     * @returns {Promise<ScriptSkeleton>} promise that resolves to a script object
     */
    readScriptByName(scriptName: string): Promise<ScriptSkeleton>;
    /**
     * Create script
     * @param {string} scriptId script id
     * @param {string} scriptName name of the script
     * @param {ScriptSkeleton} scriptData script object
     * @returns {Promise<ScriptSkeleton>} a status object
     */
    createScript(scriptId: string, scriptName: string, scriptData: ScriptSkeleton): Promise<ScriptSkeleton>;
    /**
     * Create or update script
     * @param {string} scriptId script id
     * @param {ScriptSkeleton} scriptData script object
     * @returns {Promise<ScriptSkeleton>} a status object
     */
    updateScript(scriptId: string, scriptData: ScriptSkeleton): Promise<ScriptSkeleton>;
    /**
     * Delete script
     * @param {string} scriptId script id
     * @returns {Promise<ScriptSkeleton>} promise that resolves to a script object
     */
    deleteScript(scriptId: string): Promise<ScriptSkeleton>;
    /**
     * Delete script by name
     * @param {String} scriptName script name
     * @returns {Promise<ScriptSkeleton>} a promise that resolves to a script object
     */
    deleteScriptByName(scriptName: string): Promise<ScriptSkeleton>;
    /**
     * Delete all non-default scripts
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<ScriptSkeleton[]>} a promise that resolves to an array of script objects
     */
    deleteScripts(resultCallback?: ResultCallback<ScriptSkeleton>): Promise<ScriptSkeleton[]>;
    /**
     * Export all scripts
     * @param {ScriptExportOptions} options script export options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<ScriptExportInterface>} a promise that resolved to a ScriptExportInterface object
     */
    exportScripts(options?: ScriptExportOptions, resultCallback?: ResultCallback<ScriptSkeleton>): Promise<ScriptExportInterface>;
    /**
     * Export script by id
     * @param {string} scriptId script uuid
     * @param {ScriptExportOptions} options script export options
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<ScriptExportInterface>} a promise that resolved to a ScriptExportInterface object
     */
    exportScript(scriptId: string, options?: ScriptExportOptions): Promise<ScriptExportInterface>;
    /**
     * Export script by name
     * @param {string} scriptName script name
     * @param {ScriptExportOptions} options script export options
     * @returns {Promise<ScriptExportInterface>} a promise that resolved to a ScriptExportInterface object
     */
    exportScriptByName(scriptName: string, options?: ScriptExportOptions): Promise<ScriptExportInterface>;
    /**
     * Import scripts
     * @param {string} scriptId Optional id of script. If supplied, only the script of that id is imported. Takes priority over scriptName if both are provided.
     * @param {string} scriptName Optional name of script. If supplied, only the script of that name is imported
     * @param {ScriptExportInterface} importData Script import data
     * @param {ScriptImportOptions} options Script import options
     * @param {boolean} validate If true, validates Javascript scripts to ensure no errors exist in them. Default: false
     * @param {ResultCallback} resultCallback Optional callback to process individual results
     * @returns {Promise<ScriptSkeleton[]>} the imported scripts
     */
    importScripts(scriptId: string, scriptName: string, importData: ScriptExportInterface, options?: ScriptImportOptions, validate?: boolean, resultCallback?: ResultCallback<ScriptSkeleton>): Promise<ScriptSkeleton[]>;
};
interface ScriptExportInterface {
    meta?: ExportMetaData;
    script: Record<string, ScriptSkeleton>;
}
/**
 * Script import options
 */
interface ScriptImportOptions {
    /**
     * Include dependency (library) scripts in export
     */
    deps: boolean;
    /**
     * Generate new UUIDs for all scripts during import.
     */
    reUuid: boolean;
    /**
     * Include default scripts in import if true
     */
    includeDefault: boolean;
}
/**
 * Script export options
 */
interface ScriptExportOptions {
    /**
     * Include dependency (library) scripts in export
     */
    deps: boolean;
    /**
     * Include default scripts in export if true
     */
    includeDefault: boolean;
    /**
     * Use string arrays to store script code
     */
    useStringArrays: boolean;
}

type Service = {
    createServiceExportTemplate(): ServiceExportInterface;
    /**
     * Get list of services
     * @param {boolean} globalConfig true if the list of global services is requested, false otherwise. Default: false.
     */
    getListOfServices(globalConfig?: boolean): Promise<AmServiceSkeleton[]>;
    /**
     * Get all services including their descendents.
     * @param {boolean} globalConfig true if the global service is the target of the operation, false otherwise. Default: false.
     * @returns Promise resolving to an array of services with their descendants
     */
    getFullServices(globalConfig?: boolean): Promise<FullService[]>;
    /**
     * Deletes the specified service
     * @param {string} serviceId The service to delete
     * @param {boolean} globalConfig true if the global service is the target of the operation, false otherwise. Default: false.
     */
    deleteFullService(serviceId: string, globalConfig?: boolean): Promise<AmServiceSkeleton>;
    /**
     * Deletes all services
     * @param {boolean} globalConfig true if the global service is the target of the operation, false otherwise. Default: false.
     */
    deleteFullServices(globalConfig?: boolean): Promise<AmServiceSkeleton[]>;
    /**
     * Export service. The response can be saved to file as is.
     * @param serviceId service id/name
     * @param {boolean} globalConfig true if the global service is the target of the operation, false otherwise. Default: false.
     * @returns {Promise<ServiceExportInterface>} Promise resolving to a ServiceExportInterface object.
     */
    exportService(serviceId: string, globalConfig?: boolean): Promise<ServiceExportInterface>;
    /**
     * Export all services
     * @param {boolean} globalConfig true if the global service is the target of the operation, false otherwise. Default: false.
     */
    exportServices(globalConfig?: boolean): Promise<ServiceExportInterface>;
    /**
     * Imports a single service using a reference to the service and a file to read the data from. Optionally clean (remove) an existing service first
     * @param {string} serviceId The service id/name to add
     * @param {ServiceExportInterface} importData The service configuration export data to import
     * @param {ServiceImportOptions} options Import options
     * @returns {Promise<AmServiceSkeleton>} A promise resolving to a service object
     */
    importService(serviceId: string, importData: ServiceExportInterface, options: ServiceImportOptions): Promise<AmServiceSkeleton>;
    /**
     * Imports multiple services from the same file. Optionally clean (remove) existing services first
     * @param {ServiceExportInterface} importData The service configuration export data to import
     * @param {ServiceImportOptions} options Import options
     * @returns {Promise<AmServiceSkeleton[]>} A promise resolving to an array of service objects
     */
    importServices(importData: ServiceExportInterface, options: ServiceImportOptions): Promise<AmServiceSkeleton[]>;
};
interface ServiceExportInterface {
    meta?: ExportMetaData;
    service: Record<string, AmServiceSkeleton>;
}
/**
 * Service import options
 */
interface ServiceImportOptions {
    /**
     * Indicates whether to remove previously existing services of the same id before importing
     */
    clean: boolean;
    /**
     * Indicates whether to import service(s) as global services
     */
    global: boolean;
    /**
     * Indicates whether to import service(s) to the current realm
     */
    realm: boolean;
}

type SessionInfoType = {
    username: string;
    universalId: string;
    realm: string;
    latestAccessTime: string;
    maxIdleExpirationTime: string;
    maxSessionExpirationTime: string;
    properties: {
        AMCtxId: string;
        [k: string]: string;
    };
};

type Session = {
    /**
     * Get session info
     * @param {string} tokenId session token
     * @returns {Promise<SessionInfoType>} a promise resolving to a session info object
     */
    getSessionInfo(tokenId: string): Promise<SessionInfoType>;
};

