@alicloud/eiam20211201 2.8.2 → 2.9.0

package/src/client.ts

@@ -395,6 +395,284 @@ export default class Client extends OpenApi {
     return await this.authorizeApplicationToUsersWithOptions(request, runtime);
   }
 
+  /**
+   * 授权指定ResourceServer下的Scope给Client
+   * 
+   * @param request - AuthorizeResourceServerScopesToClientRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns AuthorizeResourceServerScopesToClientResponse
+   */
+  async authorizeResourceServerScopesToClientWithOptions(request: $_model.AuthorizeResourceServerScopesToClientRequest, runtime: $dara.RuntimeOptions): Promise<$_model.AuthorizeResourceServerScopesToClientResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.clientApplicationId)) {
+      query["ClientApplicationId"] = request.clientApplicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerApplicationId)) {
+      query["ResourceServerApplicationId"] = request.resourceServerApplicationId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeIds)) {
+      query["ResourceServerScopeIds"] = request.resourceServerScopeIds;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "AuthorizeResourceServerScopesToClient",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.AuthorizeResourceServerScopesToClientResponse>(await this.callApi(params, req, runtime), new $_model.AuthorizeResourceServerScopesToClientResponse({}));
+  }
+
+  /**
+   * 授权指定ResourceServer下的Scope给Client
+   * 
+   * @param request - AuthorizeResourceServerScopesToClientRequest
+   * @returns AuthorizeResourceServerScopesToClientResponse
+   */
+  async authorizeResourceServerScopesToClient(request: $_model.AuthorizeResourceServerScopesToClientRequest): Promise<$_model.AuthorizeResourceServerScopesToClientResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.authorizeResourceServerScopesToClientWithOptions(request, runtime);
+  }
+
+  /**
+   * 授予组ResourceServerScope权限
+   * 
+   * @param request - AuthorizeResourceServerScopesToGroupRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns AuthorizeResourceServerScopesToGroupResponse
+   */
+  async authorizeResourceServerScopesToGroupWithOptions(request: $_model.AuthorizeResourceServerScopesToGroupRequest, runtime: $dara.RuntimeOptions): Promise<$_model.AuthorizeResourceServerScopesToGroupResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.groupId)) {
+      query["GroupId"] = request.groupId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeIds)) {
+      query["ResourceServerScopeIds"] = request.resourceServerScopeIds;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "AuthorizeResourceServerScopesToGroup",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.AuthorizeResourceServerScopesToGroupResponse>(await this.callApi(params, req, runtime), new $_model.AuthorizeResourceServerScopesToGroupResponse({}));
+  }
+
+  /**
+   * 授予组ResourceServerScope权限
+   * 
+   * @param request - AuthorizeResourceServerScopesToGroupRequest
+   * @returns AuthorizeResourceServerScopesToGroupResponse
+   */
+  async authorizeResourceServerScopesToGroup(request: $_model.AuthorizeResourceServerScopesToGroupRequest): Promise<$_model.AuthorizeResourceServerScopesToGroupResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.authorizeResourceServerScopesToGroupWithOptions(request, runtime);
+  }
+
+  /**
+   * 授予组织ResourceServerScope权限
+   * 
+   * @param request - AuthorizeResourceServerScopesToOrganizationalUnitRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns AuthorizeResourceServerScopesToOrganizationalUnitResponse
+   */
+  async authorizeResourceServerScopesToOrganizationalUnitWithOptions(request: $_model.AuthorizeResourceServerScopesToOrganizationalUnitRequest, runtime: $dara.RuntimeOptions): Promise<$_model.AuthorizeResourceServerScopesToOrganizationalUnitResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.organizationalUnitId)) {
+      query["OrganizationalUnitId"] = request.organizationalUnitId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeIds)) {
