diff --git a/docker-compose.yml b/docker-compose.yml
index a997014..98b8bca 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,18 +1,4 @@
 services:
-  autoglue:
-    # image: ghcr.io/glueops/autoglue:latest
-    build: .
-    ports:
-      - 8080:8080
-    expose:
-      - 8080
-    env_file: .env
-    environment:
-      AUTOGLUE_DATABASE_DSN: postgres://$DB_USER:$DB_PASSWORD@postgres:5432/$DB_NAME
-      AUTOGLUE_BIND_ADDRESS: 0.0.0.0
-    depends_on:
-      - postgres
-
   postgres:
     build:
       context: postgres
@@ -28,19 +14,6 @@ services:
     volumes:
       - postgres_data:/var/lib/postgresql/data
 
-  pgweb:
-    image: sosedoff/pgweb@sha256:8f1ed22e10c9da0912169b98b62ddc54930dc39a5ae07b0f1354d2a93d44c6ed
-    restart: always
-    ports:
-      - "8081:8081"
-    links:
-      - postgres:postgres
-    env_file: .env
-    environment:
-      PGWEB_DATABASE_URL: postgres://$DB_USER:$DB_PASSWORD@postgres:5432/$DB_NAME
-    depends_on:
-      - postgres
-
   mailpit:
     image: axllent/mailpit@sha256:e22dce5b36f93c77082e204a3942fb6b283b7896e057458400a4c88344c3df68
     restart: always
diff --git a/docs/docs.go b/docs/docs.go
index 8dd11f6..786f251 100644
--- a/docs/docs.go
+++ b/docs/docs.go
@@ -6,13 +6,14 @@ import "github.com/swaggo/swag/v2"
 
 const docTemplate = `{
     "schemes": {{ marshal .Schemes }},
-    "components": {"schemas":{"dto.AnnotationResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.AttachAnnotationsRequest":{"properties":{"annotation_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachBastionRequest":{"properties":{"server_id":{"type":"string"}},"type":"object"},"dto.AttachCaptainDomainRequest":{"properties":{"domain_id":{"type":"string"}},"type":"object"},"dto.AttachLabelsRequest":{"properties":{"label_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachLoadBalancerRequest":{"properties":{"load_balancer_id":{"type":"string"}},"type":"object"},"dto.AttachNodePoolRequest":{"properties":{"node_pool_id":{"type":"string"}},"type":"object"},"dto.AttachRecordSetRequest":{"properties":{"record_set_id":{"type":"string"}},"type":"object"},"dto.AttachServersRequest":{"properties":{"server_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachTaintsRequest":{"properties":{"taint_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AuthStartResponse":{"properties":{"auth_url":{"example":"https://accounts.google.com/o/oauth2/v2/auth?client_id=...","type":"string"}},"type":"object"},"dto.ClusterResponse":{"properties":{"apps_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"bastion_server":{"$ref":"#/components/schemas/dto.ServerResponse"},"captain_domain":{"$ref":"#/components/schemas/dto.DomainResponse"},"certificate_key":{"type":"string"},"control_plane_record_set":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"created_at":{"type":"string"},"glueops_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"node_pools":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array","uniqueItems":false},"provider":{"type":"string"},"random_token":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.CreateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateClusterRequest":{"properties":{"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.CreateCredentialRequest":{"properties":{"account_id":{"maxLength":32,"type":"string"},"kind":{"description":"aws_access_key, api_token, basic_auth, oauth2","type":"string"},"name":{"description":"human label","maxLength":100,"type":"string"},"provider":{"enum":["aws","cloudflare","hetzner","digitalocean","generic"],"type":"string"},"region":{"maxLength":32,"type":"string"},"schema_version":{"description":"secret schema version","minimum":1,"type":"integer"},"scope":{"description":"{\"service\":\"route53\"} or {\"arn\":\"...\"}","type":"object"},"scope_kind":{"enum":["provider","service","resource"],"type":"string"},"scope_version":{"description":"scope schema version","minimum":1,"type":"integer"},"secret":{"description":"encrypted later","type":"object"}},"required":["kind","provider","schema_version","scope","scope_kind","scope_version","secret"],"type":"object"},"dto.CreateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"required":["credential_id","domain_name"],"type":"object"},"dto.CreateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops","public"],"example":"public","type":"string"},"name":{"example":"glueops","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.CreateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.CreateRecordSetRequest":{"properties":{"name":{"description":"Name relative to domain (\"endpoint\") OR FQDN (\"endpoint.example.com\").\nServer normalizes to relative.","maxLength":253,"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"required":["name","type"],"type":"object"},"dto.CreateSSHRequest":{"properties":{"bits":{"description":"Only for RSA","type":"integer"},"comment":{"example":"deploy@autoglue","type":"string"},"name":{"type":"string"},"type":{"description":"\"rsa\" (default) or \"ed25519\"","type":"string"}},"type":"object"},"dto.CreateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.CreateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CredentialOut":{"properties":{"account_id":{"type":"string"},"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"},"schema_version":{"type":"integer"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"updated_at":{"type":"string"}},"type":"object"},"dto.DomainResponse":{"properties":{"created_at":{"type":"string"},"credential_id":{"type":"string"},"domain_name":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"organization_id":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"},"zone_id":{"type":"string"}},"type":"object"},"dto.EnqueueRequest":{"properties":{"payload":{"type":"object"},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-05T08:00:00Z","type":"string"},"type":{"example":"email.send","type":"string"}},"type":"object"},"dto.JWK":{"properties":{"alg":{"example":"RS256","type":"string"},"e":{"example":"AQAB","type":"string"},"kid":{"example":"7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345","type":"string"},"kty":{"example":"RSA","type":"string"},"n":{"type":"string"},"use":{"example":"sig","type":"string"},"x":{"type":"string"}},"type":"object"},"dto.JWKS":{"properties":{"keys":{"items":{"$ref":"#/components/schemas/dto.JWK"},"type":"array","uniqueItems":false}},"type":"object"},"dto.Job":{"properties":{"attempts":{"example":0,"type":"integer"},"created_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"id":{"example":"01HF7SZK8Z8WG1M3J7S2Z8M2N6","type":"string"},"last_error":{"example":"error message","type":"string"},"max_attempts":{"example":3,"type":"integer"},"payload":{},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"status":{"$ref":"#/components/schemas/dto.JobStatus"},"type":{"example":"email.send","type":"string"},"updated_at":{"example":"2025-11-04T09:30:00Z","type":"string"}},"type":"object"},"dto.JobStatus":{"enum":["queued|running|succeeded|failed|canceled|retrying|scheduled"],"example":"queued","type":"string","x-enum-varnames":["StatusQueued","StatusRunning","StatusSucceeded","StatusFailed","StatusCanceled","StatusRetrying","StatusScheduled"]},"dto.LabelResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.LoadBalancerResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.LogoutRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.NodePoolResponse":{"properties":{"annotations":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array","uniqueItems":false},"created_at":{"type":"string"},"id":{"type":"string"},"labels":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array","uniqueItems":false},"name":{"type":"string"},"organization_id":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"},"servers":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array","uniqueItems":false},"taints":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array","uniqueItems":false},"updated_at":{"type":"string"}},"type":"object"},"dto.PageJob":{"properties":{"items":{"items":{"$ref":"#/components/schemas/dto.Job"},"type":"array","uniqueItems":false},"page":{"example":1,"type":"integer"},"page_size":{"example":25,"type":"integer"},"total":{"example":120,"type":"integer"}},"type":"object"},"dto.QueueInfo":{"properties":{"failed":{"example":5,"type":"integer"},"name":{"example":"default","type":"string"},"pending":{"example":42,"type":"integer"},"running":{"example":3,"type":"integer"},"scheduled":{"example":7,"type":"integer"}},"type":"object"},"dto.RecordSetResponse":{"properties":{"created_at":{"type":"string"},"domain_id":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"owner":{"type":"string"},"status":{"type":"string"},"ttl":{"type":"integer"},"type":{"type":"string"},"updated_at":{"type":"string"},"values":{"description":"[]string JSON","type":"object"}},"type":"object"},"dto.RefreshRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.ServerResponse":{"properties":{"created_at":{"type":"string"},"hostname":{"type":"string"},"id":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SetKubeconfigRequest":{"properties":{"kubeconfig":{"type":"string"}},"type":"object"},"dto.SshResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SshRevealResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_key":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.TaintResponse":{"properties":{"created_at":{"type":"string"},"effect":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.TokenPair":{"properties":{"access_token":{"example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij...","type":"string"},"expires_in":{"example":3600,"type":"integer"},"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf....","type":"string"},"token_type":{"example":"Bearer","type":"string"}},"type":"object"},"dto.UpdateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateClusterRequest":{"properties":{"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.UpdateCredentialRequest":{"properties":{"account_id":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"secret":{"description":"set if rotating","type":"object"}},"type":"object"},"dto.UpdateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"type":"object"},"dto.UpdateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops","public"],"example":"public","type":"string"},"name":{"example":"glue","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.UpdateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.UpdateRecordSetRequest":{"properties":{"name":{"description":"Any change flips status back to pending (worker will UPSERT)","maxLength":253,"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.UpdateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.UpdateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"handlers.HealthStatus":{"properties":{"status":{"example":"ok","type":"string"}},"type":"object"},"handlers.VersionResponse":{"properties":{"built":{"example":"2025-11-08T12:34:56Z","type":"string"},"builtBy":{"example":"ci","type":"string"},"commit":{"example":"a1b2c3d","type":"string"},"commitTime":{"example":"2025-11-08T12:31:00Z","type":"string"},"go":{"example":"go1.23.3","type":"string"},"goArch":{"example":"amd64","type":"string"},"goOS":{"example":"linux","type":"string"},"modified":{"example":false,"type":"boolean"},"revision":{"example":"a1b2c3d4e5f6abcdef","type":"string"},"vcs":{"example":"git","type":"string"},"version":{"example":"1.4.2","type":"string"}},"type":"object"},"handlers.createUserKeyRequest":{"properties":{"expires_in_hours":{"description":"optional TTL","type":"integer"},"name":{"type":"string"}},"type":"object"},"handlers.meResponse":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"emails":{"items":{"$ref":"#/components/schemas/models.UserEmail"},"type":"array","uniqueItems":false},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"organizations":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array","uniqueItems":false},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"handlers.memberOut":{"properties":{"email":{"type":"string"},"role":{"description":"owner/admin/member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.memberUpsertReq":{"properties":{"role":{"example":"member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.orgCreateReq":{"properties":{"domain":{"example":"acme.com","type":"string"},"name":{"example":"Acme Corp","type":"string"}},"type":"object"},"handlers.orgKeyCreateReq":{"properties":{"expires_in_hours":{"example":720,"type":"integer"},"name":{"example":"automation-bot","type":"string"}},"type":"object"},"handlers.orgKeyCreateResp":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"org_key":{"description":"shown once:","type":"string"},"org_secret":{"description":"shown once:","type":"string"},"scope":{"description":"\"org\"","type":"string"}},"type":"object"},"handlers.orgUpdateReq":{"properties":{"domain":{"type":"string"},"name":{"type":"string"}},"type":"object"},"handlers.updateMeRequest":{"properties":{"display_name":{"type":"string"}},"type":"object"},"handlers.userAPIKeyOut":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"type":"string"},"name":{"type":"string"},"plain":{"description":"Shown only on create:","type":"string"},"scope":{"description":"\"user\"","type":"string"}},"type":"object"},"models.APIKey":{"properties":{"created_at":{"format":"date-time","type":"string"},"expires_at":{"format":"date-time","type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"format":"date-time","type":"string"},"name":{"type":"string"},"org_id":{"format":"uuid","type":"string"},"prefix":{"type":"string"},"revoked":{"type":"boolean"},"scope":{"type":"string"},"updated_at":{"format":"date-time","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"models.Organization":{"properties":{"created_at":{"format":"date-time","type":"string"},"domain":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"name":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.User":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.UserEmail":{"properties":{"created_at":{"format":"date-time","type":"string"},"email":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_primary":{"type":"boolean"},"is_verified":{"type":"boolean"},"updated_at":{"format":"date-time","type":"string"},"user":{"$ref":"#/components/schemas/models.User"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"utils.ErrorResponse":{"properties":{"code":{"description":"A machine-readable error code, e.g. \"validation_error\"\nexample: validation_error","type":"string"},"message":{"description":"Human-readable message\nexample: slug is required","type":"string"}},"type":"object"}},"securitySchemes":{"ApiKeyAuth":{"description":"User API key","in":"header","name":"X-API-KEY","type":"apiKey"},"BearerAuth":{"description":"Bearer token authentication","in":"header","name":"Authorization","type":"apiKey"},"OrgKeyAuth":{"description":"Org-level key/secret authentication","in":"header","name":"X-ORG-KEY","type":"apiKey"},"OrgSecretAuth":{"description":"Org-level secret","in":"header","name":"X-ORG-SECRET","type":"apiKey"}}},
+    "components": {"schemas":{"dto.AnnotationResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.AttachAnnotationsRequest":{"properties":{"annotation_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachBastionRequest":{"properties":{"server_id":{"type":"string"}},"type":"object"},"dto.AttachCaptainDomainRequest":{"properties":{"domain_id":{"type":"string"}},"type":"object"},"dto.AttachLabelsRequest":{"properties":{"label_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachLoadBalancerRequest":{"properties":{"load_balancer_id":{"type":"string"}},"type":"object"},"dto.AttachNodePoolRequest":{"properties":{"node_pool_id":{"type":"string"}},"type":"object"},"dto.AttachRecordSetRequest":{"properties":{"record_set_id":{"type":"string"}},"type":"object"},"dto.AttachServersRequest":{"properties":{"server_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachTaintsRequest":{"properties":{"taint_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AuthStartResponse":{"properties":{"auth_url":{"example":"https://accounts.google.com/o/oauth2/v2/auth?client_id=...","type":"string"}},"type":"object"},"dto.ClusterResponse":{"properties":{"apps_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"bastion_server":{"$ref":"#/components/schemas/dto.ServerResponse"},"captain_domain":{"$ref":"#/components/schemas/dto.DomainResponse"},"certificate_key":{"type":"string"},"cluster_provider":{"type":"string"},"control_plane_fqdn":{"type":"string"},"control_plane_record_set":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"created_at":{"type":"string"},"glueops_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"node_pools":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array","uniqueItems":false},"random_token":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.CreateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateClusterRequest":{"properties":{"cluster_provider":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.CreateCredentialRequest":{"properties":{"account_id":{"maxLength":32,"type":"string"},"credential_provider":{"enum":["aws","cloudflare","hetzner","digitalocean","generic"],"type":"string"},"kind":{"description":"aws_access_key, api_token, basic_auth, oauth2","type":"string"},"name":{"description":"human label","maxLength":100,"type":"string"},"region":{"maxLength":32,"type":"string"},"schema_version":{"description":"secret schema version","minimum":1,"type":"integer"},"scope":{"description":"{\"service\":\"route53\"} or {\"arn\":\"...\"}","type":"object"},"scope_kind":{"enum":["credential_provider","service","resource"],"type":"string"},"scope_version":{"description":"scope schema version","minimum":1,"type":"integer"},"secret":{"description":"encrypted later","type":"object"}},"required":["credential_provider","kind","schema_version","scope","scope_kind","scope_version","secret"],"type":"object"},"dto.CreateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"required":["credential_id","domain_name"],"type":"object"},"dto.CreateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops","public"],"example":"public","type":"string"},"name":{"example":"glueops","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.CreateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.CreateRecordSetRequest":{"properties":{"name":{"description":"Name relative to domain (\"endpoint\") OR FQDN (\"endpoint.example.com\").\nServer normalizes to relative.","maxLength":253,"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"required":["name","type"],"type":"object"},"dto.CreateSSHRequest":{"properties":{"bits":{"description":"Only for RSA","type":"integer"},"comment":{"example":"deploy@autoglue","type":"string"},"name":{"type":"string"},"type":{"description":"\"rsa\" (default) or \"ed25519\"","type":"string"}},"type":"object"},"dto.CreateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.CreateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CredentialOut":{"properties":{"account_id":{"type":"string"},"created_at":{"type":"string"},"credential_provider":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"schema_version":{"type":"integer"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"updated_at":{"type":"string"}},"type":"object"},"dto.DomainResponse":{"properties":{"created_at":{"type":"string"},"credential_id":{"type":"string"},"domain_name":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"organization_id":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"},"zone_id":{"type":"string"}},"type":"object"},"dto.EnqueueRequest":{"properties":{"payload":{"type":"object"},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-05T08:00:00Z","type":"string"},"type":{"example":"email.send","type":"string"}},"type":"object"},"dto.JWK":{"properties":{"alg":{"example":"RS256","type":"string"},"e":{"example":"AQAB","type":"string"},"kid":{"example":"7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345","type":"string"},"kty":{"example":"RSA","type":"string"},"n":{"type":"string"},"use":{"example":"sig","type":"string"},"x":{"type":"string"}},"type":"object"},"dto.JWKS":{"properties":{"keys":{"items":{"$ref":"#/components/schemas/dto.JWK"},"type":"array","uniqueItems":false}},"type":"object"},"dto.Job":{"properties":{"attempts":{"example":0,"type":"integer"},"created_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"id":{"example":"01HF7SZK8Z8WG1M3J7S2Z8M2N6","type":"string"},"last_error":{"example":"error message","type":"string"},"max_attempts":{"example":3,"type":"integer"},"payload":{},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"status":{"$ref":"#/components/schemas/dto.JobStatus"},"type":{"example":"email.send","type":"string"},"updated_at":{"example":"2025-11-04T09:30:00Z","type":"string"}},"type":"object"},"dto.JobStatus":{"enum":["queued|running|succeeded|failed|canceled|retrying|scheduled"],"example":"queued","type":"string","x-enum-varnames":["StatusQueued","StatusRunning","StatusSucceeded","StatusFailed","StatusCanceled","StatusRetrying","StatusScheduled"]},"dto.LabelResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.LoadBalancerResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.LogoutRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.NodePoolResponse":{"properties":{"annotations":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array","uniqueItems":false},"created_at":{"type":"string"},"id":{"type":"string"},"labels":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array","uniqueItems":false},"name":{"type":"string"},"organization_id":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"},"servers":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array","uniqueItems":false},"taints":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array","uniqueItems":false},"updated_at":{"type":"string"}},"type":"object"},"dto.PageJob":{"properties":{"items":{"items":{"$ref":"#/components/schemas/dto.Job"},"type":"array","uniqueItems":false},"page":{"example":1,"type":"integer"},"page_size":{"example":25,"type":"integer"},"total":{"example":120,"type":"integer"}},"type":"object"},"dto.QueueInfo":{"properties":{"failed":{"example":5,"type":"integer"},"name":{"example":"default","type":"string"},"pending":{"example":42,"type":"integer"},"running":{"example":3,"type":"integer"},"scheduled":{"example":7,"type":"integer"}},"type":"object"},"dto.RecordSetResponse":{"properties":{"created_at":{"type":"string"},"domain_id":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"owner":{"type":"string"},"status":{"type":"string"},"ttl":{"type":"integer"},"type":{"type":"string"},"updated_at":{"type":"string"},"values":{"description":"[]string JSON","type":"object"}},"type":"object"},"dto.RefreshRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.ServerResponse":{"properties":{"created_at":{"type":"string"},"hostname":{"type":"string"},"id":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SetKubeconfigRequest":{"properties":{"kubeconfig":{"type":"string"}},"type":"object"},"dto.SshResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SshRevealResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_key":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.TaintResponse":{"properties":{"created_at":{"type":"string"},"effect":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.TokenPair":{"properties":{"access_token":{"example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij...","type":"string"},"expires_in":{"example":3600,"type":"integer"},"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf....","type":"string"},"token_type":{"example":"Bearer","type":"string"}},"type":"object"},"dto.UpdateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateClusterRequest":{"properties":{"cluster_provider":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.UpdateCredentialRequest":{"properties":{"account_id":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"secret":{"description":"set if rotating","type":"object"}},"type":"object"},"dto.UpdateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"type":"object"},"dto.UpdateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops","public"],"example":"public","type":"string"},"name":{"example":"glue","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.UpdateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.UpdateRecordSetRequest":{"properties":{"name":{"description":"Any change flips status back to pending (worker will UPSERT)","maxLength":253,"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.UpdateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.UpdateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"handlers.HealthStatus":{"properties":{"status":{"example":"ok","type":"string"}},"type":"object"},"handlers.VersionResponse":{"properties":{"built":{"example":"2025-11-08T12:34:56Z","type":"string"},"builtBy":{"example":"ci","type":"string"},"commit":{"example":"a1b2c3d","type":"string"},"commitTime":{"example":"2025-11-08T12:31:00Z","type":"string"},"go":{"example":"go1.23.3","type":"string"},"goArch":{"example":"amd64","type":"string"},"goOS":{"example":"linux","type":"string"},"modified":{"example":false,"type":"boolean"},"revision":{"example":"a1b2c3d4e5f6abcdef","type":"string"},"vcs":{"example":"git","type":"string"},"version":{"example":"1.4.2","type":"string"}},"type":"object"},"handlers.createUserKeyRequest":{"properties":{"expires_in_hours":{"description":"optional TTL","type":"integer"},"name":{"type":"string"}},"type":"object"},"handlers.meResponse":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"emails":{"items":{"$ref":"#/components/schemas/models.UserEmail"},"type":"array","uniqueItems":false},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"organizations":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array","uniqueItems":false},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"handlers.memberOut":{"properties":{"email":{"type":"string"},"role":{"description":"owner/admin/member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.memberUpsertReq":{"properties":{"role":{"example":"member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.orgCreateReq":{"properties":{"domain":{"example":"acme.com","type":"string"},"name":{"example":"Acme Corp","type":"string"}},"type":"object"},"handlers.orgKeyCreateReq":{"properties":{"expires_in_hours":{"example":720,"type":"integer"},"name":{"example":"automation-bot","type":"string"}},"type":"object"},"handlers.orgKeyCreateResp":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"org_key":{"description":"shown once:","type":"string"},"org_secret":{"description":"shown once:","type":"string"},"scope":{"description":"\"org\"","type":"string"}},"type":"object"},"handlers.orgUpdateReq":{"properties":{"domain":{"type":"string"},"name":{"type":"string"}},"type":"object"},"handlers.updateMeRequest":{"properties":{"display_name":{"type":"string"}},"type":"object"},"handlers.userAPIKeyOut":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"type":"string"},"name":{"type":"string"},"plain":{"description":"Shown only on create:","type":"string"},"scope":{"description":"\"user\"","type":"string"}},"type":"object"},"models.APIKey":{"properties":{"created_at":{"format":"date-time","type":"string"},"expires_at":{"format":"date-time","type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"format":"date-time","type":"string"},"name":{"type":"string"},"org_id":{"format":"uuid","type":"string"},"prefix":{"type":"string"},"revoked":{"type":"boolean"},"scope":{"type":"string"},"updated_at":{"format":"date-time","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"models.Organization":{"properties":{"created_at":{"format":"date-time","type":"string"},"domain":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"name":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.User":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.UserEmail":{"properties":{"created_at":{"format":"date-time","type":"string"},"email":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_primary":{"type":"boolean"},"is_verified":{"type":"boolean"},"updated_at":{"format":"date-time","type":"string"},"user":{"$ref":"#/components/schemas/models.User"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"utils.ErrorResponse":{"properties":{"code":{"description":"A machine-readable error code, e.g. \"validation_error\"\nexample: validation_error","type":"string"},"message":{"description":"Human-readable message\nexample: slug is required","type":"string"}},"type":"object"}},"securitySchemes":{"ApiKeyAuth":{"description":"User API key","in":"header","name":"X-API-KEY","type":"apiKey"},"BearerAuth":{"description":"Bearer token authentication","in":"header","name":"Authorization","type":"apiKey"},"OrgKeyAuth":{"description":"Org-level key/secret authentication","in":"header","name":"X-ORG-KEY","type":"apiKey"},"OrgSecretAuth":{"description":"Org-level secret","in":"header","name":"X-ORG-SECRET","type":"apiKey"}}},
     "info": {"contact":{"name":"GlueOps"},"description":"{{escape .Description}}","title":"{{.Title}}","version":"{{.Version}}"},
     "externalDocs": {"description":"","url":""},
-    "paths": {"/.well-known/jwks.json":{"get":{"description":"Returns the JSON Web Key Set for token verification","operationId":"getJWKS","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.JWKS"}}},"description":"OK"}},"summary":"Get JWKS","tags":["Auth"]}},"/admin/archer/jobs":{"get":{"description":"Paginated background jobs with optional filters. Search ` + "`" + `q` + "`" + ` may match id, type, error, payload (implementation-dependent).","operationId":"AdminListArcherJobs","parameters":[{"description":"Filter by status","in":"query","name":"status","schema":{"enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"type":"string"}},{"description":"Filter by queue name / worker name","in":"query","name":"queue","schema":{"type":"string"}},{"description":"Free-text search","in":"query","name":"q","schema":{"type":"string"}},{"description":"Page number","in":"query","name":"page","schema":{"default":1,"type":"integer"}},{"description":"Items per page","in":"query","name":"page_size","schema":{"default":25,"maximum":100,"minimum":1,"type":"integer"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.PageJob"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer jobs (admin)","tags":["ArcherAdmin"]},"post":{"description":"Create a job immediately or schedule it for the future via ` + "`" + `run_at` + "`" + `.","operationId":"AdminEnqueueArcherJob","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.EnqueueRequest"}}},"description":"Job parameters","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json or missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"Enqueue a new Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/cancel":{"post":{"description":"Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.","operationId":"AdminCancelArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not cancellable"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Cancel an Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/retry":{"post":{"description":"Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.","operationId":"AdminRetryArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not eligible"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Retry a failed/canceled Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/queues":{"get":{"description":"Summary metrics per queue (pending, running, failed, scheduled).","operationId":"AdminListArcherQueues","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.QueueInfo"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer queues (admin)","tags":["ArcherAdmin"]}},"/annotations":{"get":{"description":"Returns annotations for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node pools.","operationId":"ListAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list annotations"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations (org scoped)","tags":["Annotations"]},"post":{"description":"Creates an annotation.","operationId":"CreateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateAnnotationRequest"}}},"description":"Annotation payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create annotation (org scoped)","tags":["Annotations"]}},"/annotations/{id}":{"delete":{"description":"Permanently deletes the annotation.","operationId":"DeleteAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete annotation (org scoped)","tags":["Annotations"]},"get":{"description":"Returns one annotation. Add ` + "`" + `include=node_pools` + "`" + ` to include node pools.","operationId":"GetAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get annotation by ID (org scoped)","tags":["Annotations"]},"patch":{"description":"Partially update annotation fields.","operationId":"UpdateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateAnnotationRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update annotation (org scoped)","tags":["Annotations"]}},"/auth/logout":{"post":{"operationId":"Logout","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LogoutRequest"}}},"description":"Refresh token","required":true},"responses":{"204":{"description":"No Content"}},"summary":"Revoke refresh token family (logout everywhere)","tags":["Auth"]}},"/auth/refresh":{"post":{"operationId":"Refresh","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RefreshRequest"}}},"description":"Refresh token","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Rotate refresh token","tags":["Auth"]}},"/auth/{provider}/callback":{"get":{"operationId":"AuthCallback","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Handle social login callback","tags":["Auth"]}},"/auth/{provider}/start":{"post":{"description":"Returns provider authorization URL for the frontend to redirect","operationId":"AuthStart","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AuthStartResponse"}}},"description":"OK"}},"summary":"Begin social login","tags":["Auth"]}},"/clusters":{"get":{"description":"Returns clusters for the organization in X-Org-ID. Filter by ` + "`" + `q` + "`" + ` (name contains).","operationId":"ListClusters","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ClusterResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List clusters (org scoped)","tags":["Clusters"]},"post":{"description":"Creates a cluster. Status is managed by the system and starts as ` + "`" + `pre_pending` + "`" + ` for validation.","operationId":"CreateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateClusterRequest"}}},"description":"payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create cluster (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}":{"delete":{"description":"Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).","operationId":"DeleteCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"deleted"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a cluster (org scoped)","tags":["Clusters"]},"get":{"description":"Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).","operationId":"GetCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a single cluster by ID (org scoped)","tags":["Clusters"]},"patch":{"description":"Updates the cluster name, provider, and/or region. Status is managed by the system.","operationId":"UpdateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateClusterRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update basic cluster details (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}/apps-load-balancer":{"delete":{"description":"Clears apps_load_balancer_id on the cluster.","operationId":"DetachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the apps load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets apps_load_balancer_id on the cluster.","operationId":"AttachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach an apps load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/bastion":{"delete":{"description":"Clears bastion_server_id on the cluster.","operationId":"DetachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the bastion server from a cluster","tags":["Clusters"]},"post":{"description":"Sets bastion_server_id on the cluster.","operationId":"AttachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachBastionRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or server not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a bastion server to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/captain-domain":{"delete":{"description":"Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.","operationId":"DetachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the captain domain from a cluster","tags":["Clusters"]},"post":{"description":"Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.","operationId":"AttachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachCaptainDomainRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or domain not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a captain domain to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/control-plane-record-set":{"delete":{"description":"Clears control_plane_record_set_id on the cluster.","operationId":"DetachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the control plane record set from a cluster","tags":["Clusters"]},"post":{"description":"Sets control_plane_record_set_id on the cluster.","operationId":"AttachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachRecordSetRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or record set not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a control plane record set to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/glueops-load-balancer":{"delete":{"description":"Clears glueops_load_balancer_id on the cluster.","operationId":"DetachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the GlueOps/control-plane load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets glueops_load_balancer_id on the cluster.","operationId":"AttachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a GlueOps/control-plane load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/kubeconfig":{"delete":{"description":"Removes the encrypted kubeconfig, IV, and tag from the cluster record.","operationId":"ClearClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Clear the kubeconfig for a cluster","tags":["Clusters"]},"post":{"description":"Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.","operationId":"SetClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SetKubeconfigRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Set (or replace) the kubeconfig for a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/node-pools":{"post":{"description":"Adds an entry in the cluster_node_pools join table.","operationId":"AttachNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachNodePoolRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or node pool not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a node pool to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/node-pools/{nodePoolID}":{"delete":{"description":"Removes an entry from the cluster_node_pools join table.","operationId":"DetachNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}},{"description":"Node Pool ID","in":"path","name":"nodePoolID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or node pool not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach a node pool from a cluster","tags":["Clusters"]}},"/credentials":{"get":{"description":"Returns credential metadata for the current org. Secrets are never returned.","operationId":"ListCredentials","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by provider (e.g., aws)","in":"query","name":"provider","schema":{"type":"string"}},{"description":"Filter by kind (e.g., aws_access_key)","in":"query","name":"kind","schema":{"type":"string"}},{"description":"Filter by scope kind (provider/service/resource)","in":"query","name":"scope_kind","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.CredentialOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List credentials (metadata only)","tags":["Credentials"]},"post":{"operationId":"CreateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateCredentialRequest"}}},"description":"Credential payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a credential (encrypts secret)","tags":["Credentials"]}},"/credentials/{id}":{"delete":{"operationId":"DeleteCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete credential","tags":["Credentials"]},"get":{"operationId":"GetCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get credential by ID (metadata only)","tags":["Credentials"]},"patch":{"operationId":"UpdateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateCredentialRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"X-Org-ID required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update credential metadata and/or rotate secret","tags":["Credentials"]}},"/credentials/{id}/reveal":{"post":{"operationId":"RevealCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"additionalProperties":{},"type":"object"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reveal decrypted secret (one-time read)","tags":["Credentials"]}},"/dns/domains":{"get":{"description":"Returns domains for X-Org-ID. Filters: ` + "`" + `domain_name` + "`" + `, ` + "`" + `status` + "`" + `, ` + "`" + `q` + "`" + ` (contains).","operationId":"ListDomains","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact domain name (lowercase, no trailing dot)","in":"query","name":"domain_name","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}},{"description":"Domain contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.DomainResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List domains (org scoped)","tags":["DNS"]},"post":{"description":"Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.","operationId":"CreateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateDomainRequest"}}},"description":"Domain payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a domain (org scoped)","tags":["DNS"]}},"/dns/domains/{domain_id}/records":{"get":{"description":"Filters: ` + "`" + `name` + "`" + `, ` + "`" + `type` + "`" + `, ` + "`" + `status` + "`" + `.","operationId":"ListRecordSets","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}},{"description":"Exact relative name or FQDN (server normalizes)","in":"query","name":"name","schema":{"type":"string"}},{"description":"RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)","in":"query","name":"type","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"type":"array"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List record sets for a domain","tags":["DNS"]},"post":{"operationId":"CreateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateRecordSetRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a record set (pending; Archer will UPSERT to Route 53)","tags":["DNS"]}},"/dns/domains/{id}":{"delete":{"operationId":"DeleteDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a domain","tags":["DNS"]},"get":{"operationId":"GetDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a domain (org scoped)","tags":["DNS"]},"patch":{"operationId":"UpdateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateDomainRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a domain (org scoped)","tags":["DNS"]}},"/dns/records/{id}":{"delete":{"operationId":"DeleteRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a record set (API removes row; worker can optionally handle external deletion policy)","tags":["DNS"]},"patch":{"operationId":"UpdateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateRecordSetRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a record set (flips to pending for reconciliation)","tags":["DNS"]}},"/healthz":{"get":{"description":"Returns 200 OK when the service is up","operationId":"HealthCheck               // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.HealthStatus"}}},"description":"OK"}},"summary":"Basic health check","tags":["Health"]}},"/labels":{"get":{"description":"Returns node labels for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node groups.","operationId":"ListLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"Key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node labels (org scoped)","tags":["Labels"]},"post":{"description":"Creates a label.","operationId":"CreateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLabelRequest"}}},"description":"Label payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create label (org scoped)","tags":["Labels"]}},"/labels/{id}":{"delete":{"description":"Permanently deletes the label.","operationId":"DeleteLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete label (org scoped)","tags":["Labels"]},"get":{"description":"Returns one label.","operationId":"GetLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get label by ID (org scoped)","tags":["Labels"]},"patch":{"description":"Partially update label fields.","operationId":"UpdateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLabelRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update label (org scoped)","tags":["Labels"]}},"/load-balancers":{"get":{"description":"Returns load balancers for the organization in X-Org-ID.","operationId":"ListLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List load balancers (org scoped)","tags":["LoadBalancers"]},"post":{"operationId":"CreateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLoadBalancerRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a load balancer","tags":["LoadBalancers"]}},"/load-balancers/{id}":{"delete":{"operationId":"DeleteLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a load balancer","tags":["LoadBalancers"]},"get":{"description":"Returns load balancer for the organization in X-Org-ID.","operationId":"GetLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"LoadBalancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a load balancer (org scoped)","tags":["LoadBalancers"]},"patch":{"operationId":"UpdateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLoadBalancerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a load balancer (org scoped)","tags":["LoadBalancers"]}},"/me":{"get":{"operationId":"GetMe","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.meResponse"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Get current user profile","tags":["Me"]},"patch":{"operationId":"UpdateMe","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.updateMeRequest"}}},"description":"Patch profile","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.User"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Update current user profile","tags":["Me"]}},"/me/api-keys":{"get":{"operationId":"ListUserAPIKeys","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"},"type":"array"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"List my API keys","tags":["MeAPIKeys"]},"post":{"description":"Returns the plaintext key once. Store it securely on the client side.","operationId":"CreateUserAPIKey","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.createUserKeyRequest"}}},"description":"Key options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"}}},"description":"Created"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Create a new user API key","tags":["MeAPIKeys"]}},"/me/api-keys/{id}":{"delete":{"operationId":"DeleteUserAPIKey","parameters":[{"description":"Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"}},"security":[{"BearerAuth":[]}],"summary":"Delete a user API key","tags":["MeAPIKeys"]}},"/node-pools":{"get":{"description":"Returns node pools for the organization in X-Org-ID.","operationId":"ListNodePools","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node pools"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pools (org scoped)","tags":["NodePools"]},"post":{"description":"Creates a node pool. Optionally attach initial servers.","operationId":"CreateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateNodePoolRequest"}}},"description":"NodePool payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}":{"delete":{"description":"Permanently deletes the node pool.","operationId":"DeleteNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete node pool (org scoped)","tags":["NodePools"]},"get":{"description":"Returns one node pool. Add ` + "`" + `include=servers` + "`" + ` to include servers.","operationId":"GetNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node pool by ID (org scoped)","tags":["NodePools"]},"patch":{"description":"Partially update node pool fields.","operationId":"UpdateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateNodePoolRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations":{"get":{"operationId":"ListNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Group ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachAnnotationsRequest"}}},"description":"Annotation IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach annotation to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations/{annotationId}":{"delete":{"operationId":"DetachNodePoolAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"annotationId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one annotation from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels":{"get":{"operationId":"ListNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List labels attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLabelsRequest"}}},"description":"Label IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach labels to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels/{labelId}":{"delete":{"operationId":"DetachNodePoolLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"labelId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one label from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers":{"get":{"operationId":"ListNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachServersRequest"}}},"description":"Server IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach servers to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers/{serverId}":{"delete":{"operationId":"DetachNodePoolServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"serverId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one server from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints":{"get":{"operationId":"ListNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List taints attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachTaintsRequest"}}},"description":"Taint IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid taint_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach taints to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints/{taintId}":{"delete":{"operationId":"DetachNodePoolTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Taint ID (UUID)","in":"path","name":"taintId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one taint from a node pool (org scoped)","tags":["NodePools"]}},"/orgs":{"get":{"operationId":"listMyOrgs","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List organizations I belong to","tags":["Orgs"]},"post":{"operationId":"createOrg","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgCreateReq"}}},"description":"Org payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Bad Request"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Conflict"}},"security":[{"BearerAuth":[]}],"summary":"Create organization","tags":["Orgs"]}},"/orgs/{id}":{"delete":{"operationId":"deleteOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Delete organization (owner)","tags":["Orgs"]},"get":{"operationId":"getOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Get organization","tags":["Orgs"]},"patch":{"operationId":"updateOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgUpdateReq"}}},"description":"Update payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Update organization (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys":{"get":{"operationId":"listOrgKeys","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.APIKey"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List org-scoped API keys (no secrets)","tags":["Orgs"]},"post":{"operationId":"createOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateReq"}}},"description":"Key name + optional expiry","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateResp"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Create org key/secret pair (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys/{key_id}":{"delete":{"operationId":"deleteOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Key ID (UUID)","in":"path","name":"key_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Delete org key (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members":{"get":{"operationId":"listMembers","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.memberOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List members in org","tags":["Orgs"]},"post":{"operationId":"addOrUpdateMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberUpsertReq"}}},"description":"User \u0026 role","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Add or update a member (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members/{user_id}":{"delete":{"operationId":"removeMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"User ID (UUID)","in":"path","name":"user_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Removed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Remove a member (owner/admin)","tags":["Orgs"]}},"/servers":{"get":{"description":"Returns servers for the organization in X-Org-ID. Optional filters: status, role.","operationId":"ListServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by status (pending|provisioning|ready|failed)","in":"query","name":"status","schema":{"type":"string"}},{"description":"Filter by role","in":"query","name":"role","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list servers"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers (org scoped)","tags":["Servers"]},"post":{"description":"Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.","operationId":"CreateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateServerRequest"}}},"description":"Server payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create server (org scoped)","tags":["Servers"]}},"/servers/{id}":{"delete":{"description":"Permanently deletes the server.","operationId":"DeleteServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete server (org scoped)","tags":["Servers"]},"get":{"description":"Returns one server in the given organization.","operationId":"GetServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get server by ID (org scoped)","tags":["Servers"]},"patch":{"description":"Partially update fields; changing ssh_key_id validates ownership.","operationId":"UpdateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateServerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update server (org scoped)","tags":["Servers"]}},"/servers/{id}/reset-hostkey":{"post":{"description":"Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).","operationId":"ResetServerHostKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"reset failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reset SSH host key (org scoped)","tags":["Servers"]}},"/ssh":{"get":{"description":"Returns ssh keys for the organization in X-Org-ID.","operationId":"ListPublicSshKeys","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.SshResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list keys"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List ssh keys (org scoped)","tags":["Ssh"]},"post":{"description":"Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.","operationId":"CreateSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateSSHRequest"}}},"description":"Key generation options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SshResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / invalid bits"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"generation/create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create ssh keypair (org scoped)","tags":["Ssh"]}},"/ssh/{id}":{"delete":{"description":"Permanently deletes a keypair.","operationId":"DeleteSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete ssh keypair (org scoped)","tags":["Ssh"]},"get":{"description":"Returns public key fields. Append ` + "`" + `?reveal=true` + "`" + ` to include the private key PEM.","operationId":"GetSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Reveal private key PEM","in":"query","name":"reveal","schema":{"type":"boolean"}}],"responses":{"200":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/dto.SshResponse"},{"$ref":"#/components/schemas/dto.SshRevealResponse"}]}}},"description":"When reveal=true"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get ssh key by ID (org scoped)","tags":["Ssh"]}},"/ssh/{id}/download":{"get":{"description":"Download ` + "`" + `part=public|private|both` + "`" + ` of the keypair. ` + "`" + `both` + "`" + ` returns a zip file.","operationId":"DownloadSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","required":true,"schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Which part to download","in":"query","name":"part","required":true,"schema":{"enum":["public","private","both"],"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"file content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid part"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"download failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Download ssh key files by ID (org scoped)","tags":["Ssh"]}},"/taints":{"get":{"description":"Returns node taints for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node pools.","operationId":"ListTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pool taints (org scoped)","tags":["Taints"]},"post":{"description":"Creates a taint.","operationId":"CreateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateTaintRequest"}}},"description":"Taint payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node taint (org scoped)","tags":["Taints"]}},"/taints/{id}":{"delete":{"description":"Permanently deletes the taint.","operationId":"DeleteTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete taint (org scoped)","tags":["Taints"]},"get":{"operationId":"GetTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node taint by ID (org scoped)","tags":["Taints"]},"patch":{"description":"Partially update taint fields.","operationId":"UpdateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateTaintRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node taint (org scoped)","tags":["Taints"]}},"/version":{"get":{"description":"Returns build/runtime metadata for the running service.","operationId":"Version                 // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.VersionResponse"}}},"description":"OK"}},"summary":"Service version information","tags":["Meta"]}}},
+    "paths": {"/.well-known/jwks.json":{"get":{"description":"Returns the JSON Web Key Set for token verification","operationId":"getJWKS","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.JWKS"}}},"description":"OK"}},"summary":"Get JWKS","tags":["Auth"]}},"/admin/archer/jobs":{"get":{"description":"Paginated background jobs with optional filters. Search ` + "`" + `q` + "`" + ` may match id, type, error, payload (implementation-dependent).","operationId":"AdminListArcherJobs","parameters":[{"description":"Filter by status","in":"query","name":"status","schema":{"enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"type":"string"}},{"description":"Filter by queue name / worker name","in":"query","name":"queue","schema":{"type":"string"}},{"description":"Free-text search","in":"query","name":"q","schema":{"type":"string"}},{"description":"Page number","in":"query","name":"page","schema":{"default":1,"type":"integer"}},{"description":"Items per page","in":"query","name":"page_size","schema":{"default":25,"maximum":100,"minimum":1,"type":"integer"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.PageJob"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer jobs (admin)","tags":["ArcherAdmin"]},"post":{"description":"Create a job immediately or schedule it for the future via ` + "`" + `run_at` + "`" + `.","operationId":"AdminEnqueueArcherJob","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.EnqueueRequest"}}},"description":"Job parameters","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json or missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"Enqueue a new Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/cancel":{"post":{"description":"Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.","operationId":"AdminCancelArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not cancellable"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Cancel an Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/retry":{"post":{"description":"Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.","operationId":"AdminRetryArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not eligible"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Retry a failed/canceled Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/queues":{"get":{"description":"Summary metrics per queue (pending, running, failed, scheduled).","operationId":"AdminListArcherQueues","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.QueueInfo"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer queues (admin)","tags":["ArcherAdmin"]}},"/annotations":{"get":{"description":"Returns annotations for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node pools.","operationId":"ListAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list annotations"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations (org scoped)","tags":["Annotations"]},"post":{"description":"Creates an annotation.","operationId":"CreateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateAnnotationRequest"}}},"description":"Annotation payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create annotation (org scoped)","tags":["Annotations"]}},"/annotations/{id}":{"delete":{"description":"Permanently deletes the annotation.","operationId":"DeleteAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete annotation (org scoped)","tags":["Annotations"]},"get":{"description":"Returns one annotation. Add ` + "`" + `include=node_pools` + "`" + ` to include node pools.","operationId":"GetAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get annotation by ID (org scoped)","tags":["Annotations"]},"patch":{"description":"Partially update annotation fields.","operationId":"UpdateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateAnnotationRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update annotation (org scoped)","tags":["Annotations"]}},"/auth/logout":{"post":{"operationId":"Logout","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LogoutRequest"}}},"description":"Refresh token","required":true},"responses":{"204":{"description":"No Content"}},"summary":"Revoke refresh token family (logout everywhere)","tags":["Auth"]}},"/auth/refresh":{"post":{"operationId":"Refresh","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RefreshRequest"}}},"description":"Refresh token","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Rotate refresh token","tags":["Auth"]}},"/auth/{provider}/callback":{"get":{"operationId":"AuthCallback","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Handle social login callback","tags":["Auth"]}},"/auth/{provider}/start":{"post":{"description":"Returns provider authorization URL for the frontend to redirect","operationId":"AuthStart","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AuthStartResponse"}}},"description":"OK"}},"summary":"Begin social login","tags":["Auth"]}},"/clusters":{"get":{"description":"Returns clusters for the organization in X-Org-ID. Filter by ` + "`" + `q` + "`" + ` (name contains).","operationId":"ListClusters","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ClusterResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List clusters (org scoped)","tags":["Clusters"]},"post":{"description":"Creates a cluster. Status is managed by the system and starts as ` + "`" + `pre_pending` + "`" + ` for validation.","operationId":"CreateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateClusterRequest"}}},"description":"payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create cluster (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}":{"delete":{"description":"Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).","operationId":"DeleteCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"deleted"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a cluster (org scoped)","tags":["Clusters"]},"get":{"description":"Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).","operationId":"GetCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a single cluster by ID (org scoped)","tags":["Clusters"]},"patch":{"description":"Updates the cluster name, provider, and/or region. Status is managed by the system.","operationId":"UpdateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateClusterRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update basic cluster details (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}/apps-load-balancer":{"delete":{"description":"Clears apps_load_balancer_id on the cluster.","operationId":"DetachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the apps load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets apps_load_balancer_id on the cluster.","operationId":"AttachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach an apps load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/bastion":{"delete":{"description":"Clears bastion_server_id on the cluster.","operationId":"DetachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the bastion server from a cluster","tags":["Clusters"]},"post":{"description":"Sets bastion_server_id on the cluster.","operationId":"AttachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachBastionRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or server not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a bastion server to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/captain-domain":{"delete":{"description":"Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.","operationId":"DetachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the captain domain from a cluster","tags":["Clusters"]},"post":{"description":"Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.","operationId":"AttachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachCaptainDomainRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or domain not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a captain domain to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/control-plane-record-set":{"delete":{"description":"Clears control_plane_record_set_id on the cluster.","operationId":"DetachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the control plane record set from a cluster","tags":["Clusters"]},"post":{"description":"Sets control_plane_record_set_id on the cluster.","operationId":"AttachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachRecordSetRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or record set not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a control plane record set to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/glueops-load-balancer":{"delete":{"description":"Clears glueops_load_balancer_id on the cluster.","operationId":"DetachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the GlueOps/control-plane load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets glueops_load_balancer_id on the cluster.","operationId":"AttachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a GlueOps/control-plane load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/kubeconfig":{"delete":{"description":"Removes the encrypted kubeconfig, IV, and tag from the cluster record.","operationId":"ClearClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Clear the kubeconfig for a cluster","tags":["Clusters"]},"post":{"description":"Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.","operationId":"SetClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SetKubeconfigRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Set (or replace) the kubeconfig for a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/node-pools":{"post":{"description":"Adds an entry in the cluster_node_pools join table.","operationId":"AttachNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachNodePoolRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or node pool not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a node pool to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/node-pools/{nodePoolID}":{"delete":{"description":"Removes an entry from the cluster_node_pools join table.","operationId":"DetachNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}},{"description":"Node Pool ID","in":"path","name":"nodePoolID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or node pool not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach a node pool from a cluster","tags":["Clusters"]}},"/credentials":{"get":{"description":"Returns credential metadata for the current org. Secrets are never returned.","operationId":"ListCredentials","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by provider (e.g., aws)","in":"query","name":"credential_provider","schema":{"type":"string"}},{"description":"Filter by kind (e.g., aws_access_key)","in":"query","name":"kind","schema":{"type":"string"}},{"description":"Filter by scope kind (credential_provider/service/resource)","in":"query","name":"scope_kind","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.CredentialOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List credentials (metadata only)","tags":["Credentials"]},"post":{"operationId":"CreateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateCredentialRequest"}}},"description":"Credential payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a credential (encrypts secret)","tags":["Credentials"]}},"/credentials/{id}":{"delete":{"operationId":"DeleteCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete credential","tags":["Credentials"]},"get":{"operationId":"GetCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get credential by ID (metadata only)","tags":["Credentials"]},"patch":{"operationId":"UpdateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateCredentialRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"X-Org-ID required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update credential metadata and/or rotate secret","tags":["Credentials"]}},"/credentials/{id}/reveal":{"post":{"operationId":"RevealCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"additionalProperties":{},"type":"object"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reveal decrypted secret (one-time read)","tags":["Credentials"]}},"/dns/domains":{"get":{"description":"Returns domains for X-Org-ID. Filters: ` + "`" + `domain_name` + "`" + `, ` + "`" + `status` + "`" + `, ` + "`" + `q` + "`" + ` (contains).","operationId":"ListDomains","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact domain name (lowercase, no trailing dot)","in":"query","name":"domain_name","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}},{"description":"Domain contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.DomainResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List domains (org scoped)","tags":["DNS"]},"post":{"description":"Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.","operationId":"CreateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateDomainRequest"}}},"description":"Domain payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a domain (org scoped)","tags":["DNS"]}},"/dns/domains/{domain_id}/records":{"get":{"description":"Filters: ` + "`" + `name` + "`" + `, ` + "`" + `type` + "`" + `, ` + "`" + `status` + "`" + `.","operationId":"ListRecordSets","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}},{"description":"Exact relative name or FQDN (server normalizes)","in":"query","name":"name","schema":{"type":"string"}},{"description":"RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)","in":"query","name":"type","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"type":"array"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List record sets for a domain","tags":["DNS"]},"post":{"operationId":"CreateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateRecordSetRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a record set (pending; Archer will UPSERT to Route 53)","tags":["DNS"]}},"/dns/domains/{id}":{"delete":{"operationId":"DeleteDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a domain","tags":["DNS"]},"get":{"operationId":"GetDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a domain (org scoped)","tags":["DNS"]},"patch":{"operationId":"UpdateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateDomainRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a domain (org scoped)","tags":["DNS"]}},"/dns/records/{id}":{"delete":{"operationId":"DeleteRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a record set (API removes row; worker can optionally handle external deletion policy)","tags":["DNS"]},"patch":{"operationId":"UpdateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateRecordSetRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a record set (flips to pending for reconciliation)","tags":["DNS"]}},"/healthz":{"get":{"description":"Returns 200 OK when the service is up","operationId":"HealthCheck               // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.HealthStatus"}}},"description":"OK"}},"summary":"Basic health check","tags":["Health"]}},"/labels":{"get":{"description":"Returns node labels for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node groups.","operationId":"ListLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"Key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node labels (org scoped)","tags":["Labels"]},"post":{"description":"Creates a label.","operationId":"CreateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLabelRequest"}}},"description":"Label payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create label (org scoped)","tags":["Labels"]}},"/labels/{id}":{"delete":{"description":"Permanently deletes the label.","operationId":"DeleteLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete label (org scoped)","tags":["Labels"]},"get":{"description":"Returns one label.","operationId":"GetLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get label by ID (org scoped)","tags":["Labels"]},"patch":{"description":"Partially update label fields.","operationId":"UpdateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLabelRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update label (org scoped)","tags":["Labels"]}},"/load-balancers":{"get":{"description":"Returns load balancers for the organization in X-Org-ID.","operationId":"ListLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List load balancers (org scoped)","tags":["LoadBalancers"]},"post":{"operationId":"CreateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLoadBalancerRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a load balancer","tags":["LoadBalancers"]}},"/load-balancers/{id}":{"delete":{"operationId":"DeleteLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a load balancer","tags":["LoadBalancers"]},"get":{"description":"Returns load balancer for the organization in X-Org-ID.","operationId":"GetLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"LoadBalancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a load balancer (org scoped)","tags":["LoadBalancers"]},"patch":{"operationId":"UpdateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLoadBalancerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a load balancer (org scoped)","tags":["LoadBalancers"]}},"/me":{"get":{"operationId":"GetMe","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.meResponse"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Get current user profile","tags":["Me"]},"patch":{"operationId":"UpdateMe","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.updateMeRequest"}}},"description":"Patch profile","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.User"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Update current user profile","tags":["Me"]}},"/me/api-keys":{"get":{"operationId":"ListUserAPIKeys","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"},"type":"array"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"List my API keys","tags":["MeAPIKeys"]},"post":{"description":"Returns the plaintext key once. Store it securely on the client side.","operationId":"CreateUserAPIKey","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.createUserKeyRequest"}}},"description":"Key options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"}}},"description":"Created"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Create a new user API key","tags":["MeAPIKeys"]}},"/me/api-keys/{id}":{"delete":{"operationId":"DeleteUserAPIKey","parameters":[{"description":"Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"}},"security":[{"BearerAuth":[]}],"summary":"Delete a user API key","tags":["MeAPIKeys"]}},"/node-pools":{"get":{"description":"Returns node pools for the organization in X-Org-ID.","operationId":"ListNodePools","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node pools"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pools (org scoped)","tags":["NodePools"]},"post":{"description":"Creates a node pool. Optionally attach initial servers.","operationId":"CreateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateNodePoolRequest"}}},"description":"NodePool payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}":{"delete":{"description":"Permanently deletes the node pool.","operationId":"DeleteNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete node pool (org scoped)","tags":["NodePools"]},"get":{"description":"Returns one node pool. Add ` + "`" + `include=servers` + "`" + ` to include servers.","operationId":"GetNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node pool by ID (org scoped)","tags":["NodePools"]},"patch":{"description":"Partially update node pool fields.","operationId":"UpdateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateNodePoolRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations":{"get":{"operationId":"ListNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Group ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachAnnotationsRequest"}}},"description":"Annotation IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach annotation to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations/{annotationId}":{"delete":{"operationId":"DetachNodePoolAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"annotationId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one annotation from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels":{"get":{"operationId":"ListNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List labels attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLabelsRequest"}}},"description":"Label IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach labels to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels/{labelId}":{"delete":{"operationId":"DetachNodePoolLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"labelId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one label from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers":{"get":{"operationId":"ListNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachServersRequest"}}},"description":"Server IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach servers to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers/{serverId}":{"delete":{"operationId":"DetachNodePoolServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"serverId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one server from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints":{"get":{"operationId":"ListNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List taints attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachTaintsRequest"}}},"description":"Taint IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid taint_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach taints to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints/{taintId}":{"delete":{"operationId":"DetachNodePoolTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Taint ID (UUID)","in":"path","name":"taintId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one taint from a node pool (org scoped)","tags":["NodePools"]}},"/orgs":{"get":{"operationId":"listMyOrgs","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List organizations I belong to","tags":["Orgs"]},"post":{"operationId":"createOrg","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgCreateReq"}}},"description":"Org payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Bad Request"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Conflict"}},"security":[{"BearerAuth":[]}],"summary":"Create organization","tags":["Orgs"]}},"/orgs/{id}":{"delete":{"operationId":"deleteOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Delete organization (owner)","tags":["Orgs"]},"get":{"operationId":"getOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Get organization","tags":["Orgs"]},"patch":{"operationId":"updateOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgUpdateReq"}}},"description":"Update payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Update organization (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys":{"get":{"operationId":"listOrgKeys","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.APIKey"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List org-scoped API keys (no secrets)","tags":["Orgs"]},"post":{"operationId":"createOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateReq"}}},"description":"Key name + optional expiry","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateResp"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Create org key/secret pair (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys/{key_id}":{"delete":{"operationId":"deleteOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Key ID (UUID)","in":"path","name":"key_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Delete org key (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members":{"get":{"operationId":"listMembers","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.memberOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List members in org","tags":["Orgs"]},"post":{"operationId":"addOrUpdateMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberUpsertReq"}}},"description":"User \u0026 role","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Add or update a member (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members/{user_id}":{"delete":{"operationId":"removeMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"User ID (UUID)","in":"path","name":"user_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Removed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Remove a member (owner/admin)","tags":["Orgs"]}},"/servers":{"get":{"description":"Returns servers for the organization in X-Org-ID. Optional filters: status, role.","operationId":"ListServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by status (pending|provisioning|ready|failed)","in":"query","name":"status","schema":{"type":"string"}},{"description":"Filter by role","in":"query","name":"role","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list servers"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers (org scoped)","tags":["Servers"]},"post":{"description":"Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.","operationId":"CreateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateServerRequest"}}},"description":"Server payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create server (org scoped)","tags":["Servers"]}},"/servers/{id}":{"delete":{"description":"Permanently deletes the server.","operationId":"DeleteServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete server (org scoped)","tags":["Servers"]},"get":{"description":"Returns one server in the given organization.","operationId":"GetServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get server by ID (org scoped)","tags":["Servers"]},"patch":{"description":"Partially update fields; changing ssh_key_id validates ownership.","operationId":"UpdateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateServerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update server (org scoped)","tags":["Servers"]}},"/servers/{id}/reset-hostkey":{"post":{"description":"Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).","operationId":"ResetServerHostKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"reset failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reset SSH host key (org scoped)","tags":["Servers"]}},"/ssh":{"get":{"description":"Returns ssh keys for the organization in X-Org-ID.","operationId":"ListPublicSshKeys","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.SshResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list keys"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List ssh keys (org scoped)","tags":["Ssh"]},"post":{"description":"Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.","operationId":"CreateSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateSSHRequest"}}},"description":"Key generation options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SshResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / invalid bits"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"generation/create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create ssh keypair (org scoped)","tags":["Ssh"]}},"/ssh/{id}":{"delete":{"description":"Permanently deletes a keypair.","operationId":"DeleteSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete ssh keypair (org scoped)","tags":["Ssh"]},"get":{"description":"Returns public key fields. Append ` + "`" + `?reveal=true` + "`" + ` to include the private key PEM.","operationId":"GetSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Reveal private key PEM","in":"query","name":"reveal","schema":{"type":"boolean"}}],"responses":{"200":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/dto.SshResponse"},{"$ref":"#/components/schemas/dto.SshRevealResponse"}]}}},"description":"When reveal=true"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get ssh key by ID (org scoped)","tags":["Ssh"]}},"/ssh/{id}/download":{"get":{"description":"Download ` + "`" + `part=public|private|both` + "`" + ` of the keypair. ` + "`" + `both` + "`" + ` returns a zip file.","operationId":"DownloadSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","required":true,"schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Which part to download","in":"query","name":"part","required":true,"schema":{"enum":["public","private","both"],"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"file content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid part"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"download failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Download ssh key files by ID (org scoped)","tags":["Ssh"]}},"/taints":{"get":{"description":"Returns node taints for the organization in X-Org-ID. Filters: ` + "`" + `key` + "`" + `, ` + "`" + `value` + "`" + `, and ` + "`" + `q` + "`" + ` (key contains). Add ` + "`" + `include=node_pools` + "`" + ` to include linked node pools.","operationId":"ListTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pool taints (org scoped)","tags":["Taints"]},"post":{"description":"Creates a taint.","operationId":"CreateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateTaintRequest"}}},"description":"Taint payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node taint (org scoped)","tags":["Taints"]}},"/taints/{id}":{"delete":{"description":"Permanently deletes the taint.","operationId":"DeleteTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete taint (org scoped)","tags":["Taints"]},"get":{"operationId":"GetTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node taint by ID (org scoped)","tags":["Taints"]},"patch":{"description":"Partially update taint fields.","operationId":"UpdateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateTaintRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node taint (org scoped)","tags":["Taints"]}},"/version":{"get":{"description":"Returns build/runtime metadata for the running service.","operationId":"Version                 // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.VersionResponse"}}},"description":"OK"}},"summary":"Service version information","tags":["Meta"]}}},
     "openapi": "3.1.0",
     "servers": [
-        {"description":"Production API","url":"https://autoglue.onglueops.rocks/api/v1"},
+        {"description":"Production API","url":"https://autoglue.glueopshosted.com/api/v1"},
+        {"description":"Pre-Production API","url":"https://autoglue.glueopshosted.rocks/api/v1"},
         {"description":"Staging API","url":"https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1"},
         {"description":"Local dev","url":"http://localhost:8080/api/v1"}
     ]
@@ -20,7 +21,7 @@ const docTemplate = `{
 
 // SwaggerInfo holds exported Swagger Info so clients can modify it
 var SwaggerInfo = &swag.Spec{
-	Version:          "",
+	Version:          "dev",
 	Title:            "AutoGlue API",
 	Description:      "API for managing K3s clusters across cloud providers",
 	InfoInstanceName: "swagger",
diff --git a/docs/openapi.json b/docs/openapi.json
index 6ae00b9..e3d11d2 100644
--- a/docs/openapi.json
+++ b/docs/openapi.json
@@ -1,11 +1,12 @@
 {
-    "components": {"schemas":{"dto.AnnotationResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.AttachAnnotationsRequest":{"properties":{"annotation_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachBastionRequest":{"properties":{"server_id":{"type":"string"}},"type":"object"},"dto.AttachCaptainDomainRequest":{"properties":{"domain_id":{"type":"string"}},"type":"object"},"dto.AttachLabelsRequest":{"properties":{"label_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachLoadBalancerRequest":{"properties":{"load_balancer_id":{"type":"string"}},"type":"object"},"dto.AttachNodePoolRequest":{"properties":{"node_pool_id":{"type":"string"}},"type":"object"},"dto.AttachRecordSetRequest":{"properties":{"record_set_id":{"type":"string"}},"type":"object"},"dto.AttachServersRequest":{"properties":{"server_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachTaintsRequest":{"properties":{"taint_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AuthStartResponse":{"properties":{"auth_url":{"example":"https://accounts.google.com/o/oauth2/v2/auth?client_id=...","type":"string"}},"type":"object"},"dto.ClusterResponse":{"properties":{"apps_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"bastion_server":{"$ref":"#/components/schemas/dto.ServerResponse"},"captain_domain":{"$ref":"#/components/schemas/dto.DomainResponse"},"certificate_key":{"type":"string"},"control_plane_record_set":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"created_at":{"type":"string"},"glueops_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"node_pools":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array","uniqueItems":false},"provider":{"type":"string"},"random_token":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.CreateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateClusterRequest":{"properties":{"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.CreateCredentialRequest":{"properties":{"account_id":{"maxLength":32,"type":"string"},"kind":{"description":"aws_access_key, api_token, basic_auth, oauth2","type":"string"},"name":{"description":"human label","maxLength":100,"type":"string"},"provider":{"enum":["aws","cloudflare","hetzner","digitalocean","generic"],"type":"string"},"region":{"maxLength":32,"type":"string"},"schema_version":{"description":"secret schema version","minimum":1,"type":"integer"},"scope":{"description":"{\"service\":\"route53\"} or {\"arn\":\"...\"}","type":"object"},"scope_kind":{"enum":["provider","service","resource"],"type":"string"},"scope_version":{"description":"scope schema version","minimum":1,"type":"integer"},"secret":{"description":"encrypted later","type":"object"}},"required":["kind","provider","schema_version","scope","scope_kind","scope_version","secret"],"type":"object"},"dto.CreateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"required":["credential_id","domain_name"],"type":"object"},"dto.CreateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops","public"],"example":"public","type":"string"},"name":{"example":"glueops","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.CreateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.CreateRecordSetRequest":{"properties":{"name":{"description":"Name relative to domain (\"endpoint\") OR FQDN (\"endpoint.example.com\").\nServer normalizes to relative.","maxLength":253,"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"required":["name","type"],"type":"object"},"dto.CreateSSHRequest":{"properties":{"bits":{"description":"Only for RSA","type":"integer"},"comment":{"example":"deploy@autoglue","type":"string"},"name":{"type":"string"},"type":{"description":"\"rsa\" (default) or \"ed25519\"","type":"string"}},"type":"object"},"dto.CreateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.CreateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CredentialOut":{"properties":{"account_id":{"type":"string"},"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"},"schema_version":{"type":"integer"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"updated_at":{"type":"string"}},"type":"object"},"dto.DomainResponse":{"properties":{"created_at":{"type":"string"},"credential_id":{"type":"string"},"domain_name":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"organization_id":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"},"zone_id":{"type":"string"}},"type":"object"},"dto.EnqueueRequest":{"properties":{"payload":{"type":"object"},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-05T08:00:00Z","type":"string"},"type":{"example":"email.send","type":"string"}},"type":"object"},"dto.JWK":{"properties":{"alg":{"example":"RS256","type":"string"},"e":{"example":"AQAB","type":"string"},"kid":{"example":"7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345","type":"string"},"kty":{"example":"RSA","type":"string"},"n":{"type":"string"},"use":{"example":"sig","type":"string"},"x":{"type":"string"}},"type":"object"},"dto.JWKS":{"properties":{"keys":{"items":{"$ref":"#/components/schemas/dto.JWK"},"type":"array","uniqueItems":false}},"type":"object"},"dto.Job":{"properties":{"attempts":{"example":0,"type":"integer"},"created_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"id":{"example":"01HF7SZK8Z8WG1M3J7S2Z8M2N6","type":"string"},"last_error":{"example":"error message","type":"string"},"max_attempts":{"example":3,"type":"integer"},"payload":{},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"status":{"$ref":"#/components/schemas/dto.JobStatus"},"type":{"example":"email.send","type":"string"},"updated_at":{"example":"2025-11-04T09:30:00Z","type":"string"}},"type":"object"},"dto.JobStatus":{"enum":["queued|running|succeeded|failed|canceled|retrying|scheduled"],"example":"queued","type":"string","x-enum-varnames":["StatusQueued","StatusRunning","StatusSucceeded","StatusFailed","StatusCanceled","StatusRetrying","StatusScheduled"]},"dto.LabelResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.LoadBalancerResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.LogoutRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.NodePoolResponse":{"properties":{"annotations":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array","uniqueItems":false},"created_at":{"type":"string"},"id":{"type":"string"},"labels":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array","uniqueItems":false},"name":{"type":"string"},"organization_id":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"},"servers":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array","uniqueItems":false},"taints":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array","uniqueItems":false},"updated_at":{"type":"string"}},"type":"object"},"dto.PageJob":{"properties":{"items":{"items":{"$ref":"#/components/schemas/dto.Job"},"type":"array","uniqueItems":false},"page":{"example":1,"type":"integer"},"page_size":{"example":25,"type":"integer"},"total":{"example":120,"type":"integer"}},"type":"object"},"dto.QueueInfo":{"properties":{"failed":{"example":5,"type":"integer"},"name":{"example":"default","type":"string"},"pending":{"example":42,"type":"integer"},"running":{"example":3,"type":"integer"},"scheduled":{"example":7,"type":"integer"}},"type":"object"},"dto.RecordSetResponse":{"properties":{"created_at":{"type":"string"},"domain_id":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"owner":{"type":"string"},"status":{"type":"string"},"ttl":{"type":"integer"},"type":{"type":"string"},"updated_at":{"type":"string"},"values":{"description":"[]string JSON","type":"object"}},"type":"object"},"dto.RefreshRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.ServerResponse":{"properties":{"created_at":{"type":"string"},"hostname":{"type":"string"},"id":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SetKubeconfigRequest":{"properties":{"kubeconfig":{"type":"string"}},"type":"object"},"dto.SshResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SshRevealResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_key":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.TaintResponse":{"properties":{"created_at":{"type":"string"},"effect":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.TokenPair":{"properties":{"access_token":{"example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij...","type":"string"},"expires_in":{"example":3600,"type":"integer"},"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf....","type":"string"},"token_type":{"example":"Bearer","type":"string"}},"type":"object"},"dto.UpdateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateClusterRequest":{"properties":{"name":{"type":"string"},"provider":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.UpdateCredentialRequest":{"properties":{"account_id":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"secret":{"description":"set if rotating","type":"object"}},"type":"object"},"dto.UpdateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"type":"object"},"dto.UpdateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops","public"],"example":"public","type":"string"},"name":{"example":"glue","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.UpdateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.UpdateRecordSetRequest":{"properties":{"name":{"description":"Any change flips status back to pending (worker will UPSERT)","maxLength":253,"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.UpdateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.UpdateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"handlers.HealthStatus":{"properties":{"status":{"example":"ok","type":"string"}},"type":"object"},"handlers.VersionResponse":{"properties":{"built":{"example":"2025-11-08T12:34:56Z","type":"string"},"builtBy":{"example":"ci","type":"string"},"commit":{"example":"a1b2c3d","type":"string"},"commitTime":{"example":"2025-11-08T12:31:00Z","type":"string"},"go":{"example":"go1.23.3","type":"string"},"goArch":{"example":"amd64","type":"string"},"goOS":{"example":"linux","type":"string"},"modified":{"example":false,"type":"boolean"},"revision":{"example":"a1b2c3d4e5f6abcdef","type":"string"},"vcs":{"example":"git","type":"string"},"version":{"example":"1.4.2","type":"string"}},"type":"object"},"handlers.createUserKeyRequest":{"properties":{"expires_in_hours":{"description":"optional TTL","type":"integer"},"name":{"type":"string"}},"type":"object"},"handlers.meResponse":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"emails":{"items":{"$ref":"#/components/schemas/models.UserEmail"},"type":"array","uniqueItems":false},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"organizations":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array","uniqueItems":false},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"handlers.memberOut":{"properties":{"email":{"type":"string"},"role":{"description":"owner/admin/member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.memberUpsertReq":{"properties":{"role":{"example":"member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.orgCreateReq":{"properties":{"domain":{"example":"acme.com","type":"string"},"name":{"example":"Acme Corp","type":"string"}},"type":"object"},"handlers.orgKeyCreateReq":{"properties":{"expires_in_hours":{"example":720,"type":"integer"},"name":{"example":"automation-bot","type":"string"}},"type":"object"},"handlers.orgKeyCreateResp":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"org_key":{"description":"shown once:","type":"string"},"org_secret":{"description":"shown once:","type":"string"},"scope":{"description":"\"org\"","type":"string"}},"type":"object"},"handlers.orgUpdateReq":{"properties":{"domain":{"type":"string"},"name":{"type":"string"}},"type":"object"},"handlers.updateMeRequest":{"properties":{"display_name":{"type":"string"}},"type":"object"},"handlers.userAPIKeyOut":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"type":"string"},"name":{"type":"string"},"plain":{"description":"Shown only on create:","type":"string"},"scope":{"description":"\"user\"","type":"string"}},"type":"object"},"models.APIKey":{"properties":{"created_at":{"format":"date-time","type":"string"},"expires_at":{"format":"date-time","type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"format":"date-time","type":"string"},"name":{"type":"string"},"org_id":{"format":"uuid","type":"string"},"prefix":{"type":"string"},"revoked":{"type":"boolean"},"scope":{"type":"string"},"updated_at":{"format":"date-time","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"models.Organization":{"properties":{"created_at":{"format":"date-time","type":"string"},"domain":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"name":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.User":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.UserEmail":{"properties":{"created_at":{"format":"date-time","type":"string"},"email":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_primary":{"type":"boolean"},"is_verified":{"type":"boolean"},"updated_at":{"format":"date-time","type":"string"},"user":{"$ref":"#/components/schemas/models.User"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"utils.ErrorResponse":{"properties":{"code":{"description":"A machine-readable error code, e.g. \"validation_error\"\nexample: validation_error","type":"string"},"message":{"description":"Human-readable message\nexample: slug is required","type":"string"}},"type":"object"}},"securitySchemes":{"ApiKeyAuth":{"description":"User API key","in":"header","name":"X-API-KEY","type":"apiKey"},"BearerAuth":{"description":"Bearer token authentication","in":"header","name":"Authorization","type":"apiKey"},"OrgKeyAuth":{"description":"Org-level key/secret authentication","in":"header","name":"X-ORG-KEY","type":"apiKey"},"OrgSecretAuth":{"description":"Org-level secret","in":"header","name":"X-ORG-SECRET","type":"apiKey"}}},
-    "info": {"contact":{"name":"GlueOps"},"description":"API for managing K3s clusters across cloud providers","title":"AutoGlue API","version":""},
+    "components": {"schemas":{"dto.AnnotationResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.AttachAnnotationsRequest":{"properties":{"annotation_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachBastionRequest":{"properties":{"server_id":{"type":"string"}},"type":"object"},"dto.AttachCaptainDomainRequest":{"properties":{"domain_id":{"type":"string"}},"type":"object"},"dto.AttachLabelsRequest":{"properties":{"label_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachLoadBalancerRequest":{"properties":{"load_balancer_id":{"type":"string"}},"type":"object"},"dto.AttachNodePoolRequest":{"properties":{"node_pool_id":{"type":"string"}},"type":"object"},"dto.AttachRecordSetRequest":{"properties":{"record_set_id":{"type":"string"}},"type":"object"},"dto.AttachServersRequest":{"properties":{"server_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AttachTaintsRequest":{"properties":{"taint_ids":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.AuthStartResponse":{"properties":{"auth_url":{"example":"https://accounts.google.com/o/oauth2/v2/auth?client_id=...","type":"string"}},"type":"object"},"dto.ClusterResponse":{"properties":{"apps_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"bastion_server":{"$ref":"#/components/schemas/dto.ServerResponse"},"captain_domain":{"$ref":"#/components/schemas/dto.DomainResponse"},"certificate_key":{"type":"string"},"cluster_provider":{"type":"string"},"control_plane_fqdn":{"type":"string"},"control_plane_record_set":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"created_at":{"type":"string"},"glueops_load_balancer":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"node_pools":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array","uniqueItems":false},"random_token":{"type":"string"},"region":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.CreateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateClusterRequest":{"properties":{"cluster_provider":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.CreateCredentialRequest":{"properties":{"account_id":{"maxLength":32,"type":"string"},"credential_provider":{"enum":["aws","cloudflare","hetzner","digitalocean","generic"],"type":"string"},"kind":{"description":"aws_access_key, api_token, basic_auth, oauth2","type":"string"},"name":{"description":"human label","maxLength":100,"type":"string"},"region":{"maxLength":32,"type":"string"},"schema_version":{"description":"secret schema version","minimum":1,"type":"integer"},"scope":{"description":"{\"service\":\"route53\"} or {\"arn\":\"...\"}","type":"object"},"scope_kind":{"enum":["credential_provider","service","resource"],"type":"string"},"scope_version":{"description":"scope schema version","minimum":1,"type":"integer"},"secret":{"description":"encrypted later","type":"object"}},"required":["credential_provider","kind","schema_version","scope","scope_kind","scope_version","secret"],"type":"object"},"dto.CreateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"required":["credential_id","domain_name"],"type":"object"},"dto.CreateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CreateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops","public"],"example":"public","type":"string"},"name":{"example":"glueops","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.CreateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.CreateRecordSetRequest":{"properties":{"name":{"description":"Name relative to domain (\"endpoint\") OR FQDN (\"endpoint.example.com\").\nServer normalizes to relative.","maxLength":253,"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"required":["name","type"],"type":"object"},"dto.CreateSSHRequest":{"properties":{"bits":{"description":"Only for RSA","type":"integer"},"comment":{"example":"deploy@autoglue","type":"string"},"name":{"type":"string"},"type":{"description":"\"rsa\" (default) or \"ed25519\"","type":"string"}},"type":"object"},"dto.CreateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.CreateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.CredentialOut":{"properties":{"account_id":{"type":"string"},"created_at":{"type":"string"},"credential_provider":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"schema_version":{"type":"integer"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"updated_at":{"type":"string"}},"type":"object"},"dto.DomainResponse":{"properties":{"created_at":{"type":"string"},"credential_id":{"type":"string"},"domain_name":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"organization_id":{"type":"string"},"status":{"type":"string"},"updated_at":{"type":"string"},"zone_id":{"type":"string"}},"type":"object"},"dto.EnqueueRequest":{"properties":{"payload":{"type":"object"},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-05T08:00:00Z","type":"string"},"type":{"example":"email.send","type":"string"}},"type":"object"},"dto.JWK":{"properties":{"alg":{"example":"RS256","type":"string"},"e":{"example":"AQAB","type":"string"},"kid":{"example":"7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345","type":"string"},"kty":{"example":"RSA","type":"string"},"n":{"type":"string"},"use":{"example":"sig","type":"string"},"x":{"type":"string"}},"type":"object"},"dto.JWKS":{"properties":{"keys":{"items":{"$ref":"#/components/schemas/dto.JWK"},"type":"array","uniqueItems":false}},"type":"object"},"dto.Job":{"properties":{"attempts":{"example":0,"type":"integer"},"created_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"id":{"example":"01HF7SZK8Z8WG1M3J7S2Z8M2N6","type":"string"},"last_error":{"example":"error message","type":"string"},"max_attempts":{"example":3,"type":"integer"},"payload":{},"queue":{"example":"default","type":"string"},"run_at":{"example":"2025-11-04T09:30:00Z","type":"string"},"status":{"$ref":"#/components/schemas/dto.JobStatus"},"type":{"example":"email.send","type":"string"},"updated_at":{"example":"2025-11-04T09:30:00Z","type":"string"}},"type":"object"},"dto.JobStatus":{"enum":["queued|running|succeeded|failed|canceled|retrying|scheduled"],"example":"queued","type":"string","x-enum-varnames":["StatusQueued","StatusRunning","StatusSucceeded","StatusFailed","StatusCanceled","StatusRetrying","StatusScheduled"]},"dto.LabelResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.LoadBalancerResponse":{"properties":{"created_at":{"type":"string"},"id":{"type":"string"},"kind":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.LogoutRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.NodePoolResponse":{"properties":{"annotations":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array","uniqueItems":false},"created_at":{"type":"string"},"id":{"type":"string"},"labels":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array","uniqueItems":false},"name":{"type":"string"},"organization_id":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"},"servers":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array","uniqueItems":false},"taints":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array","uniqueItems":false},"updated_at":{"type":"string"}},"type":"object"},"dto.PageJob":{"properties":{"items":{"items":{"$ref":"#/components/schemas/dto.Job"},"type":"array","uniqueItems":false},"page":{"example":1,"type":"integer"},"page_size":{"example":25,"type":"integer"},"total":{"example":120,"type":"integer"}},"type":"object"},"dto.QueueInfo":{"properties":{"failed":{"example":5,"type":"integer"},"name":{"example":"default","type":"string"},"pending":{"example":42,"type":"integer"},"running":{"example":3,"type":"integer"},"scheduled":{"example":7,"type":"integer"}},"type":"object"},"dto.RecordSetResponse":{"properties":{"created_at":{"type":"string"},"domain_id":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"last_error":{"type":"string"},"name":{"type":"string"},"owner":{"type":"string"},"status":{"type":"string"},"ttl":{"type":"integer"},"type":{"type":"string"},"updated_at":{"type":"string"},"values":{"description":"[]string JSON","type":"object"}},"type":"object"},"dto.RefreshRequest":{"properties":{"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf...","type":"string"}},"type":"object"},"dto.ServerResponse":{"properties":{"created_at":{"type":"string"},"hostname":{"type":"string"},"id":{"type":"string"},"organization_id":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SetKubeconfigRequest":{"properties":{"kubeconfig":{"type":"string"}},"type":"object"},"dto.SshResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.SshRevealResponse":{"properties":{"created_at":{"type":"string"},"fingerprint":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"organization_id":{"type":"string"},"private_key":{"type":"string"},"public_key":{"type":"string"},"updated_at":{"type":"string"}},"type":"object"},"dto.TaintResponse":{"properties":{"created_at":{"type":"string"},"effect":{"type":"string"},"id":{"type":"string"},"key":{"type":"string"},"organization_id":{"type":"string"},"updated_at":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.TokenPair":{"properties":{"access_token":{"example":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij...","type":"string"},"expires_in":{"example":3600,"type":"integer"},"refresh_token":{"example":"m0l9o8rT3t0V8d3eFf....","type":"string"},"token_type":{"example":"Bearer","type":"string"}},"type":"object"},"dto.UpdateAnnotationRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateClusterRequest":{"properties":{"cluster_provider":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"}},"type":"object"},"dto.UpdateCredentialRequest":{"properties":{"account_id":{"type":"string"},"name":{"type":"string"},"region":{"type":"string"},"scope":{"type":"object"},"scope_kind":{"type":"string"},"scope_version":{"type":"integer"},"secret":{"description":"set if rotating","type":"object"}},"type":"object"},"dto.UpdateDomainRequest":{"properties":{"credential_id":{"type":"string"},"domain_name":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"zone_id":{"maxLength":128,"type":"string"}},"type":"object"},"dto.UpdateLabelRequest":{"properties":{"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"dto.UpdateLoadBalancerRequest":{"properties":{"kind":{"enum":["glueops","public"],"example":"public","type":"string"},"name":{"example":"glue","type":"string"},"private_ip_address":{"example":"192.168.0.2","type":"string"},"public_ip_address":{"example":"8.8.8.8","type":"string"}},"type":"object"},"dto.UpdateNodePoolRequest":{"properties":{"name":{"type":"string"},"role":{"enum":["master","worker"],"type":"string"}},"type":"object"},"dto.UpdateRecordSetRequest":{"properties":{"name":{"description":"Any change flips status back to pending (worker will UPSERT)","maxLength":253,"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"type":"string"},"ttl":{"maximum":86400,"minimum":1,"type":"integer"},"type":{"type":"string"},"values":{"items":{"type":"string"},"type":"array","uniqueItems":false}},"type":"object"},"dto.UpdateServerRequest":{"properties":{"hostname":{"type":"string"},"private_ip_address":{"type":"string"},"public_ip_address":{"type":"string"},"role":{"enum":["master","worker","bastion"],"example":"master|worker|bastion","type":"string"},"ssh_key_id":{"type":"string"},"ssh_user":{"type":"string"},"status":{"enum":["pending","provisioning","ready","failed"],"example":"pending|provisioning|ready|failed","type":"string"}},"type":"object"},"dto.UpdateTaintRequest":{"properties":{"effect":{"type":"string"},"key":{"type":"string"},"value":{"type":"string"}},"type":"object"},"handlers.HealthStatus":{"properties":{"status":{"example":"ok","type":"string"}},"type":"object"},"handlers.VersionResponse":{"properties":{"built":{"example":"2025-11-08T12:34:56Z","type":"string"},"builtBy":{"example":"ci","type":"string"},"commit":{"example":"a1b2c3d","type":"string"},"commitTime":{"example":"2025-11-08T12:31:00Z","type":"string"},"go":{"example":"go1.23.3","type":"string"},"goArch":{"example":"amd64","type":"string"},"goOS":{"example":"linux","type":"string"},"modified":{"example":false,"type":"boolean"},"revision":{"example":"a1b2c3d4e5f6abcdef","type":"string"},"vcs":{"example":"git","type":"string"},"version":{"example":"1.4.2","type":"string"}},"type":"object"},"handlers.createUserKeyRequest":{"properties":{"expires_in_hours":{"description":"optional TTL","type":"integer"},"name":{"type":"string"}},"type":"object"},"handlers.meResponse":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"emails":{"items":{"$ref":"#/components/schemas/models.UserEmail"},"type":"array","uniqueItems":false},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"organizations":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array","uniqueItems":false},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"handlers.memberOut":{"properties":{"email":{"type":"string"},"role":{"description":"owner/admin/member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.memberUpsertReq":{"properties":{"role":{"example":"member","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"handlers.orgCreateReq":{"properties":{"domain":{"example":"acme.com","type":"string"},"name":{"example":"Acme Corp","type":"string"}},"type":"object"},"handlers.orgKeyCreateReq":{"properties":{"expires_in_hours":{"example":720,"type":"integer"},"name":{"example":"automation-bot","type":"string"}},"type":"object"},"handlers.orgKeyCreateResp":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"org_key":{"description":"shown once:","type":"string"},"org_secret":{"description":"shown once:","type":"string"},"scope":{"description":"\"org\"","type":"string"}},"type":"object"},"handlers.orgUpdateReq":{"properties":{"domain":{"type":"string"},"name":{"type":"string"}},"type":"object"},"handlers.updateMeRequest":{"properties":{"display_name":{"type":"string"}},"type":"object"},"handlers.userAPIKeyOut":{"properties":{"created_at":{"type":"string"},"expires_at":{"type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"type":"string"},"name":{"type":"string"},"plain":{"description":"Shown only on create:","type":"string"},"scope":{"description":"\"user\"","type":"string"}},"type":"object"},"models.APIKey":{"properties":{"created_at":{"format":"date-time","type":"string"},"expires_at":{"format":"date-time","type":"string"},"id":{"format":"uuid","type":"string"},"last_used_at":{"format":"date-time","type":"string"},"name":{"type":"string"},"org_id":{"format":"uuid","type":"string"},"prefix":{"type":"string"},"revoked":{"type":"boolean"},"scope":{"type":"string"},"updated_at":{"format":"date-time","type":"string"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"models.Organization":{"properties":{"created_at":{"format":"date-time","type":"string"},"domain":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"name":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.User":{"properties":{"avatar_url":{"type":"string"},"created_at":{"format":"date-time","type":"string"},"display_name":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_admin":{"type":"boolean"},"is_disabled":{"type":"boolean"},"primary_email":{"type":"string"},"updated_at":{"format":"date-time","type":"string"}},"type":"object"},"models.UserEmail":{"properties":{"created_at":{"format":"date-time","type":"string"},"email":{"type":"string"},"id":{"description":"example: 3fa85f64-5717-4562-b3fc-2c963f66afa6","format":"uuid","type":"string"},"is_primary":{"type":"boolean"},"is_verified":{"type":"boolean"},"updated_at":{"format":"date-time","type":"string"},"user":{"$ref":"#/components/schemas/models.User"},"user_id":{"format":"uuid","type":"string"}},"type":"object"},"utils.ErrorResponse":{"properties":{"code":{"description":"A machine-readable error code, e.g. \"validation_error\"\nexample: validation_error","type":"string"},"message":{"description":"Human-readable message\nexample: slug is required","type":"string"}},"type":"object"}},"securitySchemes":{"ApiKeyAuth":{"description":"User API key","in":"header","name":"X-API-KEY","type":"apiKey"},"BearerAuth":{"description":"Bearer token authentication","in":"header","name":"Authorization","type":"apiKey"},"OrgKeyAuth":{"description":"Org-level key/secret authentication","in":"header","name":"X-ORG-KEY","type":"apiKey"},"OrgSecretAuth":{"description":"Org-level secret","in":"header","name":"X-ORG-SECRET","type":"apiKey"}}},
+    "info": {"contact":{"name":"GlueOps"},"description":"API for managing K3s clusters across cloud providers","title":"AutoGlue API","version":"dev"},
     "externalDocs": {"description":"","url":""},
-    "paths": {"/.well-known/jwks.json":{"get":{"description":"Returns the JSON Web Key Set for token verification","operationId":"getJWKS","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.JWKS"}}},"description":"OK"}},"summary":"Get JWKS","tags":["Auth"]}},"/admin/archer/jobs":{"get":{"description":"Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).","operationId":"AdminListArcherJobs","parameters":[{"description":"Filter by status","in":"query","name":"status","schema":{"enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"type":"string"}},{"description":"Filter by queue name / worker name","in":"query","name":"queue","schema":{"type":"string"}},{"description":"Free-text search","in":"query","name":"q","schema":{"type":"string"}},{"description":"Page number","in":"query","name":"page","schema":{"default":1,"type":"integer"}},{"description":"Items per page","in":"query","name":"page_size","schema":{"default":25,"maximum":100,"minimum":1,"type":"integer"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.PageJob"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer jobs (admin)","tags":["ArcherAdmin"]},"post":{"description":"Create a job immediately or schedule it for the future via `run_at`.","operationId":"AdminEnqueueArcherJob","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.EnqueueRequest"}}},"description":"Job parameters","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json or missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"Enqueue a new Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/cancel":{"post":{"description":"Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.","operationId":"AdminCancelArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not cancellable"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Cancel an Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/retry":{"post":{"description":"Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.","operationId":"AdminRetryArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not eligible"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Retry a failed/canceled Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/queues":{"get":{"description":"Summary metrics per queue (pending, running, failed, scheduled).","operationId":"AdminListArcherQueues","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.QueueInfo"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer queues (admin)","tags":["ArcherAdmin"]}},"/annotations":{"get":{"description":"Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.","operationId":"ListAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list annotations"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations (org scoped)","tags":["Annotations"]},"post":{"description":"Creates an annotation.","operationId":"CreateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateAnnotationRequest"}}},"description":"Annotation payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create annotation (org scoped)","tags":["Annotations"]}},"/annotations/{id}":{"delete":{"description":"Permanently deletes the annotation.","operationId":"DeleteAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete annotation (org scoped)","tags":["Annotations"]},"get":{"description":"Returns one annotation. Add `include=node_pools` to include node pools.","operationId":"GetAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get annotation by ID (org scoped)","tags":["Annotations"]},"patch":{"description":"Partially update annotation fields.","operationId":"UpdateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateAnnotationRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update annotation (org scoped)","tags":["Annotations"]}},"/auth/logout":{"post":{"operationId":"Logout","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LogoutRequest"}}},"description":"Refresh token","required":true},"responses":{"204":{"description":"No Content"}},"summary":"Revoke refresh token family (logout everywhere)","tags":["Auth"]}},"/auth/refresh":{"post":{"operationId":"Refresh","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RefreshRequest"}}},"description":"Refresh token","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Rotate refresh token","tags":["Auth"]}},"/auth/{provider}/callback":{"get":{"operationId":"AuthCallback","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Handle social login callback","tags":["Auth"]}},"/auth/{provider}/start":{"post":{"description":"Returns provider authorization URL for the frontend to redirect","operationId":"AuthStart","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AuthStartResponse"}}},"description":"OK"}},"summary":"Begin social login","tags":["Auth"]}},"/clusters":{"get":{"description":"Returns clusters for the organization in X-Org-ID. Filter by `q` (name contains).","operationId":"ListClusters","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ClusterResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List clusters (org scoped)","tags":["Clusters"]},"post":{"description":"Creates a cluster. Status is managed by the system and starts as `pre_pending` for validation.","operationId":"CreateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateClusterRequest"}}},"description":"payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create cluster (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}":{"delete":{"description":"Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).","operationId":"DeleteCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"deleted"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a cluster (org scoped)","tags":["Clusters"]},"get":{"description":"Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).","operationId":"GetCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a single cluster by ID (org scoped)","tags":["Clusters"]},"patch":{"description":"Updates the cluster name, provider, and/or region. Status is managed by the system.","operationId":"UpdateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateClusterRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update basic cluster details (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}/apps-load-balancer":{"delete":{"description":"Clears apps_load_balancer_id on the cluster.","operationId":"DetachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the apps load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets apps_load_balancer_id on the cluster.","operationId":"AttachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach an apps load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/bastion":{"delete":{"description":"Clears bastion_server_id on the cluster.","operationId":"DetachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the bastion server from a cluster","tags":["Clusters"]},"post":{"description":"Sets bastion_server_id on the cluster.","operationId":"AttachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachBastionRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or server not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a bastion server to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/captain-domain":{"delete":{"description":"Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.","operationId":"DetachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the captain domain from a cluster","tags":["Clusters"]},"post":{"description":"Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.","operationId":"AttachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachCaptainDomainRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or domain not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a captain domain to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/control-plane-record-set":{"delete":{"description":"Clears control_plane_record_set_id on the cluster.","operationId":"DetachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the control plane record set from a cluster","tags":["Clusters"]},"post":{"description":"Sets control_plane_record_set_id on the cluster.","operationId":"AttachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachRecordSetRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or record set not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a control plane record set to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/glueops-load-balancer":{"delete":{"description":"Clears glueops_load_balancer_id on the cluster.","operationId":"DetachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the GlueOps/control-plane load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets glueops_load_balancer_id on the cluster.","operationId":"AttachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a GlueOps/control-plane load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/kubeconfig":{"delete":{"description":"Removes the encrypted kubeconfig, IV, and tag from the cluster record.","operationId":"ClearClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Clear the kubeconfig for a cluster","tags":["Clusters"]},"post":{"description":"Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.","operationId":"SetClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SetKubeconfigRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Set (or replace) the kubeconfig for a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/node-pools":{"post":{"description":"Adds an entry in the cluster_node_pools join table.","operationId":"AttachNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachNodePoolRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or node pool not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a node pool to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/node-pools/{nodePoolID}":{"delete":{"description":"Removes an entry from the cluster_node_pools join table.","operationId":"DetachNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}},{"description":"Node Pool ID","in":"path","name":"nodePoolID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or node pool not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach a node pool from a cluster","tags":["Clusters"]}},"/credentials":{"get":{"description":"Returns credential metadata for the current org. Secrets are never returned.","operationId":"ListCredentials","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by provider (e.g., aws)","in":"query","name":"provider","schema":{"type":"string"}},{"description":"Filter by kind (e.g., aws_access_key)","in":"query","name":"kind","schema":{"type":"string"}},{"description":"Filter by scope kind (provider/service/resource)","in":"query","name":"scope_kind","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.CredentialOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List credentials (metadata only)","tags":["Credentials"]},"post":{"operationId":"CreateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateCredentialRequest"}}},"description":"Credential payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a credential (encrypts secret)","tags":["Credentials"]}},"/credentials/{id}":{"delete":{"operationId":"DeleteCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete credential","tags":["Credentials"]},"get":{"operationId":"GetCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get credential by ID (metadata only)","tags":["Credentials"]},"patch":{"operationId":"UpdateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateCredentialRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"X-Org-ID required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update credential metadata and/or rotate secret","tags":["Credentials"]}},"/credentials/{id}/reveal":{"post":{"operationId":"RevealCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"additionalProperties":{},"type":"object"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reveal decrypted secret (one-time read)","tags":["Credentials"]}},"/dns/domains":{"get":{"description":"Returns domains for X-Org-ID. Filters: `domain_name`, `status`, `q` (contains).","operationId":"ListDomains","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact domain name (lowercase, no trailing dot)","in":"query","name":"domain_name","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}},{"description":"Domain contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.DomainResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List domains (org scoped)","tags":["DNS"]},"post":{"description":"Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.","operationId":"CreateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateDomainRequest"}}},"description":"Domain payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a domain (org scoped)","tags":["DNS"]}},"/dns/domains/{domain_id}/records":{"get":{"description":"Filters: `name`, `type`, `status`.","operationId":"ListRecordSets","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}},{"description":"Exact relative name or FQDN (server normalizes)","in":"query","name":"name","schema":{"type":"string"}},{"description":"RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)","in":"query","name":"type","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"type":"array"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List record sets for a domain","tags":["DNS"]},"post":{"operationId":"CreateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateRecordSetRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a record set (pending; Archer will UPSERT to Route 53)","tags":["DNS"]}},"/dns/domains/{id}":{"delete":{"operationId":"DeleteDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a domain","tags":["DNS"]},"get":{"operationId":"GetDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a domain (org scoped)","tags":["DNS"]},"patch":{"operationId":"UpdateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateDomainRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a domain (org scoped)","tags":["DNS"]}},"/dns/records/{id}":{"delete":{"operationId":"DeleteRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a record set (API removes row; worker can optionally handle external deletion policy)","tags":["DNS"]},"patch":{"operationId":"UpdateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateRecordSetRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a record set (flips to pending for reconciliation)","tags":["DNS"]}},"/healthz":{"get":{"description":"Returns 200 OK when the service is up","operationId":"HealthCheck               // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.HealthStatus"}}},"description":"OK"}},"summary":"Basic health check","tags":["Health"]}},"/labels":{"get":{"description":"Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.","operationId":"ListLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"Key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node labels (org scoped)","tags":["Labels"]},"post":{"description":"Creates a label.","operationId":"CreateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLabelRequest"}}},"description":"Label payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create label (org scoped)","tags":["Labels"]}},"/labels/{id}":{"delete":{"description":"Permanently deletes the label.","operationId":"DeleteLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete label (org scoped)","tags":["Labels"]},"get":{"description":"Returns one label.","operationId":"GetLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get label by ID (org scoped)","tags":["Labels"]},"patch":{"description":"Partially update label fields.","operationId":"UpdateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLabelRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update label (org scoped)","tags":["Labels"]}},"/load-balancers":{"get":{"description":"Returns load balancers for the organization in X-Org-ID.","operationId":"ListLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List load balancers (org scoped)","tags":["LoadBalancers"]},"post":{"operationId":"CreateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLoadBalancerRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a load balancer","tags":["LoadBalancers"]}},"/load-balancers/{id}":{"delete":{"operationId":"DeleteLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a load balancer","tags":["LoadBalancers"]},"get":{"description":"Returns load balancer for the organization in X-Org-ID.","operationId":"GetLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"LoadBalancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a load balancer (org scoped)","tags":["LoadBalancers"]},"patch":{"operationId":"UpdateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLoadBalancerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a load balancer (org scoped)","tags":["LoadBalancers"]}},"/me":{"get":{"operationId":"GetMe","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.meResponse"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Get current user profile","tags":["Me"]},"patch":{"operationId":"UpdateMe","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.updateMeRequest"}}},"description":"Patch profile","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.User"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Update current user profile","tags":["Me"]}},"/me/api-keys":{"get":{"operationId":"ListUserAPIKeys","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"},"type":"array"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"List my API keys","tags":["MeAPIKeys"]},"post":{"description":"Returns the plaintext key once. Store it securely on the client side.","operationId":"CreateUserAPIKey","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.createUserKeyRequest"}}},"description":"Key options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"}}},"description":"Created"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Create a new user API key","tags":["MeAPIKeys"]}},"/me/api-keys/{id}":{"delete":{"operationId":"DeleteUserAPIKey","parameters":[{"description":"Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"}},"security":[{"BearerAuth":[]}],"summary":"Delete a user API key","tags":["MeAPIKeys"]}},"/node-pools":{"get":{"description":"Returns node pools for the organization in X-Org-ID.","operationId":"ListNodePools","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node pools"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pools (org scoped)","tags":["NodePools"]},"post":{"description":"Creates a node pool. Optionally attach initial servers.","operationId":"CreateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateNodePoolRequest"}}},"description":"NodePool payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}":{"delete":{"description":"Permanently deletes the node pool.","operationId":"DeleteNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete node pool (org scoped)","tags":["NodePools"]},"get":{"description":"Returns one node pool. Add `include=servers` to include servers.","operationId":"GetNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node pool by ID (org scoped)","tags":["NodePools"]},"patch":{"description":"Partially update node pool fields.","operationId":"UpdateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateNodePoolRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations":{"get":{"operationId":"ListNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Group ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachAnnotationsRequest"}}},"description":"Annotation IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach annotation to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations/{annotationId}":{"delete":{"operationId":"DetachNodePoolAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"annotationId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one annotation from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels":{"get":{"operationId":"ListNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List labels attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLabelsRequest"}}},"description":"Label IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach labels to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels/{labelId}":{"delete":{"operationId":"DetachNodePoolLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"labelId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one label from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers":{"get":{"operationId":"ListNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachServersRequest"}}},"description":"Server IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach servers to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers/{serverId}":{"delete":{"operationId":"DetachNodePoolServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"serverId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one server from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints":{"get":{"operationId":"ListNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List taints attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachTaintsRequest"}}},"description":"Taint IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid taint_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach taints to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints/{taintId}":{"delete":{"operationId":"DetachNodePoolTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Taint ID (UUID)","in":"path","name":"taintId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one taint from a node pool (org scoped)","tags":["NodePools"]}},"/orgs":{"get":{"operationId":"listMyOrgs","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List organizations I belong to","tags":["Orgs"]},"post":{"operationId":"createOrg","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgCreateReq"}}},"description":"Org payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Bad Request"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Conflict"}},"security":[{"BearerAuth":[]}],"summary":"Create organization","tags":["Orgs"]}},"/orgs/{id}":{"delete":{"operationId":"deleteOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Delete organization (owner)","tags":["Orgs"]},"get":{"operationId":"getOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Get organization","tags":["Orgs"]},"patch":{"operationId":"updateOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgUpdateReq"}}},"description":"Update payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Update organization (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys":{"get":{"operationId":"listOrgKeys","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.APIKey"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List org-scoped API keys (no secrets)","tags":["Orgs"]},"post":{"operationId":"createOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateReq"}}},"description":"Key name + optional expiry","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateResp"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Create org key/secret pair (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys/{key_id}":{"delete":{"operationId":"deleteOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Key ID (UUID)","in":"path","name":"key_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Delete org key (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members":{"get":{"operationId":"listMembers","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.memberOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List members in org","tags":["Orgs"]},"post":{"operationId":"addOrUpdateMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberUpsertReq"}}},"description":"User \u0026 role","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Add or update a member (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members/{user_id}":{"delete":{"operationId":"removeMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"User ID (UUID)","in":"path","name":"user_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Removed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Remove a member (owner/admin)","tags":["Orgs"]}},"/servers":{"get":{"description":"Returns servers for the organization in X-Org-ID. Optional filters: status, role.","operationId":"ListServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by status (pending|provisioning|ready|failed)","in":"query","name":"status","schema":{"type":"string"}},{"description":"Filter by role","in":"query","name":"role","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list servers"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers (org scoped)","tags":["Servers"]},"post":{"description":"Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.","operationId":"CreateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateServerRequest"}}},"description":"Server payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create server (org scoped)","tags":["Servers"]}},"/servers/{id}":{"delete":{"description":"Permanently deletes the server.","operationId":"DeleteServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete server (org scoped)","tags":["Servers"]},"get":{"description":"Returns one server in the given organization.","operationId":"GetServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get server by ID (org scoped)","tags":["Servers"]},"patch":{"description":"Partially update fields; changing ssh_key_id validates ownership.","operationId":"UpdateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateServerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update server (org scoped)","tags":["Servers"]}},"/servers/{id}/reset-hostkey":{"post":{"description":"Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).","operationId":"ResetServerHostKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"reset failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reset SSH host key (org scoped)","tags":["Servers"]}},"/ssh":{"get":{"description":"Returns ssh keys for the organization in X-Org-ID.","operationId":"ListPublicSshKeys","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.SshResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list keys"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List ssh keys (org scoped)","tags":["Ssh"]},"post":{"description":"Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.","operationId":"CreateSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateSSHRequest"}}},"description":"Key generation options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SshResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / invalid bits"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"generation/create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create ssh keypair (org scoped)","tags":["Ssh"]}},"/ssh/{id}":{"delete":{"description":"Permanently deletes a keypair.","operationId":"DeleteSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete ssh keypair (org scoped)","tags":["Ssh"]},"get":{"description":"Returns public key fields. Append `?reveal=true` to include the private key PEM.","operationId":"GetSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Reveal private key PEM","in":"query","name":"reveal","schema":{"type":"boolean"}}],"responses":{"200":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/dto.SshResponse"},{"$ref":"#/components/schemas/dto.SshRevealResponse"}]}}},"description":"When reveal=true"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get ssh key by ID (org scoped)","tags":["Ssh"]}},"/ssh/{id}/download":{"get":{"description":"Download `part=public|private|both` of the keypair. `both` returns a zip file.","operationId":"DownloadSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","required":true,"schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Which part to download","in":"query","name":"part","required":true,"schema":{"enum":["public","private","both"],"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"file content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid part"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"download failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Download ssh key files by ID (org scoped)","tags":["Ssh"]}},"/taints":{"get":{"description":"Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.","operationId":"ListTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pool taints (org scoped)","tags":["Taints"]},"post":{"description":"Creates a taint.","operationId":"CreateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateTaintRequest"}}},"description":"Taint payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node taint (org scoped)","tags":["Taints"]}},"/taints/{id}":{"delete":{"description":"Permanently deletes the taint.","operationId":"DeleteTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete taint (org scoped)","tags":["Taints"]},"get":{"operationId":"GetTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node taint by ID (org scoped)","tags":["Taints"]},"patch":{"description":"Partially update taint fields.","operationId":"UpdateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateTaintRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node taint (org scoped)","tags":["Taints"]}},"/version":{"get":{"description":"Returns build/runtime metadata for the running service.","operationId":"Version                 // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.VersionResponse"}}},"description":"OK"}},"summary":"Service version information","tags":["Meta"]}}},
+    "paths": {"/.well-known/jwks.json":{"get":{"description":"Returns the JSON Web Key Set for token verification","operationId":"getJWKS","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.JWKS"}}},"description":"OK"}},"summary":"Get JWKS","tags":["Auth"]}},"/admin/archer/jobs":{"get":{"description":"Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).","operationId":"AdminListArcherJobs","parameters":[{"description":"Filter by status","in":"query","name":"status","schema":{"enum":["queued","running","succeeded","failed","canceled","retrying","scheduled"],"type":"string"}},{"description":"Filter by queue name / worker name","in":"query","name":"queue","schema":{"type":"string"}},{"description":"Free-text search","in":"query","name":"q","schema":{"type":"string"}},{"description":"Page number","in":"query","name":"page","schema":{"default":1,"type":"integer"}},{"description":"Items per page","in":"query","name":"page_size","schema":{"default":25,"maximum":100,"minimum":1,"type":"integer"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.PageJob"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer jobs (admin)","tags":["ArcherAdmin"]},"post":{"description":"Create a job immediately or schedule it for the future via `run_at`.","operationId":"AdminEnqueueArcherJob","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.EnqueueRequest"}}},"description":"Job parameters","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json or missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"Enqueue a new Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/cancel":{"post":{"description":"Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.","operationId":"AdminCancelArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not cancellable"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Cancel an Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/jobs/{id}/retry":{"post":{"description":"Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.","operationId":"AdminRetryArcherJob","parameters":[{"description":"Job ID","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.Job"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid job or not eligible"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]}],"summary":"Retry a failed/canceled Archer job (admin)","tags":["ArcherAdmin"]}},"/admin/archer/queues":{"get":{"description":"Summary metrics per queue (pending, running, failed, scheduled).","operationId":"AdminListArcherQueues","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.QueueInfo"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"forbidden"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal error"}},"security":[{"BearerAuth":[]}],"summary":"List Archer queues (admin)","tags":["ArcherAdmin"]}},"/annotations":{"get":{"description":"Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.","operationId":"ListAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list annotations"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations (org scoped)","tags":["Annotations"]},"post":{"description":"Creates an annotation.","operationId":"CreateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateAnnotationRequest"}}},"description":"Annotation payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create annotation (org scoped)","tags":["Annotations"]}},"/annotations/{id}":{"delete":{"description":"Permanently deletes the annotation.","operationId":"DeleteAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete annotation (org scoped)","tags":["Annotations"]},"get":{"description":"Returns one annotation. Add `include=node_pools` to include node pools.","operationId":"GetAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get annotation by ID (org scoped)","tags":["Annotations"]},"patch":{"description":"Partially update annotation fields.","operationId":"UpdateAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateAnnotationRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AnnotationResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update annotation (org scoped)","tags":["Annotations"]}},"/auth/logout":{"post":{"operationId":"Logout","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LogoutRequest"}}},"description":"Refresh token","required":true},"responses":{"204":{"description":"No Content"}},"summary":"Revoke refresh token family (logout everywhere)","tags":["Auth"]}},"/auth/refresh":{"post":{"operationId":"Refresh","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RefreshRequest"}}},"description":"Refresh token","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Rotate refresh token","tags":["Auth"]}},"/auth/{provider}/callback":{"get":{"operationId":"AuthCallback","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TokenPair"}}},"description":"OK"}},"summary":"Handle social login callback","tags":["Auth"]}},"/auth/{provider}/start":{"post":{"description":"Returns provider authorization URL for the frontend to redirect","operationId":"AuthStart","parameters":[{"description":"google|github","in":"path","name":"provider","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AuthStartResponse"}}},"description":"OK"}},"summary":"Begin social login","tags":["Auth"]}},"/clusters":{"get":{"description":"Returns clusters for the organization in X-Org-ID. Filter by `q` (name contains).","operationId":"ListClusters","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ClusterResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List clusters (org scoped)","tags":["Clusters"]},"post":{"description":"Creates a cluster. Status is managed by the system and starts as `pre_pending` for validation.","operationId":"CreateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateClusterRequest"}}},"description":"payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create cluster (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}":{"delete":{"description":"Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).","operationId":"DeleteCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"deleted"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a cluster (org scoped)","tags":["Clusters"]},"get":{"description":"Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).","operationId":"GetCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a single cluster by ID (org scoped)","tags":["Clusters"]},"patch":{"description":"Updates the cluster name, provider, and/or region. Status is managed by the system.","operationId":"UpdateCluster","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateClusterRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update basic cluster details (org scoped)","tags":["Clusters"]}},"/clusters/{clusterID}/apps-load-balancer":{"delete":{"description":"Clears apps_load_balancer_id on the cluster.","operationId":"DetachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the apps load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets apps_load_balancer_id on the cluster.","operationId":"AttachAppsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach an apps load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/bastion":{"delete":{"description":"Clears bastion_server_id on the cluster.","operationId":"DetachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the bastion server from a cluster","tags":["Clusters"]},"post":{"description":"Sets bastion_server_id on the cluster.","operationId":"AttachBastionServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachBastionRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or server not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a bastion server to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/captain-domain":{"delete":{"description":"Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.","operationId":"DetachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the captain domain from a cluster","tags":["Clusters"]},"post":{"description":"Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.","operationId":"AttachCaptainDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachCaptainDomainRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or domain not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a captain domain to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/control-plane-record-set":{"delete":{"description":"Clears control_plane_record_set_id on the cluster.","operationId":"DetachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the control plane record set from a cluster","tags":["Clusters"]},"post":{"description":"Sets control_plane_record_set_id on the cluster.","operationId":"AttachControlPlaneRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachRecordSetRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or record set not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a control plane record set to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/glueops-load-balancer":{"delete":{"description":"Clears glueops_load_balancer_id on the cluster.","operationId":"DetachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach the GlueOps/control-plane load balancer from a cluster","tags":["Clusters"]},"post":{"description":"Sets glueops_load_balancer_id on the cluster.","operationId":"AttachGlueOpsLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLoadBalancerRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or load balancer not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a GlueOps/control-plane load balancer to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/kubeconfig":{"delete":{"description":"Removes the encrypted kubeconfig, IV, and tag from the cluster record.","operationId":"ClearClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Clear the kubeconfig for a cluster","tags":["Clusters"]},"post":{"description":"Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.","operationId":"SetClusterKubeconfig","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SetKubeconfigRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Set (or replace) the kubeconfig for a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/node-pools":{"post":{"description":"Adds an entry in the cluster_node_pools join table.","operationId":"AttachNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachNodePoolRequest"}}},"description":"payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or node pool not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach a node pool to a cluster","tags":["Clusters"]}},"/clusters/{clusterID}/node-pools/{nodePoolID}":{"delete":{"description":"Removes an entry from the cluster_node_pools join table.","operationId":"DetachNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Cluster ID","in":"path","name":"clusterID","required":true,"schema":{"type":"string"}},{"description":"Node Pool ID","in":"path","name":"nodePoolID","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ClusterResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"bad request"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"cluster or node pool not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach a node pool from a cluster","tags":["Clusters"]}},"/credentials":{"get":{"description":"Returns credential metadata for the current org. Secrets are never returned.","operationId":"ListCredentials","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by provider (e.g., aws)","in":"query","name":"credential_provider","schema":{"type":"string"}},{"description":"Filter by kind (e.g., aws_access_key)","in":"query","name":"kind","schema":{"type":"string"}},{"description":"Filter by scope kind (credential_provider/service/resource)","in":"query","name":"scope_kind","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.CredentialOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List credentials (metadata only)","tags":["Credentials"]},"post":{"operationId":"CreateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateCredentialRequest"}}},"description":"Credential payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a credential (encrypts secret)","tags":["Credentials"]}},"/credentials/{id}":{"delete":{"operationId":"DeleteCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete credential","tags":["Credentials"]},"get":{"operationId":"GetCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"internal server error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get credential by ID (metadata only)","tags":["Credentials"]},"patch":{"operationId":"UpdateCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateCredentialRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CredentialOut"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"X-Org-ID required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update credential metadata and/or rotate secret","tags":["Credentials"]}},"/credentials/{id}/reveal":{"post":{"operationId":"RevealCredential","parameters":[{"description":"Organization ID (UUID)","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Credential ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"additionalProperties":{},"type":"object"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reveal decrypted secret (one-time read)","tags":["Credentials"]}},"/dns/domains":{"get":{"description":"Returns domains for X-Org-ID. Filters: `domain_name`, `status`, `q` (contains).","operationId":"ListDomains","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact domain name (lowercase, no trailing dot)","in":"query","name":"domain_name","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}},{"description":"Domain contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.DomainResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List domains (org scoped)","tags":["DNS"]},"post":{"description":"Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.","operationId":"CreateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateDomainRequest"}}},"description":"Domain payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"db error"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a domain (org scoped)","tags":["DNS"]}},"/dns/domains/{domain_id}/records":{"get":{"description":"Filters: `name`, `type`, `status`.","operationId":"ListRecordSets","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}},{"description":"Exact relative name or FQDN (server normalizes)","in":"query","name":"name","schema":{"type":"string"}},{"description":"RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA)","in":"query","name":"type","schema":{"type":"string"}},{"description":"pending|provisioning|ready|failed","in":"query","name":"status","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.RecordSetResponse"},"type":"array"}}},"description":"OK"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List record sets for a domain","tags":["DNS"]},"post":{"operationId":"CreateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"domain_id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateRecordSetRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a record set (pending; Archer will UPSERT to Route 53)","tags":["DNS"]}},"/dns/domains/{id}":{"delete":{"operationId":"DeleteDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a domain","tags":["DNS"]},"get":{"operationId":"GetDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a domain (org scoped)","tags":["DNS"]},"patch":{"operationId":"UpdateDomain","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Domain ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateDomainRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.DomainResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a domain (org scoped)","tags":["DNS"]}},"/dns/records/{id}":{"delete":{"operationId":"DeleteRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a record set (API removes row; worker can optionally handle external deletion policy)","tags":["DNS"]},"patch":{"operationId":"UpdateRecordSet","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Record Set ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateRecordSetRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.RecordSetResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a record set (flips to pending for reconciliation)","tags":["DNS"]}},"/healthz":{"get":{"description":"Returns 200 OK when the service is up","operationId":"HealthCheck               // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.HealthStatus"}}},"description":"OK"}},"summary":"Basic health check","tags":["Health"]}},"/labels":{"get":{"description":"Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.","operationId":"ListLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"Key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node labels (org scoped)","tags":["Labels"]},"post":{"description":"Creates a label.","operationId":"CreateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLabelRequest"}}},"description":"Label payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create label (org scoped)","tags":["Labels"]}},"/labels/{id}":{"delete":{"description":"Permanently deletes the label.","operationId":"DeleteLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete label (org scoped)","tags":["Labels"]},"get":{"description":"Returns one label.","operationId":"GetLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get label by ID (org scoped)","tags":["Labels"]},"patch":{"description":"Partially update label fields.","operationId":"UpdateLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLabelRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LabelResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update label (org scoped)","tags":["Labels"]}},"/load-balancers":{"get":{"description":"Returns load balancers for the organization in X-Org-ID.","operationId":"ListLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List load balancers (org scoped)","tags":["LoadBalancers"]},"post":{"operationId":"CreateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateLoadBalancerRequest"}}},"description":"Record set payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"domain not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create a load balancer","tags":["LoadBalancers"]}},"/load-balancers/{id}":{"delete":{"operationId":"DeleteLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete a load balancer","tags":["LoadBalancers"]},"get":{"description":"Returns load balancer for the organization in X-Org-ID.","operationId":"GetLoadBalancers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"LoadBalancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list clusters"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get a load balancer (org scoped)","tags":["LoadBalancers"]},"patch":{"operationId":"UpdateLoadBalancer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Load Balancer ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateLoadBalancerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.LoadBalancerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"validation error"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update a load balancer (org scoped)","tags":["LoadBalancers"]}},"/me":{"get":{"operationId":"GetMe","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.meResponse"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Get current user profile","tags":["Me"]},"patch":{"operationId":"UpdateMe","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.updateMeRequest"}}},"description":"Patch profile","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.User"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Update current user profile","tags":["Me"]}},"/me/api-keys":{"get":{"operationId":"ListUserAPIKeys","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"},"type":"array"}}},"description":"OK"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"List my API keys","tags":["MeAPIKeys"]},"post":{"description":"Returns the plaintext key once. Store it securely on the client side.","operationId":"CreateUserAPIKey","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.createUserKeyRequest"}}},"description":"Key options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.userAPIKeyOut"}}},"description":"Created"}},"security":[{"BearerAuth":[]},{"ApiKeyAuth":[]}],"summary":"Create a new user API key","tags":["MeAPIKeys"]}},"/me/api-keys/{id}":{"delete":{"operationId":"DeleteUserAPIKey","parameters":[{"description":"Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"}},"security":[{"BearerAuth":[]}],"summary":"Delete a user API key","tags":["MeAPIKeys"]}},"/node-pools":{"get":{"description":"Returns node pools for the organization in X-Org-ID.","operationId":"ListNodePools","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Name contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.NodePoolResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node pools"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pools (org scoped)","tags":["NodePools"]},"post":{"description":"Creates a node pool. Optionally attach initial servers.","operationId":"CreateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateNodePoolRequest"}}},"description":"NodePool payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}":{"delete":{"description":"Permanently deletes the node pool.","operationId":"DeleteNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete node pool (org scoped)","tags":["NodePools"]},"get":{"description":"Returns one node pool. Add `include=servers` to include servers.","operationId":"GetNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node pool by ID (org scoped)","tags":["NodePools"]},"patch":{"description":"Partially update node pool fields.","operationId":"UpdateNodePool","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateNodePoolRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.NodePoolResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations":{"get":{"operationId":"ListNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.AnnotationResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List annotations attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolAnnotations","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Group ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachAnnotationsRequest"}}},"description":"Annotation IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach annotation to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/annotations/{annotationId}":{"delete":{"operationId":"DetachNodePoolAnnotation","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Annotation ID (UUID)","in":"path","name":"annotationId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one annotation from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels":{"get":{"operationId":"ListNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Label Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.LabelResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List labels attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolLabels","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachLabelsRequest"}}},"description":"Label IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach labels to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/labels/{labelId}":{"delete":{"operationId":"DetachNodePoolLabel","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Label ID (UUID)","in":"path","name":"labelId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one label from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers":{"get":{"operationId":"ListNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachServersRequest"}}},"description":"Server IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid server_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach servers to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/servers/{serverId}":{"delete":{"operationId":"DetachNodePoolServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"serverId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one server from a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints":{"get":{"operationId":"ListNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List taints attached to a node pool (org scoped)","tags":["NodePools"]},"post":{"operationId":"AttachNodePoolTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.AttachTaintsRequest"}}},"description":"Taint IDs to attach","required":true},"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid taint_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"attach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Attach taints to a node pool (org scoped)","tags":["NodePools"]}},"/node-pools/{id}/taints/{taintId}":{"delete":{"operationId":"DetachNodePoolTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Pool ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Taint ID (UUID)","in":"path","name":"taintId","required":true,"schema":{"type":"string"}}],"responses":{"204":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"detach failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Detach one taint from a node pool (org scoped)","tags":["NodePools"]}},"/orgs":{"get":{"operationId":"listMyOrgs","responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.Organization"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List organizations I belong to","tags":["Orgs"]},"post":{"operationId":"createOrg","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgCreateReq"}}},"description":"Org payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Bad Request"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"409":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Conflict"}},"security":[{"BearerAuth":[]}],"summary":"Create organization","tags":["Orgs"]}},"/orgs/{id}":{"delete":{"operationId":"deleteOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Delete organization (owner)","tags":["Orgs"]},"get":{"operationId":"getOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Get organization","tags":["Orgs"]},"patch":{"operationId":"updateOrg","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgUpdateReq"}}},"description":"Update payload","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/models.Organization"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"},"404":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Not Found"}},"security":[{"BearerAuth":[]}],"summary":"Update organization (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys":{"get":{"operationId":"listOrgKeys","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/models.APIKey"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List org-scoped API keys (no secrets)","tags":["Orgs"]},"post":{"operationId":"createOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateReq"}}},"description":"Key name + optional expiry","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.orgKeyCreateResp"}}},"description":"Created"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Create org key/secret pair (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/api-keys/{key_id}":{"delete":{"operationId":"deleteOrgKey","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Key ID (UUID)","in":"path","name":"key_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Deleted"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Delete org key (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members":{"get":{"operationId":"listMembers","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/handlers.memberOut"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"List members in org","tags":["Orgs"]},"post":{"operationId":"addOrUpdateMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberUpsertReq"}}},"description":"User \u0026 role","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.memberOut"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Add or update a member (owner/admin)","tags":["Orgs"]}},"/orgs/{id}/members/{user_id}":{"delete":{"operationId":"removeMember","parameters":[{"description":"Org ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"User ID (UUID)","in":"path","name":"user_id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"Removed"},"401":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/utils.ErrorResponse"}}},"description":"Unauthorized"}},"security":[{"BearerAuth":[]}],"summary":"Remove a member (owner/admin)","tags":["Orgs"]}},"/servers":{"get":{"description":"Returns servers for the organization in X-Org-ID. Optional filters: status, role.","operationId":"ListServers","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Filter by status (pending|provisioning|ready|failed)","in":"query","name":"status","schema":{"type":"string"}},{"description":"Filter by role","in":"query","name":"role","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.ServerResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list servers"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List servers (org scoped)","tags":["Servers"]},"post":{"description":"Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.","operationId":"CreateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateServerRequest"}}},"description":"Server payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create server (org scoped)","tags":["Servers"]}},"/servers/{id}":{"delete":{"description":"Permanently deletes the server.","operationId":"DeleteServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete server (org scoped)","tags":["Servers"]},"get":{"description":"Returns one server in the given organization.","operationId":"GetServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get server by ID (org scoped)","tags":["Servers"]},"patch":{"description":"Partially update fields; changing ssh_key_id validates ownership.","operationId":"UpdateServer","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateServerRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json / invalid status / invalid ssh_key_id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update server (org scoped)","tags":["Servers"]}},"/servers/{id}/reset-hostkey":{"post":{"description":"Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).","operationId":"ResetServerHostKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Server ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.ServerResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"reset failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Reset SSH host key (org scoped)","tags":["Servers"]}},"/ssh":{"get":{"description":"Returns ssh keys for the organization in X-Org-ID.","operationId":"ListPublicSshKeys","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.SshResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list keys"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List ssh keys (org scoped)","tags":["Ssh"]},"post":{"description":"Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.","operationId":"CreateSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateSSHRequest"}}},"description":"Key generation options","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.SshResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / invalid bits"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"generation/create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create ssh keypair (org scoped)","tags":["Ssh"]}},"/ssh/{id}":{"delete":{"description":"Permanently deletes a keypair.","operationId":"DeleteSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete ssh keypair (org scoped)","tags":["Ssh"]},"get":{"description":"Returns public key fields. Append `?reveal=true` to include the private key PEM.","operationId":"GetSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Reveal private key PEM","in":"query","name":"reveal","schema":{"type":"boolean"}}],"responses":{"200":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/dto.SshResponse"},{"$ref":"#/components/schemas/dto.SshRevealResponse"}]}}},"description":"When reveal=true"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get ssh key by ID (org scoped)","tags":["Ssh"]}},"/ssh/{id}/download":{"get":{"description":"Download `part=public|private|both` of the keypair. `both` returns a zip file.","operationId":"DownloadSSHKey","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","required":true,"schema":{"type":"string"}},{"description":"SSH Key ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}},{"description":"Which part to download","in":"query","name":"part","required":true,"schema":{"enum":["public","private","both"],"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"file content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid part"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"download failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Download ssh key files by ID (org scoped)","tags":["Ssh"]}},"/taints":{"get":{"description":"Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.","operationId":"ListTaints","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Exact key","in":"query","name":"key","schema":{"type":"string"}},{"description":"Exact value","in":"query","name":"value","schema":{"type":"string"}},{"description":"key contains (case-insensitive)","in":"query","name":"q","schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"items":{"$ref":"#/components/schemas/dto.TaintResponse"},"type":"array"}}},"description":"OK"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"failed to list node taints"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"List node pool taints (org scoped)","tags":["Taints"]},"post":{"description":"Creates a taint.","operationId":"CreateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.CreateTaintRequest"}}},"description":"Taint payload","required":true},"responses":{"201":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"Created"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid json / missing fields / invalid node_pool_ids"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"create failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Create node taint (org scoped)","tags":["Taints"]}},"/taints/{id}":{"delete":{"description":"Permanently deletes the taint.","operationId":"DeleteTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"No Content"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"delete failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Delete taint (org scoped)","tags":["Taints"]},"get":{"operationId":"GetTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"fetch failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Get node taint by ID (org scoped)","tags":["Taints"]},"patch":{"description":"Partially update taint fields.","operationId":"UpdateTaint","parameters":[{"description":"Organization UUID","in":"header","name":"X-Org-ID","schema":{"type":"string"}},{"description":"Node Taint ID (UUID)","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.UpdateTaintRequest"}}},"description":"Fields to update","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/dto.TaintResponse"}}},"description":"OK"},"400":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"invalid id / invalid json"},"401":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"Unauthorized"},"403":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"organization required"},"404":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"not found"},"500":{"content":{"application/json":{"schema":{"type":"string"}}},"description":"update failed"}},"security":[{"BearerAuth":[]},{"OrgKeyAuth":[]},{"OrgSecretAuth":[]}],"summary":"Update node taint (org scoped)","tags":["Taints"]}},"/version":{"get":{"description":"Returns build/runtime metadata for the running service.","operationId":"Version                 // operationId","responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/handlers.VersionResponse"}}},"description":"OK"}},"summary":"Service version information","tags":["Meta"]}}},
     "openapi": "3.1.0",
     "servers": [
-        {"description":"Production API","url":"https://autoglue.onglueops.rocks/api/v1"},
+        {"description":"Production API","url":"https://autoglue.glueopshosted.com/api/v1"},
+        {"description":"Pre-Production API","url":"https://autoglue.glueopshosted.rocks/api/v1"},
         {"description":"Staging API","url":"https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1"},
         {"description":"Local dev","url":"http://localhost:8080/api/v1"}
     ]
diff --git a/docs/openapi.yaml b/docs/openapi.yaml
index 2397937..eaf3a02 100644
--- a/docs/openapi.yaml
+++ b/docs/openapi.yaml
@@ -88,6 +88,10 @@ components:
           $ref: '#/components/schemas/dto.DomainResponse'
         certificate_key:
           type: string
+        cluster_provider:
+          type: string
+        control_plane_fqdn:
+          type: string
         control_plane_record_set:
           $ref: '#/components/schemas/dto.RecordSetResponse'
         created_at:
@@ -105,8 +109,6 @@ components:
             $ref: '#/components/schemas/dto.NodePoolResponse'
           type: array
           uniqueItems: false
-        provider:
-          type: string
         random_token:
           type: string
         region:
@@ -125,9 +127,9 @@ components:
       type: object
     dto.CreateClusterRequest:
       properties:
-        name:
+        cluster_provider:
           type: string
-        provider:
+        name:
           type: string
         region:
           type: string
@@ -137,14 +139,7 @@ components:
         account_id:
           maxLength: 32
           type: string
-        kind:
-          description: aws_access_key, api_token, basic_auth, oauth2
-          type: string
-        name:
-          description: human label
-          maxLength: 100
-          type: string
-        provider:
+        credential_provider:
           enum:
           - aws
           - cloudflare
@@ -152,6 +147,13 @@ components:
           - digitalocean
           - generic
           type: string
+        kind:
+          description: aws_access_key, api_token, basic_auth, oauth2
+          type: string
+        name:
+          description: human label
+          maxLength: 100
+          type: string
         region:
           maxLength: 32
           type: string
@@ -164,7 +166,7 @@ components:
           type: object
         scope_kind:
           enum:
-          - provider
+          - credential_provider
           - service
           - resource
           type: string
@@ -176,8 +178,8 @@ components:
           description: encrypted later
           type: object
       required:
+      - credential_provider
       - kind
-      - provider
       - schema_version
       - scope
       - scope_kind
@@ -312,14 +314,14 @@ components:
           type: string
         created_at:
           type: string
+        credential_provider:
+          type: string
         id:
           type: string
         kind:
           type: string
         name:
           type: string
-        provider:
-          type: string
         region:
           type: string
         schema_version:
@@ -709,9 +711,9 @@ components:
       type: object
     dto.UpdateClusterRequest:
       properties:
-        name:
+        cluster_provider:
           type: string
-        provider:
+        name:
           type: string
         region:
           type: string
@@ -1159,7 +1161,7 @@ info:
     name: GlueOps
   description: API for managing K3s clusters across cloud providers
   title: AutoGlue API
-  version: ""
+  version: dev
 openapi: 3.1.0
 paths:
   /.well-known/jwks.json:
@@ -3004,7 +3006,7 @@ paths:
           type: string
       - description: Filter by provider (e.g., aws)
         in: query
-        name: provider
+        name: credential_provider
         schema:
           type: string
       - description: Filter by kind (e.g., aws_access_key)
@@ -3012,7 +3014,7 @@ paths:
         name: kind
         schema:
           type: string
-      - description: Filter by scope kind (provider/service/resource)
+      - description: Filter by scope kind (credential_provider/service/resource)
         in: query
         name: scope_kind
         schema:
@@ -6695,7 +6697,9 @@ paths:
       - Meta
 servers:
 - description: Production API
-  url: https://autoglue.onglueops.rocks/api/v1
+  url: https://autoglue.glueopshosted.com/api/v1
+- description: Pre-Production API
+  url: https://autoglue.glueopshosted.rocks/api/v1
 - description: Staging API
   url: https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1
 - description: Local dev
diff --git a/go.mod b/go.mod
index 64f81bd..b0377e6 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,6 @@ module github.com/glueops/autoglue
 go 1.25.4
 