type TokenCache = {
    /**
     * Get connection profiles file name
     * @returns {string} connection profiles file name
     */
    getTokenCachePath(): string;
    /**
     * Initialize token cache
     *
     * This method is called from app.ts and runs before any of the message handlers are registered.
     * Therefore none of the Console message functions will produce any output.
     */
    initTokenCache(): void;
    /**
     * Check if there are suitable tokens in the cache
     * @param {tokenType} tokenType type of token
     * @returns {Promise<boolean>} true if tokens found in cache, false otherwise
     */
    hasToken(tokenType: tokenType): Promise<boolean>;
    /**
     * Check if there are suitable user session tokens in the cache
     * @returns {Promise<boolean>} true if tokens found in cache, false otherwise
     */
    hasUserSessionToken(): Promise<boolean>;
    /**
     * Check if there are suitable user bearer tokens in the cache
     * @returns {Promise<boolean>} true if tokens found in cache, false otherwise
     */
    hasUserBearerToken(): Promise<boolean>;
    /**
     * Check if there are suitable service account bearer tokens in the cache
     * @returns {Promise<boolean>} true if tokens found in cache, false otherwise
     */
    hasSaBearerToken(): Promise<boolean>;
    /**
     * Read token
     * @param {tokenType} tokenType type of token
     * @returns {Promise<string>} token or null
     */
    readToken(tokenType: tokenType): Promise<AccessTokenMetaType | UserSessionMetaType>;
    /**
     * Read user session token
     * @returns {Promise<string>} token or null
     */
    readUserSessionToken(): Promise<UserSessionMetaType>;
    /**
     * Read user bearer token
     * @returns {Promise<string>} token or null
     */
    readUserBearerToken(): Promise<AccessTokenMetaType>;
    /**
     * Read service account bearer token
     * @returns {Promise<string>} token or null
     */
    readSaBearerToken(): Promise<AccessTokenMetaType>;
    /**
     * Save user session token for current connection
     * @returns {Promise<boolean>} true if the operation succeeded, false otherwise
     */
    saveUserSessionToken(token: UserSessionMetaType): Promise<boolean>;
    /**
     * Save user bearer token for current connection
     * @returns {Promise<boolean>} true if the operation succeeded, false otherwise
     */
    saveUserBearerToken(token: AccessTokenMetaType): Promise<boolean>;
    /**
     * Save service account bearer token for current connection
     * @returns {Promise<boolean>} true if the operation succeeded, false otherwise
     */
    saveSaBearerToken(token: AccessTokenMetaType): Promise<boolean>;
    /**
     * Save token of any type for current connection
     * @param {tokenType} tokenType type of token
     * @param {UserSessionMetaType | AccessTokenMetaType} token token object
     * @returns {Promise<boolean>} true if the operation succeeded, false otherwise
     */
    saveToken(tokenType: tokenType, token: UserSessionMetaType | AccessTokenMetaType): Promise<boolean>;
    /**
     * Purge all expired tokens from cache
     * @returns {TokenCacheInterface} purged cache
     */
    purge(): TokenCacheInterface;
    /**
     * Flush cache
     * @returns {boolean} true if the operation succeeded, false otherwise
     */
    flush(): boolean;
};
type tokenType = 'userSession' | 'userBearer' | 'pfUserBearer' | 'saBearer' | 'pfSaBearer';
interface TokenCacheInterface {
    [hostKey: string]: {
        [realmKey: string]: {
            [typeKey in tokenType]: {
                [subjectKey: string]: {
                    [expKey: string]: string;
                };
            };
        };
    };
}

type UserSkeleton = IdObjectSkeletonInterface & {
    realm: string;
    username: string;
    mail: string[];
    givenName: string[];
    objectClass: string[];
    dn: string[];
    cn: string[];
    createTimestamp: string[];
    employeeNumber: string[];
    uid: string[];
    universalid: string[];
    inetUserStatus: string[];
    sn: string[];
    telephoneNumber?: string[];
    modifyTimestamp?: string[];
    postalAddress?: string[];
};
type UserConfigSkeleton = {
    devices: {
        profile: Record<string, IdObjectSkeletonInterface>;
        trusted: Record<string, IdObjectSkeletonInterface>;
        '2fa': {
            binding: Record<string, IdObjectSkeletonInterface>;
            oath: Record<string, IdObjectSkeletonInterface>;
            push: Record<string, IdObjectSkeletonInterface>;
            webauthn: Record<string, IdObjectSkeletonInterface>;
        };
    };
    groups: Record<string, IdObjectSkeletonInterface>;
    oauth2: {
        applications: Record<string, IdObjectSkeletonInterface>;
        resources: {
            labels: Record<string, IdObjectSkeletonInterface>;
            sets: Record<string, IdObjectSkeletonInterface>;
        };
    };
    policies: Record<string, IdObjectSkeletonInterface>;
    services: Record<string, IdObjectSkeletonInterface>;
    uma: {
        auditHistory: Record<string, IdObjectSkeletonInterface>;
        pendingrequests: Record<string, IdObjectSkeletonInterface>;
        policies: Record<string, IdObjectSkeletonInterface>;
    };
};
type UserGroupSkeleton = IdObjectSkeletonInterface & {
    username: string;
    realm: string;
    universalid: string[];
    members: {
        uniqueMember: string[];
    };
    dn: string[];
    cn: string[];
    objectclass: string[];
    privileges: Record<string, boolean>[];
};

type User = {
    /**
     * Create an empty user export template
     * @returns {UserExportInterface} an empty user export template
     */
    createUserExportTemplate(): UserExportInterface;
    /**
     * Read user by id
     * @param {string} userId User id
     * @returns {Promise<UserSkeleton>} a promise that resolves to a user object
     */
    readUser(userId: string): Promise<UserSkeleton>;
    /**
     * Read all users.
     * @returns {Promise<UserSkeleton[]>} a promise that resolves to an array of user objects
     */
    readUsers(): Promise<UserSkeleton[]>;
    /**
     * Count all users in the active realm.
     * @returns {Promise<number>} exact count when supported by the backing API
     */
    countUsers(): Promise<number>;
    /**
     * Export a single user by id. The response can be saved to file as is.
     * @param {string} userId User id
     * @returns {Promise<UserExportInterface>} Promise resolving to a UserExportInterface object.
     */
    exportUser(userId: string): Promise<UserExportInterface>;
    /**
     * Export all users. The response can be saved to file as is.
     * @returns {Promise<UserExportInterface>} Promise resolving to a UserExportInterface object.
     */
    exportUsers(): Promise<UserExportInterface>;
    /**
     * Create an empty user group export template
     * @returns {UserGroupExportInterface} an empty user group export template
     */
    createUserGroupExportTemplate(): UserGroupExportInterface;
    /**
     * Read user group by id
     * @param {string} groupId Group id
     * @returns {Promise<UserGroupSkeleton>} a promise that resolves to a user group object
     */
    readUserGroup(groupId: string): Promise<UserGroupSkeleton>;
    /**
     * Read all user groups.
     * @returns {Promise<UserGroupSkeleton[]>} a promise that resolves to an array of user group objects
     */
    readUserGroups(): Promise<UserGroupSkeleton[]>;
    /**
     * Export a single user group by id. The response can be saved to file as is.
     * @param {string} groupId Group id
     * @returns {Promise<UserGroupExportInterface>} Promise resolving to a UserGroupExportInterface object.
     */
    exportUserGroup(groupId: string): Promise<UserGroupExportInterface>;
    /**
     * Export all user groups. The response can be saved to file as is.
     * @returns {Promise<UserGroupExportInterface>} Promise resolving to a UserGroupExportInterface object.
     */
    exportUserGroups(): Promise<UserGroupExportInterface>;
    /**
     * Import users and their config
     * @param {UserExportInterface} importData user import data
     * @param {string} userId Optional user id. If supplied, only the user of that id is imported.
     * @returns {Promise<UserExportSkeleton[]>} the imported users
     */
    importUsers(importData: UserExportInterface, userId?: string): Promise<UserExportSkeleton[]>;
    /**
     * Import user groups
     * @param {UserGroupExportInterface} importData user group import data
     * @param {string} groupId Optional user group id. If supplied, only the group of that id is imported.
     * @returns {Promise<UserGroupSkeleton[]>} the imported user groups
     */
    importUserGroups(importData: UserGroupExportInterface, groupId?: string): Promise<UserGroupSkeleton[]>;
};
type UserExportSkeleton = UserSkeleton & {
    config: UserConfigSkeleton;
};
interface UserExportInterface {
    meta?: ExportMetaData;
    user: Record<string, UserExportSkeleton>;
}
interface UserGroupExportInterface {
    meta?: ExportMetaData;
    userGroup: Record<string, UserGroupSkeleton>;
}

type Version = {
    getVersion(): string;
    getAllVersions(endpoints: {
        base: string;
        path: string;
    }[]): Promise<PromiseSettledResult<any>[]>;
};

