components:
  schemas:
    LoginRequest:
      type: object
      additionalProperties: false
      required:
        - login
      properties:
        clientId:
          type: string
          description: Client identifier bound to refresh token lifecycle and client policy checks.
        deviceId:
          type: string
          description: Device/server identifier associated with the client session.
        login:
          $ref: ../../../models/auth/login_data.yaml#/components/schemas/LoginData

    ApiLoginRequest:
      allOf:
        - $ref: ./auth.yaml#/components/schemas/LoginRequest
        - type: object
          additionalProperties: false
          required:
            - clientId
            - deviceId
            - clientSecret
          properties:
            clientSecret:
              type: string
              format: password
              description: Client secret for `client_secret_post` authentication.

    RefreshTokenRequest:
      $ref: ../../../models/auth/client_refresh_token.yaml#/components/schemas/ClientRefreshToken