 require (
-	ariga.io/atlas-provider-gorm v0.6.0
 	github.com/alexedwards/argon2id v1.0.0
 	github.com/aws/aws-sdk-go-v2 v1.39.6
 	github.com/aws/aws-sdk-go-v2/config v1.31.20
@@ -35,20 +34,8 @@ require (
 )
 
 require (
-	ariga.io/atlas v0.36.2-0.20250806044935-5bb51a0a956e // indirect
-	cel.dev/expr v0.24.0 // indirect
-	cloud.google.com/go v0.121.6 // indirect
-	cloud.google.com/go/auth v0.16.4 // indirect
-	cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
-	cloud.google.com/go/compute/metadata v0.8.0 // indirect
-	cloud.google.com/go/iam v1.5.2 // indirect
-	cloud.google.com/go/longrunning v0.6.7 // indirect
-	cloud.google.com/go/monitoring v1.24.2 // indirect
-	cloud.google.com/go/spanner v1.84.1 // indirect
 	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/BurntSushi/toml v1.1.0 // indirect
-	github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3 // indirect
-	github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.29.0 // indirect
 	github.com/KyleBanks/depth v1.2.1 // indirect
 	github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 // indirect
@@ -70,17 +57,12 @@ require (
 	github.com/bytedance/sonic/loader v0.3.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/cloudwego/base64x v0.1.6 // indirect
-	github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a // indirect
-	github.com/envoyproxy/go-control-plane/envoy v1.32.4 // indirect
-	github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
-	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fsnotify/fsnotify v1.9.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.10 // indirect
 	github.com/gin-contrib/sse v1.1.0 // indirect
 	github.com/go-jose/go-jose/v4 v4.1.3 // indirect
-	github.com/go-logr/logr v1.4.3 // indirect
-	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
 	github.com/go-openapi/spec v0.20.9 // indirect
@@ -91,15 +73,6 @@ require (
 	github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/goccy/go-yaml v1.18.0 // indirect
-	github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
-	github.com/golang-sql/sqlexp v0.1.0 // indirect
-	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
-	github.com/google/s2a-go v0.1.9 // indirect
-	github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
-	github.com/googleapis/gax-go/v2 v2.15.0 // indirect
-	github.com/googleapis/go-gorm-spanner v1.8.6 // indirect
-	github.com/googleapis/go-sql-spanner v1.17.0 // indirect
-	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
 	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
@@ -118,45 +91,33 @@ require (
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-sqlite3 v1.14.28 // indirect
-	github.com/microsoft/go-mssqldb v1.7.2 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mr-tron/base58 v1.2.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.4 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_golang v1.19.1 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.48.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/quic-go/qpack v0.5.1 // indirect
 	github.com/quic-go/quic-go v0.54.0 // indirect
+	github.com/rogpeppe/go-internal v1.13.1 // indirect
 	github.com/sagikazarmark/locafero v0.11.0 // indirect
 	github.com/sirupsen/logrus v1.9.0 // indirect
 	github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
 	github.com/spf13/afero v1.15.0 // indirect
 	github.com/spf13/cast v1.10.0 // indirect
 	github.com/spf13/pflag v1.0.10 // indirect
-	github.com/spiffe/go-spiffe/v2 v2.5.0 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/sv-tools/openapi v0.2.1 // indirect
 	github.com/tuvistavie/securerandom v0.0.0-20140719024926-15512123a948 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.3.0 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
-	github.com/zeebo/errs v1.4.0 // indirect
 	github.com/zeebo/xxh3 v1.0.2 // indirect
-	go.opencensus.io v0.24.0 // indirect
-	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
-	go.opentelemetry.io/contrib/detectors/gcp v1.37.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0 // indirect
-	go.opentelemetry.io/otel v1.37.0 // indirect
-	go.opentelemetry.io/otel/metric v1.37.0 // indirect
-	go.opentelemetry.io/otel/sdk v1.37.0 // indirect
-	go.opentelemetry.io/otel/sdk/metric v1.37.0 // indirect
-	go.opentelemetry.io/otel/trace v1.37.0 // indirect
 	go.uber.org/mock v0.5.0 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
 	golang.org/x/arch v0.20.0 // indirect
@@ -165,16 +126,8 @@ require (
 	golang.org/x/sync v0.18.0 // indirect
 	golang.org/x/sys v0.38.0 // indirect
 	golang.org/x/text v0.31.0 // indirect
-	golang.org/x/time v0.12.0 // indirect
 	golang.org/x/tools v0.38.0 // indirect
-	google.golang.org/api v0.247.0 // indirect
-	google.golang.org/genproto v0.0.0-20250804133106-a7a43d27e69b // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20250804133106-a7a43d27e69b // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a // indirect
-	google.golang.org/grpc v1.74.2 // indirect
 	google.golang.org/protobuf v1.36.9 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gorm.io/driver/mysql v1.5.7 // indirect
-	gorm.io/driver/sqlite v1.6.0 // indirect
-	gorm.io/driver/sqlserver v1.6.0 // indirect
 )
diff --git a/go.sum b/go.sum
index 3be559b..8126180 100644
--- a/go.sum
+++ b/go.sum
@@ -1,680 +1,21 @@
-ariga.io/atlas v0.36.2-0.20250806044935-5bb51a0a956e h1:7upp27oOT/fmM5Dz3z9k8cmYwKJ2NAzuTqfT/rEP+50=
-ariga.io/atlas v0.36.2-0.20250806044935-5bb51a0a956e/go.mod h1:Ex5l1xHsnWQUc3wYnrJ9gD7RUEzG76P7ZRQp8wNr0wc=
-ariga.io/atlas-provider-gorm v0.6.0 h1:nJx1jLKr8pKeIxuYX3NmBuchWR9VldopWyElnPakRDw=
-ariga.io/atlas-provider-gorm v0.6.0/go.mod h1:iod/+0ODkmcNBJsmNrs76btfETyqC+zCyy7sh7aXaig=
-cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY=
-cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw=
-cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
-cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
-cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
-cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
-cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
-cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
-cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
-cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
-cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M=
-cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc=
-cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk=
-cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
-cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
-cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
-cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI=
-cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk=
-cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY=
-cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg=
-cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8=
-cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0=
-cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY=
-cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM=
-cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY=
-cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ=
-cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI=
-cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4=
-cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc=
-cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA=
-cloud.google.com/go v0.100.1/go.mod h1:fs4QogzfH5n2pBXBP9vRiU+eCny7lD2vmFZy79Iuw1U=
-cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A=
-cloud.google.com/go v0.102.0/go.mod h1:oWcCzKlqJ5zgHQt9YsaeTY9KzIvjyy0ArmiBUgpQ+nc=
-cloud.google.com/go v0.102.1/go.mod h1:XZ77E9qnTEnrgEOvr4xzfdX5TRo7fB4T2F4O6+34hIU=
-cloud.google.com/go v0.104.0/go.mod h1:OO6xxXdJyvuJPcEPBLN9BJPD+jep5G1+2U5B5gkRYtA=
-cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM=
-cloud.google.com/go v0.107.0/go.mod h1:wpc2eNrD7hXUTy8EKS10jkxpZBjASrORK7goS+3YX2I=
-cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY=
-cloud.google.com/go v0.121.6 h1:waZiuajrI28iAf40cWgycWNgaXPO06dupuS+sgibK6c=
-cloud.google.com/go v0.121.6/go.mod h1:coChdst4Ea5vUpiALcYKXEpR1S9ZgXbhEzzMcMR66vI=
-cloud.google.com/go/accessapproval v1.4.0/go.mod h1:zybIuC3KpDOvotz59lFe5qxRZx6C75OtwbisN56xYB4=
-cloud.google.com/go/accessapproval v1.5.0/go.mod h1:HFy3tuiGvMdcd/u+Cu5b9NkO1pEICJ46IR82PoUdplw=
-cloud.google.com/go/accessapproval v1.6.0/go.mod h1:R0EiYnwV5fsRFiKZkPHr6mwyk2wxUJ30nL4j2pcFY2E=
-cloud.google.com/go/accesscontextmanager v1.3.0/go.mod h1:TgCBehyr5gNMz7ZaH9xubp+CE8dkrszb4oK9CWyvD4o=
-cloud.google.com/go/accesscontextmanager v1.4.0/go.mod h1:/Kjh7BBu/Gh83sv+K60vN9QE5NJcd80sU33vIe2IFPE=
-cloud.google.com/go/accesscontextmanager v1.6.0/go.mod h1:8XCvZWfYw3K/ji0iVnp+6pu7huxoQTLmxAbVjbloTtM=
-cloud.google.com/go/accesscontextmanager v1.7.0/go.mod h1:CEGLewx8dwa33aDAZQujl7Dx+uYhS0eay198wB/VumQ=
-cloud.google.com/go/aiplatform v1.22.0/go.mod h1:ig5Nct50bZlzV6NvKaTwmplLLddFx0YReh9WfTO5jKw=
-cloud.google.com/go/aiplatform v1.24.0/go.mod h1:67UUvRBKG6GTayHKV8DBv2RtR1t93YRu5B1P3x99mYY=
-cloud.google.com/go/aiplatform v1.27.0/go.mod h1:Bvxqtl40l0WImSb04d0hXFU7gDOiq9jQmorivIiWcKg=
-cloud.google.com/go/aiplatform v1.35.0/go.mod h1:7MFT/vCaOyZT/4IIFfxH4ErVg/4ku6lKv3w0+tFTgXQ=
-cloud.google.com/go/aiplatform v1.36.1/go.mod h1:WTm12vJRPARNvJ+v6P52RDHCNe4AhvjcIZ/9/RRHy/k=
-cloud.google.com/go/aiplatform v1.37.0/go.mod h1:IU2Cv29Lv9oCn/9LkFiiuKfwrRTq+QQMbW+hPCxJGZw=
-cloud.google.com/go/analytics v0.11.0/go.mod h1:DjEWCu41bVbYcKyvlws9Er60YE4a//bK6mnhWvQeFNI=
-cloud.google.com/go/analytics v0.12.0/go.mod h1:gkfj9h6XRf9+TS4bmuhPEShsh3hH8PAZzm/41OOhQd4=
-cloud.google.com/go/analytics v0.17.0/go.mod h1:WXFa3WSym4IZ+JiKmavYdJwGG/CvpqiqczmL59bTD9M=
-cloud.google.com/go/analytics v0.18.0/go.mod h1:ZkeHGQlcIPkw0R/GW+boWHhCOR43xz9RN/jn7WcqfIE=
-cloud.google.com/go/analytics v0.19.0/go.mod h1:k8liqf5/HCnOUkbawNtrWWc+UAzyDlW89doe8TtoDsE=
-cloud.google.com/go/apigateway v1.3.0/go.mod h1:89Z8Bhpmxu6AmUxuVRg/ECRGReEdiP3vQtk4Z1J9rJk=
-cloud.google.com/go/apigateway v1.4.0/go.mod h1:pHVY9MKGaH9PQ3pJ4YLzoj6U5FUDeDFBllIz7WmzJoc=
-cloud.google.com/go/apigateway v1.5.0/go.mod h1:GpnZR3Q4rR7LVu5951qfXPJCHquZt02jf7xQx7kpqN8=
-cloud.google.com/go/apigeeconnect v1.3.0/go.mod h1:G/AwXFAKo0gIXkPTVfZDd2qA1TxBXJ3MgMRBQkIi9jc=
-cloud.google.com/go/apigeeconnect v1.4.0/go.mod h1:kV4NwOKqjvt2JYR0AoIWo2QGfoRtn/pkS3QlHp0Ni04=
-cloud.google.com/go/apigeeconnect v1.5.0/go.mod h1:KFaCqvBRU6idyhSNyn3vlHXc8VMDJdRmwDF6JyFRqZ8=
-cloud.google.com/go/apigeeregistry v0.4.0/go.mod h1:EUG4PGcsZvxOXAdyEghIdXwAEi/4MEaoqLMLDMIwKXY=
-cloud.google.com/go/apigeeregistry v0.5.0/go.mod h1:YR5+s0BVNZfVOUkMa5pAR2xGd0A473vA5M7j247o1wM=
-cloud.google.com/go/apigeeregistry v0.6.0/go.mod h1:BFNzW7yQVLZ3yj0TKcwzb8n25CFBri51GVGOEUcgQsc=
-cloud.google.com/go/apikeys v0.4.0/go.mod h1:XATS/yqZbaBK0HOssf+ALHp8jAlNHUgyfprvNcBIszU=
-cloud.google.com/go/apikeys v0.5.0/go.mod h1:5aQfwY4D+ewMMWScd3hm2en3hCj+BROlyrt3ytS7KLI=
-cloud.google.com/go/apikeys v0.6.0/go.mod h1:kbpXu5upyiAlGkKrJgQl8A0rKNNJ7dQ377pdroRSSi8=
-cloud.google.com/go/appengine v1.4.0/go.mod h1:CS2NhuBuDXM9f+qscZ6V86m1MIIqPj3WC/UoEuR1Sno=
-cloud.google.com/go/appengine v1.5.0/go.mod h1:TfasSozdkFI0zeoxW3PTBLiNqRmzraodCWatWI9Dmak=
-cloud.google.com/go/appengine v1.6.0/go.mod h1:hg6i0J/BD2cKmDJbaFSYHFyZkgBEfQrDg/X0V5fJn84=
-cloud.google.com/go/appengine v1.7.0/go.mod h1:eZqpbHFCqRGa2aCdope7eC0SWLV1j0neb/QnMJVWx6A=
-cloud.google.com/go/appengine v1.7.1/go.mod h1:IHLToyb/3fKutRysUlFO0BPt5j7RiQ45nrzEJmKTo6E=
-cloud.google.com/go/area120 v0.5.0/go.mod h1:DE/n4mp+iqVyvxHN41Vf1CR602GiHQjFPusMFW6bGR4=
-cloud.google.com/go/area120 v0.6.0/go.mod h1:39yFJqWVgm0UZqWTOdqkLhjoC7uFfgXRC8g/ZegeAh0=
-cloud.google.com/go/area120 v0.7.0/go.mod h1:a3+8EUD1SX5RUcCs3MY5YasiO1z6yLiNLRiFrykbynY=
-cloud.google.com/go/area120 v0.7.1/go.mod h1:j84i4E1RboTWjKtZVWXPqvK5VHQFJRF2c1Nm69pWm9k=
-cloud.google.com/go/artifactregistry v1.6.0/go.mod h1:IYt0oBPSAGYj/kprzsBjZ/4LnG/zOcHyFHjWPCi6SAQ=
-cloud.google.com/go/artifactregistry v1.7.0/go.mod h1:mqTOFOnGZx8EtSqK/ZWcsm/4U8B77rbcLP6ruDU2Ixk=
-cloud.google.com/go/artifactregistry v1.8.0/go.mod h1:w3GQXkJX8hiKN0v+at4b0qotwijQbYUqF2GWkZzAhC0=
-cloud.google.com/go/artifactregistry v1.9.0/go.mod h1:2K2RqvA2CYvAeARHRkLDhMDJ3OXy26h3XW+3/Jh2uYc=
-cloud.google.com/go/artifactregistry v1.11.1/go.mod h1:lLYghw+Itq9SONbCa1YWBoWs1nOucMH0pwXN1rOBZFI=
-cloud.google.com/go/artifactregistry v1.11.2/go.mod h1:nLZns771ZGAwVLzTX/7Al6R9ehma4WUEhZGWV6CeQNQ=
-cloud.google.com/go/artifactregistry v1.12.0/go.mod h1:o6P3MIvtzTOnmvGagO9v/rOjjA0HmhJ+/6KAXrmYDCI=
-cloud.google.com/go/artifactregistry v1.13.0/go.mod h1:uy/LNfoOIivepGhooAUpL1i30Hgee3Cu0l4VTWHUC08=
-cloud.google.com/go/asset v1.5.0/go.mod h1:5mfs8UvcM5wHhqtSv8J1CtxxaQq3AdBxxQi2jGW/K4o=
-cloud.google.com/go/asset v1.7.0/go.mod h1:YbENsRK4+xTiL+Ofoj5Ckf+O17kJtgp3Y3nn4uzZz5s=
-cloud.google.com/go/asset v1.8.0/go.mod h1:mUNGKhiqIdbr8X7KNayoYvyc4HbbFO9URsjbytpUaW0=
-cloud.google.com/go/asset v1.9.0/go.mod h1:83MOE6jEJBMqFKadM9NLRcs80Gdw76qGuHn8m3h8oHQ=
-cloud.google.com/go/asset v1.10.0/go.mod h1:pLz7uokL80qKhzKr4xXGvBQXnzHn5evJAEAtZiIb0wY=
-cloud.google.com/go/asset v1.11.1/go.mod h1:fSwLhbRvC9p9CXQHJ3BgFeQNM4c9x10lqlrdEUYXlJo=
-cloud.google.com/go/asset v1.12.0/go.mod h1:h9/sFOa4eDIyKmH6QMpm4eUK3pDojWnUhTgJlk762Hg=
-cloud.google.com/go/asset v1.13.0/go.mod h1:WQAMyYek/b7NBpYq/K4KJWcRqzoalEsxz/t/dTk4THw=
-cloud.google.com/go/assuredworkloads v1.5.0/go.mod h1:n8HOZ6pff6re5KYfBXcFvSViQjDwxFkAkmUFffJRbbY=
-cloud.google.com/go/assuredworkloads v1.6.0/go.mod h1:yo2YOk37Yc89Rsd5QMVECvjaMKymF9OP+QXWlKXUkXw=
-cloud.google.com/go/assuredworkloads v1.7.0/go.mod h1:z/736/oNmtGAyU47reJgGN+KVoYoxeLBoj4XkKYscNI=
-cloud.google.com/go/assuredworkloads v1.8.0/go.mod h1:AsX2cqyNCOvEQC8RMPnoc0yEarXQk6WEKkxYfL6kGIo=
-cloud.google.com/go/assuredworkloads v1.9.0/go.mod h1:kFuI1P78bplYtT77Tb1hi0FMxM0vVpRC7VVoJC3ZoT0=
-cloud.google.com/go/assuredworkloads v1.10.0/go.mod h1:kwdUQuXcedVdsIaKgKTp9t0UJkE5+PAVNhdQm4ZVq2E=
-cloud.google.com/go/auth v0.16.4 h1:fXOAIQmkApVvcIn7Pc2+5J8QTMVbUGLscnSVNl11su8=
-cloud.google.com/go/auth v0.16.4/go.mod h1:j10ncYwjX/g3cdX7GpEzsdM+d+ZNsXAbb6qXA7p1Y5M=
-cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc=
-cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c=
-cloud.google.com/go/automl v1.5.0/go.mod h1:34EjfoFGMZ5sgJ9EoLsRtdPSNZLcfflJR39VbVNS2M0=
-cloud.google.com/go/automl v1.6.0/go.mod h1:ugf8a6Fx+zP0D59WLhqgTDsQI9w07o64uf/Is3Nh5p8=
-cloud.google.com/go/automl v1.7.0/go.mod h1:RL9MYCCsJEOmt0Wf3z9uzG0a7adTT1fe+aObgSpkCt8=
-cloud.google.com/go/automl v1.8.0/go.mod h1:xWx7G/aPEe/NP+qzYXktoBSDfjO+vnKMGgsApGJJquM=
-cloud.google.com/go/automl v1.12.0/go.mod h1:tWDcHDp86aMIuHmyvjuKeeHEGq76lD7ZqfGLN6B0NuU=
-cloud.google.com/go/baremetalsolution v0.3.0/go.mod h1:XOrocE+pvK1xFfleEnShBlNAXf+j5blPPxrhjKgnIFc=
-cloud.google.com/go/baremetalsolution v0.4.0/go.mod h1:BymplhAadOO/eBa7KewQ0Ppg4A4Wplbn+PsFKRLo0uI=
-cloud.google.com/go/baremetalsolution v0.5.0/go.mod h1:dXGxEkmR9BMwxhzBhV0AioD0ULBmuLZI8CdwalUxuss=
-cloud.google.com/go/batch v0.3.0/go.mod h1:TR18ZoAekj1GuirsUsR1ZTKN3FC/4UDnScjT8NXImFE=
-cloud.google.com/go/batch v0.4.0/go.mod h1:WZkHnP43R/QCGQsZ+0JyG4i79ranE2u8xvjq/9+STPE=
-cloud.google.com/go/batch v0.7.0/go.mod h1:vLZN95s6teRUqRQ4s3RLDsH8PvboqBK+rn1oevL159g=
-cloud.google.com/go/beyondcorp v0.2.0/go.mod h1:TB7Bd+EEtcw9PCPQhCJtJGjk/7TC6ckmnSFS+xwTfm4=
-cloud.google.com/go/beyondcorp v0.3.0/go.mod h1:E5U5lcrcXMsCuoDNyGrpyTm/hn7ne941Jz2vmksAxW8=
-cloud.google.com/go/beyondcorp v0.4.0/go.mod h1:3ApA0mbhHx6YImmuubf5pyW8srKnCEPON32/5hj+RmM=
-cloud.google.com/go/beyondcorp v0.5.0/go.mod h1:uFqj9X+dSfrheVp7ssLTaRHd2EHqSL4QZmH4e8WXGGU=
-cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
-cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
-cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
-cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
-cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
-cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
-cloud.google.com/go/bigquery v1.42.0/go.mod h1:8dRTJxhtG+vwBKzE5OseQn/hiydoQN3EedCaOdYmxRA=
-cloud.google.com/go/bigquery v1.43.0/go.mod h1:ZMQcXHsl+xmU1z36G2jNGZmKp9zNY5BUua5wDgmNCfw=
-cloud.google.com/go/bigquery v1.44.0/go.mod h1:0Y33VqXTEsbamHJvJHdFmtqHvMIY28aK1+dFsvaChGc=
-cloud.google.com/go/bigquery v1.47.0/go.mod h1:sA9XOgy0A8vQK9+MWhEQTY6Tix87M/ZurWFIxmF9I/E=
-cloud.google.com/go/bigquery v1.48.0/go.mod h1:QAwSz+ipNgfL5jxiaK7weyOhzdoAy1zFm0Nf1fysJac=
-cloud.google.com/go/bigquery v1.49.0/go.mod h1:Sv8hMmTFFYBlt/ftw2uN6dFdQPzBlREY9yBh7Oy7/4Q=
-cloud.google.com/go/bigquery v1.50.0/go.mod h1:YrleYEh2pSEbgTBZYMJ5SuSr0ML3ypjRB1zgf7pvQLU=
-cloud.google.com/go/billing v1.4.0/go.mod h1:g9IdKBEFlItS8bTtlrZdVLWSSdSyFUZKXNS02zKMOZY=
-cloud.google.com/go/billing v1.5.0/go.mod h1:mztb1tBc3QekhjSgmpf/CV4LzWXLzCArwpLmP2Gm88s=
-cloud.google.com/go/billing v1.6.0/go.mod h1:WoXzguj+BeHXPbKfNWkqVtDdzORazmCjraY+vrxcyvI=
-cloud.google.com/go/billing v1.7.0/go.mod h1:q457N3Hbj9lYwwRbnlD7vUpyjq6u5U1RAOArInEiD5Y=
-cloud.google.com/go/billing v1.12.0/go.mod h1:yKrZio/eu+okO/2McZEbch17O5CB5NpZhhXG6Z766ss=
-cloud.google.com/go/billing v1.13.0/go.mod h1:7kB2W9Xf98hP9Sr12KfECgfGclsH3CQR0R08tnRlRbc=
-cloud.google.com/go/binaryauthorization v1.1.0/go.mod h1:xwnoWu3Y84jbuHa0zd526MJYmtnVXn0syOjaJgy4+dM=
-cloud.google.com/go/binaryauthorization v1.2.0/go.mod h1:86WKkJHtRcv5ViNABtYMhhNWRrD1Vpi//uKEy7aYEfI=
-cloud.google.com/go/binaryauthorization v1.3.0/go.mod h1:lRZbKgjDIIQvzYQS1p99A7/U1JqvqeZg0wiI5tp6tg0=
-cloud.google.com/go/binaryauthorization v1.4.0/go.mod h1:tsSPQrBd77VLplV70GUhBf/Zm3FsKmgSqgm4UmiDItk=
-cloud.google.com/go/binaryauthorization v1.5.0/go.mod h1:OSe4OU1nN/VswXKRBmciKpo9LulY41gch5c68htf3/Q=
-cloud.google.com/go/certificatemanager v1.3.0/go.mod h1:n6twGDvcUBFu9uBgt4eYvvf3sQ6My8jADcOVwHmzadg=
-cloud.google.com/go/certificatemanager v1.4.0/go.mod h1:vowpercVFyqs8ABSmrdV+GiFf2H/ch3KyudYQEMM590=
-cloud.google.com/go/certificatemanager v1.6.0/go.mod h1:3Hh64rCKjRAX8dXgRAyOcY5vQ/fE1sh8o+Mdd6KPgY8=
-cloud.google.com/go/channel v1.8.0/go.mod h1:W5SwCXDJsq/rg3tn3oG0LOxpAo6IMxNa09ngphpSlnk=
-cloud.google.com/go/channel v1.9.0/go.mod h1:jcu05W0my9Vx4mt3/rEHpfxc9eKi9XwsdDL8yBMbKUk=
-cloud.google.com/go/channel v1.11.0/go.mod h1:IdtI0uWGqhEeatSB62VOoJ8FSUhJ9/+iGkJVqp74CGE=
-cloud.google.com/go/channel v1.12.0/go.mod h1:VkxCGKASi4Cq7TbXxlaBezonAYpp1GCnKMY6tnMQnLU=
-cloud.google.com/go/cloudbuild v1.3.0/go.mod h1:WequR4ULxlqvMsjDEEEFnOG5ZSRSgWOywXYDb1vPE6U=
-cloud.google.com/go/cloudbuild v1.4.0/go.mod h1:5Qwa40LHiOXmz3386FrjrYM93rM/hdRr7b53sySrTqA=
-cloud.google.com/go/cloudbuild v1.6.0/go.mod h1:UIbc/w9QCbH12xX+ezUsgblrWv+Cv4Tw83GiSMHOn9M=
-cloud.google.com/go/cloudbuild v1.7.0/go.mod h1:zb5tWh2XI6lR9zQmsm1VRA+7OCuve5d8S+zJUul8KTg=
-cloud.google.com/go/cloudbuild v1.9.0/go.mod h1:qK1d7s4QlO0VwfYn5YuClDGg2hfmLZEb4wQGAbIgL1s=
-cloud.google.com/go/clouddms v1.3.0/go.mod h1:oK6XsCDdW4Ib3jCCBugx+gVjevp2TMXFtgxvPSee3OM=
-cloud.google.com/go/clouddms v1.4.0/go.mod h1:Eh7sUGCC+aKry14O1NRljhjyrr0NFC0G2cjwX0cByRk=
-cloud.google.com/go/clouddms v1.5.0/go.mod h1:QSxQnhikCLUw13iAbffF2CZxAER3xDGNHjsTAkQJcQA=
-cloud.google.com/go/cloudtasks v1.5.0/go.mod h1:fD92REy1x5woxkKEkLdvavGnPJGEn8Uic9nWuLzqCpY=
-cloud.google.com/go/cloudtasks v1.6.0/go.mod h1:C6Io+sxuke9/KNRkbQpihnW93SWDU3uXt92nu85HkYI=
-cloud.google.com/go/cloudtasks v1.7.0/go.mod h1:ImsfdYWwlWNJbdgPIIGJWC+gemEGTBK/SunNQQNCAb4=
-cloud.google.com/go/cloudtasks v1.8.0/go.mod h1:gQXUIwCSOI4yPVK7DgTVFiiP0ZW/eQkydWzwVMdHxrI=
-cloud.google.com/go/cloudtasks v1.9.0/go.mod h1:w+EyLsVkLWHcOaqNEyvcKAsWp9p29dL6uL9Nst1cI7Y=
-cloud.google.com/go/cloudtasks v1.10.0/go.mod h1:NDSoTLkZ3+vExFEWu2UJV1arUyzVDAiZtdWcsUyNwBs=
-cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow=
-cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM=
-cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M=
-cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz/FMzPu0s=
-cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU=
-cloud.google.com/go/compute v1.7.0/go.mod h1:435lt8av5oL9P3fv1OEzSbSUe+ybHXGMPQHHZWZxy9U=
-cloud.google.com/go/compute v1.10.0/go.mod h1:ER5CLbMxl90o2jtNbGSbtfOpQKR0t15FOtRsugnLrlU=
-cloud.google.com/go/compute v1.12.0/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU=
-cloud.google.com/go/compute v1.12.1/go.mod h1:e8yNOBcBONZU1vJKCvCoDw/4JQsA0dpM4x/6PIIOocU=
-cloud.google.com/go/compute v1.13.0/go.mod h1:5aPTS0cUNMIc1CE546K+Th6weJUNQErARyZtRXDJ8GE=
-cloud.google.com/go/compute v1.14.0/go.mod h1:YfLtxrj9sU4Yxv+sXzZkyPjEyPBZfXHUvjxega5vAdo=
-cloud.google.com/go/compute v1.15.1/go.mod h1:bjjoF/NtFUrkD/urWfdHaKuOPDR5nWIs63rR+SXhcpA=
-cloud.google.com/go/compute v1.18.0/go.mod h1:1X7yHxec2Ga+Ss6jPyjxRxpu2uu7PLgsOVXvgU0yacs=
-cloud.google.com/go/compute v1.19.0/go.mod h1:rikpw2y+UMidAe9tISo04EHNOIf42RLYF/q8Bs93scU=
-cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IKd5/kvShxE=
-cloud.google.com/go/compute/metadata v0.1.0/go.mod h1:Z1VN+bulIf6bt4P/C37K4DyZYZEXYonfTBHHFPO/4UU=
-cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k=
-cloud.google.com/go/compute/metadata v0.2.1/go.mod h1:jgHgmJd2RKBGzXqF5LR2EZMGxBkeanZ9wwa75XHJgOM=
-cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA=
-cloud.google.com/go/compute/metadata v0.8.0 h1:HxMRIbao8w17ZX6wBnjhcDkW6lTFpgcaobyVfZWqRLA=
-cloud.google.com/go/compute/metadata v0.8.0/go.mod h1:sYOGTp851OV9bOFJ9CH7elVvyzopvWQFNNghtDQ/Biw=
-cloud.google.com/go/contactcenterinsights v1.3.0/go.mod h1:Eu2oemoePuEFc/xKFPjbTuPSj0fYJcPls9TFlPNnHHY=
-cloud.google.com/go/contactcenterinsights v1.4.0/go.mod h1:L2YzkGbPsv+vMQMCADxJoT9YiTTnSEd6fEvCeHTYVck=
-cloud.google.com/go/contactcenterinsights v1.6.0/go.mod h1:IIDlT6CLcDoyv79kDv8iWxMSTZhLxSCofVV5W6YFM/w=
-cloud.google.com/go/container v1.6.0/go.mod h1:Xazp7GjJSeUYo688S+6J5V+n/t+G5sKBTFkKNudGRxg=
-cloud.google.com/go/container v1.7.0/go.mod h1:Dp5AHtmothHGX3DwwIHPgq45Y8KmNsgN3amoYfxVkLo=
-cloud.google.com/go/container v1.13.1/go.mod h1:6wgbMPeQRw9rSnKBCAJXnds3Pzj03C4JHamr8asWKy4=
-cloud.google.com/go/container v1.14.0/go.mod h1:3AoJMPhHfLDxLvrlVWaK57IXzaPnLaZq63WX59aQBfM=
-cloud.google.com/go/container v1.15.0/go.mod h1:ft+9S0WGjAyjDggg5S06DXj+fHJICWg8L7isCQe9pQA=
-cloud.google.com/go/containeranalysis v0.5.1/go.mod h1:1D92jd8gRR/c0fGMlymRgxWD3Qw9C1ff6/T7mLgVL8I=
-cloud.google.com/go/containeranalysis v0.6.0/go.mod h1:HEJoiEIu+lEXM+k7+qLCci0h33lX3ZqoYFdmPcoO7s4=
-cloud.google.com/go/containeranalysis v0.7.0/go.mod h1:9aUL+/vZ55P2CXfuZjS4UjQ9AgXoSw8Ts6lemfmxBxI=
-cloud.google.com/go/containeranalysis v0.9.0/go.mod h1:orbOANbwk5Ejoom+s+DUCTTJ7IBdBQJDcSylAx/on9s=
-cloud.google.com/go/datacatalog v1.3.0/go.mod h1:g9svFY6tuR+j+hrTw3J2dNcmI0dzmSiyOzm8kpLq0a0=
-cloud.google.com/go/datacatalog v1.5.0/go.mod h1:M7GPLNQeLfWqeIm3iuiruhPzkt65+Bx8dAKvScX8jvs=
-cloud.google.com/go/datacatalog v1.6.0/go.mod h1:+aEyF8JKg+uXcIdAmmaMUmZ3q1b/lKLtXCmXdnc0lbc=
-cloud.google.com/go/datacatalog v1.7.0/go.mod h1:9mEl4AuDYWw81UGc41HonIHH7/sn52H0/tc8f8ZbZIE=
-cloud.google.com/go/datacatalog v1.8.0/go.mod h1:KYuoVOv9BM8EYz/4eMFxrr4DUKhGIOXxZoKYF5wdISM=
-cloud.google.com/go/datacatalog v1.8.1/go.mod h1:RJ58z4rMp3gvETA465Vg+ag8BGgBdnRPEMMSTr5Uv+M=
-cloud.google.com/go/datacatalog v1.12.0/go.mod h1:CWae8rFkfp6LzLumKOnmVh4+Zle4A3NXLzVJ1d1mRm0=
-cloud.google.com/go/datacatalog v1.13.0/go.mod h1:E4Rj9a5ZtAxcQJlEBTLgMTphfP11/lNaAshpoBgemX8=
-cloud.google.com/go/dataflow v0.6.0/go.mod h1:9QwV89cGoxjjSR9/r7eFDqqjtvbKxAK2BaYU6PVk9UM=
-cloud.google.com/go/dataflow v0.7.0/go.mod h1:PX526vb4ijFMesO1o202EaUmouZKBpjHsTlCtB4parQ=
-cloud.google.com/go/dataflow v0.8.0/go.mod h1:Rcf5YgTKPtQyYz8bLYhFoIV/vP39eL7fWNcSOyFfLJE=
-cloud.google.com/go/dataform v0.3.0/go.mod h1:cj8uNliRlHpa6L3yVhDOBrUXH+BPAO1+KFMQQNSThKo=
-cloud.google.com/go/dataform v0.4.0/go.mod h1:fwV6Y4Ty2yIFL89huYlEkwUPtS7YZinZbzzj5S9FzCE=
-cloud.google.com/go/dataform v0.5.0/go.mod h1:GFUYRe8IBa2hcomWplodVmUx/iTL0FrsauObOM3Ipr0=
-cloud.google.com/go/dataform v0.6.0/go.mod h1:QPflImQy33e29VuapFdf19oPbE4aYTJxr31OAPV+ulA=
-cloud.google.com/go/dataform v0.7.0/go.mod h1:7NulqnVozfHvWUBpMDfKMUESr+85aJsC/2O0o3jWPDE=
-cloud.google.com/go/datafusion v1.4.0/go.mod h1:1Zb6VN+W6ALo85cXnM1IKiPw+yQMKMhB9TsTSRDo/38=
-cloud.google.com/go/datafusion v1.5.0/go.mod h1:Kz+l1FGHB0J+4XF2fud96WMmRiq/wj8N9u007vyXZ2w=
-cloud.google.com/go/datafusion v1.6.0/go.mod h1:WBsMF8F1RhSXvVM8rCV3AeyWVxcC2xY6vith3iw3S+8=
-cloud.google.com/go/datalabeling v0.5.0/go.mod h1:TGcJ0G2NzcsXSE/97yWjIZO0bXj0KbVlINXMG9ud42I=
-cloud.google.com/go/datalabeling v0.6.0/go.mod h1:WqdISuk/+WIGeMkpw/1q7bK/tFEZxsrFJOJdY2bXvTQ=
-cloud.google.com/go/datalabeling v0.7.0/go.mod h1:WPQb1y08RJbmpM3ww0CSUAGweL0SxByuW2E+FU+wXcM=
-cloud.google.com/go/dataplex v1.3.0/go.mod h1:hQuRtDg+fCiFgC8j0zV222HvzFQdRd+SVX8gdmFcZzA=
-cloud.google.com/go/dataplex v1.4.0/go.mod h1:X51GfLXEMVJ6UN47ESVqvlsRplbLhcsAt0kZCCKsU0A=
-cloud.google.com/go/dataplex v1.5.2/go.mod h1:cVMgQHsmfRoI5KFYq4JtIBEUbYwc3c7tXmIDhRmNNVQ=
-cloud.google.com/go/dataplex v1.6.0/go.mod h1:bMsomC/aEJOSpHXdFKFGQ1b0TDPIeL28nJObeO1ppRs=
-cloud.google.com/go/dataproc v1.7.0/go.mod h1:CKAlMjII9H90RXaMpSxQ8EU6dQx6iAYNPcYPOkSbi8s=
-cloud.google.com/go/dataproc v1.8.0/go.mod h1:5OW+zNAH0pMpw14JVrPONsxMQYMBqJuzORhIBfBn9uI=
-cloud.google.com/go/dataproc v1.12.0/go.mod h1:zrF3aX0uV3ikkMz6z4uBbIKyhRITnxvr4i3IjKsKrw4=
-cloud.google.com/go/dataqna v0.5.0/go.mod h1:90Hyk596ft3zUQ8NkFfvICSIfHFh1Bc7C4cK3vbhkeo=
-cloud.google.com/go/dataqna v0.6.0/go.mod h1:1lqNpM7rqNLVgWBJyk5NF6Uen2PHym0jtVJonplVsDA=
-cloud.google.com/go/dataqna v0.7.0/go.mod h1:Lx9OcIIeqCrw1a6KdO3/5KMP1wAmTc0slZWwP12Qq3c=
-cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
-cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
-cloud.google.com/go/datastore v1.10.0/go.mod h1:PC5UzAmDEkAmkfaknstTYbNpgE49HAgW2J1gcgUfmdM=
-cloud.google.com/go/datastore v1.11.0/go.mod h1:TvGxBIHCS50u8jzG+AW/ppf87v1of8nwzFNgEZU1D3c=
-cloud.google.com/go/datastream v1.2.0/go.mod h1:i/uTP8/fZwgATHS/XFu0TcNUhuA0twZxxQ3EyCUQMwo=
-cloud.google.com/go/datastream v1.3.0/go.mod h1:cqlOX8xlyYF/uxhiKn6Hbv6WjwPPuI9W2M9SAXwaLLQ=
-cloud.google.com/go/datastream v1.4.0/go.mod h1:h9dpzScPhDTs5noEMQVWP8Wx8AFBRyS0s8KWPx/9r0g=
-cloud.google.com/go/datastream v1.5.0/go.mod h1:6TZMMNPwjUqZHBKPQ1wwXpb0d5VDVPl2/XoS5yi88q4=
-cloud.google.com/go/datastream v1.6.0/go.mod h1:6LQSuswqLa7S4rPAOZFVjHIG3wJIjZcZrw8JDEDJuIs=
-cloud.google.com/go/datastream v1.7.0/go.mod h1:uxVRMm2elUSPuh65IbZpzJNMbuzkcvu5CjMqVIUHrww=
-cloud.google.com/go/deploy v1.4.0/go.mod h1:5Xghikd4VrmMLNaF6FiRFDlHb59VM59YoDQnOUdsH/c=
-cloud.google.com/go/deploy v1.5.0/go.mod h1:ffgdD0B89tToyW/U/D2eL0jN2+IEV/3EMuXHA0l4r+s=
-cloud.google.com/go/deploy v1.6.0/go.mod h1:f9PTHehG/DjCom3QH0cntOVRm93uGBDt2vKzAPwpXQI=
-cloud.google.com/go/deploy v1.8.0/go.mod h1:z3myEJnA/2wnB4sgjqdMfgxCA0EqC3RBTNcVPs93mtQ=
-cloud.google.com/go/dialogflow v1.15.0/go.mod h1:HbHDWs33WOGJgn6rfzBW1Kv807BE3O1+xGbn59zZWI4=
-cloud.google.com/go/dialogflow v1.16.1/go.mod h1:po6LlzGfK+smoSmTBnbkIZY2w8ffjz/RcGSS+sh1el0=
-cloud.google.com/go/dialogflow v1.17.0/go.mod h1:YNP09C/kXA1aZdBgC/VtXX74G/TKn7XVCcVumTflA+8=
-cloud.google.com/go/dialogflow v1.18.0/go.mod h1:trO7Zu5YdyEuR+BhSNOqJezyFQ3aUzz0njv7sMx/iek=
-cloud.google.com/go/dialogflow v1.19.0/go.mod h1:JVmlG1TwykZDtxtTXujec4tQ+D8SBFMoosgy+6Gn0s0=
-cloud.google.com/go/dialogflow v1.29.0/go.mod h1:b+2bzMe+k1s9V+F2jbJwpHPzrnIyHihAdRFMtn2WXuM=
-cloud.google.com/go/dialogflow v1.31.0/go.mod h1:cuoUccuL1Z+HADhyIA7dci3N5zUssgpBJmCzI6fNRB4=
-cloud.google.com/go/dialogflow v1.32.0/go.mod h1:jG9TRJl8CKrDhMEcvfcfFkkpp8ZhgPz3sBGmAUYJ2qE=
-cloud.google.com/go/dlp v1.6.0/go.mod h1:9eyB2xIhpU0sVwUixfBubDoRwP+GjeUoxxeueZmqvmM=
-cloud.google.com/go/dlp v1.7.0/go.mod h1:68ak9vCiMBjbasxeVD17hVPxDEck+ExiHavX8kiHG+Q=
-cloud.google.com/go/dlp v1.9.0/go.mod h1:qdgmqgTyReTz5/YNSSuueR8pl7hO0o9bQ39ZhtgkWp4=
-cloud.google.com/go/documentai v1.7.0/go.mod h1:lJvftZB5NRiFSX4moiye1SMxHx0Bc3x1+p9e/RfXYiU=
-cloud.google.com/go/documentai v1.8.0/go.mod h1:xGHNEB7CtsnySCNrCFdCyyMz44RhFEEX2Q7UD0c5IhU=
-cloud.google.com/go/documentai v1.9.0/go.mod h1:FS5485S8R00U10GhgBC0aNGrJxBP8ZVpEeJ7PQDZd6k=
-cloud.google.com/go/documentai v1.10.0/go.mod h1:vod47hKQIPeCfN2QS/jULIvQTugbmdc0ZvxxfQY1bg4=
-cloud.google.com/go/documentai v1.16.0/go.mod h1:o0o0DLTEZ+YnJZ+J4wNfTxmDVyrkzFvttBXXtYRMHkM=
-cloud.google.com/go/documentai v1.18.0/go.mod h1:F6CK6iUH8J81FehpskRmhLq/3VlwQvb7TvwOceQ2tbs=
-cloud.google.com/go/domains v0.6.0/go.mod h1:T9Rz3GasrpYk6mEGHh4rymIhjlnIuB4ofT1wTxDeT4Y=
-cloud.google.com/go/domains v0.7.0/go.mod h1:PtZeqS1xjnXuRPKE/88Iru/LdfoRyEHYA9nFQf4UKpg=
-cloud.google.com/go/domains v0.8.0/go.mod h1:M9i3MMDzGFXsydri9/vW+EWz9sWb4I6WyHqdlAk0idE=
-cloud.google.com/go/edgecontainer v0.1.0/go.mod h1:WgkZ9tp10bFxqO8BLPqv2LlfmQF1X8lZqwW4r1BTajk=
-cloud.google.com/go/edgecontainer v0.2.0/go.mod h1:RTmLijy+lGpQ7BXuTDa4C4ssxyXT34NIuHIgKuP4s5w=
-cloud.google.com/go/edgecontainer v0.3.0/go.mod h1:FLDpP4nykgwwIfcLt6zInhprzw0lEi2P1fjO6Ie0qbc=
-cloud.google.com/go/edgecontainer v1.0.0/go.mod h1:cttArqZpBB2q58W/upSG++ooo6EsblxDIolxa3jSjbY=
-cloud.google.com/go/errorreporting v0.3.0/go.mod h1:xsP2yaAp+OAW4OIm60An2bbLpqIhKXdWR/tawvl7QzU=
-cloud.google.com/go/essentialcontacts v1.3.0/go.mod h1:r+OnHa5jfj90qIfZDO/VztSFqbQan7HV75p8sA+mdGI=
-cloud.google.com/go/essentialcontacts v1.4.0/go.mod h1:8tRldvHYsmnBCHdFpvU+GL75oWiBKl80BiqlFh9tp+8=
-cloud.google.com/go/essentialcontacts v1.5.0/go.mod h1:ay29Z4zODTuwliK7SnX8E86aUF2CTzdNtvv42niCX0M=
-cloud.google.com/go/eventarc v1.7.0/go.mod h1:6ctpF3zTnaQCxUjHUdcfgcA1A2T309+omHZth7gDfmc=
-cloud.google.com/go/eventarc v1.8.0/go.mod h1:imbzxkyAU4ubfsaKYdQg04WS1NvncblHEup4kvF+4gw=
-cloud.google.com/go/eventarc v1.10.0/go.mod h1:u3R35tmZ9HvswGRBnF48IlYgYeBcPUCjkr4BTdem2Kw=
-cloud.google.com/go/eventarc v1.11.0/go.mod h1:PyUjsUKPWoRBCHeOxZd/lbOOjahV41icXyUY5kSTvVY=
-cloud.google.com/go/filestore v1.3.0/go.mod h1:+qbvHGvXU1HaKX2nD0WEPo92TP/8AQuCVEBXNY9z0+w=
-cloud.google.com/go/filestore v1.4.0/go.mod h1:PaG5oDfo9r224f8OYXURtAsY+Fbyq/bLYoINEK8XQAI=
-cloud.google.com/go/filestore v1.5.0/go.mod h1:FqBXDWBp4YLHqRnVGveOkHDf8svj9r5+mUDLupOWEDs=
-cloud.google.com/go/filestore v1.6.0/go.mod h1:di5unNuss/qfZTw2U9nhFqo8/ZDSc466dre85Kydllg=
-cloud.google.com/go/firestore v1.9.0/go.mod h1:HMkjKHNTtRyZNiMzu7YAsLr9K3X2udY2AMwDaMEQiiE=
-cloud.google.com/go/functions v1.6.0/go.mod h1:3H1UA3qiIPRWD7PeZKLvHZ9SaQhR26XIJcC0A5GbvAk=
-cloud.google.com/go/functions v1.7.0/go.mod h1:+d+QBcWM+RsrgZfV9xo6KfA1GlzJfxcfZcRPEhDDfzg=
-cloud.google.com/go/functions v1.8.0/go.mod h1:RTZ4/HsQjIqIYP9a9YPbU+QFoQsAlYgrwOXJWHn1POY=
-cloud.google.com/go/functions v1.9.0/go.mod h1:Y+Dz8yGguzO3PpIjhLTbnqV1CWmgQ5UwtlpzoyquQ08=
-cloud.google.com/go/functions v1.10.0/go.mod h1:0D3hEOe3DbEvCXtYOZHQZmD+SzYsi1YbI7dGvHfldXw=
-cloud.google.com/go/functions v1.12.0/go.mod h1:AXWGrF3e2C/5ehvwYo/GH6O5s09tOPksiKhz+hH8WkA=
-cloud.google.com/go/functions v1.13.0/go.mod h1:EU4O007sQm6Ef/PwRsI8N2umygGqPBS/IZQKBQBcJ3c=
-cloud.google.com/go/gaming v1.5.0/go.mod h1:ol7rGcxP/qHTRQE/RO4bxkXq+Fix0j6D4LFPzYTIrDM=
-cloud.google.com/go/gaming v1.6.0/go.mod h1:YMU1GEvA39Qt3zWGyAVA9bpYz/yAhTvaQ1t2sK4KPUA=
-cloud.google.com/go/gaming v1.7.0/go.mod h1:LrB8U7MHdGgFG851iHAfqUdLcKBdQ55hzXy9xBJz0+w=
-cloud.google.com/go/gaming v1.8.0/go.mod h1:xAqjS8b7jAVW0KFYeRUxngo9My3f33kFmua++Pi+ggM=
-cloud.google.com/go/gaming v1.9.0/go.mod h1:Fc7kEmCObylSWLO334NcO+O9QMDyz+TKC4v1D7X+Bc0=
-cloud.google.com/go/gkebackup v0.2.0/go.mod h1:XKvv/4LfG829/B8B7xRkk8zRrOEbKtEam6yNfuQNH60=
-cloud.google.com/go/gkebackup v0.3.0/go.mod h1:n/E671i1aOQvUxT541aTkCwExO/bTer2HDlj4TsBRAo=
-cloud.google.com/go/gkebackup v0.4.0/go.mod h1:byAyBGUwYGEEww7xsbnUTBHIYcOPy/PgUWUtOeRm9Vg=
-cloud.google.com/go/gkeconnect v0.5.0/go.mod h1:c5lsNAg5EwAy7fkqX/+goqFsU1Da/jQFqArp+wGNr/o=
-cloud.google.com/go/gkeconnect v0.6.0/go.mod h1:Mln67KyU/sHJEBY8kFZ0xTeyPtzbq9StAVvEULYK16A=
-cloud.google.com/go/gkeconnect v0.7.0/go.mod h1:SNfmVqPkaEi3bF/B3CNZOAYPYdg7sU+obZ+QTky2Myw=
-cloud.google.com/go/gkehub v0.9.0/go.mod h1:WYHN6WG8w9bXU0hqNxt8rm5uxnk8IH+lPY9J2TV7BK0=
-cloud.google.com/go/gkehub v0.10.0/go.mod h1:UIPwxI0DsrpsVoWpLB0stwKCP+WFVG9+y977wO+hBH0=
-cloud.google.com/go/gkehub v0.11.0/go.mod h1:JOWHlmN+GHyIbuWQPl47/C2RFhnFKH38jH9Ascu3n0E=
-cloud.google.com/go/gkehub v0.12.0/go.mod h1:djiIwwzTTBrF5NaXCGv3mf7klpEMcST17VBTVVDcuaw=
-cloud.google.com/go/gkemulticloud v0.3.0/go.mod h1:7orzy7O0S+5kq95e4Hpn7RysVA7dPs8W/GgfUtsPbrA=
-cloud.google.com/go/gkemulticloud v0.4.0/go.mod h1:E9gxVBnseLWCk24ch+P9+B2CoDFJZTyIgLKSalC7tuI=
-cloud.google.com/go/gkemulticloud v0.5.0/go.mod h1:W0JDkiyi3Tqh0TJr//y19wyb1yf8llHVto2Htf2Ja3Y=
-cloud.google.com/go/grafeas v0.2.0/go.mod h1:KhxgtF2hb0P191HlY5besjYm6MqTSTj3LSI+M+ByZHc=
-cloud.google.com/go/gsuiteaddons v1.3.0/go.mod h1:EUNK/J1lZEZO8yPtykKxLXI6JSVN2rg9bN8SXOa0bgM=
-cloud.google.com/go/gsuiteaddons v1.4.0/go.mod h1:rZK5I8hht7u7HxFQcFei0+AtfS9uSushomRlg+3ua1o=
-cloud.google.com/go/gsuiteaddons v1.5.0/go.mod h1:TFCClYLd64Eaa12sFVmUyG62tk4mdIsI7pAnSXRkcFo=
-cloud.google.com/go/iam v0.1.0/go.mod h1:vcUNEa0pEm0qRVpmWepWaFMIAI8/hjB9mO8rNCJtF6c=
-cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY=
-cloud.google.com/go/iam v0.5.0/go.mod h1:wPU9Vt0P4UmCux7mqtRu6jcpPAb74cP1fh50J3QpkUc=
-cloud.google.com/go/iam v0.6.0/go.mod h1:+1AH33ueBne5MzYccyMHtEKqLE4/kJOibtffMHDMFMc=
-cloud.google.com/go/iam v0.7.0/go.mod h1:H5Br8wRaDGNc8XP3keLc4unfUUZeyH3Sfl9XpQEYOeg=
-cloud.google.com/go/iam v0.8.0/go.mod h1:lga0/y3iH6CX7sYqypWJ33hf7kkfXJag67naqGESjkE=
-cloud.google.com/go/iam v0.11.0/go.mod h1:9PiLDanza5D+oWFZiH1uG+RnRCfEGKoyl6yo4cgWZGY=
-cloud.google.com/go/iam v0.12.0/go.mod h1:knyHGviacl11zrtZUoDuYpDgLjvr28sLQaG0YB2GYAY=
-cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0=
-cloud.google.com/go/iam v1.5.2 h1:qgFRAGEmd8z6dJ/qyEchAuL9jpswyODjA2lS+w234g8=
-cloud.google.com/go/iam v1.5.2/go.mod h1:SE1vg0N81zQqLzQEwxL2WI6yhetBdbNQuTvIKCSkUHE=
-cloud.google.com/go/iap v1.4.0/go.mod h1:RGFwRJdihTINIe4wZ2iCP0zF/qu18ZwyKxrhMhygBEc=
-cloud.google.com/go/iap v1.5.0/go.mod h1:UH/CGgKd4KyohZL5Pt0jSKE4m3FR51qg6FKQ/z/Ix9A=
-cloud.google.com/go/iap v1.6.0/go.mod h1:NSuvI9C/j7UdjGjIde7t7HBz+QTwBcapPE07+sSRcLk=
-cloud.google.com/go/iap v1.7.0/go.mod h1:beqQx56T9O1G1yNPph+spKpNibDlYIiIixiqsQXxLIo=
-cloud.google.com/go/iap v1.7.1/go.mod h1:WapEwPc7ZxGt2jFGB/C/bm+hP0Y6NXzOYGjpPnmMS74=
-cloud.google.com/go/ids v1.1.0/go.mod h1:WIuwCaYVOzHIj2OhN9HAwvW+DBdmUAdcWlFxRl+KubM=
-cloud.google.com/go/ids v1.2.0/go.mod h1:5WXvp4n25S0rA/mQWAg1YEEBBq6/s+7ml1RDCW1IrcY=
-cloud.google.com/go/ids v1.3.0/go.mod h1:JBdTYwANikFKaDP6LtW5JAi4gubs57SVNQjemdt6xV4=
-cloud.google.com/go/iot v1.3.0/go.mod h1:r7RGh2B61+B8oz0AGE+J72AhA0G7tdXItODWsaA2oLs=
-cloud.google.com/go/iot v1.4.0/go.mod h1:dIDxPOn0UvNDUMD8Ger7FIaTuvMkj+aGk94RPP0iV+g=
-cloud.google.com/go/iot v1.5.0/go.mod h1:mpz5259PDl3XJthEmh9+ap0affn/MqNSP4My77Qql9o=
-cloud.google.com/go/iot v1.6.0/go.mod h1:IqdAsmE2cTYYNO1Fvjfzo9po179rAtJeVGUvkLN3rLE=
-cloud.google.com/go/kms v1.4.0/go.mod h1:fajBHndQ+6ubNw6Ss2sSd+SWvjL26RNo/dr7uxsnnOA=
-cloud.google.com/go/kms v1.5.0/go.mod h1:QJS2YY0eJGBg3mnDfuaCyLauWwBJiHRboYxJ++1xJNg=
-cloud.google.com/go/kms v1.6.0/go.mod h1:Jjy850yySiasBUDi6KFUwUv2n1+o7QZFyuUJg6OgjA0=
-cloud.google.com/go/kms v1.8.0/go.mod h1:4xFEhYFqvW+4VMELtZyxomGSYtSQKzM178ylFW4jMAg=
-cloud.google.com/go/kms v1.9.0/go.mod h1:qb1tPTgfF9RQP8e1wq4cLFErVuTJv7UsSC915J8dh3w=
-cloud.google.com/go/kms v1.10.0/go.mod h1:ng3KTUtQQU9bPX3+QGLsflZIHlkbn8amFAMY63m8d24=
-cloud.google.com/go/kms v1.10.1/go.mod h1:rIWk/TryCkR59GMC3YtHtXeLzd634lBbKenvyySAyYI=
-cloud.google.com/go/language v1.4.0/go.mod h1:F9dRpNFQmJbkaop6g0JhSBXCNlO90e1KWx5iDdxbWic=
-cloud.google.com/go/language v1.6.0/go.mod h1:6dJ8t3B+lUYfStgls25GusK04NLh3eDLQnWM3mdEbhI=
-cloud.google.com/go/language v1.7.0/go.mod h1:DJ6dYN/W+SQOjF8e1hLQXMF21AkH2w9wiPzPCJa2MIE=
-cloud.google.com/go/language v1.8.0/go.mod h1:qYPVHf7SPoNNiCL2Dr0FfEFNil1qi3pQEyygwpgVKB8=
-cloud.google.com/go/language v1.9.0/go.mod h1:Ns15WooPM5Ad/5no/0n81yUetis74g3zrbeJBE+ptUY=
-cloud.google.com/go/lifesciences v0.5.0/go.mod h1:3oIKy8ycWGPUyZDR/8RNnTOYevhaMLqh5vLUXs9zvT8=
-cloud.google.com/go/lifesciences v0.6.0/go.mod h1:ddj6tSX/7BOnhxCSd3ZcETvtNr8NZ6t/iPhY2Tyfu08=
-cloud.google.com/go/lifesciences v0.8.0/go.mod h1:lFxiEOMqII6XggGbOnKiyZ7IBwoIqA84ClvoezaA/bo=
-cloud.google.com/go/logging v1.6.1/go.mod h1:5ZO0mHHbvm8gEmeEUHrmDlTDSu5imF6MUP9OfilNXBw=
-cloud.google.com/go/logging v1.7.0/go.mod h1:3xjP2CjkM3ZkO73aj4ASA5wRPGGCRrPIAeNqVNkzY8M=
-cloud.google.com/go/longrunning v0.1.1/go.mod h1:UUFxuDWkv22EuY93jjmDMFT5GPQKeFVJBIF6QlTqdsE=
-cloud.google.com/go/longrunning v0.3.0/go.mod h1:qth9Y41RRSUE69rDcOn6DdK3HfQfsUI0YSmW3iIlLJc=
-cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo=
-cloud.google.com/go/longrunning v0.6.7 h1:IGtfDWHhQCgCjwQjV9iiLnUta9LBCo8R9QmAFsS/PrE=
-cloud.google.com/go/longrunning v0.6.7/go.mod h1:EAFV3IZAKmM56TyiE6VAP3VoTzhZzySwI/YI1s/nRsY=
-cloud.google.com/go/managedidentities v1.3.0/go.mod h1:UzlW3cBOiPrzucO5qWkNkh0w33KFtBJU281hacNvsdE=
-cloud.google.com/go/managedidentities v1.4.0/go.mod h1:NWSBYbEMgqmbZsLIyKvxrYbtqOsxY1ZrGM+9RgDqInM=
-cloud.google.com/go/managedidentities v1.5.0/go.mod h1:+dWcZ0JlUmpuxpIDfyP5pP5y0bLdRwOS4Lp7gMni/LA=
-cloud.google.com/go/maps v0.1.0/go.mod h1:BQM97WGyfw9FWEmQMpZ5T6cpovXXSd1cGmFma94eubI=
-cloud.google.com/go/maps v0.6.0/go.mod h1:o6DAMMfb+aINHz/p/jbcY+mYeXBoZoxTfdSQ8VAJaCw=
-cloud.google.com/go/maps v0.7.0/go.mod h1:3GnvVl3cqeSvgMcpRlQidXsPYuDGQ8naBis7MVzpXsY=
-cloud.google.com/go/mediatranslation v0.5.0/go.mod h1:jGPUhGTybqsPQn91pNXw0xVHfuJ3leR1wj37oU3y1f4=
-cloud.google.com/go/mediatranslation v0.6.0/go.mod h1:hHdBCTYNigsBxshbznuIMFNe5QXEowAuNmmC7h8pu5w=
-cloud.google.com/go/mediatranslation v0.7.0/go.mod h1:LCnB/gZr90ONOIQLgSXagp8XUW1ODs2UmUMvcgMfI2I=
-cloud.google.com/go/memcache v1.4.0/go.mod h1:rTOfiGZtJX1AaFUrOgsMHX5kAzaTQ8azHiuDoTPzNsE=
-cloud.google.com/go/memcache v1.5.0/go.mod h1:dk3fCK7dVo0cUU2c36jKb4VqKPS22BTkf81Xq617aWM=
-cloud.google.com/go/memcache v1.6.0/go.mod h1:XS5xB0eQZdHtTuTF9Hf8eJkKtR3pVRCcvJwtm68T3rA=
-cloud.google.com/go/memcache v1.7.0/go.mod h1:ywMKfjWhNtkQTxrWxCkCFkoPjLHPW6A7WOTVI8xy3LY=
-cloud.google.com/go/memcache v1.9.0/go.mod h1:8oEyzXCu+zo9RzlEaEjHl4KkgjlNDaXbCQeQWlzNFJM=
-cloud.google.com/go/metastore v1.5.0/go.mod h1:2ZNrDcQwghfdtCwJ33nM0+GrBGlVuh8rakL3vdPY3XY=
-cloud.google.com/go/metastore v1.6.0/go.mod h1:6cyQTls8CWXzk45G55x57DVQ9gWg7RiH65+YgPsNh9s=
-cloud.google.com/go/metastore v1.7.0/go.mod h1:s45D0B4IlsINu87/AsWiEVYbLaIMeUSoxlKKDqBGFS8=
-cloud.google.com/go/metastore v1.8.0/go.mod h1:zHiMc4ZUpBiM7twCIFQmJ9JMEkDSyZS9U12uf7wHqSI=
-cloud.google.com/go/metastore v1.10.0/go.mod h1:fPEnH3g4JJAk+gMRnrAnoqyv2lpUCqJPWOodSaf45Eo=
-cloud.google.com/go/monitoring v1.7.0/go.mod h1:HpYse6kkGo//7p6sT0wsIC6IBDET0RhIsnmlA53dvEk=
-cloud.google.com/go/monitoring v1.8.0/go.mod h1:E7PtoMJ1kQXWxPjB6mv2fhC5/15jInuulFdYYtlcvT4=
-cloud.google.com/go/monitoring v1.12.0/go.mod h1:yx8Jj2fZNEkL/GYZyTLS4ZtZEZN8WtDEiEqG4kLK50w=
-cloud.google.com/go/monitoring v1.13.0/go.mod h1:k2yMBAB1H9JT/QETjNkgdCGD9bPF712XiLTVr+cBrpw=
-cloud.google.com/go/monitoring v1.24.2 h1:5OTsoJ1dXYIiMiuL+sYscLc9BumrL3CarVLL7dd7lHM=
-cloud.google.com/go/monitoring v1.24.2/go.mod h1:x7yzPWcgDRnPEv3sI+jJGBkwl5qINf+6qY4eq0I9B4U=
-cloud.google.com/go/networkconnectivity v1.4.0/go.mod h1:nOl7YL8odKyAOtzNX73/M5/mGZgqqMeryi6UPZTk/rA=
-cloud.google.com/go/networkconnectivity v1.5.0/go.mod h1:3GzqJx7uhtlM3kln0+x5wyFvuVH1pIBJjhCpjzSt75o=
-cloud.google.com/go/networkconnectivity v1.6.0/go.mod h1:OJOoEXW+0LAxHh89nXd64uGG+FbQoeH8DtxCHVOMlaM=
-cloud.google.com/go/networkconnectivity v1.7.0/go.mod h1:RMuSbkdbPwNMQjB5HBWD5MpTBnNm39iAVpC3TmsExt8=
-cloud.google.com/go/networkconnectivity v1.10.0/go.mod h1:UP4O4sWXJG13AqrTdQCD9TnLGEbtNRqjuaaA7bNjF5E=
-cloud.google.com/go/networkconnectivity v1.11.0/go.mod h1:iWmDD4QF16VCDLXUqvyspJjIEtBR/4zq5hwnY2X3scM=
-cloud.google.com/go/networkmanagement v1.4.0/go.mod h1:Q9mdLLRn60AsOrPc8rs8iNV6OHXaGcDdsIQe1ohekq8=
-cloud.google.com/go/networkmanagement v1.5.0/go.mod h1:ZnOeZ/evzUdUsnvRt792H0uYEnHQEMaz+REhhzJRcf4=
-cloud.google.com/go/networkmanagement v1.6.0/go.mod h1:5pKPqyXjB/sgtvB5xqOemumoQNB7y95Q7S+4rjSOPYY=
-cloud.google.com/go/networksecurity v0.5.0/go.mod h1:xS6fOCoqpVC5zx15Z/MqkfDwH4+m/61A3ODiDV1xmiQ=
-cloud.google.com/go/networksecurity v0.6.0/go.mod h1:Q5fjhTr9WMI5mbpRYEbiexTzROf7ZbDzvzCrNl14nyU=
-cloud.google.com/go/networksecurity v0.7.0/go.mod h1:mAnzoxx/8TBSyXEeESMy9OOYwo1v+gZ5eMRnsT5bC8k=
-cloud.google.com/go/networksecurity v0.8.0/go.mod h1:B78DkqsxFG5zRSVuwYFRZ9Xz8IcQ5iECsNrPn74hKHU=
-cloud.google.com/go/notebooks v1.2.0/go.mod h1:9+wtppMfVPUeJ8fIWPOq1UnATHISkGXGqTkxeieQ6UY=
-cloud.google.com/go/notebooks v1.3.0/go.mod h1:bFR5lj07DtCPC7YAAJ//vHskFBxA5JzYlH68kXVdk34=
-cloud.google.com/go/notebooks v1.4.0/go.mod h1:4QPMngcwmgb6uw7Po99B2xv5ufVoIQ7nOGDyL4P8AgA=
-cloud.google.com/go/notebooks v1.5.0/go.mod h1:q8mwhnP9aR8Hpfnrc5iN5IBhrXUy8S2vuYs+kBJ/gu0=
-cloud.google.com/go/notebooks v1.7.0/go.mod h1:PVlaDGfJgj1fl1S3dUwhFMXFgfYGhYQt2164xOMONmE=
-cloud.google.com/go/notebooks v1.8.0/go.mod h1:Lq6dYKOYOWUCTvw5t2q1gp1lAp0zxAxRycayS0iJcqQ=
-cloud.google.com/go/optimization v1.1.0/go.mod h1:5po+wfvX5AQlPznyVEZjGJTMr4+CAkJf2XSTQOOl9l4=
-cloud.google.com/go/optimization v1.2.0/go.mod h1:Lr7SOHdRDENsh+WXVmQhQTrzdu9ybg0NecjHidBq6xs=
-cloud.google.com/go/optimization v1.3.1/go.mod h1:IvUSefKiwd1a5p0RgHDbWCIbDFgKuEdB+fPPuP0IDLI=
-cloud.google.com/go/orchestration v1.3.0/go.mod h1:Sj5tq/JpWiB//X/q3Ngwdl5K7B7Y0KZ7bfv0wL6fqVA=
-cloud.google.com/go/orchestration v1.4.0/go.mod h1:6W5NLFWs2TlniBphAViZEVhrXRSMgUGDfW7vrWKvsBk=
-cloud.google.com/go/orchestration v1.6.0/go.mod h1:M62Bevp7pkxStDfFfTuCOaXgaaqRAga1yKyoMtEoWPQ=
-cloud.google.com/go/orgpolicy v1.4.0/go.mod h1:xrSLIV4RePWmP9P3tBl8S93lTmlAxjm06NSm2UTmKvE=
-cloud.google.com/go/orgpolicy v1.5.0/go.mod h1:hZEc5q3wzwXJaKrsx5+Ewg0u1LxJ51nNFlext7Tanwc=
-cloud.google.com/go/orgpolicy v1.10.0/go.mod h1:w1fo8b7rRqlXlIJbVhOMPrwVljyuW5mqssvBtU18ONc=
-cloud.google.com/go/osconfig v1.7.0/go.mod h1:oVHeCeZELfJP7XLxcBGTMBvRO+1nQ5tFG9VQTmYS2Fs=
-cloud.google.com/go/osconfig v1.8.0/go.mod h1:EQqZLu5w5XA7eKizepumcvWx+m8mJUhEwiPqWiZeEdg=
-cloud.google.com/go/osconfig v1.9.0/go.mod h1:Yx+IeIZJ3bdWmzbQU4fxNl8xsZ4amB+dygAwFPlvnNo=
-cloud.google.com/go/osconfig v1.10.0/go.mod h1:uMhCzqC5I8zfD9zDEAfvgVhDS8oIjySWh+l4WK6GnWw=
-cloud.google.com/go/osconfig v1.11.0/go.mod h1:aDICxrur2ogRd9zY5ytBLV89KEgT2MKB2L/n6x1ooPw=
-cloud.google.com/go/oslogin v1.4.0/go.mod h1:YdgMXWRaElXz/lDk1Na6Fh5orF7gvmJ0FGLIs9LId4E=
-cloud.google.com/go/oslogin v1.5.0/go.mod h1:D260Qj11W2qx/HVF29zBg+0fd6YCSjSqLUkY/qEenQU=
-cloud.google.com/go/oslogin v1.6.0/go.mod h1:zOJ1O3+dTU8WPlGEkFSh7qeHPPSoxrcMbbK1Nm2iX70=
-cloud.google.com/go/oslogin v1.7.0/go.mod h1:e04SN0xO1UNJ1M5GP0vzVBFicIe4O53FOfcixIqTyXo=
-cloud.google.com/go/oslogin v1.9.0/go.mod h1:HNavntnH8nzrn8JCTT5fj18FuJLFJc4NaZJtBnQtKFs=
-cloud.google.com/go/phishingprotection v0.5.0/go.mod h1:Y3HZknsK9bc9dMi+oE8Bim0lczMU6hrX0UpADuMefr0=
-cloud.google.com/go/phishingprotection v0.6.0/go.mod h1:9Y3LBLgy0kDTcYET8ZH3bq/7qni15yVUoAxiFxnlSUA=
-cloud.google.com/go/phishingprotection v0.7.0/go.mod h1:8qJI4QKHoda/sb/7/YmMQ2omRLSLYSu9bU0EKCNI+Lk=
-cloud.google.com/go/policytroubleshooter v1.3.0/go.mod h1:qy0+VwANja+kKrjlQuOzmlvscn4RNsAc0e15GGqfMxg=
-cloud.google.com/go/policytroubleshooter v1.4.0/go.mod h1:DZT4BcRw3QoO8ota9xw/LKtPa8lKeCByYeKTIf/vxdE=
-cloud.google.com/go/policytroubleshooter v1.5.0/go.mod h1:Rz1WfV+1oIpPdN2VvvuboLVRsB1Hclg3CKQ53j9l8vw=
-cloud.google.com/go/policytroubleshooter v1.6.0/go.mod h1:zYqaPTsmfvpjm5ULxAyD/lINQxJ0DDsnWOP/GZ7xzBc=
-cloud.google.com/go/privatecatalog v0.5.0/go.mod h1:XgosMUvvPyxDjAVNDYxJ7wBW8//hLDDYmnsNcMGq1K0=
-cloud.google.com/go/privatecatalog v0.6.0/go.mod h1:i/fbkZR0hLN29eEWiiwue8Pb+GforiEIBnV9yrRUOKI=
-cloud.google.com/go/privatecatalog v0.7.0/go.mod h1:2s5ssIFO69F5csTXcwBP7NPFTZvps26xGzvQ2PQaBYg=
-cloud.google.com/go/privatecatalog v0.8.0/go.mod h1:nQ6pfaegeDAq/Q5lrfCQzQLhubPiZhSaNhIgfJlnIXs=
-cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
-cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
-cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
-cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
-cloud.google.com/go/pubsub v1.26.0/go.mod h1:QgBH3U/jdJy/ftjPhTkyXNj543Tin1pRYcdcPRnFIRI=
-cloud.google.com/go/pubsub v1.27.1/go.mod h1:hQN39ymbV9geqBnfQq6Xf63yNhUAhv9CZhzp5O6qsW0=
-cloud.google.com/go/pubsub v1.28.0/go.mod h1:vuXFpwaVoIPQMGXqRyUQigu/AX1S3IWugR9xznmcXX8=
-cloud.google.com/go/pubsub v1.30.0/go.mod h1:qWi1OPS0B+b5L+Sg6Gmc9zD1Y+HaM0MdUr7LsupY1P4=
-cloud.google.com/go/pubsublite v1.5.0/go.mod h1:xapqNQ1CuLfGi23Yda/9l4bBCKz/wC3KIJ5gKcxveZg=
-cloud.google.com/go/pubsublite v1.6.0/go.mod h1:1eFCS0U11xlOuMFV/0iBqw3zP12kddMeCbj/F3FSj9k=
-cloud.google.com/go/pubsublite v1.7.0/go.mod h1:8hVMwRXfDfvGm3fahVbtDbiLePT3gpoiJYJY+vxWxVM=
-cloud.google.com/go/recaptchaenterprise v1.3.1/go.mod h1:OdD+q+y4XGeAlxRaMn1Y7/GveP6zmq76byL6tjPE7d4=
-cloud.google.com/go/recaptchaenterprise/v2 v2.1.0/go.mod h1:w9yVqajwroDNTfGuhmOjPDN//rZGySaf6PtFVcSCa7o=
-cloud.google.com/go/recaptchaenterprise/v2 v2.2.0/go.mod h1:/Zu5jisWGeERrd5HnlS3EUGb/D335f9k51B/FVil0jk=
-cloud.google.com/go/recaptchaenterprise/v2 v2.3.0/go.mod h1:O9LwGCjrhGHBQET5CA7dd5NwwNQUErSgEDit1DLNTdo=
-cloud.google.com/go/recaptchaenterprise/v2 v2.4.0/go.mod h1:Am3LHfOuBstrLrNCBrlI5sbwx9LBg3te2N6hGvHn2mE=
-cloud.google.com/go/recaptchaenterprise/v2 v2.5.0/go.mod h1:O8LzcHXN3rz0j+LBC91jrwI3R+1ZSZEWrfL7XHgNo9U=
-cloud.google.com/go/recaptchaenterprise/v2 v2.6.0/go.mod h1:RPauz9jeLtB3JVzg6nCbe12qNoaa8pXc4d/YukAmcnA=
-cloud.google.com/go/recaptchaenterprise/v2 v2.7.0/go.mod h1:19wVj/fs5RtYtynAPJdDTb69oW0vNHYDBTbB4NvMD9c=
-cloud.google.com/go/recommendationengine v0.5.0/go.mod h1:E5756pJcVFeVgaQv3WNpImkFP8a+RptV6dDLGPILjvg=
-cloud.google.com/go/recommendationengine v0.6.0/go.mod h1:08mq2umu9oIqc7tDy8sx+MNJdLG0fUi3vaSVbztHgJ4=
-cloud.google.com/go/recommendationengine v0.7.0/go.mod h1:1reUcE3GIu6MeBz/h5xZJqNLuuVjNg1lmWMPyjatzac=
-cloud.google.com/go/recommender v1.5.0/go.mod h1:jdoeiBIVrJe9gQjwd759ecLJbxCDED4A6p+mqoqDvTg=
-cloud.google.com/go/recommender v1.6.0/go.mod h1:+yETpm25mcoiECKh9DEScGzIRyDKpZ0cEhWGo+8bo+c=
-cloud.google.com/go/recommender v1.7.0/go.mod h1:XLHs/W+T8olwlGOgfQenXBTbIseGclClff6lhFVe9Bs=
-cloud.google.com/go/recommender v1.8.0/go.mod h1:PkjXrTT05BFKwxaUxQmtIlrtj0kph108r02ZZQ5FE70=
-cloud.google.com/go/recommender v1.9.0/go.mod h1:PnSsnZY7q+VL1uax2JWkt/UegHssxjUVVCrX52CuEmQ=
-cloud.google.com/go/redis v1.7.0/go.mod h1:V3x5Jq1jzUcg+UNsRvdmsfuFnit1cfe3Z/PGyq/lm4Y=
-cloud.google.com/go/redis v1.8.0/go.mod h1:Fm2szCDavWzBk2cDKxrkmWBqoCiL1+Ctwq7EyqBCA/A=
-cloud.google.com/go/redis v1.9.0/go.mod h1:HMYQuajvb2D0LvMgZmLDZW8V5aOC/WxstZHiy4g8OiA=
-cloud.google.com/go/redis v1.10.0/go.mod h1:ThJf3mMBQtW18JzGgh41/Wld6vnDDc/F/F35UolRZPM=
-cloud.google.com/go/redis v1.11.0/go.mod h1:/X6eicana+BWcUda5PpwZC48o37SiFVTFSs0fWAJ7uQ=
-cloud.google.com/go/resourcemanager v1.3.0/go.mod h1:bAtrTjZQFJkiWTPDb1WBjzvc6/kifjj4QBYuKCCoqKA=
-cloud.google.com/go/resourcemanager v1.4.0/go.mod h1:MwxuzkumyTX7/a3n37gmsT3py7LIXwrShilPh3P1tR0=
-cloud.google.com/go/resourcemanager v1.5.0/go.mod h1:eQoXNAiAvCf5PXxWxXjhKQoTMaUSNrEfg+6qdf/wots=
-cloud.google.com/go/resourcemanager v1.6.0/go.mod h1:YcpXGRs8fDzcUl1Xw8uOVmI8JEadvhRIkoXXUNVYcVo=
-cloud.google.com/go/resourcemanager v1.7.0/go.mod h1:HlD3m6+bwhzj9XCouqmeiGuni95NTrExfhoSrkC/3EI=
-cloud.google.com/go/resourcesettings v1.3.0/go.mod h1:lzew8VfESA5DQ8gdlHwMrqZs1S9V87v3oCnKCWoOuQU=
-cloud.google.com/go/resourcesettings v1.4.0/go.mod h1:ldiH9IJpcrlC3VSuCGvjR5of/ezRrOxFtpJoJo5SmXg=
-cloud.google.com/go/resourcesettings v1.5.0/go.mod h1:+xJF7QSG6undsQDfsCJyqWXyBwUoJLhetkRMDRnIoXA=
-cloud.google.com/go/retail v1.8.0/go.mod h1:QblKS8waDmNUhghY2TI9O3JLlFk8jybHeV4BF19FrE4=
-cloud.google.com/go/retail v1.9.0/go.mod h1:g6jb6mKuCS1QKnH/dpu7isX253absFl6iE92nHwlBUY=
-cloud.google.com/go/retail v1.10.0/go.mod h1:2gDk9HsL4HMS4oZwz6daui2/jmKvqShXKQuB2RZ+cCc=
-cloud.google.com/go/retail v1.11.0/go.mod h1:MBLk1NaWPmh6iVFSz9MeKG/Psyd7TAgm6y/9L2B4x9Y=
-cloud.google.com/go/retail v1.12.0/go.mod h1:UMkelN/0Z8XvKymXFbD4EhFJlYKRx1FGhQkVPU5kF14=
-cloud.google.com/go/run v0.2.0/go.mod h1:CNtKsTA1sDcnqqIFR3Pb5Tq0usWxJJvsWOCPldRU3Do=
-cloud.google.com/go/run v0.3.0/go.mod h1:TuyY1+taHxTjrD0ZFk2iAR+xyOXEA0ztb7U3UNA0zBo=
-cloud.google.com/go/run v0.8.0/go.mod h1:VniEnuBwqjigv0A7ONfQUaEItaiCRVujlMqerPPiktM=
-cloud.google.com/go/run v0.9.0/go.mod h1:Wwu+/vvg8Y+JUApMwEDfVfhetv30hCG4ZwDR/IXl2Qg=
-cloud.google.com/go/scheduler v1.4.0/go.mod h1:drcJBmxF3aqZJRhmkHQ9b3uSSpQoltBPGPxGAWROx6s=
-cloud.google.com/go/scheduler v1.5.0/go.mod h1:ri073ym49NW3AfT6DZi21vLZrG07GXr5p3H1KxN5QlI=
-cloud.google.com/go/scheduler v1.6.0/go.mod h1:SgeKVM7MIwPn3BqtcBntpLyrIJftQISRrYB5ZtT+KOk=
-cloud.google.com/go/scheduler v1.7.0/go.mod h1:jyCiBqWW956uBjjPMMuX09n3x37mtyPJegEWKxRsn44=
-cloud.google.com/go/scheduler v1.8.0/go.mod h1:TCET+Y5Gp1YgHT8py4nlg2Sew8nUHMqcpousDgXJVQc=
-cloud.google.com/go/scheduler v1.9.0/go.mod h1:yexg5t+KSmqu+njTIh3b7oYPheFtBWGcbVUYF1GGMIc=
-cloud.google.com/go/secretmanager v1.6.0/go.mod h1:awVa/OXF6IiyaU1wQ34inzQNc4ISIDIrId8qE5QGgKA=
-cloud.google.com/go/secretmanager v1.8.0/go.mod h1:hnVgi/bN5MYHd3Gt0SPuTPPp5ENina1/LxM+2W9U9J4=
-cloud.google.com/go/secretmanager v1.9.0/go.mod h1:b71qH2l1yHmWQHt9LC80akm86mX8AL6X1MA01dW8ht4=
-cloud.google.com/go/secretmanager v1.10.0/go.mod h1:MfnrdvKMPNra9aZtQFvBcvRU54hbPD8/HayQdlUgJpU=
-cloud.google.com/go/security v1.5.0/go.mod h1:lgxGdyOKKjHL4YG3/YwIL2zLqMFCKs0UbQwgyZmfJl4=
-cloud.google.com/go/security v1.7.0/go.mod h1:mZklORHl6Bg7CNnnjLH//0UlAlaXqiG7Lb9PsPXLfD0=
-cloud.google.com/go/security v1.8.0/go.mod h1:hAQOwgmaHhztFhiQ41CjDODdWP0+AE1B3sX4OFlq+GU=
-cloud.google.com/go/security v1.9.0/go.mod h1:6Ta1bO8LXI89nZnmnsZGp9lVoVWXqsVbIq/t9dzI+2Q=
-cloud.google.com/go/security v1.10.0/go.mod h1:QtOMZByJVlibUT2h9afNDWRZ1G96gVywH8T5GUSb9IA=
-cloud.google.com/go/security v1.12.0/go.mod h1:rV6EhrpbNHrrxqlvW0BWAIawFWq3X90SduMJdFwtLB8=
-cloud.google.com/go/security v1.13.0/go.mod h1:Q1Nvxl1PAgmeW0y3HTt54JYIvUdtcpYKVfIB8AOMZ+0=
-cloud.google.com/go/securitycenter v1.13.0/go.mod h1:cv5qNAqjY84FCN6Y9z28WlkKXyWsgLO832YiWwkCWcU=
-cloud.google.com/go/securitycenter v1.14.0/go.mod h1:gZLAhtyKv85n52XYWt6RmeBdydyxfPeTrpToDPw4Auc=
-cloud.google.com/go/securitycenter v1.15.0/go.mod h1:PeKJ0t8MoFmmXLXWm41JidyzI3PJjd8sXWaVqg43WWk=
-cloud.google.com/go/securitycenter v1.16.0/go.mod h1:Q9GMaLQFUD+5ZTabrbujNWLtSLZIZF7SAR0wWECrjdk=
-cloud.google.com/go/securitycenter v1.18.1/go.mod h1:0/25gAzCM/9OL9vVx4ChPeM/+DlfGQJDwBy/UC8AKK0=
-cloud.google.com/go/securitycenter v1.19.0/go.mod h1:LVLmSg8ZkkyaNy4u7HCIshAngSQ8EcIRREP3xBnyfag=
-cloud.google.com/go/servicecontrol v1.4.0/go.mod h1:o0hUSJ1TXJAmi/7fLJAedOovnujSEvjKCAFNXPQ1RaU=
-cloud.google.com/go/servicecontrol v1.5.0/go.mod h1:qM0CnXHhyqKVuiZnGKrIurvVImCs8gmqWsDoqe9sU1s=
-cloud.google.com/go/servicecontrol v1.10.0/go.mod h1:pQvyvSRh7YzUF2efw7H87V92mxU8FnFDawMClGCNuAA=
-cloud.google.com/go/servicecontrol v1.11.0/go.mod h1:kFmTzYzTUIuZs0ycVqRHNaNhgR+UMUpw9n02l/pY+mc=
-cloud.google.com/go/servicecontrol v1.11.1/go.mod h1:aSnNNlwEFBY+PWGQ2DoM0JJ/QUXqV5/ZD9DOLB7SnUk=
-cloud.google.com/go/servicedirectory v1.4.0/go.mod h1:gH1MUaZCgtP7qQiI+F+A+OpeKF/HQWgtAddhTbhL2bs=
-cloud.google.com/go/servicedirectory v1.5.0/go.mod h1:QMKFL0NUySbpZJ1UZs3oFAmdvVxhhxB6eJ/Vlp73dfg=
-cloud.google.com/go/servicedirectory v1.6.0/go.mod h1:pUlbnWsLH9c13yGkxCmfumWEPjsRs1RlmJ4pqiNjVL4=
-cloud.google.com/go/servicedirectory v1.7.0/go.mod h1:5p/U5oyvgYGYejufvxhgwjL8UVXjkuw7q5XcG10wx1U=
-cloud.google.com/go/servicedirectory v1.8.0/go.mod h1:srXodfhY1GFIPvltunswqXpVxFPpZjf8nkKQT7XcXaY=
-cloud.google.com/go/servicedirectory v1.9.0/go.mod h1:29je5JjiygNYlmsGz8k6o+OZ8vd4f//bQLtvzkPPT/s=
-cloud.google.com/go/servicemanagement v1.4.0/go.mod h1:d8t8MDbezI7Z2R1O/wu8oTggo3BI2GKYbdG4y/SJTco=
-cloud.google.com/go/servicemanagement v1.5.0/go.mod h1:XGaCRe57kfqu4+lRxaFEAuqmjzF0r+gWHjWqKqBvKFo=
-cloud.google.com/go/servicemanagement v1.6.0/go.mod h1:aWns7EeeCOtGEX4OvZUWCCJONRZeFKiptqKf1D0l/Jc=
-cloud.google.com/go/servicemanagement v1.8.0/go.mod h1:MSS2TDlIEQD/fzsSGfCdJItQveu9NXnUniTrq/L8LK4=
-cloud.google.com/go/serviceusage v1.3.0/go.mod h1:Hya1cozXM4SeSKTAgGXgj97GlqUvF5JaoXacR1JTP/E=
-cloud.google.com/go/serviceusage v1.4.0/go.mod h1:SB4yxXSaYVuUBYUml6qklyONXNLt83U0Rb+CXyhjEeU=
-cloud.google.com/go/serviceusage v1.5.0/go.mod h1:w8U1JvqUqwJNPEOTQjrMHkw3IaIFLoLsPLvsE3xueec=
-cloud.google.com/go/serviceusage v1.6.0/go.mod h1:R5wwQcbOWsyuOfbP9tGdAnCAc6B9DRwPG1xtWMDeuPA=
-cloud.google.com/go/shell v1.3.0/go.mod h1:VZ9HmRjZBsjLGXusm7K5Q5lzzByZmJHf1d0IWHEN5X4=
-cloud.google.com/go/shell v1.4.0/go.mod h1:HDxPzZf3GkDdhExzD/gs8Grqk+dmYcEjGShZgYa9URw=
-cloud.google.com/go/shell v1.6.0/go.mod h1:oHO8QACS90luWgxP3N9iZVuEiSF84zNyLytb+qE2f9A=
-cloud.google.com/go/spanner v1.41.0/go.mod h1:MLYDBJR/dY4Wt7ZaMIQ7rXOTLjYrmxLE/5ve9vFfWos=
-cloud.google.com/go/spanner v1.44.0/go.mod h1:G8XIgYdOK+Fbcpbs7p2fiprDw4CaZX63whnSMLVBxjk=
-cloud.google.com/go/spanner v1.45.0/go.mod h1:FIws5LowYz8YAE1J8fOS7DJup8ff7xJeetWEo5REA2M=
-cloud.google.com/go/spanner v1.84.1 h1:ShH4Y3YeDtmHa55dFiSS3YtQ0dmCuP0okfAoHp/d68w=
-cloud.google.com/go/spanner v1.84.1/go.mod h1:3GMEIjOcXINJSvb42H3M6TdlGCDzaCFpiiNQpjHPlCM=
-cloud.google.com/go/speech v1.6.0/go.mod h1:79tcr4FHCimOp56lwC01xnt/WPJZc4v3gzyT7FoBkCM=
-cloud.google.com/go/speech v1.7.0/go.mod h1:KptqL+BAQIhMsj1kOP2la5DSEEerPDuOP/2mmkhHhZQ=
-cloud.google.com/go/speech v1.8.0/go.mod h1:9bYIl1/tjsAnMgKGHKmBZzXKEkGgtU+MpdDPTE9f7y0=
-cloud.google.com/go/speech v1.9.0/go.mod h1:xQ0jTcmnRFFM2RfX/U+rk6FQNUF6DQlydUSyoooSpco=
-cloud.google.com/go/speech v1.14.1/go.mod h1:gEosVRPJ9waG7zqqnsHpYTOoAS4KouMRLDFMekpJ0J0=
-cloud.google.com/go/speech v1.15.0/go.mod h1:y6oH7GhqCaZANH7+Oe0BhgIogsNInLlz542tg3VqeYI=
-cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
-cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
-cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
-cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
-cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
-cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo=
-cloud.google.com/go/storage v1.22.1/go.mod h1:S8N1cAStu7BOeFfE8KAQzmyyLkK8p/vmRq6kuBTW58Y=
-cloud.google.com/go/storage v1.23.0/go.mod h1:vOEEDNFnciUMhBeT6hsJIn3ieU5cFRmzeLgDvXzfIXc=
-cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s=
-cloud.google.com/go/storage v1.28.1/go.mod h1:Qnisd4CqDdo6BGs2AD5LLnEsmSQ80wQ5ogcBBKhU86Y=
-cloud.google.com/go/storage v1.29.0/go.mod h1:4puEjyTKnku6gfKoTfNOU/W+a9JyuVNxjpS5GBrB8h4=
-cloud.google.com/go/storagetransfer v1.5.0/go.mod h1:dxNzUopWy7RQevYFHewchb29POFv3/AaBgnhqzqiK0w=
-cloud.google.com/go/storagetransfer v1.6.0/go.mod h1:y77xm4CQV/ZhFZH75PLEXY0ROiS7Gh6pSKrM8dJyg6I=
-cloud.google.com/go/storagetransfer v1.7.0/go.mod h1:8Giuj1QNb1kfLAiWM1bN6dHzfdlDAVC9rv9abHot2W4=
-cloud.google.com/go/storagetransfer v1.8.0/go.mod h1:JpegsHHU1eXg7lMHkvf+KE5XDJ7EQu0GwNJbbVGanEw=
-cloud.google.com/go/talent v1.1.0/go.mod h1:Vl4pt9jiHKvOgF9KoZo6Kob9oV4lwd/ZD5Cto54zDRw=
-cloud.google.com/go/talent v1.2.0/go.mod h1:MoNF9bhFQbiJ6eFD3uSsg0uBALw4n4gaCaEjBw9zo8g=
-cloud.google.com/go/talent v1.3.0/go.mod h1:CmcxwJ/PKfRgd1pBjQgU6W3YBwiewmUzQYH5HHmSCmM=
-cloud.google.com/go/talent v1.4.0/go.mod h1:ezFtAgVuRf8jRsvyE6EwmbTK5LKciD4KVnHuDEFmOOA=
-cloud.google.com/go/talent v1.5.0/go.mod h1:G+ODMj9bsasAEJkQSzO2uHQWXHHXUomArjWQQYkqK6c=
-cloud.google.com/go/texttospeech v1.4.0/go.mod h1:FX8HQHA6sEpJ7rCMSfXuzBcysDAuWusNNNvN9FELDd8=
-cloud.google.com/go/texttospeech v1.5.0/go.mod h1:oKPLhR4n4ZdQqWKURdwxMy0uiTS1xU161C8W57Wkea4=
-cloud.google.com/go/texttospeech v1.6.0/go.mod h1:YmwmFT8pj1aBblQOI3TfKmwibnsfvhIBzPXcW4EBovc=
-cloud.google.com/go/tpu v1.3.0/go.mod h1:aJIManG0o20tfDQlRIej44FcwGGl/cD0oiRyMKG19IQ=
-cloud.google.com/go/tpu v1.4.0/go.mod h1:mjZaX8p0VBgllCzF6wcU2ovUXN9TONFLd7iz227X2Xg=
-cloud.google.com/go/tpu v1.5.0/go.mod h1:8zVo1rYDFuW2l4yZVY0R0fb/v44xLh3llq7RuV61fPM=
-cloud.google.com/go/trace v1.3.0/go.mod h1:FFUE83d9Ca57C+K8rDl/Ih8LwOzWIV1krKgxg6N0G28=
-cloud.google.com/go/trace v1.4.0/go.mod h1:UG0v8UBqzusp+z63o7FK74SdFE+AXpCLdFb1rshXG+Y=
-cloud.google.com/go/trace v1.8.0/go.mod h1:zH7vcsbAhklH8hWFig58HvxcxyQbaIqMarMg9hn5ECA=
-cloud.google.com/go/trace v1.9.0/go.mod h1:lOQqpE5IaWY0Ixg7/r2SjixMuc6lfTFeO4QGM4dQWOk=
-cloud.google.com/go/translate v1.3.0/go.mod h1:gzMUwRjvOqj5i69y/LYLd8RrNQk+hOmIXTi9+nb3Djs=
-cloud.google.com/go/translate v1.4.0/go.mod h1:06Dn/ppvLD6WvA5Rhdp029IX2Mi3Mn7fpMRLPvXT5Wg=
-cloud.google.com/go/translate v1.5.0/go.mod h1:29YDSYveqqpA1CQFD7NQuP49xymq17RXNaUDdc0mNu0=
-cloud.google.com/go/translate v1.6.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos=
-cloud.google.com/go/translate v1.7.0/go.mod h1:lMGRudH1pu7I3n3PETiOB2507gf3HnfLV8qlkHZEyos=
-cloud.google.com/go/video v1.8.0/go.mod h1:sTzKFc0bUSByE8Yoh8X0mn8bMymItVGPfTuUBUyRgxk=
-cloud.google.com/go/video v1.9.0/go.mod h1:0RhNKFRF5v92f8dQt0yhaHrEuH95m068JYOvLZYnJSw=
-cloud.google.com/go/video v1.12.0/go.mod h1:MLQew95eTuaNDEGriQdcYn0dTwf9oWiA4uYebxM5kdg=
-cloud.google.com/go/video v1.13.0/go.mod h1:ulzkYlYgCp15N2AokzKjy7MQ9ejuynOJdf1tR5lGthk=
-cloud.google.com/go/video v1.14.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ=
-cloud.google.com/go/video v1.15.0/go.mod h1:SkgaXwT+lIIAKqWAJfktHT/RbgjSuY6DobxEp0C5yTQ=
-cloud.google.com/go/videointelligence v1.6.0/go.mod h1:w0DIDlVRKtwPCn/C4iwZIJdvC69yInhW0cfi+p546uU=
-cloud.google.com/go/videointelligence v1.7.0/go.mod h1:k8pI/1wAhjznARtVT9U1llUaFNPh7muw8QyOUpavru4=
-cloud.google.com/go/videointelligence v1.8.0/go.mod h1:dIcCn4gVDdS7yte/w+koiXn5dWVplOZkE+xwG9FgK+M=
-cloud.google.com/go/videointelligence v1.9.0/go.mod h1:29lVRMPDYHikk3v8EdPSaL8Ku+eMzDljjuvRs105XoU=
-cloud.google.com/go/videointelligence v1.10.0/go.mod h1:LHZngX1liVtUhZvi2uNS0VQuOzNi2TkY1OakiuoUOjU=
-cloud.google.com/go/vision v1.2.0/go.mod h1:SmNwgObm5DpFBme2xpyOyasvBc1aPdjvMk2bBk0tKD0=
-cloud.google.com/go/vision/v2 v2.2.0/go.mod h1:uCdV4PpN1S0jyCyq8sIM42v2Y6zOLkZs+4R9LrGYwFo=
-cloud.google.com/go/vision/v2 v2.3.0/go.mod h1:UO61abBx9QRMFkNBbf1D8B1LXdS2cGiiCRx0vSpZoUo=
-cloud.google.com/go/vision/v2 v2.4.0/go.mod h1:VtI579ll9RpVTrdKdkMzckdnwMyX2JILb+MhPqRbPsY=
-cloud.google.com/go/vision/v2 v2.5.0/go.mod h1:MmaezXOOE+IWa+cS7OhRRLK2cNv1ZL98zhqFFZaaH2E=
-cloud.google.com/go/vision/v2 v2.6.0/go.mod h1:158Hes0MvOS9Z/bDMSFpjwsUrZ5fPrdwuyyvKSGAGMY=
-cloud.google.com/go/vision/v2 v2.7.0/go.mod h1:H89VysHy21avemp6xcf9b9JvZHVehWbET0uT/bcuY/0=
-cloud.google.com/go/vmmigration v1.2.0/go.mod h1:IRf0o7myyWFSmVR1ItrBSFLFD/rJkfDCUTO4vLlJvsE=
-cloud.google.com/go/vmmigration v1.3.0/go.mod h1:oGJ6ZgGPQOFdjHuocGcLqX4lc98YQ7Ygq8YQwHh9A7g=
-cloud.google.com/go/vmmigration v1.5.0/go.mod h1:E4YQ8q7/4W9gobHjQg4JJSgXXSgY21nA5r8swQV+Xxc=
-cloud.google.com/go/vmmigration v1.6.0/go.mod h1:bopQ/g4z+8qXzichC7GW1w2MjbErL54rk3/C843CjfY=
-cloud.google.com/go/vmwareengine v0.1.0/go.mod h1:RsdNEf/8UDvKllXhMz5J40XxDrNJNN4sagiox+OI208=
-cloud.google.com/go/vmwareengine v0.2.2/go.mod h1:sKdctNJxb3KLZkE/6Oui94iw/xs9PRNC2wnNLXsHvH8=
-cloud.google.com/go/vmwareengine v0.3.0/go.mod h1:wvoyMvNWdIzxMYSpH/R7y2h5h3WFkx6d+1TIsP39WGY=
-cloud.google.com/go/vpcaccess v1.4.0/go.mod h1:aQHVbTWDYUR1EbTApSVvMq1EnT57ppDmQzZ3imqIk4w=
-cloud.google.com/go/vpcaccess v1.5.0/go.mod h1:drmg4HLk9NkZpGfCmZ3Tz0Bwnm2+DKqViEpeEpOq0m8=
-cloud.google.com/go/vpcaccess v1.6.0/go.mod h1:wX2ILaNhe7TlVa4vC5xce1bCnqE3AeH27RV31lnmZes=
-cloud.google.com/go/webrisk v1.4.0/go.mod h1:Hn8X6Zr+ziE2aNd8SliSDWpEnSS1u4R9+xXZmFiHmGE=
-cloud.google.com/go/webrisk v1.5.0/go.mod h1:iPG6fr52Tv7sGk0H6qUFzmL3HHZev1htXuWDEEsqMTg=
-cloud.google.com/go/webrisk v1.6.0/go.mod h1:65sW9V9rOosnc9ZY7A7jsy1zoHS5W9IAXv6dGqhMQMc=
-cloud.google.com/go/webrisk v1.7.0/go.mod h1:mVMHgEYH0r337nmt1JyLthzMr6YxwN1aAIEc2fTcq7A=
-cloud.google.com/go/webrisk v1.8.0/go.mod h1:oJPDuamzHXgUc+b8SiHRcVInZQuybnvEW72PqTc7sSg=
-cloud.google.com/go/websecurityscanner v1.3.0/go.mod h1:uImdKm2wyeXQevQJXeh8Uun/Ym1VqworNDlBXQevGMo=
-cloud.google.com/go/websecurityscanner v1.4.0/go.mod h1:ebit/Fp0a+FWu5j4JOmJEV8S8CzdTkAS77oDsiSqYWQ=
-cloud.google.com/go/websecurityscanner v1.5.0/go.mod h1:Y6xdCPy81yi0SQnDY1xdNTNpfY1oAgXUlcfN3B3eSng=
-cloud.google.com/go/workflows v1.6.0/go.mod h1:6t9F5h/unJz41YqfBmqSASJSXccBLtD1Vwf+KmJENM0=
-cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoISEXH2bcHC3M=
-cloud.google.com/go/workflows v1.8.0/go.mod h1:ysGhmEajwZxGn1OhGOGKsTXc5PyxOc0vfKf5Af+to4M=
-cloud.google.com/go/workflows v1.9.0/go.mod h1:ZGkj1aFIOd9c8Gerkjjq7OW7I5+l6cSvT3ujaO/WwSA=
-cloud.google.com/go/workflows v1.10.0/go.mod h1:fZ8LmRmZQWacon9UCX1r/g/DfAXx5VcPALq2CxzdePw=
-dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
 filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
 filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
-gioui.org v0.0.0-20210308172011-57750fc8a0a6/go.mod h1:RSH6KIUZ0p2xy5zHDxgAM4zumjgTw83q2ge/PI+yyw8=
-git.sr.ht/~sbinet/gg v0.3.1/go.mod h1:KGYtlADtqsqANL9ueOFkWymvzUvLMQllU5Ixo+8v3pc=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.0.0/go.mod h1:uGG2W01BaETf0Ozp+QxxKJdMBNRWPdstHG0Fmdwn1/U=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.1.2/go.mod h1:uGG2W01BaETf0Ozp+QxxKJdMBNRWPdstHG0Fmdwn1/U=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1 h1:lGlwhPtrX6EVml1hO0ivjkUxsSyl4dsiw9qcA1k/3IQ=
-github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.1/go.mod h1:RKUqNu35KJYcVG/fqTRqmuXJZYNhYkBrnC/hX7yGbTA=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.1.0/go.mod h1:bhXu1AjYL+wutSL/kpSq6s7733q2Rb0yuot9Zgfqa/0=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1 h1:sO0/P7g68FrryJzljemN+6GTssUXdANk6aJ7T1ZxnsQ=
-github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.1/go.mod h1:h8hyGFDsU5HMivxiS2iYFZsgDbU9OnnJ163x5UGVKYo=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.0.0/go.mod h1:eWRD7oawr1Mu1sLCawqVc0CUiF43ia3qQMxLscsKQ9w=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1 h1:6oNBlSdi1QqM1PNW7FPA6xOGA5UNsXnkaYZz9vdPGhA=
-github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.1/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI=
-github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1 h1:MyVTgWR8qd/Jw1Le0NZebGBUCLbtak3bJ3z1OlqZBpw=
-github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.0.1/go.mod h1:GpPjLhVR9dnUoJMyHWSPy71xY9/lcmpzIPZXmF0FCVY=
-github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0 h1:D3occbWoio4EBLkbkevetNMAVX197GkzbUMtqjGWn80=
-github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0/go.mod h1:bTSOgj05NGRuHHhQwAdPnYr9TOdNmKlZTgGLL6nyAdI=
-github.com/AzureAD/microsoft-authentication-library-for-go v0.5.1/go.mod h1:Vt9sXTKwMyGcOxSmLDMnGPgqsUg7m8pe215qMLrDXw4=
-github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1 h1:DzHpqpoJVaCgOUdVHxE8QB52S6NiVdDQvGlny1qvPqA=
-github.com/AzureAD/microsoft-authentication-library-for-go v1.2.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I=
 github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
-github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU=
 github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU=
-github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3 h1:2afWGsMzkIcN8Qm4mgPJKZWyroE5QBszMiDMYEBrnfw=
-github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.3/go.mod h1:dppbR7CwXD4pgtV9t3wD1812RaLDcBjtblcDF5f1vI0=
-github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.29.0 h1:UQUsRi8WTzhZntp5313l+CHIAT95ojUI2lpP/ExlZa4=
-github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.29.0/go.mod h1:Cz6ft6Dkn3Et6l2v2a9/RpN7epQ1GtDlO6lj8bEcOvw=
-github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk=
 github.com/KyleBanks/depth v1.2.1 h1:5h8fQADFrWtarTdtDudMmGsC7GPbOAu6RVB3ffsVFHc=
 github.com/KyleBanks/depth v1.2.1/go.mod h1:jzSb9d0L43HxTQfT+oSA1EEp2q+ne2uh6XgeJcm8brE=
-github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5 h1:VauE2GcJNZFun2Och6tIT2zJZK1v6jxALQDA9BIji/E=
 github.com/ScaleFT/sshkeys v0.0.0-20200327173127-6142f742bca5/go.mod h1:gxOHeajFfvGQh/fxlC8oOKBe23xnnJTif00IFFbiT+o=
-github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm/4RlzPXRlREEwqTHAN3T56Bv2ITsFT3gY=
-github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk=
-github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
-github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM=
-github.com/alecthomas/kong v1.9.0 h1:Wgg0ll5Ys7xDnpgYBuBn/wPeLGAuK0NvYmEcisJgrIs=
-github.com/alecthomas/kong v1.9.0/go.mod h1:p2vqieVMeTAnaC83txKtXe8FLke2X07aruPWXyMPQrU=
 github.com/alexedwards/argon2id v1.0.0 h1:wJzDx66hqWX7siL/SRUmgz3F8YMrd/nfX/xHHcQQP0w=
 github.com/alexedwards/argon2id v1.0.0/go.mod h1:tYKkqIjzXvZdzPvADMWOEZ+l6+BD6CtBXMj5fnJppiw=
-github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
-github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
-github.com/apache/arrow/go/v10 v10.0.1/go.mod h1:YvhnlEePVnBS4+0z3fhPfUy7W1Ikj0Ih0vcRo/gZ1M0=
-github.com/apache/arrow/go/v11 v11.0.0/go.mod h1:Eg5OsL5H+e299f7u5ssuXsuHQVEGC4xei5aX110hRiI=
-github.com/apache/thrift v0.16.0/go.mod h1:PHK3hniurgQaNMZYaCLEqXKsYK8upmhPbmdP2FXSqgU=
 github.com/aws/aws-sdk-go-v2 v1.39.6 h1:2JrPCVgWJm7bm83BDwY5z8ietmeJUbh3O2ACnn+Xsqk=
 github.com/aws/aws-sdk-go-v2 v1.39.6/go.mod h1:c9pm7VwuW0UPxAEYGyTmyurVcNrbF6Rt/wixFqDhcjE=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3 h1:DHctwEM8P8iTXFxC/QK0MRjwEpWQeM9yzidCRjldUz0=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.3/go.mod h1:xdCzcZEtnSTKVDOmUZs4l/j3pSV6rpo1WXl5ugNsL8Y=
-github.com/aws/aws-sdk-go-v2/config v1.31.18 h1:RouG3AcF2fLFhw+Z0qbnuIl9HZ0Kh4E/U9sKwTMRpMI=
-github.com/aws/aws-sdk-go-v2/config v1.31.18/go.mod h1:aXZ13mSQC8S2VEHwGfL1COMuJ1Zty6pX5xU7hyqjvCg=
 github.com/aws/aws-sdk-go-v2/config v1.31.20 h1:/jWF4Wu90EhKCgjTdy1DGxcbcbNrjfBHvksEL79tfQc=
 github.com/aws/aws-sdk-go-v2/config v1.31.20/go.mod h1:95Hh1Tc5VYKL9NJ7tAkDcqeKt+MCXQB1hQZaRdJIZE0=
-github.com/aws/aws-sdk-go-v2/credentials v1.18.22 h1:hyIVGBHhQPaNP9D4BaVRwpjLMCwMMdAkHqB3gGMiykU=
-github.com/aws/aws-sdk-go-v2/credentials v1.18.22/go.mod h1:B9E2qHs3/YGfeQZ4jrIE/nPvqxtyafZrJ5EQiZBG6pk=
 github.com/aws/aws-sdk-go-v2/credentials v1.18.24 h1:iJ2FmPT35EaIB0+kMa6TnQ+PwG5A1prEdAw+PsMzfHg=
 github.com/aws/aws-sdk-go-v2/credentials v1.18.24/go.mod h1:U91+DrfjAiXPDEGYhh/x29o4p0qHX5HDqG7y5VViv64=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 h1:T1brd5dR3/fzNFAQch/iBKeX07/ffu/cLu+q+RuzEWk=
@@ -695,65 +36,28 @@ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13 h1:kDqdFvMY
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13/go.mod h1:lmKuogqSU3HzQCwZ9ZtcqOc5XGMqtDK7OIc2+DxiUEg=
 github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.13 h1:zhBJXdhWIFZ1acfDYIhu4+LCzdUS2Vbcum7D01dXlHQ=
 github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.13/go.mod h1:JaaOeCE368qn2Hzi3sEzY6FgAZVCIYcC2nwbro2QCh8=
-github.com/aws/aws-sdk-go-v2/service/route53 v1.59.4 h1:KEszjusgJ2dAqE5nSJY+5AHBkakfah8Sx6Vk3pjgrq8=
-github.com/aws/aws-sdk-go-v2/service/route53 v1.59.4/go.mod h1:TUbfYOisWZWyT2qjmlMh93ERw1Ry8G4q/yT2Q8TsDag=
 github.com/aws/aws-sdk-go-v2/service/route53 v1.59.5 h1:4Uy8lhrh4E9jS/MtmzjuEuvX7zOZTbNuPe+zkvtvRRU=
 github.com/aws/aws-sdk-go-v2/service/route53 v1.59.5/go.mod h1:TUbfYOisWZWyT2qjmlMh93ERw1Ry8G4q/yT2Q8TsDag=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.90.0 h1:ef6gIJR+xv/JQWwpa5FYirzoQctfSJm7tuDe3SZsUf8=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.90.0/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw=
 github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2 h1:DhdbtDl4FdNlj31+xiRXANxEE+eC7n8JQz+/ilwQ8Uc=
 github.com/aws/aws-sdk-go-v2/service/s3 v1.90.2/go.mod h1:+wArOOrcHUevqdto9k1tKOF5++YTe9JEcPSc9Tx2ZSw=
-github.com/aws/aws-sdk-go-v2/service/sso v1.30.1 h1:0JPwLz1J+5lEOfy/g0SURC9cxhbQ1lIMHMa+AHZSzz0=
-github.com/aws/aws-sdk-go-v2/service/sso v1.30.1/go.mod h1:fKvyjJcz63iL/ftA6RaM8sRCtN4r4zl4tjL3qw5ec7k=
 github.com/aws/aws-sdk-go-v2/service/sso v1.30.3 h1:NjShtS1t8r5LUfFVtFeI8xLAHQNTa7UI0VawXlrBMFQ=
 github.com/aws/aws-sdk-go-v2/service/sso v1.30.3/go.mod h1:fKvyjJcz63iL/ftA6RaM8sRCtN4r4zl4tjL3qw5ec7k=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.5 h1:OWs0/j2UYR5LOGi88sD5/lhN6TDLG6SfA7CqsQO9zF0=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.5/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo=
 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 h1:gTsnx0xXNQ6SBbymoDvcoRHL+q4l/dAFsQuKfDWSaGc=
 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7/go.mod h1:klO+ejMvYsB4QATfEOIXk8WAEwN4N0aBfJpvC+5SZBo=
-github.com/aws/aws-sdk-go-v2/service/sts v1.40.0 h1:ZGDJVmlpPFiNFCb/I42nYVKUanJAdFUiSmUo/32AqPQ=
-github.com/aws/aws-sdk-go-v2/service/sts v1.40.0/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk=
 github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 h1:HK5ON3KmQV2HcAunnx4sKLB9aPf3gKGwVAf7xnx0QT0=
 github.com/aws/aws-sdk-go-v2/service/sts v1.40.2/go.mod h1:E19xDjpzPZC7LS2knI9E6BaRFDK43Eul7vd6rSq2HWk=
 github.com/aws/smithy-go v1.23.2 h1:Crv0eatJUQhaManss33hS5r40CG3ZFH+21XSkqMrIUM=
 github.com/aws/smithy-go v1.23.2/go.mod h1:LEj2LM3rBRQJxPZTB4KuzZkaZYnZPnvgIhb4pu07mx0=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
-github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
-github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
 github.com/bytedance/sonic v1.14.0 h1:/OfKt8HFw0kh2rj8N0F6C/qPGRESq0BbaNZgcNXXzQQ=
 github.com/bytedance/sonic v1.14.0/go.mod h1:WoEbx8WTcFJfzCe0hbmyTGrfjt8PzNEBdxlNUO24NhA=
 github.com/bytedance/sonic/loader v0.3.0 h1:dskwH8edlzNMctoruo8FPTJDF3vLtDT0sXZwvZJyqeA=
 github.com/bytedance/sonic/loader v0.3.0/go.mod h1:N8A3vUdtUebEY2/VQC0MyhYeKUFosQU6FxH2JmUe6VI=
-github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw=
-github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
-github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
-github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
-github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
-github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cloudwego/base64x v0.1.6 h1:t11wG9AECkCDk5fMSoxmufanudBtJ+/HemLstXDLI2M=
 github.com/cloudwego/base64x v0.1.6/go.mod h1:OFcloc187FXDaYHvrNIjxSe8ncn0OOM8gEHfghB2IPU=
-github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
-github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
-github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
-github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
-github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20220314180256-7f1daf1720fc/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 h1:aQ3y1lwWyqYPiWZThqv1aFbZMiM9vblcSArJRf2Irls=
-github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8=
 github.com/coreos/go-oidc/v3 v3.16.0 h1:qRQUCFstKpXwmEjDQTIbyY/5jF00+asXzSkmkoa/mow=
 github.com/coreos/go-oidc/v3 v3.16.0/go.mod h1:wqPbKFrVnE90vty060SB40FCJ8fTHTxSwyXJqZH+sI8=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
@@ -765,50 +69,16 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a h1:saTgr5tMLFnmy/yg3qDTft4rE5DY2uJ/cCxCe3q0XTU=
 github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a/go.mod h1:Bw9BbhOJVNR+t0jCqx2GC6zv0TGBsShs56Y3gfSCvl0=
-github.com/dnaeon/go-vcr v1.1.0/go.mod h1:M7tiix8f0r6mKKJ3Yq/kqU1OYf3MnfmBWVbPx/yU9ko=
-github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
-github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
-github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
-github.com/dyaksa/archer v1.1.3 h1:jfe51tSNzzscFpu+Vilm4SKb0Lnv6FR1yaGspjab4x4=
-github.com/dyaksa/archer v1.1.3/go.mod h1:IYSp67u14JHTNuvvy6gG1eaX2TPywXvfk1FiyZwVEK4=
 github.com/dyaksa/archer v1.1.5 h1:e9ZrR8PnMYEax19Fd+QbvQqDL5cbi78luMEtaSAIHxU=
 github.com/dyaksa/archer v1.1.5/go.mod h1:IYSp67u14JHTNuvvy6gG1eaX2TPywXvfk1FiyZwVEK4=
-github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
-github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po=
-github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
-github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
-github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
-github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
-github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
-github.com/envoyproxy/go-control-plane v0.10.3/go.mod h1:fJJn/j26vwOu972OllsvAgJJM//w9BV6Fxbg2LuVd34=
-github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f/go.mod h1:sfYdkwUW4BA3PbKjySwjJy+O4Pu0h62rlqCMHNk+K+Q=
-github.com/envoyproxy/go-control-plane v0.13.4 h1:zEqyPVyku6IvWCFwux4x9RxkLOMUL+1vC9xUFv5l2/M=
-github.com/envoyproxy/go-control-plane v0.13.4/go.mod h1:kDfuBlDVsSj2MjrLEtRWtHlsWIFcGyB2RMO44Dc5GZA=
-github.com/envoyproxy/go-control-plane/envoy v1.32.4 h1:jb83lalDRZSpPWW2Z7Mck/8kXZ5CQAFYVjQcdVIr83A=
-github.com/envoyproxy/go-control-plane/envoy v1.32.4/go.mod h1:Gzjc5k8JcJswLjAx1Zm+wSYE20UrLtt7JZMWiWQXQEw=
-github.com/envoyproxy/go-control-plane/ratelimit v0.1.0 h1:/G9QYbddjL25KvtKTv3an9lx6VBE2cnb8wp1vEGNYGI=
-github.com/envoyproxy/go-control-plane/ratelimit v0.1.0/go.mod h1:Wk+tMFAFbCXaJPzVVHnPgRKdUdwW/KdbRt94AzgRee4=
-github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo=
-github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w=
-github.com/envoyproxy/protoc-gen-validate v0.10.1/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss=
-github.com/envoyproxy/protoc-gen-validate v1.2.1 h1:DEo3O99U8j4hBFwbJfrz9VtgcDfUKS7KJ7spH3d86P8=
-github.com/envoyproxy/protoc-gen-validate v1.2.1/go.mod h1:d/C80l/jxXLdfEIhX1W2TmLfsJ31lvEjwamM4DxlWXU=
-github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
-github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/fergusstrange/embedded-postgres v1.33.0 h1:ka8vmRpm4IDsES7NPXQ/NThAp1fc/f+crcXYjCW7wK0=
 github.com/fergusstrange/embedded-postgres v1.33.0/go.mod h1:w0YvnCgf19o6tskInrOOACtnqfVlOvluz3hlNLY7tRk=
-github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
-github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
 github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
 github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
 github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
 github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
 github.com/gabriel-vasile/mimetype v1.4.10 h1:zyueNbySn/z8mJZHLt6IPw0KoZsiQNszIpU+bX4+ZK0=
 github.com/gabriel-vasile/mimetype v1.4.10/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
-github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/gin-contrib/sse v1.1.0 h1:n0w2GMuUpWDVp7qSpvze6fAu9iRxJY4Hmj6AmBOU05w=
 github.com/gin-contrib/sse v1.1.0/go.mod h1:hxRZ5gVpWMT7Z0B0gSNYqqsSCNIJMjzvm6fqCz9vjwM=
 github.com/gin-gonic/gin v1.11.0 h1:OW/6PLjyusp2PPXtyxKHU0RbX6I/l28FTdDlae5ueWk=
@@ -819,23 +89,8 @@ github.com/go-chi/cors v1.2.2 h1:Jmey33TE+b+rB7fT8MUy1u0I4L+NARQlK6LhzKPSyQE=
 github.com/go-chi/cors v1.2.2/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
 github.com/go-chi/httprate v0.15.0 h1:j54xcWV9KGmPf/X4H32/aTH+wBlrvxL7P+SdnRqxh5g=
 github.com/go-chi/httprate v0.15.0/go.mod h1:rzGHhVrsBn3IMLYDOZQsSU4fJNWcjui4fWKJcCId1R4=
-github.com/go-fonts/dejavu v0.1.0/go.mod h1:4Wt4I4OU2Nq9asgDCteaAaWZOV24E+0/Pwo0gppep4g=
-github.com/go-fonts/latin-modern v0.2.0/go.mod h1:rQVLdDMK+mK1xscDwsqM5J8U2jrRa3T0ecnM9pNujks=
-github.com/go-fonts/liberation v0.1.1/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY=
-github.com/go-fonts/liberation v0.2.0/go.mod h1:K6qoJYypsmfVjWg8KOVDQhLc8UDgIK2HYqyqAO9z7GY=
-github.com/go-fonts/stix v0.1.0/go.mod h1:w/c1f0ldAUlJmLBvlbkvVXLAD+tAMqobIIQpmnUIzUY=
-github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
-github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
-github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-jose/go-jose/v4 v4.1.3 h1:CVLmWDhDVRa6Mi/IgCgaopNosCaHz7zrMeF9MlZRkrs=
 github.com/go-jose/go-jose/v4 v4.1.3/go.mod h1:x4oUasVrzR7071A4TnHLGSPpNOm2a21K9Kf04k1rs08=
-github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U=
-github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk=
-github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
-github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
-github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
-github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
 github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
 github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
 github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
@@ -849,8 +104,6 @@ github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh
 github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ=
 github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=
 github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
-github.com/go-pdf/fpdf v0.5.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M=
-github.com/go-pdf/fpdf v0.6.0/go.mod h1:HzcnA+A23uwogo0tp9yU+l3V+KXhiESpt1PMayhOh5M=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
 github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
 github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
@@ -865,153 +118,22 @@ github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpv
 github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs=
 github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
-github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
 github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
 github.com/goccy/go-yaml v1.18.0 h1:8W7wMFS12Pcas7KU+VVkaiCng+kG8QiFeFwzFb+rwuw=
 github.com/goccy/go-yaml v1.18.0/go.mod h1:XBurs7gK8ATbW4ZPGKgcbrY1Br56PdM69F7LkFRi1kA=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
-github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
-github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
-github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
 github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
-github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 h1:au07oEsX2xN0ktxqI+Sida1w446QrXBRJ0nee3SNZlA=
 github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
 github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A=
 github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI=
-github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4=
-github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ=
-github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ=
-github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw=
-github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
-github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
-github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
-github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
-github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
-github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8=
-github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
-github.com/golang/mock v1.7.0-rc.1 h1:YojYx61/OLFsiv6Rw1Z96LpldJIy31o+UHmwAUMJ6/U=
-github.com/golang/mock v1.7.0-rc.1/go.mod h1:s42URUywIqd+OcERslBJvOjepvNymP31m3q8d/GkuRs=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
-github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
-github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
-github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
-github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
-github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
-github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
-github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
-github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
-github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
-github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
-github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
-github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/flatbuffers v2.0.8+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
-github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
-github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
-github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
 github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
-github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
-github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
-github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
-github.com/google/martian/v3 v3.3.2/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
-github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
-github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
-github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
-github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
-github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
-github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
-github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
-github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
-github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
-github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0=
-github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM=
-github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8=
-github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8=
-github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg=
-github.com/googleapis/enterprise-certificate-proxy v0.2.1/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k=
-github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k=
-github.com/googleapis/enterprise-certificate-proxy v0.3.6 h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4=
-github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA=
-github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
-github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
-github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0=
-github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM=
-github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM=
-github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM=
-github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c=
-github.com/googleapis/gax-go/v2 v2.5.1/go.mod h1:h6B0KMMFNtI2ddbGJn3T3ZbwkeT6yqEF02fYlzkUCyo=
-github.com/googleapis/gax-go/v2 v2.6.0/go.mod h1:1mjbznJAPHFpesgE5ucqfYEscaz5kMdcIDwU/6+DDoY=
-github.com/googleapis/gax-go/v2 v2.7.0/go.mod h1:TEop28CZZQ2y+c0VxMUmu1lV+fQx57QpBWsYpwqHJx8=
-github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI=
-github.com/googleapis/gax-go/v2 v2.15.0 h1:SyjDc1mGgZU5LncH8gimWo9lW1DtIfPibOG81vgd/bo=
-github.com/googleapis/gax-go/v2 v2.15.0/go.mod h1:zVVkkxAQHa1RQpg9z2AUCMnKhi0Qld9rcmyfL1OZhoc=
-github.com/googleapis/go-gorm-spanner v1.8.6 h1:a7tp91LPLnGkTwe375yhNLwCu1ac6COehZ4RzQo04g8=
-github.com/googleapis/go-gorm-spanner v1.8.6/go.mod h1:ZpiB7Qd2sJxuUH6H6tsD71Nj9Q9IaR/6EUuTrxeM4tg=
-github.com/googleapis/go-sql-spanner v1.17.0 h1:tYEOVY/uFAdtx5nw8XDdTccTqImPeUM2Ct4sk+Id0EI=
-github.com/googleapis/go-sql-spanner v1.17.0/go.mod h1:L7dnHbQARFksUgYhTFM/cbfoIUtNrJ9ENZSoZ5cK58Q=
-github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4=
-github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g=
-github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
-github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
-github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3/go.mod h1:o//XUCC/F+yRGJoPO/VU0GSB0f8Nhgmxx0VIRUvaC0w=
-github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
-github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
-github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
-github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
-github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
-github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho=
-github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
-github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
@@ -1022,12 +144,6 @@ github.com/jackc/pgx/v5 v5.6.0 h1:SWJzexBzPL5jb0GEsrPMLIsi/3jOo7RHlzTjcAeDrPY=
 github.com/jackc/pgx/v5 v5.6.0/go.mod h1:DNZ/vlrUnhWCoFGxHAG8U2ljioxukquj7utPDgtQdTw=
 github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
 github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
-github.com/jcmturner/aescts/v2 v2.0.0/go.mod h1:AiaICIRyfYg35RUkr8yESTqvSy7csK90qZ5xfvvsoNs=
-github.com/jcmturner/dnsutils/v2 v2.0.0/go.mod h1:b0TnjGOvI/n42bZa+hmXL+kFJZsFT7G4t3HTlQ184QM=
-github.com/jcmturner/gofork v1.0.0/go.mod h1:MK8+TM0La+2rjBD4jE12Kj1pCCxK7d2LK/UM3ncEo0o=
-github.com/jcmturner/goidentity/v6 v6.0.1/go.mod h1:X1YW3bgtvwAXju7V3LCIMpY0Gbxyjn/mY9zx4tFonSg=
-github.com/jcmturner/gokrb5/v8 v8.4.2/go.mod h1:sb+Xq/fTY5yktf/VxLsE3wlfPqQjp0aWNYyvBVK62bc=
-github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc=
 github.com/jessevdk/go-flags v1.5.0 h1:1jKYvbxEjfUl0fmqTCOfonvskHHXMjBySTLW4y9LFvc=
 github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
@@ -1042,37 +158,21 @@ github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8Hm
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
-github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
-github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
-github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
-github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
-github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
-github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/asmfmt v1.3.2/go.mod h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE=
-github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU=
-github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.3.0 h1:S4CRMLnYUhGeDFDqkGriYKdfoFlDnMtqTiI/sFzhA9Y=
 github.com/klauspost/cpuid/v2 v2.3.0/go.mod h1:hqwkgyIinND0mEev00jJYCxPNVRVXFQeu1XKlok6oO0=
-github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
-github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
-github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
 github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
 github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
-github.com/lyft/protoc-gen-star v0.6.0/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA=
-github.com/lyft/protoc-gen-star v0.6.1/go.mod h1:TGAoBVkt8w7MPG72TrKIu85MIdXwDuzJYeZuUPFPNwA=
-github.com/lyft/protoc-gen-star/v2 v2.0.1/go.mod h1:RcCdONR2ScXaYnQC5tUzxzlpA3WVYF7/opLeUgcQs/o=
 github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
@@ -1080,20 +180,15 @@ github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0
 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
-github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
-github.com/mattn/go-sqlite3 v1.14.14/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/mattn/go-sqlite3 v1.14.28 h1:ThEiQrnbtumT+QMknw63Befp/ce/nUPgBPMlRFEum7A=
 github.com/mattn/go-sqlite3 v1.14.28/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
-github.com/microsoft/go-mssqldb v0.19.0/go.mod h1:ukJCBnnzLzpVF0qYRT+eg1e+eSwjeQ7IvenUv8QPook=
 github.com/microsoft/go-mssqldb v1.7.2 h1:CHkFJiObW7ItKTJfHo1QX7QBBD1iV+mn1eOyRP3b/PA=
 github.com/microsoft/go-mssqldb v1.7.2/go.mod h1:kOvZKUdrhhFQmxLZqbwUV0rHkNkZpthMITIb2Ko1IoA=
-github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8/go.mod h1:mC1jAcsrzbxHt8iiaC+zU4b1ylILSosueou12R++wfY=
-github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3/go.mod h1:RagcQ7I8IeTMnF8JTXieKnO4Z6JCsikNEzj0DwauVzE=
 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -1101,37 +196,18 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
-github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8=
-github.com/montanaflynn/stats v0.6.6/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
 github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o=
 github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4=
 github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY=
-github.com/phpdave11/gofpdf v1.4.2/go.mod h1:zpO6xFn9yxo3YLyMvW8HcKWVdbNqgIfOOp2dXMnm1mY=
-github.com/phpdave11/gofpdi v1.0.12/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI=
-github.com/phpdave11/gofpdi v1.0.13/go.mod h1:vBmVV0Do6hSBHC8uKUQ71JGW+ZGQq74llk/7bXwjDoI=
-github.com/pierrec/lz4/v4 v4.1.15/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4=
-github.com/pkg/browser v0.0.0-20210115035449-ce105d075bb4/go.mod h1:N6UoU20jOqggOuDwUaBQpluzLNDqif3kq9z2wpdYEfQ=
-github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
-github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
-github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
-github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
-github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
-github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg=
-github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo=
-github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE=
 github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w=
 github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
 github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
 github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE=
@@ -1142,33 +218,20 @@ github.com/quic-go/qpack v0.5.1 h1:giqksBPnT/HDtZ6VhtFKgoLOWmlyo9Ei6u9PqzIMbhI=
 github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg=
 github.com/quic-go/quic-go v0.54.0 h1:6s1YB9QotYI6Ospeiguknbp2Znb/jZYjZLRXn9kMQBg=
 github.com/quic-go/quic-go v0.54.0/go.mod h1:e68ZEaCdyviluZmy44P6Iey98v/Wfz6HCjQEm+l8zTY=
-github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
-github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
-github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
-github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs=
 github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
 github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
 github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0=
 github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY=
 github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/ruudk/golang-pdf417 v0.0.0-20181029194003-1af4ab5afa58/go.mod h1:6lfFZQK844Gfx8o5WFuvpxWRwnSoipWe/p622j1v06w=
-github.com/ruudk/golang-pdf417 v0.0.0-20201230142125-a7e3863a1245/go.mod h1:pQAZKsJ8yyVxGRWYNEm9oFB8ieLgKFnamEyDmSA0BRk=
 github.com/sagikazarmark/locafero v0.11.0 h1:1iurJgmM9G3PA/I+wWYIOw/5SyBtxapeHDcg+AAIFXc=
 github.com/sagikazarmark/locafero v0.11.0/go.mod h1:nVIGvgyzw595SUSUE6tvCp3YYTeHs15MvlmU87WwIik=
-github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k=
-github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME=
 github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
 github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/sosedoff/pgweb v0.16.2 h1:1F1CWlCLSEgSctMva+nYuUibdhyiCUzlXyU5MQUJbFM=
 github.com/sosedoff/pgweb v0.16.2/go.mod h1:ER7fsBddI3h7MQKO5RsUPi7Q/PWZYSKcI61kTp369Rw=
 github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 h1:+jumHNA0Wrelhe64i8F6HNlS8pkoyMv5sreGx2Ry5Rw=
 github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8/go.mod h1:3n1Cwaq1E1/1lhQhtRK2ts/ZwZEhjcQeJQ1RuC6Q/8U=
-github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
-github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4=
-github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I=
-github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y=
 github.com/spf13/afero v1.15.0 h1:b/YBCLWAJdFWJTN9cLhiXXcD7mzKn9Dm86dNnfyQw1I=
 github.com/spf13/afero v1.15.0/go.mod h1:NC2ByUVxtQs4b3sIUphxK0NioZnmxgyCrfzeuq8lxMg=
 github.com/spf13/cast v1.10.0 h1:h2x0u2shc1QuLHfxi+cTJvs30+ZAHOGRic8uyGTDWxY=
@@ -1180,23 +243,18 @@ github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
 github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/spf13/viper v1.21.0 h1:x5S+0EU27Lbphp4UKm1C+1oQO+rKx36vfCoaVebLFSU=
 github.com/spf13/viper v1.21.0/go.mod h1:P0lhsswPGWD/1lZJ9ny3fYnVqxiegrlNrEmgLjbTCAY=
-github.com/spiffe/go-spiffe/v2 v2.5.0 h1:N2I01KCUkv1FAjZXJMwh95KK1ZIQLYbPfhaxw8WS0hE=
-github.com/spiffe/go-spiffe/v2 v2.5.0/go.mod h1:P+NxobPc6wXhVtINNtFjNWGBTreew1GBUCwT2wPmb7g=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
 github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
-github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
 github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
 github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
@@ -1213,49 +271,11 @@ github.com/ugorji/go/codec v1.3.0 h1:Qd2W2sQawAfG8XSvzwhBeoGq71zXOC/Q1E9y/wUcsUA
 github.com/ugorji/go/codec v1.3.0/go.mod h1:pRBVtBSKl77K30Bv8R2P+cLSGaTtex6fsA2Wjqmfxj4=
 github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo=
 github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos=
-github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/zeebo/assert v1.3.0 h1:g7C04CbJuIDKNPFHmsk4hwZDO5O+kntRxzaUoNXj+IQ=
 github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0=
-github.com/zeebo/errs v1.4.0 h1:XNdoD/RRMKP7HD0UhJnIzUy74ISdGGxURlYG8HSWSfM=
-github.com/zeebo/errs v1.4.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4=
 github.com/zeebo/xxh3 v1.0.2 h1:xZmwmqxHZA8AI603jOQ0tMqmBr9lPeFwGg6d+xy9DC0=
 github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA=
-go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
-go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
-go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
-go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
-go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
-go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
-go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
-go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
-go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
-go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
-go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
-go.opentelemetry.io/contrib/detectors/gcp v1.37.0 h1:B+WbN9RPsvobe6q4vP6KgM8/9plR/HNjgGBrfcOlweA=
-go.opentelemetry.io/contrib/detectors/gcp v1.37.0/go.mod h1:K5zQ3TT7p2ru9Qkzk0bKtCql0RGkPj9pRjpXgZJZ+rU=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0 h1:rbRJ8BBoVMsQShESYZ0FkvcITu8X8QNwJogcLUmDNNw=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.62.0/go.mod h1:ru6KHrNtNHxM4nD/vd6QrLVWgKhxPYgblq4VAtNawTQ=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0 h1:Hf9xI/XLML9ElpiHVDNwvqI0hIFlzV8dgIr35kV1kRU=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.62.0/go.mod h1:NfchwuyNoMcZ5MLHwPrODwUF1HWCXWrL31s8gSAdIKY=
-go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ=
-go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I=
-go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE=
-go.opentelemetry.io/otel/metric v1.37.0/go.mod h1:04wGrZurHYKOc+RKeye86GwKiTb9FKm1WHtO+4EVr2E=
-go.opentelemetry.io/otel/sdk v1.37.0 h1:ItB0QUqnjesGRvNcmAcU0LyvkVyGJ2xftD29bWdDvKI=
-go.opentelemetry.io/otel/sdk v1.37.0/go.mod h1:VredYzxUvuo2q3WRcDnKDjbdvmO0sCzOvVAiY+yUkAg=
-go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFhbjxHHspCPc=
-go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps=
-go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4=
-go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0=
-go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
-go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U=
-go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
@@ -1265,685 +285,69 @@ go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
 golang.org/x/arch v0.20.0 h1:dx1zTU0MAE98U+TQ8BLl7XsJbgze2WnNKF/8tGp/Q6c=
 golang.org/x/arch v0.20.0/go.mod h1:bdwinDaKcfZUGpH09BB7ZmOfhalA8lQdzl62l8gGWsk=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201112155050-0c6587e931a9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
-golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
-golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/crypto v0.44.0 h1:A97SsFvM3AIwEEmTBiaxPPTYpDC47w720rdiiUvgoAU=
 golang.org/x/crypto v0.44.0/go.mod h1:013i+Nw79BMiQiMsOPcVCB5ZIJbYkerPrGnOa00tvmc=
-golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
-golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
-golang.org/x/exp v0.0.0-20191002040644-a1355ae1e2c3/go.mod h1:NOZ3BPKG0ec/BKJQgnvsSFpcKLM5xXVWnvZS97DWHgE=
-golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
-golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
-golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
-golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
-golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
-golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20220827204233-334a2380cb91/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
-golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
-golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
-golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.0.0-20190910094157-69e4b8554b2a/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.0.0-20200119044424-58c23975cae1/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.0.0-20200430140353-33d19683fad8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.0.0-20200618115811-c13761719519/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.0.0-20201208152932-35266b937fa6/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.0.0-20210216034530-4410531fe030/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
-golang.org/x/image v0.0.0-20210607152325-775e3b0c77b9/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
-golang.org/x/image v0.0.0-20210628002857-a66eb6448b8d/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
-golang.org/x/image v0.0.0-20211028202545-6944b10bf410/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
-golang.org/x/image v0.0.0-20220302094943-723b81ca9867/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
-golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
-golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
-golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
-golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
-golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
-golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
-golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
-golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
-golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
-golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
 golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
-golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
-golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
-golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
-golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
-golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
-golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
-golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
-golang.org/x/net v0.0.0-20201010224723-4f7140c49acb/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.0.0-20220617184016-355a448f1bc9/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
-golang.org/x/net v0.0.0-20221012135044-0b7e1fb9d458/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
-golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
-golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
-golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE=
-golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
-golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
-golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
-golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
-golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.46.0 h1:giFlY12I07fugqwPuWJi68oOnpfqFnJIJzaIIm2JVV4=
 golang.org/x/net v0.46.0/go.mod h1:Q9BGdFy1y4nkUwiLvT5qtyhAnEHgnQ/zd8PfU6nc210=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
-golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
-golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
-golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE=
-golang.org/x/oauth2 v0.0.0-20220622183110-fd043fe589d2/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE=
-golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg=
-golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg=
-golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg=
-golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg=
-golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec=
-golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I=
-golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw=
-golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4=
 golang.org/x/oauth2 v0.33.0 h1:4Q+qn+E5z8gPRJfmRy7C2gGG3T4jIprK6aSYgTXGRpo=
 golang.org/x/oauth2 v0.33.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220819030929-7fc1605a5dde/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
-golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
 golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
-golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200219091948-cb0a6d8edb6c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210304124612-50617c2ba197/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220224120231-95c6836cb0e7/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220829200755-d48e67d00261/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
 golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
-golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA=
-golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
-golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
 golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
-golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
-golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
-golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
 golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
 golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
-golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
-golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
-golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
-golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
 golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
 golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
-golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
-golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
-golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
-golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
-golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
-golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
-golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
-golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
-golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20190927191325-030b2cf1153e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
-golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
-golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
-golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
-golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
-golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
-golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
-golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
-golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/tools v0.3.0/go.mod h1:/rWhSS2+zyEVwoJf8YAX6L2f0ntZ7Kn/mGgAWcipA5k=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s=
-golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
-golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
 golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
 golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
-golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
-golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
-gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo=
-gonum.org/v1/gonum v0.8.2/go.mod h1:oe/vMfY3deqTw+1EZJhuvEW2iwGF1bW9wwu7XCu0+v0=
-gonum.org/v1/gonum v0.9.3/go.mod h1:TZumC3NeyVQskjXqmyWt4S3bINhy7B4eYwW69EbyX+0=
-gonum.org/v1/gonum v0.11.0/go.mod h1:fSG4YDCxxUZQJ7rKsQrj0gMOg00Il0Z96/qMA4bVQhA=
-gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw=
-gonum.org/v1/plot v0.0.0-20190515093506-e2840ee46a6b/go.mod h1:Wt8AAjI+ypCyYX3nZBvf6cAIx93T+c/OS2HFAYskSZc=
-gonum.org/v1/plot v0.9.0/go.mod h1:3Pcqqmp6RHvJI72kgb8fThyUnav364FOsdDo2aGW5lY=
-gonum.org/v1/plot v0.10.1/go.mod h1:VZW5OlhkL1mysU9vaqNHnsy86inf6Ot+jB3r+BczCEo=
-google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
-google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
-google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
-google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
-google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
-google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
-google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
-google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
-google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
-google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
-google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
-google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
-google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
-google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
-google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
-google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
-google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg=
-google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE=
-google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8=
-google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU=
-google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94=
-google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo=
-google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4=
-google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw=
-google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU=
-google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k=
-google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
-google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
-google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI=
-google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I=
-google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo=
-google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g=
-google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA=
-google.golang.org/api v0.71.0/go.mod h1:4PyU6e6JogV1f9eA4voyrTY2batOLdgZ5qZ5HOCc4j8=
-google.golang.org/api v0.74.0/go.mod h1:ZpfMZOVRMywNyvJFeqL9HRWBgAuRfSjJFpe9QtRRyDs=
-google.golang.org/api v0.75.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA=
-google.golang.org/api v0.77.0/go.mod h1:pU9QmyHLnzlpar1Mjt4IbapUCy8J+6HD6GeELN69ljA=
-google.golang.org/api v0.78.0/go.mod h1:1Sg78yoMLOhlQTeF+ARBoytAcH1NNyyl390YMy6rKmw=
-google.golang.org/api v0.80.0/go.mod h1:xY3nI94gbvBrE0J6NHXhxOmW97HG7Khjkku6AFB3Hyg=
-google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o=
-google.golang.org/api v0.85.0/go.mod h1:AqZf8Ep9uZ2pyTvgL+x0D3Zt0eoT9b5E8fmzfu6FO2g=
-google.golang.org/api v0.90.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw=
-google.golang.org/api v0.93.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw=
-google.golang.org/api v0.95.0/go.mod h1:eADj+UBuxkh5zlrSntJghuNeg8HwQ1w5lTKkuqaETEI=
-google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s=
-google.golang.org/api v0.97.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s=
-google.golang.org/api v0.98.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s=
-google.golang.org/api v0.99.0/go.mod h1:1YOf74vkVndF7pG6hIHuINsM7eWwpVTAfNMNiL91A08=
-google.golang.org/api v0.100.0/go.mod h1:ZE3Z2+ZOr87Rx7dqFsdRQkRBk36kDtp/h+QpHbB7a70=
-google.golang.org/api v0.102.0/go.mod h1:3VFl6/fzoA+qNuS1N1/VfXY4LjoXN/wzeIp7TweWwGo=
-google.golang.org/api v0.103.0/go.mod h1:hGtW6nK1AC+d9si/UBhw8Xli+QMOf6xyNAyJw4qU9w0=
-google.golang.org/api v0.106.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY=
-google.golang.org/api v0.107.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY=
-google.golang.org/api v0.108.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/O9MY=
-google.golang.org/api v0.110.0/go.mod h1:7FC4Vvx1Mooxh8C5HWjzZHcavuS2f6pmJpZx60ca7iI=
-google.golang.org/api v0.111.0/go.mod h1:qtFHvU9mhgTJegR31csQ+rwxyUTHOKFqCKWp1J0fdw0=
-google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg=
-google.golang.org/api v0.247.0 h1:tSd/e0QrUlLsrwMKmkbQhYVa109qIintOls2Wh6bngc=
-google.golang.org/api v0.247.0/go.mod h1:r1qZOPmxXffXg6xS5uhx16Fa/UFY8QU/K4bfKrnvovM=
-google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
-google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
-google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
-google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
-google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
-google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
-google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
-google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
-google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
-google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
-google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
-google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
-google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
-google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA=
-google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
-google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
-google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
-google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20210329143202-679c6ae281ee/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
-google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
-google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
-google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
-google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
-google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
-google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24=
-google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k=
-google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k=
-google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48=
-google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48=
-google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w=
-google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
-google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
-google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
-google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
-google.golang.org/genproto v0.0.0-20220310185008-1973136f34c6/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
-google.golang.org/genproto v0.0.0-20220324131243-acbaeb5b85eb/go.mod h1:hAL49I2IFola2sVEjAn7MEwsja0xp51I0tlGAf9hz4E=
-google.golang.org/genproto v0.0.0-20220329172620-7be39ac1afc7/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
-google.golang.org/genproto v0.0.0-20220407144326-9054f6ed7bac/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
-google.golang.org/genproto v0.0.0-20220413183235-5e96e2839df9/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
-google.golang.org/genproto v0.0.0-20220414192740-2d67ff6cf2b4/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
-google.golang.org/genproto v0.0.0-20220421151946-72621c1f0bd3/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
-google.golang.org/genproto v0.0.0-20220429170224-98d788798c3e/go.mod h1:8w6bsBMX6yCPbAVTeqQHvzxW0EIFigd5lZyahWgyfDo=
-google.golang.org/genproto v0.0.0-20220502173005-c8bf987b8c21/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
-google.golang.org/genproto v0.0.0-20220505152158-f39f71e6c8f3/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
-google.golang.org/genproto v0.0.0-20220518221133-4f43b3371335/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
-google.golang.org/genproto v0.0.0-20220523171625-347a074981d8/go.mod h1:RAyBrSAP7Fh3Nc84ghnVLDPuV51xc9agzmm4Ph6i0Q4=
-google.golang.org/genproto v0.0.0-20220608133413-ed9918b62aac/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA=
-google.golang.org/genproto v0.0.0-20220616135557-88e70c0c3a90/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA=
-google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA=
-google.golang.org/genproto v0.0.0-20220624142145-8cd45d7dbd1f/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA=
-google.golang.org/genproto v0.0.0-20220628213854-d9e0b6570c03/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA=
-google.golang.org/genproto v0.0.0-20220722212130-b98a9ff5e252/go.mod h1:GkXuJDJ6aQ7lnJcRF+SJVgFdQhypqgl3LB1C9vabdRE=
-google.golang.org/genproto v0.0.0-20220801145646-83ce21fca29f/go.mod h1:iHe1svFLAZg9VWz891+QbRMwUv9O/1Ww+/mngYeThbc=
-google.golang.org/genproto v0.0.0-20220815135757-37a418bb8959/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk=
-google.golang.org/genproto v0.0.0-20220817144833-d7fd3f11b9b1/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk=
-google.golang.org/genproto v0.0.0-20220822174746-9e6da59bd2fc/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk=
-google.golang.org/genproto v0.0.0-20220829144015-23454907ede3/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk=
-google.golang.org/genproto v0.0.0-20220829175752-36a9c930ecbf/go.mod h1:dbqgFATTzChvnt+ujMdZwITVAJHFtfyN1qUhDqEiIlk=
-google.golang.org/genproto v0.0.0-20220913154956-18f8339a66a5/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo=
-google.golang.org/genproto v0.0.0-20220914142337-ca0e39ece12f/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo=
-google.golang.org/genproto v0.0.0-20220915135415-7fd63a7952de/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo=
-google.golang.org/genproto v0.0.0-20220916172020-2692e8806bfa/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo=
-google.golang.org/genproto v0.0.0-20220919141832-68c03719ef51/go.mod h1:0Nb8Qy+Sk5eDzHnzlStwW3itdNaWoZA5XeSG+R3JHSo=
-google.golang.org/genproto v0.0.0-20220920201722-2b89144ce006/go.mod h1:ht8XFiar2npT/g4vkk7O0WYS1sHOHbdujxbEp7CJWbw=
-google.golang.org/genproto v0.0.0-20220926165614-551eb538f295/go.mod h1:woMGP53BroOrRY3xTxlbr8Y3eB/nzAvvFM83q7kG2OI=
-google.golang.org/genproto v0.0.0-20220926220553-6981cbe3cfce/go.mod h1:woMGP53BroOrRY3xTxlbr8Y3eB/nzAvvFM83q7kG2OI=
-google.golang.org/genproto v0.0.0-20221010155953-15ba04fc1c0e/go.mod h1:3526vdqwhZAwq4wsRUaVG555sVgsNmIjRtO7t/JH29U=
-google.golang.org/genproto v0.0.0-20221014173430-6e2ab493f96b/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM=
-google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM=
-google.golang.org/genproto v0.0.0-20221024153911-1573dae28c9c/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s=
-google.golang.org/genproto v0.0.0-20221024183307-1bc688fe9f3e/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s=
-google.golang.org/genproto v0.0.0-20221027153422-115e99e71e1c/go.mod h1:CGI5F/G+E5bKwmfYo09AXuVN4dD894kIKUFmVbP2/Fo=
-google.golang.org/genproto v0.0.0-20221109142239-94d6d90a7d66/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg=
-google.golang.org/genproto v0.0.0-20221114212237-e4508ebdbee1/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg=
-google.golang.org/genproto v0.0.0-20221117204609-8f9c96812029/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg=
-google.golang.org/genproto v0.0.0-20221118155620-16455021b5e6/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg=
-google.golang.org/genproto v0.0.0-20221201164419-0e50fba7f41c/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg=
-google.golang.org/genproto v0.0.0-20221201204527-e3fa12d562f3/go.mod h1:rZS5c/ZVYMaOGBfO68GWtjOw/eLaZM1X6iVtgjZ+EWg=
-google.golang.org/genproto v0.0.0-20221202195650-67e5cbc046fd/go.mod h1:cTsE614GARnxrLsqKREzmNYJACSWWpAWdNMwnD7c2BE=
-google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230112194545-e10362b5ecf9/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230113154510-dbe35b8444a5/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230123190316-2c411cf9d197/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230124163310-31e0e69b6fc2/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230125152338-dcaf20b6aeaa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230127162408-596548ed4efa/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230209215440-0dfe4f8abfcc/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM=
-google.golang.org/genproto v0.0.0-20230216225411-c8e22ba71e44/go.mod h1:8B0gmkoRebU8ukX6HP+4wrVQUY1+6PkQ44BSyIlflHA=
-google.golang.org/genproto v0.0.0-20230222225845-10f96fb3dbec/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw=
-google.golang.org/genproto v0.0.0-20230223222841-637eb2293923/go.mod h1:3Dl5ZL0q0isWJt+FVcfpQyirqemEuLAK/iFvg1UP1Hw=
-google.golang.org/genproto v0.0.0-20230303212802-e74f57abe488/go.mod h1:TvhZT5f700eVlTNwND1xoEZQeWTB2RY/65kplwl/bFA=
-google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s=
-google.golang.org/genproto v0.0.0-20230320184635-7606e756e683/go.mod h1:NWraEVixdDnqcqQ30jipen1STv2r/n24Wb7twVTGR4s=
-google.golang.org/genproto v0.0.0-20230323212658-478b75c54725/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak=
-google.golang.org/genproto v0.0.0-20230330154414-c0448cd141ea/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak=
-google.golang.org/genproto v0.0.0-20230331144136-dcfb400f0633/go.mod h1:UUQDJDOlWu4KYeJZffbWgBkS1YFobzKbLVfK69pe0Ak=
-google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU=
-google.golang.org/genproto v0.0.0-20250804133106-a7a43d27e69b h1:eZTgydvqZO44zyTZAvMaSyAxccZZdraiSAGvqOczVvk=
-google.golang.org/genproto v0.0.0-20250804133106-a7a43d27e69b/go.mod h1:suyz2QBHQKlGIF92HEEsCfO1SwxXdk7PFLz+Zd9Uah4=
-google.golang.org/genproto/googleapis/api v0.0.0-20250804133106-a7a43d27e69b h1:ULiyYQ0FdsJhwwZUwbaXpZF5yUE3h+RA+gxvBu37ucc=
-google.golang.org/genproto/googleapis/api v0.0.0-20250804133106-a7a43d27e69b/go.mod h1:oDOGiMSXHL4sDTJvFvIB9nRQCGdLP1o/iVaqQK8zB+M=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a h1:tPE/Kp+x9dMSwUm/uM0JKK0IfdiJkwAbSMSeZBXXJXc=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20250811230008-5f3141c8851a/go.mod h1:gw1tLEfykwDz2ET4a12jcXt4couGAm7IwsVaTy0Sflo=
-google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
-google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
-google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
-google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
-google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
-google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
-google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
-google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
-google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
-google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
-google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
-google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8=
-google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
-google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
-google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
-google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE=
-google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE=
-google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
-google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
-google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
-google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
-google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ=
-google.golang.org/grpc v1.46.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
-google.golang.org/grpc v1.46.2/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
-google.golang.org/grpc v1.47.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
-google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACuMGWk=
-google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI=
-google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI=
-google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI=
-google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww=
-google.golang.org/grpc v1.52.3/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY=
-google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw=
-google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g=
-google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s=
-google.golang.org/grpc v1.74.2 h1:WoosgB65DlWVC9FqI82dGsZhWFNBSLjQ84bjROOpMu4=
-google.golang.org/grpc v1.74.2/go.mod h1:CtQ+BGjaAIXHs/5YS3i473GqwBBa1zGQNevxdeBEXrM=
-google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
-google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
-google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
-google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
-google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
-google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
-google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
-google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 google.golang.org/protobuf v1.36.9 h1:w2gp2mA27hUeUzj9Ex9FBjsBm40zfaDtEWow293U7Iw=
 google.golang.org/protobuf v1.36.9/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -1951,17 +355,11 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
-gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
-gopkg.in/natefinch/npipe.v2 v2.0.0-20160621034901-c1b8fa8bdcce/go.mod h1:5AcXVHNjg+BDxry382+8OKon8SEWiKktQR07RKPsv1c=
-gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gorm.io/datatypes v1.2.7 h1:ww9GAhF1aGXZY3EB3cJPJ7//JiuQo7DlQA7NNlVaTdk=
@@ -1975,52 +373,5 @@ gorm.io/driver/sqlite v1.6.0/go.mod h1:AO9V1qIQddBESngQUKWL9yoH93HIeA1X6V633rBwy
 gorm.io/driver/sqlserver v1.6.0 h1:VZOBQVsVhkHU/NzNhRJKoANt5pZGQAS1Bwc6m6dgfnc=
 gorm.io/driver/sqlserver v1.6.0/go.mod h1:WQzt4IJo/WHKnckU9jXBLMJIVNMVeTu25dnOzehntWw=
 gorm.io/gorm v1.25.7/go.mod h1:hbnx/Oo0ChWMn1BIhpy1oYozzpM15i4YPuHDmfYtwg8=
-gorm.io/gorm v1.30.0/go.mod h1:8Z33v652h4//uMA76KjeDH8mJXPm1QNCYrMeatR0DOE=
 gorm.io/gorm v1.31.1 h1:7CA8FTFz/gRfgqgpeKIBcervUn3xSyPUmr6B2WXJ7kg=
 gorm.io/gorm v1.31.1/go.mod h1:XyQVbO2k6YkOis7C2437jSit3SsDK72s7n7rsSHd+Gs=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
-honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las=
-lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
-lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
-modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI=
-modernc.org/cc/v3 v3.36.2/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI=
-modernc.org/cc/v3 v3.36.3/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI=
-modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc=
-modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw=
-modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ=
-modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ=
-modernc.org/ccgo/v3 v3.16.8/go.mod h1:zNjwkizS+fIFDrDjIAgBSCLkWbJuHF+ar3QRn+Z9aws=
-modernc.org/ccgo/v3 v3.16.9/go.mod h1:zNMzC9A9xeNUepy6KuZBbugn3c0Mc9TeiJO4lgvkJDo=
-modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ=
-modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM=
-modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA=
-modernc.org/libc v1.16.0/go.mod h1:N4LD6DBE9cf+Dzf9buBlzVJndKr/iJHG97vGLHYnb5A=
-modernc.org/libc v1.16.1/go.mod h1:JjJE0eu4yeK7tab2n4S1w8tlWd9MxXLRzheaRnAKymU=
-modernc.org/libc v1.16.17/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU=
-modernc.org/libc v1.16.19/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA=
-modernc.org/libc v1.17.0/go.mod h1:XsgLldpP4aWlPlsjqKRdHPqCxCjISdHfM/yeWC5GyW0=
-modernc.org/libc v1.17.1/go.mod h1:FZ23b+8LjxZs7XtFMbSzL/EhPxNbfZbErxEHc7cbD9s=
-modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
-modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
-modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
-modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw=
-modernc.org/memory v1.2.0/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw=
-modernc.org/memory v1.2.1/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
-modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
-modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
-modernc.org/sqlite v1.18.1/go.mod h1:6ho+Gow7oX5V+OiOQ6Tr4xeqbx13UZ6t+Fw9IRUG4d4=
-modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw=
-modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
-modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw=
-modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
-modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8=
-rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
-rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
-rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
-rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
diff --git a/internal/handlers/clusters.go b/internal/handlers/clusters.go
index bdf9a99..f314434 100644
--- a/internal/handlers/clusters.go
+++ b/internal/handlers/clusters.go
@@ -183,7 +183,7 @@ func CreateCluster(db *gorm.DB) http.HandlerFunc {
 		c := models.Cluster{
 			OrganizationID: orgID,
 			Name:           in.Name,
-			Provider:       in.Provider,
+			Provider:       in.ClusterProvider,
 			Region:         in.Region,
 			Status:         models.ClusterStatusPrePending,
 			LastError:      "",
@@ -255,8 +255,8 @@ func UpdateCluster(db *gorm.DB) http.HandlerFunc {
 		if in.Name != nil {
 			cluster.Name = *in.Name
 		}
-		if in.Provider != nil {
-			cluster.Provider = *in.Provider
+		if in.ClusterProvider != nil {
+			cluster.Provider = *in.ClusterProvider
 		}
 		if in.Region != nil {
 			cluster.Region = *in.Region
@@ -1508,6 +1508,12 @@ func clusterToDTO(c models.Cluster) dto.ClusterResponse {
 		controlPlane = &rr
 	}
 
+	var cfqdn *string
+	if captainDomain != nil && controlPlane != nil {
+		fq := fmt.Sprintf("%s.%s", controlPlane.Name, captainDomain.DomainName)
+		cfqdn = &fq
+	}
+
 	var appsLB *dto.LoadBalancerResponse
 	if c.AppsLoadBalancer != nil {
 		lr := loadBalancerToDTO(*c.AppsLoadBalancer)
@@ -1530,6 +1536,7 @@ func clusterToDTO(c models.Cluster) dto.ClusterResponse {
 		Name:                  c.Name,
 		CaptainDomain:         captainDomain,
 		ControlPlaneRecordSet: controlPlane,
+		ControlPlaneFQDN:      cfqdn,
 		AppsLoadBalancer:      appsLB,
 		GlueOpsLoadBalancer:   glueOpsLB,
 		BastionServer:         bastion,
diff --git a/internal/handlers/credentials.go b/internal/handlers/credentials.go
index 898412d..8f86015 100644
--- a/internal/handlers/credentials.go
+++ b/internal/handlers/credentials.go
@@ -29,14 +29,14 @@ import (
 //	@Description	Returns credential metadata for the current org. Secrets are never returned.
 //	@Tags			Credentials
 //	@Produce		json
-//	@Param			X-Org-ID	header		string	false	"Organization ID (UUID)"
-//	@Param			provider	query		string	false	"Filter by provider (e.g., aws)"
-//	@Param			kind		query		string	false	"Filter by kind (e.g., aws_access_key)"
-//	@Param			scope_kind	query		string	false	"Filter by scope kind (provider/service/resource)"
-//	@Success		200			{array}		dto.CredentialOut
-//	@Failure		401			{string}	string	"Unauthorized"
-//	@Failure		403			{string}	string	"organization required"
-//	@Failure		500			{string}	string	"internal server error"
+//	@Param			X-Org-ID			header		string	false	"Organization ID (UUID)"
+//	@Param			credential_provider	query		string	false	"Filter by provider (e.g., aws)"
+//	@Param			kind				query		string	false	"Filter by kind (e.g., aws_access_key)"
+//	@Param			scope_kind			query		string	false	"Filter by scope kind (credential_provider/service/resource)"
+//	@Success		200					{array}		dto.CredentialOut
+//	@Failure		401					{string}	string	"Unauthorized"
+//	@Failure		403					{string}	string	"organization required"
+//	@Failure		500					{string}	string	"internal server error"
 //	@Router			/credentials [get]
 //	@Security		BearerAuth
 //	@Security		OrgKeyAuth
@@ -49,7 +49,7 @@ func ListCredentials(db *gorm.DB) http.HandlerFunc {
 			return
 		}
 		q := db.Where("organization_id = ?", orgID)
-		if v := r.URL.Query().Get("provider"); v != "" {
+		if v := r.URL.Query().Get("credential_provider"); v != "" {
 			q = q.Where("provider = ?", v)
 		}
 		if v := r.URL.Query().Get("kind"); v != "" {
@@ -154,7 +154,7 @@ func CreateCredential(db *gorm.DB) http.HandlerFunc {
 
 		cred, err := SaveCredentialWithScope(
 			r.Context(), db, orgID,
-			in.Provider, in.Kind, in.SchemaVersion,
+			in.CredentialProvider, in.Kind, in.SchemaVersion,
 			in.ScopeKind, in.ScopeVersion, json.RawMessage(in.Scope), json.RawMessage(in.Secret),
 			in.Name, in.AccountID, in.Region,
 		)
@@ -548,17 +548,17 @@ func SaveCredentialWithScope(
 // credOut converts model → response DTO
 func credOut(c *models.Credential) dto.CredentialOut {
 	return dto.CredentialOut{
-		ID:            c.ID.String(),
-		Provider:      c.Provider,
-		Kind:          c.Kind,
-		SchemaVersion: c.SchemaVersion,
-		Name:          c.Name,
-		ScopeKind:     c.ScopeKind,
-		ScopeVersion:  c.ScopeVersion,
-		Scope:         dto.RawJSON(c.Scope),
-		AccountID:     c.AccountID,
-		Region:        c.Region,
-		CreatedAt:     c.CreatedAt.UTC().Format(time.RFC3339),
-		UpdatedAt:     c.UpdatedAt.UTC().Format(time.RFC3339),
+		ID:                 c.ID.String(),
+		CredentialProvider: c.Provider,
+		Kind:               c.Kind,
+		SchemaVersion:      c.SchemaVersion,
+		Name:               c.Name,
+		ScopeKind:          c.ScopeKind,
+		ScopeVersion:       c.ScopeVersion,
+		Scope:              dto.RawJSON(c.Scope),
+		AccountID:          c.AccountID,
+		Region:             c.Region,
+		CreatedAt:          c.CreatedAt.UTC().Format(time.RFC3339),
+		UpdatedAt:          c.UpdatedAt.UTC().Format(time.RFC3339),
 	}
 }
diff --git a/internal/handlers/dto/clusters.go b/internal/handlers/dto/clusters.go
index d7d75c7..ef039bd 100644
--- a/internal/handlers/dto/clusters.go
+++ b/internal/handlers/dto/clusters.go
@@ -11,10 +11,11 @@ type ClusterResponse struct {
 	Name                  string                `json:"name"`
 	CaptainDomain         *DomainResponse       `json:"captain_domain,omitempty"`
 	ControlPlaneRecordSet *RecordSetResponse    `json:"control_plane_record_set,omitempty"`
+	ControlPlaneFQDN      *string               `json:"control_plane_fqdn,omitempty"`
 	AppsLoadBalancer      *LoadBalancerResponse `json:"apps_load_balancer,omitempty"`
 	GlueOpsLoadBalancer   *LoadBalancerResponse `json:"glueops_load_balancer,omitempty"`
 	BastionServer         *ServerResponse       `json:"bastion_server,omitempty"`
-	Provider              string                `json:"provider"`
+	Provider              string                `json:"cluster_provider"`
 	Region                string                `json:"region"`
 	Status                string                `json:"status"`
 	LastError             string                `json:"last_error"`
@@ -26,15 +27,15 @@ type ClusterResponse struct {
 }
 
 type CreateClusterRequest struct {
-	Name     string `json:"name"`
-	Provider string `json:"provider"`
-	Region   string `json:"region"`
+	Name            string `json:"name"`
+	ClusterProvider string `json:"cluster_provider"`
+	Region          string `json:"region"`
 }
 
 type UpdateClusterRequest struct {
-	Name     *string `json:"name,omitempty"`
-	Provider *string `json:"provider,omitempty"`
-	Region   *string `json:"region,omitempty"`
+	Name            *string `json:"name,omitempty"`
+	ClusterProvider *string `json:"cluster_provider,omitempty"`
+	Region          *string `json:"region,omitempty"`
 }
 
 type AttachCaptainDomainRequest struct {
diff --git a/internal/handlers/dto/credentials.go b/internal/handlers/dto/credentials.go
index 8f837d3..ec4c5cd 100644
--- a/internal/handlers/dto/credentials.go
+++ b/internal/handlers/dto/credentials.go
@@ -97,16 +97,16 @@ var ScopeRegistry = map[string]map[string]map[int]ScopeDef{
 