type Constants = {
    DEFAULT_REALM_KEY: string;
    CLASSIC_DEPLOYMENT_TYPE_KEY: string;
    CLOUD_DEPLOYMENT_TYPE_KEY: string;
    FORGEOPS_DEPLOYMENT_TYPE_KEY: string;
    DEPLOYMENT_TYPES: string[];
    DEPLOYMENT_TYPE_REALM_MAP: {
        classic: string;
        cloud: string;
        forgeops: string;
    };
    FRODO_METADATA_ID: string;
    FRODO_CONNECTION_PROFILES_PATH_KEY: string;
    FRODO_MASTER_KEY_PATH_KEY: string;
    FRODO_MASTER_KEY_KEY: string;
    GLOSSARY_APPLICATION_OBJECT_TYPE: GlossaryObjectType;
    GLOSSARY_ENTITLEMENT_OBJECT_TYPE: GlossaryObjectType;
    GLOSSARY_ROLE_OBJECT_TYPE: GlossaryObjectType;
    RETRY_NOTHING_KEY: string;
    RETRY_EVERYTHING_KEY: string;
    RETRY_NETWORK_KEY: string;
    RETRY_STRATEGIES: string[];
};

type Base64 = {
    isBase64Encoded(input: any): boolean;
    encodeBase64(input: string, padding?: boolean): string;
    decodeBase64(input: string): string;
    decodeBase64Url(input: string): string;
    encodeBase64Url(input: string): string;
};

type FrodoCrypto = {
    /**
     * Parses a private key and returns it as an unencrypted PKCS#8 PEM encoded string
     * Supported private key formats include:
     * - PEM (both PKCS#1 and PKCS#8 variants)
     * - OpenSSH
     * - DNSSEC
     * - JWK
     * @param {string} key The private key
     * @param {string | undefined} passphrase The passphrase for the private key if it is encrypted
     * @param {string | undefined} name The name of the private key (i.e. the name of the file it came from, if applicable); used for error handling
     * @returns {string} The unencrypted PKCS#8 PEM encoded private key
     */
    convertPrivateKeyToPem(key: string, passphrase?: string, name?: string): string;
};

type ExportImport = {
    getMetadata(): ExportMetaData;
    titleCase(input: string): string;
    getRealmString(): string;
    convertBase64TextToArray(b64text: string): any[];
    convertBase64UrlTextToArray(b64UTF8Text: string): any[];
    convertTextArrayToBase64(textArray: string[]): string;
    convertTextArrayToBase64Url(textArray: string[]): any;
    validateImport(metadata: any): boolean;
    getTypedFilename(name: string, type: string, suffix?: string): string;
    getWorkingDirectory(mkdirs?: boolean): string;
    getFilePath(fileName: string, mkdirs?: boolean): string;
    /**
     * Save object to file in Frodo export format
     * @param {any} data data object
     * @param {string} identifier key of identifier in the data object
     * @param {string} filename file name
     * @param {boolean} includeMeta true to include metadata, false otherwise. Default: true
     * @param {boolean} keepModifiedProperties true to keep modified properties in the json, otherwise delete them. Default: false
     */
    saveToFile(type: string, data: object, identifier: string, filename: string, includeMeta?: boolean, keepModifiedProperties?: boolean): void;
    /**
     * Save JSON object to file
     * @param {Object} data data object
     * @param {String} filename file name
     * @param {boolean} includeMeta true to include metadata, false otherwise. Default: true
     * @param {boolean} keepRev keep the _rev key from objects. Default: false
     * @param {boolean} keepModifiedProperties true to keep modified properties in the json, otherwise delete them. Default: false
     * @return {boolean} true if successful, false otherwise
     */
    saveJsonToFile(data: object, filename: string, includeMeta?: boolean, keepRev?: boolean, keepModifiedProperties?: boolean): boolean;
    /**
     * Save text data to file
     * @param data text data
     * @param filename file name
     * @return true if successful, false otherwise
     */
    saveTextToFile(data: string, filename: string): boolean;
    /**
     * Append text data to file
     * @param {String} data text data
     * @param {String} filename file name
     */
    appendTextToFile(data: string, filename: string): void;
    /**
     * Find files by name
     * @param {string} fileName file name to search for
     * @param {boolean} fast return first result and stop search
     * @param {string} path path to directory where to start the search
     * @returns {string[]} array of found file paths relative to starting directory
     */
    findFilesByName(fileName: string, fast?: boolean, path?: string): string[];
    /**
     * find all (nested) files in a directory
     *
     * @param directory directory to search
     * @returns list of files
     */
    readFiles(directory: string): Promise<{
        path: string;
        content: string;
    }[]>;
    substituteEnvParams(input: string, reader: Reader): string;
    unSubstituteEnvParams(input: string, reader: Reader): string;
    parseUrl(href: string): any;
    /**
     * Check if a string is a valid URL
     * @param {string} urlString input string to be evaluated
     * @returns {boolean} true if a valid URL, false otherwise
     */
    isValidUrl(urlString: string): boolean;
};

type FRUtils = {
    applyNameCollisionPolicy(name: string): string;
    getRealmPath(realm: string): string;
    getCurrentRealmPath(): string;
    getCurrentRealmName(): string;
    getCurrentRealmManagedUser(): string;
    getRealmName(realm: string): string;
    getRealmUsingExportFormat(realm: string): string;
    /**
     * Gets the list of realms to be used for exports in special format.
     * e.g. if the realm is normally '/first/second', then it will return 'root-first-second'.
     */
    getRealmsForExport(): Promise<string[]>;
    /**
     * Helper that gets the normal realm name from the realm export format.
     * It reverses the format generated by getRealmsForExport.
     * e.g. if the realm is 'root-first-second', then it will return '/first/second'.
     * @param realm realm in export format
     */
    getRealmUsingExportFormat(realm: string): string;
    /**
     * Get host URL without path and query params
     * @param {string} url tenant URL with path and query params
     * @returns {string} AM host URL without path and query params
     */
    getHostUrl(url: string): string;
    /**
     * Get IDM base URL
     * @returns {string} IDM host URL without path and query params
     */
    getIdmBaseUrl(): string;
    /**
     * Get host URL without path and query params
     * @param {string} url tenant URL with path and query params
     * @returns {string} AM host URL without path and query params
     * @deprecated since v2.1.2 use {@link FRUtils.getHostUrl | getHostUrl} instead
     * ```javascript
     * getHostUrl(url: string): string
     * ```
     * @group Deprecated
     */
    getHostBaseUrl(url: string): string;
};

type FrodoUtils = {
    /**
     * Get the Frodo home directory path.
     * @returns {string} absolute path to the Frodo home directory
     */
    getFrodoHome(): string;
};

interface MethodParam {
    name: string;
    type: string;
    description: string;
}
interface MethodHelpDoc {
    typeName: string;
    methodName: string;
    /** Full TypeScript signature without the trailing semicolon */
    signature: string;
    description: string;
    params: MethodParam[];
    returns: string;
}

type HelpUtils = {
    /**
     * Get all generated help metadata entries.
     * @returns {MethodHelpDoc[]} help metadata entries
     */
    getHelpMetadata(): MethodHelpDoc[];
    /**
     * Get generated help metadata entries by method name.
     * @param {string} methodName method name
     * @returns {MethodHelpDoc[]} matching help metadata entries
     */
    getHelpMetadataByMethod(methodName: string): MethodHelpDoc[];
};

type Json = {
    /**
     * Compare two json objects
     * @param {object} obj1 object 1
     * @param {object} obj2 object 2
     * @param {string[]} ignoreKeys array of keys to ignore in comparison
     * @returns {boolean} true if the two json objects have the same length and all the properties have the same value
     */
    isEqualJson(obj1: object, obj2: object, ignoreKeys?: string[]): boolean;
    /**
     * Deep delete keys and their values from an input object. If a key in object contains substring, the key an its value is deleted.
     * @param {Object} object input object that needs keys removed
     * @param {String} substring substring to search for in key
     * @returns the modified object without the matching keys and their values
     */
    deleteDeepByKey(object: any, substring: any): any;
    /**
     * Deep clone object
     * @param {any} obj object to deep clone
     * @returns {any} new object cloned from obj
     */
    cloneDeep(obj: any): any;
    /**
     * Deep merge two objects
     * @param obj1 first object
     * @param obj2 second object
     * @returns merged first and second object
     */
    mergeDeep(obj1: any, obj2: any): any;
    /**
     * Get all paths for an object
     * @param {any} o object
     * @param {string} prefix prefix (path calculated up to this point). Only needed for recursion or to add a global prefix to all paths.
     * @param {string} delim delimiter used to separate elements of the path. Default is '.'.
     * @returns {string[]} an array of paths
     */
    getPaths(o: any, prefix?: string, delim?: string): string[];
    findInArray(objs: any[], predicate: any): any;
    get(obj: any, path: string[], defaultValue?: any): any;
    put(obj: any, value: any, path: string[]): any;
    /**
     * Deterministic stringify
     * @param {any} obj json object to stringify deterministically
     * @returns {string} stringified json object
     */
    stringify(obj: any): string;
};

type ScriptValidation = {
    validateScriptHooks(jsonData: object): void;
    validateScript(scriptData: ScriptSkeleton): void;
    validateJs(javascriptSource: string): void;
    areScriptHooksValid(jsonData: object): boolean;
    isScriptValid(scriptData: ScriptSkeleton): boolean;
    isValidJs(javascriptSource: string): boolean;
};