+      query["ResourceServerScopeIds"] = request.resourceServerScopeIds;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "AuthorizeResourceServerScopesToOrganizationalUnit",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.AuthorizeResourceServerScopesToOrganizationalUnitResponse>(await this.callApi(params, req, runtime), new $_model.AuthorizeResourceServerScopesToOrganizationalUnitResponse({}));
+  }
+
+  /**
+   * 授予组织ResourceServerScope权限
+   * 
+   * @param request - AuthorizeResourceServerScopesToOrganizationalUnitRequest
+   * @returns AuthorizeResourceServerScopesToOrganizationalUnitResponse
+   */
+  async authorizeResourceServerScopesToOrganizationalUnit(request: $_model.AuthorizeResourceServerScopesToOrganizationalUnitRequest): Promise<$_model.AuthorizeResourceServerScopesToOrganizationalUnitResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.authorizeResourceServerScopesToOrganizationalUnitWithOptions(request, runtime);
+  }
+
+  /**
+   * 授予用户ResourceServerScope权限
+   * 
+   * @param request - AuthorizeResourceServerScopesToUserRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns AuthorizeResourceServerScopesToUserResponse
+   */
+  async authorizeResourceServerScopesToUserWithOptions(request: $_model.AuthorizeResourceServerScopesToUserRequest, runtime: $dara.RuntimeOptions): Promise<$_model.AuthorizeResourceServerScopesToUserResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeIds)) {
+      query["ResourceServerScopeIds"] = request.resourceServerScopeIds;
+    }
+
+    if (!$dara.isNull(request.userId)) {
+      query["UserId"] = request.userId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "AuthorizeResourceServerScopesToUser",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.AuthorizeResourceServerScopesToUserResponse>(await this.callApi(params, req, runtime), new $_model.AuthorizeResourceServerScopesToUserResponse({}));
+  }
+
+  /**
+   * 授予用户ResourceServerScope权限
+   * 
+   * @param request - AuthorizeResourceServerScopesToUserRequest
+   * @returns AuthorizeResourceServerScopesToUserResponse
+   */
+  async authorizeResourceServerScopesToUser(request: $_model.AuthorizeResourceServerScopesToUserRequest): Promise<$_model.AuthorizeResourceServerScopesToUserResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.authorizeResourceServerScopesToUserWithOptions(request, runtime);
+  }
+
+  /**
+   * 授权指定ResourceServer给Client
+   * 
+   * @param request - AuthorizeResourceServerToClientRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns AuthorizeResourceServerToClientResponse
+   */
+  async authorizeResourceServerToClientWithOptions(request: $_model.AuthorizeResourceServerToClientRequest, runtime: $dara.RuntimeOptions): Promise<$_model.AuthorizeResourceServerToClientResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.clientApplicationId)) {
+      query["ClientApplicationId"] = request.clientApplicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerApplicationId)) {
+      query["ResourceServerApplicationId"] = request.resourceServerApplicationId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "AuthorizeResourceServerToClient",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.AuthorizeResourceServerToClientResponse>(await this.callApi(params, req, runtime), new $_model.AuthorizeResourceServerToClientResponse({}));
+  }
+
+  /**
+   * 授权指定ResourceServer给Client
+   * 
+   * @param request - AuthorizeResourceServerToClientRequest
+   * @returns AuthorizeResourceServerToClientResponse
+   */
+  async authorizeResourceServerToClient(request: $_model.AuthorizeResourceServerToClientRequest): Promise<$_model.AuthorizeResourceServerToClientResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.authorizeResourceServerToClientWithOptions(request, runtime);
+  }
+
   /**
    * 绑定三方登录账户
    * 
@@ -641,6 +919,64 @@ export default class Client extends OpenApi {
     return await this.createApplicationFederatedCredentialWithOptions(request, runtime);
   }
 