 // CreateCredentialRequest represents the POST /credentials payload
 type CreateCredentialRequest struct {
-	Provider      string  `json:"provider" validate:"required,oneof=aws cloudflare hetzner digitalocean generic"`
-	Kind          string  `json:"kind" validate:"required"`                 // aws_access_key, api_token, basic_auth, oauth2
-	SchemaVersion int     `json:"schema_version" validate:"required,gte=1"` // secret schema version
-	Name          string  `json:"name" validate:"omitempty,max=100"`        // human label
-	ScopeKind     string  `json:"scope_kind" validate:"required,oneof=provider service resource"`
-	ScopeVersion  int     `json:"scope_version" validate:"required,gte=1"`        // scope schema version
-	Scope         RawJSON `json:"scope" validate:"required" swaggertype:"object"` // {"service":"route53"} or {"arn":"..."}
-	AccountID     string  `json:"account_id,omitempty" validate:"omitempty,max=32"`
-	Region        string  `json:"region,omitempty" validate:"omitempty,max=32"`
-	Secret        RawJSON `json:"secret" validate:"required" swaggertype:"object"` // encrypted later
+	CredentialProvider string  `json:"credential_provider" validate:"required,oneof=aws cloudflare hetzner digitalocean generic"`
+	Kind               string  `json:"kind" validate:"required"`                 // aws_access_key, api_token, basic_auth, oauth2
+	SchemaVersion      int     `json:"schema_version" validate:"required,gte=1"` // secret schema version
+	Name               string  `json:"name" validate:"omitempty,max=100"`        // human label
+	ScopeKind          string  `json:"scope_kind" validate:"required,oneof=credential_provider service resource"`
+	ScopeVersion       int     `json:"scope_version" validate:"required,gte=1"`        // scope schema version
+	Scope              RawJSON `json:"scope" validate:"required" swaggertype:"object"` // {"service":"route53"} or {"arn":"..."}
+	AccountID          string  `json:"account_id,omitempty" validate:"omitempty,max=32"`
+	Region             string  `json:"region,omitempty" validate:"omitempty,max=32"`
+	Secret             RawJSON `json:"secret" validate:"required" swaggertype:"object"` // encrypted later
 }
 
 // UpdateCredentialRequest represents PATCH /credentials/{id}
@@ -123,16 +123,16 @@ type UpdateCredentialRequest struct {
 
 // CredentialOut is what we return (no secrets)
 type CredentialOut struct {
-	ID            string  `json:"id"`
-	Provider      string  `json:"provider"`
-	Kind          string  `json:"kind"`
-	SchemaVersion int     `json:"schema_version"`
-	Name          string  `json:"name"`
-	ScopeKind     string  `json:"scope_kind"`
-	ScopeVersion  int     `json:"scope_version"`
-	Scope         RawJSON `json:"scope" swaggertype:"object"`
-	AccountID     string  `json:"account_id,omitempty"`
-	Region        string  `json:"region,omitempty"`
-	CreatedAt     string  `json:"created_at"`
-	UpdatedAt     string  `json:"updated_at"`
+	ID                 string  `json:"id"`
+	CredentialProvider string  `json:"credential_provider"`
+	Kind               string  `json:"kind"`
+	SchemaVersion      int     `json:"schema_version"`
+	Name               string  `json:"name"`
+	ScopeKind          string  `json:"scope_kind"`
+	ScopeVersion       int     `json:"scope_version"`
+	Scope              RawJSON `json:"scope" swaggertype:"object"`
+	AccountID          string  `json:"account_id,omitempty"`
+	Region             string  `json:"region,omitempty"`
+	CreatedAt          string  `json:"created_at"`
+	UpdatedAt          string  `json:"updated_at"`
 }
diff --git a/main.go b/main.go
index f71c8b2..10e5ba7 100644
--- a/main.go
+++ b/main.go
@@ -11,8 +11,10 @@ import (
 // @description API for managing K3s clusters across cloud providers
 // @contact.name GlueOps
 
