IAV-848/feat(integration): secondary credentials support & agent integration model unification

Summary

This MR introduces secondary credentials support across the integration layer, allowing an agent integration to hold multiple credentials of different types simultaneously (e.g., a primary OAuth token + a secondary API key). It also extends both the generic and Customer Care-specific integration models with the fields required to track N8N credential IDs and cross-reference the two bounded contexts.

---

Motivation

Some platform integrations (e.g., WhatsApp Business + AI provider combo, or social platforms requiring both an OAuth token and a page/account token) require more than one credential. The previous model only supported a single credentialInstanceUid per AgentIntegration, forcing workarounds or duplicate integration records.

---

Changes

New entities

• AgentIntegrationSecondaryCredential — generic secondary credential linked to AgentIntegration
• CustomerCareSecondaryCredential — Customer Care-scoped equivalent

New DTOs

• SecondaryCredentialRequestDTO — validated input for secondary credential creation
• UpdateAgentIntegrationRequestDTO — partial update payload for agent integrations
• AgentIntegrationSecondaryCredentialResponse — response payload for secondary credentials

Extended entities

• AgentIntegration + CustomerCareAgentIntegration — both now carry a secondaryCredentials collection with CascadeType.ALL and orphanRemoval = true
• CustomerCareAgentIntegration — now stores agentIntegrationUid and n8nCredentialId to link back to the generic layer

Extended DTOs

• CreateUserIntegrationRequestDTO — accepts secondaryCredentials, expiresAt, platformAccountId
• AgentIntegrationResponseDTO / UserIntegrationResponseDTO — expose secondaryCredentials and platformAccountId

Enum

• CredentialType.WHATSAPP_OAUTH added

---

Related Issues

IAV-1043 , IAV-1044 , IAV-1045