/**
 * Frodo Library
 */
type Frodo = {
    state: State;
    admin: Admin;
    agent: Agent;
    am: {
        config: AmConfig;
    };
    app: Application;
    authn: {
        journey: Journey;
        node: Node;
        settings: AuthenticationSettings;
    };
    authz: {
        policy: Policy;
        policySet: PolicySet;
        resourceType: ResourceType;
    };
    cloud: EsvCount & {
        adminFed: AdminFederation;
        env: EnvAIAgent & EnvContentSecurityPolicy & EnvCookieDomains & EnvCustomDomains & EnvDirectConfigurationSession & EnvFederationEnforcement & EnvRelease & EnvServiceAccountScopes & EnvSSOCookieConfig & {
            cert: EnvCertificate;
            csr: EnvCSR;
            promotion: EnvPromotion;
        };
        /**
         * @deprecated since v2.0.4 use {@link frodo.cloud.getEsvCount | frodo.cloud.getEsvCount} instead
         */
        esvCount: EsvCount;
        feature: Feature;
        iga: {
            certificationTemplate: CertificationTemplate;
            event: IgaEvent;
            glossary: Glossary;
            requestForm: RequestForm;
            requestType: RequestType;
            workflow: Workflow;
        };
        log: Log;
        secret: Secret;
        serviceAccount: ServiceAccount;
        startup: Startup;
        variable: Variable;
        wsfed: WSFed;
    };
    config: Config;
    conn: ConnectionProfile;
    cache: TokenCache;
    email: {
        template: EmailTemplate;
    };
    factory: ApiFactory;
    idm: {
        config: IdmConfig;
        connector: Connector;
        crypto: IdmCrypto;
        managed: ManagedObject;
        mapping: Mapping;
        organization: Organization;
        recon: Recon;
        script: IdmScript;
        system: IdmSystem;
    };
    info: Info;
    login: Authenticate;
    oauth2oidc: {
        client: OAuth2Client;
        endpoint: OAuth2Oidc;
        external: Idp;
        provider: OAuth2Provider;
        issuer: OAuth2TrustedJwtIssuer;
    };
    rawConfig: RawConfig;
    realm: Realm;
    role: InternalRole;
    saml2: {
        circlesOfTrust: CirclesOfTrust;
        entityProvider: Saml2;
    };
    script: Script;
    scriptType: ScriptType;
    server: Server;
    secretStore: SecretStore;
    service: Service;
    session: Session;
    site: Site;
    theme: Theme;
    user: User;
    utils: FRUtils & FrodoUtils & HelpUtils & ScriptValidation & ExportImport & Base64 & {
        constants: Constants;
        crypto: FrodoCrypto;
        jose: Jose;
        json: Json;
        version: Version;
    };
    /**
     * Create a new frodo instance
     * @param {StateInterface} config Initial state configuration to use with the new instance
     * @returns {Frodo} frodo instance
     */
    createInstance(config: StateInterface): Frodo;
    /**
     * Factory helper to create a frodo instance ready for logging in with an admin user account
     * @param {string} host host base URL, e.g. 'https://openam-my-tenant.forgeblocks.com/am'
     * @param {string} username admin account username
     * @param {string} password admin account password
     * @param {string} realm (optional) override default realm
     * @param {string} deploymentType (optional) override deployment type ('cloud', 'forgeops', or 'classic')
     * @param {boolean} allowInsecureConnection (optional) allow insecure connection
     * @param {boolean} debug (optional) enable debug output
     * @param {boolean} curlirize (optional) enable output of all library REST calls as curl commands
     * @returns {Frodo} frodo instance
     */
    createInstanceWithAdminAccount(host: string, username: string, password: string, realm?: string, deploymentType?: string, allowInsecureConnection?: boolean, debug?: boolean, curlirize?: boolean): Frodo;
    /**
     * Factory helper to create a frodo instance ready for logging in with a service account
     * @param {string} host host base URL, e.g. 'https://openam-my-tenant.forgeblocks.com/am'
     * @param {string} serviceAccountId service account uuid
     * @param {string} serviceAccountJwkStr service account JWK as stringified JSON
     * @param {string} realm (optional) override default realm
     * @param {string} deploymentType (optional) override deployment type ('cloud', 'forgeops', or 'classic')
     * @param {boolean} allowInsecureConnection (optional) allow insecure connection
     * @param {boolean} debug (optional) enable debug output
     * @param {boolean} curlirize (optional) enable output of all library REST calls as curl commands
     * @returns {Frodo} frodo instance
     */
    createInstanceWithServiceAccount(host: string, serviceAccountId: string, serviceAccountJwkStr: string, realm?: string, deploymentType?: string, allowInsecureConnection?: boolean, debug?: boolean, curlirize?: boolean): Frodo;
    /**
     * Factory helper to create a frodo instance ready for logging in with Amster credentials
     * @param {string} host host base URL, e.g. 'https://am.example.com:8443/am'
     * @param {string} amsterPrivateKey the pem encoded private key used to authenticate with Amster
     * @param {string} authenticationService (optional) the authentication service used to authenticate with Amster (default: 'amsterService')
     * @param {string} realm (optional) override default realm
     * @param {string} deploymentType (optional) override deployment type ('cloud', 'forgeops', or 'classic')
     * @param {boolean} allowInsecureConnection (optional) allow insecure connection
     * @param {boolean} debug (optional) enable debug output
     * @param {boolean} curlirize (optional) enable output of all library REST calls as curl commands
     * @returns {Frodo} frodo instance
     */
    createInstanceWithAmsterAccount(host: string, amsterPrivateKey: string, authenticationService?: string, realm?: string, deploymentType?: string, allowInsecureConnection?: boolean, debug?: boolean, curlirize?: boolean): Frodo;
};
/**
 * Default frodo instance
 *
 * @remarks
 *
 * If your application requires a single connection to a ForgeRock Identity Platform
 * instance at a time, then this default instance is all you need:
 *
 * In order to use the default {@link Frodo | frodo} instance, you must populate its {@link State | state} with the
 * minimum required information to login to your ForgeRock Identity Platform instance:
 *
 * ```javascript
 * // configure the state before invoking any library functions that require credentials
 * state.setHost('https://instance0/am');
 * state.setUsername('admin');
 * state.setPassword('p@ssw0rd!');
 *
 * // now the library can login
 * frodo.login.getTokens();
 *
 * // and perform operations
 * frodo.authn.journey.exportJourney('Login');
 * ```
 *
 * If your application needs to connect to multiple ForgeRock Identity Platform instances
 * simultaneously, then you will want to create additional frodo instances using any of
 * the available factory methods accessible from the default instance:
 *
 * {@link frodo.createInstance}
 * ```javascript
 * // use factory method to create a new Frodo instance
 * const instance1 = frodo.createInstance({
 *    host: 'https://instance1/am',
 *    username: 'admin',
 *    password: 'p@ssw0rd!',
 * });
 *
 * // now the instance can login
 * instance1.login.getTokens();
 *
 * // and perform operations
 * instance1.authn.journey.exportJourney('Login');
 * ```
 *
 * {@link frodo.createInstanceWithAdminAccount}
 * ```javascript
 * // use factory method to create a new Frodo instance ready to login with an admin user account
 * const instance2 = frodo.createInstanceWithAdminAccount(
 *   'https://instance2/am',
 *   'admin',
 *   'p@ssw0rd!'
 * );
 *
 * // now the instance can login
 * instance2.login.getTokens();
 *
 * // and perform operations
 * instance2.authn.journey.exportJourney('Login');
 * ```
 *
 * {@link frodo.createInstanceWithServiceAccount}
 * ```javascript
 * // use factory method to create a new Frodo instance ready to login with a service account
 * const instance3 = frodo.createInstanceWithServiceAccount(
 *   'https://instance3/am',
 *   'serviceAccount',
 *   '{"k":"jwk"}'
 * );
 *
 * // now the instance can login
 * instance3.login.getTokens();
 *
 * // and perform operations
 * instance3.authn.journey.exportJourney('Login');
 * ```
 *
 * {@link frodo.createInstanceWithAmsterAccount}
 * ```javascript
 * // use factory method to create a new Frodo instance ready to login with Amster account
 * const instance4 = frodo.createInstanceWithAmsterAccount(
 *   'https://instance4/am',
 *   '-----BEGIN PRIVATE KEY-----\nMIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCVPUZaHCRHu9i3\n...',
 *   'amsterService'
 * );
 *
 * // now the instance can login
 * instance4.login.getTokens();
 *
 * // and perform AM operations
 * instance4.authn.journey.exportJourney('Login');
 * ```
 */
declare const frodo: Frodo;
/**
 * Default state instance
 *
 * @remarks
 *
 * {@link Frodo} maintains a {@link State | state} for each instance. The state is where Frodo gets configuration
 * information from like host to connecto to, username and password to use, whether to
 * allow insecure connections or not, etc. As the library operates, it updates its state.
 *
 * The default frodo instance contains an empty state instance by default. In order to
 * use the default frodo instance, you must populate its state with the minimum required
 * information to login to your ForgeRock Identity Platform instance:
 *
 * ```javascript
 * // configure the state before invoking any library functions that require credentials
 * state.setHost('https://instance0/am');
 * state.setUsername('admin');
 * state.setPassword('p@ssw0rd!');
 *
 * // now the library can login
 * frodo.login.getTokens();
 *
 * // and perform operations
 * frodo.authn.journey.exportJourney('Login');
 * ```
 */
declare const state: State;