+  /**
+   * 创建应用角色
+   * 
+   * @param request - CreateApplicationRoleRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns CreateApplicationRoleResponse
+   */
+  async createApplicationRoleWithOptions(request: $_model.CreateApplicationRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.CreateApplicationRoleResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.applicationRoleName)) {
+      query["ApplicationRoleName"] = request.applicationRoleName;
+    }
+
+    if (!$dara.isNull(request.applicationRoleValue)) {
+      query["ApplicationRoleValue"] = request.applicationRoleValue;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "CreateApplicationRole",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.CreateApplicationRoleResponse>(await this.callApi(params, req, runtime), new $_model.CreateApplicationRoleResponse({}));
+  }
+
+  /**
+   * 创建应用角色
+   * 
+   * @param request - CreateApplicationRoleRequest
+   * @returns CreateApplicationRoleResponse
+   */
+  async createApplicationRole(request: $_model.CreateApplicationRoleRequest): Promise<$_model.CreateApplicationRoleResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.createApplicationRoleWithOptions(request, runtime);
+  }
+
   /**
    * 创建应用Token
    * 
@@ -742,14 +1078,200 @@ export default class Client extends OpenApi {
   }
 
   /**
-   * Create Conditional Access Policy
-   * 
-   * @remarks
-   * Create Conditional Access Policy
+   * 创建应用ClientPublicKey
    * 
-   * @param request - CreateConditionalAccessPolicyRequest
+   * @param request - CreateClientPublicKeyRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns CreateConditionalAccessPolicyResponse
+   * @returns CreateClientPublicKeyResponse
+   */
+  async createClientPublicKeyWithOptions(request: $_model.CreateClientPublicKeyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.CreateClientPublicKeyResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.algorithmType)) {
+      query["AlgorithmType"] = request.algorithmType;
+    }
+
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.publicKey)) {
+      query["PublicKey"] = request.publicKey;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "CreateClientPublicKey",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.CreateClientPublicKeyResponse>(await this.callApi(params, req, runtime), new $_model.CreateClientPublicKeyResponse({}));
+  }
+
+  /**
+   * 创建应用ClientPublicKey
+   * 
+   * @param request - CreateClientPublicKeyRequest
+   * @returns CreateClientPublicKeyResponse
+   */
+  async createClientPublicKey(request: $_model.CreateClientPublicKeyRequest): Promise<$_model.CreateClientPublicKeyResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.createClientPublicKeyWithOptions(request, runtime);
+  }
+
+  /**
+   * 创建云账号
+   * 
+   * @param request - CreateCloudAccountRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns CreateCloudAccountResponse
+   */
+  async createCloudAccountWithOptions(request: $_model.CreateCloudAccountRequest, runtime: $dara.RuntimeOptions): Promise<$_model.CreateCloudAccountResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.cloudAccountExternalId)) {
+      query["CloudAccountExternalId"] = request.cloudAccountExternalId;
+    }
+
+    if (!$dara.isNull(request.cloudAccountName)) {
+      query["CloudAccountName"] = request.cloudAccountName;
+    }
+
+    if (!$dara.isNull(request.cloudAccountProviderName)) {
+      query["CloudAccountProviderName"] = request.cloudAccountProviderName;
+    }
+
+    if (!$dara.isNull(request.cloudAccountVendorType)) {
+      query["CloudAccountVendorType"] = request.cloudAccountVendorType;
+    }
+
+    if (!$dara.isNull(request.description)) {
+      query["Description"] = request.description;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "CreateCloudAccount",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.CreateCloudAccountResponse>(await this.callApi(params, req, runtime), new $_model.CreateCloudAccountResponse({}));
+  }
+
+  /**
+   * 创建云账号
+   * 
+   * @param request - CreateCloudAccountRequest
+   * @returns CreateCloudAccountResponse
+   */
+  async createCloudAccount(request: $_model.CreateCloudAccountRequest): Promise<$_model.CreateCloudAccountResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.createCloudAccountWithOptions(request, runtime);
+  }
+
+  /**
+   * 创建云角色
+   * 
+   * @param request - CreateCloudAccountRoleRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns CreateCloudAccountRoleResponse
+   */
+  async createCloudAccountRoleWithOptions(request: $_model.CreateCloudAccountRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.CreateCloudAccountRoleResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.cloudAccountRoleName)) {
+      query["CloudAccountRoleName"] = request.cloudAccountRoleName;
+    }
+
+    if (!$dara.isNull(request.cloudAccountRoleType)) {
+      query["CloudAccountRoleType"] = request.cloudAccountRoleType;
+    }
+
+    if (!$dara.isNull(request.description)) {
+      query["Description"] = request.description;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "CreateCloudAccountRole",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.CreateCloudAccountRoleResponse>(await this.callApi(params, req, runtime), new $_model.CreateCloudAccountRoleResponse({}));
+  }
+
+  /**
+   * 创建云角色
+   * 
+   * @param request - CreateCloudAccountRoleRequest
+   * @returns CreateCloudAccountRoleResponse
+   */
+  async createCloudAccountRole(request: $_model.CreateCloudAccountRoleRequest): Promise<$_model.CreateCloudAccountRoleResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.createCloudAccountRoleWithOptions(request, runtime);
+  }
+
+  /**
+   * Create Conditional Access Policy
+   * 
+   * @remarks
+   * Create Conditional Access Policy
+   * 
+   * @param request - CreateConditionalAccessPolicyRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns CreateConditionalAccessPolicyResponse
    */
   async createConditionalAccessPolicyWithOptions(request: $_model.CreateConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.CreateConditionalAccessPolicyResponse> {
     request.validate();
@@ -1495,6 +2017,68 @@ export default class Client extends OpenApi {
     return await this.createOrganizationalUnitWithOptions(request, runtime);
   }
 