-// @servers.url https://autoglue.onglueops.rocks/api/v1
+// @servers.url https://autoglue.glueopshosted.com/api/v1
 // @servers.description Production API
+// @servers.url https://autoglue.glueopshosted.rocks/api/v1
+// @servers.description Pre-Production API
 // @servers.url https://autoglue.apps.nonprod.earth.onglueops.rocks/api/v1
 // @servers.description Staging API
 // @servers.url http://localhost:8080/api/v1
diff --git a/postgres/Dockerfile b/postgres/Dockerfile
index 9333ad1..f5c5b22 100644
--- a/postgres/Dockerfile
+++ b/postgres/Dockerfile
@@ -6,5 +6,4 @@ RUN cd /var/lib/postgresql/ && \
     openssl req -x509 -in server.req -text -key server.key -out server.crt && \
     chmod 600 server.key && \
     chown postgres:postgres server.key
-USER non-root
 CMD ["postgres", "-c", "ssl=on", "-c", "ssl_cert_file=/var/lib/postgresql/server.crt", "-c", "ssl_key_file=/var/lib/postgresql/server.key" ]
diff --git a/sdk/ts/.gitignore b/sdk/ts/.gitignore
new file mode 100644
index 0000000..149b576
--- /dev/null
+++ b/sdk/ts/.gitignore
@@ -0,0 +1,4 @@
+wwwroot/*.js
+node_modules
+typings
+dist
diff --git a/sdk/ts/.npmignore b/sdk/ts/.npmignore
new file mode 100644
index 0000000..42061c0
--- /dev/null
+++ b/sdk/ts/.npmignore
@@ -0,0 +1 @@
+README.md
\ No newline at end of file
diff --git a/sdk/ts/.openapi-generator-ignore b/sdk/ts/.openapi-generator-ignore
new file mode 100644
index 0000000..7484ee5
--- /dev/null
+++ b/sdk/ts/.openapi-generator-ignore
@@ -0,0 +1,23 @@
+# OpenAPI Generator Ignore
+# Generated by openapi-generator https://github.com/openapitools/openapi-generator
+
+# Use this file to prevent files from being overwritten by the generator.
+# The patterns follow closely to .gitignore or .dockerignore.
+
+# As an example, the C# client generator defines ApiClient.cs.
+# You can make changes and tell OpenAPI Generator to ignore just this file by uncommenting the following line:
+#ApiClient.cs
+
+# You can match any string of characters against a directory, file or extension with a single asterisk (*):
+#foo/*/qux
+# The above matches foo/bar/qux and foo/baz/qux, but not foo/bar/baz/qux
+
+# You can recursively match patterns against a directory, file or extension with a double asterisk (**):
+#foo/**/qux
+# This matches foo/bar/qux, foo/baz/qux, and foo/bar/baz/qux
+
+# You can also negate patterns with an exclamation (!).
+# For example, you can ignore all files in a docs folder with the file extension .md:
+#docs/*.md
+# Then explicitly reverse the ignore rule for a single file:
+#!docs/README.md
diff --git a/sdk/ts/.openapi-generator/FILES b/sdk/ts/.openapi-generator/FILES
new file mode 100644
index 0000000..164a6de
--- /dev/null
+++ b/sdk/ts/.openapi-generator/FILES
@@ -0,0 +1,189 @@
+.gitignore
+.npmignore
+.openapi-generator-ignore
+README.md
+docs/AnnotationsApi.md
+docs/ArcherAdminApi.md
+docs/AuthApi.md
+docs/ClustersApi.md
+docs/CredentialsApi.md
+docs/DNSApi.md
+docs/DtoAnnotationResponse.md
+docs/DtoAttachAnnotationsRequest.md
+docs/DtoAttachBastionRequest.md
+docs/DtoAttachCaptainDomainRequest.md
+docs/DtoAttachLabelsRequest.md
+docs/DtoAttachLoadBalancerRequest.md
+docs/DtoAttachNodePoolRequest.md
+docs/DtoAttachRecordSetRequest.md
+docs/DtoAttachServersRequest.md
+docs/DtoAttachTaintsRequest.md
+docs/DtoAuthStartResponse.md
+docs/DtoClusterResponse.md
+docs/DtoCreateAnnotationRequest.md
+docs/DtoCreateClusterRequest.md
+docs/DtoCreateCredentialRequest.md
+docs/DtoCreateDomainRequest.md
+docs/DtoCreateLabelRequest.md
+docs/DtoCreateLoadBalancerRequest.md
+docs/DtoCreateNodePoolRequest.md
+docs/DtoCreateRecordSetRequest.md
+docs/DtoCreateSSHRequest.md
+docs/DtoCreateServerRequest.md
+docs/DtoCreateTaintRequest.md
+docs/DtoCredentialOut.md
+docs/DtoDomainResponse.md
+docs/DtoEnqueueRequest.md
+docs/DtoJWK.md
+docs/DtoJWKS.md
+docs/DtoJob.md
+docs/DtoJobStatus.md
+docs/DtoLabelResponse.md
+docs/DtoLoadBalancerResponse.md
+docs/DtoLogoutRequest.md
+docs/DtoNodePoolResponse.md
+docs/DtoPageJob.md
+docs/DtoQueueInfo.md
+docs/DtoRecordSetResponse.md
+docs/DtoRefreshRequest.md
+docs/DtoServerResponse.md
+docs/DtoSetKubeconfigRequest.md
+docs/DtoSshResponse.md
+docs/DtoSshRevealResponse.md
+docs/DtoTaintResponse.md
+docs/DtoTokenPair.md
+docs/DtoUpdateAnnotationRequest.md
+docs/DtoUpdateClusterRequest.md
+docs/DtoUpdateCredentialRequest.md
+docs/DtoUpdateDomainRequest.md
+docs/DtoUpdateLabelRequest.md
+docs/DtoUpdateLoadBalancerRequest.md
+docs/DtoUpdateNodePoolRequest.md
+docs/DtoUpdateRecordSetRequest.md
+docs/DtoUpdateServerRequest.md
+docs/DtoUpdateTaintRequest.md
+docs/GetSSHKey200Response.md
+docs/HandlersCreateUserKeyRequest.md
+docs/HandlersHealthStatus.md
+docs/HandlersMeResponse.md
+docs/HandlersMemberOut.md
+docs/HandlersMemberUpsertReq.md
+docs/HandlersOrgCreateReq.md
+docs/HandlersOrgKeyCreateReq.md
+docs/HandlersOrgKeyCreateResp.md
+docs/HandlersOrgUpdateReq.md
+docs/HandlersUpdateMeRequest.md
+docs/HandlersUserAPIKeyOut.md
+docs/HandlersVersionResponse.md
+docs/HealthApi.md
+docs/LabelsApi.md
+docs/LoadBalancersApi.md
+docs/MeAPIKeysApi.md
+docs/MeApi.md
+docs/MetaApi.md
+docs/ModelsAPIKey.md
+docs/ModelsOrganization.md
+docs/ModelsUser.md
+docs/ModelsUserEmail.md
+docs/NodePoolsApi.md
+docs/OrgsApi.md
+docs/ServersApi.md
+docs/SshApi.md
+docs/TaintsApi.md
+docs/UtilsErrorResponse.md
+package.json
+src/apis/AnnotationsApi.ts
+src/apis/ArcherAdminApi.ts
+src/apis/AuthApi.ts
+src/apis/ClustersApi.ts
+src/apis/CredentialsApi.ts
+src/apis/DNSApi.ts
+src/apis/HealthApi.ts
+src/apis/LabelsApi.ts
+src/apis/LoadBalancersApi.ts
+src/apis/MeAPIKeysApi.ts
+src/apis/MeApi.ts
+src/apis/MetaApi.ts
+src/apis/NodePoolsApi.ts
+src/apis/OrgsApi.ts
+src/apis/ServersApi.ts
+src/apis/SshApi.ts
+src/apis/TaintsApi.ts
+src/apis/index.ts
+src/index.ts
+src/models/DtoAnnotationResponse.ts
+src/models/DtoAttachAnnotationsRequest.ts
+src/models/DtoAttachBastionRequest.ts
+src/models/DtoAttachCaptainDomainRequest.ts
+src/models/DtoAttachLabelsRequest.ts
+src/models/DtoAttachLoadBalancerRequest.ts
+src/models/DtoAttachNodePoolRequest.ts
+src/models/DtoAttachRecordSetRequest.ts
+src/models/DtoAttachServersRequest.ts
+src/models/DtoAttachTaintsRequest.ts
+src/models/DtoAuthStartResponse.ts
+src/models/DtoClusterResponse.ts
+src/models/DtoCreateAnnotationRequest.ts
+src/models/DtoCreateClusterRequest.ts
+src/models/DtoCreateCredentialRequest.ts
+src/models/DtoCreateDomainRequest.ts
+src/models/DtoCreateLabelRequest.ts
+src/models/DtoCreateLoadBalancerRequest.ts
+src/models/DtoCreateNodePoolRequest.ts
+src/models/DtoCreateRecordSetRequest.ts
+src/models/DtoCreateSSHRequest.ts
+src/models/DtoCreateServerRequest.ts
+src/models/DtoCreateTaintRequest.ts
+src/models/DtoCredentialOut.ts
+src/models/DtoDomainResponse.ts
+src/models/DtoEnqueueRequest.ts
+src/models/DtoJWK.ts
+src/models/DtoJWKS.ts
+src/models/DtoJob.ts
+src/models/DtoJobStatus.ts
+src/models/DtoLabelResponse.ts
+src/models/DtoLoadBalancerResponse.ts
+src/models/DtoLogoutRequest.ts
+src/models/DtoNodePoolResponse.ts
+src/models/DtoPageJob.ts
+src/models/DtoQueueInfo.ts
+src/models/DtoRecordSetResponse.ts
+src/models/DtoRefreshRequest.ts
+src/models/DtoServerResponse.ts
+src/models/DtoSetKubeconfigRequest.ts
+src/models/DtoSshResponse.ts
+src/models/DtoSshRevealResponse.ts
+src/models/DtoTaintResponse.ts
+src/models/DtoTokenPair.ts
+src/models/DtoUpdateAnnotationRequest.ts
+src/models/DtoUpdateClusterRequest.ts
+src/models/DtoUpdateCredentialRequest.ts
+src/models/DtoUpdateDomainRequest.ts
+src/models/DtoUpdateLabelRequest.ts
+src/models/DtoUpdateLoadBalancerRequest.ts
+src/models/DtoUpdateNodePoolRequest.ts
+src/models/DtoUpdateRecordSetRequest.ts
+src/models/DtoUpdateServerRequest.ts
+src/models/DtoUpdateTaintRequest.ts
+src/models/GetSSHKey200Response.ts
+src/models/HandlersCreateUserKeyRequest.ts
+src/models/HandlersHealthStatus.ts
+src/models/HandlersMeResponse.ts
+src/models/HandlersMemberOut.ts
+src/models/HandlersMemberUpsertReq.ts
+src/models/HandlersOrgCreateReq.ts
+src/models/HandlersOrgKeyCreateReq.ts
+src/models/HandlersOrgKeyCreateResp.ts
+src/models/HandlersOrgUpdateReq.ts
+src/models/HandlersUpdateMeRequest.ts
+src/models/HandlersUserAPIKeyOut.ts
+src/models/HandlersVersionResponse.ts
+src/models/ModelsAPIKey.ts
+src/models/ModelsOrganization.ts
+src/models/ModelsUser.ts
+src/models/ModelsUserEmail.ts
+src/models/UtilsErrorResponse.ts
+src/models/index.ts
+src/runtime.ts
+tsconfig.esm.json
+tsconfig.json
diff --git a/sdk/ts/.openapi-generator/VERSION b/sdk/ts/.openapi-generator/VERSION
new file mode 100644
index 0000000..6328c54
--- /dev/null
+++ b/sdk/ts/.openapi-generator/VERSION
@@ -0,0 +1 @@
+7.17.0
diff --git a/sdk/ts/README.md b/sdk/ts/README.md
new file mode 100644
index 0000000..8cdbff1
--- /dev/null
+++ b/sdk/ts/README.md
@@ -0,0 +1,325 @@
+# @glueops/autoglue-sdk-go@0.1.0
+
+A TypeScript SDK client for the autoglue.glueopshosted.com API.
+
+## Usage
+
+First, install the SDK from npm.
+
+```bash
+npm install @glueops/autoglue-sdk-go --save
+```
+
+Next, try it out.
+
+```ts
+import {
+  Configuration,
+  AnnotationsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateAnnotationRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new AnnotationsApi(config);
+
+  const body = {
+    // DtoCreateAnnotationRequest | Annotation payload
+    dtoCreateAnnotationRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateAnnotationRequest;
+
+  try {
+    const data = await api.createAnnotation(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+## Documentation
+
+### API Endpoints
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Class              | Method                                                                             | HTTP request                                              | Description                                                                                  |
+| ------------------ | ---------------------------------------------------------------------------------- | --------------------------------------------------------- | -------------------------------------------------------------------------------------------- |
+| _AnnotationsApi_   | [**createAnnotation**](docs/AnnotationsApi.md#createannotation)                    | **POST** /annotations                                     | Create annotation (org scoped)                                                               |
+| _AnnotationsApi_   | [**deleteAnnotation**](docs/AnnotationsApi.md#deleteannotation)                    | **DELETE** /annotations/{id}                              | Delete annotation (org scoped)                                                               |
+| _AnnotationsApi_   | [**getAnnotation**](docs/AnnotationsApi.md#getannotation)                          | **GET** /annotations/{id}                                 | Get annotation by ID (org scoped)                                                            |
+| _AnnotationsApi_   | [**listAnnotations**](docs/AnnotationsApi.md#listannotations)                      | **GET** /annotations                                      | List annotations (org scoped)                                                                |
+| _AnnotationsApi_   | [**updateAnnotation**](docs/AnnotationsApi.md#updateannotation)                    | **PATCH** /annotations/{id}                               | Update annotation (org scoped)                                                               |
+| _ArcherAdminApi_   | [**adminCancelArcherJob**](docs/ArcherAdminApi.md#admincancelarcherjob)            | **POST** /admin/archer/jobs/{id}/cancel                   | Cancel an Archer job (admin)                                                                 |
+| _ArcherAdminApi_   | [**adminEnqueueArcherJob**](docs/ArcherAdminApi.md#adminenqueuearcherjob)          | **POST** /admin/archer/jobs                               | Enqueue a new Archer job (admin)                                                             |
+| _ArcherAdminApi_   | [**adminListArcherJobs**](docs/ArcherAdminApi.md#adminlistarcherjobs)              | **GET** /admin/archer/jobs                                | List Archer jobs (admin)                                                                     |
+| _ArcherAdminApi_   | [**adminListArcherQueues**](docs/ArcherAdminApi.md#adminlistarcherqueues)          | **GET** /admin/archer/queues                              | List Archer queues (admin)                                                                   |
+| _ArcherAdminApi_   | [**adminRetryArcherJob**](docs/ArcherAdminApi.md#adminretryarcherjob)              | **POST** /admin/archer/jobs/{id}/retry                    | Retry a failed/canceled Archer job (admin)                                                   |
+| _AuthApi_          | [**authCallback**](docs/AuthApi.md#authcallback)                                   | **GET** /auth/{provider}/callback                         | Handle social login callback                                                                 |
+| _AuthApi_          | [**authStart**](docs/AuthApi.md#authstart)                                         | **POST** /auth/{provider}/start                           | Begin social login                                                                           |
+| _AuthApi_          | [**getJWKS**](docs/AuthApi.md#getjwks)                                             | **GET** /.well-known/jwks.json                            | Get JWKS                                                                                     |
+| _AuthApi_          | [**logout**](docs/AuthApi.md#logout)                                               | **POST** /auth/logout                                     | Revoke refresh token family (logout everywhere)                                              |
+| _AuthApi_          | [**refresh**](docs/AuthApi.md#refresh)                                             | **POST** /auth/refresh                                    | Rotate refresh token                                                                         |
+| _ClustersApi_      | [**attachAppsLoadBalancer**](docs/ClustersApi.md#attachappsloadbalancer)           | **POST** /clusters/{clusterID}/apps-load-balancer         | Attach an apps load balancer to a cluster                                                    |
+| _ClustersApi_      | [**attachBastionServer**](docs/ClustersApi.md#attachbastionserver)                 | **POST** /clusters/{clusterID}/bastion                    | Attach a bastion server to a cluster                                                         |
+| _ClustersApi_      | [**attachCaptainDomain**](docs/ClustersApi.md#attachcaptaindomain)                 | **POST** /clusters/{clusterID}/captain-domain             | Attach a captain domain to a cluster                                                         |
+| _ClustersApi_      | [**attachControlPlaneRecordSet**](docs/ClustersApi.md#attachcontrolplanerecordset) | **POST** /clusters/{clusterID}/control-plane-record-set   | Attach a control plane record set to a cluster                                               |
+| _ClustersApi_      | [**attachGlueOpsLoadBalancer**](docs/ClustersApi.md#attachglueopsloadbalancer)     | **POST** /clusters/{clusterID}/glueops-load-balancer      | Attach a GlueOps/control-plane load balancer to a cluster                                    |
+| _ClustersApi_      | [**attachNodePool**](docs/ClustersApi.md#attachnodepool)                           | **POST** /clusters/{clusterID}/node-pools                 | Attach a node pool to a cluster                                                              |
+| _ClustersApi_      | [**clearClusterKubeconfig**](docs/ClustersApi.md#clearclusterkubeconfig)           | **DELETE** /clusters/{clusterID}/kubeconfig               | Clear the kubeconfig for a cluster                                                           |
+| _ClustersApi_      | [**createCluster**](docs/ClustersApi.md#createcluster)                             | **POST** /clusters                                        | Create cluster (org scoped)                                                                  |
+| _ClustersApi_      | [**deleteCluster**](docs/ClustersApi.md#deletecluster)                             | **DELETE** /clusters/{clusterID}                          | Delete a cluster (org scoped)                                                                |
+| _ClustersApi_      | [**detachAppsLoadBalancer**](docs/ClustersApi.md#detachappsloadbalancer)           | **DELETE** /clusters/{clusterID}/apps-load-balancer       | Detach the apps load balancer from a cluster                                                 |
+| _ClustersApi_      | [**detachBastionServer**](docs/ClustersApi.md#detachbastionserver)                 | **DELETE** /clusters/{clusterID}/bastion                  | Detach the bastion server from a cluster                                                     |
+| _ClustersApi_      | [**detachCaptainDomain**](docs/ClustersApi.md#detachcaptaindomain)                 | **DELETE** /clusters/{clusterID}/captain-domain           | Detach the captain domain from a cluster                                                     |
+| _ClustersApi_      | [**detachControlPlaneRecordSet**](docs/ClustersApi.md#detachcontrolplanerecordset) | **DELETE** /clusters/{clusterID}/control-plane-record-set | Detach the control plane record set from a cluster                                           |
+| _ClustersApi_      | [**detachGlueOpsLoadBalancer**](docs/ClustersApi.md#detachglueopsloadbalancer)     | **DELETE** /clusters/{clusterID}/glueops-load-balancer    | Detach the GlueOps/control-plane load balancer from a cluster                                |
+| _ClustersApi_      | [**detachNodePool**](docs/ClustersApi.md#detachnodepool)                           | **DELETE** /clusters/{clusterID}/node-pools/{nodePoolID}  | Detach a node pool from a cluster                                                            |
+| _ClustersApi_      | [**getCluster**](docs/ClustersApi.md#getcluster)                                   | **GET** /clusters/{clusterID}                             | Get a single cluster by ID (org scoped)                                                      |
+| _ClustersApi_      | [**listClusters**](docs/ClustersApi.md#listclusters)                               | **GET** /clusters                                         | List clusters (org scoped)                                                                   |
+| _ClustersApi_      | [**setClusterKubeconfig**](docs/ClustersApi.md#setclusterkubeconfig)               | **POST** /clusters/{clusterID}/kubeconfig                 | Set (or replace) the kubeconfig for a cluster                                                |
+| _ClustersApi_      | [**updateCluster**](docs/ClustersApi.md#updatecluster)                             | **PATCH** /clusters/{clusterID}                           | Update basic cluster details (org scoped)                                                    |
+| _CredentialsApi_   | [**createCredential**](docs/CredentialsApi.md#createcredential)                    | **POST** /credentials                                     | Create a credential (encrypts secret)                                                        |
+| _CredentialsApi_   | [**deleteCredential**](docs/CredentialsApi.md#deletecredential)                    | **DELETE** /credentials/{id}                              | Delete credential                                                                            |
+| _CredentialsApi_   | [**getCredential**](docs/CredentialsApi.md#getcredential)                          | **GET** /credentials/{id}                                 | Get credential by ID (metadata only)                                                         |
+| _CredentialsApi_   | [**listCredentials**](docs/CredentialsApi.md#listcredentials)                      | **GET** /credentials                                      | List credentials (metadata only)                                                             |
+| _CredentialsApi_   | [**revealCredential**](docs/CredentialsApi.md#revealcredential)                    | **POST** /credentials/{id}/reveal                         | Reveal decrypted secret (one-time read)                                                      |
+| _CredentialsApi_   | [**updateCredential**](docs/CredentialsApi.md#updatecredential)                    | **PATCH** /credentials/{id}                               | Update credential metadata and/or rotate secret                                              |
+| _DNSApi_           | [**createDomain**](docs/DNSApi.md#createdomain)                                    | **POST** /dns/domains                                     | Create a domain (org scoped)                                                                 |
+| _DNSApi_           | [**createRecordSet**](docs/DNSApi.md#createrecordset)                              | **POST** /dns/domains/{domain_id}/records                 | Create a record set (pending; Archer will UPSERT to Route 53)                                |
+| _DNSApi_           | [**deleteDomain**](docs/DNSApi.md#deletedomain)                                    | **DELETE** /dns/domains/{id}                              | Delete a domain                                                                              |
+| _DNSApi_           | [**deleteRecordSet**](docs/DNSApi.md#deleterecordset)                              | **DELETE** /dns/records/{id}                              | Delete a record set (API removes row; worker can optionally handle external deletion policy) |
+| _DNSApi_           | [**getDomain**](docs/DNSApi.md#getdomain)                                          | **GET** /dns/domains/{id}                                 | Get a domain (org scoped)                                                                    |
+| _DNSApi_           | [**listDomains**](docs/DNSApi.md#listdomains)                                      | **GET** /dns/domains                                      | List domains (org scoped)                                                                    |
+| _DNSApi_           | [**listRecordSets**](docs/DNSApi.md#listrecordsets)                                | **GET** /dns/domains/{domain_id}/records                  | List record sets for a domain                                                                |
+| _DNSApi_           | [**updateDomain**](docs/DNSApi.md#updatedomain)                                    | **PATCH** /dns/domains/{id}                               | Update a domain (org scoped)                                                                 |
+| _DNSApi_           | [**updateRecordSet**](docs/DNSApi.md#updaterecordset)                              | **PATCH** /dns/records/{id}                               | Update a record set (flips to pending for reconciliation)                                    |
+| _HealthApi_        | [**healthCheckOperationId**](docs/HealthApi.md#healthcheckoperationid)             | **GET** /healthz                                          | Basic health check                                                                           |
+| _LabelsApi_        | [**createLabel**](docs/LabelsApi.md#createlabel)                                   | **POST** /labels                                          | Create label (org scoped)                                                                    |
+| _LabelsApi_        | [**deleteLabel**](docs/LabelsApi.md#deletelabel)                                   | **DELETE** /labels/{id}                                   | Delete label (org scoped)                                                                    |
+| _LabelsApi_        | [**getLabel**](docs/LabelsApi.md#getlabel)                                         | **GET** /labels/{id}                                      | Get label by ID (org scoped)                                                                 |
+| _LabelsApi_        | [**listLabels**](docs/LabelsApi.md#listlabels)                                     | **GET** /labels                                           | List node labels (org scoped)                                                                |
+| _LabelsApi_        | [**updateLabel**](docs/LabelsApi.md#updatelabel)                                   | **PATCH** /labels/{id}                                    | Update label (org scoped)                                                                    |
+| _LoadBalancersApi_ | [**createLoadBalancer**](docs/LoadBalancersApi.md#createloadbalancer)              | **POST** /load-balancers                                  | Create a load balancer                                                                       |
+| _LoadBalancersApi_ | [**deleteLoadBalancer**](docs/LoadBalancersApi.md#deleteloadbalancer)              | **DELETE** /load-balancers/{id}                           | Delete a load balancer                                                                       |
+| _LoadBalancersApi_ | [**getLoadBalancers**](docs/LoadBalancersApi.md#getloadbalancers)                  | **GET** /load-balancers/{id}                              | Get a load balancer (org scoped)                                                             |
+| _LoadBalancersApi_ | [**listLoadBalancers**](docs/LoadBalancersApi.md#listloadbalancers)                | **GET** /load-balancers                                   | List load balancers (org scoped)                                                             |
+| _LoadBalancersApi_ | [**updateLoadBalancer**](docs/LoadBalancersApi.md#updateloadbalancer)              | **PATCH** /load-balancers/{id}                            | Update a load balancer (org scoped)                                                          |
+| _MeApi_            | [**getMe**](docs/MeApi.md#getme)                                                   | **GET** /me                                               | Get current user profile                                                                     |
+| _MeApi_            | [**updateMe**](docs/MeApi.md#updateme)                                             | **PATCH** /me                                             | Update current user profile                                                                  |
+| _MeAPIKeysApi_     | [**createUserAPIKey**](docs/MeAPIKeysApi.md#createuserapikey)                      | **POST** /me/api-keys                                     | Create a new user API key                                                                    |
+| _MeAPIKeysApi_     | [**deleteUserAPIKey**](docs/MeAPIKeysApi.md#deleteuserapikey)                      | **DELETE** /me/api-keys/{id}                              | Delete a user API key                                                                        |
+| _MeAPIKeysApi_     | [**listUserAPIKeys**](docs/MeAPIKeysApi.md#listuserapikeys)                        | **GET** /me/api-keys                                      | List my API keys                                                                             |
+| _MetaApi_          | [**versionOperationId**](docs/MetaApi.md#versionoperationid)                       | **GET** /version                                          | Service version information                                                                  |
+| _NodePoolsApi_     | [**attachNodePoolAnnotations**](docs/NodePoolsApi.md#attachnodepoolannotations)    | **POST** /node-pools/{id}/annotations                     | Attach annotation to a node pool (org scoped)                                                |
+| _NodePoolsApi_     | [**attachNodePoolLabels**](docs/NodePoolsApi.md#attachnodepoollabels)              | **POST** /node-pools/{id}/labels                          | Attach labels to a node pool (org scoped)                                                    |
+| _NodePoolsApi_     | [**attachNodePoolServers**](docs/NodePoolsApi.md#attachnodepoolservers)            | **POST** /node-pools/{id}/servers                         | Attach servers to a node pool (org scoped)                                                   |
+| _NodePoolsApi_     | [**attachNodePoolTaints**](docs/NodePoolsApi.md#attachnodepooltaints)              | **POST** /node-pools/{id}/taints                          | Attach taints to a node pool (org scoped)                                                    |
+| _NodePoolsApi_     | [**createNodePool**](docs/NodePoolsApi.md#createnodepool)                          | **POST** /node-pools                                      | Create node pool (org scoped)                                                                |
+| _NodePoolsApi_     | [**deleteNodePool**](docs/NodePoolsApi.md#deletenodepool)                          | **DELETE** /node-pools/{id}                               | Delete node pool (org scoped)                                                                |
+| _NodePoolsApi_     | [**detachNodePoolAnnotation**](docs/NodePoolsApi.md#detachnodepoolannotation)      | **DELETE** /node-pools/{id}/annotations/{annotationId}    | Detach one annotation from a node pool (org scoped)                                          |
+| _NodePoolsApi_     | [**detachNodePoolLabel**](docs/NodePoolsApi.md#detachnodepoollabel)                | **DELETE** /node-pools/{id}/labels/{labelId}              | Detach one label from a node pool (org scoped)                                               |
+| _NodePoolsApi_     | [**detachNodePoolServer**](docs/NodePoolsApi.md#detachnodepoolserver)              | **DELETE** /node-pools/{id}/servers/{serverId}            | Detach one server from a node pool (org scoped)                                              |
+| _NodePoolsApi_     | [**detachNodePoolTaint**](docs/NodePoolsApi.md#detachnodepooltaint)                | **DELETE** /node-pools/{id}/taints/{taintId}              | Detach one taint from a node pool (org scoped)                                               |
+| _NodePoolsApi_     | [**getNodePool**](docs/NodePoolsApi.md#getnodepool)                                | **GET** /node-pools/{id}                                  | Get node pool by ID (org scoped)                                                             |
+| _NodePoolsApi_     | [**listNodePoolAnnotations**](docs/NodePoolsApi.md#listnodepoolannotations)        | **GET** /node-pools/{id}/annotations                      | List annotations attached to a node pool (org scoped)                                        |
+| _NodePoolsApi_     | [**listNodePoolLabels**](docs/NodePoolsApi.md#listnodepoollabels)                  | **GET** /node-pools/{id}/labels                           | List labels attached to a node pool (org scoped)                                             |
+| _NodePoolsApi_     | [**listNodePoolServers**](docs/NodePoolsApi.md#listnodepoolservers)                | **GET** /node-pools/{id}/servers                          | List servers attached to a node pool (org scoped)                                            |
+| _NodePoolsApi_     | [**listNodePoolTaints**](docs/NodePoolsApi.md#listnodepooltaints)                  | **GET** /node-pools/{id}/taints                           | List taints attached to a node pool (org scoped)                                             |
+| _NodePoolsApi_     | [**listNodePools**](docs/NodePoolsApi.md#listnodepools)                            | **GET** /node-pools                                       | List node pools (org scoped)                                                                 |
+| _NodePoolsApi_     | [**updateNodePool**](docs/NodePoolsApi.md#updatenodepool)                          | **PATCH** /node-pools/{id}                                | Update node pool (org scoped)                                                                |
+| _OrgsApi_          | [**addOrUpdateMember**](docs/OrgsApi.md#addorupdatemember)                         | **POST** /orgs/{id}/members                               | Add or update a member (owner/admin)                                                         |
+| _OrgsApi_          | [**createOrg**](docs/OrgsApi.md#createorg)                                         | **POST** /orgs                                            | Create organization                                                                          |
+| _OrgsApi_          | [**createOrgKey**](docs/OrgsApi.md#createorgkey)                                   | **POST** /orgs/{id}/api-keys                              | Create org key/secret pair (owner/admin)                                                     |
+| _OrgsApi_          | [**deleteOrg**](docs/OrgsApi.md#deleteorg)                                         | **DELETE** /orgs/{id}                                     | Delete organization (owner)                                                                  |
+| _OrgsApi_          | [**deleteOrgKey**](docs/OrgsApi.md#deleteorgkey)                                   | **DELETE** /orgs/{id}/api-keys/{key_id}                   | Delete org key (owner/admin)                                                                 |
+| _OrgsApi_          | [**getOrg**](docs/OrgsApi.md#getorg)                                               | **GET** /orgs/{id}                                        | Get organization                                                                             |
+| _OrgsApi_          | [**listMembers**](docs/OrgsApi.md#listmembers)                                     | **GET** /orgs/{id}/members                                | List members in org                                                                          |
+| _OrgsApi_          | [**listMyOrgs**](docs/OrgsApi.md#listmyorgs)                                       | **GET** /orgs                                             | List organizations I belong to                                                               |
+| _OrgsApi_          | [**listOrgKeys**](docs/OrgsApi.md#listorgkeys)                                     | **GET** /orgs/{id}/api-keys                               | List org-scoped API keys (no secrets)                                                        |
+| _OrgsApi_          | [**removeMember**](docs/OrgsApi.md#removemember)                                   | **DELETE** /orgs/{id}/members/{user_id}                   | Remove a member (owner/admin)                                                                |
+| _OrgsApi_          | [**updateOrg**](docs/OrgsApi.md#updateorg)                                         | **PATCH** /orgs/{id}                                      | Update organization (owner/admin)                                                            |
+| _ServersApi_       | [**createServer**](docs/ServersApi.md#createserver)                                | **POST** /servers                                         | Create server (org scoped)                                                                   |
+| _ServersApi_       | [**deleteServer**](docs/ServersApi.md#deleteserver)                                | **DELETE** /servers/{id}                                  | Delete server (org scoped)                                                                   |
+| _ServersApi_       | [**getServer**](docs/ServersApi.md#getserver)                                      | **GET** /servers/{id}                                     | Get server by ID (org scoped)                                                                |
+| _ServersApi_       | [**listServers**](docs/ServersApi.md#listservers)                                  | **GET** /servers                                          | List servers (org scoped)                                                                    |
+| _ServersApi_       | [**resetServerHostKey**](docs/ServersApi.md#resetserverhostkey)                    | **POST** /servers/{id}/reset-hostkey                      | Reset SSH host key (org scoped)                                                              |
+| _ServersApi_       | [**updateServer**](docs/ServersApi.md#updateserver)                                | **PATCH** /servers/{id}                                   | Update server (org scoped)                                                                   |
+| _SshApi_           | [**createSSHKey**](docs/SshApi.md#createsshkey)                                    | **POST** /ssh                                             | Create ssh keypair (org scoped)                                                              |
+| _SshApi_           | [**deleteSSHKey**](docs/SshApi.md#deletesshkey)                                    | **DELETE** /ssh/{id}                                      | Delete ssh keypair (org scoped)                                                              |
+| _SshApi_           | [**downloadSSHKey**](docs/SshApi.md#downloadsshkey)                                | **GET** /ssh/{id}/download                                | Download ssh key files by ID (org scoped)                                                    |
+| _SshApi_           | [**getSSHKey**](docs/SshApi.md#getsshkey)                                          | **GET** /ssh/{id}                                         | Get ssh key by ID (org scoped)                                                               |
+| _SshApi_           | [**listPublicSshKeys**](docs/SshApi.md#listpublicsshkeys)                          | **GET** /ssh                                              | List ssh keys (org scoped)                                                                   |
+| _TaintsApi_        | [**createTaint**](docs/TaintsApi.md#createtaint)                                   | **POST** /taints                                          | Create node taint (org scoped)                                                               |
+| _TaintsApi_        | [**deleteTaint**](docs/TaintsApi.md#deletetaint)                                   | **DELETE** /taints/{id}                                   | Delete taint (org scoped)                                                                    |
+| _TaintsApi_        | [**getTaint**](docs/TaintsApi.md#gettaint)                                         | **GET** /taints/{id}                                      | Get node taint by ID (org scoped)                                                            |
+| _TaintsApi_        | [**listTaints**](docs/TaintsApi.md#listtaints)                                     | **GET** /taints                                           | List node pool taints (org scoped)                                                           |
+| _TaintsApi_        | [**updateTaint**](docs/TaintsApi.md#updatetaint)                                   | **PATCH** /taints/{id}                                    | Update node taint (org scoped)                                                               |
+
+### Models
+
+- [DtoAnnotationResponse](docs/DtoAnnotationResponse.md)
+- [DtoAttachAnnotationsRequest](docs/DtoAttachAnnotationsRequest.md)
+- [DtoAttachBastionRequest](docs/DtoAttachBastionRequest.md)
+- [DtoAttachCaptainDomainRequest](docs/DtoAttachCaptainDomainRequest.md)
+- [DtoAttachLabelsRequest](docs/DtoAttachLabelsRequest.md)
+- [DtoAttachLoadBalancerRequest](docs/DtoAttachLoadBalancerRequest.md)
+- [DtoAttachNodePoolRequest](docs/DtoAttachNodePoolRequest.md)
+- [DtoAttachRecordSetRequest](docs/DtoAttachRecordSetRequest.md)
+- [DtoAttachServersRequest](docs/DtoAttachServersRequest.md)
+- [DtoAttachTaintsRequest](docs/DtoAttachTaintsRequest.md)
+- [DtoAuthStartResponse](docs/DtoAuthStartResponse.md)
+- [DtoClusterResponse](docs/DtoClusterResponse.md)
+- [DtoCreateAnnotationRequest](docs/DtoCreateAnnotationRequest.md)
+- [DtoCreateClusterRequest](docs/DtoCreateClusterRequest.md)
+- [DtoCreateCredentialRequest](docs/DtoCreateCredentialRequest.md)
+- [DtoCreateDomainRequest](docs/DtoCreateDomainRequest.md)
+- [DtoCreateLabelRequest](docs/DtoCreateLabelRequest.md)
+- [DtoCreateLoadBalancerRequest](docs/DtoCreateLoadBalancerRequest.md)
+- [DtoCreateNodePoolRequest](docs/DtoCreateNodePoolRequest.md)
+- [DtoCreateRecordSetRequest](docs/DtoCreateRecordSetRequest.md)
+- [DtoCreateSSHRequest](docs/DtoCreateSSHRequest.md)
+- [DtoCreateServerRequest](docs/DtoCreateServerRequest.md)
+- [DtoCreateTaintRequest](docs/DtoCreateTaintRequest.md)
+- [DtoCredentialOut](docs/DtoCredentialOut.md)
+- [DtoDomainResponse](docs/DtoDomainResponse.md)
+- [DtoEnqueueRequest](docs/DtoEnqueueRequest.md)
+- [DtoJWK](docs/DtoJWK.md)
+- [DtoJWKS](docs/DtoJWKS.md)
+- [DtoJob](docs/DtoJob.md)
+- [DtoJobStatus](docs/DtoJobStatus.md)
+- [DtoLabelResponse](docs/DtoLabelResponse.md)
+- [DtoLoadBalancerResponse](docs/DtoLoadBalancerResponse.md)
+- [DtoLogoutRequest](docs/DtoLogoutRequest.md)
+- [DtoNodePoolResponse](docs/DtoNodePoolResponse.md)
+- [DtoPageJob](docs/DtoPageJob.md)
+- [DtoQueueInfo](docs/DtoQueueInfo.md)
+- [DtoRecordSetResponse](docs/DtoRecordSetResponse.md)
+- [DtoRefreshRequest](docs/DtoRefreshRequest.md)
+- [DtoServerResponse](docs/DtoServerResponse.md)
+- [DtoSetKubeconfigRequest](docs/DtoSetKubeconfigRequest.md)
+- [DtoSshResponse](docs/DtoSshResponse.md)
+- [DtoSshRevealResponse](docs/DtoSshRevealResponse.md)
+- [DtoTaintResponse](docs/DtoTaintResponse.md)
+- [DtoTokenPair](docs/DtoTokenPair.md)
+- [DtoUpdateAnnotationRequest](docs/DtoUpdateAnnotationRequest.md)
+- [DtoUpdateClusterRequest](docs/DtoUpdateClusterRequest.md)
+- [DtoUpdateCredentialRequest](docs/DtoUpdateCredentialRequest.md)
+- [DtoUpdateDomainRequest](docs/DtoUpdateDomainRequest.md)
+- [DtoUpdateLabelRequest](docs/DtoUpdateLabelRequest.md)
+- [DtoUpdateLoadBalancerRequest](docs/DtoUpdateLoadBalancerRequest.md)
+- [DtoUpdateNodePoolRequest](docs/DtoUpdateNodePoolRequest.md)
+- [DtoUpdateRecordSetRequest](docs/DtoUpdateRecordSetRequest.md)
+- [DtoUpdateServerRequest](docs/DtoUpdateServerRequest.md)
+- [DtoUpdateTaintRequest](docs/DtoUpdateTaintRequest.md)
+- [GetSSHKey200Response](docs/GetSSHKey200Response.md)
+- [HandlersCreateUserKeyRequest](docs/HandlersCreateUserKeyRequest.md)
+- [HandlersHealthStatus](docs/HandlersHealthStatus.md)
+- [HandlersMeResponse](docs/HandlersMeResponse.md)
+- [HandlersMemberOut](docs/HandlersMemberOut.md)
+- [HandlersMemberUpsertReq](docs/HandlersMemberUpsertReq.md)
+- [HandlersOrgCreateReq](docs/HandlersOrgCreateReq.md)
+- [HandlersOrgKeyCreateReq](docs/HandlersOrgKeyCreateReq.md)
+- [HandlersOrgKeyCreateResp](docs/HandlersOrgKeyCreateResp.md)
+- [HandlersOrgUpdateReq](docs/HandlersOrgUpdateReq.md)
+- [HandlersUpdateMeRequest](docs/HandlersUpdateMeRequest.md)
+- [HandlersUserAPIKeyOut](docs/HandlersUserAPIKeyOut.md)
+- [HandlersVersionResponse](docs/HandlersVersionResponse.md)
+- [ModelsAPIKey](docs/ModelsAPIKey.md)
+- [ModelsOrganization](docs/ModelsOrganization.md)
+- [ModelsUser](docs/ModelsUser.md)
+- [ModelsUserEmail](docs/ModelsUserEmail.md)
+- [UtilsErrorResponse](docs/UtilsErrorResponse.md)
+
+### Authorization
+
+Authentication schemes defined for the API:
+<a id="ApiKeyAuth"></a>
+
+#### ApiKeyAuth
+
+- **Type**: API key
+- **API key parameter name**: `X-API-KEY`
+- **Location**: HTTP header
+  <a id="BearerAuth"></a>
+
+#### BearerAuth
+
+- **Type**: API key
+- **API key parameter name**: `Authorization`
+- **Location**: HTTP header
+  <a id="OrgKeyAuth"></a>
+
+#### OrgKeyAuth
+
+- **Type**: API key
+- **API key parameter name**: `X-ORG-KEY`
+- **Location**: HTTP header
+  <a id="OrgSecretAuth"></a>
+
+#### OrgSecretAuth
+
+- **Type**: API key
+- **API key parameter name**: `X-ORG-SECRET`
+- **Location**: HTTP header
+
+## About
+
+This TypeScript SDK client supports the [Fetch API](https://fetch.spec.whatwg.org/)
+and is automatically generated by the
+[OpenAPI Generator](https://openapi-generator.tech) project:
+
+- API version: `dev`
+- Package version: `0.1.0`
+- Generator version: `7.17.0`
+- Build package: `org.openapitools.codegen.languages.TypeScriptFetchClientCodegen`
+
+The generated npm module supports the following:
+
+- Environments
+  - Node.js
+  - Webpack
+  - Browserify
+- Language levels
+  - ES5 - you must have a Promises/A+ library installed
+  - ES6
+- Module systems
+  - CommonJS
+  - ES6 module system
+
+## Development
+
+### Building
+
+To build the TypeScript source code, you need to have Node.js and npm installed.
+After cloning the repository, navigate to the project directory and run:
+
+```bash
+npm install
+npm run build
+```
+
+### Publishing
+
+Once you've built the package, you can publish it to npm:
+
+```bash
+npm publish
+```
+
+## License
+
+[]()
diff --git a/sdk/ts/docs/AnnotationsApi.md b/sdk/ts/docs/AnnotationsApi.md
new file mode 100644
index 0000000..533d3b7
--- /dev/null
+++ b/sdk/ts/docs/AnnotationsApi.md
@@ -0,0 +1,412 @@
+# AnnotationsApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                     | HTTP request                 | Description                       |
+| ---------------------------------------------------------- | ---------------------------- | --------------------------------- |
+| [**createAnnotation**](AnnotationsApi.md#createannotation) | **POST** /annotations        | Create annotation (org scoped)    |
+| [**deleteAnnotation**](AnnotationsApi.md#deleteannotation) | **DELETE** /annotations/{id} | Delete annotation (org scoped)    |
+| [**getAnnotation**](AnnotationsApi.md#getannotation)       | **GET** /annotations/{id}    | Get annotation by ID (org scoped) |
+| [**listAnnotations**](AnnotationsApi.md#listannotations)   | **GET** /annotations         | List annotations (org scoped)     |
+| [**updateAnnotation**](AnnotationsApi.md#updateannotation) | **PATCH** /annotations/{id}  | Update annotation (org scoped)    |
+
+## createAnnotation
+
+> DtoAnnotationResponse createAnnotation(dtoCreateAnnotationRequest, xOrgID)
+
+Create annotation (org scoped)
+
+Creates an annotation.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  AnnotationsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateAnnotationRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new AnnotationsApi(config);
+
+  const body = {
+    // DtoCreateAnnotationRequest | Annotation payload
+    dtoCreateAnnotationRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateAnnotationRequest;
+
+  try {
+    const data = await api.createAnnotation(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                           | Type                                                        | Description        | Notes                                |
+| ------------------------------ | ----------------------------------------------------------- | ------------------ | ------------------------------------ |
+| **dtoCreateAnnotationRequest** | [DtoCreateAnnotationRequest](DtoCreateAnnotationRequest.md) | Annotation payload |                                      |
+| **xOrgID**                     | `string`                                                    | Organization UUID  | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoAnnotationResponse**](DtoAnnotationResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                   | Response headers |
+| ----------- | ----------------------------- | ---------------- |
+| **201**     | Created                       | -                |
+| **400**     | invalid json / missing fields | -                |
+| **401**     | Unauthorized                  | -                |
+| **403**     | organization required         | -                |
+| **500**     | create failed                 | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteAnnotation
+
+> deleteAnnotation(id, xOrgID)
+
+Delete annotation (org scoped)
+
+Permanently deletes the annotation.
+
+### Example
+
+```ts
+import { Configuration, AnnotationsApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteAnnotationRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new AnnotationsApi(config);
+
+  const body = {
+    // string | Annotation ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteAnnotationRequest;
+
+  try {
+    const data = await api.deleteAnnotation(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description          | Notes                                |
+| ---------- | -------- | -------------------- | ------------------------------------ |
+| **id**     | `string` | Annotation ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | delete failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getAnnotation
+
+> DtoAnnotationResponse getAnnotation(id, xOrgID)
+
+Get annotation by ID (org scoped)
+
+Returns one annotation. Add &#x60;include&#x3D;node_pools&#x60; to include node pools.
+
+### Example
+
+```ts
+import { Configuration, AnnotationsApi } from "@glueops/autoglue-sdk-go";
+import type { GetAnnotationRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new AnnotationsApi(config);
+
+  const body = {
+    // string | Annotation ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetAnnotationRequest;
+
+  try {
+    const data = await api.getAnnotation(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description          | Notes                                |
+| ---------- | -------- | -------------------- | ------------------------------------ |
+| **id**     | `string` | Annotation ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoAnnotationResponse**](DtoAnnotationResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listAnnotations
+
+> Array&lt;DtoAnnotationResponse&gt; listAnnotations(xOrgID, key, value, q)
+
+List annotations (org scoped)
+
+Returns annotations for the organization in X-Org-ID. Filters: &#x60;key&#x60;, &#x60;value&#x60;, and &#x60;q&#x60; (key contains). Add &#x60;include&#x3D;node_pools&#x60; to include linked node pools.
+
+### Example
+
+```ts
+import { Configuration, AnnotationsApi } from "@glueops/autoglue-sdk-go";
+import type { ListAnnotationsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new AnnotationsApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // string | Exact key (optional)
+    key: key_example,
+    // string | Exact value (optional)
+    value: value_example,
+    // string | key contains (case-insensitive) (optional)
+    q: q_example,
+  } satisfies ListAnnotationsRequest;
+
+  try {
+    const data = await api.listAnnotations(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description                     | Notes                                |
+| ---------- | -------- | ------------------------------- | ------------------------------------ |
+| **xOrgID** | `string` | Organization UUID               | [Optional] [Defaults to `undefined`] |
+| **key**    | `string` | Exact key                       | [Optional] [Defaults to `undefined`] |
+| **value**  | `string` | Exact value                     | [Optional] [Defaults to `undefined`] |
+| **q**      | `string` | key contains (case-insensitive) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoAnnotationResponse&gt;**](DtoAnnotationResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                | Response headers |
+| ----------- | -------------------------- | ---------------- |
+| **200**     | OK                         | -                |
+| **401**     | Unauthorized               | -                |
+| **403**     | organization required      | -                |
+| **500**     | failed to list annotations | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateAnnotation
+
+> DtoAnnotationResponse updateAnnotation(id, dtoUpdateAnnotationRequest, xOrgID)
+
+Update annotation (org scoped)
+
+Partially update annotation fields.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  AnnotationsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateAnnotationRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new AnnotationsApi(config);
+
+  const body = {
+    // string | Annotation ID (UUID)
+    id: id_example,
+    // DtoUpdateAnnotationRequest | Fields to update
+    dtoUpdateAnnotationRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateAnnotationRequest;
+
+  try {
+    const data = await api.updateAnnotation(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                           | Type                                                        | Description          | Notes                                |
+| ------------------------------ | ----------------------------------------------------------- | -------------------- | ------------------------------------ |
+| **id**                         | `string`                                                    | Annotation ID (UUID) | [Defaults to `undefined`]            |
+| **dtoUpdateAnnotationRequest** | [DtoUpdateAnnotationRequest](DtoUpdateAnnotationRequest.md) | Fields to update     |                                      |
+| **xOrgID**                     | `string`                                                    | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoAnnotationResponse**](DtoAnnotationResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description               | Response headers |
+| ----------- | ------------------------- | ---------------- |
+| **200**     | OK                        | -                |
+| **400**     | invalid id / invalid json | -                |
+| **401**     | Unauthorized              | -                |
+| **403**     | organization required     | -                |
+| **404**     | not found                 | -                |
+| **500**     | update failed             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/ArcherAdminApi.md b/sdk/ts/docs/ArcherAdminApi.md
new file mode 100644
index 0000000..39f2884
--- /dev/null
+++ b/sdk/ts/docs/ArcherAdminApi.md
@@ -0,0 +1,373 @@
+# ArcherAdminApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                               | HTTP request                            | Description                                |
+| -------------------------------------------------------------------- | --------------------------------------- | ------------------------------------------ |
+| [**adminCancelArcherJob**](ArcherAdminApi.md#admincancelarcherjob)   | **POST** /admin/archer/jobs/{id}/cancel | Cancel an Archer job (admin)               |
+| [**adminEnqueueArcherJob**](ArcherAdminApi.md#adminenqueuearcherjob) | **POST** /admin/archer/jobs             | Enqueue a new Archer job (admin)           |
+| [**adminListArcherJobs**](ArcherAdminApi.md#adminlistarcherjobs)     | **GET** /admin/archer/jobs              | List Archer jobs (admin)                   |
+| [**adminListArcherQueues**](ArcherAdminApi.md#adminlistarcherqueues) | **GET** /admin/archer/queues            | List Archer queues (admin)                 |
+| [**adminRetryArcherJob**](ArcherAdminApi.md#adminretryarcherjob)     | **POST** /admin/archer/jobs/{id}/retry  | Retry a failed/canceled Archer job (admin) |
+
+## adminCancelArcherJob
+
+> DtoJob adminCancelArcherJob(id, body)
+
+Cancel an Archer job (admin)
+
+Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.
+
+### Example
+
+```ts
+import { Configuration, ArcherAdminApi } from "@glueops/autoglue-sdk-go";
+import type { AdminCancelArcherJobRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ArcherAdminApi(config);
+
+  const body = {
+    // string | Job ID
+    id: id_example,
+    // object (optional)
+    body: Object,
+  } satisfies AdminCancelArcherJobRequest;
+
+  try {
+    const data = await api.adminCancelArcherJob(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name     | Type     | Description | Notes                     |
+| -------- | -------- | ----------- | ------------------------- |
+| **id**   | `string` | Job ID      | [Defaults to `undefined`] |
+| **body** | `object` |             | [Optional]                |
+
+### Return type
+
+[**DtoJob**](DtoJob.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                    | Response headers |
+| ----------- | ------------------------------ | ---------------- |
+| **200**     | OK                             | -                |
+| **400**     | invalid job or not cancellable | -                |
+| **401**     | Unauthorized                   | -                |
+| **403**     | forbidden                      | -                |
+| **404**     | not found                      | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## adminEnqueueArcherJob
+
+> DtoJob adminEnqueueArcherJob(dtoEnqueueRequest)
+
+Enqueue a new Archer job (admin)
+
+Create a job immediately or schedule it for the future via &#x60;run_at&#x60;.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ArcherAdminApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AdminEnqueueArcherJobRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ArcherAdminApi(config);
+
+  const body = {
+    // DtoEnqueueRequest | Job parameters
+    dtoEnqueueRequest: ...,
+  } satisfies AdminEnqueueArcherJobRequest;
+
+  try {
+    const data = await api.adminEnqueueArcherJob(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                  | Type                                      | Description    | Notes |
+| --------------------- | ----------------------------------------- | -------------- | ----- |
+| **dtoEnqueueRequest** | [DtoEnqueueRequest](DtoEnqueueRequest.md) | Job parameters |       |
+
+### Return type
+
+[**DtoJob**](DtoJob.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                    | Response headers |
+| ----------- | ------------------------------ | ---------------- |
+| **200**     | OK                             | -                |
+| **400**     | invalid json or missing fields | -                |
+| **401**     | Unauthorized                   | -                |
+| **403**     | forbidden                      | -                |
+| **500**     | internal error                 | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## adminListArcherJobs
+
+> DtoPageJob adminListArcherJobs(status, queue, q, page, pageSize)
+
+List Archer jobs (admin)
+
+Paginated background jobs with optional filters. Search &#x60;q&#x60; may match id, type, error, payload (implementation-dependent).
+
+### Example
+
+```ts
+import { Configuration, ArcherAdminApi } from "@glueops/autoglue-sdk-go";
+import type { AdminListArcherJobsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ArcherAdminApi(config);
+
+  const body = {
+    // 'queued' | 'running' | 'succeeded' | 'failed' | 'canceled' | 'retrying' | 'scheduled' | Filter by status (optional)
+    status: status_example,
+    // string | Filter by queue name / worker name (optional)
+    queue: queue_example,
+    // string | Free-text search (optional)
+    q: q_example,
+    // number | Page number (optional)
+    page: 56,
+    // number | Items per page (optional)
+    pageSize: 56,
+  } satisfies AdminListArcherJobsRequest;
+
+  try {
+    const data = await api.adminListArcherJobs(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name         | Type                                                                            | Description                        | Notes                                                                                                          |
+| ------------ | ------------------------------------------------------------------------------- | ---------------------------------- | -------------------------------------------------------------------------------------------------------------- |
+| **status**   | `queued`, `running`, `succeeded`, `failed`, `canceled`, `retrying`, `scheduled` | Filter by status                   | [Optional] [Defaults to `undefined`] [Enum: queued, running, succeeded, failed, canceled, retrying, scheduled] |
+| **queue**    | `string`                                                                        | Filter by queue name / worker name | [Optional] [Defaults to `undefined`]                                                                           |
+| **q**        | `string`                                                                        | Free-text search                   | [Optional] [Defaults to `undefined`]                                                                           |
+| **page**     | `number`                                                                        | Page number                        | [Optional] [Defaults to `1`]                                                                                   |
+| **pageSize** | `number`                                                                        | Items per page                     | [Optional] [Defaults to `25`]                                                                                  |
+
+### Return type
+
+[**DtoPageJob**](DtoPageJob.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description    | Response headers |
+| ----------- | -------------- | ---------------- |
+| **200**     | OK             | -                |
+| **401**     | Unauthorized   | -                |
+| **403**     | forbidden      | -                |
+| **500**     | internal error | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## adminListArcherQueues
+
+> Array&lt;DtoQueueInfo&gt; adminListArcherQueues()
+
+List Archer queues (admin)
+
+Summary metrics per queue (pending, running, failed, scheduled).
+
+### Example
+
+```ts
+import { Configuration, ArcherAdminApi } from "@glueops/autoglue-sdk-go";
+import type { AdminListArcherQueuesRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ArcherAdminApi(config);
+
+  try {
+    const data = await api.adminListArcherQueues();
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+This endpoint does not need any parameter.
+
+### Return type
+
+[**Array&lt;DtoQueueInfo&gt;**](DtoQueueInfo.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description    | Response headers |
+| ----------- | -------------- | ---------------- |
+| **200**     | OK             | -                |
+| **401**     | Unauthorized   | -                |
+| **403**     | forbidden      | -                |
+| **500**     | internal error | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## adminRetryArcherJob
+
+> DtoJob adminRetryArcherJob(id, body)
+
+Retry a failed/canceled Archer job (admin)
+
+Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.
+
+### Example
+
+```ts
+import { Configuration, ArcherAdminApi } from "@glueops/autoglue-sdk-go";
+import type { AdminRetryArcherJobRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ArcherAdminApi(config);
+
+  const body = {
+    // string | Job ID
+    id: id_example,
+    // object (optional)
+    body: Object,
+  } satisfies AdminRetryArcherJobRequest;
+
+  try {
+    const data = await api.adminRetryArcherJob(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name     | Type     | Description | Notes                     |
+| -------- | -------- | ----------- | ------------------------- |
+| **id**   | `string` | Job ID      | [Defaults to `undefined`] |
+| **body** | `object` |             | [Optional]                |
+
+### Return type
+
+[**DtoJob**](DtoJob.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                 | Response headers |
+| ----------- | --------------------------- | ---------------- |
+| **200**     | OK                          | -                |
+| **400**     | invalid job or not eligible | -                |
+| **401**     | Unauthorized                | -                |
+| **403**     | forbidden                   | -                |
+| **404**     | not found                   | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/AuthApi.md b/sdk/ts/docs/AuthApi.md
new file mode 100644
index 0000000..290a49b
--- /dev/null
+++ b/sdk/ts/docs/AuthApi.md
@@ -0,0 +1,314 @@
+# AuthApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                      | HTTP request                      | Description                                     |
+| ------------------------------------------- | --------------------------------- | ----------------------------------------------- |
+| [**authCallback**](AuthApi.md#authcallback) | **GET** /auth/{provider}/callback | Handle social login callback                    |
+| [**authStart**](AuthApi.md#authstart)       | **POST** /auth/{provider}/start   | Begin social login                              |
+| [**getJWKS**](AuthApi.md#getjwks)           | **GET** /.well-known/jwks.json    | Get JWKS                                        |
+| [**logout**](AuthApi.md#logout)             | **POST** /auth/logout             | Revoke refresh token family (logout everywhere) |
+| [**refresh**](AuthApi.md#refresh)           | **POST** /auth/refresh            | Rotate refresh token                            |
+
+## authCallback
+
+> DtoTokenPair authCallback(provider)
+
+Handle social login callback
+
+### Example
+
+```ts
+import { Configuration, AuthApi } from "@glueops/autoglue-sdk-go";
+import type { AuthCallbackRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const api = new AuthApi();
+
+  const body = {
+    // string | google|github
+    provider: provider_example,
+  } satisfies AuthCallbackRequest;
+
+  try {
+    const data = await api.authCallback(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name         | Type     | Description | Notes  |
+| ------------ | -------- | ----------- | ------ | ------------------------- |
+| **provider** | `string` | google      | github | [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoTokenPair**](DtoTokenPair.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## authStart
+
+> DtoAuthStartResponse authStart(provider)
+
+Begin social login
+
+Returns provider authorization URL for the frontend to redirect
+
+### Example
+
+```ts
+import { Configuration, AuthApi } from "@glueops/autoglue-sdk-go";
+import type { AuthStartRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const api = new AuthApi();
+
+  const body = {
+    // string | google|github
+    provider: provider_example,
+  } satisfies AuthStartRequest;
+
+  try {
+    const data = await api.authStart(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name         | Type     | Description | Notes  |
+| ------------ | -------- | ----------- | ------ | ------------------------- |
+| **provider** | `string` | google      | github | [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoAuthStartResponse**](DtoAuthStartResponse.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getJWKS
+
+> DtoJWKS getJWKS()
+
+Get JWKS
+
+Returns the JSON Web Key Set for token verification
+
+### Example
+
+```ts
+import { Configuration, AuthApi } from "@glueops/autoglue-sdk-go";
+import type { GetJWKSRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const api = new AuthApi();
+
+  try {
+    const data = await api.getJWKS();
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+This endpoint does not need any parameter.
+
+### Return type
+
+[**DtoJWKS**](DtoJWKS.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## logout
+
+> logout(dtoLogoutRequest)
+
+Revoke refresh token family (logout everywhere)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  AuthApi,
+} from '@glueops/autoglue-sdk-go';
+import type { LogoutRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const api = new AuthApi();
+
+  const body = {
+    // DtoLogoutRequest | Refresh token
+    dtoLogoutRequest: ...,
+  } satisfies LogoutRequest;
+
+  try {
+    const data = await api.logout(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                 | Type                                    | Description   | Notes |
+| -------------------- | --------------------------------------- | ------------- | ----- |
+| **dtoLogoutRequest** | [DtoLogoutRequest](DtoLogoutRequest.md) | Refresh token |       |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: Not defined
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **204**     | No Content  | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## refresh
+
+> DtoTokenPair refresh(dtoRefreshRequest)
+
+Rotate refresh token
+
+### Example
+
+```ts
+import {
+  Configuration,
+  AuthApi,
+} from '@glueops/autoglue-sdk-go';
+import type { RefreshRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const api = new AuthApi();
+
+  const body = {
+    // DtoRefreshRequest | Refresh token
+    dtoRefreshRequest: ...,
+  } satisfies RefreshRequest;
+
+  try {
+    const data = await api.refresh(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                  | Type                                      | Description   | Notes |
+| --------------------- | ----------------------------------------- | ------------- | ----- |
+| **dtoRefreshRequest** | [DtoRefreshRequest](DtoRefreshRequest.md) | Refresh token |       |
+
+### Return type
+
+[**DtoTokenPair**](DtoTokenPair.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/ClustersApi.md b/sdk/ts/docs/ClustersApi.md
new file mode 100644
index 0000000..7a261b6
--- /dev/null
+++ b/sdk/ts/docs/ClustersApi.md
@@ -0,0 +1,1558 @@
+# ClustersApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                                        | HTTP request                                              | Description                                                   |
+| ----------------------------------------------------------------------------- | --------------------------------------------------------- | ------------------------------------------------------------- |
+| [**attachAppsLoadBalancer**](ClustersApi.md#attachappsloadbalancer)           | **POST** /clusters/{clusterID}/apps-load-balancer         | Attach an apps load balancer to a cluster                     |
+| [**attachBastionServer**](ClustersApi.md#attachbastionserver)                 | **POST** /clusters/{clusterID}/bastion                    | Attach a bastion server to a cluster                          |
+| [**attachCaptainDomain**](ClustersApi.md#attachcaptaindomain)                 | **POST** /clusters/{clusterID}/captain-domain             | Attach a captain domain to a cluster                          |
+| [**attachControlPlaneRecordSet**](ClustersApi.md#attachcontrolplanerecordset) | **POST** /clusters/{clusterID}/control-plane-record-set   | Attach a control plane record set to a cluster                |
+| [**attachGlueOpsLoadBalancer**](ClustersApi.md#attachglueopsloadbalancer)     | **POST** /clusters/{clusterID}/glueops-load-balancer      | Attach a GlueOps/control-plane load balancer to a cluster     |
+| [**attachNodePool**](ClustersApi.md#attachnodepool)                           | **POST** /clusters/{clusterID}/node-pools                 | Attach a node pool to a cluster                               |
+| [**clearClusterKubeconfig**](ClustersApi.md#clearclusterkubeconfig)           | **DELETE** /clusters/{clusterID}/kubeconfig               | Clear the kubeconfig for a cluster                            |
+| [**createCluster**](ClustersApi.md#createcluster)                             | **POST** /clusters                                        | Create cluster (org scoped)                                   |
+| [**deleteCluster**](ClustersApi.md#deletecluster)                             | **DELETE** /clusters/{clusterID}                          | Delete a cluster (org scoped)                                 |
+| [**detachAppsLoadBalancer**](ClustersApi.md#detachappsloadbalancer)           | **DELETE** /clusters/{clusterID}/apps-load-balancer       | Detach the apps load balancer from a cluster                  |
+| [**detachBastionServer**](ClustersApi.md#detachbastionserver)                 | **DELETE** /clusters/{clusterID}/bastion                  | Detach the bastion server from a cluster                      |
+| [**detachCaptainDomain**](ClustersApi.md#detachcaptaindomain)                 | **DELETE** /clusters/{clusterID}/captain-domain           | Detach the captain domain from a cluster                      |
+| [**detachControlPlaneRecordSet**](ClustersApi.md#detachcontrolplanerecordset) | **DELETE** /clusters/{clusterID}/control-plane-record-set | Detach the control plane record set from a cluster            |
+| [**detachGlueOpsLoadBalancer**](ClustersApi.md#detachglueopsloadbalancer)     | **DELETE** /clusters/{clusterID}/glueops-load-balancer    | Detach the GlueOps/control-plane load balancer from a cluster |
+| [**detachNodePool**](ClustersApi.md#detachnodepool)                           | **DELETE** /clusters/{clusterID}/node-pools/{nodePoolID}  | Detach a node pool from a cluster                             |
+| [**getCluster**](ClustersApi.md#getcluster)                                   | **GET** /clusters/{clusterID}                             | Get a single cluster by ID (org scoped)                       |
+| [**listClusters**](ClustersApi.md#listclusters)                               | **GET** /clusters                                         | List clusters (org scoped)                                    |
+| [**setClusterKubeconfig**](ClustersApi.md#setclusterkubeconfig)               | **POST** /clusters/{clusterID}/kubeconfig                 | Set (or replace) the kubeconfig for a cluster                 |
+| [**updateCluster**](ClustersApi.md#updatecluster)                             | **PATCH** /clusters/{clusterID}                           | Update basic cluster details (org scoped)                     |
+
+## attachAppsLoadBalancer
+
+> DtoClusterResponse attachAppsLoadBalancer(clusterID, dtoAttachLoadBalancerRequest, xOrgID)
+
+Attach an apps load balancer to a cluster
+
+Sets apps_load_balancer_id on the cluster.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachAppsLoadBalancerRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // DtoAttachLoadBalancerRequest | payload
+    dtoAttachLoadBalancerRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachAppsLoadBalancerRequest;
+
+  try {
+    const data = await api.attachAppsLoadBalancer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                             | Type                                                            | Description       | Notes                                |
+| -------------------------------- | --------------------------------------------------------------- | ----------------- | ------------------------------------ |
+| **clusterID**                    | `string`                                                        | Cluster ID        | [Defaults to `undefined`]            |
+| **dtoAttachLoadBalancerRequest** | [DtoAttachLoadBalancerRequest](DtoAttachLoadBalancerRequest.md) | payload           |                                      |
+| **xOrgID**                       | `string`                                                        | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                        | Response headers |
+| ----------- | ---------------------------------- | ---------------- |
+| **200**     | OK                                 | -                |
+| **400**     | bad request                        | -                |
+| **401**     | Unauthorized                       | -                |
+| **403**     | organization required              | -                |
+| **404**     | cluster or load balancer not found | -                |
+| **500**     | db error                           | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## attachBastionServer
+
+> DtoClusterResponse attachBastionServer(clusterID, dtoAttachBastionRequest, xOrgID)
+
+Attach a bastion server to a cluster
+
+Sets bastion_server_id on the cluster.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachBastionServerRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // DtoAttachBastionRequest | payload
+    dtoAttachBastionRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachBastionServerRequest;
+
+  try {
+    const data = await api.attachBastionServer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                        | Type                                                  | Description       | Notes                                |
+| --------------------------- | ----------------------------------------------------- | ----------------- | ------------------------------------ |
+| **clusterID**               | `string`                                              | Cluster ID        | [Defaults to `undefined`]            |
+| **dtoAttachBastionRequest** | [DtoAttachBastionRequest](DtoAttachBastionRequest.md) | payload           |                                      |
+| **xOrgID**                  | `string`                                              | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                 | Response headers |
+| ----------- | --------------------------- | ---------------- |
+| **200**     | OK                          | -                |
+| **400**     | bad request                 | -                |
+| **401**     | Unauthorized                | -                |
+| **403**     | organization required       | -                |
+| **404**     | cluster or server not found | -                |
+| **500**     | db error                    | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## attachCaptainDomain
+
+> DtoClusterResponse attachCaptainDomain(clusterID, dtoAttachCaptainDomainRequest, xOrgID)
+
+Attach a captain domain to a cluster
+
+Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachCaptainDomainRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // DtoAttachCaptainDomainRequest | payload
+    dtoAttachCaptainDomainRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachCaptainDomainRequest;
+
+  try {
+    const data = await api.attachCaptainDomain(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                              | Type                                                              | Description       | Notes                                |
+| --------------------------------- | ----------------------------------------------------------------- | ----------------- | ------------------------------------ |
+| **clusterID**                     | `string`                                                          | Cluster ID        | [Defaults to `undefined`]            |
+| **dtoAttachCaptainDomainRequest** | [DtoAttachCaptainDomainRequest](DtoAttachCaptainDomainRequest.md) | payload           |                                      |
+| **xOrgID**                        | `string`                                                          | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                 | Response headers |
+| ----------- | --------------------------- | ---------------- |
+| **200**     | OK                          | -                |
+| **400**     | bad request                 | -                |
+| **401**     | Unauthorized                | -                |
+| **403**     | organization required       | -                |
+| **404**     | cluster or domain not found | -                |
+| **500**     | db error                    | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## attachControlPlaneRecordSet
+
+> DtoClusterResponse attachControlPlaneRecordSet(clusterID, dtoAttachRecordSetRequest, xOrgID)
+
+Attach a control plane record set to a cluster
+
+Sets control_plane_record_set_id on the cluster.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachControlPlaneRecordSetRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // DtoAttachRecordSetRequest | payload
+    dtoAttachRecordSetRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachControlPlaneRecordSetRequest;
+
+  try {
+    const data = await api.attachControlPlaneRecordSet(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                          | Type                                                      | Description       | Notes                                |
+| ----------------------------- | --------------------------------------------------------- | ----------------- | ------------------------------------ |
+| **clusterID**                 | `string`                                                  | Cluster ID        | [Defaults to `undefined`]            |
+| **dtoAttachRecordSetRequest** | [DtoAttachRecordSetRequest](DtoAttachRecordSetRequest.md) | payload           |                                      |
+| **xOrgID**                    | `string`                                                  | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                     | Response headers |
+| ----------- | ------------------------------- | ---------------- |
+| **200**     | OK                              | -                |
+| **400**     | bad request                     | -                |
+| **401**     | Unauthorized                    | -                |
+| **403**     | organization required           | -                |
+| **404**     | cluster or record set not found | -                |
+| **500**     | db error                        | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## attachGlueOpsLoadBalancer
+
+> DtoClusterResponse attachGlueOpsLoadBalancer(clusterID, dtoAttachLoadBalancerRequest, xOrgID)
+
+Attach a GlueOps/control-plane load balancer to a cluster
+
+Sets glueops_load_balancer_id on the cluster.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachGlueOpsLoadBalancerRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // DtoAttachLoadBalancerRequest | payload
+    dtoAttachLoadBalancerRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachGlueOpsLoadBalancerRequest;
+
+  try {
+    const data = await api.attachGlueOpsLoadBalancer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                             | Type                                                            | Description       | Notes                                |
+| -------------------------------- | --------------------------------------------------------------- | ----------------- | ------------------------------------ |
+| **clusterID**                    | `string`                                                        | Cluster ID        | [Defaults to `undefined`]            |
+| **dtoAttachLoadBalancerRequest** | [DtoAttachLoadBalancerRequest](DtoAttachLoadBalancerRequest.md) | payload           |                                      |
+| **xOrgID**                       | `string`                                                        | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                        | Response headers |
+| ----------- | ---------------------------------- | ---------------- |
+| **200**     | OK                                 | -                |
+| **400**     | bad request                        | -                |
+| **401**     | Unauthorized                       | -                |
+| **403**     | organization required              | -                |
+| **404**     | cluster or load balancer not found | -                |
+| **500**     | db error                           | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## attachNodePool
+
+> DtoClusterResponse attachNodePool(clusterID, dtoAttachNodePoolRequest, xOrgID)
+
+Attach a node pool to a cluster
+
+Adds an entry in the cluster_node_pools join table.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachNodePoolRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // DtoAttachNodePoolRequest | payload
+    dtoAttachNodePoolRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachNodePoolRequest;
+
+  try {
+    const data = await api.attachNodePool(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                         | Type                                                    | Description       | Notes                                |
+| ---------------------------- | ------------------------------------------------------- | ----------------- | ------------------------------------ |
+| **clusterID**                | `string`                                                | Cluster ID        | [Defaults to `undefined`]            |
+| **dtoAttachNodePoolRequest** | [DtoAttachNodePoolRequest](DtoAttachNodePoolRequest.md) | payload           |                                      |
+| **xOrgID**                   | `string`                                                | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                    | Response headers |
+| ----------- | ------------------------------ | ---------------- |
+| **200**     | OK                             | -                |
+| **400**     | bad request                    | -                |
+| **401**     | Unauthorized                   | -                |
+| **403**     | organization required          | -                |
+| **404**     | cluster or node pool not found | -                |
+| **500**     | db error                       | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## clearClusterKubeconfig
+
+> DtoClusterResponse clearClusterKubeconfig(clusterID, xOrgID)
+
+Clear the kubeconfig for a cluster
+
+Removes the encrypted kubeconfig, IV, and tag from the cluster record.
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { ClearClusterKubeconfigRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies ClearClusterKubeconfigRequest;
+
+  try {
+    const data = await api.clearClusterKubeconfig(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name          | Type     | Description       | Notes                                |
+| ------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID** | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **xOrgID**    | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## createCluster
+
+> DtoClusterResponse createCluster(dtoCreateClusterRequest, xOrgID)
+
+Create cluster (org scoped)
+
+Creates a cluster. Status is managed by the system and starts as &#x60;pre_pending&#x60; for validation.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateClusterRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // DtoCreateClusterRequest | payload
+    dtoCreateClusterRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateClusterRequest;
+
+  try {
+    const data = await api.createCluster(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                        | Type                                                  | Description       | Notes                                |
+| --------------------------- | ----------------------------------------------------- | ----------------- | ------------------------------------ |
+| **dtoCreateClusterRequest** | [DtoCreateClusterRequest](DtoCreateClusterRequest.md) | payload           |                                      |
+| **xOrgID**                  | `string`                                              | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **201**     | Created               | -                |
+| **400**     | invalid json          | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | create failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteCluster
+
+> string deleteCluster(clusterID, xOrgID)
+
+Delete a cluster (org scoped)
+
+Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteClusterRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteClusterRequest;
+
+  try {
+    const data = await api.deleteCluster(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name          | Type     | Description       | Notes                                |
+| ------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID** | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **xOrgID**    | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | deleted               | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachAppsLoadBalancer
+
+> DtoClusterResponse detachAppsLoadBalancer(clusterID, xOrgID)
+
+Detach the apps load balancer from a cluster
+
+Clears apps_load_balancer_id on the cluster.
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { DetachAppsLoadBalancerRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachAppsLoadBalancerRequest;
+
+  try {
+    const data = await api.detachAppsLoadBalancer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name          | Type     | Description       | Notes                                |
+| ------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID** | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **xOrgID**    | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachBastionServer
+
+> DtoClusterResponse detachBastionServer(clusterID, xOrgID)
+
+Detach the bastion server from a cluster
+
+Clears bastion_server_id on the cluster.
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { DetachBastionServerRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachBastionServerRequest;
+
+  try {
+    const data = await api.detachBastionServer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name          | Type     | Description       | Notes                                |
+| ------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID** | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **xOrgID**    | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachCaptainDomain
+
+> DtoClusterResponse detachCaptainDomain(clusterID, xOrgID)
+
+Detach the captain domain from a cluster
+
+Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { DetachCaptainDomainRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachCaptainDomainRequest;
+
+  try {
+    const data = await api.detachCaptainDomain(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name          | Type     | Description       | Notes                                |
+| ------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID** | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **xOrgID**    | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachControlPlaneRecordSet
+
+> DtoClusterResponse detachControlPlaneRecordSet(clusterID, xOrgID)
+
+Detach the control plane record set from a cluster
+
+Clears control_plane_record_set_id on the cluster.
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { DetachControlPlaneRecordSetRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachControlPlaneRecordSetRequest;
+
+  try {
+    const data = await api.detachControlPlaneRecordSet(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name          | Type     | Description       | Notes                                |
+| ------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID** | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **xOrgID**    | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachGlueOpsLoadBalancer
+
+> DtoClusterResponse detachGlueOpsLoadBalancer(clusterID, xOrgID)
+
+Detach the GlueOps/control-plane load balancer from a cluster
+
+Clears glueops_load_balancer_id on the cluster.
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { DetachGlueOpsLoadBalancerRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachGlueOpsLoadBalancerRequest;
+
+  try {
+    const data = await api.detachGlueOpsLoadBalancer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name          | Type     | Description       | Notes                                |
+| ------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID** | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **xOrgID**    | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachNodePool
+
+> DtoClusterResponse detachNodePool(clusterID, nodePoolID, xOrgID)
+
+Detach a node pool from a cluster
+
+Removes an entry from the cluster_node_pools join table.
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { DetachNodePoolRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Node Pool ID
+    nodePoolID: nodePoolID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachNodePoolRequest;
+
+  try {
+    const data = await api.detachNodePool(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name           | Type     | Description       | Notes                                |
+| -------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID**  | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **nodePoolID** | `string` | Node Pool ID      | [Defaults to `undefined`]            |
+| **xOrgID**     | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                    | Response headers |
+| ----------- | ------------------------------ | ---------------- |
+| **200**     | OK                             | -                |
+| **400**     | bad request                    | -                |
+| **401**     | Unauthorized                   | -                |
+| **403**     | organization required          | -                |
+| **404**     | cluster or node pool not found | -                |
+| **500**     | db error                       | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getCluster
+
+> DtoClusterResponse getCluster(clusterID, xOrgID)
+
+Get a single cluster by ID (org scoped)
+
+Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { GetClusterRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetClusterRequest;
+
+  try {
+    const data = await api.getCluster(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name          | Type     | Description       | Notes                                |
+| ------------- | -------- | ----------------- | ------------------------------------ |
+| **clusterID** | `string` | Cluster ID        | [Defaults to `undefined`]            |
+| **xOrgID**    | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listClusters
+
+> Array&lt;DtoClusterResponse&gt; listClusters(xOrgID, q)
+
+List clusters (org scoped)
+
+Returns clusters for the organization in X-Org-ID. Filter by &#x60;q&#x60; (name contains).
+
+### Example
+
+```ts
+import { Configuration, ClustersApi } from "@glueops/autoglue-sdk-go";
+import type { ListClustersRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // string | Name contains (case-insensitive) (optional)
+    q: q_example,
+  } satisfies ListClustersRequest;
+
+  try {
+    const data = await api.listClusters(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description                      | Notes                                |
+| ---------- | -------- | -------------------------------- | ------------------------------------ |
+| **xOrgID** | `string` | Organization UUID                | [Optional] [Defaults to `undefined`] |
+| **q**      | `string` | Name contains (case-insensitive) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoClusterResponse&gt;**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description             | Response headers |
+| ----------- | ----------------------- | ---------------- |
+| **200**     | OK                      | -                |
+| **401**     | Unauthorized            | -                |
+| **403**     | organization required   | -                |
+| **500**     | failed to list clusters | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## setClusterKubeconfig
+
+> DtoClusterResponse setClusterKubeconfig(clusterID, dtoSetKubeconfigRequest, xOrgID)
+
+Set (or replace) the kubeconfig for a cluster
+
+Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { SetClusterKubeconfigRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // DtoSetKubeconfigRequest | payload
+    dtoSetKubeconfigRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies SetClusterKubeconfigRequest;
+
+  try {
+    const data = await api.setClusterKubeconfig(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                        | Type                                                  | Description       | Notes                                |
+| --------------------------- | ----------------------------------------------------- | ----------------- | ------------------------------------ |
+| **clusterID**               | `string`                                              | Cluster ID        | [Defaults to `undefined`]            |
+| **dtoSetKubeconfigRequest** | [DtoSetKubeconfigRequest](DtoSetKubeconfigRequest.md) | payload           |                                      |
+| **xOrgID**                  | `string`                                              | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateCluster
+
+> DtoClusterResponse updateCluster(clusterID, dtoUpdateClusterRequest, xOrgID)
+
+Update basic cluster details (org scoped)
+
+Updates the cluster name, provider, and/or region. Status is managed by the system.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ClustersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateClusterRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ClustersApi(config);
+
+  const body = {
+    // string | Cluster ID
+    clusterID: clusterID_example,
+    // DtoUpdateClusterRequest | payload
+    dtoUpdateClusterRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateClusterRequest;
+
+  try {
+    const data = await api.updateCluster(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                        | Type                                                  | Description       | Notes                                |
+| --------------------------- | ----------------------------------------------------- | ----------------- | ------------------------------------ |
+| **clusterID**               | `string`                                              | Cluster ID        | [Defaults to `undefined`]            |
+| **dtoUpdateClusterRequest** | [DtoUpdateClusterRequest](DtoUpdateClusterRequest.md) | payload           |                                      |
+| **xOrgID**                  | `string`                                              | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoClusterResponse**](DtoClusterResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | bad request           | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | cluster not found     | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/CredentialsApi.md b/sdk/ts/docs/CredentialsApi.md
new file mode 100644
index 0000000..9880c77
--- /dev/null
+++ b/sdk/ts/docs/CredentialsApi.md
@@ -0,0 +1,472 @@
+# CredentialsApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                     | HTTP request                      | Description                                     |
+| ---------------------------------------------------------- | --------------------------------- | ----------------------------------------------- |
+| [**createCredential**](CredentialsApi.md#createcredential) | **POST** /credentials             | Create a credential (encrypts secret)           |
+| [**deleteCredential**](CredentialsApi.md#deletecredential) | **DELETE** /credentials/{id}      | Delete credential                               |
+| [**getCredential**](CredentialsApi.md#getcredential)       | **GET** /credentials/{id}         | Get credential by ID (metadata only)            |
+| [**listCredentials**](CredentialsApi.md#listcredentials)   | **GET** /credentials              | List credentials (metadata only)                |
+| [**revealCredential**](CredentialsApi.md#revealcredential) | **POST** /credentials/{id}/reveal | Reveal decrypted secret (one-time read)         |
+| [**updateCredential**](CredentialsApi.md#updatecredential) | **PATCH** /credentials/{id}       | Update credential metadata and/or rotate secret |
+
+## createCredential
+
+> DtoCredentialOut createCredential(dtoCreateCredentialRequest, xOrgID)
+
+Create a credential (encrypts secret)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  CredentialsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateCredentialRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new CredentialsApi(config);
+
+  const body = {
+    // DtoCreateCredentialRequest | Credential payload
+    dtoCreateCredentialRequest: ...,
+    // string | Organization ID (UUID) (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateCredentialRequest;
+
+  try {
+    const data = await api.createCredential(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                           | Type                                                        | Description            | Notes                                |
+| ------------------------------ | ----------------------------------------------------------- | ---------------------- | ------------------------------------ |
+| **dtoCreateCredentialRequest** | [DtoCreateCredentialRequest](DtoCreateCredentialRequest.md) | Credential payload     |                                      |
+| **xOrgID**                     | `string`                                                    | Organization ID (UUID) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoCredentialOut**](DtoCredentialOut.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **201**     | Created               | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | internal server error | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteCredential
+
+> deleteCredential(id, xOrgID)
+
+Delete credential
+
+### Example
+
+```ts
+import { Configuration, CredentialsApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteCredentialRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new CredentialsApi(config);
+
+  const body = {
+    // string | Credential ID (UUID)
+    id: id_example,
+    // string | Organization ID (UUID) (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteCredentialRequest;
+
+  try {
+    const data = await api.deleteCredential(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description            | Notes                                |
+| ---------- | -------- | ---------------------- | ------------------------------------ |
+| **id**     | `string` | Credential ID (UUID)   | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization ID (UUID) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **204**     | No Content  | -                |
+| **404**     | not found   | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getCredential
+
+> DtoCredentialOut getCredential(id, xOrgID)
+
+Get credential by ID (metadata only)
+
+### Example
+
+```ts
+import { Configuration, CredentialsApi } from "@glueops/autoglue-sdk-go";
+import type { GetCredentialRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new CredentialsApi(config);
+
+  const body = {
+    // string | Credential ID (UUID)
+    id: id_example,
+    // string | Organization ID (UUID) (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetCredentialRequest;
+
+  try {
+    const data = await api.getCredential(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description            | Notes                                |
+| ---------- | -------- | ---------------------- | ------------------------------------ |
+| **id**     | `string` | Credential ID (UUID)   | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization ID (UUID) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoCredentialOut**](DtoCredentialOut.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | internal server error | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listCredentials
+
+> Array&lt;DtoCredentialOut&gt; listCredentials(xOrgID, credentialProvider, kind, scopeKind)
+
+List credentials (metadata only)
+
+Returns credential metadata for the current org. Secrets are never returned.
+
+### Example
+
+```ts
+import { Configuration, CredentialsApi } from "@glueops/autoglue-sdk-go";
+import type { ListCredentialsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new CredentialsApi(config);
+
+  const body = {
+    // string | Organization ID (UUID) (optional)
+    xOrgID: xOrgID_example,
+    // string | Filter by provider (e.g., aws) (optional)
+    credentialProvider: credentialProvider_example,
+    // string | Filter by kind (e.g., aws_access_key) (optional)
+    kind: kind_example,
+    // string | Filter by scope kind (credential_provider/service/resource) (optional)
+    scopeKind: scopeKind_example,
+  } satisfies ListCredentialsRequest;
+
+  try {
+    const data = await api.listCredentials(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                   | Type     | Description                                                 | Notes                                |
+| ---------------------- | -------- | ----------------------------------------------------------- | ------------------------------------ |
+| **xOrgID**             | `string` | Organization ID (UUID)                                      | [Optional] [Defaults to `undefined`] |
+| **credentialProvider** | `string` | Filter by provider (e.g., aws)                              | [Optional] [Defaults to `undefined`] |
+| **kind**               | `string` | Filter by kind (e.g., aws_access_key)                       | [Optional] [Defaults to `undefined`] |
+| **scopeKind**          | `string` | Filter by scope kind (credential_provider/service/resource) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoCredentialOut&gt;**](DtoCredentialOut.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | internal server error | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## revealCredential
+
+> { [key: string]: any; } revealCredential(id, xOrgID, body)
+
+Reveal decrypted secret (one-time read)
+
+### Example
+
+```ts
+import { Configuration, CredentialsApi } from "@glueops/autoglue-sdk-go";
+import type { RevealCredentialRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new CredentialsApi(config);
+
+  const body = {
+    // string | Credential ID (UUID)
+    id: id_example,
+    // string | Organization ID (UUID) (optional)
+    xOrgID: xOrgID_example,
+    // object (optional)
+    body: Object,
+  } satisfies RevealCredentialRequest;
+
+  try {
+    const data = await api.revealCredential(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description            | Notes                                |
+| ---------- | -------- | ---------------------- | ------------------------------------ |
+| **id**     | `string` | Credential ID (UUID)   | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization ID (UUID) | [Optional] [Defaults to `undefined`] |
+| **body**   | `object` |                        | [Optional]                           |
+
+### Return type
+
+**{ [key: string]: any; }**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateCredential
+
+> DtoCredentialOut updateCredential(id, dtoUpdateCredentialRequest, xOrgID)
+
+Update credential metadata and/or rotate secret
+
+### Example
+
+```ts
+import {
+  Configuration,
+  CredentialsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateCredentialRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new CredentialsApi(config);
+
+  const body = {
+    // string | Credential ID (UUID)
+    id: id_example,
+    // DtoUpdateCredentialRequest | Fields to update
+    dtoUpdateCredentialRequest: ...,
+    // string | Organization ID (UUID) (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateCredentialRequest;
+
+  try {
+    const data = await api.updateCredential(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                           | Type                                                        | Description            | Notes                                |
+| ------------------------------ | ----------------------------------------------------------- | ---------------------- | ------------------------------------ |
+| **id**                         | `string`                                                    | Credential ID (UUID)   | [Defaults to `undefined`]            |
+| **dtoUpdateCredentialRequest** | [DtoUpdateCredentialRequest](DtoUpdateCredentialRequest.md) | Fields to update       |                                      |
+| **xOrgID**                     | `string`                                                    | Organization ID (UUID) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoCredentialOut**](DtoCredentialOut.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description       | Response headers |
+| ----------- | ----------------- | ---------------- |
+| **200**     | OK                | -                |
+| **403**     | X-Org-ID required | -                |
+| **404**     | not found         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DNSApi.md b/sdk/ts/docs/DNSApi.md
new file mode 100644
index 0000000..e8341d6
--- /dev/null
+++ b/sdk/ts/docs/DNSApi.md
@@ -0,0 +1,721 @@
+# DNSApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                           | HTTP request                              | Description                                                                                  |
+| ------------------------------------------------ | ----------------------------------------- | -------------------------------------------------------------------------------------------- |
+| [**createDomain**](DNSApi.md#createdomain)       | **POST** /dns/domains                     | Create a domain (org scoped)                                                                 |
+| [**createRecordSet**](DNSApi.md#createrecordset) | **POST** /dns/domains/{domain_id}/records | Create a record set (pending; Archer will UPSERT to Route 53)                                |
+| [**deleteDomain**](DNSApi.md#deletedomain)       | **DELETE** /dns/domains/{id}              | Delete a domain                                                                              |
+| [**deleteRecordSet**](DNSApi.md#deleterecordset) | **DELETE** /dns/records/{id}              | Delete a record set (API removes row; worker can optionally handle external deletion policy) |
+| [**getDomain**](DNSApi.md#getdomain)             | **GET** /dns/domains/{id}                 | Get a domain (org scoped)                                                                    |
+| [**listDomains**](DNSApi.md#listdomains)         | **GET** /dns/domains                      | List domains (org scoped)                                                                    |
+| [**listRecordSets**](DNSApi.md#listrecordsets)   | **GET** /dns/domains/{domain_id}/records  | List record sets for a domain                                                                |
+| [**updateDomain**](DNSApi.md#updatedomain)       | **PATCH** /dns/domains/{id}               | Update a domain (org scoped)                                                                 |
+| [**updateRecordSet**](DNSApi.md#updaterecordset) | **PATCH** /dns/records/{id}               | Update a record set (flips to pending for reconciliation)                                    |
+
+## createDomain
+
+> DtoDomainResponse createDomain(dtoCreateDomainRequest, xOrgID)
+
+Create a domain (org scoped)
+
+Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  DNSApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateDomainRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // DtoCreateDomainRequest | Domain payload
+    dtoCreateDomainRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateDomainRequest;
+
+  try {
+    const data = await api.createDomain(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                       | Type                                                | Description       | Notes                                |
+| -------------------------- | --------------------------------------------------- | ----------------- | ------------------------------------ |
+| **dtoCreateDomainRequest** | [DtoCreateDomainRequest](DtoCreateDomainRequest.md) | Domain payload    |                                      |
+| **xOrgID**                 | `string`                                            | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoDomainResponse**](DtoDomainResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **201**     | Created               | -                |
+| **400**     | validation error      | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## createRecordSet
+
+> DtoRecordSetResponse createRecordSet(domainId, dtoCreateRecordSetRequest, xOrgID)
+
+Create a record set (pending; Archer will UPSERT to Route 53)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  DNSApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateRecordSetRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // string | Domain ID (UUID)
+    domainId: domainId_example,
+    // DtoCreateRecordSetRequest | Record set payload
+    dtoCreateRecordSetRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateRecordSetRequest;
+
+  try {
+    const data = await api.createRecordSet(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                          | Type                                                      | Description        | Notes                                |
+| ----------------------------- | --------------------------------------------------------- | ------------------ | ------------------------------------ |
+| **domainId**                  | `string`                                                  | Domain ID (UUID)   | [Defaults to `undefined`]            |
+| **dtoCreateRecordSetRequest** | [DtoCreateRecordSetRequest](DtoCreateRecordSetRequest.md) | Record set payload |                                      |
+| **xOrgID**                    | `string`                                                  | Organization UUID  | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoRecordSetResponse**](DtoRecordSetResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **201**     | Created               | -                |
+| **400**     | validation error      | -                |
+| **403**     | organization required | -                |
+| **404**     | domain not found      | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteDomain
+
+> deleteDomain(id, xOrgID)
+
+Delete a domain
+
+### Example
+
+```ts
+import { Configuration, DNSApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteDomainRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // string | Domain ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteDomainRequest;
+
+  try {
+    const data = await api.deleteDomain(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **id**     | `string` | Domain ID (UUID)  | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteRecordSet
+
+> deleteRecordSet(id, xOrgID)
+
+Delete a record set (API removes row; worker can optionally handle external deletion policy)
+
+### Example
+
+```ts
+import { Configuration, DNSApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteRecordSetRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // string | Record Set ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteRecordSetRequest;
+
+  try {
+    const data = await api.deleteRecordSet(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description          | Notes                                |
+| ---------- | -------- | -------------------- | ------------------------------------ |
+| **id**     | `string` | Record Set ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getDomain
+
+> DtoDomainResponse getDomain(id, xOrgID)
+
+Get a domain (org scoped)
+
+### Example
+
+```ts
+import { Configuration, DNSApi } from "@glueops/autoglue-sdk-go";
+import type { GetDomainRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // string | Domain ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetDomainRequest;
+
+  try {
+    const data = await api.getDomain(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **id**     | `string` | Domain ID (UUID)  | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoDomainResponse**](DtoDomainResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listDomains
+
+> Array&lt;DtoDomainResponse&gt; listDomains(xOrgID, domainName, status, q)
+
+List domains (org scoped)
+
+Returns domains for X-Org-ID. Filters: &#x60;domain_name&#x60;, &#x60;status&#x60;, &#x60;q&#x60; (contains).
+
+### Example
+
+```ts
+import { Configuration, DNSApi } from "@glueops/autoglue-sdk-go";
+import type { ListDomainsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // string | Exact domain name (lowercase, no trailing dot) (optional)
+    domainName: domainName_example,
+    // string | pending|provisioning|ready|failed (optional)
+    status: status_example,
+    // string | Domain contains (case-insensitive) (optional)
+    q: q_example,
+  } satisfies ListDomainsRequest;
+
+  try {
+    const data = await api.listDomains(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name           | Type     | Description                                    | Notes                                |
+| -------------- | -------- | ---------------------------------------------- | ------------------------------------ | ----- | ------ | ------------------------------------ |
+| **xOrgID**     | `string` | Organization UUID                              | [Optional] [Defaults to `undefined`] |
+| **domainName** | `string` | Exact domain name (lowercase, no trailing dot) | [Optional] [Defaults to `undefined`] |
+| **status**     | `string` | pending                                        | provisioning                         | ready | failed | [Optional] [Defaults to `undefined`] |
+| **q**          | `string` | Domain contains (case-insensitive)             | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoDomainResponse&gt;**](DtoDomainResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | db error              | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listRecordSets
+
+> Array&lt;DtoRecordSetResponse&gt; listRecordSets(domainId, xOrgID, name, type, status)
+
+List record sets for a domain
+
+Filters: &#x60;name&#x60;, &#x60;type&#x60;, &#x60;status&#x60;.
+
+### Example
+
+```ts
+import { Configuration, DNSApi } from "@glueops/autoglue-sdk-go";
+import type { ListRecordSetsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // string | Domain ID (UUID)
+    domainId: domainId_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // string | Exact relative name or FQDN (server normalizes) (optional)
+    name: name_example,
+    // string | RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA) (optional)
+    type: type_example,
+    // string | pending|provisioning|ready|failed (optional)
+    status: status_example,
+  } satisfies ListRecordSetsRequest;
+
+  try {
+    const data = await api.listRecordSets(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name         | Type     | Description                                     | Notes                                |
+| ------------ | -------- | ----------------------------------------------- | ------------------------------------ | ----- | ------ | ------------------------------------ |
+| **domainId** | `string` | Domain ID (UUID)                                | [Defaults to `undefined`]            |
+| **xOrgID**   | `string` | Organization UUID                               | [Optional] [Defaults to `undefined`] |
+| **name**     | `string` | Exact relative name or FQDN (server normalizes) | [Optional] [Defaults to `undefined`] |
+| **type**     | `string` | RR type (A, AAAA, CNAME, TXT, MX, NS, SRV, CAA) | [Optional] [Defaults to `undefined`] |
+| **status**   | `string` | pending                                         | provisioning                         | ready | failed | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoRecordSetResponse&gt;**](DtoRecordSetResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **403**     | organization required | -                |
+| **404**     | domain not found      | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateDomain
+
+> DtoDomainResponse updateDomain(id, dtoUpdateDomainRequest, xOrgID)
+
+Update a domain (org scoped)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  DNSApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateDomainRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // string | Domain ID (UUID)
+    id: id_example,
+    // DtoUpdateDomainRequest | Fields to update
+    dtoUpdateDomainRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateDomainRequest;
+
+  try {
+    const data = await api.updateDomain(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                       | Type                                                | Description       | Notes                                |
+| -------------------------- | --------------------------------------------------- | ----------------- | ------------------------------------ |
+| **id**                     | `string`                                            | Domain ID (UUID)  | [Defaults to `undefined`]            |
+| **dtoUpdateDomainRequest** | [DtoUpdateDomainRequest](DtoUpdateDomainRequest.md) | Fields to update  |                                      |
+| **xOrgID**                 | `string`                                            | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoDomainResponse**](DtoDomainResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | validation error      | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateRecordSet
+
+> DtoRecordSetResponse updateRecordSet(id, dtoUpdateRecordSetRequest, xOrgID)
+
+Update a record set (flips to pending for reconciliation)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  DNSApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateRecordSetRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new DNSApi(config);
+
+  const body = {
+    // string | Record Set ID (UUID)
+    id: id_example,
+    // DtoUpdateRecordSetRequest | Fields to update
+    dtoUpdateRecordSetRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateRecordSetRequest;
+
+  try {
+    const data = await api.updateRecordSet(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                          | Type                                                      | Description          | Notes                                |
+| ----------------------------- | --------------------------------------------------------- | -------------------- | ------------------------------------ |
+| **id**                        | `string`                                                  | Record Set ID (UUID) | [Defaults to `undefined`]            |
+| **dtoUpdateRecordSetRequest** | [DtoUpdateRecordSetRequest](DtoUpdateRecordSetRequest.md) | Fields to update     |                                      |
+| **xOrgID**                    | `string`                                                  | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoRecordSetResponse**](DtoRecordSetResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | validation error      | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAnnotationResponse.md b/sdk/ts/docs/DtoAnnotationResponse.md
new file mode 100644
index 0000000..ab5a4db
--- /dev/null
+++ b/sdk/ts/docs/DtoAnnotationResponse.md
@@ -0,0 +1,40 @@
+# DtoAnnotationResponse
+
+## Properties
+
+| Name              | Type   |
+| ----------------- | ------ |
+| `created_at`      | string |
+| `id`              | string |
+| `key`             | string |
+| `organization_id` | string |
+| `updated_at`      | string |
+| `value`           | string |
+
+## Example
+
+```typescript
+import type { DtoAnnotationResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  id: null,
+  key: null,
+  organization_id: null,
+  updated_at: null,
+  value: null,
+} satisfies DtoAnnotationResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAnnotationResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachAnnotationsRequest.md b/sdk/ts/docs/DtoAttachAnnotationsRequest.md
new file mode 100644
index 0000000..fd869da
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachAnnotationsRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachAnnotationsRequest
+
+## Properties
+
+| Name             | Type                |
+| ---------------- | ------------------- |
+| `annotation_ids` | Array&lt;string&gt; |
+
+## Example
+
+```typescript
+import type { DtoAttachAnnotationsRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  annotation_ids: null,
+} satisfies DtoAttachAnnotationsRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachAnnotationsRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachBastionRequest.md b/sdk/ts/docs/DtoAttachBastionRequest.md
new file mode 100644
index 0000000..af7886c
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachBastionRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachBastionRequest
+
+## Properties
+
+| Name        | Type   |
+| ----------- | ------ |
+| `server_id` | string |
+
+## Example
+
+```typescript
+import type { DtoAttachBastionRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  server_id: null,
+} satisfies DtoAttachBastionRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachBastionRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachCaptainDomainRequest.md b/sdk/ts/docs/DtoAttachCaptainDomainRequest.md
new file mode 100644
index 0000000..78a5ed2
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachCaptainDomainRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachCaptainDomainRequest
+
+## Properties
+
+| Name        | Type   |
+| ----------- | ------ |
+| `domain_id` | string |
+
+## Example
+
+```typescript
+import type { DtoAttachCaptainDomainRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  domain_id: null,
+} satisfies DtoAttachCaptainDomainRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachCaptainDomainRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachLabelsRequest.md b/sdk/ts/docs/DtoAttachLabelsRequest.md
new file mode 100644
index 0000000..66c49b2
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachLabelsRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachLabelsRequest
+
+## Properties
+
+| Name        | Type                |
+| ----------- | ------------------- |
+| `label_ids` | Array&lt;string&gt; |
+
+## Example
+
+```typescript
+import type { DtoAttachLabelsRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  label_ids: null,
+} satisfies DtoAttachLabelsRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachLabelsRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachLoadBalancerRequest.md b/sdk/ts/docs/DtoAttachLoadBalancerRequest.md
new file mode 100644
index 0000000..6302ddb
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachLoadBalancerRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachLoadBalancerRequest
+
+## Properties
+
+| Name               | Type   |
+| ------------------ | ------ |
+| `load_balancer_id` | string |
+
+## Example
+
+```typescript
+import type { DtoAttachLoadBalancerRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  load_balancer_id: null,
+} satisfies DtoAttachLoadBalancerRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachLoadBalancerRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachNodePoolRequest.md b/sdk/ts/docs/DtoAttachNodePoolRequest.md
new file mode 100644
index 0000000..51297b3
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachNodePoolRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachNodePoolRequest
+
+## Properties
+
+| Name           | Type   |
+| -------------- | ------ |
+| `node_pool_id` | string |
+
+## Example
+
+```typescript
+import type { DtoAttachNodePoolRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  node_pool_id: null,
+} satisfies DtoAttachNodePoolRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachNodePoolRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachRecordSetRequest.md b/sdk/ts/docs/DtoAttachRecordSetRequest.md
new file mode 100644
index 0000000..8206681
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachRecordSetRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachRecordSetRequest
+
+## Properties
+
+| Name            | Type   |
+| --------------- | ------ |
+| `record_set_id` | string |
+
+## Example
+
+```typescript
+import type { DtoAttachRecordSetRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  record_set_id: null,
+} satisfies DtoAttachRecordSetRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachRecordSetRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachServersRequest.md b/sdk/ts/docs/DtoAttachServersRequest.md
new file mode 100644
index 0000000..3736a10
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachServersRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachServersRequest
+
+## Properties
+
+| Name         | Type                |
+| ------------ | ------------------- |
+| `server_ids` | Array&lt;string&gt; |
+
+## Example
+
+```typescript
+import type { DtoAttachServersRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  server_ids: null,
+} satisfies DtoAttachServersRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachServersRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAttachTaintsRequest.md b/sdk/ts/docs/DtoAttachTaintsRequest.md
new file mode 100644
index 0000000..809f0c5
--- /dev/null
+++ b/sdk/ts/docs/DtoAttachTaintsRequest.md
@@ -0,0 +1,30 @@
+# DtoAttachTaintsRequest
+
+## Properties
+
+| Name        | Type                |
+| ----------- | ------------------- |
+| `taint_ids` | Array&lt;string&gt; |
+
+## Example
+
+```typescript
+import type { DtoAttachTaintsRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  taint_ids: null,
+} satisfies DtoAttachTaintsRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAttachTaintsRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoAuthStartResponse.md b/sdk/ts/docs/DtoAuthStartResponse.md
new file mode 100644
index 0000000..d7c19be
--- /dev/null
+++ b/sdk/ts/docs/DtoAuthStartResponse.md
@@ -0,0 +1,30 @@
+# DtoAuthStartResponse
+
+## Properties
+
+| Name       | Type   |
+| ---------- | ------ |
+| `auth_url` | string |
+
+## Example
+
+```typescript
+import type { DtoAuthStartResponse } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "auth_url": https://accounts.google.com/o/oauth2/v2/auth?client_id=...,
+} satisfies DtoAuthStartResponse
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoAuthStartResponse
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoClusterResponse.md b/sdk/ts/docs/DtoClusterResponse.md
new file mode 100644
index 0000000..77dd068
--- /dev/null
+++ b/sdk/ts/docs/DtoClusterResponse.md
@@ -0,0 +1,62 @@
+# DtoClusterResponse
+
+## Properties
+
+| Name                       | Type                                                       |
+| -------------------------- | ---------------------------------------------------------- |
+| `apps_load_balancer`       | [DtoLoadBalancerResponse](DtoLoadBalancerResponse.md)      |
+| `bastion_server`           | [DtoServerResponse](DtoServerResponse.md)                  |
+| `captain_domain`           | [DtoDomainResponse](DtoDomainResponse.md)                  |
+| `certificate_key`          | string                                                     |
+| `cluster_provider`         | string                                                     |
+| `control_plane_fqdn`       | string                                                     |
+| `control_plane_record_set` | [DtoRecordSetResponse](DtoRecordSetResponse.md)            |
+| `created_at`               | string                                                     |
+| `glueops_load_balancer`    | [DtoLoadBalancerResponse](DtoLoadBalancerResponse.md)      |
+| `id`                       | string                                                     |
+| `last_error`               | string                                                     |
+| `name`                     | string                                                     |
+| `node_pools`               | [Array&lt;DtoNodePoolResponse&gt;](DtoNodePoolResponse.md) |
+| `random_token`             | string                                                     |
+| `region`                   | string                                                     |
+| `status`                   | string                                                     |
+| `updated_at`               | string                                                     |
+
+## Example
+
+```typescript
+import type { DtoClusterResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  apps_load_balancer: null,
+  bastion_server: null,
+  captain_domain: null,
+  certificate_key: null,
+  cluster_provider: null,
+  control_plane_fqdn: null,
+  control_plane_record_set: null,
+  created_at: null,
+  glueops_load_balancer: null,
+  id: null,
+  last_error: null,
+  name: null,
+  node_pools: null,
+  random_token: null,
+  region: null,
+  status: null,
+  updated_at: null,
+} satisfies DtoClusterResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoClusterResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateAnnotationRequest.md b/sdk/ts/docs/DtoCreateAnnotationRequest.md
new file mode 100644
index 0000000..8c0e2da
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateAnnotationRequest.md
@@ -0,0 +1,32 @@
+# DtoCreateAnnotationRequest
+
+## Properties
+
+| Name    | Type   |
+| ------- | ------ |
+| `key`   | string |
+| `value` | string |
+
+## Example
+
+```typescript
+import type { DtoCreateAnnotationRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  key: null,
+  value: null,
+} satisfies DtoCreateAnnotationRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateAnnotationRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateClusterRequest.md b/sdk/ts/docs/DtoCreateClusterRequest.md
new file mode 100644
index 0000000..af09f02
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateClusterRequest.md
@@ -0,0 +1,34 @@
+# DtoCreateClusterRequest
+
+## Properties
+
+| Name               | Type   |
+| ------------------ | ------ |
+| `cluster_provider` | string |
+| `name`             | string |
+| `region`           | string |
+
+## Example
+
+```typescript
+import type { DtoCreateClusterRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  cluster_provider: null,
+  name: null,
+  region: null,
+} satisfies DtoCreateClusterRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateClusterRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateCredentialRequest.md b/sdk/ts/docs/DtoCreateCredentialRequest.md
new file mode 100644
index 0000000..019346e
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateCredentialRequest.md
@@ -0,0 +1,48 @@
+# DtoCreateCredentialRequest
+
+## Properties
+
+| Name                  | Type   |
+| --------------------- | ------ |
+| `account_id`          | string |
+| `credential_provider` | string |
+| `kind`                | string |
+| `name`                | string |
+| `region`              | string |
+| `schema_version`      | number |
+| `scope`               | object |
+| `scope_kind`          | string |
+| `scope_version`       | number |
+| `secret`              | object |
+
+## Example
+
+```typescript
+import type { DtoCreateCredentialRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  account_id: null,
+  credential_provider: null,
+  kind: null,
+  name: null,
+  region: null,
+  schema_version: null,
+  scope: null,
+  scope_kind: null,
+  scope_version: null,
+  secret: null,
+} satisfies DtoCreateCredentialRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateCredentialRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateDomainRequest.md b/sdk/ts/docs/DtoCreateDomainRequest.md
new file mode 100644
index 0000000..5d095f8
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateDomainRequest.md
@@ -0,0 +1,34 @@
+# DtoCreateDomainRequest
+
+## Properties
+
+| Name            | Type   |
+| --------------- | ------ |
+| `credential_id` | string |
+| `domain_name`   | string |
+| `zone_id`       | string |
+
+## Example
+
+```typescript
+import type { DtoCreateDomainRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  credential_id: null,
+  domain_name: null,
+  zone_id: null,
+} satisfies DtoCreateDomainRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateDomainRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateLabelRequest.md b/sdk/ts/docs/DtoCreateLabelRequest.md
new file mode 100644
index 0000000..2336040
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateLabelRequest.md
@@ -0,0 +1,32 @@
+# DtoCreateLabelRequest
+
+## Properties
+
+| Name    | Type   |
+| ------- | ------ |
+| `key`   | string |
+| `value` | string |
+
+## Example
+
+```typescript
+import type { DtoCreateLabelRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  key: null,
+  value: null,
+} satisfies DtoCreateLabelRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateLabelRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateLoadBalancerRequest.md b/sdk/ts/docs/DtoCreateLoadBalancerRequest.md
new file mode 100644
index 0000000..55c8c54
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateLoadBalancerRequest.md
@@ -0,0 +1,36 @@
+# DtoCreateLoadBalancerRequest
+
+## Properties
+
+| Name                 | Type   |
+| -------------------- | ------ |
+| `kind`               | string |
+| `name`               | string |
+| `private_ip_address` | string |
+| `public_ip_address`  | string |
+
+## Example
+
+```typescript
+import type { DtoCreateLoadBalancerRequest } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "kind": public,
+  "name": glueops,
+  "private_ip_address": 192.168.0.2,
+  "public_ip_address": 8.8.8.8,
+} satisfies DtoCreateLoadBalancerRequest
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateLoadBalancerRequest
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateNodePoolRequest.md b/sdk/ts/docs/DtoCreateNodePoolRequest.md
new file mode 100644
index 0000000..c72f5e9
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateNodePoolRequest.md
@@ -0,0 +1,32 @@
+# DtoCreateNodePoolRequest
+
+## Properties
+
+| Name   | Type   |
+| ------ | ------ |
+| `name` | string |
+| `role` | string |
+
+## Example
+
+```typescript
+import type { DtoCreateNodePoolRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  name: null,
+  role: null,
+} satisfies DtoCreateNodePoolRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateNodePoolRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateRecordSetRequest.md b/sdk/ts/docs/DtoCreateRecordSetRequest.md
new file mode 100644
index 0000000..62a0686
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateRecordSetRequest.md
@@ -0,0 +1,36 @@
+# DtoCreateRecordSetRequest
+
+## Properties
+
+| Name     | Type                |
+| -------- | ------------------- |
+| `name`   | string              |
+| `ttl`    | number              |
+| `type`   | string              |
+| `values` | Array&lt;string&gt; |
+
+## Example
+
+```typescript
+import type { DtoCreateRecordSetRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  name: null,
+  ttl: null,
+  type: null,
+  values: null,
+} satisfies DtoCreateRecordSetRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateRecordSetRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateSSHRequest.md b/sdk/ts/docs/DtoCreateSSHRequest.md
new file mode 100644
index 0000000..7980fc7
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateSSHRequest.md
@@ -0,0 +1,36 @@
+# DtoCreateSSHRequest
+
+## Properties
+
+| Name      | Type   |
+| --------- | ------ |
+| `bits`    | number |
+| `comment` | string |
+| `name`    | string |
+| `type`    | string |
+
+## Example
+
+```typescript
+import type { DtoCreateSSHRequest } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "bits": null,
+  "comment": deploy@autoglue,
+  "name": null,
+  "type": null,
+} satisfies DtoCreateSSHRequest
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateSSHRequest
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateServerRequest.md b/sdk/ts/docs/DtoCreateServerRequest.md
new file mode 100644
index 0000000..c044c58
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateServerRequest.md
@@ -0,0 +1,42 @@
+# DtoCreateServerRequest
+
+## Properties
+
+| Name                 | Type   |
+| -------------------- | ------ |
+| `hostname`           | string |
+| `private_ip_address` | string |
+| `public_ip_address`  | string |
+| `role`               | string |
+| `ssh_key_id`         | string |
+| `ssh_user`           | string |
+| `status`             | string |
+
+## Example
+
+```typescript
+import type { DtoCreateServerRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  hostname: null,
+  private_ip_address: null,
+  public_ip_address: null,
+  role: master | worker | bastion,
+  ssh_key_id: null,
+  ssh_user: null,
+  status: pending | provisioning | ready | failed,
+} satisfies DtoCreateServerRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateServerRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCreateTaintRequest.md b/sdk/ts/docs/DtoCreateTaintRequest.md
new file mode 100644
index 0000000..190caff
--- /dev/null
+++ b/sdk/ts/docs/DtoCreateTaintRequest.md
@@ -0,0 +1,34 @@
+# DtoCreateTaintRequest
+
+## Properties
+
+| Name     | Type   |
+| -------- | ------ |
+| `effect` | string |
+| `key`    | string |
+| `value`  | string |
+
+## Example
+
+```typescript
+import type { DtoCreateTaintRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  effect: null,
+  key: null,
+  value: null,
+} satisfies DtoCreateTaintRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCreateTaintRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoCredentialOut.md b/sdk/ts/docs/DtoCredentialOut.md
new file mode 100644
index 0000000..9b91747
--- /dev/null
+++ b/sdk/ts/docs/DtoCredentialOut.md
@@ -0,0 +1,52 @@
+# DtoCredentialOut
+
+## Properties
+
+| Name                  | Type   |
+| --------------------- | ------ |
+| `account_id`          | string |
+| `created_at`          | string |
+| `credential_provider` | string |
+| `id`                  | string |
+| `kind`                | string |
+| `name`                | string |
+| `region`              | string |
+| `schema_version`      | number |
+| `scope`               | object |
+| `scope_kind`          | string |
+| `scope_version`       | number |
+| `updated_at`          | string |
+
+## Example
+
+```typescript
+import type { DtoCredentialOut } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  account_id: null,
+  created_at: null,
+  credential_provider: null,
+  id: null,
+  kind: null,
+  name: null,
+  region: null,
+  schema_version: null,
+  scope: null,
+  scope_kind: null,
+  scope_version: null,
+  updated_at: null,
+} satisfies DtoCredentialOut;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoCredentialOut;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoDomainResponse.md b/sdk/ts/docs/DtoDomainResponse.md
new file mode 100644
index 0000000..7945239
--- /dev/null
+++ b/sdk/ts/docs/DtoDomainResponse.md
@@ -0,0 +1,46 @@
+# DtoDomainResponse
+
+## Properties
+
+| Name              | Type   |
+| ----------------- | ------ |
+| `created_at`      | string |
+| `credential_id`   | string |
+| `domain_name`     | string |
+| `id`              | string |
+| `last_error`      | string |
+| `organization_id` | string |
+| `status`          | string |
+| `updated_at`      | string |
+| `zone_id`         | string |
+
+## Example
+
+```typescript
+import type { DtoDomainResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  credential_id: null,
+  domain_name: null,
+  id: null,
+  last_error: null,
+  organization_id: null,
+  status: null,
+  updated_at: null,
+  zone_id: null,
+} satisfies DtoDomainResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoDomainResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoEnqueueRequest.md b/sdk/ts/docs/DtoEnqueueRequest.md
new file mode 100644
index 0000000..ab5a313
--- /dev/null
+++ b/sdk/ts/docs/DtoEnqueueRequest.md
@@ -0,0 +1,36 @@
+# DtoEnqueueRequest
+
+## Properties
+
+| Name      | Type   |
+| --------- | ------ |
+| `payload` | object |
+| `queue`   | string |
+| `run_at`  | string |
+| `type`    | string |
+
+## Example
+
+```typescript
+import type { DtoEnqueueRequest } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "payload": null,
+  "queue": default,
+  "run_at": 2025-11-05T08:00:00Z,
+  "type": email.send,
+} satisfies DtoEnqueueRequest
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoEnqueueRequest
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoJWK.md b/sdk/ts/docs/DtoJWK.md
new file mode 100644
index 0000000..5d3844f
--- /dev/null
+++ b/sdk/ts/docs/DtoJWK.md
@@ -0,0 +1,42 @@
+# DtoJWK
+
+## Properties
+
+| Name  | Type   |
+| ----- | ------ |
+| `alg` | string |
+| `e`   | string |
+| `kid` | string |
+| `kty` | string |
+| `n`   | string |
+| `use` | string |
+| `x`   | string |
+
+## Example
+
+```typescript
+import type { DtoJWK } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "alg": RS256,
+  "e": AQAB,
+  "kid": 7c6f1d0a-7a98-4e6a-9dbf-6b1af4b9f345,
+  "kty": RSA,
+  "n": null,
+  "use": sig,
+  "x": null,
+} satisfies DtoJWK
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoJWK
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoJWKS.md b/sdk/ts/docs/DtoJWKS.md
new file mode 100644
index 0000000..6376d9f
--- /dev/null
+++ b/sdk/ts/docs/DtoJWKS.md
@@ -0,0 +1,30 @@
+# DtoJWKS
+
+## Properties
+
+| Name   | Type                             |
+| ------ | -------------------------------- |
+| `keys` | [Array&lt;DtoJWK&gt;](DtoJWK.md) |
+
+## Example
+
+```typescript
+import type { DtoJWKS } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  keys: null,
+} satisfies DtoJWKS;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoJWKS;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoJob.md b/sdk/ts/docs/DtoJob.md
new file mode 100644
index 0000000..1ae5dcd
--- /dev/null
+++ b/sdk/ts/docs/DtoJob.md
@@ -0,0 +1,50 @@
+# DtoJob
+
+## Properties
+
+| Name           | Type                            |
+| -------------- | ------------------------------- |
+| `attempts`     | number                          |
+| `created_at`   | string                          |
+| `id`           | string                          |
+| `last_error`   | string                          |
+| `max_attempts` | number                          |
+| `payload`      | any                             |
+| `queue`        | string                          |
+| `run_at`       | string                          |
+| `status`       | [DtoJobStatus](DtoJobStatus.md) |
+| `type`         | string                          |
+| `updated_at`   | string                          |
+
+## Example
+
+```typescript
+import type { DtoJob } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "attempts": 0,
+  "created_at": 2025-11-04T09:30:00Z,
+  "id": 01HF7SZK8Z8WG1M3J7S2Z8M2N6,
+  "last_error": error message,
+  "max_attempts": 3,
+  "payload": null,
+  "queue": default,
+  "run_at": 2025-11-04T09:30:00Z,
+  "status": null,
+  "type": email.send,
+  "updated_at": 2025-11-04T09:30:00Z,
+} satisfies DtoJob
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoJob
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoJobStatus.md b/sdk/ts/docs/DtoJobStatus.md
new file mode 100644
index 0000000..09b2203
--- /dev/null
+++ b/sdk/ts/docs/DtoJobStatus.md
@@ -0,0 +1,27 @@
+# DtoJobStatus
+
+## Properties
+
+| Name | Type |
+| ---- | ---- |
+
+## Example
+
+```typescript
+import type { DtoJobStatus } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {} satisfies DtoJobStatus;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoJobStatus;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoLabelResponse.md b/sdk/ts/docs/DtoLabelResponse.md
new file mode 100644
index 0000000..4710307
--- /dev/null
+++ b/sdk/ts/docs/DtoLabelResponse.md
@@ -0,0 +1,40 @@
+# DtoLabelResponse
+
+## Properties
+
+| Name              | Type   |
+| ----------------- | ------ |
+| `created_at`      | string |
+| `id`              | string |
+| `key`             | string |
+| `organization_id` | string |
+| `updated_at`      | string |
+| `value`           | string |
+
+## Example
+
+```typescript
+import type { DtoLabelResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  id: null,
+  key: null,
+  organization_id: null,
+  updated_at: null,
+  value: null,
+} satisfies DtoLabelResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoLabelResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoLoadBalancerResponse.md b/sdk/ts/docs/DtoLoadBalancerResponse.md
new file mode 100644
index 0000000..0d0bd90
--- /dev/null
+++ b/sdk/ts/docs/DtoLoadBalancerResponse.md
@@ -0,0 +1,44 @@
+# DtoLoadBalancerResponse
+
+## Properties
+
+| Name                 | Type   |
+| -------------------- | ------ |
+| `created_at`         | string |
+| `id`                 | string |
+| `kind`               | string |
+| `name`               | string |
+| `organization_id`    | string |
+| `private_ip_address` | string |
+| `public_ip_address`  | string |
+| `updated_at`         | string |
+
+## Example
+
+```typescript
+import type { DtoLoadBalancerResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  id: null,
+  kind: null,
+  name: null,
+  organization_id: null,
+  private_ip_address: null,
+  public_ip_address: null,
+  updated_at: null,
+} satisfies DtoLoadBalancerResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoLoadBalancerResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoLogoutRequest.md b/sdk/ts/docs/DtoLogoutRequest.md
new file mode 100644
index 0000000..2eab986
--- /dev/null
+++ b/sdk/ts/docs/DtoLogoutRequest.md
@@ -0,0 +1,30 @@
+# DtoLogoutRequest
+
+## Properties
+
+| Name            | Type   |
+| --------------- | ------ |
+| `refresh_token` | string |
+
+## Example
+
+```typescript
+import type { DtoLogoutRequest } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "refresh_token": m0l9o8rT3t0V8d3eFf...,
+} satisfies DtoLogoutRequest
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoLogoutRequest
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoNodePoolResponse.md b/sdk/ts/docs/DtoNodePoolResponse.md
new file mode 100644
index 0000000..134f95f
--- /dev/null
+++ b/sdk/ts/docs/DtoNodePoolResponse.md
@@ -0,0 +1,48 @@
+# DtoNodePoolResponse
+
+## Properties
+
+| Name              | Type                                                           |
+| ----------------- | -------------------------------------------------------------- |
+| `annotations`     | [Array&lt;DtoAnnotationResponse&gt;](DtoAnnotationResponse.md) |
+| `created_at`      | string                                                         |
+| `id`              | string                                                         |
+| `labels`          | [Array&lt;DtoLabelResponse&gt;](DtoLabelResponse.md)           |
+| `name`            | string                                                         |
+| `organization_id` | string                                                         |
+| `role`            | string                                                         |
+| `servers`         | [Array&lt;DtoServerResponse&gt;](DtoServerResponse.md)         |
+| `taints`          | [Array&lt;DtoTaintResponse&gt;](DtoTaintResponse.md)           |
+| `updated_at`      | string                                                         |
+
+## Example
+
+```typescript
+import type { DtoNodePoolResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  annotations: null,
+  created_at: null,
+  id: null,
+  labels: null,
+  name: null,
+  organization_id: null,
+  role: null,
+  servers: null,
+  taints: null,
+  updated_at: null,
+} satisfies DtoNodePoolResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoNodePoolResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoPageJob.md b/sdk/ts/docs/DtoPageJob.md
new file mode 100644
index 0000000..a05de55
--- /dev/null
+++ b/sdk/ts/docs/DtoPageJob.md
@@ -0,0 +1,36 @@
+# DtoPageJob
+
+## Properties
+
+| Name        | Type                             |
+| ----------- | -------------------------------- |
+| `items`     | [Array&lt;DtoJob&gt;](DtoJob.md) |
+| `page`      | number                           |
+| `page_size` | number                           |
+| `total`     | number                           |
+
+## Example
+
+```typescript
+import type { DtoPageJob } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  items: null,
+  page: 1,
+  page_size: 25,
+  total: 120,
+} satisfies DtoPageJob;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoPageJob;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoQueueInfo.md b/sdk/ts/docs/DtoQueueInfo.md
new file mode 100644
index 0000000..b98ee61
--- /dev/null
+++ b/sdk/ts/docs/DtoQueueInfo.md
@@ -0,0 +1,38 @@
+# DtoQueueInfo
+
+## Properties
+
+| Name        | Type   |
+| ----------- | ------ |
+| `failed`    | number |
+| `name`      | string |
+| `pending`   | number |
+| `running`   | number |
+| `scheduled` | number |
+
+## Example
+
+```typescript
+import type { DtoQueueInfo } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "failed": 5,
+  "name": default,
+  "pending": 42,
+  "running": 3,
+  "scheduled": 7,
+} satisfies DtoQueueInfo
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoQueueInfo
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoRecordSetResponse.md b/sdk/ts/docs/DtoRecordSetResponse.md
new file mode 100644
index 0000000..fc6228e
--- /dev/null
+++ b/sdk/ts/docs/DtoRecordSetResponse.md
@@ -0,0 +1,52 @@
+# DtoRecordSetResponse
+
+## Properties
+
+| Name          | Type   |
+| ------------- | ------ |
+| `created_at`  | string |
+| `domain_id`   | string |
+| `fingerprint` | string |
+| `id`          | string |
+| `last_error`  | string |
+| `name`        | string |
+| `owner`       | string |
+| `status`      | string |
+| `ttl`         | number |
+| `type`        | string |
+| `updated_at`  | string |
+| `values`      | object |
+
+## Example
+
+```typescript
+import type { DtoRecordSetResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  domain_id: null,
+  fingerprint: null,
+  id: null,
+  last_error: null,
+  name: null,
+  owner: null,
+  status: null,
+  ttl: null,
+  type: null,
+  updated_at: null,
+  values: null,
+} satisfies DtoRecordSetResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoRecordSetResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoRefreshRequest.md b/sdk/ts/docs/DtoRefreshRequest.md
new file mode 100644
index 0000000..8d63197
--- /dev/null
+++ b/sdk/ts/docs/DtoRefreshRequest.md
@@ -0,0 +1,30 @@
+# DtoRefreshRequest
+
+## Properties
+
+| Name            | Type   |
+| --------------- | ------ |
+| `refresh_token` | string |
+
+## Example
+
+```typescript
+import type { DtoRefreshRequest } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "refresh_token": m0l9o8rT3t0V8d3eFf...,
+} satisfies DtoRefreshRequest
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoRefreshRequest
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoServerResponse.md b/sdk/ts/docs/DtoServerResponse.md
new file mode 100644
index 0000000..d756598
--- /dev/null
+++ b/sdk/ts/docs/DtoServerResponse.md
@@ -0,0 +1,50 @@
+# DtoServerResponse
+
+## Properties
+
+| Name                 | Type   |
+| -------------------- | ------ |
+| `created_at`         | string |
+| `hostname`           | string |
+| `id`                 | string |
+| `organization_id`    | string |
+| `private_ip_address` | string |
+| `public_ip_address`  | string |
+| `role`               | string |
+| `ssh_key_id`         | string |
+| `ssh_user`           | string |
+| `status`             | string |
+| `updated_at`         | string |
+
+## Example
+
+```typescript
+import type { DtoServerResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  hostname: null,
+  id: null,
+  organization_id: null,
+  private_ip_address: null,
+  public_ip_address: null,
+  role: master | worker | bastion,
+  ssh_key_id: null,
+  ssh_user: null,
+  status: pending | provisioning | ready | failed,
+  updated_at: null,
+} satisfies DtoServerResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoServerResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoSetKubeconfigRequest.md b/sdk/ts/docs/DtoSetKubeconfigRequest.md
new file mode 100644
index 0000000..08a1481
--- /dev/null
+++ b/sdk/ts/docs/DtoSetKubeconfigRequest.md
@@ -0,0 +1,30 @@
+# DtoSetKubeconfigRequest
+
+## Properties
+
+| Name         | Type   |
+| ------------ | ------ |
+| `kubeconfig` | string |
+
+## Example
+
+```typescript
+import type { DtoSetKubeconfigRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  kubeconfig: null,
+} satisfies DtoSetKubeconfigRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoSetKubeconfigRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoSshResponse.md b/sdk/ts/docs/DtoSshResponse.md
new file mode 100644
index 0000000..1a2aa7b
--- /dev/null
+++ b/sdk/ts/docs/DtoSshResponse.md
@@ -0,0 +1,42 @@
+# DtoSshResponse
+
+## Properties
+
+| Name              | Type   |
+| ----------------- | ------ |
+| `created_at`      | string |
+| `fingerprint`     | string |
+| `id`              | string |
+| `name`            | string |
+| `organization_id` | string |
+| `public_key`      | string |
+| `updated_at`      | string |
+
+## Example
+
+```typescript
+import type { DtoSshResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  fingerprint: null,
+  id: null,
+  name: null,
+  organization_id: null,
+  public_key: null,
+  updated_at: null,
+} satisfies DtoSshResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoSshResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoSshRevealResponse.md b/sdk/ts/docs/DtoSshRevealResponse.md
new file mode 100644
index 0000000..2f7ddf4
--- /dev/null
+++ b/sdk/ts/docs/DtoSshRevealResponse.md
@@ -0,0 +1,44 @@
+# DtoSshRevealResponse
+
+## Properties
+
+| Name              | Type   |
+| ----------------- | ------ |
+| `created_at`      | string |
+| `fingerprint`     | string |
+| `id`              | string |
+| `name`            | string |
+| `organization_id` | string |
+| `private_key`     | string |
+| `public_key`      | string |
+| `updated_at`      | string |
+
+## Example
+
+```typescript
+import type { DtoSshRevealResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  fingerprint: null,
+  id: null,
+  name: null,
+  organization_id: null,
+  private_key: null,
+  public_key: null,
+  updated_at: null,
+} satisfies DtoSshRevealResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoSshRevealResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoTaintResponse.md b/sdk/ts/docs/DtoTaintResponse.md
new file mode 100644
index 0000000..320fcde
--- /dev/null
+++ b/sdk/ts/docs/DtoTaintResponse.md
@@ -0,0 +1,42 @@
+# DtoTaintResponse
+
+## Properties
+
+| Name              | Type   |
+| ----------------- | ------ |
+| `created_at`      | string |
+| `effect`          | string |
+| `id`              | string |
+| `key`             | string |
+| `organization_id` | string |
+| `updated_at`      | string |
+| `value`           | string |
+
+## Example
+
+```typescript
+import type { DtoTaintResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  effect: null,
+  id: null,
+  key: null,
+  organization_id: null,
+  updated_at: null,
+  value: null,
+} satisfies DtoTaintResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoTaintResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoTokenPair.md b/sdk/ts/docs/DtoTokenPair.md
new file mode 100644
index 0000000..4ab04f8
--- /dev/null
+++ b/sdk/ts/docs/DtoTokenPair.md
@@ -0,0 +1,36 @@
+# DtoTokenPair
+
+## Properties
+
+| Name            | Type   |
+| --------------- | ------ |
+| `access_token`  | string |
+| `expires_in`    | number |
+| `refresh_token` | string |
+| `token_type`    | string |
+
+## Example
+
+```typescript
+import type { DtoTokenPair } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "access_token": eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ij...,
+  "expires_in": 3600,
+  "refresh_token": m0l9o8rT3t0V8d3eFf....,
+  "token_type": Bearer,
+} satisfies DtoTokenPair
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoTokenPair
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateAnnotationRequest.md b/sdk/ts/docs/DtoUpdateAnnotationRequest.md
new file mode 100644
index 0000000..657e5a6
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateAnnotationRequest.md
@@ -0,0 +1,32 @@
+# DtoUpdateAnnotationRequest
+
+## Properties
+
+| Name    | Type   |
+| ------- | ------ |
+| `key`   | string |
+| `value` | string |
+
+## Example
+
+```typescript
+import type { DtoUpdateAnnotationRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  key: null,
+  value: null,
+} satisfies DtoUpdateAnnotationRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateAnnotationRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateClusterRequest.md b/sdk/ts/docs/DtoUpdateClusterRequest.md
new file mode 100644
index 0000000..50eccd5
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateClusterRequest.md
@@ -0,0 +1,34 @@
+# DtoUpdateClusterRequest
+
+## Properties
+
+| Name               | Type   |
+| ------------------ | ------ |
+| `cluster_provider` | string |
+| `name`             | string |
+| `region`           | string |
+
+## Example
+
+```typescript
+import type { DtoUpdateClusterRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  cluster_provider: null,
+  name: null,
+  region: null,
+} satisfies DtoUpdateClusterRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateClusterRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateCredentialRequest.md b/sdk/ts/docs/DtoUpdateCredentialRequest.md
new file mode 100644
index 0000000..f207336
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateCredentialRequest.md
@@ -0,0 +1,42 @@
+# DtoUpdateCredentialRequest
+
+## Properties
+
+| Name            | Type   |
+| --------------- | ------ |
+| `account_id`    | string |
+| `name`          | string |
+| `region`        | string |
+| `scope`         | object |
+| `scope_kind`    | string |
+| `scope_version` | number |
+| `secret`        | object |
+
+## Example
+
+```typescript
+import type { DtoUpdateCredentialRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  account_id: null,
+  name: null,
+  region: null,
+  scope: null,
+  scope_kind: null,
+  scope_version: null,
+  secret: null,
+} satisfies DtoUpdateCredentialRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateCredentialRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateDomainRequest.md b/sdk/ts/docs/DtoUpdateDomainRequest.md
new file mode 100644
index 0000000..956371b
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateDomainRequest.md
@@ -0,0 +1,36 @@
+# DtoUpdateDomainRequest
+
+## Properties
+
+| Name            | Type   |
+| --------------- | ------ |
+| `credential_id` | string |
+| `domain_name`   | string |
+| `status`        | string |
+| `zone_id`       | string |
+
+## Example
+
+```typescript
+import type { DtoUpdateDomainRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  credential_id: null,
+  domain_name: null,
+  status: null,
+  zone_id: null,
+} satisfies DtoUpdateDomainRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateDomainRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateLabelRequest.md b/sdk/ts/docs/DtoUpdateLabelRequest.md
new file mode 100644
index 0000000..2e2b53b
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateLabelRequest.md
@@ -0,0 +1,32 @@
+# DtoUpdateLabelRequest
+
+## Properties
+
+| Name    | Type   |
+| ------- | ------ |
+| `key`   | string |
+| `value` | string |
+
+## Example
+
+```typescript
+import type { DtoUpdateLabelRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  key: null,
+  value: null,
+} satisfies DtoUpdateLabelRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateLabelRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateLoadBalancerRequest.md b/sdk/ts/docs/DtoUpdateLoadBalancerRequest.md
new file mode 100644
index 0000000..41e722e
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateLoadBalancerRequest.md
@@ -0,0 +1,36 @@
+# DtoUpdateLoadBalancerRequest
+
+## Properties
+
+| Name                 | Type   |
+| -------------------- | ------ |
+| `kind`               | string |
+| `name`               | string |
+| `private_ip_address` | string |
+| `public_ip_address`  | string |
+
+## Example
+
+```typescript
+import type { DtoUpdateLoadBalancerRequest } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "kind": public,
+  "name": glue,
+  "private_ip_address": 192.168.0.2,
+  "public_ip_address": 8.8.8.8,
+} satisfies DtoUpdateLoadBalancerRequest
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateLoadBalancerRequest
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateNodePoolRequest.md b/sdk/ts/docs/DtoUpdateNodePoolRequest.md
new file mode 100644
index 0000000..04f55c0
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateNodePoolRequest.md
@@ -0,0 +1,32 @@
+# DtoUpdateNodePoolRequest
+
+## Properties
+
+| Name   | Type   |
+| ------ | ------ |
+| `name` | string |
+| `role` | string |
+
+## Example
+
+```typescript
+import type { DtoUpdateNodePoolRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  name: null,
+  role: null,
+} satisfies DtoUpdateNodePoolRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateNodePoolRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateRecordSetRequest.md b/sdk/ts/docs/DtoUpdateRecordSetRequest.md
new file mode 100644
index 0000000..ea9a6e9
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateRecordSetRequest.md
@@ -0,0 +1,38 @@
+# DtoUpdateRecordSetRequest
+
+## Properties
+
+| Name     | Type                |
+| -------- | ------------------- |
+| `name`   | string              |
+| `status` | string              |
+| `ttl`    | number              |
+| `type`   | string              |
+| `values` | Array&lt;string&gt; |
+
+## Example
+
+```typescript
+import type { DtoUpdateRecordSetRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  name: null,
+  status: null,
+  ttl: null,
+  type: null,
+  values: null,
+} satisfies DtoUpdateRecordSetRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateRecordSetRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateServerRequest.md b/sdk/ts/docs/DtoUpdateServerRequest.md
new file mode 100644
index 0000000..39c61b6
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateServerRequest.md
@@ -0,0 +1,42 @@
+# DtoUpdateServerRequest
+
+## Properties
+
+| Name                 | Type   |
+| -------------------- | ------ |
+| `hostname`           | string |
+| `private_ip_address` | string |
+| `public_ip_address`  | string |
+| `role`               | string |
+| `ssh_key_id`         | string |
+| `ssh_user`           | string |
+| `status`             | string |
+
+## Example
+
+```typescript
+import type { DtoUpdateServerRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  hostname: null,
+  private_ip_address: null,
+  public_ip_address: null,
+  role: master | worker | bastion,
+  ssh_key_id: null,
+  ssh_user: null,
+  status: pending | provisioning | ready | failed,
+} satisfies DtoUpdateServerRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateServerRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/DtoUpdateTaintRequest.md b/sdk/ts/docs/DtoUpdateTaintRequest.md
new file mode 100644
index 0000000..b84efaf
--- /dev/null
+++ b/sdk/ts/docs/DtoUpdateTaintRequest.md
@@ -0,0 +1,34 @@
+# DtoUpdateTaintRequest
+
+## Properties
+
+| Name     | Type   |
+| -------- | ------ |
+| `effect` | string |
+| `key`    | string |
+| `value`  | string |
+
+## Example
+
+```typescript
+import type { DtoUpdateTaintRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  effect: null,
+  key: null,
+  value: null,
+} satisfies DtoUpdateTaintRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as DtoUpdateTaintRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/GetSSHKey200Response.md b/sdk/ts/docs/GetSSHKey200Response.md
new file mode 100644
index 0000000..3b16f31
--- /dev/null
+++ b/sdk/ts/docs/GetSSHKey200Response.md
@@ -0,0 +1,44 @@
+# GetSSHKey200Response
+
+## Properties
+
+| Name              | Type   |
+| ----------------- | ------ |
+| `created_at`      | string |
+| `fingerprint`     | string |
+| `id`              | string |
+| `name`            | string |
+| `organization_id` | string |
+| `public_key`      | string |
+| `updated_at`      | string |
+| `private_key`     | string |
+
+## Example
+
+```typescript
+import type { GetSSHKey200Response } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  fingerprint: null,
+  id: null,
+  name: null,
+  organization_id: null,
+  public_key: null,
+  updated_at: null,
+  private_key: null,
+} satisfies GetSSHKey200Response;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as GetSSHKey200Response;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersCreateUserKeyRequest.md b/sdk/ts/docs/HandlersCreateUserKeyRequest.md
new file mode 100644
index 0000000..99d5575
--- /dev/null
+++ b/sdk/ts/docs/HandlersCreateUserKeyRequest.md
@@ -0,0 +1,32 @@
+# HandlersCreateUserKeyRequest
+
+## Properties
+
+| Name               | Type   |
+| ------------------ | ------ |
+| `expires_in_hours` | number |
+| `name`             | string |
+
+## Example
+
+```typescript
+import type { HandlersCreateUserKeyRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  expires_in_hours: null,
+  name: null,
+} satisfies HandlersCreateUserKeyRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersCreateUserKeyRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersHealthStatus.md b/sdk/ts/docs/HandlersHealthStatus.md
new file mode 100644
index 0000000..6ff1b8f
--- /dev/null
+++ b/sdk/ts/docs/HandlersHealthStatus.md
@@ -0,0 +1,30 @@
+# HandlersHealthStatus
+
+## Properties
+
+| Name     | Type   |
+| -------- | ------ |
+| `status` | string |
+
+## Example
+
+```typescript
+import type { HandlersHealthStatus } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  status: ok,
+} satisfies HandlersHealthStatus;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersHealthStatus;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersMeResponse.md b/sdk/ts/docs/HandlersMeResponse.md
new file mode 100644
index 0000000..16dfb8a
--- /dev/null
+++ b/sdk/ts/docs/HandlersMeResponse.md
@@ -0,0 +1,48 @@
+# HandlersMeResponse
+
+## Properties
+
+| Name            | Type                                                     |
+| --------------- | -------------------------------------------------------- |
+| `avatar_url`    | string                                                   |
+| `created_at`    | Date                                                     |
+| `display_name`  | string                                                   |
+| `emails`        | [Array&lt;ModelsUserEmail&gt;](ModelsUserEmail.md)       |
+| `id`            | string                                                   |
+| `is_admin`      | boolean                                                  |
+| `is_disabled`   | boolean                                                  |
+| `organizations` | [Array&lt;ModelsOrganization&gt;](ModelsOrganization.md) |
+| `primary_email` | string                                                   |
+| `updated_at`    | Date                                                     |
+
+## Example
+
+```typescript
+import type { HandlersMeResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  avatar_url: null,
+  created_at: null,
+  display_name: null,
+  emails: null,
+  id: null,
+  is_admin: null,
+  is_disabled: null,
+  organizations: null,
+  primary_email: null,
+  updated_at: null,
+} satisfies HandlersMeResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersMeResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersMemberOut.md b/sdk/ts/docs/HandlersMemberOut.md
new file mode 100644
index 0000000..3e7e648
--- /dev/null
+++ b/sdk/ts/docs/HandlersMemberOut.md
@@ -0,0 +1,34 @@
+# HandlersMemberOut
+
+## Properties
+
+| Name      | Type   |
+| --------- | ------ |
+| `email`   | string |
+| `role`    | string |
+| `user_id` | string |
+
+## Example
+
+```typescript
+import type { HandlersMemberOut } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  email: null,
+  role: null,
+  user_id: null,
+} satisfies HandlersMemberOut;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersMemberOut;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersMemberUpsertReq.md b/sdk/ts/docs/HandlersMemberUpsertReq.md
new file mode 100644
index 0000000..39f8295
--- /dev/null
+++ b/sdk/ts/docs/HandlersMemberUpsertReq.md
@@ -0,0 +1,32 @@
+# HandlersMemberUpsertReq
+
+## Properties
+
+| Name      | Type   |
+| --------- | ------ |
+| `role`    | string |
+| `user_id` | string |
+
+## Example
+
+```typescript
+import type { HandlersMemberUpsertReq } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  role: member,
+  user_id: null,
+} satisfies HandlersMemberUpsertReq;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersMemberUpsertReq;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersOrgCreateReq.md b/sdk/ts/docs/HandlersOrgCreateReq.md
new file mode 100644
index 0000000..3af2388
--- /dev/null
+++ b/sdk/ts/docs/HandlersOrgCreateReq.md
@@ -0,0 +1,32 @@
+# HandlersOrgCreateReq
+
+## Properties
+
+| Name     | Type   |
+| -------- | ------ |
+| `domain` | string |
+| `name`   | string |
+
+## Example
+
+```typescript
+import type { HandlersOrgCreateReq } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "domain": acme.com,
+  "name": Acme Corp,
+} satisfies HandlersOrgCreateReq
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersOrgCreateReq
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersOrgKeyCreateReq.md b/sdk/ts/docs/HandlersOrgKeyCreateReq.md
new file mode 100644
index 0000000..6bca006
--- /dev/null
+++ b/sdk/ts/docs/HandlersOrgKeyCreateReq.md
@@ -0,0 +1,32 @@
+# HandlersOrgKeyCreateReq
+
+## Properties
+
+| Name               | Type   |
+| ------------------ | ------ |
+| `expires_in_hours` | number |
+| `name`             | string |
+
+## Example
+
+```typescript
+import type { HandlersOrgKeyCreateReq } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  expires_in_hours: 720,
+  name: automation - bot,
+} satisfies HandlersOrgKeyCreateReq;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersOrgKeyCreateReq;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersOrgKeyCreateResp.md b/sdk/ts/docs/HandlersOrgKeyCreateResp.md
new file mode 100644
index 0000000..577ea0e
--- /dev/null
+++ b/sdk/ts/docs/HandlersOrgKeyCreateResp.md
@@ -0,0 +1,42 @@
+# HandlersOrgKeyCreateResp
+
+## Properties
+
+| Name         | Type   |
+| ------------ | ------ |
+| `created_at` | string |
+| `expires_at` | string |
+| `id`         | string |
+| `name`       | string |
+| `org_key`    | string |
+| `org_secret` | string |
+| `scope`      | string |
+
+## Example
+
+```typescript
+import type { HandlersOrgKeyCreateResp } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  expires_at: null,
+  id: null,
+  name: null,
+  org_key: null,
+  org_secret: null,
+  scope: null,
+} satisfies HandlersOrgKeyCreateResp;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersOrgKeyCreateResp;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersOrgUpdateReq.md b/sdk/ts/docs/HandlersOrgUpdateReq.md
new file mode 100644
index 0000000..82dd9eb
--- /dev/null
+++ b/sdk/ts/docs/HandlersOrgUpdateReq.md
@@ -0,0 +1,32 @@
+# HandlersOrgUpdateReq
+
+## Properties
+
+| Name     | Type   |
+| -------- | ------ |
+| `domain` | string |
+| `name`   | string |
+
+## Example
+
+```typescript
+import type { HandlersOrgUpdateReq } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  domain: null,
+  name: null,
+} satisfies HandlersOrgUpdateReq;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersOrgUpdateReq;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersUpdateMeRequest.md b/sdk/ts/docs/HandlersUpdateMeRequest.md
new file mode 100644
index 0000000..8b7fd75
--- /dev/null
+++ b/sdk/ts/docs/HandlersUpdateMeRequest.md
@@ -0,0 +1,30 @@
+# HandlersUpdateMeRequest
+
+## Properties
+
+| Name           | Type   |
+| -------------- | ------ |
+| `display_name` | string |
+
+## Example
+
+```typescript
+import type { HandlersUpdateMeRequest } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  display_name: null,
+} satisfies HandlersUpdateMeRequest;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersUpdateMeRequest;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersUserAPIKeyOut.md b/sdk/ts/docs/HandlersUserAPIKeyOut.md
new file mode 100644
index 0000000..b31c0c3
--- /dev/null
+++ b/sdk/ts/docs/HandlersUserAPIKeyOut.md
@@ -0,0 +1,42 @@
+# HandlersUserAPIKeyOut
+
+## Properties
+
+| Name           | Type   |
+| -------------- | ------ |
+| `created_at`   | string |
+| `expires_at`   | string |
+| `id`           | string |
+| `last_used_at` | string |
+| `name`         | string |
+| `plain`        | string |
+| `scope`        | string |
+
+## Example
+
+```typescript
+import type { HandlersUserAPIKeyOut } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  expires_at: null,
+  id: null,
+  last_used_at: null,
+  name: null,
+  plain: null,
+  scope: null,
+} satisfies HandlersUserAPIKeyOut;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersUserAPIKeyOut;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HandlersVersionResponse.md b/sdk/ts/docs/HandlersVersionResponse.md
new file mode 100644
index 0000000..57c3e56
--- /dev/null
+++ b/sdk/ts/docs/HandlersVersionResponse.md
@@ -0,0 +1,50 @@
+# HandlersVersionResponse
+
+## Properties
+
+| Name         | Type    |
+| ------------ | ------- |
+| `built`      | string  |
+| `builtBy`    | string  |
+| `commit`     | string  |
+| `commitTime` | string  |
+| `go`         | string  |
+| `goArch`     | string  |
+| `goOS`       | string  |
+| `modified`   | boolean |
+| `revision`   | string  |
+| `vcs`        | string  |
+| `version`    | string  |
+
+## Example
+
+```typescript
+import type { HandlersVersionResponse } from '@glueops/autoglue-sdk-go'
+
+// TODO: Update the object below with actual values
+const example = {
+  "built": 2025-11-08T12:34:56Z,
+  "builtBy": ci,
+  "commit": a1b2c3d,
+  "commitTime": 2025-11-08T12:31:00Z,
+  "go": go1.23.3,
+  "goArch": amd64,
+  "goOS": linux,
+  "modified": false,
+  "revision": a1b2c3d4e5f6abcdef,
+  "vcs": git,
+  "version": 1.4.2,
+} satisfies HandlersVersionResponse
+
+console.log(example)
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example)
+console.log(exampleJSON)
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as HandlersVersionResponse
+console.log(exampleParsed)
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/HealthApi.md b/sdk/ts/docs/HealthApi.md
new file mode 100644
index 0000000..70ffe3b
--- /dev/null
+++ b/sdk/ts/docs/HealthApi.md
@@ -0,0 +1,62 @@
+# HealthApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                            | HTTP request     | Description        |
+| ----------------------------------------------------------------- | ---------------- | ------------------ |
+| [**healthCheckOperationId**](HealthApi.md#healthcheckoperationid) | **GET** /healthz | Basic health check |
+
+## healthCheckOperationId
+
+> HandlersHealthStatus healthCheckOperationId()
+
+Basic health check
+
+Returns 200 OK when the service is up
+
+### Example
+
+```ts
+import { Configuration, HealthApi } from "@glueops/autoglue-sdk-go";
+import type { HealthCheckOperationIdRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const api = new HealthApi();
+
+  try {
+    const data = await api.healthCheckOperationId();
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+This endpoint does not need any parameter.
+
+### Return type
+
+[**HandlersHealthStatus**](HandlersHealthStatus.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/LabelsApi.md b/sdk/ts/docs/LabelsApi.md
new file mode 100644
index 0000000..2b688fe
--- /dev/null
+++ b/sdk/ts/docs/LabelsApi.md
@@ -0,0 +1,412 @@
+# LabelsApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                      | HTTP request            | Description                   |
+| ------------------------------------------- | ----------------------- | ----------------------------- |
+| [**createLabel**](LabelsApi.md#createlabel) | **POST** /labels        | Create label (org scoped)     |
+| [**deleteLabel**](LabelsApi.md#deletelabel) | **DELETE** /labels/{id} | Delete label (org scoped)     |
+| [**getLabel**](LabelsApi.md#getlabel)       | **GET** /labels/{id}    | Get label by ID (org scoped)  |
+| [**listLabels**](LabelsApi.md#listlabels)   | **GET** /labels         | List node labels (org scoped) |
+| [**updateLabel**](LabelsApi.md#updatelabel) | **PATCH** /labels/{id}  | Update label (org scoped)     |
+
+## createLabel
+
+> DtoLabelResponse createLabel(dtoCreateLabelRequest, xOrgID)
+
+Create label (org scoped)
+
+Creates a label.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  LabelsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateLabelRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LabelsApi(config);
+
+  const body = {
+    // DtoCreateLabelRequest | Label payload
+    dtoCreateLabelRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateLabelRequest;
+
+  try {
+    const data = await api.createLabel(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                      | Type                                              | Description       | Notes                                |
+| ------------------------- | ------------------------------------------------- | ----------------- | ------------------------------------ |
+| **dtoCreateLabelRequest** | [DtoCreateLabelRequest](DtoCreateLabelRequest.md) | Label payload     |                                      |
+| **xOrgID**                | `string`                                          | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoLabelResponse**](DtoLabelResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                                           | Response headers |
+| ----------- | ----------------------------------------------------- | ---------------- |
+| **201**     | Created                                               | -                |
+| **400**     | invalid json / missing fields / invalid node_pool_ids | -                |
+| **401**     | Unauthorized                                          | -                |
+| **403**     | organization required                                 | -                |
+| **500**     | create failed                                         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteLabel
+
+> deleteLabel(id, xOrgID)
+
+Delete label (org scoped)
+
+Permanently deletes the label.
+
+### Example
+
+```ts
+import { Configuration, LabelsApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteLabelRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LabelsApi(config);
+
+  const body = {
+    // string | Label ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteLabelRequest;
+
+  try {
+    const data = await api.deleteLabel(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **id**     | `string` | Label ID (UUID)   | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | delete failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getLabel
+
+> DtoLabelResponse getLabel(id, xOrgID)
+
+Get label by ID (org scoped)
+
+Returns one label.
+
+### Example
+
+```ts
+import { Configuration, LabelsApi } from "@glueops/autoglue-sdk-go";
+import type { GetLabelRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LabelsApi(config);
+
+  const body = {
+    // string | Label ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetLabelRequest;
+
+  try {
+    const data = await api.getLabel(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **id**     | `string` | Label ID (UUID)   | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoLabelResponse**](DtoLabelResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listLabels
+
+> Array&lt;DtoLabelResponse&gt; listLabels(xOrgID, key, value, q)
+
+List node labels (org scoped)
+
+Returns node labels for the organization in X-Org-ID. Filters: &#x60;key&#x60;, &#x60;value&#x60;, and &#x60;q&#x60; (key contains). Add &#x60;include&#x3D;node_pools&#x60; to include linked node groups.
+
+### Example
+
+```ts
+import { Configuration, LabelsApi } from "@glueops/autoglue-sdk-go";
+import type { ListLabelsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LabelsApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // string | Exact key (optional)
+    key: key_example,
+    // string | Exact value (optional)
+    value: value_example,
+    // string | Key contains (case-insensitive) (optional)
+    q: q_example,
+  } satisfies ListLabelsRequest;
+
+  try {
+    const data = await api.listLabels(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description                     | Notes                                |
+| ---------- | -------- | ------------------------------- | ------------------------------------ |
+| **xOrgID** | `string` | Organization UUID               | [Optional] [Defaults to `undefined`] |
+| **key**    | `string` | Exact key                       | [Optional] [Defaults to `undefined`] |
+| **value**  | `string` | Exact value                     | [Optional] [Defaults to `undefined`] |
+| **q**      | `string` | Key contains (case-insensitive) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoLabelResponse&gt;**](DtoLabelResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                | Response headers |
+| ----------- | -------------------------- | ---------------- |
+| **200**     | OK                         | -                |
+| **401**     | Unauthorized               | -                |
+| **403**     | organization required      | -                |
+| **500**     | failed to list node taints | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateLabel
+
+> DtoLabelResponse updateLabel(id, dtoUpdateLabelRequest, xOrgID)
+
+Update label (org scoped)
+
+Partially update label fields.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  LabelsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateLabelRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LabelsApi(config);
+
+  const body = {
+    // string | Label ID (UUID)
+    id: id_example,
+    // DtoUpdateLabelRequest | Fields to update
+    dtoUpdateLabelRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateLabelRequest;
+
+  try {
+    const data = await api.updateLabel(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                      | Type                                              | Description       | Notes                                |
+| ------------------------- | ------------------------------------------------- | ----------------- | ------------------------------------ |
+| **id**                    | `string`                                          | Label ID (UUID)   | [Defaults to `undefined`]            |
+| **dtoUpdateLabelRequest** | [DtoUpdateLabelRequest](DtoUpdateLabelRequest.md) | Fields to update  |                                      |
+| **xOrgID**                | `string`                                          | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoLabelResponse**](DtoLabelResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description               | Response headers |
+| ----------- | ------------------------- | ---------------- |
+| **200**     | OK                        | -                |
+| **400**     | invalid id / invalid json | -                |
+| **401**     | Unauthorized              | -                |
+| **403**     | organization required     | -                |
+| **404**     | not found                 | -                |
+| **500**     | update failed             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/LoadBalancersApi.md b/sdk/ts/docs/LoadBalancersApi.md
new file mode 100644
index 0000000..1c863fc
--- /dev/null
+++ b/sdk/ts/docs/LoadBalancersApi.md
@@ -0,0 +1,390 @@
+# LoadBalancersApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                           | HTTP request                    | Description                         |
+| ---------------------------------------------------------------- | ------------------------------- | ----------------------------------- |
+| [**createLoadBalancer**](LoadBalancersApi.md#createloadbalancer) | **POST** /load-balancers        | Create a load balancer              |
+| [**deleteLoadBalancer**](LoadBalancersApi.md#deleteloadbalancer) | **DELETE** /load-balancers/{id} | Delete a load balancer              |
+| [**getLoadBalancers**](LoadBalancersApi.md#getloadbalancers)     | **GET** /load-balancers/{id}    | Get a load balancer (org scoped)    |
+| [**listLoadBalancers**](LoadBalancersApi.md#listloadbalancers)   | **GET** /load-balancers         | List load balancers (org scoped)    |
+| [**updateLoadBalancer**](LoadBalancersApi.md#updateloadbalancer) | **PATCH** /load-balancers/{id}  | Update a load balancer (org scoped) |
+
+## createLoadBalancer
+
+> DtoLoadBalancerResponse createLoadBalancer(dtoCreateLoadBalancerRequest, xOrgID)
+
+Create a load balancer
+
+### Example
+
+```ts
+import {
+  Configuration,
+  LoadBalancersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateLoadBalancerRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LoadBalancersApi(config);
+
+  const body = {
+    // DtoCreateLoadBalancerRequest | Record set payload
+    dtoCreateLoadBalancerRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateLoadBalancerRequest;
+
+  try {
+    const data = await api.createLoadBalancer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                             | Type                                                            | Description        | Notes                                |
+| -------------------------------- | --------------------------------------------------------------- | ------------------ | ------------------------------------ |
+| **dtoCreateLoadBalancerRequest** | [DtoCreateLoadBalancerRequest](DtoCreateLoadBalancerRequest.md) | Record set payload |                                      |
+| **xOrgID**                       | `string`                                                        | Organization UUID  | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoLoadBalancerResponse**](DtoLoadBalancerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **201**     | Created               | -                |
+| **400**     | validation error      | -                |
+| **403**     | organization required | -                |