/**
 * Defines the canonical type contracts used by the MCP capability layer.
 *
 * @remarks
 * This module is intentionally declarative. It provides the shared vocabulary for
 * capability discovery, policy filtering, and runtime registration so each layer
 * can evolve independently without breaking shape compatibility.
 */
/**
 * Normalized operation kinds inferred from Frodo methods or explicitly supplied by
 * metadata in future registry manifests.
 */
type McpCapabilityOperationType = 'create' | 'count' | 'read' | 'update' | 'delete' | 'search' | 'list' | 'export' | 'import' | 'special';
/**
 * Risk classification used by policy presets and launch-time exposure controls.
 */
type McpCapabilityRiskClass = 'low' | 'medium' | 'high' | 'critical';
/**
 * High-level classification of whether a capability maps to the generic MCP tool
 * surface or must be exposed as a domain-specific operation.
 */
type McpCapabilityKind = 'generic' | 'special';
/**
 * Deployment families that can be used to constrain capability exposure.
 */
type McpDeploymentType = 'cloud' | 'classic' | 'forgeops' | 'any';
/**
 * MCP tool behavior hints that clients and models may use during tool selection.
 */
type McpToolAnnotations = {
    readOnlyHint: boolean;
    destructiveHint: boolean;
    idempotentHint: boolean;
    openWorldHint: boolean;
};
/**
 * Argument-shape contract surfaced to MCP callers for a capability.
 */
type McpCapabilityArgumentMode = 'none' | 'positional' | 'named' | 'mixed';
/**
 * Lightweight JSON-schema-style contract for a structured MCP parameter value.
 *
 * @remarks
 * This intentionally supports only the subset needed for agent guidance and
 * runtime validation.
 */
type McpCapabilityParameterSchema = {
    type?: 'string' | 'number' | 'integer' | 'boolean' | 'object' | 'array';
    description?: string;
    enum?: unknown[];
    properties?: Record<string, McpCapabilityParameterSchema>;
    required?: string[];
    additionalProperties?: boolean;
    items?: McpCapabilityParameterSchema;
};
/**
 * Parameter definition for a capability exposed through discovery metadata.
 */
type McpCapabilityParameter = {
    name: string;
    type: string;
    required?: boolean;
    position?: number;
    description?: string;
    /** Optional MCP-side default applied when the caller omits this parameter. */
    defaultValue?: unknown;
    /** Optional schema contract for structured or enum-like parameter values. */
    schema?: McpCapabilityParameterSchema;
    /** Optional example values surfaced in discovery and validation errors. */
    examples?: unknown[];
};
/**
 * Optional selector that disambiguates multiple capabilities sharing the same
 * generic `(operationType, domain, objectType)` tuple.
 */
type McpCapabilityScope = 'single' | 'bulk';
/**
 * Canonical capability descriptor produced by inventory/registry builders.
 */
type McpCapabilityDescriptor = {
    id: string;
    toolName: string;
    methodName: string;
    modulePath: string[];
    domain: string;
    objectType: string;
    operationType: McpCapabilityOperationType;
    /** Optional MCP-facing argument contract for this capability. */
    argumentMode?: McpCapabilityArgumentMode;
    /** Optional ordered/named parameter metadata for this capability. */
    parameters?: McpCapabilityParameter[];
    /** Optional selector value used to disambiguate generic capabilities. */
    scope?: McpCapabilityScope;
    /** Whether the generic tool supports realm override for this capability. */
    supportsRealm?: boolean;
    /** Whether the generic tool supports paging hints for this capability. */
    supportsPaging?: boolean;
    /** Whether the generic tool supports includeTotal for this capability. */
    supportsIncludeTotal?: boolean;
    kind: McpCapabilityKind;
    riskClass: McpCapabilityRiskClass;
    mutating: boolean;
    destructive: boolean;
    /** Deployment families where this capability is functional. Defaults to `['any']`. */
    deploymentTypes: McpDeploymentType[];
    /**
     * Deployment families where this capability is the preferred/optimal choice.
     * Set from {@link OperationCapabilityMeta.preferredDeploymentTypes} when available;
     * absent when no explicit preference has been declared.
     */
    preferredDeploymentTypes?: McpDeploymentType[];
    /**
     * Identity surface this capability operates on.
     * Set from {@link OperationCapabilityMeta.identitySurface} when available.
     */
    identitySurface?: McpIdentitySurface;
    /**
     * Glob-style object type patterns this capability applies to.
     * Set from {@link OperationCapabilityMeta.objectTypePatterns} when available.
     */
    objectTypePatterns?: string[];
    /** Optional human-readable note surfaced in discovery and validation output. */
    notes?: string;
    requiredScopes: string[];
    annotations: McpToolAnnotations;
};
/**
 * Controls for capability inventory generation.
 */
type McpCapabilityInventoryOptions = {
    includeTopLevelDomains?: string[];
    excludeTopLevelDomains?: string[];
    includeUtils?: boolean;
};
/**
 * Policy model used to include or exclude capabilities before registration.
 */
type McpCapabilityPolicy = {
    name: string;
    allowOperationTypes?: McpCapabilityOperationType[];
    denyOperationTypes?: McpCapabilityOperationType[];
    allowRiskClasses?: McpCapabilityRiskClass[];
    denyRiskClasses?: McpCapabilityRiskClass[];
    allowDomains?: string[];
    denyDomains?: string[];
    includeSpecial?: boolean;
};
/**
 * Built-in policy preset names recognized by the baseline MCP capability layer.
 */
type McpCapabilityPolicyPresetName = 'read-only' | 'agentic' | 'standard' | 'admin';
/**
 * Identifies the identity data surface a capability operates on.
 *
 * @remarks
 * - `managed` — IDM managed objects accessed via `openidm/managed/` (cloud + forgeops only)
 * - `am-user` — AM realm users accessed via the AM REST API (all deployment types)
 * - `connector-system` — Objects in an ICF connector system via `openidm/system/` (cloud + forgeops only)
 * - `unknown` — Surface not classified
 */
type McpIdentitySurface = 'managed' | 'am-user' | 'connector-system' | 'unknown';