+  /**
+   * 创建指定ResourceServer下的Scope
+   * 
+   * @param request - CreateResourceServerScopeRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns CreateResourceServerScopeResponse
+   */
+  async createResourceServerScopeWithOptions(request: $_model.CreateResourceServerScopeRequest, runtime: $dara.RuntimeOptions): Promise<$_model.CreateResourceServerScopeResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.authorizationType)) {
+      query["AuthorizationType"] = request.authorizationType;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeName)) {
+      query["ResourceServerScopeName"] = request.resourceServerScopeName;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeType)) {
+      query["ResourceServerScopeType"] = request.resourceServerScopeType;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeValue)) {
+      query["ResourceServerScopeValue"] = request.resourceServerScopeValue;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "CreateResourceServerScope",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.CreateResourceServerScopeResponse>(await this.callApi(params, req, runtime), new $_model.CreateResourceServerScopeResponse({}));
+  }
+
+  /**
+   * 创建指定ResourceServer下的Scope
+   * 
+   * @param request - CreateResourceServerScopeRequest
+   * @returns CreateResourceServerScopeResponse
+   */
+  async createResourceServerScope(request: $_model.CreateResourceServerScopeRequest): Promise<$_model.CreateResourceServerScopeResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.createResourceServerScopeWithOptions(request, runtime);
+  }
+
   /**
    * Creates an account in an Identity as a Service (IDaaS) Enterprise Identity Access Management (EIAM) instance.
    * 
@@ -1749,6 +2333,56 @@ export default class Client extends OpenApi {
     return await this.deleteApplicationFederatedCredentialWithOptions(request, runtime);
   }
 
+  /**
+   * 删除应用角色
+   * 
+   * @param request - DeleteApplicationRoleRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DeleteApplicationRoleResponse
+   */
+  async deleteApplicationRoleWithOptions(request: $_model.DeleteApplicationRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteApplicationRoleResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.applicationRoleId)) {
+      query["ApplicationRoleId"] = request.applicationRoleId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DeleteApplicationRole",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DeleteApplicationRoleResponse>(await this.callApi(params, req, runtime), new $_model.DeleteApplicationRoleResponse({}));
+  }
+
+  /**
+   * 删除应用角色
+   * 
+   * @param request - DeleteApplicationRoleRequest
+   * @returns DeleteApplicationRoleResponse
+   */
+  async deleteApplicationRole(request: $_model.DeleteApplicationRoleRequest): Promise<$_model.DeleteApplicationRoleResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.deleteApplicationRoleWithOptions(request, runtime);
+  }
+
   /**
    * 删除ApplicationToken
    * 
@@ -1846,20 +2480,21 @@ export default class Client extends OpenApi {
   }
 
   /**
-   * Delete Conditional Access Policy
-   * 
-   * @remarks
-   * When deleting a specified conditional access policy, please ensure that the policy is no longer in use. After deletion, all configuration data will be removed and cannot be recovered.
+   * 删除指定的应用ClientPublicKey
    * 
-   * @param request - DeleteConditionalAccessPolicyRequest
+   * @param request - DeleteClientPublicKeyRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns DeleteConditionalAccessPolicyResponse
+   * @returns DeleteClientPublicKeyResponse
    */
-  async deleteConditionalAccessPolicyWithOptions(request: $_model.DeleteConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteConditionalAccessPolicyResponse> {
+  async deleteClientPublicKeyWithOptions(request: $_model.DeleteClientPublicKeyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteClientPublicKeyResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.conditionalAccessPolicyId)) {
-      query["ConditionalAccessPolicyId"] = request.conditionalAccessPolicyId;
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientPublicKeyId)) {
+      query["ClientPublicKeyId"] = request.clientPublicKeyId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -1870,7 +2505,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "DeleteConditionalAccessPolicy",
+      action: "DeleteClientPublicKey",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -1880,35 +2515,32 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.DeleteConditionalAccessPolicyResponse>(await this.callApi(params, req, runtime), new $_model.DeleteConditionalAccessPolicyResponse({}));
+    return $dara.cast<$_model.DeleteClientPublicKeyResponse>(await this.callApi(params, req, runtime), new $_model.DeleteClientPublicKeyResponse({}));
   }
 