+| **404**     | domain not found      | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteLoadBalancer
+
+> deleteLoadBalancer(id, xOrgID)
+
+Delete a load balancer
+
+### Example
+
+```ts
+import { Configuration, LoadBalancersApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteLoadBalancerRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LoadBalancersApi(config);
+
+  const body = {
+    // string | Load Balancer ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteLoadBalancerRequest;
+
+  try {
+    const data = await api.deleteLoadBalancer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description             | Notes                                |
+| ---------- | -------- | ----------------------- | ------------------------------------ |
+| **id**     | `string` | Load Balancer ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID       | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getLoadBalancers
+
+> Array&lt;DtoLoadBalancerResponse&gt; getLoadBalancers(id, xOrgID)
+
+Get a load balancer (org scoped)
+
+Returns load balancer for the organization in X-Org-ID.
+
+### Example
+
+```ts
+import { Configuration, LoadBalancersApi } from "@glueops/autoglue-sdk-go";
+import type { GetLoadBalancersRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LoadBalancersApi(config);
+
+  const body = {
+    // string | LoadBalancer ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetLoadBalancersRequest;
+
+  try {
+    const data = await api.getLoadBalancers(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description            | Notes                                |
+| ---------- | -------- | ---------------------- | ------------------------------------ |
+| **id**     | `string` | LoadBalancer ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID      | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoLoadBalancerResponse&gt;**](DtoLoadBalancerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description             | Response headers |
+| ----------- | ----------------------- | ---------------- |
+| **200**     | OK                      | -                |
+| **401**     | Unauthorized            | -                |
+| **403**     | organization required   | -                |
+| **500**     | failed to list clusters | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listLoadBalancers
+
+> Array&lt;DtoLoadBalancerResponse&gt; listLoadBalancers(xOrgID)
+
+List load balancers (org scoped)
+
+Returns load balancers for the organization in X-Org-ID.
+
+### Example
+
+```ts
+import { Configuration, LoadBalancersApi } from "@glueops/autoglue-sdk-go";
+import type { ListLoadBalancersRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LoadBalancersApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies ListLoadBalancersRequest;
+
+  try {
+    const data = await api.listLoadBalancers(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoLoadBalancerResponse&gt;**](DtoLoadBalancerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description             | Response headers |
+| ----------- | ----------------------- | ---------------- |
+| **200**     | OK                      | -                |
+| **401**     | Unauthorized            | -                |
+| **403**     | organization required   | -                |
+| **500**     | failed to list clusters | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateLoadBalancer
+
+> DtoLoadBalancerResponse updateLoadBalancer(id, dtoUpdateLoadBalancerRequest, xOrgID)
+
+Update a load balancer (org scoped)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  LoadBalancersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateLoadBalancerRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new LoadBalancersApi(config);
+
+  const body = {
+    // string | Load Balancer ID (UUID)
+    id: id_example,
+    // DtoUpdateLoadBalancerRequest | Fields to update
+    dtoUpdateLoadBalancerRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateLoadBalancerRequest;
+
+  try {
+    const data = await api.updateLoadBalancer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                             | Type                                                            | Description             | Notes                                |
+| -------------------------------- | --------------------------------------------------------------- | ----------------------- | ------------------------------------ |
+| **id**                           | `string`                                                        | Load Balancer ID (UUID) | [Defaults to `undefined`]            |
+| **dtoUpdateLoadBalancerRequest** | [DtoUpdateLoadBalancerRequest](DtoUpdateLoadBalancerRequest.md) | Fields to update        |                                      |
+| **xOrgID**                       | `string`                                                        | Organization UUID       | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoLoadBalancerResponse**](DtoLoadBalancerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | validation error      | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/MeAPIKeysApi.md b/sdk/ts/docs/MeAPIKeysApi.md
new file mode 100644
index 0000000..1d6eff1
--- /dev/null
+++ b/sdk/ts/docs/MeAPIKeysApi.md
@@ -0,0 +1,203 @@
+# MeAPIKeysApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                   | HTTP request                 | Description               |
+| -------------------------------------------------------- | ---------------------------- | ------------------------- |
+| [**createUserAPIKey**](MeAPIKeysApi.md#createuserapikey) | **POST** /me/api-keys        | Create a new user API key |
+| [**deleteUserAPIKey**](MeAPIKeysApi.md#deleteuserapikey) | **DELETE** /me/api-keys/{id} | Delete a user API key     |
+| [**listUserAPIKeys**](MeAPIKeysApi.md#listuserapikeys)   | **GET** /me/api-keys         | List my API keys          |
+
+## createUserAPIKey
+
+> HandlersUserAPIKeyOut createUserAPIKey(handlersCreateUserKeyRequest)
+
+Create a new user API key
+
+Returns the plaintext key once. Store it securely on the client side.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  MeAPIKeysApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateUserAPIKeyRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: ApiKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new MeAPIKeysApi(config);
+
+  const body = {
+    // HandlersCreateUserKeyRequest | Key options
+    handlersCreateUserKeyRequest: ...,
+  } satisfies CreateUserAPIKeyRequest;
+
+  try {
+    const data = await api.createUserAPIKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                             | Type                                                            | Description | Notes |
+| -------------------------------- | --------------------------------------------------------------- | ----------- | ----- |
+| **handlersCreateUserKeyRequest** | [HandlersCreateUserKeyRequest](HandlersCreateUserKeyRequest.md) | Key options |       |
+
+### Return type
+
+[**HandlersUserAPIKeyOut**](HandlersUserAPIKeyOut.md)
+
+### Authorization
+
+[ApiKeyAuth](../README.md#ApiKeyAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **201**     | Created     | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteUserAPIKey
+
+> deleteUserAPIKey(id)
+
+Delete a user API key
+
+### Example
+
+```ts
+import { Configuration, MeAPIKeysApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteUserAPIKeyRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new MeAPIKeysApi(config);
+
+  const body = {
+    // string | Key ID (UUID)
+    id: id_example,
+  } satisfies DeleteUserAPIKeyRequest;
+
+  try {
+    const data = await api.deleteUserAPIKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name   | Type     | Description   | Notes                     |
+| ------ | -------- | ------------- | ------------------------- |
+| **id** | `string` | Key ID (UUID) | [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: Not defined
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **204**     | No Content  | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listUserAPIKeys
+
+> Array&lt;HandlersUserAPIKeyOut&gt; listUserAPIKeys()
+
+List my API keys
+
+### Example
+
+```ts
+import { Configuration, MeAPIKeysApi } from "@glueops/autoglue-sdk-go";
+import type { ListUserAPIKeysRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: ApiKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new MeAPIKeysApi(config);
+
+  try {
+    const data = await api.listUserAPIKeys();
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+This endpoint does not need any parameter.
+
+### Return type
+
+[**Array&lt;HandlersUserAPIKeyOut&gt;**](HandlersUserAPIKeyOut.md)
+
+### Authorization
+
+[ApiKeyAuth](../README.md#ApiKeyAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/MeApi.md b/sdk/ts/docs/MeApi.md
new file mode 100644
index 0000000..d1c23b4
--- /dev/null
+++ b/sdk/ts/docs/MeApi.md
@@ -0,0 +1,136 @@
+# MeApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                            | HTTP request  | Description                 |
+| --------------------------------- | ------------- | --------------------------- |
+| [**getMe**](MeApi.md#getme)       | **GET** /me   | Get current user profile    |
+| [**updateMe**](MeApi.md#updateme) | **PATCH** /me | Update current user profile |
+
+## getMe
+
+> HandlersMeResponse getMe()
+
+Get current user profile
+
+### Example
+
+```ts
+import { Configuration, MeApi } from "@glueops/autoglue-sdk-go";
+import type { GetMeRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: ApiKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new MeApi(config);
+
+  try {
+    const data = await api.getMe();
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+This endpoint does not need any parameter.
+
+### Return type
+
+[**HandlersMeResponse**](HandlersMeResponse.md)
+
+### Authorization
+
+[ApiKeyAuth](../README.md#ApiKeyAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateMe
+
+> ModelsUser updateMe(handlersUpdateMeRequest)
+
+Update current user profile
+
+### Example
+
+```ts
+import {
+  Configuration,
+  MeApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateMeRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: ApiKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new MeApi(config);
+
+  const body = {
+    // HandlersUpdateMeRequest | Patch profile
+    handlersUpdateMeRequest: ...,
+  } satisfies UpdateMeRequest;
+
+  try {
+    const data = await api.updateMe(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                        | Type                                                  | Description   | Notes |
+| --------------------------- | ----------------------------------------------------- | ------------- | ----- |
+| **handlersUpdateMeRequest** | [HandlersUpdateMeRequest](HandlersUpdateMeRequest.md) | Patch profile |       |
+
+### Return type
+
+[**ModelsUser**](ModelsUser.md)
+
+### Authorization
+
+[ApiKeyAuth](../README.md#ApiKeyAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/MetaApi.md b/sdk/ts/docs/MetaApi.md
new file mode 100644
index 0000000..8ac0727
--- /dev/null
+++ b/sdk/ts/docs/MetaApi.md
@@ -0,0 +1,62 @@
+# MetaApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                  | HTTP request     | Description                 |
+| ------------------------------------------------------- | ---------------- | --------------------------- |
+| [**versionOperationId**](MetaApi.md#versionoperationid) | **GET** /version | Service version information |
+
+## versionOperationId
+
+> HandlersVersionResponse versionOperationId()
+
+Service version information
+
+Returns build/runtime metadata for the running service.
+
+### Example
+
+```ts
+import { Configuration, MetaApi } from "@glueops/autoglue-sdk-go";
+import type { VersionOperationIdRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const api = new MetaApi();
+
+  try {
+    const data = await api.versionOperationId();
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+This endpoint does not need any parameter.
+
+### Return type
+
+[**HandlersVersionResponse**](HandlersVersionResponse.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+| ----------- | ----------- | ---------------- |
+| **200**     | OK          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/ModelsAPIKey.md b/sdk/ts/docs/ModelsAPIKey.md
new file mode 100644
index 0000000..27b14af
--- /dev/null
+++ b/sdk/ts/docs/ModelsAPIKey.md
@@ -0,0 +1,50 @@
+# ModelsAPIKey
+
+## Properties
+
+| Name           | Type    |
+| -------------- | ------- |
+| `created_at`   | Date    |
+| `expires_at`   | Date    |
+| `id`           | string  |
+| `last_used_at` | Date    |
+| `name`         | string  |
+| `org_id`       | string  |
+| `prefix`       | string  |
+| `revoked`      | boolean |
+| `scope`        | string  |
+| `updated_at`   | Date    |
+| `user_id`      | string  |
+
+## Example
+
+```typescript
+import type { ModelsAPIKey } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  expires_at: null,
+  id: null,
+  last_used_at: null,
+  name: null,
+  org_id: null,
+  prefix: null,
+  revoked: null,
+  scope: null,
+  updated_at: null,
+  user_id: null,
+} satisfies ModelsAPIKey;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as ModelsAPIKey;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/ModelsOrganization.md b/sdk/ts/docs/ModelsOrganization.md
new file mode 100644
index 0000000..81e9eb5
--- /dev/null
+++ b/sdk/ts/docs/ModelsOrganization.md
@@ -0,0 +1,38 @@
+# ModelsOrganization
+
+## Properties
+
+| Name         | Type   |
+| ------------ | ------ |
+| `created_at` | Date   |
+| `domain`     | string |
+| `id`         | string |
+| `name`       | string |
+| `updated_at` | Date   |
+
+## Example
+
+```typescript
+import type { ModelsOrganization } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  domain: null,
+  id: null,
+  name: null,
+  updated_at: null,
+} satisfies ModelsOrganization;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as ModelsOrganization;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/ModelsUser.md b/sdk/ts/docs/ModelsUser.md
new file mode 100644
index 0000000..5a8a7c5
--- /dev/null
+++ b/sdk/ts/docs/ModelsUser.md
@@ -0,0 +1,44 @@
+# ModelsUser
+
+## Properties
+
+| Name            | Type    |
+| --------------- | ------- |
+| `avatar_url`    | string  |
+| `created_at`    | Date    |
+| `display_name`  | string  |
+| `id`            | string  |
+| `is_admin`      | boolean |
+| `is_disabled`   | boolean |
+| `primary_email` | string  |
+| `updated_at`    | Date    |
+
+## Example
+
+```typescript
+import type { ModelsUser } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  avatar_url: null,
+  created_at: null,
+  display_name: null,
+  id: null,
+  is_admin: null,
+  is_disabled: null,
+  primary_email: null,
+  updated_at: null,
+} satisfies ModelsUser;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as ModelsUser;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/ModelsUserEmail.md b/sdk/ts/docs/ModelsUserEmail.md
new file mode 100644
index 0000000..0766fd2
--- /dev/null
+++ b/sdk/ts/docs/ModelsUserEmail.md
@@ -0,0 +1,44 @@
+# ModelsUserEmail
+
+## Properties
+
+| Name          | Type                        |
+| ------------- | --------------------------- |
+| `created_at`  | Date                        |
+| `email`       | string                      |
+| `id`          | string                      |
+| `is_primary`  | boolean                     |
+| `is_verified` | boolean                     |
+| `updated_at`  | Date                        |
+| `user`        | [ModelsUser](ModelsUser.md) |
+| `user_id`     | string                      |
+
+## Example
+
+```typescript
+import type { ModelsUserEmail } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  created_at: null,
+  email: null,
+  id: null,
+  is_primary: null,
+  is_verified: null,
+  updated_at: null,
+  user: null,
+  user_id: null,
+} satisfies ModelsUserEmail;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as ModelsUserEmail;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/NodePoolsApi.md b/sdk/ts/docs/NodePoolsApi.md
new file mode 100644
index 0000000..43bed2d
--- /dev/null
+++ b/sdk/ts/docs/NodePoolsApi.md
@@ -0,0 +1,1366 @@
+# NodePoolsApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                                     | HTTP request                                           | Description                                           |
+| -------------------------------------------------------------------------- | ------------------------------------------------------ | ----------------------------------------------------- |
+| [**attachNodePoolAnnotations**](NodePoolsApi.md#attachnodepoolannotations) | **POST** /node-pools/{id}/annotations                  | Attach annotation to a node pool (org scoped)         |
+| [**attachNodePoolLabels**](NodePoolsApi.md#attachnodepoollabels)           | **POST** /node-pools/{id}/labels                       | Attach labels to a node pool (org scoped)             |
+| [**attachNodePoolServers**](NodePoolsApi.md#attachnodepoolservers)         | **POST** /node-pools/{id}/servers                      | Attach servers to a node pool (org scoped)            |
+| [**attachNodePoolTaints**](NodePoolsApi.md#attachnodepooltaints)           | **POST** /node-pools/{id}/taints                       | Attach taints to a node pool (org scoped)             |
+| [**createNodePool**](NodePoolsApi.md#createnodepool)                       | **POST** /node-pools                                   | Create node pool (org scoped)                         |
+| [**deleteNodePool**](NodePoolsApi.md#deletenodepool)                       | **DELETE** /node-pools/{id}                            | Delete node pool (org scoped)                         |
+| [**detachNodePoolAnnotation**](NodePoolsApi.md#detachnodepoolannotation)   | **DELETE** /node-pools/{id}/annotations/{annotationId} | Detach one annotation from a node pool (org scoped)   |
+| [**detachNodePoolLabel**](NodePoolsApi.md#detachnodepoollabel)             | **DELETE** /node-pools/{id}/labels/{labelId}           | Detach one label from a node pool (org scoped)        |
+| [**detachNodePoolServer**](NodePoolsApi.md#detachnodepoolserver)           | **DELETE** /node-pools/{id}/servers/{serverId}         | Detach one server from a node pool (org scoped)       |
+| [**detachNodePoolTaint**](NodePoolsApi.md#detachnodepooltaint)             | **DELETE** /node-pools/{id}/taints/{taintId}           | Detach one taint from a node pool (org scoped)        |
+| [**getNodePool**](NodePoolsApi.md#getnodepool)                             | **GET** /node-pools/{id}                               | Get node pool by ID (org scoped)                      |
+| [**listNodePoolAnnotations**](NodePoolsApi.md#listnodepoolannotations)     | **GET** /node-pools/{id}/annotations                   | List annotations attached to a node pool (org scoped) |
+| [**listNodePoolLabels**](NodePoolsApi.md#listnodepoollabels)               | **GET** /node-pools/{id}/labels                        | List labels attached to a node pool (org scoped)      |
+| [**listNodePoolServers**](NodePoolsApi.md#listnodepoolservers)             | **GET** /node-pools/{id}/servers                       | List servers attached to a node pool (org scoped)     |
+| [**listNodePoolTaints**](NodePoolsApi.md#listnodepooltaints)               | **GET** /node-pools/{id}/taints                        | List taints attached to a node pool (org scoped)      |
+| [**listNodePools**](NodePoolsApi.md#listnodepools)                         | **GET** /node-pools                                    | List node pools (org scoped)                          |
+| [**updateNodePool**](NodePoolsApi.md#updatenodepool)                       | **PATCH** /node-pools/{id}                             | Update node pool (org scoped)                         |
+
+## attachNodePoolAnnotations
+
+> string attachNodePoolAnnotations(id, dtoAttachAnnotationsRequest, xOrgID)
+
+Attach annotation to a node pool (org scoped)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  NodePoolsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachNodePoolAnnotationsRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Group ID (UUID)
+    id: id_example,
+    // DtoAttachAnnotationsRequest | Annotation IDs to attach
+    dtoAttachAnnotationsRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachNodePoolAnnotationsRequest;
+
+  try {
+    const data = await api.attachNodePoolAnnotations(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                            | Type                                                          | Description              | Notes                                |
+| ------------------------------- | ------------------------------------------------------------- | ------------------------ | ------------------------------------ |
+| **id**                          | `string`                                                      | Node Group ID (UUID)     | [Defaults to `undefined`]            |
+| **dtoAttachAnnotationsRequest** | [DtoAttachAnnotationsRequest](DtoAttachAnnotationsRequest.md) | Annotation IDs to attach |                                      |
+| **xOrgID**                      | `string`                                                      | Organization UUID        | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                     | Response headers |
+| ----------- | ------------------------------- | ---------------- |
+| **204**     | No Content                      | -                |
+| **400**     | invalid id / invalid server_ids | -                |
+| **401**     | Unauthorized                    | -                |
+| **403**     | organization required           | -                |
+| **404**     | not found                       | -                |
+| **500**     | attach failed                   | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## attachNodePoolLabels
+
+> string attachNodePoolLabels(id, dtoAttachLabelsRequest, xOrgID)
+
+Attach labels to a node pool (org scoped)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  NodePoolsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachNodePoolLabelsRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // DtoAttachLabelsRequest | Label IDs to attach
+    dtoAttachLabelsRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachNodePoolLabelsRequest;
+
+  try {
+    const data = await api.attachNodePoolLabels(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                       | Type                                                | Description         | Notes                                |
+| -------------------------- | --------------------------------------------------- | ------------------- | ------------------------------------ |
+| **id**                     | `string`                                            | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **dtoAttachLabelsRequest** | [DtoAttachLabelsRequest](DtoAttachLabelsRequest.md) | Label IDs to attach |                                      |
+| **xOrgID**                 | `string`                                            | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                     | Response headers |
+| ----------- | ------------------------------- | ---------------- |
+| **204**     | No Content                      | -                |
+| **400**     | invalid id / invalid server_ids | -                |
+| **401**     | Unauthorized                    | -                |
+| **403**     | organization required           | -                |
+| **404**     | not found                       | -                |
+| **500**     | attach failed                   | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## attachNodePoolServers
+
+> string attachNodePoolServers(id, dtoAttachServersRequest, xOrgID)
+
+Attach servers to a node pool (org scoped)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  NodePoolsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachNodePoolServersRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // DtoAttachServersRequest | Server IDs to attach
+    dtoAttachServersRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachNodePoolServersRequest;
+
+  try {
+    const data = await api.attachNodePoolServers(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                        | Type                                                  | Description          | Notes                                |
+| --------------------------- | ----------------------------------------------------- | -------------------- | ------------------------------------ |
+| **id**                      | `string`                                              | Node Pool ID (UUID)  | [Defaults to `undefined`]            |
+| **dtoAttachServersRequest** | [DtoAttachServersRequest](DtoAttachServersRequest.md) | Server IDs to attach |                                      |
+| **xOrgID**                  | `string`                                              | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                     | Response headers |
+| ----------- | ------------------------------- | ---------------- |
+| **204**     | No Content                      | -                |
+| **400**     | invalid id / invalid server_ids | -                |
+| **401**     | Unauthorized                    | -                |
+| **403**     | organization required           | -                |
+| **404**     | not found                       | -                |
+| **500**     | attach failed                   | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## attachNodePoolTaints
+
+> string attachNodePoolTaints(id, dtoAttachTaintsRequest, xOrgID)
+
+Attach taints to a node pool (org scoped)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  NodePoolsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AttachNodePoolTaintsRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // DtoAttachTaintsRequest | Taint IDs to attach
+    dtoAttachTaintsRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies AttachNodePoolTaintsRequest;
+
+  try {
+    const data = await api.attachNodePoolTaints(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                       | Type                                                | Description         | Notes                                |
+| -------------------------- | --------------------------------------------------- | ------------------- | ------------------------------------ |
+| **id**                     | `string`                                            | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **dtoAttachTaintsRequest** | [DtoAttachTaintsRequest](DtoAttachTaintsRequest.md) | Taint IDs to attach |                                      |
+| **xOrgID**                 | `string`                                            | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                    | Response headers |
+| ----------- | ------------------------------ | ---------------- |
+| **204**     | No Content                     | -                |
+| **400**     | invalid id / invalid taint_ids | -                |
+| **401**     | Unauthorized                   | -                |
+| **403**     | organization required          | -                |
+| **404**     | not found                      | -                |
+| **500**     | attach failed                  | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## createNodePool
+
+> DtoNodePoolResponse createNodePool(dtoCreateNodePoolRequest, xOrgID)
+
+Create node pool (org scoped)
+
+Creates a node pool. Optionally attach initial servers.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  NodePoolsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateNodePoolRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // DtoCreateNodePoolRequest | NodePool payload
+    dtoCreateNodePoolRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateNodePoolRequest;
+
+  try {
+    const data = await api.createNodePool(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                         | Type                                                    | Description       | Notes                                |
+| ---------------------------- | ------------------------------------------------------- | ----------------- | ------------------------------------ |
+| **dtoCreateNodePoolRequest** | [DtoCreateNodePoolRequest](DtoCreateNodePoolRequest.md) | NodePool payload  |                                      |
+| **xOrgID**                   | `string`                                                | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoNodePoolResponse**](DtoNodePoolResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                                        | Response headers |
+| ----------- | -------------------------------------------------- | ---------------- |
+| **201**     | Created                                            | -                |
+| **400**     | invalid json / missing fields / invalid server_ids | -                |
+| **401**     | Unauthorized                                       | -                |
+| **403**     | organization required                              | -                |
+| **500**     | create failed                                      | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteNodePool
+
+> deleteNodePool(id, xOrgID)
+
+Delete node pool (org scoped)
+
+Permanently deletes the node pool.
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteNodePoolRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteNodePoolRequest;
+
+  try {
+    const data = await api.deleteNodePool(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description         | Notes                                |
+| ---------- | -------- | ------------------- | ------------------------------------ |
+| **id**     | `string` | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | delete failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachNodePoolAnnotation
+
+> string detachNodePoolAnnotation(id, annotationId, xOrgID)
+
+Detach one annotation from a node pool (org scoped)
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { DetachNodePoolAnnotationRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Annotation ID (UUID)
+    annotationId: annotationId_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachNodePoolAnnotationRequest;
+
+  try {
+    const data = await api.detachNodePoolAnnotation(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name             | Type     | Description          | Notes                                |
+| ---------------- | -------- | -------------------- | ------------------------------------ |
+| **id**           | `string` | Node Pool ID (UUID)  | [Defaults to `undefined`]            |
+| **annotationId** | `string` | Annotation ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID**       | `string` | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | detach failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachNodePoolLabel
+
+> string detachNodePoolLabel(id, labelId, xOrgID)
+
+Detach one label from a node pool (org scoped)
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { DetachNodePoolLabelRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Label ID (UUID)
+    labelId: labelId_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachNodePoolLabelRequest;
+
+  try {
+    const data = await api.detachNodePoolLabel(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name        | Type     | Description         | Notes                                |
+| ----------- | -------- | ------------------- | ------------------------------------ |
+| **id**      | `string` | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **labelId** | `string` | Label ID (UUID)     | [Defaults to `undefined`]            |
+| **xOrgID**  | `string` | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | detach failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachNodePoolServer
+
+> string detachNodePoolServer(id, serverId, xOrgID)
+
+Detach one server from a node pool (org scoped)
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { DetachNodePoolServerRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Server ID (UUID)
+    serverId: serverId_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachNodePoolServerRequest;
+
+  try {
+    const data = await api.detachNodePoolServer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name         | Type     | Description         | Notes                                |
+| ------------ | -------- | ------------------- | ------------------------------------ |
+| **id**       | `string` | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **serverId** | `string` | Server ID (UUID)    | [Defaults to `undefined`]            |
+| **xOrgID**   | `string` | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | detach failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## detachNodePoolTaint
+
+> string detachNodePoolTaint(id, taintId, xOrgID)
+
+Detach one taint from a node pool (org scoped)
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { DetachNodePoolTaintRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Taint ID (UUID)
+    taintId: taintId_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DetachNodePoolTaintRequest;
+
+  try {
+    const data = await api.detachNodePoolTaint(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name        | Type     | Description         | Notes                                |
+| ----------- | -------- | ------------------- | ------------------------------------ |
+| **id**      | `string` | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **taintId** | `string` | Taint ID (UUID)     | [Defaults to `undefined`]            |
+| **xOrgID**  | `string` | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | detach failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getNodePool
+
+> DtoNodePoolResponse getNodePool(id, xOrgID)
+
+Get node pool by ID (org scoped)
+
+Returns one node pool. Add &#x60;include&#x3D;servers&#x60; to include servers.
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { GetNodePoolRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetNodePoolRequest;
+
+  try {
+    const data = await api.getNodePool(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description         | Notes                                |
+| ---------- | -------- | ------------------- | ------------------------------------ |
+| **id**     | `string` | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoNodePoolResponse**](DtoNodePoolResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listNodePoolAnnotations
+
+> Array&lt;DtoAnnotationResponse&gt; listNodePoolAnnotations(id, xOrgID)
+
+List annotations attached to a node pool (org scoped)
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { ListNodePoolAnnotationsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies ListNodePoolAnnotationsRequest;
+
+  try {
+    const data = await api.listNodePoolAnnotations(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description         | Notes                                |
+| ---------- | -------- | ------------------- | ------------------------------------ |
+| **id**     | `string` | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoAnnotationResponse&gt;**](DtoAnnotationResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listNodePoolLabels
+
+> Array&lt;DtoLabelResponse&gt; listNodePoolLabels(id, xOrgID)
+
+List labels attached to a node pool (org scoped)
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { ListNodePoolLabelsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Label Pool ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies ListNodePoolLabelsRequest;
+
+  try {
+    const data = await api.listNodePoolLabels(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description          | Notes                                |
+| ---------- | -------- | -------------------- | ------------------------------------ |
+| **id**     | `string` | Label Pool ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoLabelResponse&gt;**](DtoLabelResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listNodePoolServers
+
+> Array&lt;DtoServerResponse&gt; listNodePoolServers(id, xOrgID)
+
+List servers attached to a node pool (org scoped)
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { ListNodePoolServersRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies ListNodePoolServersRequest;
+
+  try {
+    const data = await api.listNodePoolServers(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description         | Notes                                |
+| ---------- | -------- | ------------------- | ------------------------------------ |
+| **id**     | `string` | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoServerResponse&gt;**](DtoServerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listNodePoolTaints
+
+> Array&lt;DtoTaintResponse&gt; listNodePoolTaints(id, xOrgID)
+
+List taints attached to a node pool (org scoped)
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { ListNodePoolTaintsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies ListNodePoolTaintsRequest;
+
+  try {
+    const data = await api.listNodePoolTaints(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description         | Notes                                |
+| ---------- | -------- | ------------------- | ------------------------------------ |
+| **id**     | `string` | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoTaintResponse&gt;**](DtoTaintResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listNodePools
+
+> Array&lt;DtoNodePoolResponse&gt; listNodePools(xOrgID, q)
+
+List node pools (org scoped)
+
+Returns node pools for the organization in X-Org-ID.
+
+### Example
+
+```ts
+import { Configuration, NodePoolsApi } from "@glueops/autoglue-sdk-go";
+import type { ListNodePoolsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // string | Name contains (case-insensitive) (optional)
+    q: q_example,
+  } satisfies ListNodePoolsRequest;
+
+  try {
+    const data = await api.listNodePools(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description                      | Notes                                |
+| ---------- | -------- | -------------------------------- | ------------------------------------ |
+| **xOrgID** | `string` | Organization UUID                | [Optional] [Defaults to `undefined`] |
+| **q**      | `string` | Name contains (case-insensitive) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoNodePoolResponse&gt;**](DtoNodePoolResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description               | Response headers |
+| ----------- | ------------------------- | ---------------- |
+| **200**     | OK                        | -                |
+| **401**     | Unauthorized              | -                |
+| **403**     | organization required     | -                |
+| **500**     | failed to list node pools | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateNodePool
+
+> DtoNodePoolResponse updateNodePool(id, dtoUpdateNodePoolRequest, xOrgID)
+
+Update node pool (org scoped)
+
+Partially update node pool fields.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  NodePoolsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateNodePoolRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new NodePoolsApi(config);
+
+  const body = {
+    // string | Node Pool ID (UUID)
+    id: id_example,
+    // DtoUpdateNodePoolRequest | Fields to update
+    dtoUpdateNodePoolRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateNodePoolRequest;
+
+  try {
+    const data = await api.updateNodePool(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                         | Type                                                    | Description         | Notes                                |
+| ---------------------------- | ------------------------------------------------------- | ------------------- | ------------------------------------ |
+| **id**                       | `string`                                                | Node Pool ID (UUID) | [Defaults to `undefined`]            |
+| **dtoUpdateNodePoolRequest** | [DtoUpdateNodePoolRequest](DtoUpdateNodePoolRequest.md) | Fields to update    |                                      |
+| **xOrgID**                   | `string`                                                | Organization UUID   | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoNodePoolResponse**](DtoNodePoolResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description               | Response headers |
+| ----------- | ------------------------- | ---------------- |
+| **200**     | OK                        | -                |
+| **400**     | invalid id / invalid json | -                |
+| **401**     | Unauthorized              | -                |
+| **403**     | organization required     | -                |
+| **404**     | not found                 | -                |
+| **500**     | update failed             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/OrgsApi.md b/sdk/ts/docs/OrgsApi.md
new file mode 100644
index 0000000..e6211f0
--- /dev/null
+++ b/sdk/ts/docs/OrgsApi.md
@@ -0,0 +1,757 @@
+# OrgsApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                | HTTP request                            | Description                              |
+| ----------------------------------------------------- | --------------------------------------- | ---------------------------------------- |
+| [**addOrUpdateMember**](OrgsApi.md#addorupdatemember) | **POST** /orgs/{id}/members             | Add or update a member (owner/admin)     |
+| [**createOrg**](OrgsApi.md#createorg)                 | **POST** /orgs                          | Create organization                      |
+| [**createOrgKey**](OrgsApi.md#createorgkey)           | **POST** /orgs/{id}/api-keys            | Create org key/secret pair (owner/admin) |
+| [**deleteOrg**](OrgsApi.md#deleteorg)                 | **DELETE** /orgs/{id}                   | Delete organization (owner)              |
+| [**deleteOrgKey**](OrgsApi.md#deleteorgkey)           | **DELETE** /orgs/{id}/api-keys/{key_id} | Delete org key (owner/admin)             |
+| [**getOrg**](OrgsApi.md#getorg)                       | **GET** /orgs/{id}                      | Get organization                         |
+| [**listMembers**](OrgsApi.md#listmembers)             | **GET** /orgs/{id}/members              | List members in org                      |
+| [**listMyOrgs**](OrgsApi.md#listmyorgs)               | **GET** /orgs                           | List organizations I belong to           |
+| [**listOrgKeys**](OrgsApi.md#listorgkeys)             | **GET** /orgs/{id}/api-keys             | List org-scoped API keys (no secrets)    |
+| [**removeMember**](OrgsApi.md#removemember)           | **DELETE** /orgs/{id}/members/{user_id} | Remove a member (owner/admin)            |
+| [**updateOrg**](OrgsApi.md#updateorg)                 | **PATCH** /orgs/{id}                    | Update organization (owner/admin)        |
+
+## addOrUpdateMember
+
+> HandlersMemberOut addOrUpdateMember(id, handlersMemberUpsertReq)
+
+Add or update a member (owner/admin)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  OrgsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { AddOrUpdateMemberRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+    // HandlersMemberUpsertReq | User & role
+    handlersMemberUpsertReq: ...,
+  } satisfies AddOrUpdateMemberRequest;
+
+  try {
+    const data = await api.addOrUpdateMember(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                        | Type                                                  | Description     | Notes                     |
+| --------------------------- | ----------------------------------------------------- | --------------- | ------------------------- |
+| **id**                      | `string`                                              | Org ID (UUID)   | [Defaults to `undefined`] |
+| **handlersMemberUpsertReq** | [HandlersMemberUpsertReq](HandlersMemberUpsertReq.md) | User &amp; role |                           |
+
+### Return type
+
+[**HandlersMemberOut**](HandlersMemberOut.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **200**     | OK           | -                |
+| **401**     | Unauthorized | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## createOrg
+
+> ModelsOrganization createOrg(handlersOrgCreateReq)
+
+Create organization
+
+### Example
+
+```ts
+import {
+  Configuration,
+  OrgsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateOrgRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // HandlersOrgCreateReq | Org payload
+    handlersOrgCreateReq: ...,
+  } satisfies CreateOrgRequest;
+
+  try {
+    const data = await api.createOrg(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                     | Type                                            | Description | Notes |
+| ------------------------ | ----------------------------------------------- | ----------- | ----- |
+| **handlersOrgCreateReq** | [HandlersOrgCreateReq](HandlersOrgCreateReq.md) | Org payload |       |
+
+### Return type
+
+[**ModelsOrganization**](ModelsOrganization.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **201**     | Created      | -                |
+| **400**     | Bad Request  | -                |
+| **401**     | Unauthorized | -                |
+| **409**     | Conflict     | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## createOrgKey
+
+> HandlersOrgKeyCreateResp createOrgKey(id, handlersOrgKeyCreateReq)
+
+Create org key/secret pair (owner/admin)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  OrgsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateOrgKeyRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+    // HandlersOrgKeyCreateReq | Key name + optional expiry
+    handlersOrgKeyCreateReq: ...,
+  } satisfies CreateOrgKeyRequest;
+
+  try {
+    const data = await api.createOrgKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                        | Type                                                  | Description                | Notes                     |
+| --------------------------- | ----------------------------------------------------- | -------------------------- | ------------------------- |
+| **id**                      | `string`                                              | Org ID (UUID)              | [Defaults to `undefined`] |
+| **handlersOrgKeyCreateReq** | [HandlersOrgKeyCreateReq](HandlersOrgKeyCreateReq.md) | Key name + optional expiry |                           |
+
+### Return type
+
+[**HandlersOrgKeyCreateResp**](HandlersOrgKeyCreateResp.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **201**     | Created      | -                |
+| **401**     | Unauthorized | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteOrg
+
+> deleteOrg(id)
+
+Delete organization (owner)
+
+### Example
+
+```ts
+import { Configuration, OrgsApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteOrgRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+  } satisfies DeleteOrgRequest;
+
+  try {
+    const data = await api.deleteOrg(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name   | Type     | Description   | Notes                     |
+| ------ | -------- | ------------- | ------------------------- |
+| **id** | `string` | Org ID (UUID) | [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **204**     | Deleted      | -                |
+| **401**     | Unauthorized | -                |
+| **404**     | Not Found    | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteOrgKey
+
+> deleteOrgKey(id, keyId)
+
+Delete org key (owner/admin)
+
+### Example
+
+```ts
+import { Configuration, OrgsApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteOrgKeyRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+    // string | Key ID (UUID)
+    keyId: keyId_example,
+  } satisfies DeleteOrgKeyRequest;
+
+  try {
+    const data = await api.deleteOrgKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name      | Type     | Description   | Notes                     |
+| --------- | -------- | ------------- | ------------------------- |
+| **id**    | `string` | Org ID (UUID) | [Defaults to `undefined`] |
+| **keyId** | `string` | Key ID (UUID) | [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **204**     | Deleted      | -                |
+| **401**     | Unauthorized | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getOrg
+
+> ModelsOrganization getOrg(id)
+
+Get organization
+
+### Example
+
+```ts
+import { Configuration, OrgsApi } from "@glueops/autoglue-sdk-go";
+import type { GetOrgRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+  } satisfies GetOrgRequest;
+
+  try {
+    const data = await api.getOrg(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name   | Type     | Description   | Notes                     |
+| ------ | -------- | ------------- | ------------------------- |
+| **id** | `string` | Org ID (UUID) | [Defaults to `undefined`] |
+
+### Return type
+
+[**ModelsOrganization**](ModelsOrganization.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **200**     | OK           | -                |
+| **401**     | Unauthorized | -                |
+| **404**     | Not Found    | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listMembers
+
+> Array&lt;HandlersMemberOut&gt; listMembers(id)
+
+List members in org
+
+### Example
+
+```ts
+import { Configuration, OrgsApi } from "@glueops/autoglue-sdk-go";
+import type { ListMembersRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+  } satisfies ListMembersRequest;
+
+  try {
+    const data = await api.listMembers(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name   | Type     | Description   | Notes                     |
+| ------ | -------- | ------------- | ------------------------- |
+| **id** | `string` | Org ID (UUID) | [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;HandlersMemberOut&gt;**](HandlersMemberOut.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **200**     | OK           | -                |
+| **401**     | Unauthorized | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listMyOrgs
+
+> Array&lt;ModelsOrganization&gt; listMyOrgs()
+
+List organizations I belong to
+
+### Example
+
+```ts
+import { Configuration, OrgsApi } from "@glueops/autoglue-sdk-go";
+import type { ListMyOrgsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  try {
+    const data = await api.listMyOrgs();
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+This endpoint does not need any parameter.
+
+### Return type
+
+[**Array&lt;ModelsOrganization&gt;**](ModelsOrganization.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **200**     | OK           | -                |
+| **401**     | Unauthorized | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listOrgKeys
+
+> Array&lt;ModelsAPIKey&gt; listOrgKeys(id)
+
+List org-scoped API keys (no secrets)
+
+### Example
+
+```ts
+import { Configuration, OrgsApi } from "@glueops/autoglue-sdk-go";
+import type { ListOrgKeysRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+  } satisfies ListOrgKeysRequest;
+
+  try {
+    const data = await api.listOrgKeys(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name   | Type     | Description   | Notes                     |
+| ------ | -------- | ------------- | ------------------------- |
+| **id** | `string` | Org ID (UUID) | [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;ModelsAPIKey&gt;**](ModelsAPIKey.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **200**     | OK           | -                |
+| **401**     | Unauthorized | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## removeMember
+
+> removeMember(id, userId)
+
+Remove a member (owner/admin)
+
+### Example
+
+```ts
+import { Configuration, OrgsApi } from "@glueops/autoglue-sdk-go";
+import type { RemoveMemberRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+    // string | User ID (UUID)
+    userId: userId_example,
+  } satisfies RemoveMemberRequest;
+
+  try {
+    const data = await api.removeMember(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description    | Notes                     |
+| ---------- | -------- | -------------- | ------------------------- |
+| **id**     | `string` | Org ID (UUID)  | [Defaults to `undefined`] |
+| **userId** | `string` | User ID (UUID) | [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **204**     | Removed      | -                |
+| **401**     | Unauthorized | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateOrg
+
+> ModelsOrganization updateOrg(id, handlersOrgUpdateReq)
+
+Update organization (owner/admin)
+
+### Example
+
+```ts
+import {
+  Configuration,
+  OrgsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateOrgRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new OrgsApi(config);
+
+  const body = {
+    // string | Org ID (UUID)
+    id: id_example,
+    // HandlersOrgUpdateReq | Update payload
+    handlersOrgUpdateReq: ...,
+  } satisfies UpdateOrgRequest;
+
+  try {
+    const data = await api.updateOrg(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                     | Type                                            | Description    | Notes                     |
+| ------------------------ | ----------------------------------------------- | -------------- | ------------------------- |
+| **id**                   | `string`                                        | Org ID (UUID)  | [Defaults to `undefined`] |
+| **handlersOrgUpdateReq** | [HandlersOrgUpdateReq](HandlersOrgUpdateReq.md) | Update payload |                           |
+
+### Return type
+
+[**ModelsOrganization**](ModelsOrganization.md)
+
+### Authorization
+
+[BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description  | Response headers |
+| ----------- | ------------ | ---------------- |
+| **200**     | OK           | -                |
+| **401**     | Unauthorized | -                |
+| **404**     | Not Found    | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/ServersApi.md b/sdk/ts/docs/ServersApi.md
new file mode 100644
index 0000000..552866a
--- /dev/null
+++ b/sdk/ts/docs/ServersApi.md
@@ -0,0 +1,491 @@
+# ServersApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                                     | HTTP request                         | Description                     |
+| ---------------------------------------------------------- | ------------------------------------ | ------------------------------- |
+| [**createServer**](ServersApi.md#createserver)             | **POST** /servers                    | Create server (org scoped)      |
+| [**deleteServer**](ServersApi.md#deleteserver)             | **DELETE** /servers/{id}             | Delete server (org scoped)      |
+| [**getServer**](ServersApi.md#getserver)                   | **GET** /servers/{id}                | Get server by ID (org scoped)   |
+| [**listServers**](ServersApi.md#listservers)               | **GET** /servers                     | List servers (org scoped)       |
+| [**resetServerHostKey**](ServersApi.md#resetserverhostkey) | **POST** /servers/{id}/reset-hostkey | Reset SSH host key (org scoped) |
+| [**updateServer**](ServersApi.md#updateserver)             | **PATCH** /servers/{id}              | Update server (org scoped)      |
+
+## createServer
+
+> DtoServerResponse createServer(dtoCreateServerRequest, xOrgID)
+
+Create server (org scoped)
+
+Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ServersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateServerRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ServersApi(config);
+
+  const body = {
+    // DtoCreateServerRequest | Server payload
+    dtoCreateServerRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateServerRequest;
+
+  try {
+    const data = await api.createServer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                       | Type                                                | Description       | Notes                                |
+| -------------------------- | --------------------------------------------------- | ----------------- | ------------------------------------ |
+| **dtoCreateServerRequest** | [DtoCreateServerRequest](DtoCreateServerRequest.md) | Server payload    |                                      |
+| **xOrgID**                 | `string`                                            | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoServerResponse**](DtoServerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                                                         | Response headers |
+| ----------- | ------------------------------------------------------------------- | ---------------- |
+| **201**     | Created                                                             | -                |
+| **400**     | invalid json / missing fields / invalid status / invalid ssh_key_id | -                |
+| **401**     | Unauthorized                                                        | -                |
+| **403**     | organization required                                               | -                |
+| **500**     | create failed                                                       | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteServer
+
+> deleteServer(id, xOrgID)
+
+Delete server (org scoped)
+
+Permanently deletes the server.
+
+### Example
+
+```ts
+import { Configuration, ServersApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteServerRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ServersApi(config);
+
+  const body = {
+    // string | Server ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteServerRequest;
+
+  try {
+    const data = await api.deleteServer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **id**     | `string` | Server ID (UUID)  | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | delete failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getServer
+
+> DtoServerResponse getServer(id, xOrgID)
+
+Get server by ID (org scoped)
+
+Returns one server in the given organization.
+
+### Example
+
+```ts
+import { Configuration, ServersApi } from "@glueops/autoglue-sdk-go";
+import type { GetServerRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ServersApi(config);
+
+  const body = {
+    // string | Server ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetServerRequest;
+
+  try {
+    const data = await api.getServer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **id**     | `string` | Server ID (UUID)  | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoServerResponse**](DtoServerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listServers
+
+> Array&lt;DtoServerResponse&gt; listServers(xOrgID, status, role)
+
+List servers (org scoped)
+
+Returns servers for the organization in X-Org-ID. Optional filters: status, role.
+
+### Example
+
+```ts
+import { Configuration, ServersApi } from "@glueops/autoglue-sdk-go";
+import type { ListServersRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ServersApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // string | Filter by status (pending|provisioning|ready|failed) (optional)
+    status: status_example,
+    // string | Filter by role (optional)
+    role: role_example,
+  } satisfies ListServersRequest;
+
+  try {
+    const data = await api.listServers(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description               | Notes                                |
+| ---------- | -------- | ------------------------- | ------------------------------------ | ----- | ------- | ------------------------------------ |
+| **xOrgID** | `string` | Organization UUID         | [Optional] [Defaults to `undefined`] |
+| **status** | `string` | Filter by status (pending | provisioning                         | ready | failed) | [Optional] [Defaults to `undefined`] |
+| **role**   | `string` | Filter by role            | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoServerResponse&gt;**](DtoServerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description            | Response headers |
+| ----------- | ---------------------- | ---------------- |
+| **200**     | OK                     | -                |
+| **401**     | Unauthorized           | -                |
+| **403**     | organization required  | -                |
+| **500**     | failed to list servers | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## resetServerHostKey
+
+> DtoServerResponse resetServerHostKey(id, xOrgID, body)
+
+Reset SSH host key (org scoped)
+
+Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).
+
+### Example
+
+```ts
+import { Configuration, ServersApi } from "@glueops/autoglue-sdk-go";
+import type { ResetServerHostKeyRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ServersApi(config);
+
+  const body = {
+    // string | Server ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // object (optional)
+    body: Object,
+  } satisfies ResetServerHostKeyRequest;
+
+  try {
+    const data = await api.resetServerHostKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **id**     | `string` | Server ID (UUID)  | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+| **body**   | `object` |                   | [Optional]                           |
+
+### Return type
+
+[**DtoServerResponse**](DtoServerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | reset failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateServer
+
+> DtoServerResponse updateServer(id, dtoUpdateServerRequest, xOrgID)
+
+Update server (org scoped)
+
+Partially update fields; changing ssh_key_id validates ownership.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  ServersApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateServerRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new ServersApi(config);
+
+  const body = {
+    // string | Server ID (UUID)
+    id: id_example,
+    // DtoUpdateServerRequest | Fields to update
+    dtoUpdateServerRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateServerRequest;
+
+  try {
+    const data = await api.updateServer(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                       | Type                                                | Description       | Notes                                |
+| -------------------------- | --------------------------------------------------- | ----------------- | ------------------------------------ |
+| **id**                     | `string`                                            | Server ID (UUID)  | [Defaults to `undefined`]            |
+| **dtoUpdateServerRequest** | [DtoUpdateServerRequest](DtoUpdateServerRequest.md) | Fields to update  |                                      |
+| **xOrgID**                 | `string`                                            | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoServerResponse**](DtoServerResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                                                     | Response headers |
+| ----------- | --------------------------------------------------------------- | ---------------- |
+| **200**     | OK                                                              | -                |
+| **400**     | invalid id / invalid json / invalid status / invalid ssh_key_id | -                |
+| **401**     | Unauthorized                                                    | -                |
+| **403**     | organization required                                           | -                |
+| **404**     | not found                                                       | -                |
+| **500**     | update failed                                                   | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/SshApi.md b/sdk/ts/docs/SshApi.md
new file mode 100644
index 0000000..4fd45bf
--- /dev/null
+++ b/sdk/ts/docs/SshApi.md
@@ -0,0 +1,403 @@
+# SshApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                               | HTTP request               | Description                               |
+| ---------------------------------------------------- | -------------------------- | ----------------------------------------- |
+| [**createSSHKey**](SshApi.md#createsshkey)           | **POST** /ssh              | Create ssh keypair (org scoped)           |
+| [**deleteSSHKey**](SshApi.md#deletesshkey)           | **DELETE** /ssh/{id}       | Delete ssh keypair (org scoped)           |
+| [**downloadSSHKey**](SshApi.md#downloadsshkey)       | **GET** /ssh/{id}/download | Download ssh key files by ID (org scoped) |
+| [**getSSHKey**](SshApi.md#getsshkey)                 | **GET** /ssh/{id}          | Get ssh key by ID (org scoped)            |
+| [**listPublicSshKeys**](SshApi.md#listpublicsshkeys) | **GET** /ssh               | List ssh keys (org scoped)                |
+
+## createSSHKey
+
+> DtoSshResponse createSSHKey(dtoCreateSSHRequest, xOrgID)
+
+Create ssh keypair (org scoped)
+
+Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  SshApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateSSHKeyRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new SshApi(config);
+
+  const body = {
+    // DtoCreateSSHRequest | Key generation options
+    dtoCreateSSHRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateSSHKeyRequest;
+
+  try {
+    const data = await api.createSSHKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                    | Type                                          | Description            | Notes                                |
+| ----------------------- | --------------------------------------------- | ---------------------- | ------------------------------------ |
+| **dtoCreateSSHRequest** | [DtoCreateSSHRequest](DtoCreateSSHRequest.md) | Key generation options |                                      |
+| **xOrgID**              | `string`                                      | Organization UUID      | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoSshResponse**](DtoSshResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                 | Response headers |
+| ----------- | --------------------------- | ---------------- |
+| **201**     | Created                     | -                |
+| **400**     | invalid json / invalid bits | -                |
+| **401**     | Unauthorized                | -                |
+| **403**     | organization required       | -                |
+| **500**     | generation/create failed    | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteSSHKey
+
+> deleteSSHKey(id, xOrgID)
+
+Delete ssh keypair (org scoped)
+
+Permanently deletes a keypair.
+
+### Example
+
+```ts
+import { Configuration, SshApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteSSHKeyRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new SshApi(config);
+
+  const body = {
+    // string | SSH Key ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteSSHKeyRequest;
+
+  try {
+    const data = await api.deleteSSHKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **id**     | `string` | SSH Key ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | delete failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## downloadSSHKey
+
+> string downloadSSHKey(xOrgID, id, part)
+
+Download ssh key files by ID (org scoped)
+
+Download &#x60;part&#x3D;public|private|both&#x60; of the keypair. &#x60;both&#x60; returns a zip file.
+
+### Example
+
+```ts
+import { Configuration, SshApi } from "@glueops/autoglue-sdk-go";
+import type { DownloadSSHKeyRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new SshApi(config);
+
+  const body = {
+    // string | Organization UUID
+    xOrgID: xOrgID_example,
+    // string | SSH Key ID (UUID)
+    id: id_example,
+    // 'public' | 'private' | 'both' | Which part to download
+    part: part_example,
+  } satisfies DownloadSSHKeyRequest;
+
+  try {
+    const data = await api.downloadSSHKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type                        | Description            | Notes                                                   |
+| ---------- | --------------------------- | ---------------------- | ------------------------------------------------------- |
+| **xOrgID** | `string`                    | Organization UUID      | [Defaults to `undefined`]                               |
+| **id**     | `string`                    | SSH Key ID (UUID)      | [Defaults to `undefined`]                               |
+| **part**   | `public`, `private`, `both` | Which part to download | [Defaults to `undefined`] [Enum: public, private, both] |
+
+### Return type
+
+**string**
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description               | Response headers |
+| ----------- | ------------------------- | ---------------- |
+| **200**     | file content              | -                |
+| **400**     | invalid id / invalid part | -                |
+| **401**     | Unauthorized              | -                |
+| **403**     | organization required     | -                |
+| **404**     | not found                 | -                |
+| **500**     | download failed           | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getSSHKey
+
+> GetSSHKey200Response getSSHKey(id, xOrgID, reveal)
+
+Get ssh key by ID (org scoped)
+
+Returns public key fields. Append &#x60;?reveal&#x3D;true&#x60; to include the private key PEM.
+
+### Example
+
+```ts
+import { Configuration, SshApi } from "@glueops/autoglue-sdk-go";
+import type { GetSSHKeyRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new SshApi(config);
+
+  const body = {
+    // string | SSH Key ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // boolean | Reveal private key PEM (optional)
+    reveal: true,
+  } satisfies GetSSHKeyRequest;
+
+  try {
+    const data = await api.getSSHKey(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type      | Description            | Notes                                |
+| ---------- | --------- | ---------------------- | ------------------------------------ |
+| **id**     | `string`  | SSH Key ID (UUID)      | [Defaults to `undefined`]            |
+| **xOrgID** | `string`  | Organization UUID      | [Optional] [Defaults to `undefined`] |
+| **reveal** | `boolean` | Reveal private key PEM | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**GetSSHKey200Response**](GetSSHKey200Response.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | When reveal&#x3D;true | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listPublicSshKeys
+
+> Array&lt;DtoSshResponse&gt; listPublicSshKeys(xOrgID)
+
+List ssh keys (org scoped)
+
+Returns ssh keys for the organization in X-Org-ID.
+
+### Example
+
+```ts
+import { Configuration, SshApi } from "@glueops/autoglue-sdk-go";
+import type { ListPublicSshKeysRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new SshApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies ListPublicSshKeysRequest;
+
+  try {
+    const data = await api.listPublicSshKeys(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description       | Notes                                |
+| ---------- | -------- | ----------------- | ------------------------------------ |
+| **xOrgID** | `string` | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoSshResponse&gt;**](DtoSshResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | failed to list keys   | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/TaintsApi.md b/sdk/ts/docs/TaintsApi.md
new file mode 100644
index 0000000..b8ef4a2
--- /dev/null
+++ b/sdk/ts/docs/TaintsApi.md
@@ -0,0 +1,410 @@
+# TaintsApi
+
+All URIs are relative to *https://autoglue.glueopshosted.com/api/v1*
+
+| Method                                      | HTTP request            | Description                        |
+| ------------------------------------------- | ----------------------- | ---------------------------------- |
+| [**createTaint**](TaintsApi.md#createtaint) | **POST** /taints        | Create node taint (org scoped)     |
+| [**deleteTaint**](TaintsApi.md#deletetaint) | **DELETE** /taints/{id} | Delete taint (org scoped)          |
+| [**getTaint**](TaintsApi.md#gettaint)       | **GET** /taints/{id}    | Get node taint by ID (org scoped)  |
+| [**listTaints**](TaintsApi.md#listtaints)   | **GET** /taints         | List node pool taints (org scoped) |
+| [**updateTaint**](TaintsApi.md#updatetaint) | **PATCH** /taints/{id}  | Update node taint (org scoped)     |
+
+## createTaint
+
+> DtoTaintResponse createTaint(dtoCreateTaintRequest, xOrgID)
+
+Create node taint (org scoped)
+
+Creates a taint.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  TaintsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { CreateTaintRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new TaintsApi(config);
+
+  const body = {
+    // DtoCreateTaintRequest | Taint payload
+    dtoCreateTaintRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies CreateTaintRequest;
+
+  try {
+    const data = await api.createTaint(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                      | Type                                              | Description       | Notes                                |
+| ------------------------- | ------------------------------------------------- | ----------------- | ------------------------------------ |
+| **dtoCreateTaintRequest** | [DtoCreateTaintRequest](DtoCreateTaintRequest.md) | Taint payload     |                                      |
+| **xOrgID**                | `string`                                          | Organization UUID | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoTaintResponse**](DtoTaintResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                                           | Response headers |
+| ----------- | ----------------------------------------------------- | ---------------- |
+| **201**     | Created                                               | -                |
+| **400**     | invalid json / missing fields / invalid node_pool_ids | -                |
+| **401**     | Unauthorized                                          | -                |
+| **403**     | organization required                                 | -                |
+| **500**     | create failed                                         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## deleteTaint
+
+> deleteTaint(id, xOrgID)
+
+Delete taint (org scoped)
+
+Permanently deletes the taint.
+
+### Example
+
+```ts
+import { Configuration, TaintsApi } from "@glueops/autoglue-sdk-go";
+import type { DeleteTaintRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new TaintsApi(config);
+
+  const body = {
+    // string | Node Taint ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies DeleteTaintRequest;
+
+  try {
+    const data = await api.deleteTaint(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description          | Notes                                |
+| ---------- | -------- | -------------------- | ------------------------------------ |
+| **id**     | `string` | Node Taint ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+`void` (Empty response body)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **204**     | No Content            | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **500**     | delete failed         | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## getTaint
+
+> DtoTaintResponse getTaint(id, xOrgID)
+
+Get node taint by ID (org scoped)
+
+### Example
+
+```ts
+import { Configuration, TaintsApi } from "@glueops/autoglue-sdk-go";
+import type { GetTaintRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new TaintsApi(config);
+
+  const body = {
+    // string | Node Taint ID (UUID)
+    id: id_example,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies GetTaintRequest;
+
+  try {
+    const data = await api.getTaint(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description          | Notes                                |
+| ---------- | -------- | -------------------- | ------------------------------------ |
+| **id**     | `string` | Node Taint ID (UUID) | [Defaults to `undefined`]            |
+| **xOrgID** | `string` | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoTaintResponse**](DtoTaintResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description           | Response headers |
+| ----------- | --------------------- | ---------------- |
+| **200**     | OK                    | -                |
+| **400**     | invalid id            | -                |
+| **401**     | Unauthorized          | -                |
+| **403**     | organization required | -                |
+| **404**     | not found             | -                |
+| **500**     | fetch failed          | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## listTaints
+
+> Array&lt;DtoTaintResponse&gt; listTaints(xOrgID, key, value, q)
+
+List node pool taints (org scoped)
+
+Returns node taints for the organization in X-Org-ID. Filters: &#x60;key&#x60;, &#x60;value&#x60;, and &#x60;q&#x60; (key contains). Add &#x60;include&#x3D;node_pools&#x60; to include linked node pools.
+
+### Example
+
+```ts
+import { Configuration, TaintsApi } from "@glueops/autoglue-sdk-go";
+import type { ListTaintsRequest } from "@glueops/autoglue-sdk-go";
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new TaintsApi(config);
+
+  const body = {
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+    // string | Exact key (optional)
+    key: key_example,
+    // string | Exact value (optional)
+    value: value_example,
+    // string | key contains (case-insensitive) (optional)
+    q: q_example,
+  } satisfies ListTaintsRequest;
+
+  try {
+    const data = await api.listTaints(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name       | Type     | Description                     | Notes                                |
+| ---------- | -------- | ------------------------------- | ------------------------------------ |
+| **xOrgID** | `string` | Organization UUID               | [Optional] [Defaults to `undefined`] |
+| **key**    | `string` | Exact key                       | [Optional] [Defaults to `undefined`] |
+| **value**  | `string` | Exact value                     | [Optional] [Defaults to `undefined`] |
+| **q**      | `string` | key contains (case-insensitive) | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**Array&lt;DtoTaintResponse&gt;**](DtoTaintResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description                | Response headers |
+| ----------- | -------------------------- | ---------------- |
+| **200**     | OK                         | -                |
+| **401**     | Unauthorized               | -                |
+| **403**     | organization required      | -                |
+| **500**     | failed to list node taints | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
+
+## updateTaint
+
+> DtoTaintResponse updateTaint(id, dtoUpdateTaintRequest, xOrgID)
+
+Update node taint (org scoped)
+
+Partially update taint fields.
+
+### Example
+
+```ts
+import {
+  Configuration,
+  TaintsApi,
+} from '@glueops/autoglue-sdk-go';
+import type { UpdateTaintRequest } from '@glueops/autoglue-sdk-go';
+
+async function example() {
+  console.log("🚀 Testing @glueops/autoglue-sdk-go SDK...");
+  const config = new Configuration({
+    // To configure API key authorization: OrgKeyAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: OrgSecretAuth
+    apiKey: "YOUR API KEY",
+    // To configure API key authorization: BearerAuth
+    apiKey: "YOUR API KEY",
+  });
+  const api = new TaintsApi(config);
+
+  const body = {
+    // string | Node Taint ID (UUID)
+    id: id_example,
+    // DtoUpdateTaintRequest | Fields to update
+    dtoUpdateTaintRequest: ...,
+    // string | Organization UUID (optional)
+    xOrgID: xOrgID_example,
+  } satisfies UpdateTaintRequest;
+
+  try {
+    const data = await api.updateTaint(body);
+    console.log(data);
+  } catch (error) {
+    console.error(error);
+  }
+}
+
+// Run the test
+example().catch(console.error);
+```
+
+### Parameters
+
+| Name                      | Type                                              | Description          | Notes                                |
+| ------------------------- | ------------------------------------------------- | -------------------- | ------------------------------------ |
+| **id**                    | `string`                                          | Node Taint ID (UUID) | [Defaults to `undefined`]            |
+| **dtoUpdateTaintRequest** | [DtoUpdateTaintRequest](DtoUpdateTaintRequest.md) | Fields to update     |                                      |
+| **xOrgID**                | `string`                                          | Organization UUID    | [Optional] [Defaults to `undefined`] |
+
+### Return type
+
+[**DtoTaintResponse**](DtoTaintResponse.md)
+
+### Authorization
+
+[OrgKeyAuth](../README.md#OrgKeyAuth), [OrgSecretAuth](../README.md#OrgSecretAuth), [BearerAuth](../README.md#BearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: `application/json`
+- **Accept**: `application/json`
+
+### HTTP response details
+
+| Status code | Description               | Response headers |
+| ----------- | ------------------------- | ---------------- |
+| **200**     | OK                        | -                |
+| **400**     | invalid id / invalid json | -                |
+| **401**     | Unauthorized              | -                |
+| **403**     | organization required     | -                |
+| **404**     | not found                 | -                |
+| **500**     | update failed             | -                |
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/docs/UtilsErrorResponse.md b/sdk/ts/docs/UtilsErrorResponse.md
new file mode 100644
index 0000000..26fe01e
--- /dev/null
+++ b/sdk/ts/docs/UtilsErrorResponse.md
@@ -0,0 +1,32 @@
+# UtilsErrorResponse
+
+## Properties
+
+| Name      | Type   |
+| --------- | ------ |
+| `code`    | string |
+| `message` | string |
+
+## Example
+
+```typescript
+import type { UtilsErrorResponse } from "@glueops/autoglue-sdk-go";
+
+// TODO: Update the object below with actual values
+const example = {
+  code: null,
+  message: null,
+} satisfies UtilsErrorResponse;
+
+console.log(example);
+
+// Convert the instance to a JSON string
+const exampleJSON: string = JSON.stringify(example);
+console.log(exampleJSON);
+
+// Parse the JSON string back to an object
+const exampleParsed = JSON.parse(exampleJSON) as UtilsErrorResponse;
+console.log(exampleParsed);
+```
+
+[[Back to top]](#) [[Back to API list]](../README.md#api-endpoints) [[Back to Model list]](../README.md#models) [[Back to README]](../README.md)
diff --git a/sdk/ts/package.json b/sdk/ts/package.json
new file mode 100644
index 0000000..de57003
--- /dev/null
+++ b/sdk/ts/package.json
@@ -0,0 +1,21 @@
+{
+  "name": "@glueops/autoglue-sdk-go",
+  "version": "0.1.0",
+  "description": "OpenAPI client for @glueops/autoglue-sdk-go",
+  "author": "OpenAPI-Generator",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/GIT_USER_ID/GIT_REPO_ID.git"
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "module": "./dist/esm/index.js",
+  "sideEffects": false,
+  "scripts": {
+    "build": "tsc && tsc -p tsconfig.esm.json",
+    "prepare": "npm run build"
+  },
+  "devDependencies": {
+    "typescript": "^4.0 || ^5.0"
+  }
+}
diff --git a/sdk/ts/src/apis/AnnotationsApi.ts b/sdk/ts/src/apis/AnnotationsApi.ts
new file mode 100644
index 0000000..d863e82
--- /dev/null
+++ b/sdk/ts/src/apis/AnnotationsApi.ts
@@ -0,0 +1,432 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {DtoAnnotationResponse, DtoCreateAnnotationRequest, DtoUpdateAnnotationRequest,} from "../models/index";
+import {
+    DtoAnnotationResponseFromJSON,
+    DtoCreateAnnotationRequestToJSON,
+    DtoUpdateAnnotationRequestToJSON,
+} from "../models/index";
+
+export interface CreateAnnotationRequest {
+  dtoCreateAnnotationRequest: DtoCreateAnnotationRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteAnnotationRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface GetAnnotationRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListAnnotationsRequest {
+  xOrgID?: string;
+  key?: string;
+  value?: string;
+  q?: string;
+}
+
+export interface UpdateAnnotationRequest {
+  id: string;
+  dtoUpdateAnnotationRequest: DtoUpdateAnnotationRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class AnnotationsApi extends runtime.BaseAPI {
+  /**
+   * Creates an annotation.
+   * Create annotation (org scoped)
+   */
+  async createAnnotationRaw(
+    requestParameters: CreateAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoAnnotationResponse>> {
+    if (requestParameters["dtoCreateAnnotationRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateAnnotationRequest",
+        'Required parameter "dtoCreateAnnotationRequest" was null or undefined when calling createAnnotation().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/annotations`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateAnnotationRequestToJSON(
+          requestParameters["dtoCreateAnnotationRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoAnnotationResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Creates an annotation.
+   * Create annotation (org scoped)
+   */
+  async createAnnotation(
+    requestParameters: CreateAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoAnnotationResponse> {
+    const response = await this.createAnnotationRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Permanently deletes the annotation.
+   * Delete annotation (org scoped)
+   */
+  async deleteAnnotationRaw(
+    requestParameters: DeleteAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteAnnotation().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/annotations/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Permanently deletes the annotation.
+   * Delete annotation (org scoped)
+   */
+  async deleteAnnotation(
+    requestParameters: DeleteAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteAnnotationRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Returns one annotation. Add `include=node_pools` to include node pools.
+   * Get annotation by ID (org scoped)
+   */
+  async getAnnotationRaw(
+    requestParameters: GetAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoAnnotationResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getAnnotation().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/annotations/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoAnnotationResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns one annotation. Add `include=node_pools` to include node pools.
+   * Get annotation by ID (org scoped)
+   */
+  async getAnnotation(
+    requestParameters: GetAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoAnnotationResponse> {
+    const response = await this.getAnnotationRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
+   * List annotations (org scoped)
+   */
+  async listAnnotationsRaw(
+    requestParameters: ListAnnotationsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoAnnotationResponse>>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["key"] != null) {
+      queryParameters["key"] = requestParameters["key"];
+    }
+
+    if (requestParameters["value"] != null) {
+      queryParameters["value"] = requestParameters["value"];
+    }
+
+    if (requestParameters["q"] != null) {
+      queryParameters["q"] = requestParameters["q"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/annotations`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoAnnotationResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns annotations for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
+   * List annotations (org scoped)
+   */
+  async listAnnotations(
+    requestParameters: ListAnnotationsRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoAnnotationResponse>> {
+    const response = await this.listAnnotationsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Partially update annotation fields.
+   * Update annotation (org scoped)
+   */
+  async updateAnnotationRaw(
+    requestParameters: UpdateAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoAnnotationResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateAnnotation().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateAnnotationRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateAnnotationRequest",
+        'Required parameter "dtoUpdateAnnotationRequest" was null or undefined when calling updateAnnotation().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/annotations/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateAnnotationRequestToJSON(
+          requestParameters["dtoUpdateAnnotationRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoAnnotationResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Partially update annotation fields.
+   * Update annotation (org scoped)
+   */
+  async updateAnnotation(
+    requestParameters: UpdateAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoAnnotationResponse> {
+    const response = await this.updateAnnotationRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/ArcherAdminApi.ts b/sdk/ts/src/apis/ArcherAdminApi.ts
new file mode 100644
index 0000000..8c42187
--- /dev/null
+++ b/sdk/ts/src/apis/ArcherAdminApi.ts
@@ -0,0 +1,357 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {DtoEnqueueRequest, DtoJob, DtoPageJob, DtoQueueInfo,} from "../models/index";
+import {DtoEnqueueRequestToJSON, DtoJobFromJSON, DtoPageJobFromJSON, DtoQueueInfoFromJSON,} from "../models/index";
+
+export interface AdminCancelArcherJobRequest {
+  id: string;
+  body?: object;
+}
+
+export interface AdminEnqueueArcherJobRequest {
+  dtoEnqueueRequest: DtoEnqueueRequest;
+}
+
+export interface AdminListArcherJobsRequest {
+  status?: AdminListArcherJobsStatusEnum;
+  queue?: string;
+  q?: string;
+  page?: number;
+  pageSize?: number;
+}
+
+export interface AdminRetryArcherJobRequest {
+  id: string;
+  body?: object;
+}
+
+/**
+ *
+ */
+export class ArcherAdminApi extends runtime.BaseAPI {
+  /**
+   * Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.
+   * Cancel an Archer job (admin)
+   */
+  async adminCancelArcherJobRaw(
+    requestParameters: AdminCancelArcherJobRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoJob>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling adminCancelArcherJob().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/admin/archer/jobs/{id}/cancel`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: requestParameters["body"] as any,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoJobFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Set job status to canceled if cancellable. For running jobs, this only affects future picks; wire to Archer if you need active kill.
+   * Cancel an Archer job (admin)
+   */
+  async adminCancelArcherJob(
+    requestParameters: AdminCancelArcherJobRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoJob> {
+    const response = await this.adminCancelArcherJobRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Create a job immediately or schedule it for the future via `run_at`.
+   * Enqueue a new Archer job (admin)
+   */
+  async adminEnqueueArcherJobRaw(
+    requestParameters: AdminEnqueueArcherJobRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoJob>> {
+    if (requestParameters["dtoEnqueueRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoEnqueueRequest",
+        'Required parameter "dtoEnqueueRequest" was null or undefined when calling adminEnqueueArcherJob().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/admin/archer/jobs`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoEnqueueRequestToJSON(requestParameters["dtoEnqueueRequest"]),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoJobFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Create a job immediately or schedule it for the future via `run_at`.
+   * Enqueue a new Archer job (admin)
+   */
+  async adminEnqueueArcherJob(
+    requestParameters: AdminEnqueueArcherJobRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoJob> {
+    const response = await this.adminEnqueueArcherJobRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).
+   * List Archer jobs (admin)
+   */
+  async adminListArcherJobsRaw(
+    requestParameters: AdminListArcherJobsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoPageJob>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["status"] != null) {
+      queryParameters["status"] = requestParameters["status"];
+    }
+
+    if (requestParameters["queue"] != null) {
+      queryParameters["queue"] = requestParameters["queue"];
+    }
+
+    if (requestParameters["q"] != null) {
+      queryParameters["q"] = requestParameters["q"];
+    }
+
+    if (requestParameters["page"] != null) {
+      queryParameters["page"] = requestParameters["page"];
+    }
+
+    if (requestParameters["pageSize"] != null) {
+      queryParameters["page_size"] = requestParameters["pageSize"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/admin/archer/jobs`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoPageJobFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Paginated background jobs with optional filters. Search `q` may match id, type, error, payload (implementation-dependent).
+   * List Archer jobs (admin)
+   */
+  async adminListArcherJobs(
+    requestParameters: AdminListArcherJobsRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoPageJob> {
+    const response = await this.adminListArcherJobsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Summary metrics per queue (pending, running, failed, scheduled).
+   * List Archer queues (admin)
+   */
+  async adminListArcherQueuesRaw(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoQueueInfo>>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/admin/archer/queues`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoQueueInfoFromJSON),
+    );
+  }
+
+  /**
+   * Summary metrics per queue (pending, running, failed, scheduled).
+   * List Archer queues (admin)
+   */
+  async adminListArcherQueues(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoQueueInfo>> {
+    const response = await this.adminListArcherQueuesRaw(initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.
+   * Retry a failed/canceled Archer job (admin)
+   */
+  async adminRetryArcherJobRaw(
+    requestParameters: AdminRetryArcherJobRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoJob>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling adminRetryArcherJob().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/admin/archer/jobs/{id}/retry`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: requestParameters["body"] as any,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoJobFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Marks the job retriable (DB flip). Swap this for an Archer admin call if you expose one.
+   * Retry a failed/canceled Archer job (admin)
+   */
+  async adminRetryArcherJob(
+    requestParameters: AdminRetryArcherJobRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoJob> {
+    const response = await this.adminRetryArcherJobRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
+
+/**
+ * @export
+ */
+export const AdminListArcherJobsStatusEnum = {
+  queued: "queued",
+  running: "running",
+  succeeded: "succeeded",
+  failed: "failed",
+  canceled: "canceled",
+  retrying: "retrying",
+  scheduled: "scheduled",
+} as const;
+export type AdminListArcherJobsStatusEnum =
+  (typeof AdminListArcherJobsStatusEnum)[keyof typeof AdminListArcherJobsStatusEnum];
diff --git a/sdk/ts/src/apis/AuthApi.ts b/sdk/ts/src/apis/AuthApi.ts
new file mode 100644
index 0000000..e8dc501
--- /dev/null
+++ b/sdk/ts/src/apis/AuthApi.ts
@@ -0,0 +1,283 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {DtoAuthStartResponse, DtoJWKS, DtoLogoutRequest, DtoRefreshRequest, DtoTokenPair,} from "../models/index";
+import {
+    DtoAuthStartResponseFromJSON,
+    DtoJWKSFromJSON,
+    DtoLogoutRequestToJSON,
+    DtoRefreshRequestToJSON,
+    DtoTokenPairFromJSON,
+} from "../models/index";
+
+export interface AuthCallbackRequest {
+  provider: string;
+}
+
+export interface AuthStartRequest {
+  provider: string;
+}
+
+export interface LogoutRequest {
+  dtoLogoutRequest: DtoLogoutRequest;
+}
+
+export interface RefreshRequest {
+  dtoRefreshRequest: DtoRefreshRequest;
+}
+
+/**
+ *
+ */
+export class AuthApi extends runtime.BaseAPI {
+  /**
+   * Handle social login callback
+   */
+  async authCallbackRaw(
+    requestParameters: AuthCallbackRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoTokenPair>> {
+    if (requestParameters["provider"] == null) {
+      throw new runtime.RequiredError(
+        "provider",
+        'Required parameter "provider" was null or undefined when calling authCallback().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    let urlPath = `/auth/{provider}/callback`;
+    urlPath = urlPath.replace(
+      `{${"provider"}}`,
+      encodeURIComponent(String(requestParameters["provider"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoTokenPairFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Handle social login callback
+   */
+  async authCallback(
+    requestParameters: AuthCallbackRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoTokenPair> {
+    const response = await this.authCallbackRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Returns provider authorization URL for the frontend to redirect
+   * Begin social login
+   */
+  async authStartRaw(
+    requestParameters: AuthStartRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoAuthStartResponse>> {
+    if (requestParameters["provider"] == null) {
+      throw new runtime.RequiredError(
+        "provider",
+        'Required parameter "provider" was null or undefined when calling authStart().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    let urlPath = `/auth/{provider}/start`;
+    urlPath = urlPath.replace(
+      `{${"provider"}}`,
+      encodeURIComponent(String(requestParameters["provider"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoAuthStartResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns provider authorization URL for the frontend to redirect
+   * Begin social login
+   */
+  async authStart(
+    requestParameters: AuthStartRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoAuthStartResponse> {
+    const response = await this.authStartRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Returns the JSON Web Key Set for token verification
+   * Get JWKS
+   */
+  async getJWKSRaw(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoJWKS>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    let urlPath = `/.well-known/jwks.json`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoJWKSFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns the JSON Web Key Set for token verification
+   * Get JWKS
+   */
+  async getJWKS(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoJWKS> {
+    const response = await this.getJWKSRaw(initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Revoke refresh token family (logout everywhere)
+   */
+  async logoutRaw(
+    requestParameters: LogoutRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["dtoLogoutRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoLogoutRequest",
+        'Required parameter "dtoLogoutRequest" was null or undefined when calling logout().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    let urlPath = `/auth/logout`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoLogoutRequestToJSON(requestParameters["dtoLogoutRequest"]),
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Revoke refresh token family (logout everywhere)
+   */
+  async logout(
+    requestParameters: LogoutRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.logoutRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Rotate refresh token
+   */
+  async refreshRaw(
+    requestParameters: RefreshRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoTokenPair>> {
+    if (requestParameters["dtoRefreshRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoRefreshRequest",
+        'Required parameter "dtoRefreshRequest" was null or undefined when calling refresh().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    let urlPath = `/auth/refresh`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoRefreshRequestToJSON(requestParameters["dtoRefreshRequest"]),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoTokenPairFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Rotate refresh token
+   */
+  async refresh(
+    requestParameters: RefreshRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoTokenPair> {
+    const response = await this.refreshRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/ClustersApi.ts b/sdk/ts/src/apis/ClustersApi.ts
new file mode 100644
index 0000000..17e423f
--- /dev/null
+++ b/sdk/ts/src/apis/ClustersApi.ts
@@ -0,0 +1,1652 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {
+    DtoAttachBastionRequest,
+    DtoAttachCaptainDomainRequest,
+    DtoAttachLoadBalancerRequest,
+    DtoAttachNodePoolRequest,
+    DtoAttachRecordSetRequest,
+    DtoClusterResponse,
+    DtoCreateClusterRequest,
+    DtoSetKubeconfigRequest,
+    DtoUpdateClusterRequest,
+} from "../models/index";
+import {
+    DtoAttachBastionRequestToJSON,
+    DtoAttachCaptainDomainRequestToJSON,
+    DtoAttachLoadBalancerRequestToJSON,
+    DtoAttachNodePoolRequestToJSON,
+    DtoAttachRecordSetRequestToJSON,
+    DtoClusterResponseFromJSON,
+    DtoCreateClusterRequestToJSON,
+    DtoSetKubeconfigRequestToJSON,
+    DtoUpdateClusterRequestToJSON,
+} from "../models/index";
+
+export interface AttachAppsLoadBalancerRequest {
+  clusterID: string;
+  dtoAttachLoadBalancerRequest: DtoAttachLoadBalancerRequest;
+  xOrgID?: string;
+}
+
+export interface AttachBastionServerRequest {
+  clusterID: string;
+  dtoAttachBastionRequest: DtoAttachBastionRequest;
+  xOrgID?: string;
+}
+
+export interface AttachCaptainDomainRequest {
+  clusterID: string;
+  dtoAttachCaptainDomainRequest: DtoAttachCaptainDomainRequest;
+  xOrgID?: string;
+}
+
+export interface AttachControlPlaneRecordSetRequest {
+  clusterID: string;
+  dtoAttachRecordSetRequest: DtoAttachRecordSetRequest;
+  xOrgID?: string;
+}
+
+export interface AttachGlueOpsLoadBalancerRequest {
+  clusterID: string;
+  dtoAttachLoadBalancerRequest: DtoAttachLoadBalancerRequest;
+  xOrgID?: string;
+}
+
+export interface AttachNodePoolRequest {
+  clusterID: string;
+  dtoAttachNodePoolRequest: DtoAttachNodePoolRequest;
+  xOrgID?: string;
+}
+
+export interface ClearClusterKubeconfigRequest {
+  clusterID: string;
+  xOrgID?: string;
+}
+
+export interface CreateClusterRequest {
+  dtoCreateClusterRequest: DtoCreateClusterRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteClusterRequest {
+  clusterID: string;
+  xOrgID?: string;
+}
+
+export interface DetachAppsLoadBalancerRequest {
+  clusterID: string;
+  xOrgID?: string;
+}
+
+export interface DetachBastionServerRequest {
+  clusterID: string;
+  xOrgID?: string;
+}
+
+export interface DetachCaptainDomainRequest {
+  clusterID: string;
+  xOrgID?: string;
+}
+
+export interface DetachControlPlaneRecordSetRequest {
+  clusterID: string;
+  xOrgID?: string;
+}
+
+export interface DetachGlueOpsLoadBalancerRequest {
+  clusterID: string;
+  xOrgID?: string;
+}
+
+export interface DetachNodePoolRequest {
+  clusterID: string;
+  nodePoolID: string;
+  xOrgID?: string;
+}
+
+export interface GetClusterRequest {
+  clusterID: string;
+  xOrgID?: string;
+}
+
+export interface ListClustersRequest {
+  xOrgID?: string;
+  q?: string;
+}
+
+export interface SetClusterKubeconfigRequest {
+  clusterID: string;
+  dtoSetKubeconfigRequest: DtoSetKubeconfigRequest;
+  xOrgID?: string;
+}
+
+export interface UpdateClusterRequest {
+  clusterID: string;
+  dtoUpdateClusterRequest: DtoUpdateClusterRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class ClustersApi extends runtime.BaseAPI {
+  /**
+   * Sets apps_load_balancer_id on the cluster.
+   * Attach an apps load balancer to a cluster
+   */
+  async attachAppsLoadBalancerRaw(
+    requestParameters: AttachAppsLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling attachAppsLoadBalancer().',
+      );
+    }
+
+    if (requestParameters["dtoAttachLoadBalancerRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachLoadBalancerRequest",
+        'Required parameter "dtoAttachLoadBalancerRequest" was null or undefined when calling attachAppsLoadBalancer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/apps-load-balancer`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachLoadBalancerRequestToJSON(
+          requestParameters["dtoAttachLoadBalancerRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Sets apps_load_balancer_id on the cluster.
+   * Attach an apps load balancer to a cluster
+   */
+  async attachAppsLoadBalancer(
+    requestParameters: AttachAppsLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.attachAppsLoadBalancerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Sets bastion_server_id on the cluster.
+   * Attach a bastion server to a cluster
+   */
+  async attachBastionServerRaw(
+    requestParameters: AttachBastionServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling attachBastionServer().',
+      );
+    }
+
+    if (requestParameters["dtoAttachBastionRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachBastionRequest",
+        'Required parameter "dtoAttachBastionRequest" was null or undefined when calling attachBastionServer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/bastion`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachBastionRequestToJSON(
+          requestParameters["dtoAttachBastionRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Sets bastion_server_id on the cluster.
+   * Attach a bastion server to a cluster
+   */
+  async attachBastionServer(
+    requestParameters: AttachBastionServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.attachBastionServerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.
+   * Attach a captain domain to a cluster
+   */
+  async attachCaptainDomainRaw(
+    requestParameters: AttachCaptainDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling attachCaptainDomain().',
+      );
+    }
+
+    if (requestParameters["dtoAttachCaptainDomainRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachCaptainDomainRequest",
+        'Required parameter "dtoAttachCaptainDomainRequest" was null or undefined when calling attachCaptainDomain().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/captain-domain`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachCaptainDomainRequestToJSON(
+          requestParameters["dtoAttachCaptainDomainRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Sets captain_domain_id on the cluster. Validation of shape happens asynchronously.
+   * Attach a captain domain to a cluster
+   */
+  async attachCaptainDomain(
+    requestParameters: AttachCaptainDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.attachCaptainDomainRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Sets control_plane_record_set_id on the cluster.
+   * Attach a control plane record set to a cluster
+   */
+  async attachControlPlaneRecordSetRaw(
+    requestParameters: AttachControlPlaneRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling attachControlPlaneRecordSet().',
+      );
+    }
+
+    if (requestParameters["dtoAttachRecordSetRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachRecordSetRequest",
+        'Required parameter "dtoAttachRecordSetRequest" was null or undefined when calling attachControlPlaneRecordSet().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/control-plane-record-set`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachRecordSetRequestToJSON(
+          requestParameters["dtoAttachRecordSetRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Sets control_plane_record_set_id on the cluster.
+   * Attach a control plane record set to a cluster
+   */
+  async attachControlPlaneRecordSet(
+    requestParameters: AttachControlPlaneRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.attachControlPlaneRecordSetRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Sets glueops_load_balancer_id on the cluster.
+   * Attach a GlueOps/control-plane load balancer to a cluster
+   */
+  async attachGlueOpsLoadBalancerRaw(
+    requestParameters: AttachGlueOpsLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling attachGlueOpsLoadBalancer().',
+      );
+    }
+
+    if (requestParameters["dtoAttachLoadBalancerRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachLoadBalancerRequest",
+        'Required parameter "dtoAttachLoadBalancerRequest" was null or undefined when calling attachGlueOpsLoadBalancer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/glueops-load-balancer`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachLoadBalancerRequestToJSON(
+          requestParameters["dtoAttachLoadBalancerRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Sets glueops_load_balancer_id on the cluster.
+   * Attach a GlueOps/control-plane load balancer to a cluster
+   */
+  async attachGlueOpsLoadBalancer(
+    requestParameters: AttachGlueOpsLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.attachGlueOpsLoadBalancerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Adds an entry in the cluster_node_pools join table.
+   * Attach a node pool to a cluster
+   */
+  async attachNodePoolRaw(
+    requestParameters: AttachNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling attachNodePool().',
+      );
+    }
+
+    if (requestParameters["dtoAttachNodePoolRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachNodePoolRequest",
+        'Required parameter "dtoAttachNodePoolRequest" was null or undefined when calling attachNodePool().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/node-pools`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachNodePoolRequestToJSON(
+          requestParameters["dtoAttachNodePoolRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Adds an entry in the cluster_node_pools join table.
+   * Attach a node pool to a cluster
+   */
+  async attachNodePool(
+    requestParameters: AttachNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.attachNodePoolRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Removes the encrypted kubeconfig, IV, and tag from the cluster record.
+   * Clear the kubeconfig for a cluster
+   */
+  async clearClusterKubeconfigRaw(
+    requestParameters: ClearClusterKubeconfigRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling clearClusterKubeconfig().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/kubeconfig`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Removes the encrypted kubeconfig, IV, and tag from the cluster record.
+   * Clear the kubeconfig for a cluster
+   */
+  async clearClusterKubeconfig(
+    requestParameters: ClearClusterKubeconfigRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.clearClusterKubeconfigRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Creates a cluster. Status is managed by the system and starts as `pre_pending` for validation.
+   * Create cluster (org scoped)
+   */
+  async createClusterRaw(
+    requestParameters: CreateClusterRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["dtoCreateClusterRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateClusterRequest",
+        'Required parameter "dtoCreateClusterRequest" was null or undefined when calling createCluster().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateClusterRequestToJSON(
+          requestParameters["dtoCreateClusterRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Creates a cluster. Status is managed by the system and starts as `pre_pending` for validation.
+   * Create cluster (org scoped)
+   */
+  async createCluster(
+    requestParameters: CreateClusterRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.createClusterRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).
+   * Delete a cluster (org scoped)
+   */
+  async deleteClusterRaw(
+    requestParameters: DeleteClusterRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling deleteCluster().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Deletes the cluster. Related resources are cleaned up via DB constraints (e.g. CASCADE).
+   * Delete a cluster (org scoped)
+   */
+  async deleteCluster(
+    requestParameters: DeleteClusterRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.deleteClusterRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Clears apps_load_balancer_id on the cluster.
+   * Detach the apps load balancer from a cluster
+   */
+  async detachAppsLoadBalancerRaw(
+    requestParameters: DetachAppsLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling detachAppsLoadBalancer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/apps-load-balancer`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Clears apps_load_balancer_id on the cluster.
+   * Detach the apps load balancer from a cluster
+   */
+  async detachAppsLoadBalancer(
+    requestParameters: DetachAppsLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.detachAppsLoadBalancerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Clears bastion_server_id on the cluster.
+   * Detach the bastion server from a cluster
+   */
+  async detachBastionServerRaw(
+    requestParameters: DetachBastionServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling detachBastionServer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/bastion`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Clears bastion_server_id on the cluster.
+   * Detach the bastion server from a cluster
+   */
+  async detachBastionServer(
+    requestParameters: DetachBastionServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.detachBastionServerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.
+   * Detach the captain domain from a cluster
+   */
+  async detachCaptainDomainRaw(
+    requestParameters: DetachCaptainDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling detachCaptainDomain().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/captain-domain`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Clears captain_domain_id on the cluster. This will likely cause the cluster to become incomplete.
+   * Detach the captain domain from a cluster
+   */
+  async detachCaptainDomain(
+    requestParameters: DetachCaptainDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.detachCaptainDomainRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Clears control_plane_record_set_id on the cluster.
+   * Detach the control plane record set from a cluster
+   */
+  async detachControlPlaneRecordSetRaw(
+    requestParameters: DetachControlPlaneRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling detachControlPlaneRecordSet().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/control-plane-record-set`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Clears control_plane_record_set_id on the cluster.
+   * Detach the control plane record set from a cluster
+   */
+  async detachControlPlaneRecordSet(
+    requestParameters: DetachControlPlaneRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.detachControlPlaneRecordSetRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Clears glueops_load_balancer_id on the cluster.
+   * Detach the GlueOps/control-plane load balancer from a cluster
+   */
+  async detachGlueOpsLoadBalancerRaw(
+    requestParameters: DetachGlueOpsLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling detachGlueOpsLoadBalancer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/glueops-load-balancer`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Clears glueops_load_balancer_id on the cluster.
+   * Detach the GlueOps/control-plane load balancer from a cluster
+   */
+  async detachGlueOpsLoadBalancer(
+    requestParameters: DetachGlueOpsLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.detachGlueOpsLoadBalancerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Removes an entry from the cluster_node_pools join table.
+   * Detach a node pool from a cluster
+   */
+  async detachNodePoolRaw(
+    requestParameters: DetachNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling detachNodePool().',
+      );
+    }
+
+    if (requestParameters["nodePoolID"] == null) {
+      throw new runtime.RequiredError(
+        "nodePoolID",
+        'Required parameter "nodePoolID" was null or undefined when calling detachNodePool().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/node-pools/{nodePoolID}`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+    urlPath = urlPath.replace(
+      `{${"nodePoolID"}}`,
+      encodeURIComponent(String(requestParameters["nodePoolID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Removes an entry from the cluster_node_pools join table.
+   * Detach a node pool from a cluster
+   */
+  async detachNodePool(
+    requestParameters: DetachNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.detachNodePoolRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).
+   * Get a single cluster by ID (org scoped)
+   */
+  async getClusterRaw(
+    requestParameters: GetClusterRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling getCluster().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns a cluster with all related resources (domain, record set, load balancers, bastion, node pools).
+   * Get a single cluster by ID (org scoped)
+   */
+  async getCluster(
+    requestParameters: GetClusterRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.getClusterRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Returns clusters for the organization in X-Org-ID. Filter by `q` (name contains).
+   * List clusters (org scoped)
+   */
+  async listClustersRaw(
+    requestParameters: ListClustersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoClusterResponse>>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["q"] != null) {
+      queryParameters["q"] = requestParameters["q"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoClusterResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns clusters for the organization in X-Org-ID. Filter by `q` (name contains).
+   * List clusters (org scoped)
+   */
+  async listClusters(
+    requestParameters: ListClustersRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoClusterResponse>> {
+    const response = await this.listClustersRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.
+   * Set (or replace) the kubeconfig for a cluster
+   */
+  async setClusterKubeconfigRaw(
+    requestParameters: SetClusterKubeconfigRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling setClusterKubeconfig().',
+      );
+    }
+
+    if (requestParameters["dtoSetKubeconfigRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoSetKubeconfigRequest",
+        'Required parameter "dtoSetKubeconfigRequest" was null or undefined when calling setClusterKubeconfig().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}/kubeconfig`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoSetKubeconfigRequestToJSON(
+          requestParameters["dtoSetKubeconfigRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Stores the kubeconfig encrypted per organization. The kubeconfig is never returned in responses.
+   * Set (or replace) the kubeconfig for a cluster
+   */
+  async setClusterKubeconfig(
+    requestParameters: SetClusterKubeconfigRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.setClusterKubeconfigRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Updates the cluster name, provider, and/or region. Status is managed by the system.
+   * Update basic cluster details (org scoped)
+   */
+  async updateClusterRaw(
+    requestParameters: UpdateClusterRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoClusterResponse>> {
+    if (requestParameters["clusterID"] == null) {
+      throw new runtime.RequiredError(
+        "clusterID",
+        'Required parameter "clusterID" was null or undefined when calling updateCluster().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateClusterRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateClusterRequest",
+        'Required parameter "dtoUpdateClusterRequest" was null or undefined when calling updateCluster().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/clusters/{clusterID}`;
+    urlPath = urlPath.replace(
+      `{${"clusterID"}}`,
+      encodeURIComponent(String(requestParameters["clusterID"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateClusterRequestToJSON(
+          requestParameters["dtoUpdateClusterRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoClusterResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Updates the cluster name, provider, and/or region. Status is managed by the system.
+   * Update basic cluster details (org scoped)
+   */
+  async updateCluster(
+    requestParameters: UpdateClusterRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoClusterResponse> {
+    const response = await this.updateClusterRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/CredentialsApi.ts b/sdk/ts/src/apis/CredentialsApi.ts
new file mode 100644
index 0000000..91aeb91
--- /dev/null
+++ b/sdk/ts/src/apis/CredentialsApi.ts
@@ -0,0 +1,504 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {DtoCreateCredentialRequest, DtoCredentialOut, DtoUpdateCredentialRequest,} from "../models/index";
+import {
+    DtoCreateCredentialRequestToJSON,
+    DtoCredentialOutFromJSON,
+    DtoUpdateCredentialRequestToJSON,
+} from "../models/index";
+
+export interface CreateCredentialRequest {
+  dtoCreateCredentialRequest: DtoCreateCredentialRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteCredentialRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface GetCredentialRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListCredentialsRequest {
+  xOrgID?: string;
+  credentialProvider?: string;
+  kind?: string;
+  scopeKind?: string;
+}
+
+export interface RevealCredentialRequest {
+  id: string;
+  xOrgID?: string;
+  body?: object;
+}
+
+export interface UpdateCredentialRequest {
+  id: string;
+  dtoUpdateCredentialRequest: DtoUpdateCredentialRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class CredentialsApi extends runtime.BaseAPI {
+  /**
+   * Create a credential (encrypts secret)
+   */
+  async createCredentialRaw(
+    requestParameters: CreateCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoCredentialOut>> {
+    if (requestParameters["dtoCreateCredentialRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateCredentialRequest",
+        'Required parameter "dtoCreateCredentialRequest" was null or undefined when calling createCredential().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/credentials`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateCredentialRequestToJSON(
+          requestParameters["dtoCreateCredentialRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoCredentialOutFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Create a credential (encrypts secret)
+   */
+  async createCredential(
+    requestParameters: CreateCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoCredentialOut> {
+    const response = await this.createCredentialRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Delete credential
+   */
+  async deleteCredentialRaw(
+    requestParameters: DeleteCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteCredential().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/credentials/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Delete credential
+   */
+  async deleteCredential(
+    requestParameters: DeleteCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteCredentialRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Get credential by ID (metadata only)
+   */
+  async getCredentialRaw(
+    requestParameters: GetCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoCredentialOut>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getCredential().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/credentials/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoCredentialOutFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Get credential by ID (metadata only)
+   */
+  async getCredential(
+    requestParameters: GetCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoCredentialOut> {
+    const response = await this.getCredentialRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Returns credential metadata for the current org. Secrets are never returned.
+   * List credentials (metadata only)
+   */
+  async listCredentialsRaw(
+    requestParameters: ListCredentialsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoCredentialOut>>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["credentialProvider"] != null) {
+      queryParameters["credential_provider"] =
+        requestParameters["credentialProvider"];
+    }
+
+    if (requestParameters["kind"] != null) {
+      queryParameters["kind"] = requestParameters["kind"];
+    }
+
+    if (requestParameters["scopeKind"] != null) {
+      queryParameters["scope_kind"] = requestParameters["scopeKind"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/credentials`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoCredentialOutFromJSON),
+    );
+  }
+
+  /**
+   * Returns credential metadata for the current org. Secrets are never returned.
+   * List credentials (metadata only)
+   */
+  async listCredentials(
+    requestParameters: ListCredentialsRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoCredentialOut>> {
+    const response = await this.listCredentialsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Reveal decrypted secret (one-time read)
+   */
+  async revealCredentialRaw(
+    requestParameters: RevealCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<{ [key: string]: any }>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling revealCredential().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/credentials/{id}/reveal`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: requestParameters["body"] as any,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse<any>(response);
+  }
+
+  /**
+   * Reveal decrypted secret (one-time read)
+   */
+  async revealCredential(
+    requestParameters: RevealCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<{ [key: string]: any }> {
+    const response = await this.revealCredentialRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Update credential metadata and/or rotate secret
+   */
+  async updateCredentialRaw(
+    requestParameters: UpdateCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoCredentialOut>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateCredential().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateCredentialRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateCredentialRequest",
+        'Required parameter "dtoUpdateCredentialRequest" was null or undefined when calling updateCredential().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/credentials/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateCredentialRequestToJSON(
+          requestParameters["dtoUpdateCredentialRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoCredentialOutFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Update credential metadata and/or rotate secret
+   */
+  async updateCredential(
+    requestParameters: UpdateCredentialRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoCredentialOut> {
+    const response = await this.updateCredentialRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/DNSApi.ts b/sdk/ts/src/apis/DNSApi.ts
new file mode 100644
index 0000000..1974e50
--- /dev/null
+++ b/sdk/ts/src/apis/DNSApi.ts
@@ -0,0 +1,778 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {
+    DtoCreateDomainRequest,
+    DtoCreateRecordSetRequest,
+    DtoDomainResponse,
+    DtoRecordSetResponse,
+    DtoUpdateDomainRequest,
+    DtoUpdateRecordSetRequest,
+} from "../models/index";
+import {
+    DtoCreateDomainRequestToJSON,
+    DtoCreateRecordSetRequestToJSON,
+    DtoDomainResponseFromJSON,
+    DtoRecordSetResponseFromJSON,
+    DtoUpdateDomainRequestToJSON,
+    DtoUpdateRecordSetRequestToJSON,
+} from "../models/index";
+
+export interface CreateDomainRequest {
+  dtoCreateDomainRequest: DtoCreateDomainRequest;
+  xOrgID?: string;
+}
+
+export interface CreateRecordSetRequest {
+  domainId: string;
+  dtoCreateRecordSetRequest: DtoCreateRecordSetRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteDomainRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface DeleteRecordSetRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface GetDomainRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListDomainsRequest {
+  xOrgID?: string;
+  domainName?: string;
+  status?: string;
+  q?: string;
+}
+
+export interface ListRecordSetsRequest {
+  domainId: string;
+  xOrgID?: string;
+  name?: string;
+  type?: string;
+  status?: string;
+}
+
+export interface UpdateDomainRequest {
+  id: string;
+  dtoUpdateDomainRequest: DtoUpdateDomainRequest;
+  xOrgID?: string;
+}
+
+export interface UpdateRecordSetRequest {
+  id: string;
+  dtoUpdateRecordSetRequest: DtoUpdateRecordSetRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class DNSApi extends runtime.BaseAPI {
+  /**
+   * Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.
+   * Create a domain (org scoped)
+   */
+  async createDomainRaw(
+    requestParameters: CreateDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoDomainResponse>> {
+    if (requestParameters["dtoCreateDomainRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateDomainRequest",
+        'Required parameter "dtoCreateDomainRequest" was null or undefined when calling createDomain().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/domains`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateDomainRequestToJSON(
+          requestParameters["dtoCreateDomainRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoDomainResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Creates a domain bound to a Route 53 scoped credential. Archer will backfill ZoneID if omitted.
+   * Create a domain (org scoped)
+   */
+  async createDomain(
+    requestParameters: CreateDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoDomainResponse> {
+    const response = await this.createDomainRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Create a record set (pending; Archer will UPSERT to Route 53)
+   */
+  async createRecordSetRaw(
+    requestParameters: CreateRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoRecordSetResponse>> {
+    if (requestParameters["domainId"] == null) {
+      throw new runtime.RequiredError(
+        "domainId",
+        'Required parameter "domainId" was null or undefined when calling createRecordSet().',
+      );
+    }
+
+    if (requestParameters["dtoCreateRecordSetRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateRecordSetRequest",
+        'Required parameter "dtoCreateRecordSetRequest" was null or undefined when calling createRecordSet().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/domains/{domain_id}/records`;
+    urlPath = urlPath.replace(
+      `{${"domain_id"}}`,
+      encodeURIComponent(String(requestParameters["domainId"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateRecordSetRequestToJSON(
+          requestParameters["dtoCreateRecordSetRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoRecordSetResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Create a record set (pending; Archer will UPSERT to Route 53)
+   */
+  async createRecordSet(
+    requestParameters: CreateRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoRecordSetResponse> {
+    const response = await this.createRecordSetRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Delete a domain
+   */
+  async deleteDomainRaw(
+    requestParameters: DeleteDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteDomain().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/domains/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Delete a domain
+   */
+  async deleteDomain(
+    requestParameters: DeleteDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteDomainRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Delete a record set (API removes row; worker can optionally handle external deletion policy)
+   */
+  async deleteRecordSetRaw(
+    requestParameters: DeleteRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteRecordSet().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/records/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Delete a record set (API removes row; worker can optionally handle external deletion policy)
+   */
+  async deleteRecordSet(
+    requestParameters: DeleteRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteRecordSetRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Get a domain (org scoped)
+   */
+  async getDomainRaw(
+    requestParameters: GetDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoDomainResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getDomain().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/domains/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoDomainResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Get a domain (org scoped)
+   */
+  async getDomain(
+    requestParameters: GetDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoDomainResponse> {
+    const response = await this.getDomainRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Returns domains for X-Org-ID. Filters: `domain_name`, `status`, `q` (contains).
+   * List domains (org scoped)
+   */
+  async listDomainsRaw(
+    requestParameters: ListDomainsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoDomainResponse>>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["domainName"] != null) {
+      queryParameters["domain_name"] = requestParameters["domainName"];
+    }
+
+    if (requestParameters["status"] != null) {
+      queryParameters["status"] = requestParameters["status"];
+    }
+
+    if (requestParameters["q"] != null) {
+      queryParameters["q"] = requestParameters["q"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/domains`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoDomainResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns domains for X-Org-ID. Filters: `domain_name`, `status`, `q` (contains).
+   * List domains (org scoped)
+   */
+  async listDomains(
+    requestParameters: ListDomainsRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoDomainResponse>> {
+    const response = await this.listDomainsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Filters: `name`, `type`, `status`.
+   * List record sets for a domain
+   */
+  async listRecordSetsRaw(
+    requestParameters: ListRecordSetsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoRecordSetResponse>>> {
+    if (requestParameters["domainId"] == null) {
+      throw new runtime.RequiredError(
+        "domainId",
+        'Required parameter "domainId" was null or undefined when calling listRecordSets().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    if (requestParameters["name"] != null) {
+      queryParameters["name"] = requestParameters["name"];
+    }
+
+    if (requestParameters["type"] != null) {
+      queryParameters["type"] = requestParameters["type"];
+    }
+
+    if (requestParameters["status"] != null) {
+      queryParameters["status"] = requestParameters["status"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/domains/{domain_id}/records`;
+    urlPath = urlPath.replace(
+      `{${"domain_id"}}`,
+      encodeURIComponent(String(requestParameters["domainId"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoRecordSetResponseFromJSON),
+    );
+  }
+
+  /**
+   * Filters: `name`, `type`, `status`.
+   * List record sets for a domain
+   */
+  async listRecordSets(
+    requestParameters: ListRecordSetsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoRecordSetResponse>> {
+    const response = await this.listRecordSetsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Update a domain (org scoped)
+   */
+  async updateDomainRaw(
+    requestParameters: UpdateDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoDomainResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateDomain().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateDomainRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateDomainRequest",
+        'Required parameter "dtoUpdateDomainRequest" was null or undefined when calling updateDomain().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/domains/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateDomainRequestToJSON(
+          requestParameters["dtoUpdateDomainRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoDomainResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Update a domain (org scoped)
+   */
+  async updateDomain(
+    requestParameters: UpdateDomainRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoDomainResponse> {
+    const response = await this.updateDomainRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Update a record set (flips to pending for reconciliation)
+   */
+  async updateRecordSetRaw(
+    requestParameters: UpdateRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoRecordSetResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateRecordSet().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateRecordSetRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateRecordSetRequest",
+        'Required parameter "dtoUpdateRecordSetRequest" was null or undefined when calling updateRecordSet().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/dns/records/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateRecordSetRequestToJSON(
+          requestParameters["dtoUpdateRecordSetRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoRecordSetResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Update a record set (flips to pending for reconciliation)
+   */
+  async updateRecordSet(
+    requestParameters: UpdateRecordSetRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoRecordSetResponse> {
+    const response = await this.updateRecordSetRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/HealthApi.ts b/sdk/ts/src/apis/HealthApi.ts
new file mode 100644
index 0000000..6a014df
--- /dev/null
+++ b/sdk/ts/src/apis/HealthApi.ts
@@ -0,0 +1,61 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {HandlersHealthStatus} from "../models/index";
+import {HandlersHealthStatusFromJSON,} from "../models/index";
+
+/**
+ *
+ */
+export class HealthApi extends runtime.BaseAPI {
+  /**
+   * Returns 200 OK when the service is up
+   * Basic health check
+   */
+  async healthCheckOperationIdRaw(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<HandlersHealthStatus>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    let urlPath = `/healthz`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      HandlersHealthStatusFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns 200 OK when the service is up
+   * Basic health check
+   */
+  async healthCheckOperationId(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<HandlersHealthStatus> {
+    const response = await this.healthCheckOperationIdRaw(initOverrides);
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/LabelsApi.ts b/sdk/ts/src/apis/LabelsApi.ts
new file mode 100644
index 0000000..ecde733
--- /dev/null
+++ b/sdk/ts/src/apis/LabelsApi.ts
@@ -0,0 +1,422 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {DtoCreateLabelRequest, DtoLabelResponse, DtoUpdateLabelRequest,} from "../models/index";
+import {DtoCreateLabelRequestToJSON, DtoLabelResponseFromJSON, DtoUpdateLabelRequestToJSON,} from "../models/index";
+
+export interface CreateLabelRequest {
+  dtoCreateLabelRequest: DtoCreateLabelRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteLabelRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface GetLabelRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListLabelsRequest {
+  xOrgID?: string;
+  key?: string;
+  value?: string;
+  q?: string;
+}
+
+export interface UpdateLabelRequest {
+  id: string;
+  dtoUpdateLabelRequest: DtoUpdateLabelRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class LabelsApi extends runtime.BaseAPI {
+  /**
+   * Creates a label.
+   * Create label (org scoped)
+   */
+  async createLabelRaw(
+    requestParameters: CreateLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoLabelResponse>> {
+    if (requestParameters["dtoCreateLabelRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateLabelRequest",
+        'Required parameter "dtoCreateLabelRequest" was null or undefined when calling createLabel().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/labels`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateLabelRequestToJSON(
+          requestParameters["dtoCreateLabelRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoLabelResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Creates a label.
+   * Create label (org scoped)
+   */
+  async createLabel(
+    requestParameters: CreateLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoLabelResponse> {
+    const response = await this.createLabelRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Permanently deletes the label.
+   * Delete label (org scoped)
+   */
+  async deleteLabelRaw(
+    requestParameters: DeleteLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteLabel().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/labels/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Permanently deletes the label.
+   * Delete label (org scoped)
+   */
+  async deleteLabel(
+    requestParameters: DeleteLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteLabelRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Returns one label.
+   * Get label by ID (org scoped)
+   */
+  async getLabelRaw(
+    requestParameters: GetLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoLabelResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getLabel().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/labels/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoLabelResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns one label.
+   * Get label by ID (org scoped)
+   */
+  async getLabel(
+    requestParameters: GetLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoLabelResponse> {
+    const response = await this.getLabelRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.
+   * List node labels (org scoped)
+   */
+  async listLabelsRaw(
+    requestParameters: ListLabelsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoLabelResponse>>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["key"] != null) {
+      queryParameters["key"] = requestParameters["key"];
+    }
+
+    if (requestParameters["value"] != null) {
+      queryParameters["value"] = requestParameters["value"];
+    }
+
+    if (requestParameters["q"] != null) {
+      queryParameters["q"] = requestParameters["q"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/labels`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoLabelResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns node labels for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node groups.
+   * List node labels (org scoped)
+   */
+  async listLabels(
+    requestParameters: ListLabelsRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoLabelResponse>> {
+    const response = await this.listLabelsRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Partially update label fields.
+   * Update label (org scoped)
+   */
+  async updateLabelRaw(
+    requestParameters: UpdateLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoLabelResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateLabel().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateLabelRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateLabelRequest",
+        'Required parameter "dtoUpdateLabelRequest" was null or undefined when calling updateLabel().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/labels/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateLabelRequestToJSON(
+          requestParameters["dtoUpdateLabelRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoLabelResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Partially update label fields.
+   * Update label (org scoped)
+   */
+  async updateLabel(
+    requestParameters: UpdateLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoLabelResponse> {
+    const response = await this.updateLabelRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/LoadBalancersApi.ts b/sdk/ts/src/apis/LoadBalancersApi.ts
new file mode 100644
index 0000000..12c8d3c
--- /dev/null
+++ b/sdk/ts/src/apis/LoadBalancersApi.ts
@@ -0,0 +1,415 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {
+    DtoCreateLoadBalancerRequest,
+    DtoLoadBalancerResponse,
+    DtoUpdateLoadBalancerRequest,
+} from "../models/index";
+import {
+    DtoCreateLoadBalancerRequestToJSON,
+    DtoLoadBalancerResponseFromJSON,
+    DtoUpdateLoadBalancerRequestToJSON,
+} from "../models/index";
+
+export interface CreateLoadBalancerRequest {
+  dtoCreateLoadBalancerRequest: DtoCreateLoadBalancerRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteLoadBalancerRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface GetLoadBalancersRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListLoadBalancersRequest {
+  xOrgID?: string;
+}
+
+export interface UpdateLoadBalancerRequest {
+  id: string;
+  dtoUpdateLoadBalancerRequest: DtoUpdateLoadBalancerRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class LoadBalancersApi extends runtime.BaseAPI {
+  /**
+   * Create a load balancer
+   */
+  async createLoadBalancerRaw(
+    requestParameters: CreateLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoLoadBalancerResponse>> {
+    if (requestParameters["dtoCreateLoadBalancerRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateLoadBalancerRequest",
+        'Required parameter "dtoCreateLoadBalancerRequest" was null or undefined when calling createLoadBalancer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/load-balancers`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateLoadBalancerRequestToJSON(
+          requestParameters["dtoCreateLoadBalancerRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoLoadBalancerResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Create a load balancer
+   */
+  async createLoadBalancer(
+    requestParameters: CreateLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoLoadBalancerResponse> {
+    const response = await this.createLoadBalancerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Delete a load balancer
+   */
+  async deleteLoadBalancerRaw(
+    requestParameters: DeleteLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteLoadBalancer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/load-balancers/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Delete a load balancer
+   */
+  async deleteLoadBalancer(
+    requestParameters: DeleteLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteLoadBalancerRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Returns load balancer for the organization in X-Org-ID.
+   * Get a load balancer (org scoped)
+   */
+  async getLoadBalancersRaw(
+    requestParameters: GetLoadBalancersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoLoadBalancerResponse>>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getLoadBalancers().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/load-balancers/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoLoadBalancerResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns load balancer for the organization in X-Org-ID.
+   * Get a load balancer (org scoped)
+   */
+  async getLoadBalancers(
+    requestParameters: GetLoadBalancersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoLoadBalancerResponse>> {
+    const response = await this.getLoadBalancersRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Returns load balancers for the organization in X-Org-ID.
+   * List load balancers (org scoped)
+   */
+  async listLoadBalancersRaw(
+    requestParameters: ListLoadBalancersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoLoadBalancerResponse>>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/load-balancers`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoLoadBalancerResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns load balancers for the organization in X-Org-ID.
+   * List load balancers (org scoped)
+   */
+  async listLoadBalancers(
+    requestParameters: ListLoadBalancersRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoLoadBalancerResponse>> {
+    const response = await this.listLoadBalancersRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Update a load balancer (org scoped)
+   */
+  async updateLoadBalancerRaw(
+    requestParameters: UpdateLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoLoadBalancerResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateLoadBalancer().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateLoadBalancerRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateLoadBalancerRequest",
+        'Required parameter "dtoUpdateLoadBalancerRequest" was null or undefined when calling updateLoadBalancer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/load-balancers/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateLoadBalancerRequestToJSON(
+          requestParameters["dtoUpdateLoadBalancerRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoLoadBalancerResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Update a load balancer (org scoped)
+   */
+  async updateLoadBalancer(
+    requestParameters: UpdateLoadBalancerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoLoadBalancerResponse> {
+    const response = await this.updateLoadBalancerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/MeAPIKeysApi.ts b/sdk/ts/src/apis/MeAPIKeysApi.ts
new file mode 100644
index 0000000..691b9c7
--- /dev/null
+++ b/sdk/ts/src/apis/MeAPIKeysApi.ts
@@ -0,0 +1,195 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {HandlersCreateUserKeyRequest, HandlersUserAPIKeyOut,} from "../models/index";
+import {HandlersCreateUserKeyRequestToJSON, HandlersUserAPIKeyOutFromJSON,} from "../models/index";
+
+export interface CreateUserAPIKeyRequest {
+  handlersCreateUserKeyRequest: HandlersCreateUserKeyRequest;
+}
+
+export interface DeleteUserAPIKeyRequest {
+  id: string;
+}
+
+/**
+ *
+ */
+export class MeAPIKeysApi extends runtime.BaseAPI {
+  /**
+   * Returns the plaintext key once. Store it securely on the client side.
+   * Create a new user API key
+   */
+  async createUserAPIKeyRaw(
+    requestParameters: CreateUserAPIKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<HandlersUserAPIKeyOut>> {
+    if (requestParameters["handlersCreateUserKeyRequest"] == null) {
+      throw new runtime.RequiredError(
+        "handlersCreateUserKeyRequest",
+        'Required parameter "handlersCreateUserKeyRequest" was null or undefined when calling createUserAPIKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-API-KEY"] =
+        await this.configuration.apiKey("X-API-KEY"); // ApiKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/me/api-keys`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: HandlersCreateUserKeyRequestToJSON(
+          requestParameters["handlersCreateUserKeyRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      HandlersUserAPIKeyOutFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns the plaintext key once. Store it securely on the client side.
+   * Create a new user API key
+   */
+  async createUserAPIKey(
+    requestParameters: CreateUserAPIKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<HandlersUserAPIKeyOut> {
+    const response = await this.createUserAPIKeyRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Delete a user API key
+   */
+  async deleteUserAPIKeyRaw(
+    requestParameters: DeleteUserAPIKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteUserAPIKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/me/api-keys/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Delete a user API key
+   */
+  async deleteUserAPIKey(
+    requestParameters: DeleteUserAPIKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteUserAPIKeyRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * List my API keys
+   */
+  async listUserAPIKeysRaw(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<HandlersUserAPIKeyOut>>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-API-KEY"] =
+        await this.configuration.apiKey("X-API-KEY"); // ApiKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/me/api-keys`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(HandlersUserAPIKeyOutFromJSON),
+    );
+  }
+
+  /**
+   * List my API keys
+   */
+  async listUserAPIKeys(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<HandlersUserAPIKeyOut>> {
+    const response = await this.listUserAPIKeysRaw(initOverrides);
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/MeApi.ts b/sdk/ts/src/apis/MeApi.ts
new file mode 100644
index 0000000..7295d94
--- /dev/null
+++ b/sdk/ts/src/apis/MeApi.ts
@@ -0,0 +1,134 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {HandlersMeResponse, HandlersUpdateMeRequest, ModelsUser,} from "../models/index";
+import {HandlersMeResponseFromJSON, HandlersUpdateMeRequestToJSON, ModelsUserFromJSON,} from "../models/index";
+
+export interface UpdateMeRequest {
+  handlersUpdateMeRequest: HandlersUpdateMeRequest;
+}
+
+/**
+ *
+ */
+export class MeApi extends runtime.BaseAPI {
+  /**
+   * Get current user profile
+   */
+  async getMeRaw(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<HandlersMeResponse>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-API-KEY"] =
+        await this.configuration.apiKey("X-API-KEY"); // ApiKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/me`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      HandlersMeResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Get current user profile
+   */
+  async getMe(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<HandlersMeResponse> {
+    const response = await this.getMeRaw(initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Update current user profile
+   */
+  async updateMeRaw(
+    requestParameters: UpdateMeRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<ModelsUser>> {
+    if (requestParameters["handlersUpdateMeRequest"] == null) {
+      throw new runtime.RequiredError(
+        "handlersUpdateMeRequest",
+        'Required parameter "handlersUpdateMeRequest" was null or undefined when calling updateMe().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-API-KEY"] =
+        await this.configuration.apiKey("X-API-KEY"); // ApiKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/me`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: HandlersUpdateMeRequestToJSON(
+          requestParameters["handlersUpdateMeRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      ModelsUserFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Update current user profile
+   */
+  async updateMe(
+    requestParameters: UpdateMeRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<ModelsUser> {
+    const response = await this.updateMeRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/MetaApi.ts b/sdk/ts/src/apis/MetaApi.ts
new file mode 100644
index 0000000..fb0b6bf
--- /dev/null
+++ b/sdk/ts/src/apis/MetaApi.ts
@@ -0,0 +1,61 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {HandlersVersionResponse} from "../models/index";
+import {HandlersVersionResponseFromJSON,} from "../models/index";
+
+/**
+ *
+ */
+export class MetaApi extends runtime.BaseAPI {
+  /**
+   * Returns build/runtime metadata for the running service.
+   * Service version information
+   */
+  async versionOperationIdRaw(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<HandlersVersionResponse>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    let urlPath = `/version`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      HandlersVersionResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns build/runtime metadata for the running service.
+   * Service version information
+   */
+  async versionOperationId(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<HandlersVersionResponse> {
+    const response = await this.versionOperationIdRaw(initOverrides);
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/NodePoolsApi.ts b/sdk/ts/src/apis/NodePoolsApi.ts
new file mode 100644
index 0000000..971574c
--- /dev/null
+++ b/sdk/ts/src/apis/NodePoolsApi.ts
@@ -0,0 +1,1482 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {
+    DtoAnnotationResponse,
+    DtoAttachAnnotationsRequest,
+    DtoAttachLabelsRequest,
+    DtoAttachServersRequest,
+    DtoAttachTaintsRequest,
+    DtoCreateNodePoolRequest,
+    DtoLabelResponse,
+    DtoNodePoolResponse,
+    DtoServerResponse,
+    DtoTaintResponse,
+    DtoUpdateNodePoolRequest,
+} from "../models/index";
+import {
+    DtoAnnotationResponseFromJSON,
+    DtoAttachAnnotationsRequestToJSON,
+    DtoAttachLabelsRequestToJSON,
+    DtoAttachServersRequestToJSON,
+    DtoAttachTaintsRequestToJSON,
+    DtoCreateNodePoolRequestToJSON,
+    DtoLabelResponseFromJSON,
+    DtoNodePoolResponseFromJSON,
+    DtoServerResponseFromJSON,
+    DtoTaintResponseFromJSON,
+    DtoUpdateNodePoolRequestToJSON,
+} from "../models/index";
+
+export interface AttachNodePoolAnnotationsRequest {
+  id: string;
+  dtoAttachAnnotationsRequest: DtoAttachAnnotationsRequest;
+  xOrgID?: string;
+}
+
+export interface AttachNodePoolLabelsRequest {
+  id: string;
+  dtoAttachLabelsRequest: DtoAttachLabelsRequest;
+  xOrgID?: string;
+}
+
+export interface AttachNodePoolServersRequest {
+  id: string;
+  dtoAttachServersRequest: DtoAttachServersRequest;
+  xOrgID?: string;
+}
+
+export interface AttachNodePoolTaintsRequest {
+  id: string;
+  dtoAttachTaintsRequest: DtoAttachTaintsRequest;
+  xOrgID?: string;
+}
+
+export interface CreateNodePoolRequest {
+  dtoCreateNodePoolRequest: DtoCreateNodePoolRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteNodePoolRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface DetachNodePoolAnnotationRequest {
+  id: string;
+  annotationId: string;
+  xOrgID?: string;
+}
+
+export interface DetachNodePoolLabelRequest {
+  id: string;
+  labelId: string;
+  xOrgID?: string;
+}
+
+export interface DetachNodePoolServerRequest {
+  id: string;
+  serverId: string;
+  xOrgID?: string;
+}
+
+export interface DetachNodePoolTaintRequest {
+  id: string;
+  taintId: string;
+  xOrgID?: string;
+}
+
+export interface GetNodePoolRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListNodePoolAnnotationsRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListNodePoolLabelsRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListNodePoolServersRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListNodePoolTaintsRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListNodePoolsRequest {
+  xOrgID?: string;
+  q?: string;
+}
+
+export interface UpdateNodePoolRequest {
+  id: string;
+  dtoUpdateNodePoolRequest: DtoUpdateNodePoolRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class NodePoolsApi extends runtime.BaseAPI {
+  /**
+   * Attach annotation to a node pool (org scoped)
+   */
+  async attachNodePoolAnnotationsRaw(
+    requestParameters: AttachNodePoolAnnotationsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling attachNodePoolAnnotations().',
+      );
+    }
+
+    if (requestParameters["dtoAttachAnnotationsRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachAnnotationsRequest",
+        'Required parameter "dtoAttachAnnotationsRequest" was null or undefined when calling attachNodePoolAnnotations().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/annotations`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachAnnotationsRequestToJSON(
+          requestParameters["dtoAttachAnnotationsRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Attach annotation to a node pool (org scoped)
+   */
+  async attachNodePoolAnnotations(
+    requestParameters: AttachNodePoolAnnotationsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.attachNodePoolAnnotationsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Attach labels to a node pool (org scoped)
+   */
+  async attachNodePoolLabelsRaw(
+    requestParameters: AttachNodePoolLabelsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling attachNodePoolLabels().',
+      );
+    }
+
+    if (requestParameters["dtoAttachLabelsRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachLabelsRequest",
+        'Required parameter "dtoAttachLabelsRequest" was null or undefined when calling attachNodePoolLabels().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/labels`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachLabelsRequestToJSON(
+          requestParameters["dtoAttachLabelsRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Attach labels to a node pool (org scoped)
+   */
+  async attachNodePoolLabels(
+    requestParameters: AttachNodePoolLabelsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.attachNodePoolLabelsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Attach servers to a node pool (org scoped)
+   */
+  async attachNodePoolServersRaw(
+    requestParameters: AttachNodePoolServersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling attachNodePoolServers().',
+      );
+    }
+
+    if (requestParameters["dtoAttachServersRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachServersRequest",
+        'Required parameter "dtoAttachServersRequest" was null or undefined when calling attachNodePoolServers().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/servers`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachServersRequestToJSON(
+          requestParameters["dtoAttachServersRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Attach servers to a node pool (org scoped)
+   */
+  async attachNodePoolServers(
+    requestParameters: AttachNodePoolServersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.attachNodePoolServersRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Attach taints to a node pool (org scoped)
+   */
+  async attachNodePoolTaintsRaw(
+    requestParameters: AttachNodePoolTaintsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling attachNodePoolTaints().',
+      );
+    }
+
+    if (requestParameters["dtoAttachTaintsRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoAttachTaintsRequest",
+        'Required parameter "dtoAttachTaintsRequest" was null or undefined when calling attachNodePoolTaints().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/taints`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoAttachTaintsRequestToJSON(
+          requestParameters["dtoAttachTaintsRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Attach taints to a node pool (org scoped)
+   */
+  async attachNodePoolTaints(
+    requestParameters: AttachNodePoolTaintsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.attachNodePoolTaintsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Creates a node pool. Optionally attach initial servers.
+   * Create node pool (org scoped)
+   */
+  async createNodePoolRaw(
+    requestParameters: CreateNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoNodePoolResponse>> {
+    if (requestParameters["dtoCreateNodePoolRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateNodePoolRequest",
+        'Required parameter "dtoCreateNodePoolRequest" was null or undefined when calling createNodePool().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateNodePoolRequestToJSON(
+          requestParameters["dtoCreateNodePoolRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoNodePoolResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Creates a node pool. Optionally attach initial servers.
+   * Create node pool (org scoped)
+   */
+  async createNodePool(
+    requestParameters: CreateNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoNodePoolResponse> {
+    const response = await this.createNodePoolRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Permanently deletes the node pool.
+   * Delete node pool (org scoped)
+   */
+  async deleteNodePoolRaw(
+    requestParameters: DeleteNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteNodePool().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Permanently deletes the node pool.
+   * Delete node pool (org scoped)
+   */
+  async deleteNodePool(
+    requestParameters: DeleteNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteNodePoolRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Detach one annotation from a node pool (org scoped)
+   */
+  async detachNodePoolAnnotationRaw(
+    requestParameters: DetachNodePoolAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling detachNodePoolAnnotation().',
+      );
+    }
+
+    if (requestParameters["annotationId"] == null) {
+      throw new runtime.RequiredError(
+        "annotationId",
+        'Required parameter "annotationId" was null or undefined when calling detachNodePoolAnnotation().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/annotations/{annotationId}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+    urlPath = urlPath.replace(
+      `{${"annotationId"}}`,
+      encodeURIComponent(String(requestParameters["annotationId"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Detach one annotation from a node pool (org scoped)
+   */
+  async detachNodePoolAnnotation(
+    requestParameters: DetachNodePoolAnnotationRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.detachNodePoolAnnotationRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Detach one label from a node pool (org scoped)
+   */
+  async detachNodePoolLabelRaw(
+    requestParameters: DetachNodePoolLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling detachNodePoolLabel().',
+      );
+    }
+
+    if (requestParameters["labelId"] == null) {
+      throw new runtime.RequiredError(
+        "labelId",
+        'Required parameter "labelId" was null or undefined when calling detachNodePoolLabel().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/labels/{labelId}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+    urlPath = urlPath.replace(
+      `{${"labelId"}}`,
+      encodeURIComponent(String(requestParameters["labelId"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Detach one label from a node pool (org scoped)
+   */
+  async detachNodePoolLabel(
+    requestParameters: DetachNodePoolLabelRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.detachNodePoolLabelRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Detach one server from a node pool (org scoped)
+   */
+  async detachNodePoolServerRaw(
+    requestParameters: DetachNodePoolServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling detachNodePoolServer().',
+      );
+    }
+
+    if (requestParameters["serverId"] == null) {
+      throw new runtime.RequiredError(
+        "serverId",
+        'Required parameter "serverId" was null or undefined when calling detachNodePoolServer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/servers/{serverId}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+    urlPath = urlPath.replace(
+      `{${"serverId"}}`,
+      encodeURIComponent(String(requestParameters["serverId"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Detach one server from a node pool (org scoped)
+   */
+  async detachNodePoolServer(
+    requestParameters: DetachNodePoolServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.detachNodePoolServerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Detach one taint from a node pool (org scoped)
+   */
+  async detachNodePoolTaintRaw(
+    requestParameters: DetachNodePoolTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling detachNodePoolTaint().',
+      );
+    }
+
+    if (requestParameters["taintId"] == null) {
+      throw new runtime.RequiredError(
+        "taintId",
+        'Required parameter "taintId" was null or undefined when calling detachNodePoolTaint().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/taints/{taintId}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+    urlPath = urlPath.replace(
+      `{${"taintId"}}`,
+      encodeURIComponent(String(requestParameters["taintId"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Detach one taint from a node pool (org scoped)
+   */
+  async detachNodePoolTaint(
+    requestParameters: DetachNodePoolTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.detachNodePoolTaintRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Returns one node pool. Add `include=servers` to include servers.
+   * Get node pool by ID (org scoped)
+   */
+  async getNodePoolRaw(
+    requestParameters: GetNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoNodePoolResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getNodePool().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoNodePoolResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns one node pool. Add `include=servers` to include servers.
+   * Get node pool by ID (org scoped)
+   */
+  async getNodePool(
+    requestParameters: GetNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoNodePoolResponse> {
+    const response = await this.getNodePoolRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * List annotations attached to a node pool (org scoped)
+   */
+  async listNodePoolAnnotationsRaw(
+    requestParameters: ListNodePoolAnnotationsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoAnnotationResponse>>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling listNodePoolAnnotations().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/annotations`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoAnnotationResponseFromJSON),
+    );
+  }
+
+  /**
+   * List annotations attached to a node pool (org scoped)
+   */
+  async listNodePoolAnnotations(
+    requestParameters: ListNodePoolAnnotationsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoAnnotationResponse>> {
+    const response = await this.listNodePoolAnnotationsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * List labels attached to a node pool (org scoped)
+   */
+  async listNodePoolLabelsRaw(
+    requestParameters: ListNodePoolLabelsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoLabelResponse>>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling listNodePoolLabels().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/labels`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoLabelResponseFromJSON),
+    );
+  }
+
+  /**
+   * List labels attached to a node pool (org scoped)
+   */
+  async listNodePoolLabels(
+    requestParameters: ListNodePoolLabelsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoLabelResponse>> {
+    const response = await this.listNodePoolLabelsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * List servers attached to a node pool (org scoped)
+   */
+  async listNodePoolServersRaw(
+    requestParameters: ListNodePoolServersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoServerResponse>>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling listNodePoolServers().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/servers`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoServerResponseFromJSON),
+    );
+  }
+
+  /**
+   * List servers attached to a node pool (org scoped)
+   */
+  async listNodePoolServers(
+    requestParameters: ListNodePoolServersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoServerResponse>> {
+    const response = await this.listNodePoolServersRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * List taints attached to a node pool (org scoped)
+   */
+  async listNodePoolTaintsRaw(
+    requestParameters: ListNodePoolTaintsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoTaintResponse>>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling listNodePoolTaints().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}/taints`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoTaintResponseFromJSON),
+    );
+  }
+
+  /**
+   * List taints attached to a node pool (org scoped)
+   */
+  async listNodePoolTaints(
+    requestParameters: ListNodePoolTaintsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoTaintResponse>> {
+    const response = await this.listNodePoolTaintsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Returns node pools for the organization in X-Org-ID.
+   * List node pools (org scoped)
+   */
+  async listNodePoolsRaw(
+    requestParameters: ListNodePoolsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoNodePoolResponse>>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["q"] != null) {
+      queryParameters["q"] = requestParameters["q"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoNodePoolResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns node pools for the organization in X-Org-ID.
+   * List node pools (org scoped)
+   */
+  async listNodePools(
+    requestParameters: ListNodePoolsRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoNodePoolResponse>> {
+    const response = await this.listNodePoolsRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Partially update node pool fields.
+   * Update node pool (org scoped)
+   */
+  async updateNodePoolRaw(
+    requestParameters: UpdateNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoNodePoolResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateNodePool().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateNodePoolRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateNodePoolRequest",
+        'Required parameter "dtoUpdateNodePoolRequest" was null or undefined when calling updateNodePool().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/node-pools/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateNodePoolRequestToJSON(
+          requestParameters["dtoUpdateNodePoolRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoNodePoolResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Partially update node pool fields.
+   * Update node pool (org scoped)
+   */
+  async updateNodePool(
+    requestParameters: UpdateNodePoolRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoNodePoolResponse> {
+    const response = await this.updateNodePoolRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/OrgsApi.ts b/sdk/ts/src/apis/OrgsApi.ts
new file mode 100644
index 0000000..2bf4de1
--- /dev/null
+++ b/sdk/ts/src/apis/OrgsApi.ts
@@ -0,0 +1,739 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {
+    HandlersMemberOut,
+    HandlersMemberUpsertReq,
+    HandlersOrgCreateReq,
+    HandlersOrgKeyCreateReq,
+    HandlersOrgKeyCreateResp,
+    HandlersOrgUpdateReq,
+    ModelsAPIKey,
+    ModelsOrganization,
+} from "../models/index";
+import {
+    HandlersMemberOutFromJSON,
+    HandlersMemberUpsertReqToJSON,
+    HandlersOrgCreateReqToJSON,
+    HandlersOrgKeyCreateReqToJSON,
+    HandlersOrgKeyCreateRespFromJSON,
+    HandlersOrgUpdateReqToJSON,
+    ModelsAPIKeyFromJSON,
+    ModelsOrganizationFromJSON,
+} from "../models/index";
+
+export interface AddOrUpdateMemberRequest {
+  id: string;
+  handlersMemberUpsertReq: HandlersMemberUpsertReq;
+}
+
+export interface CreateOrgRequest {
+  handlersOrgCreateReq: HandlersOrgCreateReq;
+}
+
+export interface CreateOrgKeyRequest {
+  id: string;
+  handlersOrgKeyCreateReq: HandlersOrgKeyCreateReq;
+}
+
+export interface DeleteOrgRequest {
+  id: string;
+}
+
+export interface DeleteOrgKeyRequest {
+  id: string;
+  keyId: string;
+}
+
+export interface GetOrgRequest {
+  id: string;
+}
+
+export interface ListMembersRequest {
+  id: string;
+}
+
+export interface ListOrgKeysRequest {
+  id: string;
+}
+
+export interface RemoveMemberRequest {
+  id: string;
+  userId: string;
+}
+
+export interface UpdateOrgRequest {
+  id: string;
+  handlersOrgUpdateReq: HandlersOrgUpdateReq;
+}
+
+/**
+ *
+ */
+export class OrgsApi extends runtime.BaseAPI {
+  /**
+   * Add or update a member (owner/admin)
+   */
+  async addOrUpdateMemberRaw(
+    requestParameters: AddOrUpdateMemberRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<HandlersMemberOut>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling addOrUpdateMember().',
+      );
+    }
+
+    if (requestParameters["handlersMemberUpsertReq"] == null) {
+      throw new runtime.RequiredError(
+        "handlersMemberUpsertReq",
+        'Required parameter "handlersMemberUpsertReq" was null or undefined when calling addOrUpdateMember().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}/members`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: HandlersMemberUpsertReqToJSON(
+          requestParameters["handlersMemberUpsertReq"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      HandlersMemberOutFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Add or update a member (owner/admin)
+   */
+  async addOrUpdateMember(
+    requestParameters: AddOrUpdateMemberRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<HandlersMemberOut> {
+    const response = await this.addOrUpdateMemberRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Create organization
+   */
+  async createOrgRaw(
+    requestParameters: CreateOrgRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<ModelsOrganization>> {
+    if (requestParameters["handlersOrgCreateReq"] == null) {
+      throw new runtime.RequiredError(
+        "handlersOrgCreateReq",
+        'Required parameter "handlersOrgCreateReq" was null or undefined when calling createOrg().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: HandlersOrgCreateReqToJSON(
+          requestParameters["handlersOrgCreateReq"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      ModelsOrganizationFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Create organization
+   */
+  async createOrg(
+    requestParameters: CreateOrgRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<ModelsOrganization> {
+    const response = await this.createOrgRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Create org key/secret pair (owner/admin)
+   */
+  async createOrgKeyRaw(
+    requestParameters: CreateOrgKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<HandlersOrgKeyCreateResp>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling createOrgKey().',
+      );
+    }
+
+    if (requestParameters["handlersOrgKeyCreateReq"] == null) {
+      throw new runtime.RequiredError(
+        "handlersOrgKeyCreateReq",
+        'Required parameter "handlersOrgKeyCreateReq" was null or undefined when calling createOrgKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}/api-keys`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: HandlersOrgKeyCreateReqToJSON(
+          requestParameters["handlersOrgKeyCreateReq"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      HandlersOrgKeyCreateRespFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Create org key/secret pair (owner/admin)
+   */
+  async createOrgKey(
+    requestParameters: CreateOrgKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<HandlersOrgKeyCreateResp> {
+    const response = await this.createOrgKeyRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Delete organization (owner)
+   */
+  async deleteOrgRaw(
+    requestParameters: DeleteOrgRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteOrg().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Delete organization (owner)
+   */
+  async deleteOrg(
+    requestParameters: DeleteOrgRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteOrgRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Delete org key (owner/admin)
+   */
+  async deleteOrgKeyRaw(
+    requestParameters: DeleteOrgKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteOrgKey().',
+      );
+    }
+
+    if (requestParameters["keyId"] == null) {
+      throw new runtime.RequiredError(
+        "keyId",
+        'Required parameter "keyId" was null or undefined when calling deleteOrgKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}/api-keys/{key_id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+    urlPath = urlPath.replace(
+      `{${"key_id"}}`,
+      encodeURIComponent(String(requestParameters["keyId"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Delete org key (owner/admin)
+   */
+  async deleteOrgKey(
+    requestParameters: DeleteOrgKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteOrgKeyRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Get organization
+   */
+  async getOrgRaw(
+    requestParameters: GetOrgRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<ModelsOrganization>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getOrg().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      ModelsOrganizationFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Get organization
+   */
+  async getOrg(
+    requestParameters: GetOrgRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<ModelsOrganization> {
+    const response = await this.getOrgRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * List members in org
+   */
+  async listMembersRaw(
+    requestParameters: ListMembersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<HandlersMemberOut>>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling listMembers().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}/members`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(HandlersMemberOutFromJSON),
+    );
+  }
+
+  /**
+   * List members in org
+   */
+  async listMembers(
+    requestParameters: ListMembersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<HandlersMemberOut>> {
+    const response = await this.listMembersRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * List organizations I belong to
+   */
+  async listMyOrgsRaw(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<ModelsOrganization>>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(ModelsOrganizationFromJSON),
+    );
+  }
+
+  /**
+   * List organizations I belong to
+   */
+  async listMyOrgs(
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<ModelsOrganization>> {
+    const response = await this.listMyOrgsRaw(initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * List org-scoped API keys (no secrets)
+   */
+  async listOrgKeysRaw(
+    requestParameters: ListOrgKeysRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<ModelsAPIKey>>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling listOrgKeys().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}/api-keys`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(ModelsAPIKeyFromJSON),
+    );
+  }
+
+  /**
+   * List org-scoped API keys (no secrets)
+   */
+  async listOrgKeys(
+    requestParameters: ListOrgKeysRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<ModelsAPIKey>> {
+    const response = await this.listOrgKeysRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Remove a member (owner/admin)
+   */
+  async removeMemberRaw(
+    requestParameters: RemoveMemberRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling removeMember().',
+      );
+    }
+
+    if (requestParameters["userId"] == null) {
+      throw new runtime.RequiredError(
+        "userId",
+        'Required parameter "userId" was null or undefined when calling removeMember().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}/members/{user_id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+    urlPath = urlPath.replace(
+      `{${"user_id"}}`,
+      encodeURIComponent(String(requestParameters["userId"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Remove a member (owner/admin)
+   */
+  async removeMember(
+    requestParameters: RemoveMemberRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.removeMemberRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Update organization (owner/admin)
+   */
+  async updateOrgRaw(
+    requestParameters: UpdateOrgRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<ModelsOrganization>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateOrg().',
+      );
+    }
+
+    if (requestParameters["handlersOrgUpdateReq"] == null) {
+      throw new runtime.RequiredError(
+        "handlersOrgUpdateReq",
+        'Required parameter "handlersOrgUpdateReq" was null or undefined when calling updateOrg().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/orgs/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: HandlersOrgUpdateReqToJSON(
+          requestParameters["handlersOrgUpdateReq"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      ModelsOrganizationFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Update organization (owner/admin)
+   */
+  async updateOrg(
+    requestParameters: UpdateOrgRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<ModelsOrganization> {
+    const response = await this.updateOrgRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/ServersApi.ts b/sdk/ts/src/apis/ServersApi.ts
new file mode 100644
index 0000000..0bf7270
--- /dev/null
+++ b/sdk/ts/src/apis/ServersApi.ts
@@ -0,0 +1,503 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {DtoCreateServerRequest, DtoServerResponse, DtoUpdateServerRequest,} from "../models/index";
+import {DtoCreateServerRequestToJSON, DtoServerResponseFromJSON, DtoUpdateServerRequestToJSON,} from "../models/index";
+
+export interface CreateServerRequest {
+  dtoCreateServerRequest: DtoCreateServerRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteServerRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface GetServerRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListServersRequest {
+  xOrgID?: string;
+  status?: string;
+  role?: string;
+}
+
+export interface ResetServerHostKeyRequest {
+  id: string;
+  xOrgID?: string;
+  body?: object;
+}
+
+export interface UpdateServerRequest {
+  id: string;
+  dtoUpdateServerRequest: DtoUpdateServerRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class ServersApi extends runtime.BaseAPI {
+  /**
+   * Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.
+   * Create server (org scoped)
+   */
+  async createServerRaw(
+    requestParameters: CreateServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoServerResponse>> {
+    if (requestParameters["dtoCreateServerRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateServerRequest",
+        'Required parameter "dtoCreateServerRequest" was null or undefined when calling createServer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/servers`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateServerRequestToJSON(
+          requestParameters["dtoCreateServerRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoServerResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Creates a server bound to the org in X-Org-ID. Validates that ssh_key_id belongs to the org.
+   * Create server (org scoped)
+   */
+  async createServer(
+    requestParameters: CreateServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoServerResponse> {
+    const response = await this.createServerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Permanently deletes the server.
+   * Delete server (org scoped)
+   */
+  async deleteServerRaw(
+    requestParameters: DeleteServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteServer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/servers/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Permanently deletes the server.
+   * Delete server (org scoped)
+   */
+  async deleteServer(
+    requestParameters: DeleteServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteServerRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Returns one server in the given organization.
+   * Get server by ID (org scoped)
+   */
+  async getServerRaw(
+    requestParameters: GetServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoServerResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getServer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/servers/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoServerResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns one server in the given organization.
+   * Get server by ID (org scoped)
+   */
+  async getServer(
+    requestParameters: GetServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoServerResponse> {
+    const response = await this.getServerRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Returns servers for the organization in X-Org-ID. Optional filters: status, role.
+   * List servers (org scoped)
+   */
+  async listServersRaw(
+    requestParameters: ListServersRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoServerResponse>>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["status"] != null) {
+      queryParameters["status"] = requestParameters["status"];
+    }
+
+    if (requestParameters["role"] != null) {
+      queryParameters["role"] = requestParameters["role"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/servers`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoServerResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns servers for the organization in X-Org-ID. Optional filters: status, role.