/**
 * Defines baseline policy presets and filtering behavior for MCP capabilities.
 *
 * @remarks
 * The intent of this module is to provide safe defaults that can be composed with
 * CLI launch profiles and explicit allow/deny overrides without changing the
 * descriptor model itself.
 */

/**
 * Built-in policy presets representing common launch safety postures.
 */
declare const MCP_POLICY_PRESETS: Record<McpCapabilityPolicyPresetName, McpCapabilityPolicy>;
/**
 * Applies capability exposure rules to a descriptor set.
 *
 * @param capabilities Candidate capabilities.
 * @param policy Policy rules used to include or exclude capabilities.
 * @returns Filtered capability set.
 */
declare function applyCapabilityPolicy(capabilities: McpCapabilityDescriptor[], policy: McpCapabilityPolicy): McpCapabilityDescriptor[];

/**
 * Builds MCP capability inventory records from a Frodo instance.
 *
 * @remarks
 * This module is a transitional registry helper. It provides deterministic
 * discovery and normalization so downstream MCP runtime code can consume a stable
 * descriptor shape while the library evolves toward richer metadata-driven
 * manifests.
 */

/**
 * Produces a normalized capability inventory by walking the provided Frodo
 * instance and inferring operation metadata from method signatures and names.
 *
 * @param frodo Frodo instance to inspect.
 * @param options Optional inventory filters.
 * @returns Sorted capability descriptors ready for policy filtering.
 */
declare function buildCapabilityInventory(frodo: Frodo, options?: McpCapabilityInventoryOptions): McpCapabilityDescriptor[];
/**
 * Infers a normalized operation type from a Frodo method name.
 *
 * @remarks
 * Frodo follows a consistent naming convention where the *singular* form reads
 * one object by id or name (`readJourney`) and the *plural* form reads all
 * objects of that type (`readJourneys`). This function maps the plural form to
 * the `list` operation type so policy filtering and tooling can reliably
 * distinguish single-object reads from collection reads without requiring
 * explicit per-method metadata.
 *
 * @param methodName Method name to classify.
 * @returns Inferred operation type.
 */
declare function inferOperationType(methodName: string): McpCapabilityOperationType;
/**
 * Infers an object type label from a method name and module path.
 *
 * @param methodName Method name to inspect.
 * @param modulePath Path of containing modules.
 * @param operationType Previously inferred operation type.
 * @returns Inferred object type or fallback token.
 */
declare function inferObjectType(methodName: string, modulePath: string[], operationType: McpCapabilityOperationType): string;
/**
 * Infers a baseline risk class from the operation and method name.
 *
 * @param operationType Inferred operation type.
 * @param methodName Method name used for keyword-based risk escalation.
 * @returns Inferred risk class.
 */
declare function inferRiskClass(operationType: McpCapabilityOperationType, methodName: string): McpCapabilityRiskClass;

/**
 * Converts a flat capability inventory into the reduced MCP tool surface.
 *
 * @remarks
 * The manifest layer is the bridge between the registry (one descriptor per
 * Frodo method) and the MCP runtime (one registered tool per unique operation
 * category). Generic CRUDS-style tools accept `domain` and `objectType`
 * parameters so the full breadth of the library is reachable via a small,
 * stable set of tool names — keeping the exposed surface well under 40 tools
 * by default while special-purpose domain operations are exposed individually.
 *
 * A built-in discovery tool is always present in every manifest, enabling
 * agents to introspect the available operation space without requiring
 * out-of-band documentation.
 *
 * Typical usage:
 * ```typescript
 * const inventory = buildCapabilityInventory(frodo);
 * const filtered  = applyCapabilityPolicy(inventory, MCP_POLICY_PRESETS['standard']);
 * const manifest  = buildToolManifest(filtered);
 * ```
 */

/** Fixed tool name for the built-in introspection/discovery tool. */
declare const DISCOVERY_TOOL_NAME: "frodo_discover";
/**
 * One `(domain, objectType)` combination supported by a generic tool.
 * Each entry corresponds to exactly one backing capability descriptor.
 */
type McpObjectTypeEntry = {
    /** Domain key the object type lives in, e.g. `'authn'`. */
    domain: string;
    /** Singular PascalCase object type label, e.g. `'Journey'`. */
    objectType: string;
    /** Id of the source {@link McpCapabilityDescriptor} that backs this entry. */
    descriptorId: string;
    /** Backing Frodo method name. */
    methodName: string;
    /** Dot-path source id of the backing descriptor. */
    sourcePath: string;
    /** MCP-facing argument mode for this entry. */
    argumentMode?: McpCapabilityArgumentMode;
    /** Optional parameter metadata for discovery and validation. */
    parameters?: McpCapabilityParameter[];
    /** Optional scope selector used to distinguish single vs bulk semantics. */
    scope?: string;
    /** Whether realm override is supported for this entry. */
    supportsRealm?: boolean;
    /** Whether paging hints are supported for this entry. */
    supportsPaging?: boolean;
    /** Whether includeTotal hints are supported for this entry. */
    supportsIncludeTotal?: boolean;
    /** Optional human-readable notes for agents. */
    notes?: string;
    /** Risk class of the backing descriptor. */
    riskClass: McpCapabilityRiskClass;
    /** MCP annotations from the backing descriptor. */
    annotations: McpToolAnnotations;
};
/**
 * Rich discovery detail for one concrete `(domain, objectType, operation)` path.
 */
type McpDiscoveryOperationDetail = {
    toolName: string;
    operationType: McpCapabilityOperationType;
    domain: string;
    objectType: string;
    descriptorId: string;
    methodName: string;
    sourcePath: string;
    argumentMode?: McpCapabilityArgumentMode;
    parameters?: McpCapabilityParameter[];
    scope?: string;
    supportsRealm?: boolean;
    supportsPaging?: boolean;
    supportsIncludeTotal?: boolean;
    notes?: string;
};
/**
 * Explicit per-object operation support matrix for agent planning.
 * This allows clients to see both supported and unsupported generic
 * operations (for example, that `authn.Journey` can be read/listed/exported
 * but is not searchable).
 */
type McpDiscoveryObjectTypeSupport = {
    domain: string;
    objectType: string;
    supportedOperations: McpCapabilityOperationType[];
    unsupportedOperations: McpCapabilityOperationType[];
};
/**
 * A single generic CRUDS-style tool in the manifest, parameterized by
 * `domain` and `objectType`. Many source descriptors collapse into one tool.
 */
type McpGenericTool = {
    /** Stable MCP tool name, e.g. `'frodo_read'`. */
    toolName: string;
    /** Operation type this tool executes. */
    operationType: McpCapabilityOperationType;
    /** Description suitable for MCP tool registration and model guidance. */
    description: string;
    /**
     * Conservative union of MCP annotations across all backed capabilities.
     * - `readOnlyHint`: `true` only when every backed capability is read-only.
     * - `destructiveHint`: `true` if any backed capability is destructive.
     * - `idempotentHint`: `true` only when every backed capability is idempotent.
     * - `openWorldHint`: always `false`.
     */
    annotations: McpToolAnnotations;
    /** Highest risk class present across all backed capabilities. */
    riskClass: McpCapabilityRiskClass;
    /** All `(domain, objectType)` pairs reachable through this tool. */
    supportedObjectTypes: McpObjectTypeEntry[];
};
/**
 * A single domain-special tool, backed by exactly one non-CRUDS descriptor.
 */
type McpSpecialTool = {
    /** MCP tool name derived from the descriptor's dot-separated path. */
    toolName: string;
    /** Domain the operation belongs to, e.g. `'authn'`. */
    domain: string;
    /** Description suitable for MCP tool registration and model guidance. */
    description: string;
    /** Original capability descriptor that backs this tool. */
    descriptor: McpCapabilityDescriptor;
};
/**
 * Entry for the built-in introspection tool.
 * Agents can invoke this to learn what object types and operations are
 * available without requiring external documentation.
 */
type McpDiscoveryEntry = {
    /** Fixed tool name — always `'frodo_discover'`. */
    toolName: typeof DISCOVERY_TOOL_NAME;
    /** Description for MCP tool registration. */
    description: string;
    /** Sorted list of all domain keys present in the manifest. */
    domains: string[];
    /**
     * Mapping from domain key to the sorted list of object type labels that
     * are reachable within that domain through generic tools.
     */
    objectTypesByDomain: Record<string, string[]>;
    /**
     * Mapping from operation type to sorted `"domain.ObjectType"` strings,
     * listing every `(domain, objectType)` pair that supports that operation.
     */
    operationsByType: Partial<Record<McpCapabilityOperationType, string[]>>;
    /**
     * Rich per-operation details for agent planning, including argument contracts
     * and scope selectors for ambiguous generic operations.
     */
    operationDetailsByType: Partial<Record<McpCapabilityOperationType, McpDiscoveryOperationDetail[]>>;
    /**
     * Explicit support matrix per `(domain, objectType)` showing which generic
     * operations are supported vs unsupported under the current policy.
     */
    objectTypeOperationSupport?: McpDiscoveryObjectTypeSupport[];
};
/**
 * The complete reduced tool surface derived from a policy-filtered capability
 * inventory.
 */
type McpToolManifest = {
    /** Generic CRUDS tools parameterized by domain and objectType. */
    genericTools: McpGenericTool[];
    /** One-per-descriptor tools for non-standard domain capabilities. */
    specialTools: McpSpecialTool[];
    /** Built-in introspection tool entry describing the available operation space. */
    discoveryTool: McpDiscoveryEntry;
    /** Number of capability descriptors that back this manifest. */
    backingDescriptorCount: number;
    /** Total exposed tool count: `genericTools.length + specialTools.length + 1`. */
    totalToolCount: number;
};
/**
 * Builds a reduced MCP tool manifest from a policy-filtered capability
 * inventory.
 *
 * @remarks
 * The caller is responsible for applying policy **before** calling this
 * function. Use {@link applyCapabilityPolicy} from `CapabilityPolicy` to
 * filter the inventory first.
 *
 * Generic capabilities (`kind === 'generic'`) are collapsed by
 * `operationType`, each producing one {@link McpGenericTool} with an
 * enumerated `supportedObjectTypes` list. Special capabilities
 * (`kind === 'special'`) produce one {@link McpSpecialTool} each. A single
 * {@link McpDiscoveryEntry} is always appended and counted in `totalToolCount`.
 *
 * @param capabilities Policy-filtered capability descriptors.
 * @returns Fully populated tool manifest ready for MCP runtime registration.
 */
declare function buildToolManifest(capabilities: McpCapabilityDescriptor[]): McpToolManifest;

