/**
 * Authorize an agent request.
 * This is a mutation (not a query) because it updates counters and last activity.
 *
 * Steps:
 * 1. Validate API key
 * 2. Check agent is active
 * 3. Check function permissions
 * 4. Check function global override
 * 5. Check rate limits
 *
 * Returns the agent id if authorized, or an error.
 */
export declare const authorizeRequest: import("convex/server").RegisteredMutation<"public", {
    estimatedCost?: number | undefined;
    apiKey: string;
    functionKey: string;
}, Promise<{
    authorized: false;
    error: string;
    statusCode: number;
    agentId: import("convex/values").GenericId<"agents">;
    retryAfterSeconds?: undefined;
} | {
    authorized: false;
    error: string;
    statusCode: number;
    retryAfterSeconds: number;
    agentId: import("convex/values").GenericId<"agents">;
} | {
    authorized: true;
    agentId: import("convex/values").GenericId<"agents">;
    error?: undefined;
    statusCode?: undefined;
    retryAfterSeconds?: undefined;
} | {
    authorized: false;
    error: string;
    statusCode: number;
}>>;
export declare const authorizeByAppKey: import("convex/server").RegisteredMutation<"public", {
    estimatedCost?: number | undefined;
    appKey: string;
    functionKey: string;
}, Promise<{
    authorized: false;
    error: string;
    statusCode: number;
    agentId: import("convex/values").GenericId<"agents">;
    retryAfterSeconds?: undefined;
} | {
    authorized: false;
    error: string;
    statusCode: number;
    retryAfterSeconds: number;
    agentId: import("convex/values").GenericId<"agents">;
} | {
    authorized: true;
    agentId: import("convex/values").GenericId<"agents">;
    error?: undefined;
    statusCode?: undefined;
    retryAfterSeconds?: undefined;
} | {
    authorized: false;
    error: string;
    statusCode: number;
}>>;
/**
 * Log an access attempt to the audit log.
 * Called after function execution (success or failure).
 */
export declare const logAccess: import("convex/server").RegisteredMutation<"public", {
    appUserSubjectHash?: string | undefined;
    error?: string | undefined;
    errorCode?: string | undefined;
    linkStatus?: string | undefined;
    linkedProvider?: string | undefined;
    providerUserIdHash?: string | undefined;
    rateLimited?: boolean | undefined;
    result?: any;
    serviceId?: string | undefined;
    agentId: import("convex/values").GenericId<"agents">;
    functionKey: string;
    args: any;
    duration: number;
    timestamp: number;
}, Promise<null>>;
/**
 * Query access logs for audit purposes.
 */
export declare const queryAccessLog: import("convex/server").RegisteredQuery<"public", {
    agentId?: import("convex/values").GenericId<"agents"> | undefined;
    functionKey?: string | undefined;
    serviceId?: string | undefined;
    limit?: number | undefined;
}, Promise<{
    _id: import("convex/values").GenericId<"agentLogs">;
    timestamp: number;
    agentId: import("convex/values").GenericId<"agents">;
    serviceId: string | undefined;
    functionKey: string;
    args: any;
    result: any;
    error: string | undefined;
    errorCode: string | undefined;
    duration: number;
    linkedProvider: string | undefined;
    providerUserIdHash: string | undefined;
    appUserSubjectHash: string | undefined;
    linkStatus: string | undefined;
    rateLimited: boolean | undefined;
}[]>>;
//# sourceMappingURL=gateway.d.ts.map