/**
 * Service-token requests — user-submitted requests for org-scoped service
 * tokens that require admin approval before a token is minted. Paired
 * with `serviceTokens.ts` (which owns the final credential).
 *
 *   POST   /orgs/:orgId/service-token-requests              — submit
 *   GET    /orgs/:orgId/service-token-requests              — list
 *   GET    /orgs/:orgId/service-token-requests/:id          — get
 *   POST   /orgs/:orgId/service-token-requests/:id/approve  — admin approve
 *   POST   /orgs/:orgId/service-token-requests/:id/deny     — admin deny
 *   POST   /orgs/:orgId/service-token-requests/:id/cancel   — requester cancel
 *   POST   /orgs/:orgId/service-token-requests/:id/mint     — mint after approve
 */
import type { Client } from './client.js';
export type ServiceTokenRequestStatus = 'pending' | 'approved' | 'denied' | 'cancelled' | 'minted' | 'expired';
export interface ServiceTokenRequestView {
    readonly id: string;
    readonly orgId: string;
    readonly requestedBy: string;
    readonly name: string;
    readonly scopes: readonly string[];
    readonly projectId: string | null;
    readonly environmentId: string | null;
    readonly reason: string | null;
    readonly status: ServiceTokenRequestStatus;
    readonly createdAt: string;
    readonly decidedAt: string | null;
    readonly decidedBy: string | null;
    readonly mintedAt: string | null;
    readonly tokenId: string | null;
}
export interface SubmitInput {
    readonly name: string;
    readonly scopes: readonly string[];
    readonly projectId?: string | null;
    readonly environmentId?: string | null;
    readonly reason?: string;
    readonly expiresInDays?: number | null;
}
export declare const submit: (client: Client, orgId: string, body: SubmitInput) => Promise<{
    request: ServiceTokenRequestView;
}>;
export declare const list: (client: Client, orgId: string, query?: {
    readonly status?: ServiceTokenRequestStatus;
}) => Promise<{
    requests: readonly ServiceTokenRequestView[];
}>;
export declare const get: (client: Client, orgId: string, id: string) => Promise<{
    request: ServiceTokenRequestView;
}>;
export declare const approve: (client: Client, orgId: string, id: string, body?: {
    readonly note?: string;
}) => Promise<{
    request: ServiceTokenRequestView;
}>;
export declare const deny: (client: Client, orgId: string, id: string, body?: {
    readonly reason?: string;
}) => Promise<{
    request: ServiceTokenRequestView;
}>;
export declare const cancel: (client: Client, orgId: string, id: string) => Promise<{
    request: ServiceTokenRequestView;
}>;
export interface MintResult {
    /** Raw bearer token — shown ONCE; the server stores a hash. */
    readonly token: string;
    readonly tokenId: string;
    readonly request: ServiceTokenRequestView;
}
export declare const mint: (client: Client, orgId: string, id: string) => Promise<MintResult>;
//# sourceMappingURL=serviceTokenRequests.d.ts.map