/**
 * Provides a manifest-driven MCP tool runtime for executing Frodo capability
 * descriptors with request-scoped Frodo instances.
 *
 * @remarks
 * This module intentionally decouples tool selection from invocation:
 * - The registry discovers raw capabilities.
 * - The manifest collapses them into a reduced tool surface.
 * - This runtime resolves incoming tool calls back to exact descriptors and
 *   executes them against an isolated Frodo instance per request.
 *
 * The default instance resolver is service-account/admin-account aware and uses
 * the established Frodo factory helpers (`createInstance*`).
 */

/**
 * Credentials payload for a service-account request context.
 */
type McpRuntimeServiceAccountAuth = {
    /** Discriminator for service-account auth mode. */
    mode: 'service-account';
    /** AM host base URL. */
    host: string;
    /** Service account UUID. */
    serviceAccountId: string;
    /** Service account JWK, provided as JSON string or object. */
    serviceAccountJwk: string | Record<string, unknown>;
    /** Optional realm override. */
    realm?: string;
    /** Optional deployment type override. */
    deploymentType?: string;
    /** Optional insecure-connection toggle. */
    allowInsecureConnection?: boolean;
    /** Optional debug toggle. */
    debug?: boolean;
    /** Optional curlirize toggle. */
    curlirize?: boolean;
};
/**
 * Credentials payload for an admin-account request context.
 */
type McpRuntimeAdminAccountAuth = {
    /** Discriminator for admin-account auth mode. */
    mode: 'admin-account';
    /** AM host base URL. */
    host: string;
    /** Admin username. */
    username: string;
    /** Admin password. */
    password: string;
    /** Optional realm override. */
    realm?: string;
    /** Optional deployment type override. */
    deploymentType?: string;
    /** Optional insecure-connection toggle. */
    allowInsecureConnection?: boolean;
    /** Optional debug toggle. */
    debug?: boolean;
    /** Optional curlirize toggle. */
    curlirize?: boolean;
};
/**
 * Full frodo state payload for direct state-based instance creation.
 */
type McpRuntimeStateAuth = {
    /** Discriminator for direct state-config auth mode. */
    mode: 'state-config';
    /** Full state configuration passed into `frodo.createInstance`. */
    config: StateInterface;
};
/**
 * Union of supported runtime auth modes.
 */
type McpRuntimeAuth = McpRuntimeServiceAccountAuth | McpRuntimeAdminAccountAuth | McpRuntimeStateAuth;
/**
 * Execution-scoped context used to create an isolated Frodo instance.
 */
type McpRuntimeRequestContext = {
    /** Optional caller-supplied correlation id for audit/log stitching. */
    requestId?: string;
    /** Auth mode and credential payload for this request. */
    auth: McpRuntimeAuth;
};
/**
 * Generic-tool execution arguments.
 */
type McpGenericExecutionArguments = {
    /** Domain key, e.g. `authn`. */
    domain: string;
    /** Object type label, e.g. `Journey`. */
    objectType: string;
    /** Optional scope selector for ambiguous generic operations (e.g. `single` vs `bulk`). */
    scope?: string;
    /** Optional realm override applied to request-scoped auth context. */
    realm?: string;
    /** Optional requested page size hint. */
    pageSize?: number;
    /** Optional requested page offset hint. */
    pageOffset?: number;
    /** Optional requested page token/cursor hint. */
    pageToken?: string;
    /** Optional hint to request exact totals when supported. */
    includeTotal?: boolean;
    /** Optional positional args forwarded to the underlying Frodo method. */
    positionalArgs?: unknown[];
    /** Optional named args forwarded as a single object argument. */
    namedArgs?: Record<string, unknown>;
};
/**
 * Pagination metadata returned for list/search style tool calls.
 */
type McpExecutionPaginationMetadata = {
    /** Whether the result appears to be truncated/paginated. */
    isPartial: boolean;
    /** Number of rows returned when the payload is an array. */
    returnedCount?: number;
    /** Requested page size hint, if provided by caller. */
    requestedPageSize?: number;
    /** Requested page offset hint, if provided by caller. */
    requestedPageOffset?: number;
    /** Requested page token hint, if provided by caller. */
    requestedPageToken?: string;
    /** Whether caller requested exact totals. */
    includeTotalRequested?: boolean;
    /** Optional advisory warning for agent callers. */
    warning?: string;
};
/**
 * Scope metadata returned for realm-sensitive executions.
 */
type McpExecutionScopeMetadata = {
    /** Realm explicitly requested by the caller, if any. */
    requestedRealm?: string;
    /** Realm ultimately applied to request-scoped auth context. */
    appliedRealm?: string;
    /** Whether payload contents suggest a realm mismatch. */
    scopeMismatch?: boolean;
    /** Optional warning message when scope mismatch is detected. */
    warning?: string;
};
/**
 * Optional execution metadata surfaced alongside tool results.
 */
type McpExecutionResultMetadata = {
    /** Top-level JSON shape returned by the tool call. */
    topLevelType: 'array' | 'object' | 'string' | 'number' | 'boolean' | 'null' | 'undefined';
    /** Estimated serialized payload size in bytes. */
    payloadSizeBytes?: number;
    /** Human-readable payload size string. */
    payloadSizeHuman?: string;
    /** Number of items when the top-level payload is an array. */
    itemCount?: number;
    /** Top-level keys when the payload is an object. */
    objectKeys?: string[];
    /** Count summary for top-level arrays/records inside the payload. */
    fieldCounts?: Record<string, number>;
    /** Whether the payload is considered large for inline agent use. */
    isLarge?: boolean;
    /** Whether the payload was truncated by the transport layer. */
    isTruncated?: boolean;
    /** Optional advisory warning for large or truncated payloads. */
    warning?: string;
};
type McpToolExecutionMetadata = {
    /** Scope metadata for realm-sensitive calls. */
    scope?: McpExecutionScopeMetadata;
    /** Pagination metadata for list/search calls. */
    pagination?: McpExecutionPaginationMetadata;
    /** Result summary metadata for agent reasoning and large-payload handling. */
    result?: McpExecutionResultMetadata;
};
/**
 * Special-tool execution arguments.
 */
type McpSpecialExecutionArguments = {
    /** Optional positional args forwarded to the underlying Frodo method. */
    positionalArgs?: unknown[];
    /** Optional named args forwarded as a single object argument. */
    namedArgs?: Record<string, unknown>;
};
/**
 * Envelope for runtime tool execution.
 */
type McpToolExecutionRequest = {
    /** MCP tool name from the manifest. */
    toolName: string;
    /**
     * Tool arguments.
     * - Generic tools require `domain` and `objectType`.
     * - Special tools accept `positionalArgs` and/or `namedArgs`.
     * - Discovery tool ignores arguments.
     */
    arguments?: McpGenericExecutionArguments | McpSpecialExecutionArguments | Record<string, unknown>;
    /** Request-scoped context used to create an isolated Frodo instance. */
    context: McpRuntimeRequestContext;
};
/**
 * Result envelope returned by all runtime executions.
 */
type McpToolExecutionResult = {
    /** Tool name that was executed. */
    toolName: string;
    /** Descriptor id backing the execution, if applicable. */
    descriptorId?: string;
    /** Underlying method result payload. */
    data: unknown;
    /** Optional execution metadata for scope and pagination diagnostics. */
    metadata?: McpToolExecutionMetadata;
};
/**
 * Optional runtime customization hooks.
 */
type McpToolRuntimeOptions = {
    /**
     * Optional root Frodo instance used by the default resolver.
     * Defaults to the library singleton `frodo`.
     */
    frodoRoot?: Frodo;
    /**
     * Optional custom resolver that returns a request-scoped Frodo instance.
     * When omitted, {@link resolveRequestScopedFrodo} is used.
     */
    resolveFrodoForRequest?: (context: McpRuntimeRequestContext, frodoRoot: Frodo) => Frodo | Promise<Frodo>;
    /**
     * Optional heuristic threshold used to flag potentially paginated array
     * responses when no explicit pagination controls were provided.
     *
     * Defaults to `1000`.
     */
    paginationWarningThreshold?: number;
    /**
     * Optional payload size threshold used to flag large inline responses and
     * produce actionable summary metadata for agents.
     *
     * Defaults to `65536` bytes.
     */
    resultWarningThresholdBytes?: number;
};
/**
 * Manifest-backed runtime object.
 */
type McpToolRuntime = {
    /** Reduced manifest used for tool registration and discovery. */
    manifest: McpToolManifest;
    /**
     * Executes one tool invocation against a request-scoped Frodo instance.
     *
     * @param request Tool execution request.
     * @returns Normalized execution result envelope.
     */
    executeTool(request: McpToolExecutionRequest): Promise<McpToolExecutionResult>;
};
/**
 * Creates a manifest-backed MCP runtime with descriptor indexes for efficient
 * execution dispatch.
 *
 * @param manifest Reduced tool manifest created by `buildToolManifest`.
 * @param capabilities Capability descriptors that back the manifest.
 * @param options Optional runtime customization hooks.
 * @returns Runtime object capable of executing manifest tool calls.
 */
declare function createToolRuntime(manifest: McpToolManifest, capabilities: McpCapabilityDescriptor[], options?: McpToolRuntimeOptions): McpToolRuntime;
/**
 * Creates a request-scoped Frodo instance using standard factory helpers and
 * the provided auth mode.
 *
 * @param context Request-scoped runtime context.
 * @param frodoRoot Root frodo instance exposing `createInstance*` helpers.
 * @returns New request-scoped Frodo instance.
 */
declare function resolveRequestScopedFrodo(context: McpRuntimeRequestContext, frodoRoot?: Frodo): Frodo;

