/**
 * OIDC trust policies (ADR-059 §4) — federate CI providers into Sylphx
 * service-token minting without long-lived shared secrets.
 *
 *   GET    /projects/:id/oidc-policies
 *   POST   /projects/:id/oidc-policies
 *   DELETE /projects/:id/oidc-policies/:policyId
 *
 * Supported providers: github-actions, gitlab-ci, bitbucket-pipelines,
 * custom. Each policy pins an issuer + subject pattern + allowed scope
 * set; tokens exchanged through the policy inherit exactly those scopes.
 */
import type { CreateOidcPolicyInput, DeleteOidcPolicyResult, ListOidcPoliciesResult, OidcPolicyView } from '@sylphx/contract';
import type { Client } from './client.js';
export type OidcProvider = 'github-actions' | 'gitlab-ci' | 'bitbucket-pipelines' | 'custom';
export declare const SUPPORTED_PROVIDERS: readonly OidcProvider[];
export type OidcPolicy = OidcPolicyView;
export declare const list: (client: Client, projectId: string) => Promise<ListOidcPoliciesResult>;
export type CreateInput = Omit<CreateOidcPolicyInput, 'provider'> & {
    readonly provider: OidcProvider;
};
export declare const create: (client: Client, projectId: string, input: CreateInput) => Promise<OidcPolicy>;
declare const _delete: (client: Client, projectId: string, policyId: string) => Promise<DeleteOidcPolicyResult>;
export { _delete as delete };
//# sourceMappingURL=oidc.d.ts.map