+   * List servers (org scoped)
+   */
+  async listServers(
+    requestParameters: ListServersRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoServerResponse>> {
+    const response = await this.listServersRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).
+   * Reset SSH host key (org scoped)
+   */
+  async resetServerHostKeyRaw(
+    requestParameters: ResetServerHostKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoServerResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling resetServerHostKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/servers/{id}/reset-hostkey`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: requestParameters["body"] as any,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoServerResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Clears the stored SSH host key for this server. The next SSH connection will re-learn the host key (trust-on-first-use).
+   * Reset SSH host key (org scoped)
+   */
+  async resetServerHostKey(
+    requestParameters: ResetServerHostKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoServerResponse> {
+    const response = await this.resetServerHostKeyRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Partially update fields; changing ssh_key_id validates ownership.
+   * Update server (org scoped)
+   */
+  async updateServerRaw(
+    requestParameters: UpdateServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoServerResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateServer().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateServerRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateServerRequest",
+        'Required parameter "dtoUpdateServerRequest" was null or undefined when calling updateServer().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/servers/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateServerRequestToJSON(
+          requestParameters["dtoUpdateServerRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoServerResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Partially update fields; changing ssh_key_id validates ownership.
+   * Update server (org scoped)
+   */
+  async updateServer(
+    requestParameters: UpdateServerRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoServerResponse> {
+    const response = await this.updateServerRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/SshApi.ts b/sdk/ts/src/apis/SshApi.ts
new file mode 100644
index 0000000..c931e92
--- /dev/null
+++ b/sdk/ts/src/apis/SshApi.ts
@@ -0,0 +1,434 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {DtoCreateSSHRequest, DtoSshResponse, GetSSHKey200Response,} from "../models/index";
+import {DtoCreateSSHRequestToJSON, DtoSshResponseFromJSON, GetSSHKey200ResponseFromJSON,} from "../models/index";
+
+export interface CreateSSHKeyRequest {
+  dtoCreateSSHRequest: DtoCreateSSHRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteSSHKeyRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface DownloadSSHKeyRequest {
+  xOrgID: string;
+  id: string;
+  part: DownloadSSHKeyPartEnum;
+}
+
+export interface GetSSHKeyRequest {
+  id: string;
+  xOrgID?: string;
+  reveal?: boolean;
+}
+
+export interface ListPublicSshKeysRequest {
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class SshApi extends runtime.BaseAPI {
+  /**
+   * Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.
+   * Create ssh keypair (org scoped)
+   */
+  async createSSHKeyRaw(
+    requestParameters: CreateSSHKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoSshResponse>> {
+    if (requestParameters["dtoCreateSSHRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateSSHRequest",
+        'Required parameter "dtoCreateSSHRequest" was null or undefined when calling createSSHKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/ssh`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateSSHRequestToJSON(
+          requestParameters["dtoCreateSSHRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoSshResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Generates an RSA or ED25519 keypair, saves it, and returns metadata. For RSA you may set bits (2048/3072/4096). Default is 4096. ED25519 ignores bits.
+   * Create ssh keypair (org scoped)
+   */
+  async createSSHKey(
+    requestParameters: CreateSSHKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoSshResponse> {
+    const response = await this.createSSHKeyRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Permanently deletes a keypair.
+   * Delete ssh keypair (org scoped)
+   */
+  async deleteSSHKeyRaw(
+    requestParameters: DeleteSSHKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteSSHKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/ssh/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Permanently deletes a keypair.
+   * Delete ssh keypair (org scoped)
+   */
+  async deleteSSHKey(
+    requestParameters: DeleteSSHKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteSSHKeyRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Download `part=public|private|both` of the keypair. `both` returns a zip file.
+   * Download ssh key files by ID (org scoped)
+   */
+  async downloadSSHKeyRaw(
+    requestParameters: DownloadSSHKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<string>> {
+    if (requestParameters["xOrgID"] == null) {
+      throw new runtime.RequiredError(
+        "xOrgID",
+        'Required parameter "xOrgID" was null or undefined when calling downloadSSHKey().',
+      );
+    }
+
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling downloadSSHKey().',
+      );
+    }
+
+    if (requestParameters["part"] == null) {
+      throw new runtime.RequiredError(
+        "part",
+        'Required parameter "part" was null or undefined when calling downloadSSHKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    if (requestParameters["part"] != null) {
+      queryParameters["part"] = requestParameters["part"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/ssh/{id}/download`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    if (this.isJsonMime(response.headers.get("content-type"))) {
+      return new runtime.JSONApiResponse<string>(response);
+    } else {
+      return new runtime.TextApiResponse(response) as any;
+    }
+  }
+
+  /**
+   * Download `part=public|private|both` of the keypair. `both` returns a zip file.
+   * Download ssh key files by ID (org scoped)
+   */
+  async downloadSSHKey(
+    requestParameters: DownloadSSHKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<string> {
+    const response = await this.downloadSSHKeyRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Returns public key fields. Append `?reveal=true` to include the private key PEM.
+   * Get ssh key by ID (org scoped)
+   */
+  async getSSHKeyRaw(
+    requestParameters: GetSSHKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<GetSSHKey200Response>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getSSHKey().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    if (requestParameters["reveal"] != null) {
+      queryParameters["reveal"] = requestParameters["reveal"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/ssh/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      GetSSHKey200ResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Returns public key fields. Append `?reveal=true` to include the private key PEM.
+   * Get ssh key by ID (org scoped)
+   */
+  async getSSHKey(
+    requestParameters: GetSSHKeyRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<GetSSHKey200Response> {
+    const response = await this.getSSHKeyRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Returns ssh keys for the organization in X-Org-ID.
+   * List ssh keys (org scoped)
+   */
+  async listPublicSshKeysRaw(
+    requestParameters: ListPublicSshKeysRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoSshResponse>>> {
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/ssh`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoSshResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns ssh keys for the organization in X-Org-ID.
+   * List ssh keys (org scoped)
+   */
+  async listPublicSshKeys(
+    requestParameters: ListPublicSshKeysRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoSshResponse>> {
+    const response = await this.listPublicSshKeysRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
+
+/**
+ * @export
+ */
+export const DownloadSSHKeyPartEnum = {
+  public: "public",
+  private: "private",
+  both: "both",
+} as const;
+export type DownloadSSHKeyPartEnum =
+  (typeof DownloadSSHKeyPartEnum)[keyof typeof DownloadSSHKeyPartEnum];
diff --git a/sdk/ts/src/apis/TaintsApi.ts b/sdk/ts/src/apis/TaintsApi.ts
new file mode 100644
index 0000000..b325093
--- /dev/null
+++ b/sdk/ts/src/apis/TaintsApi.ts
@@ -0,0 +1,420 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import * as runtime from "../runtime";
+import type {DtoCreateTaintRequest, DtoTaintResponse, DtoUpdateTaintRequest,} from "../models/index";
+import {DtoCreateTaintRequestToJSON, DtoTaintResponseFromJSON, DtoUpdateTaintRequestToJSON,} from "../models/index";
+
+export interface CreateTaintRequest {
+  dtoCreateTaintRequest: DtoCreateTaintRequest;
+  xOrgID?: string;
+}
+
+export interface DeleteTaintRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface GetTaintRequest {
+  id: string;
+  xOrgID?: string;
+}
+
+export interface ListTaintsRequest {
+  xOrgID?: string;
+  key?: string;
+  value?: string;
+  q?: string;
+}
+
+export interface UpdateTaintRequest {
+  id: string;
+  dtoUpdateTaintRequest: DtoUpdateTaintRequest;
+  xOrgID?: string;
+}
+
+/**
+ *
+ */
+export class TaintsApi extends runtime.BaseAPI {
+  /**
+   * Creates a taint.
+   * Create node taint (org scoped)
+   */
+  async createTaintRaw(
+    requestParameters: CreateTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoTaintResponse>> {
+    if (requestParameters["dtoCreateTaintRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoCreateTaintRequest",
+        'Required parameter "dtoCreateTaintRequest" was null or undefined when calling createTaint().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/taints`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "POST",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoCreateTaintRequestToJSON(
+          requestParameters["dtoCreateTaintRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoTaintResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Creates a taint.
+   * Create node taint (org scoped)
+   */
+  async createTaint(
+    requestParameters: CreateTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoTaintResponse> {
+    const response = await this.createTaintRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+
+  /**
+   * Permanently deletes the taint.
+   * Delete taint (org scoped)
+   */
+  async deleteTaintRaw(
+    requestParameters: DeleteTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<void>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling deleteTaint().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/taints/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "DELETE",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.VoidApiResponse(response);
+  }
+
+  /**
+   * Permanently deletes the taint.
+   * Delete taint (org scoped)
+   */
+  async deleteTaint(
+    requestParameters: DeleteTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<void> {
+    await this.deleteTaintRaw(requestParameters, initOverrides);
+  }
+
+  /**
+   * Get node taint by ID (org scoped)
+   */
+  async getTaintRaw(
+    requestParameters: GetTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoTaintResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling getTaint().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/taints/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoTaintResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Get node taint by ID (org scoped)
+   */
+  async getTaint(
+    requestParameters: GetTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoTaintResponse> {
+    const response = await this.getTaintRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
+   * List node pool taints (org scoped)
+   */
+  async listTaintsRaw(
+    requestParameters: ListTaintsRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<Array<DtoTaintResponse>>> {
+    const queryParameters: any = {};
+
+    if (requestParameters["key"] != null) {
+      queryParameters["key"] = requestParameters["key"];
+    }
+
+    if (requestParameters["value"] != null) {
+      queryParameters["value"] = requestParameters["value"];
+    }
+
+    if (requestParameters["q"] != null) {
+      queryParameters["q"] = requestParameters["q"];
+    }
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/taints`;
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "GET",
+        headers: headerParameters,
+        query: queryParameters,
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      jsonValue.map(DtoTaintResponseFromJSON),
+    );
+  }
+
+  /**
+   * Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
+   * List node pool taints (org scoped)
+   */
+  async listTaints(
+    requestParameters: ListTaintsRequest = {},
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<Array<DtoTaintResponse>> {
+    const response = await this.listTaintsRaw(requestParameters, initOverrides);
+    return await response.value();
+  }
+
+  /**
+   * Partially update taint fields.
+   * Update node taint (org scoped)
+   */
+  async updateTaintRaw(
+    requestParameters: UpdateTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<runtime.ApiResponse<DtoTaintResponse>> {
+    if (requestParameters["id"] == null) {
+      throw new runtime.RequiredError(
+        "id",
+        'Required parameter "id" was null or undefined when calling updateTaint().',
+      );
+    }
+
+    if (requestParameters["dtoUpdateTaintRequest"] == null) {
+      throw new runtime.RequiredError(
+        "dtoUpdateTaintRequest",
+        'Required parameter "dtoUpdateTaintRequest" was null or undefined when calling updateTaint().',
+      );
+    }
+
+    const queryParameters: any = {};
+
+    const headerParameters: runtime.HTTPHeaders = {};
+
+    headerParameters["Content-Type"] = "application/json";
+
+    if (requestParameters["xOrgID"] != null) {
+      headerParameters["X-Org-ID"] = String(requestParameters["xOrgID"]);
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-KEY"] =
+        await this.configuration.apiKey("X-ORG-KEY"); // OrgKeyAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["X-ORG-SECRET"] =
+        await this.configuration.apiKey("X-ORG-SECRET"); // OrgSecretAuth authentication
+    }
+
+    if (this.configuration && this.configuration.apiKey) {
+      headerParameters["Authorization"] =
+        await this.configuration.apiKey("Authorization"); // BearerAuth authentication
+    }
+
+    let urlPath = `/taints/{id}`;
+    urlPath = urlPath.replace(
+      `{${"id"}}`,
+      encodeURIComponent(String(requestParameters["id"])),
+    );
+
+    const response = await this.request(
+      {
+        path: urlPath,
+        method: "PATCH",
+        headers: headerParameters,
+        query: queryParameters,
+        body: DtoUpdateTaintRequestToJSON(
+          requestParameters["dtoUpdateTaintRequest"],
+        ),
+      },
+      initOverrides,
+    );
+
+    return new runtime.JSONApiResponse(response, (jsonValue) =>
+      DtoTaintResponseFromJSON(jsonValue),
+    );
+  }
+
+  /**
+   * Partially update taint fields.
+   * Update node taint (org scoped)
+   */
+  async updateTaint(
+    requestParameters: UpdateTaintRequest,
+    initOverrides?: RequestInit | runtime.InitOverrideFunction,
+  ): Promise<DtoTaintResponse> {
+    const response = await this.updateTaintRaw(
+      requestParameters,
+      initOverrides,
+    );
+    return await response.value();
+  }
+}
diff --git a/sdk/ts/src/apis/index.ts b/sdk/ts/src/apis/index.ts
new file mode 100644
index 0000000..8c765a3
--- /dev/null
+++ b/sdk/ts/src/apis/index.ts
@@ -0,0 +1,19 @@
+/* tslint:disable */
+/* eslint-disable */
+export * from "./AnnotationsApi";
+export * from "./ArcherAdminApi";
+export * from "./AuthApi";
+export * from "./ClustersApi";
+export * from "./CredentialsApi";
+export * from "./DNSApi";
+export * from "./HealthApi";
+export * from "./LabelsApi";
+export * from "./LoadBalancersApi";
+export * from "./MeApi";
+export * from "./MeAPIKeysApi";
+export * from "./MetaApi";
+export * from "./NodePoolsApi";
+export * from "./OrgsApi";
+export * from "./ServersApi";
+export * from "./SshApi";
+export * from "./TaintsApi";
diff --git a/sdk/ts/src/index.ts b/sdk/ts/src/index.ts
new file mode 100644
index 0000000..ee26377
--- /dev/null
+++ b/sdk/ts/src/index.ts
@@ -0,0 +1,5 @@
+/* tslint:disable */
+/* eslint-disable */
+export * from "./runtime";
+export * from "./apis/index";
+export * from "./models/index";
diff --git a/sdk/ts/src/models/DtoAnnotationResponse.ts b/sdk/ts/src/models/DtoAnnotationResponse.ts
new file mode 100644
index 0000000..3d8691f
--- /dev/null
+++ b/sdk/ts/src/models/DtoAnnotationResponse.ts
@@ -0,0 +1,112 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAnnotationResponse
+ */
+export interface DtoAnnotationResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAnnotationResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAnnotationResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAnnotationResponse
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAnnotationResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAnnotationResponse
+   */
+  updated_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAnnotationResponse
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoAnnotationResponse interface.
+ */
+export function instanceOfDtoAnnotationResponse(
+  value: object,
+): value is DtoAnnotationResponse {
+  return true;
+}
+
+export function DtoAnnotationResponseFromJSON(
+  json: any,
+): DtoAnnotationResponse {
+  return DtoAnnotationResponseFromJSONTyped(json, false);
+}
+
+export function DtoAnnotationResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAnnotationResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    id: json["id"] == null ? undefined : json["id"],
+    key: json["key"] == null ? undefined : json["key"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoAnnotationResponseToJSON(json: any): DtoAnnotationResponse {
+  return DtoAnnotationResponseToJSONTyped(json, false);
+}
+
+export function DtoAnnotationResponseToJSONTyped(
+  value?: DtoAnnotationResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    id: value["id"],
+    key: value["key"],
+    organization_id: value["organization_id"],
+    updated_at: value["updated_at"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachAnnotationsRequest.ts b/sdk/ts/src/models/DtoAttachAnnotationsRequest.ts
new file mode 100644
index 0000000..1e88a44
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachAnnotationsRequest.ts
@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachAnnotationsRequest
+ */
+export interface DtoAttachAnnotationsRequest {
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof DtoAttachAnnotationsRequest
+   */
+  annotation_ids?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the DtoAttachAnnotationsRequest interface.
+ */
+export function instanceOfDtoAttachAnnotationsRequest(
+  value: object,
+): value is DtoAttachAnnotationsRequest {
+  return true;
+}
+
+export function DtoAttachAnnotationsRequestFromJSON(
+  json: any,
+): DtoAttachAnnotationsRequest {
+  return DtoAttachAnnotationsRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachAnnotationsRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachAnnotationsRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    annotation_ids:
+      json["annotation_ids"] == null ? undefined : json["annotation_ids"],
+  };
+}
+
+export function DtoAttachAnnotationsRequestToJSON(
+  json: any,
+): DtoAttachAnnotationsRequest {
+  return DtoAttachAnnotationsRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachAnnotationsRequestToJSONTyped(
+  value?: DtoAttachAnnotationsRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    annotation_ids: value["annotation_ids"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachBastionRequest.ts b/sdk/ts/src/models/DtoAttachBastionRequest.ts
new file mode 100644
index 0000000..2d6bebc
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachBastionRequest.ts
@@ -0,0 +1,73 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachBastionRequest
+ */
+export interface DtoAttachBastionRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAttachBastionRequest
+   */
+  server_id?: string;
+}
+
+/**
+ * Check if a given object implements the DtoAttachBastionRequest interface.
+ */
+export function instanceOfDtoAttachBastionRequest(
+  value: object,
+): value is DtoAttachBastionRequest {
+  return true;
+}
+
+export function DtoAttachBastionRequestFromJSON(
+  json: any,
+): DtoAttachBastionRequest {
+  return DtoAttachBastionRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachBastionRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachBastionRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    server_id: json["server_id"] == null ? undefined : json["server_id"],
+  };
+}
+
+export function DtoAttachBastionRequestToJSON(
+  json: any,
+): DtoAttachBastionRequest {
+  return DtoAttachBastionRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachBastionRequestToJSONTyped(
+  value?: DtoAttachBastionRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    server_id: value["server_id"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachCaptainDomainRequest.ts b/sdk/ts/src/models/DtoAttachCaptainDomainRequest.ts
new file mode 100644
index 0000000..5f73885
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachCaptainDomainRequest.ts
@@ -0,0 +1,73 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachCaptainDomainRequest
+ */
+export interface DtoAttachCaptainDomainRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAttachCaptainDomainRequest
+   */
+  domain_id?: string;
+}
+
+/**
+ * Check if a given object implements the DtoAttachCaptainDomainRequest interface.
+ */
+export function instanceOfDtoAttachCaptainDomainRequest(
+  value: object,
+): value is DtoAttachCaptainDomainRequest {
+  return true;
+}
+
+export function DtoAttachCaptainDomainRequestFromJSON(
+  json: any,
+): DtoAttachCaptainDomainRequest {
+  return DtoAttachCaptainDomainRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachCaptainDomainRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachCaptainDomainRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    domain_id: json["domain_id"] == null ? undefined : json["domain_id"],
+  };
+}
+
+export function DtoAttachCaptainDomainRequestToJSON(
+  json: any,
+): DtoAttachCaptainDomainRequest {
+  return DtoAttachCaptainDomainRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachCaptainDomainRequestToJSONTyped(
+  value?: DtoAttachCaptainDomainRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    domain_id: value["domain_id"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachLabelsRequest.ts b/sdk/ts/src/models/DtoAttachLabelsRequest.ts
new file mode 100644
index 0000000..c45258e
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachLabelsRequest.ts
@@ -0,0 +1,73 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachLabelsRequest
+ */
+export interface DtoAttachLabelsRequest {
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof DtoAttachLabelsRequest
+   */
+  label_ids?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the DtoAttachLabelsRequest interface.
+ */
+export function instanceOfDtoAttachLabelsRequest(
+  value: object,
+): value is DtoAttachLabelsRequest {
+  return true;
+}
+
+export function DtoAttachLabelsRequestFromJSON(
+  json: any,
+): DtoAttachLabelsRequest {
+  return DtoAttachLabelsRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachLabelsRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachLabelsRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    label_ids: json["label_ids"] == null ? undefined : json["label_ids"],
+  };
+}
+
+export function DtoAttachLabelsRequestToJSON(
+  json: any,
+): DtoAttachLabelsRequest {
+  return DtoAttachLabelsRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachLabelsRequestToJSONTyped(
+  value?: DtoAttachLabelsRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    label_ids: value["label_ids"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachLoadBalancerRequest.ts b/sdk/ts/src/models/DtoAttachLoadBalancerRequest.ts
new file mode 100644
index 0000000..420f74c
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachLoadBalancerRequest.ts
@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachLoadBalancerRequest
+ */
+export interface DtoAttachLoadBalancerRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAttachLoadBalancerRequest
+   */
+  load_balancer_id?: string;
+}
+
+/**
+ * Check if a given object implements the DtoAttachLoadBalancerRequest interface.
+ */
+export function instanceOfDtoAttachLoadBalancerRequest(
+  value: object,
+): value is DtoAttachLoadBalancerRequest {
+  return true;
+}
+
+export function DtoAttachLoadBalancerRequestFromJSON(
+  json: any,
+): DtoAttachLoadBalancerRequest {
+  return DtoAttachLoadBalancerRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachLoadBalancerRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachLoadBalancerRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    load_balancer_id:
+      json["load_balancer_id"] == null ? undefined : json["load_balancer_id"],
+  };
+}
+
+export function DtoAttachLoadBalancerRequestToJSON(
+  json: any,
+): DtoAttachLoadBalancerRequest {
+  return DtoAttachLoadBalancerRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachLoadBalancerRequestToJSONTyped(
+  value?: DtoAttachLoadBalancerRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    load_balancer_id: value["load_balancer_id"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachNodePoolRequest.ts b/sdk/ts/src/models/DtoAttachNodePoolRequest.ts
new file mode 100644
index 0000000..a00c6de
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachNodePoolRequest.ts
@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachNodePoolRequest
+ */
+export interface DtoAttachNodePoolRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAttachNodePoolRequest
+   */
+  node_pool_id?: string;
+}
+
+/**
+ * Check if a given object implements the DtoAttachNodePoolRequest interface.
+ */
+export function instanceOfDtoAttachNodePoolRequest(
+  value: object,
+): value is DtoAttachNodePoolRequest {
+  return true;
+}
+
+export function DtoAttachNodePoolRequestFromJSON(
+  json: any,
+): DtoAttachNodePoolRequest {
+  return DtoAttachNodePoolRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachNodePoolRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachNodePoolRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    node_pool_id:
+      json["node_pool_id"] == null ? undefined : json["node_pool_id"],
+  };
+}
+
+export function DtoAttachNodePoolRequestToJSON(
+  json: any,
+): DtoAttachNodePoolRequest {
+  return DtoAttachNodePoolRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachNodePoolRequestToJSONTyped(
+  value?: DtoAttachNodePoolRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    node_pool_id: value["node_pool_id"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachRecordSetRequest.ts b/sdk/ts/src/models/DtoAttachRecordSetRequest.ts
new file mode 100644
index 0000000..a92d4b5
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachRecordSetRequest.ts
@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachRecordSetRequest
+ */
+export interface DtoAttachRecordSetRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAttachRecordSetRequest
+   */
+  record_set_id?: string;
+}
+
+/**
+ * Check if a given object implements the DtoAttachRecordSetRequest interface.
+ */
+export function instanceOfDtoAttachRecordSetRequest(
+  value: object,
+): value is DtoAttachRecordSetRequest {
+  return true;
+}
+
+export function DtoAttachRecordSetRequestFromJSON(
+  json: any,
+): DtoAttachRecordSetRequest {
+  return DtoAttachRecordSetRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachRecordSetRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachRecordSetRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    record_set_id:
+      json["record_set_id"] == null ? undefined : json["record_set_id"],
+  };
+}
+
+export function DtoAttachRecordSetRequestToJSON(
+  json: any,
+): DtoAttachRecordSetRequest {
+  return DtoAttachRecordSetRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachRecordSetRequestToJSONTyped(
+  value?: DtoAttachRecordSetRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    record_set_id: value["record_set_id"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachServersRequest.ts b/sdk/ts/src/models/DtoAttachServersRequest.ts
new file mode 100644
index 0000000..7c79339
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachServersRequest.ts
@@ -0,0 +1,73 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachServersRequest
+ */
+export interface DtoAttachServersRequest {
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof DtoAttachServersRequest
+   */
+  server_ids?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the DtoAttachServersRequest interface.
+ */
+export function instanceOfDtoAttachServersRequest(
+  value: object,
+): value is DtoAttachServersRequest {
+  return true;
+}
+
+export function DtoAttachServersRequestFromJSON(
+  json: any,
+): DtoAttachServersRequest {
+  return DtoAttachServersRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachServersRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachServersRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    server_ids: json["server_ids"] == null ? undefined : json["server_ids"],
+  };
+}
+
+export function DtoAttachServersRequestToJSON(
+  json: any,
+): DtoAttachServersRequest {
+  return DtoAttachServersRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachServersRequestToJSONTyped(
+  value?: DtoAttachServersRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    server_ids: value["server_ids"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAttachTaintsRequest.ts b/sdk/ts/src/models/DtoAttachTaintsRequest.ts
new file mode 100644
index 0000000..165021f
--- /dev/null
+++ b/sdk/ts/src/models/DtoAttachTaintsRequest.ts
@@ -0,0 +1,73 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAttachTaintsRequest
+ */
+export interface DtoAttachTaintsRequest {
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof DtoAttachTaintsRequest
+   */
+  taint_ids?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the DtoAttachTaintsRequest interface.
+ */
+export function instanceOfDtoAttachTaintsRequest(
+  value: object,
+): value is DtoAttachTaintsRequest {
+  return true;
+}
+
+export function DtoAttachTaintsRequestFromJSON(
+  json: any,
+): DtoAttachTaintsRequest {
+  return DtoAttachTaintsRequestFromJSONTyped(json, false);
+}
+
+export function DtoAttachTaintsRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAttachTaintsRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    taint_ids: json["taint_ids"] == null ? undefined : json["taint_ids"],
+  };
+}
+
+export function DtoAttachTaintsRequestToJSON(
+  json: any,
+): DtoAttachTaintsRequest {
+  return DtoAttachTaintsRequestToJSONTyped(json, false);
+}
+
+export function DtoAttachTaintsRequestToJSONTyped(
+  value?: DtoAttachTaintsRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    taint_ids: value["taint_ids"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoAuthStartResponse.ts b/sdk/ts/src/models/DtoAuthStartResponse.ts
new file mode 100644
index 0000000..91de98a
--- /dev/null
+++ b/sdk/ts/src/models/DtoAuthStartResponse.ts
@@ -0,0 +1,69 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoAuthStartResponse
+ */
+export interface DtoAuthStartResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoAuthStartResponse
+   */
+  auth_url?: string;
+}
+
+/**
+ * Check if a given object implements the DtoAuthStartResponse interface.
+ */
+export function instanceOfDtoAuthStartResponse(
+  value: object,
+): value is DtoAuthStartResponse {
+  return true;
+}
+
+export function DtoAuthStartResponseFromJSON(json: any): DtoAuthStartResponse {
+  return DtoAuthStartResponseFromJSONTyped(json, false);
+}
+
+export function DtoAuthStartResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoAuthStartResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    auth_url: json["auth_url"] == null ? undefined : json["auth_url"],
+  };
+}
+
+export function DtoAuthStartResponseToJSON(json: any): DtoAuthStartResponse {
+  return DtoAuthStartResponseToJSONTyped(json, false);
+}
+
+export function DtoAuthStartResponseToJSONTyped(
+  value?: DtoAuthStartResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    auth_url: value["auth_url"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoClusterResponse.ts b/sdk/ts/src/models/DtoClusterResponse.ts
new file mode 100644
index 0000000..17fd4a9
--- /dev/null
+++ b/sdk/ts/src/models/DtoClusterResponse.ts
@@ -0,0 +1,241 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import type {DtoDomainResponse} from "./DtoDomainResponse";
+import {DtoDomainResponseFromJSON, DtoDomainResponseToJSON,} from "./DtoDomainResponse";
+import type {DtoLoadBalancerResponse} from "./DtoLoadBalancerResponse";
+import {DtoLoadBalancerResponseFromJSON, DtoLoadBalancerResponseToJSON,} from "./DtoLoadBalancerResponse";
+import type {DtoNodePoolResponse} from "./DtoNodePoolResponse";
+import {DtoNodePoolResponseFromJSON, DtoNodePoolResponseToJSON,} from "./DtoNodePoolResponse";
+import type {DtoServerResponse} from "./DtoServerResponse";
+import {DtoServerResponseFromJSON, DtoServerResponseToJSON,} from "./DtoServerResponse";
+import type {DtoRecordSetResponse} from "./DtoRecordSetResponse";
+import {DtoRecordSetResponseFromJSON, DtoRecordSetResponseToJSON,} from "./DtoRecordSetResponse";
+
+/**
+ *
+ * @export
+ * @interface DtoClusterResponse
+ */
+export interface DtoClusterResponse {
+  /**
+   *
+   * @type {DtoLoadBalancerResponse}
+   * @memberof DtoClusterResponse
+   */
+  apps_load_balancer?: DtoLoadBalancerResponse;
+  /**
+   *
+   * @type {DtoServerResponse}
+   * @memberof DtoClusterResponse
+   */
+  bastion_server?: DtoServerResponse;
+  /**
+   *
+   * @type {DtoDomainResponse}
+   * @memberof DtoClusterResponse
+   */
+  captain_domain?: DtoDomainResponse;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  certificate_key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  cluster_provider?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  control_plane_fqdn?: string;
+  /**
+   *
+   * @type {DtoRecordSetResponse}
+   * @memberof DtoClusterResponse
+   */
+  control_plane_record_set?: DtoRecordSetResponse;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {DtoLoadBalancerResponse}
+   * @memberof DtoClusterResponse
+   */
+  glueops_load_balancer?: DtoLoadBalancerResponse;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  last_error?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  name?: string;
+  /**
+   *
+   * @type {Array<DtoNodePoolResponse>}
+   * @memberof DtoClusterResponse
+   */
+  node_pools?: Array<DtoNodePoolResponse>;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  random_token?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  region?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  status?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoClusterResponse
+   */
+  updated_at?: string;
+}
+
+/**
+ * Check if a given object implements the DtoClusterResponse interface.
+ */
+export function instanceOfDtoClusterResponse(
+  value: object,
+): value is DtoClusterResponse {
+  return true;
+}
+
+export function DtoClusterResponseFromJSON(json: any): DtoClusterResponse {
+  return DtoClusterResponseFromJSONTyped(json, false);
+}
+
+export function DtoClusterResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoClusterResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    apps_load_balancer:
+      json["apps_load_balancer"] == null
+        ? undefined
+        : DtoLoadBalancerResponseFromJSON(json["apps_load_balancer"]),
+    bastion_server:
+      json["bastion_server"] == null
+        ? undefined
+        : DtoServerResponseFromJSON(json["bastion_server"]),
+    captain_domain:
+      json["captain_domain"] == null
+        ? undefined
+        : DtoDomainResponseFromJSON(json["captain_domain"]),
+    certificate_key:
+      json["certificate_key"] == null ? undefined : json["certificate_key"],
+    cluster_provider:
+      json["cluster_provider"] == null ? undefined : json["cluster_provider"],
+    control_plane_fqdn:
+      json["control_plane_fqdn"] == null
+        ? undefined
+        : json["control_plane_fqdn"],
+    control_plane_record_set:
+      json["control_plane_record_set"] == null
+        ? undefined
+        : DtoRecordSetResponseFromJSON(json["control_plane_record_set"]),
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    glueops_load_balancer:
+      json["glueops_load_balancer"] == null
+        ? undefined
+        : DtoLoadBalancerResponseFromJSON(json["glueops_load_balancer"]),
+    id: json["id"] == null ? undefined : json["id"],
+    last_error: json["last_error"] == null ? undefined : json["last_error"],
+    name: json["name"] == null ? undefined : json["name"],
+    node_pools:
+      json["node_pools"] == null
+        ? undefined
+        : (json["node_pools"] as Array<any>).map(DtoNodePoolResponseFromJSON),
+    random_token:
+      json["random_token"] == null ? undefined : json["random_token"],
+    region: json["region"] == null ? undefined : json["region"],
+    status: json["status"] == null ? undefined : json["status"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+  };
+}
+
+export function DtoClusterResponseToJSON(json: any): DtoClusterResponse {
+  return DtoClusterResponseToJSONTyped(json, false);
+}
+
+export function DtoClusterResponseToJSONTyped(
+  value?: DtoClusterResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    apps_load_balancer: DtoLoadBalancerResponseToJSON(
+      value["apps_load_balancer"],
+    ),
+    bastion_server: DtoServerResponseToJSON(value["bastion_server"]),
+    captain_domain: DtoDomainResponseToJSON(value["captain_domain"]),
+    certificate_key: value["certificate_key"],
+    cluster_provider: value["cluster_provider"],
+    control_plane_fqdn: value["control_plane_fqdn"],
+    control_plane_record_set: DtoRecordSetResponseToJSON(
+      value["control_plane_record_set"],
+    ),
+    created_at: value["created_at"],
+    glueops_load_balancer: DtoLoadBalancerResponseToJSON(
+      value["glueops_load_balancer"],
+    ),
+    id: value["id"],
+    last_error: value["last_error"],
+    name: value["name"],
+    node_pools:
+      value["node_pools"] == null
+        ? undefined
+        : (value["node_pools"] as Array<any>).map(DtoNodePoolResponseToJSON),
+    random_token: value["random_token"],
+    region: value["region"],
+    status: value["status"],
+    updated_at: value["updated_at"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateAnnotationRequest.ts b/sdk/ts/src/models/DtoCreateAnnotationRequest.ts
new file mode 100644
index 0000000..6113905
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateAnnotationRequest.ts
@@ -0,0 +1,81 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateAnnotationRequest
+ */
+export interface DtoCreateAnnotationRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateAnnotationRequest
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateAnnotationRequest
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoCreateAnnotationRequest interface.
+ */
+export function instanceOfDtoCreateAnnotationRequest(
+  value: object,
+): value is DtoCreateAnnotationRequest {
+  return true;
+}
+
+export function DtoCreateAnnotationRequestFromJSON(
+  json: any,
+): DtoCreateAnnotationRequest {
+  return DtoCreateAnnotationRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateAnnotationRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateAnnotationRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    key: json["key"] == null ? undefined : json["key"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoCreateAnnotationRequestToJSON(
+  json: any,
+): DtoCreateAnnotationRequest {
+  return DtoCreateAnnotationRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateAnnotationRequestToJSONTyped(
+  value?: DtoCreateAnnotationRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    key: value["key"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateClusterRequest.ts b/sdk/ts/src/models/DtoCreateClusterRequest.ts
new file mode 100644
index 0000000..c8f4aae
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateClusterRequest.ts
@@ -0,0 +1,90 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateClusterRequest
+ */
+export interface DtoCreateClusterRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateClusterRequest
+   */
+  cluster_provider?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateClusterRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateClusterRequest
+   */
+  region?: string;
+}
+
+/**
+ * Check if a given object implements the DtoCreateClusterRequest interface.
+ */
+export function instanceOfDtoCreateClusterRequest(
+  value: object,
+): value is DtoCreateClusterRequest {
+  return true;
+}
+
+export function DtoCreateClusterRequestFromJSON(
+  json: any,
+): DtoCreateClusterRequest {
+  return DtoCreateClusterRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateClusterRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateClusterRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    cluster_provider:
+      json["cluster_provider"] == null ? undefined : json["cluster_provider"],
+    name: json["name"] == null ? undefined : json["name"],
+    region: json["region"] == null ? undefined : json["region"],
+  };
+}
+
+export function DtoCreateClusterRequestToJSON(
+  json: any,
+): DtoCreateClusterRequest {
+  return DtoCreateClusterRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateClusterRequestToJSONTyped(
+  value?: DtoCreateClusterRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    cluster_provider: value["cluster_provider"],
+    name: value["name"],
+    region: value["region"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateCredentialRequest.ts b/sdk/ts/src/models/DtoCreateCredentialRequest.ts
new file mode 100644
index 0000000..338d697
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateCredentialRequest.ts
@@ -0,0 +1,183 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateCredentialRequest
+ */
+export interface DtoCreateCredentialRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateCredentialRequest
+   */
+  account_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateCredentialRequest
+   */
+  credential_provider: DtoCreateCredentialRequestCredentialProviderEnum;
+  /**
+   * aws_access_key, api_token, basic_auth, oauth2
+   * @type {string}
+   * @memberof DtoCreateCredentialRequest
+   */
+  kind: string;
+  /**
+   * human label
+   * @type {string}
+   * @memberof DtoCreateCredentialRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateCredentialRequest
+   */
+  region?: string;
+  /**
+   * secret schema version
+   * @type {number}
+   * @memberof DtoCreateCredentialRequest
+   */
+  schema_version: number;
+  /**
+   * {"service":"route53"} or {"arn":"..."}
+   * @type {object}
+   * @memberof DtoCreateCredentialRequest
+   */
+  scope: object;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateCredentialRequest
+   */
+  scope_kind: DtoCreateCredentialRequestScopeKindEnum;
+  /**
+   * scope schema version
+   * @type {number}
+   * @memberof DtoCreateCredentialRequest
+   */
+  scope_version: number;
+  /**
+   * encrypted later
+   * @type {object}
+   * @memberof DtoCreateCredentialRequest
+   */
+  secret: object;
+}
+
+/**
+ * @export
+ */
+export const DtoCreateCredentialRequestCredentialProviderEnum = {
+  aws: "aws",
+  cloudflare: "cloudflare",
+  hetzner: "hetzner",
+  digitalocean: "digitalocean",
+  generic: "generic",
+} as const;
+export type DtoCreateCredentialRequestCredentialProviderEnum =
+  (typeof DtoCreateCredentialRequestCredentialProviderEnum)[keyof typeof DtoCreateCredentialRequestCredentialProviderEnum];
+
+/**
+ * @export
+ */
+export const DtoCreateCredentialRequestScopeKindEnum = {
+  credential_provider: "credential_provider",
+  service: "service",
+  resource: "resource",
+} as const;
+export type DtoCreateCredentialRequestScopeKindEnum =
+  (typeof DtoCreateCredentialRequestScopeKindEnum)[keyof typeof DtoCreateCredentialRequestScopeKindEnum];
+
+/**
+ * Check if a given object implements the DtoCreateCredentialRequest interface.
+ */
+export function instanceOfDtoCreateCredentialRequest(
+  value: object,
+): value is DtoCreateCredentialRequest {
+  if (
+    !("credential_provider" in value) ||
+    value["credential_provider"] === undefined
+  )
+    return false;
+  if (!("kind" in value) || value["kind"] === undefined) return false;
+  if (!("schema_version" in value) || value["schema_version"] === undefined)
+    return false;
+  if (!("scope" in value) || value["scope"] === undefined) return false;
+  if (!("scope_kind" in value) || value["scope_kind"] === undefined)
+    return false;
+  if (!("scope_version" in value) || value["scope_version"] === undefined)
+    return false;
+  if (!("secret" in value) || value["secret"] === undefined) return false;
+  return true;
+}
+
+export function DtoCreateCredentialRequestFromJSON(
+  json: any,
+): DtoCreateCredentialRequest {
+  return DtoCreateCredentialRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateCredentialRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateCredentialRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    account_id: json["account_id"] == null ? undefined : json["account_id"],
+    credential_provider: json["credential_provider"],
+    kind: json["kind"],
+    name: json["name"] == null ? undefined : json["name"],
+    region: json["region"] == null ? undefined : json["region"],
+    schema_version: json["schema_version"],
+    scope: json["scope"],
+    scope_kind: json["scope_kind"],
+    scope_version: json["scope_version"],
+    secret: json["secret"],
+  };
+}
+
+export function DtoCreateCredentialRequestToJSON(
+  json: any,
+): DtoCreateCredentialRequest {
+  return DtoCreateCredentialRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateCredentialRequestToJSONTyped(
+  value?: DtoCreateCredentialRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    account_id: value["account_id"],
+    credential_provider: value["credential_provider"],
+    kind: value["kind"],
+    name: value["name"],
+    region: value["region"],
+    schema_version: value["schema_version"],
+    scope: value["scope"],
+    scope_kind: value["scope_kind"],
+    scope_version: value["scope_version"],
+    secret: value["secret"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateDomainRequest.ts b/sdk/ts/src/models/DtoCreateDomainRequest.ts
new file mode 100644
index 0000000..2bfa394
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateDomainRequest.ts
@@ -0,0 +1,93 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateDomainRequest
+ */
+export interface DtoCreateDomainRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateDomainRequest
+   */
+  credential_id: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateDomainRequest
+   */
+  domain_name: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateDomainRequest
+   */
+  zone_id?: string;
+}
+
+/**
+ * Check if a given object implements the DtoCreateDomainRequest interface.
+ */
+export function instanceOfDtoCreateDomainRequest(
+  value: object,
+): value is DtoCreateDomainRequest {
+  if (!("credential_id" in value) || value["credential_id"] === undefined)
+    return false;
+  if (!("domain_name" in value) || value["domain_name"] === undefined)
+    return false;
+  return true;
+}
+
+export function DtoCreateDomainRequestFromJSON(
+  json: any,
+): DtoCreateDomainRequest {
+  return DtoCreateDomainRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateDomainRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateDomainRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    credential_id: json["credential_id"],
+    domain_name: json["domain_name"],
+    zone_id: json["zone_id"] == null ? undefined : json["zone_id"],
+  };
+}
+
+export function DtoCreateDomainRequestToJSON(
+  json: any,
+): DtoCreateDomainRequest {
+  return DtoCreateDomainRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateDomainRequestToJSONTyped(
+  value?: DtoCreateDomainRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    credential_id: value["credential_id"],
+    domain_name: value["domain_name"],
+    zone_id: value["zone_id"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateLabelRequest.ts b/sdk/ts/src/models/DtoCreateLabelRequest.ts
new file mode 100644
index 0000000..3146c75
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateLabelRequest.ts
@@ -0,0 +1,79 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateLabelRequest
+ */
+export interface DtoCreateLabelRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateLabelRequest
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateLabelRequest
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoCreateLabelRequest interface.
+ */
+export function instanceOfDtoCreateLabelRequest(
+  value: object,
+): value is DtoCreateLabelRequest {
+  return true;
+}
+
+export function DtoCreateLabelRequestFromJSON(
+  json: any,
+): DtoCreateLabelRequest {
+  return DtoCreateLabelRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateLabelRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateLabelRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    key: json["key"] == null ? undefined : json["key"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoCreateLabelRequestToJSON(json: any): DtoCreateLabelRequest {
+  return DtoCreateLabelRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateLabelRequestToJSONTyped(
+  value?: DtoCreateLabelRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    key: value["key"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateLoadBalancerRequest.ts b/sdk/ts/src/models/DtoCreateLoadBalancerRequest.ts
new file mode 100644
index 0000000..d50765a
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateLoadBalancerRequest.ts
@@ -0,0 +1,111 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateLoadBalancerRequest
+ */
+export interface DtoCreateLoadBalancerRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateLoadBalancerRequest
+   */
+  kind?: DtoCreateLoadBalancerRequestKindEnum;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateLoadBalancerRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateLoadBalancerRequest
+   */
+  private_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateLoadBalancerRequest
+   */
+  public_ip_address?: string;
+}
+
+/**
+ * @export
+ */
+export const DtoCreateLoadBalancerRequestKindEnum = {
+  glueops: "glueops",
+  public: "public",
+} as const;
+export type DtoCreateLoadBalancerRequestKindEnum =
+  (typeof DtoCreateLoadBalancerRequestKindEnum)[keyof typeof DtoCreateLoadBalancerRequestKindEnum];
+
+/**
+ * Check if a given object implements the DtoCreateLoadBalancerRequest interface.
+ */
+export function instanceOfDtoCreateLoadBalancerRequest(
+  value: object,
+): value is DtoCreateLoadBalancerRequest {
+  return true;
+}
+
+export function DtoCreateLoadBalancerRequestFromJSON(
+  json: any,
+): DtoCreateLoadBalancerRequest {
+  return DtoCreateLoadBalancerRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateLoadBalancerRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateLoadBalancerRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    kind: json["kind"] == null ? undefined : json["kind"],
+    name: json["name"] == null ? undefined : json["name"],
+    private_ip_address:
+      json["private_ip_address"] == null
+        ? undefined
+        : json["private_ip_address"],
+    public_ip_address:
+      json["public_ip_address"] == null ? undefined : json["public_ip_address"],
+  };
+}
+
+export function DtoCreateLoadBalancerRequestToJSON(
+  json: any,
+): DtoCreateLoadBalancerRequest {
+  return DtoCreateLoadBalancerRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateLoadBalancerRequestToJSONTyped(
+  value?: DtoCreateLoadBalancerRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    kind: value["kind"],
+    name: value["name"],
+    private_ip_address: value["private_ip_address"],
+    public_ip_address: value["public_ip_address"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateNodePoolRequest.ts b/sdk/ts/src/models/DtoCreateNodePoolRequest.ts
new file mode 100644
index 0000000..c5254d7
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateNodePoolRequest.ts
@@ -0,0 +1,91 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateNodePoolRequest
+ */
+export interface DtoCreateNodePoolRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateNodePoolRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateNodePoolRequest
+   */
+  role?: DtoCreateNodePoolRequestRoleEnum;
+}
+
+/**
+ * @export
+ */
+export const DtoCreateNodePoolRequestRoleEnum = {
+  master: "master",
+  worker: "worker",
+} as const;
+export type DtoCreateNodePoolRequestRoleEnum =
+  (typeof DtoCreateNodePoolRequestRoleEnum)[keyof typeof DtoCreateNodePoolRequestRoleEnum];
+
+/**
+ * Check if a given object implements the DtoCreateNodePoolRequest interface.
+ */
+export function instanceOfDtoCreateNodePoolRequest(
+  value: object,
+): value is DtoCreateNodePoolRequest {
+  return true;
+}
+
+export function DtoCreateNodePoolRequestFromJSON(
+  json: any,
+): DtoCreateNodePoolRequest {
+  return DtoCreateNodePoolRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateNodePoolRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateNodePoolRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    name: json["name"] == null ? undefined : json["name"],
+    role: json["role"] == null ? undefined : json["role"],
+  };
+}
+
+export function DtoCreateNodePoolRequestToJSON(
+  json: any,
+): DtoCreateNodePoolRequest {
+  return DtoCreateNodePoolRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateNodePoolRequestToJSONTyped(
+  value?: DtoCreateNodePoolRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    name: value["name"],
+    role: value["role"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateRecordSetRequest.ts b/sdk/ts/src/models/DtoCreateRecordSetRequest.ts
new file mode 100644
index 0000000..6128982
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateRecordSetRequest.ts
@@ -0,0 +1,100 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateRecordSetRequest
+ */
+export interface DtoCreateRecordSetRequest {
+  /**
+   * Name relative to domain ("endpoint") OR FQDN ("endpoint.example.com").
+   * Server normalizes to relative.
+   * @type {string}
+   * @memberof DtoCreateRecordSetRequest
+   */
+  name: string;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoCreateRecordSetRequest
+   */
+  ttl?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateRecordSetRequest
+   */
+  type: string;
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof DtoCreateRecordSetRequest
+   */
+  values?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the DtoCreateRecordSetRequest interface.
+ */
+export function instanceOfDtoCreateRecordSetRequest(
+  value: object,
+): value is DtoCreateRecordSetRequest {
+  if (!("name" in value) || value["name"] === undefined) return false;
+  if (!("type" in value) || value["type"] === undefined) return false;
+  return true;
+}
+
+export function DtoCreateRecordSetRequestFromJSON(
+  json: any,
+): DtoCreateRecordSetRequest {
+  return DtoCreateRecordSetRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateRecordSetRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateRecordSetRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    name: json["name"],
+    ttl: json["ttl"] == null ? undefined : json["ttl"],
+    type: json["type"],
+    values: json["values"] == null ? undefined : json["values"],
+  };
+}
+
+export function DtoCreateRecordSetRequestToJSON(
+  json: any,
+): DtoCreateRecordSetRequest {
+  return DtoCreateRecordSetRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateRecordSetRequestToJSONTyped(
+  value?: DtoCreateRecordSetRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    name: value["name"],
+    ttl: value["ttl"],
+    type: value["type"],
+    values: value["values"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateSSHRequest.ts b/sdk/ts/src/models/DtoCreateSSHRequest.ts
new file mode 100644
index 0000000..0ce9bb5
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateSSHRequest.ts
@@ -0,0 +1,93 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateSSHRequest
+ */
+export interface DtoCreateSSHRequest {
+  /**
+   * Only for RSA
+   * @type {number}
+   * @memberof DtoCreateSSHRequest
+   */
+  bits?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateSSHRequest
+   */
+  comment?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateSSHRequest
+   */
+  name?: string;
+  /**
+   * "rsa" (default) or "ed25519"
+   * @type {string}
+   * @memberof DtoCreateSSHRequest
+   */
+  type?: string;
+}
+
+/**
+ * Check if a given object implements the DtoCreateSSHRequest interface.
+ */
+export function instanceOfDtoCreateSSHRequest(
+  value: object,
+): value is DtoCreateSSHRequest {
+  return true;
+}
+
+export function DtoCreateSSHRequestFromJSON(json: any): DtoCreateSSHRequest {
+  return DtoCreateSSHRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateSSHRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateSSHRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    bits: json["bits"] == null ? undefined : json["bits"],
+    comment: json["comment"] == null ? undefined : json["comment"],
+    name: json["name"] == null ? undefined : json["name"],
+    type: json["type"] == null ? undefined : json["type"],
+  };
+}
+
+export function DtoCreateSSHRequestToJSON(json: any): DtoCreateSSHRequest {
+  return DtoCreateSSHRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateSSHRequestToJSONTyped(
+  value?: DtoCreateSSHRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    bits: value["bits"],
+    comment: value["comment"],
+    name: value["name"],
+    type: value["type"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateServerRequest.ts b/sdk/ts/src/models/DtoCreateServerRequest.ts
new file mode 100644
index 0000000..a3e1b4c
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateServerRequest.ts
@@ -0,0 +1,148 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateServerRequest
+ */
+export interface DtoCreateServerRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateServerRequest
+   */
+  hostname?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateServerRequest
+   */
+  private_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateServerRequest
+   */
+  public_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateServerRequest
+   */
+  role?: DtoCreateServerRequestRoleEnum;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateServerRequest
+   */
+  ssh_key_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateServerRequest
+   */
+  ssh_user?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateServerRequest
+   */
+  status?: DtoCreateServerRequestStatusEnum;
+}
+
+/**
+ * @export
+ */
+export const DtoCreateServerRequestRoleEnum = {
+  master: "master",
+  worker: "worker",
+  bastion: "bastion",
+} as const;
+export type DtoCreateServerRequestRoleEnum =
+  (typeof DtoCreateServerRequestRoleEnum)[keyof typeof DtoCreateServerRequestRoleEnum];
+
+/**
+ * @export
+ */
+export const DtoCreateServerRequestStatusEnum = {
+  pending: "pending",
+  provisioning: "provisioning",
+  ready: "ready",
+  failed: "failed",
+} as const;
+export type DtoCreateServerRequestStatusEnum =
+  (typeof DtoCreateServerRequestStatusEnum)[keyof typeof DtoCreateServerRequestStatusEnum];
+
+/**
+ * Check if a given object implements the DtoCreateServerRequest interface.
+ */
+export function instanceOfDtoCreateServerRequest(
+  value: object,
+): value is DtoCreateServerRequest {
+  return true;
+}
+
+export function DtoCreateServerRequestFromJSON(
+  json: any,
+): DtoCreateServerRequest {
+  return DtoCreateServerRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateServerRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateServerRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    hostname: json["hostname"] == null ? undefined : json["hostname"],
+    private_ip_address:
+      json["private_ip_address"] == null
+        ? undefined
+        : json["private_ip_address"],
+    public_ip_address:
+      json["public_ip_address"] == null ? undefined : json["public_ip_address"],
+    role: json["role"] == null ? undefined : json["role"],
+    ssh_key_id: json["ssh_key_id"] == null ? undefined : json["ssh_key_id"],
+    ssh_user: json["ssh_user"] == null ? undefined : json["ssh_user"],
+    status: json["status"] == null ? undefined : json["status"],
+  };
+}
+
+export function DtoCreateServerRequestToJSON(
+  json: any,
+): DtoCreateServerRequest {
+  return DtoCreateServerRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateServerRequestToJSONTyped(
+  value?: DtoCreateServerRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    hostname: value["hostname"],
+    private_ip_address: value["private_ip_address"],
+    public_ip_address: value["public_ip_address"],
+    role: value["role"],
+    ssh_key_id: value["ssh_key_id"],
+    ssh_user: value["ssh_user"],
+    status: value["status"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCreateTaintRequest.ts b/sdk/ts/src/models/DtoCreateTaintRequest.ts
new file mode 100644
index 0000000..881e84b
--- /dev/null
+++ b/sdk/ts/src/models/DtoCreateTaintRequest.ts
@@ -0,0 +1,87 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCreateTaintRequest
+ */
+export interface DtoCreateTaintRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateTaintRequest
+   */
+  effect?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateTaintRequest
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCreateTaintRequest
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoCreateTaintRequest interface.
+ */
+export function instanceOfDtoCreateTaintRequest(
+  value: object,
+): value is DtoCreateTaintRequest {
+  return true;
+}
+
+export function DtoCreateTaintRequestFromJSON(
+  json: any,
+): DtoCreateTaintRequest {
+  return DtoCreateTaintRequestFromJSONTyped(json, false);
+}
+
+export function DtoCreateTaintRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCreateTaintRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    effect: json["effect"] == null ? undefined : json["effect"],
+    key: json["key"] == null ? undefined : json["key"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoCreateTaintRequestToJSON(json: any): DtoCreateTaintRequest {
+  return DtoCreateTaintRequestToJSONTyped(json, false);
+}
+
+export function DtoCreateTaintRequestToJSONTyped(
+  value?: DtoCreateTaintRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    effect: value["effect"],
+    key: value["key"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoCredentialOut.ts b/sdk/ts/src/models/DtoCredentialOut.ts
new file mode 100644
index 0000000..7059688
--- /dev/null
+++ b/sdk/ts/src/models/DtoCredentialOut.ts
@@ -0,0 +1,162 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoCredentialOut
+ */
+export interface DtoCredentialOut {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  account_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  credential_provider?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  kind?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  region?: string;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoCredentialOut
+   */
+  schema_version?: number;
+  /**
+   *
+   * @type {object}
+   * @memberof DtoCredentialOut
+   */
+  scope?: object;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  scope_kind?: string;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoCredentialOut
+   */
+  scope_version?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoCredentialOut
+   */
+  updated_at?: string;
+}
+
+/**
+ * Check if a given object implements the DtoCredentialOut interface.
+ */
+export function instanceOfDtoCredentialOut(
+  value: object,
+): value is DtoCredentialOut {
+  return true;
+}
+
+export function DtoCredentialOutFromJSON(json: any): DtoCredentialOut {
+  return DtoCredentialOutFromJSONTyped(json, false);
+}
+
+export function DtoCredentialOutFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoCredentialOut {
+  if (json == null) {
+    return json;
+  }
+  return {
+    account_id: json["account_id"] == null ? undefined : json["account_id"],
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    credential_provider:
+      json["credential_provider"] == null
+        ? undefined
+        : json["credential_provider"],
+    id: json["id"] == null ? undefined : json["id"],
+    kind: json["kind"] == null ? undefined : json["kind"],
+    name: json["name"] == null ? undefined : json["name"],
+    region: json["region"] == null ? undefined : json["region"],
+    schema_version:
+      json["schema_version"] == null ? undefined : json["schema_version"],
+    scope: json["scope"] == null ? undefined : json["scope"],
+    scope_kind: json["scope_kind"] == null ? undefined : json["scope_kind"],
+    scope_version:
+      json["scope_version"] == null ? undefined : json["scope_version"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+  };
+}
+
+export function DtoCredentialOutToJSON(json: any): DtoCredentialOut {
+  return DtoCredentialOutToJSONTyped(json, false);
+}
+
+export function DtoCredentialOutToJSONTyped(
+  value?: DtoCredentialOut | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    account_id: value["account_id"],
+    created_at: value["created_at"],
+    credential_provider: value["credential_provider"],
+    id: value["id"],
+    kind: value["kind"],
+    name: value["name"],
+    region: value["region"],
+    schema_version: value["schema_version"],
+    scope: value["scope"],
+    scope_kind: value["scope_kind"],
+    scope_version: value["scope_version"],
+    updated_at: value["updated_at"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoDomainResponse.ts b/sdk/ts/src/models/DtoDomainResponse.ts
new file mode 100644
index 0000000..d178990
--- /dev/null
+++ b/sdk/ts/src/models/DtoDomainResponse.ts
@@ -0,0 +1,135 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoDomainResponse
+ */
+export interface DtoDomainResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  credential_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  domain_name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  last_error?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  status?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  updated_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoDomainResponse
+   */
+  zone_id?: string;
+}
+
+/**
+ * Check if a given object implements the DtoDomainResponse interface.
+ */
+export function instanceOfDtoDomainResponse(
+  value: object,
+): value is DtoDomainResponse {
+  return true;
+}
+
+export function DtoDomainResponseFromJSON(json: any): DtoDomainResponse {
+  return DtoDomainResponseFromJSONTyped(json, false);
+}
+
+export function DtoDomainResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoDomainResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    credential_id:
+      json["credential_id"] == null ? undefined : json["credential_id"],
+    domain_name: json["domain_name"] == null ? undefined : json["domain_name"],
+    id: json["id"] == null ? undefined : json["id"],
+    last_error: json["last_error"] == null ? undefined : json["last_error"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    status: json["status"] == null ? undefined : json["status"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+    zone_id: json["zone_id"] == null ? undefined : json["zone_id"],
+  };
+}
+
+export function DtoDomainResponseToJSON(json: any): DtoDomainResponse {
+  return DtoDomainResponseToJSONTyped(json, false);
+}
+
+export function DtoDomainResponseToJSONTyped(
+  value?: DtoDomainResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    credential_id: value["credential_id"],
+    domain_name: value["domain_name"],
+    id: value["id"],
+    last_error: value["last_error"],
+    organization_id: value["organization_id"],
+    status: value["status"],
+    updated_at: value["updated_at"],
+    zone_id: value["zone_id"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoEnqueueRequest.ts b/sdk/ts/src/models/DtoEnqueueRequest.ts
new file mode 100644
index 0000000..fa905b7
--- /dev/null
+++ b/sdk/ts/src/models/DtoEnqueueRequest.ts
@@ -0,0 +1,93 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoEnqueueRequest
+ */
+export interface DtoEnqueueRequest {
+  /**
+   *
+   * @type {object}
+   * @memberof DtoEnqueueRequest
+   */
+  payload?: object;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoEnqueueRequest
+   */
+  queue?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoEnqueueRequest
+   */
+  run_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoEnqueueRequest
+   */
+  type?: string;
+}
+
+/**
+ * Check if a given object implements the DtoEnqueueRequest interface.
+ */
+export function instanceOfDtoEnqueueRequest(
+  value: object,
+): value is DtoEnqueueRequest {
+  return true;
+}
+
+export function DtoEnqueueRequestFromJSON(json: any): DtoEnqueueRequest {
+  return DtoEnqueueRequestFromJSONTyped(json, false);
+}
+
+export function DtoEnqueueRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoEnqueueRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    payload: json["payload"] == null ? undefined : json["payload"],
+    queue: json["queue"] == null ? undefined : json["queue"],
+    run_at: json["run_at"] == null ? undefined : json["run_at"],
+    type: json["type"] == null ? undefined : json["type"],
+  };
+}
+
+export function DtoEnqueueRequestToJSON(json: any): DtoEnqueueRequest {
+  return DtoEnqueueRequestToJSONTyped(json, false);
+}
+
+export function DtoEnqueueRequestToJSONTyped(
+  value?: DtoEnqueueRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    payload: value["payload"],
+    queue: value["queue"],
+    run_at: value["run_at"],
+    type: value["type"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoJWK.ts b/sdk/ts/src/models/DtoJWK.ts
new file mode 100644
index 0000000..e5dc534
--- /dev/null
+++ b/sdk/ts/src/models/DtoJWK.ts
@@ -0,0 +1,115 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoJWK
+ */
+export interface DtoJWK {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJWK
+   */
+  alg?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJWK
+   */
+  e?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJWK
+   */
+  kid?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJWK
+   */
+  kty?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJWK
+   */
+  n?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJWK
+   */
+  use?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJWK
+   */
+  x?: string;
+}
+
+/**
+ * Check if a given object implements the DtoJWK interface.
+ */
+export function instanceOfDtoJWK(value: object): value is DtoJWK {
+  return true;
+}
+
+export function DtoJWKFromJSON(json: any): DtoJWK {
+  return DtoJWKFromJSONTyped(json, false);
+}
+
+export function DtoJWKFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoJWK {
+  if (json == null) {
+    return json;
+  }
+  return {
+    alg: json["alg"] == null ? undefined : json["alg"],
+    e: json["e"] == null ? undefined : json["e"],
+    kid: json["kid"] == null ? undefined : json["kid"],
+    kty: json["kty"] == null ? undefined : json["kty"],
+    n: json["n"] == null ? undefined : json["n"],
+    use: json["use"] == null ? undefined : json["use"],
+    x: json["x"] == null ? undefined : json["x"],
+  };
+}
+
+export function DtoJWKToJSON(json: any): DtoJWK {
+  return DtoJWKToJSONTyped(json, false);
+}
+
+export function DtoJWKToJSONTyped(
+  value?: DtoJWK | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    alg: value["alg"],
+    e: value["e"],
+    kid: value["kid"],
+    kty: value["kty"],
+    n: value["n"],
+    use: value["use"],
+    x: value["x"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoJWKS.ts b/sdk/ts/src/models/DtoJWKS.ts
new file mode 100644
index 0000000..d35a763
--- /dev/null
+++ b/sdk/ts/src/models/DtoJWKS.ts
@@ -0,0 +1,76 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import type {DtoJWK} from "./DtoJWK";
+import {DtoJWKFromJSON, DtoJWKToJSON,} from "./DtoJWK";
+
+/**
+ *
+ * @export
+ * @interface DtoJWKS
+ */
+export interface DtoJWKS {
+  /**
+   *
+   * @type {Array<DtoJWK>}
+   * @memberof DtoJWKS
+   */
+  keys?: Array<DtoJWK>;
+}
+
+/**
+ * Check if a given object implements the DtoJWKS interface.
+ */
+export function instanceOfDtoJWKS(value: object): value is DtoJWKS {
+  return true;
+}
+
+export function DtoJWKSFromJSON(json: any): DtoJWKS {
+  return DtoJWKSFromJSONTyped(json, false);
+}
+
+export function DtoJWKSFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoJWKS {
+  if (json == null) {
+    return json;
+  }
+  return {
+    keys:
+      json["keys"] == null
+        ? undefined
+        : (json["keys"] as Array<any>).map(DtoJWKFromJSON),
+  };
+}
+
+export function DtoJWKSToJSON(json: any): DtoJWKS {
+  return DtoJWKSToJSONTyped(json, false);
+}
+
+export function DtoJWKSToJSONTyped(
+  value?: DtoJWKS | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    keys:
+      value["keys"] == null
+        ? undefined
+        : (value["keys"] as Array<any>).map(DtoJWKToJSON),
+  };
+}
diff --git a/sdk/ts/src/models/DtoJob.ts b/sdk/ts/src/models/DtoJob.ts
new file mode 100644
index 0000000..a54bfda
--- /dev/null
+++ b/sdk/ts/src/models/DtoJob.ts
@@ -0,0 +1,152 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import type {DtoJobStatus} from "./DtoJobStatus";
+import {DtoJobStatusFromJSON, DtoJobStatusToJSON,} from "./DtoJobStatus";
+
+/**
+ *
+ * @export
+ * @interface DtoJob
+ */
+export interface DtoJob {
+  /**
+   *
+   * @type {number}
+   * @memberof DtoJob
+   */
+  attempts?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJob
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJob
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJob
+   */
+  last_error?: string;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoJob
+   */
+  max_attempts?: number;
+  /**
+   *
+   * @type {any}
+   * @memberof DtoJob
+   */
+  payload?: any | null;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJob
+   */
+  queue?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJob
+   */
+  run_at?: string;
+  /**
+   *
+   * @type {DtoJobStatus}
+   * @memberof DtoJob
+   */
+  status?: DtoJobStatus;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJob
+   */
+  type?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoJob
+   */
+  updated_at?: string;
+}
+
+/**
+ * Check if a given object implements the DtoJob interface.
+ */
+export function instanceOfDtoJob(value: object): value is DtoJob {
+  return true;
+}
+
+export function DtoJobFromJSON(json: any): DtoJob {
+  return DtoJobFromJSONTyped(json, false);
+}
+
+export function DtoJobFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoJob {
+  if (json == null) {
+    return json;
+  }
+  return {
+    attempts: json["attempts"] == null ? undefined : json["attempts"],
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    id: json["id"] == null ? undefined : json["id"],
+    last_error: json["last_error"] == null ? undefined : json["last_error"],
+    max_attempts:
+      json["max_attempts"] == null ? undefined : json["max_attempts"],
+    payload: json["payload"] == null ? undefined : json["payload"],
+    queue: json["queue"] == null ? undefined : json["queue"],
+    run_at: json["run_at"] == null ? undefined : json["run_at"],
+    status:
+      json["status"] == null ? undefined : DtoJobStatusFromJSON(json["status"]),
+    type: json["type"] == null ? undefined : json["type"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+  };
+}
+
+export function DtoJobToJSON(json: any): DtoJob {
+  return DtoJobToJSONTyped(json, false);
+}
+
+export function DtoJobToJSONTyped(
+  value?: DtoJob | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    attempts: value["attempts"],
+    created_at: value["created_at"],
+    id: value["id"],
+    last_error: value["last_error"],
+    max_attempts: value["max_attempts"],
+    payload: value["payload"],
+    queue: value["queue"],
+    run_at: value["run_at"],
+    status: DtoJobStatusToJSON(value["status"]),
+    type: value["type"],
+    updated_at: value["updated_at"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoJobStatus.ts b/sdk/ts/src/models/DtoJobStatus.ts
new file mode 100644
index 0000000..42d8d9b
--- /dev/null
+++ b/sdk/ts/src/models/DtoJobStatus.ts
@@ -0,0 +1,55 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ */
+export const DtoJobStatus = {
+  StatusQueued: "queued|running|succeeded|failed|canceled|retrying|scheduled",
+} as const;
+export type DtoJobStatus = (typeof DtoJobStatus)[keyof typeof DtoJobStatus];
+
+export function instanceOfDtoJobStatus(value: any): boolean {
+  for (const key in DtoJobStatus) {
+    if (Object.prototype.hasOwnProperty.call(DtoJobStatus, key)) {
+      if (DtoJobStatus[key as keyof typeof DtoJobStatus] === value) {
+        return true;
+      }
+    }
+  }
+  return false;
+}
+
+export function DtoJobStatusFromJSON(json: any): DtoJobStatus {
+  return DtoJobStatusFromJSONTyped(json, false);
+}
+
+export function DtoJobStatusFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoJobStatus {
+  return json as DtoJobStatus;
+}
+
+export function DtoJobStatusToJSON(value?: DtoJobStatus | null): any {
+  return value as any;
+}
+
+export function DtoJobStatusToJSONTyped(
+  value: any,
+  ignoreDiscriminator: boolean,
+): DtoJobStatus {
+  return value as DtoJobStatus;
+}
diff --git a/sdk/ts/src/models/DtoLabelResponse.ts b/sdk/ts/src/models/DtoLabelResponse.ts
new file mode 100644
index 0000000..356f9a5
--- /dev/null
+++ b/sdk/ts/src/models/DtoLabelResponse.ts
@@ -0,0 +1,110 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoLabelResponse
+ */
+export interface DtoLabelResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLabelResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLabelResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLabelResponse
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLabelResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLabelResponse
+   */
+  updated_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLabelResponse
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoLabelResponse interface.
+ */
+export function instanceOfDtoLabelResponse(
+  value: object,
+): value is DtoLabelResponse {
+  return true;
+}
+
+export function DtoLabelResponseFromJSON(json: any): DtoLabelResponse {
+  return DtoLabelResponseFromJSONTyped(json, false);
+}
+
+export function DtoLabelResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoLabelResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    id: json["id"] == null ? undefined : json["id"],
+    key: json["key"] == null ? undefined : json["key"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoLabelResponseToJSON(json: any): DtoLabelResponse {
+  return DtoLabelResponseToJSONTyped(json, false);
+}
+
+export function DtoLabelResponseToJSONTyped(
+  value?: DtoLabelResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    id: value["id"],
+    key: value["key"],
+    organization_id: value["organization_id"],
+    updated_at: value["updated_at"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoLoadBalancerResponse.ts b/sdk/ts/src/models/DtoLoadBalancerResponse.ts
new file mode 100644
index 0000000..39d57f0
--- /dev/null
+++ b/sdk/ts/src/models/DtoLoadBalancerResponse.ts
@@ -0,0 +1,134 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoLoadBalancerResponse
+ */
+export interface DtoLoadBalancerResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLoadBalancerResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLoadBalancerResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLoadBalancerResponse
+   */
+  kind?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLoadBalancerResponse
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLoadBalancerResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLoadBalancerResponse
+   */
+  private_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLoadBalancerResponse
+   */
+  public_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLoadBalancerResponse
+   */
+  updated_at?: string;
+}
+
+/**
+ * Check if a given object implements the DtoLoadBalancerResponse interface.
+ */
+export function instanceOfDtoLoadBalancerResponse(
+  value: object,
+): value is DtoLoadBalancerResponse {
+  return true;
+}
+
+export function DtoLoadBalancerResponseFromJSON(
+  json: any,
+): DtoLoadBalancerResponse {
+  return DtoLoadBalancerResponseFromJSONTyped(json, false);
+}
+
+export function DtoLoadBalancerResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoLoadBalancerResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    id: json["id"] == null ? undefined : json["id"],
+    kind: json["kind"] == null ? undefined : json["kind"],
+    name: json["name"] == null ? undefined : json["name"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    private_ip_address:
+      json["private_ip_address"] == null
+        ? undefined
+        : json["private_ip_address"],
+    public_ip_address:
+      json["public_ip_address"] == null ? undefined : json["public_ip_address"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+  };
+}
+
+export function DtoLoadBalancerResponseToJSON(
+  json: any,
+): DtoLoadBalancerResponse {
+  return DtoLoadBalancerResponseToJSONTyped(json, false);
+}
+
+export function DtoLoadBalancerResponseToJSONTyped(
+  value?: DtoLoadBalancerResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    id: value["id"],
+    kind: value["kind"],
+    name: value["name"],
+    organization_id: value["organization_id"],
+    private_ip_address: value["private_ip_address"],
+    public_ip_address: value["public_ip_address"],
+    updated_at: value["updated_at"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoLogoutRequest.ts b/sdk/ts/src/models/DtoLogoutRequest.ts
new file mode 100644
index 0000000..c766a67
--- /dev/null
+++ b/sdk/ts/src/models/DtoLogoutRequest.ts
@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoLogoutRequest
+ */
+export interface DtoLogoutRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoLogoutRequest
+   */
+  refresh_token?: string;
+}
+
+/**
+ * Check if a given object implements the DtoLogoutRequest interface.
+ */
+export function instanceOfDtoLogoutRequest(
+  value: object,
+): value is DtoLogoutRequest {
+  return true;
+}
+
+export function DtoLogoutRequestFromJSON(json: any): DtoLogoutRequest {
+  return DtoLogoutRequestFromJSONTyped(json, false);
+}
+
+export function DtoLogoutRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoLogoutRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    refresh_token:
+      json["refresh_token"] == null ? undefined : json["refresh_token"],
+  };
+}
+
+export function DtoLogoutRequestToJSON(json: any): DtoLogoutRequest {
+  return DtoLogoutRequestToJSONTyped(json, false);
+}
+
+export function DtoLogoutRequestToJSONTyped(
+  value?: DtoLogoutRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    refresh_token: value["refresh_token"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoNodePoolResponse.ts b/sdk/ts/src/models/DtoNodePoolResponse.ts
new file mode 100644
index 0000000..4a0f34f
--- /dev/null
+++ b/sdk/ts/src/models/DtoNodePoolResponse.ts
@@ -0,0 +1,187 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import type {DtoTaintResponse} from "./DtoTaintResponse";
+import {DtoTaintResponseFromJSON, DtoTaintResponseToJSON,} from "./DtoTaintResponse";
+import type {DtoLabelResponse} from "./DtoLabelResponse";
+import {DtoLabelResponseFromJSON, DtoLabelResponseToJSON,} from "./DtoLabelResponse";
+import type {DtoServerResponse} from "./DtoServerResponse";
+import {DtoServerResponseFromJSON, DtoServerResponseToJSON,} from "./DtoServerResponse";
+import type {DtoAnnotationResponse} from "./DtoAnnotationResponse";
+import {DtoAnnotationResponseFromJSON, DtoAnnotationResponseToJSON,} from "./DtoAnnotationResponse";
+
+/**
+ *
+ * @export
+ * @interface DtoNodePoolResponse
+ */
+export interface DtoNodePoolResponse {
+  /**
+   *
+   * @type {Array<DtoAnnotationResponse>}
+   * @memberof DtoNodePoolResponse
+   */
+  annotations?: Array<DtoAnnotationResponse>;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoNodePoolResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoNodePoolResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {Array<DtoLabelResponse>}
+   * @memberof DtoNodePoolResponse
+   */
+  labels?: Array<DtoLabelResponse>;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoNodePoolResponse
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoNodePoolResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoNodePoolResponse
+   */
+  role?: DtoNodePoolResponseRoleEnum;
+  /**
+   *
+   * @type {Array<DtoServerResponse>}
+   * @memberof DtoNodePoolResponse
+   */
+  servers?: Array<DtoServerResponse>;
+  /**
+   *
+   * @type {Array<DtoTaintResponse>}
+   * @memberof DtoNodePoolResponse
+   */
+  taints?: Array<DtoTaintResponse>;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoNodePoolResponse
+   */
+  updated_at?: string;
+}
+
+/**
+ * @export
+ */
+export const DtoNodePoolResponseRoleEnum = {
+  master: "master",
+  worker: "worker",
+} as const;
+export type DtoNodePoolResponseRoleEnum =
+  (typeof DtoNodePoolResponseRoleEnum)[keyof typeof DtoNodePoolResponseRoleEnum];
+
+/**
+ * Check if a given object implements the DtoNodePoolResponse interface.
+ */
+export function instanceOfDtoNodePoolResponse(
+  value: object,
+): value is DtoNodePoolResponse {
+  return true;
+}
+
+export function DtoNodePoolResponseFromJSON(json: any): DtoNodePoolResponse {
+  return DtoNodePoolResponseFromJSONTyped(json, false);
+}
+
+export function DtoNodePoolResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoNodePoolResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    annotations:
+      json["annotations"] == null
+        ? undefined
+        : (json["annotations"] as Array<any>).map(
+            DtoAnnotationResponseFromJSON,
+          ),
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    id: json["id"] == null ? undefined : json["id"],
+    labels:
+      json["labels"] == null
+        ? undefined
+        : (json["labels"] as Array<any>).map(DtoLabelResponseFromJSON),
+    name: json["name"] == null ? undefined : json["name"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    role: json["role"] == null ? undefined : json["role"],
+    servers:
+      json["servers"] == null
+        ? undefined
+        : (json["servers"] as Array<any>).map(DtoServerResponseFromJSON),
+    taints:
+      json["taints"] == null
+        ? undefined
+        : (json["taints"] as Array<any>).map(DtoTaintResponseFromJSON),
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+  };
+}
+
+export function DtoNodePoolResponseToJSON(json: any): DtoNodePoolResponse {
+  return DtoNodePoolResponseToJSONTyped(json, false);
+}
+
+export function DtoNodePoolResponseToJSONTyped(
+  value?: DtoNodePoolResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    annotations:
+      value["annotations"] == null
+        ? undefined
+        : (value["annotations"] as Array<any>).map(DtoAnnotationResponseToJSON),
+    created_at: value["created_at"],
+    id: value["id"],
+    labels:
+      value["labels"] == null
+        ? undefined
+        : (value["labels"] as Array<any>).map(DtoLabelResponseToJSON),
+    name: value["name"],
+    organization_id: value["organization_id"],
+    role: value["role"],
+    servers:
+      value["servers"] == null
+        ? undefined
+        : (value["servers"] as Array<any>).map(DtoServerResponseToJSON),
+    taints:
+      value["taints"] == null
+        ? undefined
+        : (value["taints"] as Array<any>).map(DtoTaintResponseToJSON),
+    updated_at: value["updated_at"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoPageJob.ts b/sdk/ts/src/models/DtoPageJob.ts
new file mode 100644
index 0000000..b2cf2c3
--- /dev/null
+++ b/sdk/ts/src/models/DtoPageJob.ts
@@ -0,0 +1,100 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import type {DtoJob} from "./DtoJob";
+import {DtoJobFromJSON, DtoJobToJSON,} from "./DtoJob";
+
+/**
+ *
+ * @export
+ * @interface DtoPageJob
+ */
+export interface DtoPageJob {
+  /**
+   *
+   * @type {Array<DtoJob>}
+   * @memberof DtoPageJob
+   */
+  items?: Array<DtoJob>;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoPageJob
+   */
+  page?: number;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoPageJob
+   */
+  page_size?: number;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoPageJob
+   */
+  total?: number;
+}
+
+/**
+ * Check if a given object implements the DtoPageJob interface.
+ */
+export function instanceOfDtoPageJob(value: object): value is DtoPageJob {
+  return true;
+}
+
+export function DtoPageJobFromJSON(json: any): DtoPageJob {
+  return DtoPageJobFromJSONTyped(json, false);
+}
+
+export function DtoPageJobFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoPageJob {
+  if (json == null) {
+    return json;
+  }
+  return {
+    items:
+      json["items"] == null
+        ? undefined
+        : (json["items"] as Array<any>).map(DtoJobFromJSON),
+    page: json["page"] == null ? undefined : json["page"],
+    page_size: json["page_size"] == null ? undefined : json["page_size"],
+    total: json["total"] == null ? undefined : json["total"],
+  };
+}
+
+export function DtoPageJobToJSON(json: any): DtoPageJob {
+  return DtoPageJobToJSONTyped(json, false);
+}
+
+export function DtoPageJobToJSONTyped(
+  value?: DtoPageJob | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    items:
+      value["items"] == null
+        ? undefined
+        : (value["items"] as Array<any>).map(DtoJobToJSON),
+    page: value["page"],
+    page_size: value["page_size"],
+    total: value["total"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoQueueInfo.ts b/sdk/ts/src/models/DtoQueueInfo.ts
new file mode 100644
index 0000000..efe55a3
--- /dev/null
+++ b/sdk/ts/src/models/DtoQueueInfo.ts
@@ -0,0 +1,99 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoQueueInfo
+ */
+export interface DtoQueueInfo {
+  /**
+   *
+   * @type {number}
+   * @memberof DtoQueueInfo
+   */
+  failed?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoQueueInfo
+   */
+  name?: string;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoQueueInfo
+   */
+  pending?: number;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoQueueInfo
+   */
+  running?: number;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoQueueInfo
+   */
+  scheduled?: number;
+}
+
+/**
+ * Check if a given object implements the DtoQueueInfo interface.
+ */
+export function instanceOfDtoQueueInfo(value: object): value is DtoQueueInfo {
+  return true;
+}
+
+export function DtoQueueInfoFromJSON(json: any): DtoQueueInfo {
+  return DtoQueueInfoFromJSONTyped(json, false);
+}
+
+export function DtoQueueInfoFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoQueueInfo {
+  if (json == null) {
+    return json;
+  }
+  return {
+    failed: json["failed"] == null ? undefined : json["failed"],
+    name: json["name"] == null ? undefined : json["name"],
+    pending: json["pending"] == null ? undefined : json["pending"],
+    running: json["running"] == null ? undefined : json["running"],
+    scheduled: json["scheduled"] == null ? undefined : json["scheduled"],
+  };
+}
+
+export function DtoQueueInfoToJSON(json: any): DtoQueueInfo {
+  return DtoQueueInfoToJSONTyped(json, false);
+}
+
+export function DtoQueueInfoToJSONTyped(
+  value?: DtoQueueInfo | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    failed: value["failed"],
+    name: value["name"],
+    pending: value["pending"],
+    running: value["running"],
+    scheduled: value["scheduled"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoRecordSetResponse.ts b/sdk/ts/src/models/DtoRecordSetResponse.ts
new file mode 100644
index 0000000..9d7479d
--- /dev/null
+++ b/sdk/ts/src/models/DtoRecordSetResponse.ts
@@ -0,0 +1,157 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoRecordSetResponse
+ */
+export interface DtoRecordSetResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  domain_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  fingerprint?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  last_error?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  owner?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  status?: string;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoRecordSetResponse
+   */
+  ttl?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  type?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRecordSetResponse
+   */
+  updated_at?: string;
+  /**
+   * []string JSON
+   * @type {object}
+   * @memberof DtoRecordSetResponse
+   */
+  values?: object;
+}
+
+/**
+ * Check if a given object implements the DtoRecordSetResponse interface.
+ */
+export function instanceOfDtoRecordSetResponse(
+  value: object,
+): value is DtoRecordSetResponse {
+  return true;
+}
+
+export function DtoRecordSetResponseFromJSON(json: any): DtoRecordSetResponse {
+  return DtoRecordSetResponseFromJSONTyped(json, false);
+}
+
+export function DtoRecordSetResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoRecordSetResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    domain_id: json["domain_id"] == null ? undefined : json["domain_id"],
+    fingerprint: json["fingerprint"] == null ? undefined : json["fingerprint"],
+    id: json["id"] == null ? undefined : json["id"],
+    last_error: json["last_error"] == null ? undefined : json["last_error"],
+    name: json["name"] == null ? undefined : json["name"],
+    owner: json["owner"] == null ? undefined : json["owner"],
+    status: json["status"] == null ? undefined : json["status"],
+    ttl: json["ttl"] == null ? undefined : json["ttl"],
+    type: json["type"] == null ? undefined : json["type"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+    values: json["values"] == null ? undefined : json["values"],
+  };
+}
+
+export function DtoRecordSetResponseToJSON(json: any): DtoRecordSetResponse {
+  return DtoRecordSetResponseToJSONTyped(json, false);
+}
+
+export function DtoRecordSetResponseToJSONTyped(
+  value?: DtoRecordSetResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    domain_id: value["domain_id"],
+    fingerprint: value["fingerprint"],
+    id: value["id"],
+    last_error: value["last_error"],
+    name: value["name"],
+    owner: value["owner"],
+    status: value["status"],
+    ttl: value["ttl"],
+    type: value["type"],
+    updated_at: value["updated_at"],
+    values: value["values"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoRefreshRequest.ts b/sdk/ts/src/models/DtoRefreshRequest.ts
new file mode 100644
index 0000000..d3a7a0c
--- /dev/null
+++ b/sdk/ts/src/models/DtoRefreshRequest.ts
@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoRefreshRequest
+ */
+export interface DtoRefreshRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoRefreshRequest
+   */
+  refresh_token?: string;
+}
+
+/**
+ * Check if a given object implements the DtoRefreshRequest interface.
+ */
+export function instanceOfDtoRefreshRequest(
+  value: object,
+): value is DtoRefreshRequest {
+  return true;
+}
+
+export function DtoRefreshRequestFromJSON(json: any): DtoRefreshRequest {
+  return DtoRefreshRequestFromJSONTyped(json, false);
+}
+
+export function DtoRefreshRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoRefreshRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    refresh_token:
+      json["refresh_token"] == null ? undefined : json["refresh_token"],
+  };
+}
+
+export function DtoRefreshRequestToJSON(json: any): DtoRefreshRequest {
+  return DtoRefreshRequestToJSONTyped(json, false);
+}
+
+export function DtoRefreshRequestToJSONTyped(
+  value?: DtoRefreshRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    refresh_token: value["refresh_token"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoServerResponse.ts b/sdk/ts/src/models/DtoServerResponse.ts
new file mode 100644
index 0000000..1f5d22d
--- /dev/null
+++ b/sdk/ts/src/models/DtoServerResponse.ts
@@ -0,0 +1,177 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoServerResponse
+ */
+export interface DtoServerResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  hostname?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  private_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  public_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  role?: DtoServerResponseRoleEnum;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  ssh_key_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  ssh_user?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  status?: DtoServerResponseStatusEnum;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoServerResponse
+   */
+  updated_at?: string;
+}
+
+/**
+ * @export
+ */
+export const DtoServerResponseRoleEnum = {
+  master: "master",
+  worker: "worker",
+  bastion: "bastion",
+} as const;
+export type DtoServerResponseRoleEnum =
+  (typeof DtoServerResponseRoleEnum)[keyof typeof DtoServerResponseRoleEnum];
+
+/**
+ * @export
+ */
+export const DtoServerResponseStatusEnum = {
+  pending: "pending",
+  provisioning: "provisioning",
+  ready: "ready",
+  failed: "failed",
+} as const;
+export type DtoServerResponseStatusEnum =
+  (typeof DtoServerResponseStatusEnum)[keyof typeof DtoServerResponseStatusEnum];
+
+/**
+ * Check if a given object implements the DtoServerResponse interface.
+ */
+export function instanceOfDtoServerResponse(
+  value: object,
+): value is DtoServerResponse {
+  return true;
+}
+
+export function DtoServerResponseFromJSON(json: any): DtoServerResponse {
+  return DtoServerResponseFromJSONTyped(json, false);
+}
+
+export function DtoServerResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoServerResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    hostname: json["hostname"] == null ? undefined : json["hostname"],
+    id: json["id"] == null ? undefined : json["id"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    private_ip_address:
+      json["private_ip_address"] == null
+        ? undefined
+        : json["private_ip_address"],
+    public_ip_address:
+      json["public_ip_address"] == null ? undefined : json["public_ip_address"],
+    role: json["role"] == null ? undefined : json["role"],
+    ssh_key_id: json["ssh_key_id"] == null ? undefined : json["ssh_key_id"],
+    ssh_user: json["ssh_user"] == null ? undefined : json["ssh_user"],
+    status: json["status"] == null ? undefined : json["status"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+  };
+}
+
+export function DtoServerResponseToJSON(json: any): DtoServerResponse {
+  return DtoServerResponseToJSONTyped(json, false);
+}
+
+export function DtoServerResponseToJSONTyped(
+  value?: DtoServerResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    hostname: value["hostname"],
+    id: value["id"],
+    organization_id: value["organization_id"],
+    private_ip_address: value["private_ip_address"],
+    public_ip_address: value["public_ip_address"],
+    role: value["role"],
+    ssh_key_id: value["ssh_key_id"],
+    ssh_user: value["ssh_user"],
+    status: value["status"],
+    updated_at: value["updated_at"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoSetKubeconfigRequest.ts b/sdk/ts/src/models/DtoSetKubeconfigRequest.ts
new file mode 100644
index 0000000..cb125bd
--- /dev/null
+++ b/sdk/ts/src/models/DtoSetKubeconfigRequest.ts
@@ -0,0 +1,73 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoSetKubeconfigRequest
+ */
+export interface DtoSetKubeconfigRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSetKubeconfigRequest
+   */
+  kubeconfig?: string;
+}
+
+/**
+ * Check if a given object implements the DtoSetKubeconfigRequest interface.
+ */
+export function instanceOfDtoSetKubeconfigRequest(
+  value: object,
+): value is DtoSetKubeconfigRequest {
+  return true;
+}
+
+export function DtoSetKubeconfigRequestFromJSON(
+  json: any,
+): DtoSetKubeconfigRequest {
+  return DtoSetKubeconfigRequestFromJSONTyped(json, false);
+}
+
+export function DtoSetKubeconfigRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoSetKubeconfigRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    kubeconfig: json["kubeconfig"] == null ? undefined : json["kubeconfig"],
+  };
+}
+
+export function DtoSetKubeconfigRequestToJSON(
+  json: any,
+): DtoSetKubeconfigRequest {
+  return DtoSetKubeconfigRequestToJSONTyped(json, false);
+}
+
+export function DtoSetKubeconfigRequestToJSONTyped(
+  value?: DtoSetKubeconfigRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    kubeconfig: value["kubeconfig"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoSshResponse.ts b/sdk/ts/src/models/DtoSshResponse.ts
new file mode 100644
index 0000000..3abf4e2
--- /dev/null
+++ b/sdk/ts/src/models/DtoSshResponse.ts
@@ -0,0 +1,118 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoSshResponse
+ */
+export interface DtoSshResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshResponse
+   */
+  fingerprint?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshResponse
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshResponse
+   */
+  public_key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshResponse
+   */
+  updated_at?: string;
+}
+
+/**
+ * Check if a given object implements the DtoSshResponse interface.
+ */
+export function instanceOfDtoSshResponse(
+  value: object,
+): value is DtoSshResponse {
+  return true;
+}
+
+export function DtoSshResponseFromJSON(json: any): DtoSshResponse {
+  return DtoSshResponseFromJSONTyped(json, false);
+}
+
+export function DtoSshResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoSshResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    fingerprint: json["fingerprint"] == null ? undefined : json["fingerprint"],
+    id: json["id"] == null ? undefined : json["id"],
+    name: json["name"] == null ? undefined : json["name"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    public_key: json["public_key"] == null ? undefined : json["public_key"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+  };
+}
+
+export function DtoSshResponseToJSON(json: any): DtoSshResponse {
+  return DtoSshResponseToJSONTyped(json, false);
+}
+
+export function DtoSshResponseToJSONTyped(
+  value?: DtoSshResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    fingerprint: value["fingerprint"],
+    id: value["id"],
+    name: value["name"],
+    organization_id: value["organization_id"],
+    public_key: value["public_key"],
+    updated_at: value["updated_at"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoSshRevealResponse.ts b/sdk/ts/src/models/DtoSshRevealResponse.ts
new file mode 100644
index 0000000..ec16600
--- /dev/null
+++ b/sdk/ts/src/models/DtoSshRevealResponse.ts
@@ -0,0 +1,126 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoSshRevealResponse
+ */
+export interface DtoSshRevealResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshRevealResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshRevealResponse
+   */
+  fingerprint?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshRevealResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshRevealResponse
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshRevealResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshRevealResponse
+   */
+  private_key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshRevealResponse
+   */
+  public_key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoSshRevealResponse
+   */
+  updated_at?: string;
+}
+
+/**
+ * Check if a given object implements the DtoSshRevealResponse interface.
+ */
+export function instanceOfDtoSshRevealResponse(
+  value: object,
+): value is DtoSshRevealResponse {
+  return true;
+}
+
+export function DtoSshRevealResponseFromJSON(json: any): DtoSshRevealResponse {
+  return DtoSshRevealResponseFromJSONTyped(json, false);
+}
+
+export function DtoSshRevealResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoSshRevealResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    fingerprint: json["fingerprint"] == null ? undefined : json["fingerprint"],
+    id: json["id"] == null ? undefined : json["id"],
+    name: json["name"] == null ? undefined : json["name"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    private_key: json["private_key"] == null ? undefined : json["private_key"],
+    public_key: json["public_key"] == null ? undefined : json["public_key"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+  };
+}
+
+export function DtoSshRevealResponseToJSON(json: any): DtoSshRevealResponse {
+  return DtoSshRevealResponseToJSONTyped(json, false);
+}
+
+export function DtoSshRevealResponseToJSONTyped(
+  value?: DtoSshRevealResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    fingerprint: value["fingerprint"],
+    id: value["id"],
+    name: value["name"],
+    organization_id: value["organization_id"],
+    private_key: value["private_key"],
+    public_key: value["public_key"],
+    updated_at: value["updated_at"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoTaintResponse.ts b/sdk/ts/src/models/DtoTaintResponse.ts
new file mode 100644
index 0000000..4566f73
--- /dev/null
+++ b/sdk/ts/src/models/DtoTaintResponse.ts
@@ -0,0 +1,118 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoTaintResponse
+ */
+export interface DtoTaintResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTaintResponse
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTaintResponse
+   */
+  effect?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTaintResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTaintResponse
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTaintResponse
+   */
+  organization_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTaintResponse
+   */
+  updated_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTaintResponse
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoTaintResponse interface.
+ */
+export function instanceOfDtoTaintResponse(
+  value: object,
+): value is DtoTaintResponse {
+  return true;
+}
+
+export function DtoTaintResponseFromJSON(json: any): DtoTaintResponse {
+  return DtoTaintResponseFromJSONTyped(json, false);
+}
+
+export function DtoTaintResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoTaintResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    effect: json["effect"] == null ? undefined : json["effect"],
+    id: json["id"] == null ? undefined : json["id"],
+    key: json["key"] == null ? undefined : json["key"],
+    organization_id:
+      json["organization_id"] == null ? undefined : json["organization_id"],
+    updated_at: json["updated_at"] == null ? undefined : json["updated_at"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoTaintResponseToJSON(json: any): DtoTaintResponse {
+  return DtoTaintResponseToJSONTyped(json, false);
+}
+
+export function DtoTaintResponseToJSONTyped(
+  value?: DtoTaintResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    effect: value["effect"],
+    id: value["id"],
+    key: value["key"],
+    organization_id: value["organization_id"],
+    updated_at: value["updated_at"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoTokenPair.ts b/sdk/ts/src/models/DtoTokenPair.ts
new file mode 100644
index 0000000..d8500e3
--- /dev/null
+++ b/sdk/ts/src/models/DtoTokenPair.ts
@@ -0,0 +1,93 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoTokenPair
+ */
+export interface DtoTokenPair {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTokenPair
+   */
+  access_token?: string;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoTokenPair
+   */
+  expires_in?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTokenPair
+   */
+  refresh_token?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoTokenPair
+   */
+  token_type?: string;
+}
+
+/**
+ * Check if a given object implements the DtoTokenPair interface.
+ */
+export function instanceOfDtoTokenPair(value: object): value is DtoTokenPair {
+  return true;
+}
+
+export function DtoTokenPairFromJSON(json: any): DtoTokenPair {
+  return DtoTokenPairFromJSONTyped(json, false);
+}
+
+export function DtoTokenPairFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoTokenPair {
+  if (json == null) {
+    return json;
+  }
+  return {
+    access_token:
+      json["access_token"] == null ? undefined : json["access_token"],
+    expires_in: json["expires_in"] == null ? undefined : json["expires_in"],
+    refresh_token:
+      json["refresh_token"] == null ? undefined : json["refresh_token"],
+    token_type: json["token_type"] == null ? undefined : json["token_type"],
+  };
+}
+
+export function DtoTokenPairToJSON(json: any): DtoTokenPair {
+  return DtoTokenPairToJSONTyped(json, false);
+}
+
+export function DtoTokenPairToJSONTyped(
+  value?: DtoTokenPair | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    access_token: value["access_token"],
+    expires_in: value["expires_in"],
+    refresh_token: value["refresh_token"],
+    token_type: value["token_type"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateAnnotationRequest.ts b/sdk/ts/src/models/DtoUpdateAnnotationRequest.ts
new file mode 100644
index 0000000..8248c9c
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateAnnotationRequest.ts
@@ -0,0 +1,81 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateAnnotationRequest
+ */
+export interface DtoUpdateAnnotationRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateAnnotationRequest
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateAnnotationRequest
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoUpdateAnnotationRequest interface.
+ */
+export function instanceOfDtoUpdateAnnotationRequest(
+  value: object,
+): value is DtoUpdateAnnotationRequest {
+  return true;
+}
+
+export function DtoUpdateAnnotationRequestFromJSON(
+  json: any,
+): DtoUpdateAnnotationRequest {
+  return DtoUpdateAnnotationRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateAnnotationRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateAnnotationRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    key: json["key"] == null ? undefined : json["key"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoUpdateAnnotationRequestToJSON(
+  json: any,
+): DtoUpdateAnnotationRequest {
+  return DtoUpdateAnnotationRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateAnnotationRequestToJSONTyped(
+  value?: DtoUpdateAnnotationRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    key: value["key"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateClusterRequest.ts b/sdk/ts/src/models/DtoUpdateClusterRequest.ts
new file mode 100644
index 0000000..d606400
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateClusterRequest.ts
@@ -0,0 +1,90 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateClusterRequest
+ */
+export interface DtoUpdateClusterRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateClusterRequest
+   */
+  cluster_provider?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateClusterRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateClusterRequest
+   */
+  region?: string;
+}
+
+/**
+ * Check if a given object implements the DtoUpdateClusterRequest interface.
+ */
+export function instanceOfDtoUpdateClusterRequest(
+  value: object,
+): value is DtoUpdateClusterRequest {
+  return true;
+}
+
+export function DtoUpdateClusterRequestFromJSON(
+  json: any,
+): DtoUpdateClusterRequest {
+  return DtoUpdateClusterRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateClusterRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateClusterRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    cluster_provider:
+      json["cluster_provider"] == null ? undefined : json["cluster_provider"],
+    name: json["name"] == null ? undefined : json["name"],
+    region: json["region"] == null ? undefined : json["region"],
+  };
+}
+
+export function DtoUpdateClusterRequestToJSON(
+  json: any,
+): DtoUpdateClusterRequest {
+  return DtoUpdateClusterRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateClusterRequestToJSONTyped(
+  value?: DtoUpdateClusterRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    cluster_provider: value["cluster_provider"],
+    name: value["name"],
+    region: value["region"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateCredentialRequest.ts b/sdk/ts/src/models/DtoUpdateCredentialRequest.ts
new file mode 100644
index 0000000..e9d3d01
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateCredentialRequest.ts
@@ -0,0 +1,122 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateCredentialRequest
+ */
+export interface DtoUpdateCredentialRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateCredentialRequest
+   */
+  account_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateCredentialRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateCredentialRequest
+   */
+  region?: string;
+  /**
+   *
+   * @type {object}
+   * @memberof DtoUpdateCredentialRequest
+   */
+  scope?: object;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateCredentialRequest
+   */
+  scope_kind?: string;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoUpdateCredentialRequest
+   */
+  scope_version?: number;
+  /**
+   * set if rotating
+   * @type {object}
+   * @memberof DtoUpdateCredentialRequest
+   */
+  secret?: object;
+}
+
+/**
+ * Check if a given object implements the DtoUpdateCredentialRequest interface.
+ */
+export function instanceOfDtoUpdateCredentialRequest(
+  value: object,
+): value is DtoUpdateCredentialRequest {
+  return true;
+}
+
+export function DtoUpdateCredentialRequestFromJSON(
+  json: any,
+): DtoUpdateCredentialRequest {
+  return DtoUpdateCredentialRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateCredentialRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateCredentialRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    account_id: json["account_id"] == null ? undefined : json["account_id"],
+    name: json["name"] == null ? undefined : json["name"],
+    region: json["region"] == null ? undefined : json["region"],
+    scope: json["scope"] == null ? undefined : json["scope"],
+    scope_kind: json["scope_kind"] == null ? undefined : json["scope_kind"],
+    scope_version:
+      json["scope_version"] == null ? undefined : json["scope_version"],
+    secret: json["secret"] == null ? undefined : json["secret"],
+  };
+}
+
+export function DtoUpdateCredentialRequestToJSON(
+  json: any,
+): DtoUpdateCredentialRequest {
+  return DtoUpdateCredentialRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateCredentialRequestToJSONTyped(
+  value?: DtoUpdateCredentialRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    account_id: value["account_id"],
+    name: value["name"],
+    region: value["region"],
+    scope: value["scope"],
+    scope_kind: value["scope_kind"],
+    scope_version: value["scope_version"],
+    secret: value["secret"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateDomainRequest.ts b/sdk/ts/src/models/DtoUpdateDomainRequest.ts
new file mode 100644
index 0000000..1ba5080
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateDomainRequest.ts
@@ -0,0 +1,110 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateDomainRequest
+ */
+export interface DtoUpdateDomainRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateDomainRequest
+   */
+  credential_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateDomainRequest
+   */
+  domain_name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateDomainRequest
+   */
+  status?: DtoUpdateDomainRequestStatusEnum;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateDomainRequest
+   */
+  zone_id?: string;
+}
+
+/**
+ * @export
+ */
+export const DtoUpdateDomainRequestStatusEnum = {
+  pending: "pending",
+  provisioning: "provisioning",
+  ready: "ready",
+  failed: "failed",
+} as const;
+export type DtoUpdateDomainRequestStatusEnum =
+  (typeof DtoUpdateDomainRequestStatusEnum)[keyof typeof DtoUpdateDomainRequestStatusEnum];
+
+/**
+ * Check if a given object implements the DtoUpdateDomainRequest interface.
+ */
+export function instanceOfDtoUpdateDomainRequest(
+  value: object,
+): value is DtoUpdateDomainRequest {
+  return true;
+}
+
+export function DtoUpdateDomainRequestFromJSON(
+  json: any,
+): DtoUpdateDomainRequest {
+  return DtoUpdateDomainRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateDomainRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateDomainRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    credential_id:
+      json["credential_id"] == null ? undefined : json["credential_id"],
+    domain_name: json["domain_name"] == null ? undefined : json["domain_name"],
+    status: json["status"] == null ? undefined : json["status"],
+    zone_id: json["zone_id"] == null ? undefined : json["zone_id"],
+  };
+}
+
+export function DtoUpdateDomainRequestToJSON(
+  json: any,
+): DtoUpdateDomainRequest {
+  return DtoUpdateDomainRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateDomainRequestToJSONTyped(
+  value?: DtoUpdateDomainRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    credential_id: value["credential_id"],
+    domain_name: value["domain_name"],
+    status: value["status"],
+    zone_id: value["zone_id"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateLabelRequest.ts b/sdk/ts/src/models/DtoUpdateLabelRequest.ts
new file mode 100644
index 0000000..02e0e1a
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateLabelRequest.ts
@@ -0,0 +1,79 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateLabelRequest
+ */
+export interface DtoUpdateLabelRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateLabelRequest
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateLabelRequest
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoUpdateLabelRequest interface.
+ */
+export function instanceOfDtoUpdateLabelRequest(
+  value: object,
+): value is DtoUpdateLabelRequest {
+  return true;
+}
+
+export function DtoUpdateLabelRequestFromJSON(
+  json: any,
+): DtoUpdateLabelRequest {
+  return DtoUpdateLabelRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateLabelRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateLabelRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    key: json["key"] == null ? undefined : json["key"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoUpdateLabelRequestToJSON(json: any): DtoUpdateLabelRequest {
+  return DtoUpdateLabelRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateLabelRequestToJSONTyped(
+  value?: DtoUpdateLabelRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    key: value["key"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateLoadBalancerRequest.ts b/sdk/ts/src/models/DtoUpdateLoadBalancerRequest.ts
new file mode 100644
index 0000000..b1d40ee
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateLoadBalancerRequest.ts
@@ -0,0 +1,111 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateLoadBalancerRequest
+ */
+export interface DtoUpdateLoadBalancerRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateLoadBalancerRequest
+   */
+  kind?: DtoUpdateLoadBalancerRequestKindEnum;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateLoadBalancerRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateLoadBalancerRequest
+   */
+  private_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateLoadBalancerRequest
+   */
+  public_ip_address?: string;
+}
+
+/**
+ * @export
+ */
+export const DtoUpdateLoadBalancerRequestKindEnum = {
+  glueops: "glueops",
+  public: "public",
+} as const;
+export type DtoUpdateLoadBalancerRequestKindEnum =
+  (typeof DtoUpdateLoadBalancerRequestKindEnum)[keyof typeof DtoUpdateLoadBalancerRequestKindEnum];
+
+/**
+ * Check if a given object implements the DtoUpdateLoadBalancerRequest interface.
+ */
+export function instanceOfDtoUpdateLoadBalancerRequest(
+  value: object,
+): value is DtoUpdateLoadBalancerRequest {
+  return true;
+}
+
+export function DtoUpdateLoadBalancerRequestFromJSON(
+  json: any,
+): DtoUpdateLoadBalancerRequest {
+  return DtoUpdateLoadBalancerRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateLoadBalancerRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateLoadBalancerRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    kind: json["kind"] == null ? undefined : json["kind"],
+    name: json["name"] == null ? undefined : json["name"],
+    private_ip_address:
+      json["private_ip_address"] == null
+        ? undefined
+        : json["private_ip_address"],
+    public_ip_address:
+      json["public_ip_address"] == null ? undefined : json["public_ip_address"],
+  };
+}
+
+export function DtoUpdateLoadBalancerRequestToJSON(
+  json: any,
+): DtoUpdateLoadBalancerRequest {
+  return DtoUpdateLoadBalancerRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateLoadBalancerRequestToJSONTyped(
+  value?: DtoUpdateLoadBalancerRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    kind: value["kind"],
+    name: value["name"],
+    private_ip_address: value["private_ip_address"],
+    public_ip_address: value["public_ip_address"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateNodePoolRequest.ts b/sdk/ts/src/models/DtoUpdateNodePoolRequest.ts
new file mode 100644
index 0000000..cdb6f3d
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateNodePoolRequest.ts
@@ -0,0 +1,91 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateNodePoolRequest
+ */
+export interface DtoUpdateNodePoolRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateNodePoolRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateNodePoolRequest
+   */
+  role?: DtoUpdateNodePoolRequestRoleEnum;
+}
+
+/**
+ * @export
+ */
+export const DtoUpdateNodePoolRequestRoleEnum = {
+  master: "master",
+  worker: "worker",
+} as const;
+export type DtoUpdateNodePoolRequestRoleEnum =
+  (typeof DtoUpdateNodePoolRequestRoleEnum)[keyof typeof DtoUpdateNodePoolRequestRoleEnum];
+
+/**
+ * Check if a given object implements the DtoUpdateNodePoolRequest interface.
+ */
+export function instanceOfDtoUpdateNodePoolRequest(
+  value: object,
+): value is DtoUpdateNodePoolRequest {
+  return true;
+}
+
+export function DtoUpdateNodePoolRequestFromJSON(
+  json: any,
+): DtoUpdateNodePoolRequest {
+  return DtoUpdateNodePoolRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateNodePoolRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateNodePoolRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    name: json["name"] == null ? undefined : json["name"],
+    role: json["role"] == null ? undefined : json["role"],
+  };
+}
+
+export function DtoUpdateNodePoolRequestToJSON(
+  json: any,
+): DtoUpdateNodePoolRequest {
+  return DtoUpdateNodePoolRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateNodePoolRequestToJSONTyped(
+  value?: DtoUpdateNodePoolRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    name: value["name"],
+    role: value["role"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateRecordSetRequest.ts b/sdk/ts/src/models/DtoUpdateRecordSetRequest.ts
new file mode 100644
index 0000000..9595e07
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateRecordSetRequest.ts
@@ -0,0 +1,117 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateRecordSetRequest
+ */
+export interface DtoUpdateRecordSetRequest {
+  /**
+   * Any change flips status back to pending (worker will UPSERT)
+   * @type {string}
+   * @memberof DtoUpdateRecordSetRequest
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateRecordSetRequest
+   */
+  status?: DtoUpdateRecordSetRequestStatusEnum;
+  /**
+   *
+   * @type {number}
+   * @memberof DtoUpdateRecordSetRequest
+   */
+  ttl?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateRecordSetRequest
+   */
+  type?: string;
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof DtoUpdateRecordSetRequest
+   */
+  values?: Array<string>;
+}
+
+/**
+ * @export
+ */
+export const DtoUpdateRecordSetRequestStatusEnum = {
+  pending: "pending",
+  provisioning: "provisioning",
+  ready: "ready",
+  failed: "failed",
+} as const;
+export type DtoUpdateRecordSetRequestStatusEnum =
+  (typeof DtoUpdateRecordSetRequestStatusEnum)[keyof typeof DtoUpdateRecordSetRequestStatusEnum];
+
+/**
+ * Check if a given object implements the DtoUpdateRecordSetRequest interface.
+ */
+export function instanceOfDtoUpdateRecordSetRequest(
+  value: object,
+): value is DtoUpdateRecordSetRequest {
+  return true;
+}
+
+export function DtoUpdateRecordSetRequestFromJSON(
+  json: any,
+): DtoUpdateRecordSetRequest {
+  return DtoUpdateRecordSetRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateRecordSetRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateRecordSetRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    name: json["name"] == null ? undefined : json["name"],
+    status: json["status"] == null ? undefined : json["status"],
+    ttl: json["ttl"] == null ? undefined : json["ttl"],
+    type: json["type"] == null ? undefined : json["type"],
+    values: json["values"] == null ? undefined : json["values"],
+  };
+}
+
+export function DtoUpdateRecordSetRequestToJSON(
+  json: any,
+): DtoUpdateRecordSetRequest {
+  return DtoUpdateRecordSetRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateRecordSetRequestToJSONTyped(
+  value?: DtoUpdateRecordSetRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    name: value["name"],
+    status: value["status"],
+    ttl: value["ttl"],
+    type: value["type"],
+    values: value["values"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateServerRequest.ts b/sdk/ts/src/models/DtoUpdateServerRequest.ts
new file mode 100644
index 0000000..298c1de
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateServerRequest.ts
@@ -0,0 +1,148 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateServerRequest
+ */
+export interface DtoUpdateServerRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateServerRequest
+   */
+  hostname?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateServerRequest
+   */
+  private_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateServerRequest
+   */
+  public_ip_address?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateServerRequest
+   */
+  role?: DtoUpdateServerRequestRoleEnum;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateServerRequest
+   */
+  ssh_key_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateServerRequest
+   */
+  ssh_user?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateServerRequest
+   */
+  status?: DtoUpdateServerRequestStatusEnum;
+}
+
+/**
+ * @export
+ */
+export const DtoUpdateServerRequestRoleEnum = {
+  master: "master",
+  worker: "worker",
+  bastion: "bastion",
+} as const;
+export type DtoUpdateServerRequestRoleEnum =
+  (typeof DtoUpdateServerRequestRoleEnum)[keyof typeof DtoUpdateServerRequestRoleEnum];
+
+/**
+ * @export
+ */
+export const DtoUpdateServerRequestStatusEnum = {
+  pending: "pending",
+  provisioning: "provisioning",
+  ready: "ready",
+  failed: "failed",
+} as const;
+export type DtoUpdateServerRequestStatusEnum =
+  (typeof DtoUpdateServerRequestStatusEnum)[keyof typeof DtoUpdateServerRequestStatusEnum];
+
+/**
+ * Check if a given object implements the DtoUpdateServerRequest interface.
+ */
+export function instanceOfDtoUpdateServerRequest(
+  value: object,
+): value is DtoUpdateServerRequest {
+  return true;
+}
+
+export function DtoUpdateServerRequestFromJSON(
+  json: any,
+): DtoUpdateServerRequest {
+  return DtoUpdateServerRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateServerRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateServerRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    hostname: json["hostname"] == null ? undefined : json["hostname"],
+    private_ip_address:
+      json["private_ip_address"] == null
+        ? undefined
+        : json["private_ip_address"],
+    public_ip_address:
+      json["public_ip_address"] == null ? undefined : json["public_ip_address"],
+    role: json["role"] == null ? undefined : json["role"],
+    ssh_key_id: json["ssh_key_id"] == null ? undefined : json["ssh_key_id"],
+    ssh_user: json["ssh_user"] == null ? undefined : json["ssh_user"],
+    status: json["status"] == null ? undefined : json["status"],
+  };
+}
+
+export function DtoUpdateServerRequestToJSON(
+  json: any,
+): DtoUpdateServerRequest {
+  return DtoUpdateServerRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateServerRequestToJSONTyped(
+  value?: DtoUpdateServerRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    hostname: value["hostname"],
+    private_ip_address: value["private_ip_address"],
+    public_ip_address: value["public_ip_address"],
+    role: value["role"],
+    ssh_key_id: value["ssh_key_id"],
+    ssh_user: value["ssh_user"],
+    status: value["status"],
+  };
+}
diff --git a/sdk/ts/src/models/DtoUpdateTaintRequest.ts b/sdk/ts/src/models/DtoUpdateTaintRequest.ts
new file mode 100644
index 0000000..47fcdb3
--- /dev/null
+++ b/sdk/ts/src/models/DtoUpdateTaintRequest.ts
@@ -0,0 +1,87 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface DtoUpdateTaintRequest
+ */
+export interface DtoUpdateTaintRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateTaintRequest
+   */
+  effect?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateTaintRequest
+   */
+  key?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof DtoUpdateTaintRequest
+   */
+  value?: string;
+}
+
+/**
+ * Check if a given object implements the DtoUpdateTaintRequest interface.
+ */
+export function instanceOfDtoUpdateTaintRequest(
+  value: object,
+): value is DtoUpdateTaintRequest {
+  return true;
+}
+
+export function DtoUpdateTaintRequestFromJSON(
+  json: any,
+): DtoUpdateTaintRequest {
+  return DtoUpdateTaintRequestFromJSONTyped(json, false);
+}
+
+export function DtoUpdateTaintRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): DtoUpdateTaintRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    effect: json["effect"] == null ? undefined : json["effect"],
+    key: json["key"] == null ? undefined : json["key"],
+    value: json["value"] == null ? undefined : json["value"],
+  };
+}
+
+export function DtoUpdateTaintRequestToJSON(json: any): DtoUpdateTaintRequest {
+  return DtoUpdateTaintRequestToJSONTyped(json, false);
+}
+
+export function DtoUpdateTaintRequestToJSONTyped(
+  value?: DtoUpdateTaintRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    effect: value["effect"],
+    key: value["key"],
+    value: value["value"],
+  };
+}
diff --git a/sdk/ts/src/models/GetSSHKey200Response.ts b/sdk/ts/src/models/GetSSHKey200Response.ts
new file mode 100644
index 0000000..0719ada
--- /dev/null
+++ b/sdk/ts/src/models/GetSSHKey200Response.ts
@@ -0,0 +1,75 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import type {DtoSshResponse} from "./DtoSshResponse";
+import {DtoSshResponseFromJSONTyped, DtoSshResponseToJSON, instanceOfDtoSshResponse,} from "./DtoSshResponse";
+import type {DtoSshRevealResponse} from "./DtoSshRevealResponse";
+import {
+    DtoSshRevealResponseFromJSONTyped,
+    DtoSshRevealResponseToJSON,
+    instanceOfDtoSshRevealResponse,
+} from "./DtoSshRevealResponse";
+
+/**
+ * @type GetSSHKey200Response
+ *
+ * @export
+ */
+export type GetSSHKey200Response = DtoSshResponse | DtoSshRevealResponse;
+
+export function GetSSHKey200ResponseFromJSON(json: any): GetSSHKey200Response {
+  return GetSSHKey200ResponseFromJSONTyped(json, false);
+}
+
+export function GetSSHKey200ResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): GetSSHKey200Response {
+  if (json == null) {
+    return json;
+  }
+  if (typeof json !== "object") {
+    return json;
+  }
+  if (instanceOfDtoSshResponse(json)) {
+    return DtoSshResponseFromJSONTyped(json, true);
+  }
+  if (instanceOfDtoSshRevealResponse(json)) {
+    return DtoSshRevealResponseFromJSONTyped(json, true);
+  }
+  return {} as any;
+}
+
+export function GetSSHKey200ResponseToJSON(json: any): any {
+  return GetSSHKey200ResponseToJSONTyped(json, false);
+}
+
+export function GetSSHKey200ResponseToJSONTyped(
+  value?: GetSSHKey200Response | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+  if (typeof value !== "object") {
+    return value;
+  }
+  if (instanceOfDtoSshResponse(value)) {
+    return DtoSshResponseToJSON(value as DtoSshResponse);
+  }
+  if (instanceOfDtoSshRevealResponse(value)) {
+    return DtoSshRevealResponseToJSON(value as DtoSshRevealResponse);
+  }
+  return {};
+}
diff --git a/sdk/ts/src/models/HandlersCreateUserKeyRequest.ts b/sdk/ts/src/models/HandlersCreateUserKeyRequest.ts
new file mode 100644
index 0000000..6b785fd
--- /dev/null
+++ b/sdk/ts/src/models/HandlersCreateUserKeyRequest.ts
@@ -0,0 +1,82 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersCreateUserKeyRequest
+ */
+export interface HandlersCreateUserKeyRequest {
+  /**
+   * optional TTL
+   * @type {number}
+   * @memberof HandlersCreateUserKeyRequest
+   */
+  expires_in_hours?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersCreateUserKeyRequest
+   */
+  name?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersCreateUserKeyRequest interface.
+ */
+export function instanceOfHandlersCreateUserKeyRequest(
+  value: object,
+): value is HandlersCreateUserKeyRequest {
+  return true;
+}
+
+export function HandlersCreateUserKeyRequestFromJSON(
+  json: any,
+): HandlersCreateUserKeyRequest {
+  return HandlersCreateUserKeyRequestFromJSONTyped(json, false);
+}
+
+export function HandlersCreateUserKeyRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersCreateUserKeyRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    expires_in_hours:
+      json["expires_in_hours"] == null ? undefined : json["expires_in_hours"],
+    name: json["name"] == null ? undefined : json["name"],
+  };
+}
+
+export function HandlersCreateUserKeyRequestToJSON(
+  json: any,
+): HandlersCreateUserKeyRequest {
+  return HandlersCreateUserKeyRequestToJSONTyped(json, false);
+}
+
+export function HandlersCreateUserKeyRequestToJSONTyped(
+  value?: HandlersCreateUserKeyRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    expires_in_hours: value["expires_in_hours"],
+    name: value["name"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersHealthStatus.ts b/sdk/ts/src/models/HandlersHealthStatus.ts
new file mode 100644
index 0000000..b68f6a3
--- /dev/null
+++ b/sdk/ts/src/models/HandlersHealthStatus.ts
@@ -0,0 +1,69 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersHealthStatus
+ */
+export interface HandlersHealthStatus {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersHealthStatus
+   */
+  status?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersHealthStatus interface.
+ */
+export function instanceOfHandlersHealthStatus(
+  value: object,
+): value is HandlersHealthStatus {
+  return true;
+}
+
+export function HandlersHealthStatusFromJSON(json: any): HandlersHealthStatus {
+  return HandlersHealthStatusFromJSONTyped(json, false);
+}
+
+export function HandlersHealthStatusFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersHealthStatus {
+  if (json == null) {
+    return json;
+  }
+  return {
+    status: json["status"] == null ? undefined : json["status"],
+  };
+}
+
+export function HandlersHealthStatusToJSON(json: any): HandlersHealthStatus {
+  return HandlersHealthStatusToJSONTyped(json, false);
+}
+
+export function HandlersHealthStatusToJSONTyped(
+  value?: HandlersHealthStatus | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    status: value["status"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersMeResponse.ts b/sdk/ts/src/models/HandlersMeResponse.ts
new file mode 100644
index 0000000..35a5f31
--- /dev/null
+++ b/sdk/ts/src/models/HandlersMeResponse.ts
@@ -0,0 +1,168 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import type {ModelsUserEmail} from "./ModelsUserEmail";
+import {ModelsUserEmailFromJSON, ModelsUserEmailToJSON,} from "./ModelsUserEmail";
+import type {ModelsOrganization} from "./ModelsOrganization";
+import {ModelsOrganizationFromJSON, ModelsOrganizationToJSON,} from "./ModelsOrganization";
+
+/**
+ *
+ * @export
+ * @interface HandlersMeResponse
+ */
+export interface HandlersMeResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersMeResponse
+   */
+  avatar_url?: string;
+  /**
+   *
+   * @type {Date}
+   * @memberof HandlersMeResponse
+   */
+  created_at?: Date;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersMeResponse
+   */
+  display_name?: string;
+  /**
+   *
+   * @type {Array<ModelsUserEmail>}
+   * @memberof HandlersMeResponse
+   */
+  emails?: Array<ModelsUserEmail>;
+  /**
+   * example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
+   * @type {string}
+   * @memberof HandlersMeResponse
+   */
+  id?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof HandlersMeResponse
+   */
+  is_admin?: boolean;
+  /**
+   *
+   * @type {boolean}
+   * @memberof HandlersMeResponse
+   */
+  is_disabled?: boolean;
+  /**
+   *
+   * @type {Array<ModelsOrganization>}
+   * @memberof HandlersMeResponse
+   */
+  organizations?: Array<ModelsOrganization>;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersMeResponse
+   */
+  primary_email?: string;
+  /**
+   *
+   * @type {Date}
+   * @memberof HandlersMeResponse
+   */
+  updated_at?: Date;
+}
+
+/**
+ * Check if a given object implements the HandlersMeResponse interface.
+ */
+export function instanceOfHandlersMeResponse(
+  value: object,
+): value is HandlersMeResponse {
+  return true;
+}
+
+export function HandlersMeResponseFromJSON(json: any): HandlersMeResponse {
+  return HandlersMeResponseFromJSONTyped(json, false);
+}
+
+export function HandlersMeResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersMeResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    avatar_url: json["avatar_url"] == null ? undefined : json["avatar_url"],
+    created_at:
+      json["created_at"] == null ? undefined : new Date(json["created_at"]),
+    display_name:
+      json["display_name"] == null ? undefined : json["display_name"],
+    emails:
+      json["emails"] == null
+        ? undefined
+        : (json["emails"] as Array<any>).map(ModelsUserEmailFromJSON),
+    id: json["id"] == null ? undefined : json["id"],
+    is_admin: json["is_admin"] == null ? undefined : json["is_admin"],
+    is_disabled: json["is_disabled"] == null ? undefined : json["is_disabled"],
+    organizations:
+      json["organizations"] == null
+        ? undefined
+        : (json["organizations"] as Array<any>).map(ModelsOrganizationFromJSON),
+    primary_email:
+      json["primary_email"] == null ? undefined : json["primary_email"],
+    updated_at:
+      json["updated_at"] == null ? undefined : new Date(json["updated_at"]),
+  };
+}
+
+export function HandlersMeResponseToJSON(json: any): HandlersMeResponse {
+  return HandlersMeResponseToJSONTyped(json, false);
+}
+
+export function HandlersMeResponseToJSONTyped(
+  value?: HandlersMeResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    avatar_url: value["avatar_url"],
+    created_at:
+      value["created_at"] == null
+        ? value["created_at"]
+        : value["created_at"].toISOString(),
+    display_name: value["display_name"],
+    emails:
+      value["emails"] == null
+        ? undefined
+        : (value["emails"] as Array<any>).map(ModelsUserEmailToJSON),
+    id: value["id"],
+    is_admin: value["is_admin"],
+    is_disabled: value["is_disabled"],
+    organizations:
+      value["organizations"] == null
+        ? undefined
+        : (value["organizations"] as Array<any>).map(ModelsOrganizationToJSON),
+    primary_email: value["primary_email"],
+    updated_at:
+      value["updated_at"] == null
+        ? value["updated_at"]
+        : value["updated_at"].toISOString(),
+  };
+}
diff --git a/sdk/ts/src/models/HandlersMemberOut.ts b/sdk/ts/src/models/HandlersMemberOut.ts
new file mode 100644
index 0000000..97dc646
--- /dev/null
+++ b/sdk/ts/src/models/HandlersMemberOut.ts
@@ -0,0 +1,85 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersMemberOut
+ */
+export interface HandlersMemberOut {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersMemberOut
+   */
+  email?: string;
+  /**
+   * owner/admin/member
+   * @type {string}
+   * @memberof HandlersMemberOut
+   */
+  role?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersMemberOut
+   */
+  user_id?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersMemberOut interface.
+ */
+export function instanceOfHandlersMemberOut(
+  value: object,
+): value is HandlersMemberOut {
+  return true;
+}
+
+export function HandlersMemberOutFromJSON(json: any): HandlersMemberOut {
+  return HandlersMemberOutFromJSONTyped(json, false);
+}
+
+export function HandlersMemberOutFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersMemberOut {
+  if (json == null) {
+    return json;
+  }
+  return {
+    email: json["email"] == null ? undefined : json["email"],
+    role: json["role"] == null ? undefined : json["role"],
+    user_id: json["user_id"] == null ? undefined : json["user_id"],
+  };
+}
+
+export function HandlersMemberOutToJSON(json: any): HandlersMemberOut {
+  return HandlersMemberOutToJSONTyped(json, false);
+}
+
+export function HandlersMemberOutToJSONTyped(
+  value?: HandlersMemberOut | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    email: value["email"],
+    role: value["role"],
+    user_id: value["user_id"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersMemberUpsertReq.ts b/sdk/ts/src/models/HandlersMemberUpsertReq.ts
new file mode 100644
index 0000000..67be445
--- /dev/null
+++ b/sdk/ts/src/models/HandlersMemberUpsertReq.ts
@@ -0,0 +1,81 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersMemberUpsertReq
+ */
+export interface HandlersMemberUpsertReq {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersMemberUpsertReq
+   */
+  role?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersMemberUpsertReq
+   */
+  user_id?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersMemberUpsertReq interface.
+ */
+export function instanceOfHandlersMemberUpsertReq(
+  value: object,
+): value is HandlersMemberUpsertReq {
+  return true;
+}
+
+export function HandlersMemberUpsertReqFromJSON(
+  json: any,
+): HandlersMemberUpsertReq {
+  return HandlersMemberUpsertReqFromJSONTyped(json, false);
+}
+
+export function HandlersMemberUpsertReqFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersMemberUpsertReq {
+  if (json == null) {
+    return json;
+  }
+  return {
+    role: json["role"] == null ? undefined : json["role"],
+    user_id: json["user_id"] == null ? undefined : json["user_id"],
+  };
+}
+
+export function HandlersMemberUpsertReqToJSON(
+  json: any,
+): HandlersMemberUpsertReq {
+  return HandlersMemberUpsertReqToJSONTyped(json, false);
+}
+
+export function HandlersMemberUpsertReqToJSONTyped(
+  value?: HandlersMemberUpsertReq | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    role: value["role"],
+    user_id: value["user_id"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersOrgCreateReq.ts b/sdk/ts/src/models/HandlersOrgCreateReq.ts
new file mode 100644
index 0000000..54d2748
--- /dev/null
+++ b/sdk/ts/src/models/HandlersOrgCreateReq.ts
@@ -0,0 +1,77 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersOrgCreateReq
+ */
+export interface HandlersOrgCreateReq {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgCreateReq
+   */
+  domain?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgCreateReq
+   */
+  name?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersOrgCreateReq interface.
+ */
+export function instanceOfHandlersOrgCreateReq(
+  value: object,
+): value is HandlersOrgCreateReq {
+  return true;
+}
+
+export function HandlersOrgCreateReqFromJSON(json: any): HandlersOrgCreateReq {
+  return HandlersOrgCreateReqFromJSONTyped(json, false);
+}
+
+export function HandlersOrgCreateReqFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersOrgCreateReq {
+  if (json == null) {
+    return json;
+  }
+  return {
+    domain: json["domain"] == null ? undefined : json["domain"],
+    name: json["name"] == null ? undefined : json["name"],
+  };
+}
+
+export function HandlersOrgCreateReqToJSON(json: any): HandlersOrgCreateReq {
+  return HandlersOrgCreateReqToJSONTyped(json, false);
+}
+
+export function HandlersOrgCreateReqToJSONTyped(
+  value?: HandlersOrgCreateReq | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    domain: value["domain"],
+    name: value["name"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersOrgKeyCreateReq.ts b/sdk/ts/src/models/HandlersOrgKeyCreateReq.ts
new file mode 100644
index 0000000..1b65ef5
--- /dev/null
+++ b/sdk/ts/src/models/HandlersOrgKeyCreateReq.ts
@@ -0,0 +1,82 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersOrgKeyCreateReq
+ */
+export interface HandlersOrgKeyCreateReq {
+  /**
+   *
+   * @type {number}
+   * @memberof HandlersOrgKeyCreateReq
+   */
+  expires_in_hours?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgKeyCreateReq
+   */
+  name?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersOrgKeyCreateReq interface.
+ */
+export function instanceOfHandlersOrgKeyCreateReq(
+  value: object,
+): value is HandlersOrgKeyCreateReq {
+  return true;
+}
+
+export function HandlersOrgKeyCreateReqFromJSON(
+  json: any,
+): HandlersOrgKeyCreateReq {
+  return HandlersOrgKeyCreateReqFromJSONTyped(json, false);
+}
+
+export function HandlersOrgKeyCreateReqFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersOrgKeyCreateReq {
+  if (json == null) {
+    return json;
+  }
+  return {
+    expires_in_hours:
+      json["expires_in_hours"] == null ? undefined : json["expires_in_hours"],
+    name: json["name"] == null ? undefined : json["name"],
+  };
+}
+
+export function HandlersOrgKeyCreateReqToJSON(
+  json: any,
+): HandlersOrgKeyCreateReq {
+  return HandlersOrgKeyCreateReqToJSONTyped(json, false);
+}
+
+export function HandlersOrgKeyCreateReqToJSONTyped(
+  value?: HandlersOrgKeyCreateReq | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    expires_in_hours: value["expires_in_hours"],
+    name: value["name"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersOrgKeyCreateResp.ts b/sdk/ts/src/models/HandlersOrgKeyCreateResp.ts
new file mode 100644
index 0000000..66b9dcb
--- /dev/null
+++ b/sdk/ts/src/models/HandlersOrgKeyCreateResp.ts
@@ -0,0 +1,121 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersOrgKeyCreateResp
+ */
+export interface HandlersOrgKeyCreateResp {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgKeyCreateResp
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgKeyCreateResp
+   */
+  expires_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgKeyCreateResp
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgKeyCreateResp
+   */
+  name?: string;
+  /**
+   * shown once:
+   * @type {string}
+   * @memberof HandlersOrgKeyCreateResp
+   */
+  org_key?: string;
+  /**
+   * shown once:
+   * @type {string}
+   * @memberof HandlersOrgKeyCreateResp
+   */
+  org_secret?: string;
+  /**
+   * "org"
+   * @type {string}
+   * @memberof HandlersOrgKeyCreateResp
+   */
+  scope?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersOrgKeyCreateResp interface.
+ */
+export function instanceOfHandlersOrgKeyCreateResp(
+  value: object,
+): value is HandlersOrgKeyCreateResp {
+  return true;
+}
+
+export function HandlersOrgKeyCreateRespFromJSON(
+  json: any,
+): HandlersOrgKeyCreateResp {
+  return HandlersOrgKeyCreateRespFromJSONTyped(json, false);
+}
+
+export function HandlersOrgKeyCreateRespFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersOrgKeyCreateResp {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    expires_at: json["expires_at"] == null ? undefined : json["expires_at"],
+    id: json["id"] == null ? undefined : json["id"],
+    name: json["name"] == null ? undefined : json["name"],
+    org_key: json["org_key"] == null ? undefined : json["org_key"],
+    org_secret: json["org_secret"] == null ? undefined : json["org_secret"],
+    scope: json["scope"] == null ? undefined : json["scope"],
+  };
+}
+
+export function HandlersOrgKeyCreateRespToJSON(
+  json: any,
+): HandlersOrgKeyCreateResp {
+  return HandlersOrgKeyCreateRespToJSONTyped(json, false);
+}
+
+export function HandlersOrgKeyCreateRespToJSONTyped(
+  value?: HandlersOrgKeyCreateResp | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    expires_at: value["expires_at"],
+    id: value["id"],
+    name: value["name"],
+    org_key: value["org_key"],
+    org_secret: value["org_secret"],
+    scope: value["scope"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersOrgUpdateReq.ts b/sdk/ts/src/models/HandlersOrgUpdateReq.ts
new file mode 100644
index 0000000..f30d362
--- /dev/null
+++ b/sdk/ts/src/models/HandlersOrgUpdateReq.ts
@@ -0,0 +1,77 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersOrgUpdateReq
+ */
+export interface HandlersOrgUpdateReq {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgUpdateReq
+   */
+  domain?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersOrgUpdateReq
+   */
+  name?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersOrgUpdateReq interface.
+ */
+export function instanceOfHandlersOrgUpdateReq(
+  value: object,
+): value is HandlersOrgUpdateReq {
+  return true;
+}
+
+export function HandlersOrgUpdateReqFromJSON(json: any): HandlersOrgUpdateReq {
+  return HandlersOrgUpdateReqFromJSONTyped(json, false);
+}
+
+export function HandlersOrgUpdateReqFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersOrgUpdateReq {
+  if (json == null) {
+    return json;
+  }
+  return {
+    domain: json["domain"] == null ? undefined : json["domain"],
+    name: json["name"] == null ? undefined : json["name"],
+  };
+}
+
+export function HandlersOrgUpdateReqToJSON(json: any): HandlersOrgUpdateReq {
+  return HandlersOrgUpdateReqToJSONTyped(json, false);
+}
+
+export function HandlersOrgUpdateReqToJSONTyped(
+  value?: HandlersOrgUpdateReq | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    domain: value["domain"],
+    name: value["name"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersUpdateMeRequest.ts b/sdk/ts/src/models/HandlersUpdateMeRequest.ts
new file mode 100644
index 0000000..53f1371
--- /dev/null
+++ b/sdk/ts/src/models/HandlersUpdateMeRequest.ts
@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersUpdateMeRequest
+ */
+export interface HandlersUpdateMeRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersUpdateMeRequest
+   */
+  display_name?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersUpdateMeRequest interface.
+ */
+export function instanceOfHandlersUpdateMeRequest(
+  value: object,
+): value is HandlersUpdateMeRequest {
+  return true;
+}
+
+export function HandlersUpdateMeRequestFromJSON(
+  json: any,
+): HandlersUpdateMeRequest {
+  return HandlersUpdateMeRequestFromJSONTyped(json, false);
+}
+
+export function HandlersUpdateMeRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersUpdateMeRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    display_name:
+      json["display_name"] == null ? undefined : json["display_name"],
+  };
+}
+
+export function HandlersUpdateMeRequestToJSON(
+  json: any,
+): HandlersUpdateMeRequest {
+  return HandlersUpdateMeRequestToJSONTyped(json, false);
+}
+
+export function HandlersUpdateMeRequestToJSONTyped(
+  value?: HandlersUpdateMeRequest | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    display_name: value["display_name"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersUserAPIKeyOut.ts b/sdk/ts/src/models/HandlersUserAPIKeyOut.ts
new file mode 100644
index 0000000..52188cd
--- /dev/null
+++ b/sdk/ts/src/models/HandlersUserAPIKeyOut.ts
@@ -0,0 +1,120 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersUserAPIKeyOut
+ */
+export interface HandlersUserAPIKeyOut {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersUserAPIKeyOut
+   */
+  created_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersUserAPIKeyOut
+   */
+  expires_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersUserAPIKeyOut
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersUserAPIKeyOut
+   */
+  last_used_at?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersUserAPIKeyOut
+   */
+  name?: string;
+  /**
+   * Shown only on create:
+   * @type {string}
+   * @memberof HandlersUserAPIKeyOut
+   */
+  plain?: string;
+  /**
+   * "user"
+   * @type {string}
+   * @memberof HandlersUserAPIKeyOut
+   */
+  scope?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersUserAPIKeyOut interface.
+ */
+export function instanceOfHandlersUserAPIKeyOut(
+  value: object,
+): value is HandlersUserAPIKeyOut {
+  return true;
+}
+
+export function HandlersUserAPIKeyOutFromJSON(
+  json: any,
+): HandlersUserAPIKeyOut {
+  return HandlersUserAPIKeyOutFromJSONTyped(json, false);
+}
+
+export function HandlersUserAPIKeyOutFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersUserAPIKeyOut {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at: json["created_at"] == null ? undefined : json["created_at"],
+    expires_at: json["expires_at"] == null ? undefined : json["expires_at"],
+    id: json["id"] == null ? undefined : json["id"],
+    last_used_at:
+      json["last_used_at"] == null ? undefined : json["last_used_at"],
+    name: json["name"] == null ? undefined : json["name"],
+    plain: json["plain"] == null ? undefined : json["plain"],
+    scope: json["scope"] == null ? undefined : json["scope"],
+  };
+}
+
+export function HandlersUserAPIKeyOutToJSON(json: any): HandlersUserAPIKeyOut {
+  return HandlersUserAPIKeyOutToJSONTyped(json, false);
+}
+
+export function HandlersUserAPIKeyOutToJSONTyped(
+  value?: HandlersUserAPIKeyOut | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at: value["created_at"],
+    expires_at: value["expires_at"],
+    id: value["id"],
+    last_used_at: value["last_used_at"],
+    name: value["name"],
+    plain: value["plain"],
+    scope: value["scope"],
+  };
+}
diff --git a/sdk/ts/src/models/HandlersVersionResponse.ts b/sdk/ts/src/models/HandlersVersionResponse.ts
new file mode 100644
index 0000000..2576882
--- /dev/null
+++ b/sdk/ts/src/models/HandlersVersionResponse.ts
@@ -0,0 +1,153 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface HandlersVersionResponse
+ */
+export interface HandlersVersionResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  built?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  builtBy?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  commit?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  commitTime?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  go?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  goArch?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  goOS?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof HandlersVersionResponse
+   */
+  modified?: boolean;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  revision?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  vcs?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof HandlersVersionResponse
+   */
+  version?: string;
+}
+
+/**
+ * Check if a given object implements the HandlersVersionResponse interface.
+ */
+export function instanceOfHandlersVersionResponse(
+  value: object,
+): value is HandlersVersionResponse {
+  return true;
+}
+
+export function HandlersVersionResponseFromJSON(
+  json: any,
+): HandlersVersionResponse {
+  return HandlersVersionResponseFromJSONTyped(json, false);
+}
+
+export function HandlersVersionResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): HandlersVersionResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    built: json["built"] == null ? undefined : json["built"],
+    builtBy: json["builtBy"] == null ? undefined : json["builtBy"],
+    commit: json["commit"] == null ? undefined : json["commit"],
+    commitTime: json["commitTime"] == null ? undefined : json["commitTime"],
+    go: json["go"] == null ? undefined : json["go"],
+    goArch: json["goArch"] == null ? undefined : json["goArch"],
+    goOS: json["goOS"] == null ? undefined : json["goOS"],
+    modified: json["modified"] == null ? undefined : json["modified"],
+    revision: json["revision"] == null ? undefined : json["revision"],
+    vcs: json["vcs"] == null ? undefined : json["vcs"],
+    version: json["version"] == null ? undefined : json["version"],
+  };
+}
+
+export function HandlersVersionResponseToJSON(
+  json: any,
+): HandlersVersionResponse {
+  return HandlersVersionResponseToJSONTyped(json, false);
+}
+
+export function HandlersVersionResponseToJSONTyped(
+  value?: HandlersVersionResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    built: value["built"],
+    builtBy: value["builtBy"],
+    commit: value["commit"],
+    commitTime: value["commitTime"],
+    go: value["go"],
+    goArch: value["goArch"],
+    goOS: value["goOS"],
+    modified: value["modified"],
+    revision: value["revision"],
+    vcs: value["vcs"],
+    version: value["version"],
+  };
+}
diff --git a/sdk/ts/src/models/ModelsAPIKey.ts b/sdk/ts/src/models/ModelsAPIKey.ts
new file mode 100644
index 0000000..aac0233
--- /dev/null
+++ b/sdk/ts/src/models/ModelsAPIKey.ts
@@ -0,0 +1,163 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface ModelsAPIKey
+ */
+export interface ModelsAPIKey {
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsAPIKey
+   */
+  created_at?: Date;
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsAPIKey
+   */
+  expires_at?: Date;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsAPIKey
+   */
+  id?: string;
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsAPIKey
+   */
+  last_used_at?: Date;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsAPIKey
+   */
+  name?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsAPIKey
+   */
+  org_id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsAPIKey
+   */
+  prefix?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof ModelsAPIKey
+   */
+  revoked?: boolean;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsAPIKey
+   */
+  scope?: string;
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsAPIKey
+   */
+  updated_at?: Date;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsAPIKey
+   */
+  user_id?: string;
+}
+
+/**
+ * Check if a given object implements the ModelsAPIKey interface.
+ */
+export function instanceOfModelsAPIKey(value: object): value is ModelsAPIKey {
+  return true;
+}
+
+export function ModelsAPIKeyFromJSON(json: any): ModelsAPIKey {
+  return ModelsAPIKeyFromJSONTyped(json, false);
+}
+
+export function ModelsAPIKeyFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): ModelsAPIKey {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at:
+      json["created_at"] == null ? undefined : new Date(json["created_at"]),
+    expires_at:
+      json["expires_at"] == null ? undefined : new Date(json["expires_at"]),
+    id: json["id"] == null ? undefined : json["id"],
+    last_used_at:
+      json["last_used_at"] == null ? undefined : new Date(json["last_used_at"]),
+    name: json["name"] == null ? undefined : json["name"],
+    org_id: json["org_id"] == null ? undefined : json["org_id"],
+    prefix: json["prefix"] == null ? undefined : json["prefix"],
+    revoked: json["revoked"] == null ? undefined : json["revoked"],
+    scope: json["scope"] == null ? undefined : json["scope"],
+    updated_at:
+      json["updated_at"] == null ? undefined : new Date(json["updated_at"]),
+    user_id: json["user_id"] == null ? undefined : json["user_id"],
+  };
+}
+
+export function ModelsAPIKeyToJSON(json: any): ModelsAPIKey {
+  return ModelsAPIKeyToJSONTyped(json, false);
+}
+
+export function ModelsAPIKeyToJSONTyped(
+  value?: ModelsAPIKey | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at:
+      value["created_at"] == null
+        ? value["created_at"]
+        : value["created_at"].toISOString(),
+    expires_at:
+      value["expires_at"] == null
+        ? value["expires_at"]
+        : value["expires_at"].toISOString(),
+    id: value["id"],
+    last_used_at:
+      value["last_used_at"] == null
+        ? value["last_used_at"]
+        : value["last_used_at"].toISOString(),
+    name: value["name"],
+    org_id: value["org_id"],
+    prefix: value["prefix"],
+    revoked: value["revoked"],
+    scope: value["scope"],
+    updated_at:
+      value["updated_at"] == null
+        ? value["updated_at"]
+        : value["updated_at"].toISOString(),
+    user_id: value["user_id"],
+  };
+}
diff --git a/sdk/ts/src/models/ModelsOrganization.ts b/sdk/ts/src/models/ModelsOrganization.ts
new file mode 100644
index 0000000..b4b6f91
--- /dev/null
+++ b/sdk/ts/src/models/ModelsOrganization.ts
@@ -0,0 +1,109 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface ModelsOrganization
+ */
+export interface ModelsOrganization {
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsOrganization
+   */
+  created_at?: Date;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsOrganization
+   */
+  domain?: string;
+  /**
+   * example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
+   * @type {string}
+   * @memberof ModelsOrganization
+   */
+  id?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsOrganization
+   */
+  name?: string;
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsOrganization
+   */
+  updated_at?: Date;
+}
+
+/**
+ * Check if a given object implements the ModelsOrganization interface.
+ */
+export function instanceOfModelsOrganization(
+  value: object,
+): value is ModelsOrganization {
+  return true;
+}
+
+export function ModelsOrganizationFromJSON(json: any): ModelsOrganization {
+  return ModelsOrganizationFromJSONTyped(json, false);
+}
+
+export function ModelsOrganizationFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): ModelsOrganization {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at:
+      json["created_at"] == null ? undefined : new Date(json["created_at"]),
+    domain: json["domain"] == null ? undefined : json["domain"],
+    id: json["id"] == null ? undefined : json["id"],
+    name: json["name"] == null ? undefined : json["name"],
+    updated_at:
+      json["updated_at"] == null ? undefined : new Date(json["updated_at"]),
+  };
+}
+
+export function ModelsOrganizationToJSON(json: any): ModelsOrganization {
+  return ModelsOrganizationToJSONTyped(json, false);
+}
+
+export function ModelsOrganizationToJSONTyped(
+  value?: ModelsOrganization | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at:
+      value["created_at"] == null
+        ? value["created_at"]
+        : value["created_at"].toISOString(),
+    domain: value["domain"],
+    id: value["id"],
+    name: value["name"],
+    updated_at:
+      value["updated_at"] == null
+        ? value["updated_at"]
+        : value["updated_at"].toISOString(),
+  };
+}
diff --git a/sdk/ts/src/models/ModelsUser.ts b/sdk/ts/src/models/ModelsUser.ts
new file mode 100644
index 0000000..b7143db
--- /dev/null
+++ b/sdk/ts/src/models/ModelsUser.ts
@@ -0,0 +1,133 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface ModelsUser
+ */
+export interface ModelsUser {
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsUser
+   */
+  avatar_url?: string;
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsUser
+   */
+  created_at?: Date;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsUser
+   */
+  display_name?: string;
+  /**
+   * example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
+   * @type {string}
+   * @memberof ModelsUser
+   */
+  id?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof ModelsUser
+   */
+  is_admin?: boolean;
+  /**
+   *
+   * @type {boolean}
+   * @memberof ModelsUser
+   */
+  is_disabled?: boolean;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsUser
+   */
+  primary_email?: string;
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsUser
+   */
+  updated_at?: Date;
+}
+
+/**
+ * Check if a given object implements the ModelsUser interface.
+ */
+export function instanceOfModelsUser(value: object): value is ModelsUser {
+  return true;
+}
+
+export function ModelsUserFromJSON(json: any): ModelsUser {
+  return ModelsUserFromJSONTyped(json, false);
+}
+
+export function ModelsUserFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): ModelsUser {
+  if (json == null) {
+    return json;
+  }
+  return {
+    avatar_url: json["avatar_url"] == null ? undefined : json["avatar_url"],
+    created_at:
+      json["created_at"] == null ? undefined : new Date(json["created_at"]),
+    display_name:
+      json["display_name"] == null ? undefined : json["display_name"],
+    id: json["id"] == null ? undefined : json["id"],
+    is_admin: json["is_admin"] == null ? undefined : json["is_admin"],
+    is_disabled: json["is_disabled"] == null ? undefined : json["is_disabled"],
+    primary_email:
+      json["primary_email"] == null ? undefined : json["primary_email"],
+    updated_at:
+      json["updated_at"] == null ? undefined : new Date(json["updated_at"]),
+  };
+}
+
+export function ModelsUserToJSON(json: any): ModelsUser {
+  return ModelsUserToJSONTyped(json, false);
+}
+
+export function ModelsUserToJSONTyped(
+  value?: ModelsUser | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    avatar_url: value["avatar_url"],
+    created_at:
+      value["created_at"] == null
+        ? value["created_at"]
+        : value["created_at"].toISOString(),
+    display_name: value["display_name"],
+    id: value["id"],
+    is_admin: value["is_admin"],
+    is_disabled: value["is_disabled"],
+    primary_email: value["primary_email"],
+    updated_at:
+      value["updated_at"] == null
+        ? value["updated_at"]
+        : value["updated_at"].toISOString(),
+  };
+}
diff --git a/sdk/ts/src/models/ModelsUserEmail.ts b/sdk/ts/src/models/ModelsUserEmail.ts
new file mode 100644
index 0000000..6117f53
--- /dev/null
+++ b/sdk/ts/src/models/ModelsUserEmail.ts
@@ -0,0 +1,136 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import type {ModelsUser} from "./ModelsUser";
+import {ModelsUserFromJSON, ModelsUserToJSON,} from "./ModelsUser";
+
+/**
+ *
+ * @export
+ * @interface ModelsUserEmail
+ */
+export interface ModelsUserEmail {
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsUserEmail
+   */
+  created_at?: Date;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsUserEmail
+   */
+  email?: string;
+  /**
+   * example: 3fa85f64-5717-4562-b3fc-2c963f66afa6
+   * @type {string}
+   * @memberof ModelsUserEmail
+   */
+  id?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof ModelsUserEmail
+   */
+  is_primary?: boolean;
+  /**
+   *
+   * @type {boolean}
+   * @memberof ModelsUserEmail
+   */
+  is_verified?: boolean;
+  /**
+   *
+   * @type {Date}
+   * @memberof ModelsUserEmail
+   */
+  updated_at?: Date;
+  /**
+   *
+   * @type {ModelsUser}
+   * @memberof ModelsUserEmail
+   */
+  user?: ModelsUser;
+  /**
+   *
+   * @type {string}
+   * @memberof ModelsUserEmail
+   */
+  user_id?: string;
+}
+
+/**
+ * Check if a given object implements the ModelsUserEmail interface.
+ */
+export function instanceOfModelsUserEmail(
+  value: object,
+): value is ModelsUserEmail {
+  return true;
+}
+
+export function ModelsUserEmailFromJSON(json: any): ModelsUserEmail {
+  return ModelsUserEmailFromJSONTyped(json, false);
+}
+
+export function ModelsUserEmailFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): ModelsUserEmail {
+  if (json == null) {
+    return json;
+  }
+  return {
+    created_at:
+      json["created_at"] == null ? undefined : new Date(json["created_at"]),
+    email: json["email"] == null ? undefined : json["email"],
+    id: json["id"] == null ? undefined : json["id"],
+    is_primary: json["is_primary"] == null ? undefined : json["is_primary"],
+    is_verified: json["is_verified"] == null ? undefined : json["is_verified"],
+    updated_at:
+      json["updated_at"] == null ? undefined : new Date(json["updated_at"]),
+    user: json["user"] == null ? undefined : ModelsUserFromJSON(json["user"]),
+    user_id: json["user_id"] == null ? undefined : json["user_id"],
+  };
+}
+
+export function ModelsUserEmailToJSON(json: any): ModelsUserEmail {
+  return ModelsUserEmailToJSONTyped(json, false);
+}
+
+export function ModelsUserEmailToJSONTyped(
+  value?: ModelsUserEmail | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    created_at:
+      value["created_at"] == null
+        ? value["created_at"]
+        : value["created_at"].toISOString(),
+    email: value["email"],
+    id: value["id"],
+    is_primary: value["is_primary"],
+    is_verified: value["is_verified"],
+    updated_at:
+      value["updated_at"] == null
+        ? value["updated_at"]
+        : value["updated_at"].toISOString(),
+    user: ModelsUserToJSON(value["user"]),
+    user_id: value["user_id"],
+  };
+}
diff --git a/sdk/ts/src/models/UtilsErrorResponse.ts b/sdk/ts/src/models/UtilsErrorResponse.ts
new file mode 100644
index 0000000..dbbc2e5
--- /dev/null
+++ b/sdk/ts/src/models/UtilsErrorResponse.ts
@@ -0,0 +1,79 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+/**
+ *
+ * @export
+ * @interface UtilsErrorResponse
+ */
+export interface UtilsErrorResponse {
+  /**
+   * A machine-readable error code, e.g. "validation_error"
+   * example: validation_error
+   * @type {string}
+   * @memberof UtilsErrorResponse
+   */
+  code?: string;
+  /**
+   * Human-readable message
+   * example: slug is required
+   * @type {string}
+   * @memberof UtilsErrorResponse
+   */
+  message?: string;
+}
+
+/**
+ * Check if a given object implements the UtilsErrorResponse interface.
+ */
+export function instanceOfUtilsErrorResponse(
+  value: object,
+): value is UtilsErrorResponse {
+  return true;
+}
+
+export function UtilsErrorResponseFromJSON(json: any): UtilsErrorResponse {
+  return UtilsErrorResponseFromJSONTyped(json, false);
+}
+
+export function UtilsErrorResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean,
+): UtilsErrorResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    code: json["code"] == null ? undefined : json["code"],
+    message: json["message"] == null ? undefined : json["message"],
+  };
+}
+
+export function UtilsErrorResponseToJSON(json: any): UtilsErrorResponse {
+  return UtilsErrorResponseToJSONTyped(json, false);
+}
+
+export function UtilsErrorResponseToJSONTyped(
+  value?: UtilsErrorResponse | null,
+  ignoreDiscriminator: boolean = false,
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    code: value["code"],
+    message: value["message"],
+  };
+}
diff --git a/sdk/ts/src/models/index.ts b/sdk/ts/src/models/index.ts
new file mode 100644
index 0000000..db367d4
--- /dev/null
+++ b/sdk/ts/src/models/index.ts
@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+export * from "./DtoAnnotationResponse";
+export * from "./DtoAttachAnnotationsRequest";
+export * from "./DtoAttachBastionRequest";
+export * from "./DtoAttachCaptainDomainRequest";
+export * from "./DtoAttachLabelsRequest";
+export * from "./DtoAttachLoadBalancerRequest";
+export * from "./DtoAttachNodePoolRequest";
+export * from "./DtoAttachRecordSetRequest";
+export * from "./DtoAttachServersRequest";
+export * from "./DtoAttachTaintsRequest";
+export * from "./DtoAuthStartResponse";
+export * from "./DtoClusterResponse";
+export * from "./DtoCreateAnnotationRequest";
+export * from "./DtoCreateClusterRequest";
+export * from "./DtoCreateCredentialRequest";
+export * from "./DtoCreateDomainRequest";
+export * from "./DtoCreateLabelRequest";
+export * from "./DtoCreateLoadBalancerRequest";
+export * from "./DtoCreateNodePoolRequest";
+export * from "./DtoCreateRecordSetRequest";
+export * from "./DtoCreateSSHRequest";
+export * from "./DtoCreateServerRequest";
+export * from "./DtoCreateTaintRequest";
+export * from "./DtoCredentialOut";
+export * from "./DtoDomainResponse";
+export * from "./DtoEnqueueRequest";
+export * from "./DtoJWK";
+export * from "./DtoJWKS";
+export * from "./DtoJob";
+export * from "./DtoJobStatus";
+export * from "./DtoLabelResponse";
+export * from "./DtoLoadBalancerResponse";
+export * from "./DtoLogoutRequest";
+export * from "./DtoNodePoolResponse";
+export * from "./DtoPageJob";
+export * from "./DtoQueueInfo";
+export * from "./DtoRecordSetResponse";
+export * from "./DtoRefreshRequest";
+export * from "./DtoServerResponse";
+export * from "./DtoSetKubeconfigRequest";
+export * from "./DtoSshResponse";
+export * from "./DtoSshRevealResponse";
+export * from "./DtoTaintResponse";
+export * from "./DtoTokenPair";
+export * from "./DtoUpdateAnnotationRequest";
+export * from "./DtoUpdateClusterRequest";
+export * from "./DtoUpdateCredentialRequest";
+export * from "./DtoUpdateDomainRequest";
+export * from "./DtoUpdateLabelRequest";
+export * from "./DtoUpdateLoadBalancerRequest";
+export * from "./DtoUpdateNodePoolRequest";
+export * from "./DtoUpdateRecordSetRequest";
+export * from "./DtoUpdateServerRequest";
+export * from "./DtoUpdateTaintRequest";
+export * from "./GetSSHKey200Response";
+export * from "./HandlersCreateUserKeyRequest";
+export * from "./HandlersHealthStatus";
+export * from "./HandlersMeResponse";
+export * from "./HandlersMemberOut";
+export * from "./HandlersMemberUpsertReq";
+export * from "./HandlersOrgCreateReq";
+export * from "./HandlersOrgKeyCreateReq";
+export * from "./HandlersOrgKeyCreateResp";
+export * from "./HandlersOrgUpdateReq";
+export * from "./HandlersUpdateMeRequest";
+export * from "./HandlersUserAPIKeyOut";
+export * from "./HandlersVersionResponse";
+export * from "./ModelsAPIKey";
+export * from "./ModelsOrganization";
+export * from "./ModelsUser";
+export * from "./ModelsUserEmail";
+export * from "./UtilsErrorResponse";
diff --git a/sdk/ts/src/runtime.ts b/sdk/ts/src/runtime.ts
new file mode 100644
index 0000000..48b35e9
--- /dev/null
+++ b/sdk/ts/src/runtime.ts
@@ -0,0 +1,533 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * AutoGlue API
+ * API for managing K3s clusters across cloud providers
+ *
+ * The version of the OpenAPI document: dev
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+export const BASE_PATH = "https://autoglue.glueopshosted.com/api/v1".replace(
+  /\/+$/,
+  "",
+);
+
+export interface ConfigurationParameters {
+  basePath?: string; // override base path
+  fetchApi?: FetchAPI; // override for fetch implementation
+  middleware?: Middleware[]; // middleware to apply before/after fetch requests
+  queryParamsStringify?: (params: HTTPQuery) => string; // stringify function for query strings
+  username?: string; // parameter for basic security
+  password?: string; // parameter for basic security
+  apiKey?:
+    | string
+    | Promise<string>
+    | ((name: string) => string | Promise<string>); // parameter for apiKey security
+  accessToken?:
+    | string
+    | Promise<string>
+    | ((name?: string, scopes?: string[]) => string | Promise<string>); // parameter for oauth2 security
+  headers?: HTTPHeaders; //header params we want to use on every request
+  credentials?: RequestCredentials; //value for the credentials param we want to use on each request
+}
+
+export class Configuration {
+  constructor(private configuration: ConfigurationParameters = {}) {}
+
+  set config(configuration: Configuration) {
+    this.configuration = configuration;
+  }
+
+  get basePath(): string {
+    return this.configuration.basePath != null
+      ? this.configuration.basePath
+      : BASE_PATH;
+  }
+
+  get fetchApi(): FetchAPI | undefined {
+    return this.configuration.fetchApi;
+  }
+
+  get middleware(): Middleware[] {
+    return this.configuration.middleware || [];
+  }
+
+  get queryParamsStringify(): (params: HTTPQuery) => string {
+    return this.configuration.queryParamsStringify || querystring;
+  }
+
+  get username(): string | undefined {
+    return this.configuration.username;
+  }
+
+  get password(): string | undefined {
+    return this.configuration.password;
+  }
+
+  get apiKey(): ((name: string) => string | Promise<string>) | undefined {
+    const apiKey = this.configuration.apiKey;
+    if (apiKey) {
+      return typeof apiKey === "function" ? apiKey : () => apiKey;
+    }
+    return undefined;
+  }
+
+  get accessToken():
+    | ((name?: string, scopes?: string[]) => string | Promise<string>)
+    | undefined {
+    const accessToken = this.configuration.accessToken;
+    if (accessToken) {
+      return typeof accessToken === "function"
+        ? accessToken
+        : async () => accessToken;
+    }
+    return undefined;
+  }
+
+  get headers(): HTTPHeaders | undefined {
+    return this.configuration.headers;
+  }
+
+  get credentials(): RequestCredentials | undefined {
+    return this.configuration.credentials;
+  }
+}
+
+export const DefaultConfig = new Configuration();
+
+/**
+ * This is the base class for all generated API classes.
+ */
+export class BaseAPI {
+  private static readonly jsonRegex = new RegExp(
+    "^(:?application\/json|[^;/ \t]+\/[^;/ \t]+[+]json)[ \t]*(:?;.*)?$",
+    "i",
+  );
+  private middleware: Middleware[];
+
+  constructor(protected configuration = DefaultConfig) {
+    this.middleware = configuration.middleware;
+  }
+
+  withMiddleware<T extends BaseAPI>(this: T, ...middlewares: Middleware[]) {
+    const next = this.clone<T>();
+    next.middleware = next.middleware.concat(...middlewares);
+    return next;
+  }
+
+  withPreMiddleware<T extends BaseAPI>(
+    this: T,
+    ...preMiddlewares: Array<Middleware["pre"]>
+  ) {
+    const middlewares = preMiddlewares.map((pre) => ({ pre }));
+    return this.withMiddleware<T>(...middlewares);
+  }
+
+  withPostMiddleware<T extends BaseAPI>(
+    this: T,
+    ...postMiddlewares: Array<Middleware["post"]>
+  ) {
+    const middlewares = postMiddlewares.map((post) => ({ post }));
+    return this.withMiddleware<T>(...middlewares);
+  }
+
+  /**
+   * Check if the given MIME is a JSON MIME.
+   * JSON MIME examples:
+   *   application/json
+   *   application/json; charset=UTF8
+   *   APPLICATION/JSON
+   *   application/vnd.company+json
+   * @param mime - MIME (Multipurpose Internet Mail Extensions)
+   * @return True if the given MIME is JSON, false otherwise.
+   */
+  protected isJsonMime(mime: string | null | undefined): boolean {
+    if (!mime) {
+      return false;
+    }
+    return BaseAPI.jsonRegex.test(mime);
+  }
+
+  protected async request(
+    context: RequestOpts,
+    initOverrides?: RequestInit | InitOverrideFunction,
+  ): Promise<Response> {
+    const { url, init } = await this.createFetchParams(context, initOverrides);
+    const response = await this.fetchApi(url, init);
+    if (response && response.status >= 200 && response.status < 300) {
+      return response;
+    }
+    throw new ResponseError(response, "Response returned an error code");
+  }
+
+  private async createFetchParams(
+    context: RequestOpts,
+    initOverrides?: RequestInit | InitOverrideFunction,
+  ) {
+    let url = this.configuration.basePath + context.path;
+    if (
+      context.query !== undefined &&
+      Object.keys(context.query).length !== 0
+    ) {
+      // only add the querystring to the URL if there are query parameters.
+      // this is done to avoid urls ending with a "?" character which buggy webservers
+      // do not handle correctly sometimes.
+      url += "?" + this.configuration.queryParamsStringify(context.query);
+    }
+
+    const headers = Object.assign(
+      {},
+      this.configuration.headers,
+      context.headers,
+    );
+    Object.keys(headers).forEach((key) =>
+      headers[key] === undefined ? delete headers[key] : {},
+    );
+
+    const initOverrideFn =
+      typeof initOverrides === "function"
+        ? initOverrides
+        : async () => initOverrides;
+
+    const initParams = {
+      method: context.method,
+      headers,
+      body: context.body,
+      credentials: this.configuration.credentials,
+    };
+
+    const overriddenInit: RequestInit = {
+      ...initParams,
+      ...(await initOverrideFn({
+        init: initParams,
+        context,
+      })),
+    };
+
+    let body: any;
+    if (
+      isFormData(overriddenInit.body) ||
+      overriddenInit.body instanceof URLSearchParams ||
+      isBlob(overriddenInit.body)
+    ) {
+      body = overriddenInit.body;
+    } else if (this.isJsonMime(headers["Content-Type"])) {
+      body = JSON.stringify(overriddenInit.body);
+    } else {
+      body = overriddenInit.body;
+    }
+
+    const init: RequestInit = {
+      ...overriddenInit,
+      body,
+    };
+
+    return { url, init };
+  }
+
+  private fetchApi = async (url: string, init: RequestInit) => {
+    let fetchParams = { url, init };
+    for (const middleware of this.middleware) {
+      if (middleware.pre) {
+        fetchParams =
+          (await middleware.pre({
+            fetch: this.fetchApi,
+            ...fetchParams,
+          })) || fetchParams;
+      }
+    }
+    let response: Response | undefined = undefined;
+    try {
+      response = await (this.configuration.fetchApi || fetch)(
+        fetchParams.url,
+        fetchParams.init,
+      );
+    } catch (e) {
+      for (const middleware of this.middleware) {
+        if (middleware.onError) {
+          response =
+            (await middleware.onError({
+              fetch: this.fetchApi,
+              url: fetchParams.url,
+              init: fetchParams.init,
+              error: e,
+              response: response ? response.clone() : undefined,
+            })) || response;
+        }
+      }
+      if (response === undefined) {
+        if (e instanceof Error) {
+          throw new FetchError(
+            e,
+            "The request failed and the interceptors did not return an alternative response",
+          );
+        } else {
+          throw e;
+        }
+      }
+    }
+    for (const middleware of this.middleware) {
+      if (middleware.post) {
+        response =
+          (await middleware.post({
+            fetch: this.fetchApi,
+            url: fetchParams.url,
+            init: fetchParams.init,
+            response: response.clone(),
+          })) || response;
+      }
+    }
+    return response;
+  };
+
+  /**
+   * Create a shallow clone of `this` by constructing a new instance
+   * and then shallow cloning data members.
+   */
+  private clone<T extends BaseAPI>(this: T): T {
+    const constructor = this.constructor as any;
+    const next = new constructor(this.configuration);
+    next.middleware = this.middleware.slice();
+    return next;
+  }
+}
+
+function isBlob(value: any): value is Blob {
+  return typeof Blob !== "undefined" && value instanceof Blob;
+}
+
+function isFormData(value: any): value is FormData {
+  return typeof FormData !== "undefined" && value instanceof FormData;
+}
+
+export class ResponseError extends Error {
+  override name: "ResponseError" = "ResponseError";
+  constructor(
+    public response: Response,
+    msg?: string,
+  ) {
+    super(msg);
+  }
+}
+
+export class FetchError extends Error {
+  override name: "FetchError" = "FetchError";
+  constructor(
+    public cause: Error,
+    msg?: string,
+  ) {
+    super(msg);
+  }
+}
+
+export class RequiredError extends Error {
+  override name: "RequiredError" = "RequiredError";
+  constructor(
+    public field: string,
+    msg?: string,
+  ) {
+    super(msg);
+  }
+}
+
+export const COLLECTION_FORMATS = {
+  csv: ",",
+  ssv: " ",
+  tsv: "\t",
+  pipes: "|",
+};
+
+export type FetchAPI = WindowOrWorkerGlobalScope["fetch"];
+
+export type Json = any;
+export type HTTPMethod =
+  | "GET"
+  | "POST"
+  | "PUT"
+  | "PATCH"
+  | "DELETE"
+  | "OPTIONS"
+  | "HEAD";
+export type HTTPHeaders = { [key: string]: string };
+export type HTTPQuery = {
+  [key: string]:
+    | string
+    | number
+    | null
+    | boolean
+    | Array<string | number | null | boolean>
+    | Set<string | number | null | boolean>
+    | HTTPQuery;
+};
+export type HTTPBody = Json | FormData | URLSearchParams;
+export type HTTPRequestInit = {
+  headers?: HTTPHeaders;
+  method: HTTPMethod;
+  credentials?: RequestCredentials;
+  body?: HTTPBody;
+};
+export type ModelPropertyNaming =
+  | "camelCase"
+  | "snake_case"
+  | "PascalCase"
+  | "original";
+
+export type InitOverrideFunction = (requestContext: {
+  init: HTTPRequestInit;
+  context: RequestOpts;
+}) => Promise<RequestInit>;
+
+export interface FetchParams {
+  url: string;
+  init: RequestInit;
+}
+
+export interface RequestOpts {
+  path: string;
+  method: HTTPMethod;
+  headers: HTTPHeaders;
+  query?: HTTPQuery;
+  body?: HTTPBody;
+}
+
+export function querystring(params: HTTPQuery, prefix: string = ""): string {
+  return Object.keys(params)
+    .map((key) => querystringSingleKey(key, params[key], prefix))
+    .filter((part) => part.length > 0)
+    .join("&");
+}
+
+function querystringSingleKey(
+  key: string,
+  value:
+    | string
+    | number
+    | null
+    | undefined
+    | boolean
+    | Array<string | number | null | boolean>
+    | Set<string | number | null | boolean>
+    | HTTPQuery,
+  keyPrefix: string = "",
+): string {
+  const fullKey = keyPrefix + (keyPrefix.length ? `[${key}]` : key);
+  if (value instanceof Array) {
+    const multiValue = value
+      .map((singleValue) => encodeURIComponent(String(singleValue)))
+      .join(`&${encodeURIComponent(fullKey)}=`);
+    return `${encodeURIComponent(fullKey)}=${multiValue}`;
+  }
+  if (value instanceof Set) {
+    const valueAsArray = Array.from(value);
+    return querystringSingleKey(key, valueAsArray, keyPrefix);
+  }
+  if (value instanceof Date) {
+    return `${encodeURIComponent(fullKey)}=${encodeURIComponent(value.toISOString())}`;
+  }
+  if (value instanceof Object) {
+    return querystring(value as HTTPQuery, fullKey);
+  }
+  return `${encodeURIComponent(fullKey)}=${encodeURIComponent(String(value))}`;
+}
+
+export function exists(json: any, key: string) {
+  const value = json[key];
+  return value !== null && value !== undefined;
+}
+
+export function mapValues(data: any, fn: (item: any) => any) {
+  const result: { [key: string]: any } = {};
+  for (const key of Object.keys(data)) {
+    result[key] = fn(data[key]);
+  }
+  return result;
+}
+
+export function canConsumeForm(consumes: Consume[]): boolean {
+  for (const consume of consumes) {
+    if ("multipart/form-data" === consume.contentType) {
+      return true;
+    }
+  }
+  return false;
+}
+
+export interface Consume {
+  contentType: string;
+}
+
+export interface RequestContext {
+  fetch: FetchAPI;
+  url: string;
+  init: RequestInit;
+}
+
+export interface ResponseContext {
+  fetch: FetchAPI;
+  url: string;
+  init: RequestInit;
+  response: Response;
+}
+
+export interface ErrorContext {
+  fetch: FetchAPI;
+  url: string;
+  init: RequestInit;
+  error: unknown;
+  response?: Response;
+}
+
+export interface Middleware {
+  pre?(context: RequestContext): Promise<FetchParams | void>;
+  post?(context: ResponseContext): Promise<Response | void>;
+  onError?(context: ErrorContext): Promise<Response | void>;
+}
+
+export interface ApiResponse<T> {
+  raw: Response;
+  value(): Promise<T>;
+}
+
+export interface ResponseTransformer<T> {
+  (json: any): T;
+}
+
+export class JSONApiResponse<T> {
+  constructor(
+    public raw: Response,
+    private transformer: ResponseTransformer<T> = (jsonValue: any) => jsonValue,
+  ) {}
+
+  async value(): Promise<T> {
+    return this.transformer(await this.raw.json());
+  }
+}
+
+export class VoidApiResponse {
+  constructor(public raw: Response) {}
+
+  async value(): Promise<void> {
+    return undefined;
+  }
+}
+
+export class BlobApiResponse {
+  constructor(public raw: Response) {}
+
+  async value(): Promise<Blob> {
+    return await this.raw.blob();
+  }
+}
+
+export class TextApiResponse {
+  constructor(public raw: Response) {}
+
+  async value(): Promise<string> {
+    return await this.raw.text();
+  }
+}
diff --git a/sdk/ts/tsconfig.esm.json b/sdk/ts/tsconfig.esm.json
new file mode 100644
index 0000000..2c0331c
--- /dev/null
+++ b/sdk/ts/tsconfig.esm.json
@@ -0,0 +1,7 @@
+{
+  "extends": "./tsconfig.json",
+  "compilerOptions": {
+    "module": "esnext",
+    "outDir": "dist/esm"
+  }
+}
diff --git a/sdk/ts/tsconfig.json b/sdk/ts/tsconfig.json
new file mode 100644
index 0000000..e69c9c2
--- /dev/null
+++ b/sdk/ts/tsconfig.json
@@ -0,0 +1,11 @@
+{
+  "compilerOptions": {
+    "declaration": true,
+    "target": "es6",
+    "module": "commonjs",
+    "moduleResolution": "node",
+    "outDir": "dist",
+    "typeRoots": ["node_modules/@types"]
+  },
+  "exclude": ["dist", "node_modules"]
+}
diff --git a/ui/src/api/ssh.ts b/ui/src/api/ssh.ts
index 04722d6..e8459ab 100644
--- a/ui/src/api/ssh.ts
+++ b/ui/src/api/ssh.ts
@@ -43,10 +43,17 @@ export const sshApi = {
 