/**
 * Composes MCP capability inventory, policy filtering, manifest generation, and
 * runtime execution into one launch-ready service object.
 *
 * @remarks
 * This module is intentionally transport-agnostic. It prepares all data and
 * execution hooks required by both stdio and HTTP MCP transports, while leaving
 * actual transport wiring to higher layers.
 */

/**
 * Lightweight tool metadata surface suitable for MCP tool registration calls.
 */
type McpServiceToolDefinition = {
    /** Stable tool name exposed to MCP clients. */
    name: string;
    /** Human-readable tool description. */
    description: string;
    /** Optional MCP annotation hints for tool selection behavior. */
    annotations?: {
        readOnlyHint?: boolean;
        destructiveHint?: boolean;
        idempotentHint?: boolean;
        openWorldHint?: boolean;
    };
};
/**
 * Options for constructing an MCP service instance.
 */
type McpServiceOptions = {
    /**
     * Frodo instance to inspect and use as runtime factory root.
     * Defaults to the library singleton.
     */
    frodoInstance?: Frodo;
    /** Optional inventory-scoping controls (domains, utils visibility). */
    inventoryOptions?: McpCapabilityInventoryOptions;
    /** Built-in policy preset to start from. Defaults to `standard`. */
    policyPreset?: McpCapabilityPolicyPresetName;
    /** Optional override fields merged on top of the selected preset. */
    policyOverride?: Partial<McpCapabilityPolicy>;
    /** Optional runtime customization hooks. */
    runtimeOptions?: Omit<McpToolRuntimeOptions, 'frodoRoot'>;
};
/**
 * Fully composed MCP service object.
 */
type McpService = {
    /** Effective capability policy after preset + overrides are merged. */
    policy: McpCapabilityPolicy;
    /** Policy-filtered capabilities backing the current service. */
    capabilities: McpCapabilityDescriptor[];
    /** Reduced manifest consumed by transport registration code. */
    manifest: McpToolManifest;
    /** Runtime executor for tool calls. */
    runtime: McpToolRuntime;
    /**
     * Returns tool definition metadata for transport registration.
     *
     * @returns Flattened tool list including generic, special, and discovery.
     */
    listTools(): McpServiceToolDefinition[];
    /**
     * Executes one tool request.
     *
     * @param request Tool execution request envelope.
     * @returns Tool execution result envelope.
     */
    executeTool(request: McpToolExecutionRequest): Promise<McpToolExecutionResult>;
};
/**
 * Merges a built-in policy preset with caller-provided overrides.
 *
 * @param presetName Built-in preset key.
 * @param override Optional override object.
 * @returns Effective policy object.
 */
declare function composeCapabilityPolicy(presetName: McpCapabilityPolicyPresetName, override?: Partial<McpCapabilityPolicy>): McpCapabilityPolicy;
/**
 * Builds an MCP service from Frodo capabilities and policy configuration.
 *
 * @param options Service construction options.
 * @returns Composed service object with manifest and runtime hooks.
 */
declare function createMcpService(options?: McpServiceOptions): McpService;

export { FrodoError, MCP_POLICY_PRESETS, type McpCapabilityDescriptor, type McpCapabilityInventoryOptions, type McpCapabilityKind, type McpCapabilityOperationType, type McpCapabilityPolicy, type McpCapabilityPolicyPresetName, type McpCapabilityRiskClass, type McpDeploymentType, type McpDiscoveryEntry, type McpExecutionPaginationMetadata, type McpExecutionScopeMetadata, type McpGenericExecutionArguments, type McpGenericTool, type McpObjectTypeEntry, type McpRuntimeAdminAccountAuth, type McpRuntimeAuth, type McpRuntimeRequestContext, type McpRuntimeServiceAccountAuth, type McpRuntimeStateAuth, type McpService, type McpServiceOptions, type McpServiceToolDefinition, type McpSpecialExecutionArguments, type McpSpecialTool, type McpToolAnnotations, type McpToolExecutionMetadata, type McpToolExecutionRequest, type McpToolExecutionResult, type McpToolManifest, type McpToolRuntime, type McpToolRuntimeOptions, applyCapabilityPolicy, buildCapabilityInventory, buildToolManifest, composeCapabilityPolicy, createMcpService, createToolRuntime, frodo, inferObjectType, inferOperationType, inferRiskClass, resolveRequestScopedFrodo, state };