   revealSshKeyById: (id: string) =>
     withRefresh(async (): Promise<DtoSshRevealResponse> => {
-      return await ssh.getSSHKey({ id, reveal: true as any })
-      // Note: TS fetch generator often models query params as part of params bag.
-      // If your generated client uses a different shape, change to:
-      // return await ssh.getSSHKeyRaw({ id, reveal: true }).then(r => r.value())
+      // Create the URL for the reveal endpoint
+      const url = new URL(`/api/v1/ssh/${id}`, window.location.origin)
+      url.searchParams.set("reveal", "true") // Add the reveal query parameter
+
+      // Use the custom fetch utility that includes authentication headers
+      const res = await authedFetch(url.toString())
+      if (!res.ok) throw new Error(`Failed to reveal key: ${res.statusText}`)
+
+      // Parse the JSON directly, bypassing the generated SDK's DTO mapping.
+      // This preserves the 'private_key' field.
+      return (await res.json()) as DtoSshRevealResponse
     }),
 
   deleteSshKey: (id: string) =>
diff --git a/ui/src/pages/credential-page.tsx b/ui/src/pages/credential-page.tsx
index ba7150c..4fbc4d1 100644
--- a/ui/src/pages/credential-page.tsx
+++ b/ui/src/pages/credential-page.tsx
@@ -1,66 +1,28 @@
-import { useMemo, useState } from "react"
-import { credentialsApi } from "@/api/credentials"
-import { zodResolver } from "@hookform/resolvers/zod"
-import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query"
-import {
-  AlertTriangle,
-  Eye,
-  Loader2,
-  MoreHorizontal,
-  Pencil,
-  Plus,
-  Search,
-  Trash2,
-} from "lucide-react"
-import { Controller, useForm } from "react-hook-form"
-import { toast } from "sonner"
-import { z } from "zod"
+import { useMemo, useState } from "react";
+import { credentialsApi } from "@/api/credentials";
+import { zodResolver } from "@hookform/resolvers/zod";
+import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query";
+import { AlertTriangle, Eye, Loader2, MoreHorizontal, Pencil, Plus, Search, Trash2 } from "lucide-react";
+import { Controller, useForm } from "react-hook-form";
+import { toast } from "sonner";
+import { z } from "zod";
+
+
+
+import { AlertDialog, AlertDialogAction, AlertDialogCancel, AlertDialogContent, AlertDialogDescription, AlertDialogFooter, AlertDialogHeader, AlertDialogTitle, AlertDialogTrigger } from "@/components/ui/alert-dialog";
+import { Badge } from "@/components/ui/badge";
+import { Button } from "@/components/ui/button";
+import { Dialog, DialogContent, DialogFooter, DialogHeader, DialogTitle, DialogTrigger } from "@/components/ui/dialog";
+import { DropdownMenu, DropdownMenuContent, DropdownMenuItem, DropdownMenuTrigger } from "@/components/ui/dropdown-menu";
+import { Form, FormControl, FormField, FormItem, FormLabel, FormMessage } from "@/components/ui/form";
+import { Input } from "@/components/ui/input";
+import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from "@/components/ui/select";
+import { Switch } from "@/components/ui/switch";
+import { Textarea } from "@/components/ui/textarea";
+
+
+
 
-import {
-  AlertDialog,
-  AlertDialogAction,
-  AlertDialogCancel,
-  AlertDialogContent,
-  AlertDialogDescription,
-  AlertDialogFooter,
-  AlertDialogHeader,
-  AlertDialogTitle,
-  AlertDialogTrigger,
-} from "@/components/ui/alert-dialog"
-import { Badge } from "@/components/ui/badge"
-import { Button } from "@/components/ui/button"
-import {
-  Dialog,
-  DialogContent,
-  DialogFooter,
-  DialogHeader,
-  DialogTitle,
-  DialogTrigger,
-} from "@/components/ui/dialog"
-import {
-  DropdownMenu,
-  DropdownMenuContent,
-  DropdownMenuItem,
-  DropdownMenuTrigger,
-} from "@/components/ui/dropdown-menu"
-import {
-  Form,
-  FormControl,
-  FormField,
-  FormItem,
-  FormLabel,
-  FormMessage,
-} from "@/components/ui/form"
-import { Input } from "@/components/ui/input"
-import {
-  Select,
-  SelectContent,
-  SelectItem,
-  SelectTrigger,
-  SelectValue,
-} from "@/components/ui/select"
-import { Switch } from "@/components/ui/switch"
-import { Textarea } from "@/components/ui/textarea"
 
 // -------------------- Constants --------------------
 
@@ -71,7 +33,7 @@ type AwsSvc = (typeof AWS_ALLOWED_SERVICES)[number]
 
 const createCredentialSchema = z
   .object({
-    provider: z.enum(["aws", "cloudflare", "hetzner", "digitalocean", "generic"]),
+    credential_provider: z.enum(["aws", "cloudflare", "hetzner", "digitalocean", "generic"]),
     kind: z.enum(["aws_access_key", "api_token", "basic_auth", "oauth2"]),
     schema_version: z.number().default(1),
     name: z.string().min(1, "Name is required").max(100),
@@ -91,7 +53,7 @@ const createCredentialSchema = z
     secret: z.any(),
   })
   .superRefine((val, ctx) => {
-    if (val.provider === "aws") {
+    if (val.credential_provider === "aws") {
       if (val.scope_kind === "service") {
         const svc = (val.scope as any)?.service
         if (!AWS_ALLOWED_SERVICES.includes(svc)) {
@@ -198,11 +160,11 @@ function extractErr(e: any): string {
   return "Unknown error"
 }
 
-function isAwsServiceScope({ provider, scope_kind }: { provider?: string; scope_kind?: string }) {
-  return provider === "aws" && scope_kind === "service"
+function isAwsServiceScope({ credential_provider, scope_kind }: { credential_provider?: string; scope_kind?: string }) {
+  return credential_provider === "aws" && scope_kind === "service"
 }
-function isAwsResourceScope({ provider, scope_kind }: { provider?: string; scope_kind?: string }) {
-  return provider === "aws" && scope_kind === "resource"
+function isAwsResourceScope({ credential_provider, scope_kind }: { credential_provider?: string; scope_kind?: string }) {
+  return credential_provider === "aws" && scope_kind === "resource"
 }
 function isProviderScope({ scope_kind }: { scope_kind?: string }) {
   return scope_kind === "provider"
@@ -210,7 +172,7 @@ function isProviderScope({ scope_kind }: { scope_kind?: string }) {
 
 function defaultCreateValues(): CreateCredentialValues {
   return {
-    provider: "aws",
+    credential_provider: "aws",
     kind: "aws_access_key",
     schema_version: 1,
     name: "",
@@ -226,7 +188,7 @@ function defaultCreateValues(): CreateCredentialValues {
 // Build exact POST body as the SDK sends it
 function buildCreateBody(v: CreateCredentialValues) {
   return {
-    provider: v.provider,
+    credential_provider: v.credential_provider,
     kind: v.kind,
     schema_version: v.schema_version ?? 1,
     name: v.name,
@@ -250,7 +212,7 @@ function buildUpdateBody(v: z.infer<typeof updateCredentialSchema>) {
     "scope_version",
     "scope",
     "secret",
-    "provider",
+    "credential_provider",
     "kind",
     "schema_version",
   ]
@@ -413,7 +375,7 @@ export const CredentialPage = () => {
     )
 
   // Create form watchers
-  const provider = createForm.watch("provider")
+  const credential_provider = createForm.watch("credential_provider")
   const kind = createForm.watch("kind")
   const scopeKind = createForm.watch("scope_kind")
 
@@ -424,7 +386,7 @@ export const CredentialPage = () => {
 
   function ensureCreateDefaultsForSecret() {
     if (useRawSecretJSON) return
-    if (provider === "aws" && kind === "aws_access_key") {
+    if (credential_provider === "aws" && kind === "aws_access_key") {
       const s = createForm.getValues("secret") ?? {}
       setCreateSecret({
         access_key_id: s.access_key_id ?? "",
@@ -502,7 +464,7 @@ export const CredentialPage = () => {
                   <div className="grid grid-cols-1 gap-4 md:grid-cols-2">
                     <FormField
                       control={createForm.control}
-                      name="provider"
+                      name="credential_provider"
                       render={({ field }) => (
                         <FormItem>
                           <FormLabel>Provider</FormLabel>
@@ -629,7 +591,7 @@ export const CredentialPage = () => {
                   {/* Scope UI (create) */}
                   {!isProviderScope({ scope_kind: scopeKind }) && (
                     <>
-                      {isAwsServiceScope({ provider, scope_kind: scopeKind }) ? (
+                      {isAwsServiceScope({ credential_provider, scope_kind: scopeKind }) ? (
                         <FormItem>
                           <FormLabel>Service</FormLabel>
                           <Controller
@@ -659,7 +621,7 @@ export const CredentialPage = () => {
                             Must be one of: {AWS_ALLOWED_SERVICES.join(", ")}.
                           </p>
                         </FormItem>
-                      ) : isAwsResourceScope({ provider, scope_kind: scopeKind }) ? (
+                      ) : isAwsResourceScope({ credential_provider, scope_kind: scopeKind }) ? (
                         <FormItem>
                           <FormLabel>Resource ARN</FormLabel>
                           <Controller
@@ -753,7 +715,7 @@ export const CredentialPage = () => {
                     />
                   ) : (
                     <>
-                      {provider === "aws" && kind === "aws_access_key" && (
+                      {credential_provider === "aws" && kind === "aws_access_key" && (
                         <div className="grid grid-cols-1 gap-4 md:grid-cols-2">
                           <FormItem>
                             <FormLabel>Access Key ID</FormLabel>
@@ -1095,7 +1057,7 @@ export const CredentialPage = () => {
               <div className="grid grid-cols-1 gap-4 md:grid-cols-2">
                 <FormField
                   control={editForm.control}
-                  name="provider"
+                  name="credential_provider"
                   render={({ field }) => (
                     <FormItem>
                       <FormLabel>Provider</FormLabel>
@@ -1383,7 +1345,6 @@ export const CredentialPage = () => {
           </DialogFooter>
         </DialogContent>
       </Dialog>
-      <pre>{JSON.stringify(credentialQ.data, null, 2)}</pre>
     </div>
   )
 }
diff --git a/ui/src/pages/dns-page.tsx b/ui/src/pages/dns-page.tsx
index 9caf381..5aedef0 100644
--- a/ui/src/pages/dns-page.tsx
+++ b/ui/src/pages/dns-page.tsx
@@ -110,7 +110,7 @@ const joinCommaList = (arr?: string[] | null) => (arr && arr.length ? arr.join("
 const rrtypes = ["A", "AAAA", "CNAME", "TXT", "MX", "NS", "SRV", "CAA"]
 
 const isR53 = (c: DtoCredentialOut) =>
-  c.provider === "aws" &&
+  c.credential_provider === "aws" &&
   c.scope_kind === "service" &&
   (() => {
     const s = (c as any).scope