   /**
-   * Delete Conditional Access Policy
-   * 
-   * @remarks
-   * When deleting a specified conditional access policy, please ensure that the policy is no longer in use. After deletion, all configuration data will be removed and cannot be recovered.
+   * 删除指定的应用ClientPublicKey
    * 
-   * @param request - DeleteConditionalAccessPolicyRequest
-   * @returns DeleteConditionalAccessPolicyResponse
+   * @param request - DeleteClientPublicKeyRequest
+   * @returns DeleteClientPublicKeyResponse
    */
-  async deleteConditionalAccessPolicy(request: $_model.DeleteConditionalAccessPolicyRequest): Promise<$_model.DeleteConditionalAccessPolicyResponse> {
+  async deleteClientPublicKey(request: $_model.DeleteClientPublicKeyRequest): Promise<$_model.DeleteClientPublicKeyResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.deleteConditionalAccessPolicyWithOptions(request, runtime);
+    return await this.deleteClientPublicKeyWithOptions(request, runtime);
   }
 
   /**
-   * 删除自定义条款
+   * 删除云账号
    * 
-   * @param request - DeleteCustomPrivacyPolicyRequest
+   * @param request - DeleteCloudAccountRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns DeleteCustomPrivacyPolicyResponse
+   * @returns DeleteCloudAccountResponse
    */
-  async deleteCustomPrivacyPolicyWithOptions(request: $_model.DeleteCustomPrivacyPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteCustomPrivacyPolicyResponse> {
+  async deleteCloudAccountWithOptions(request: $_model.DeleteCloudAccountRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteCloudAccountResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.customPrivacyPolicyId)) {
-      query["CustomPrivacyPolicyId"] = request.customPrivacyPolicyId;
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -1919,7 +2551,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "DeleteCustomPrivacyPolicy",
+      action: "DeleteCloudAccount",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -1929,7 +2561,155 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.DeleteCustomPrivacyPolicyResponse>(await this.callApi(params, req, runtime), new $_model.DeleteCustomPrivacyPolicyResponse({}));
+    return $dara.cast<$_model.DeleteCloudAccountResponse>(await this.callApi(params, req, runtime), new $_model.DeleteCloudAccountResponse({}));
+  }
+
+  /**
+   * 删除云账号
+   * 
+   * @param request - DeleteCloudAccountRequest
+   * @returns DeleteCloudAccountResponse
+   */
+  async deleteCloudAccount(request: $_model.DeleteCloudAccountRequest): Promise<$_model.DeleteCloudAccountResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.deleteCloudAccountWithOptions(request, runtime);
+  }
+
+  /**
+   * 删除云角色
+   * 
+   * @param request - DeleteCloudAccountRoleRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DeleteCloudAccountRoleResponse
+   */
+  async deleteCloudAccountRoleWithOptions(request: $_model.DeleteCloudAccountRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteCloudAccountRoleResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.cloudAccountRoleId)) {
+      query["CloudAccountRoleId"] = request.cloudAccountRoleId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DeleteCloudAccountRole",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DeleteCloudAccountRoleResponse>(await this.callApi(params, req, runtime), new $_model.DeleteCloudAccountRoleResponse({}));
+  }
+
+  /**
+   * 删除云角色
+   * 
+   * @param request - DeleteCloudAccountRoleRequest
+   * @returns DeleteCloudAccountRoleResponse
+   */
+  async deleteCloudAccountRole(request: $_model.DeleteCloudAccountRoleRequest): Promise<$_model.DeleteCloudAccountRoleResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.deleteCloudAccountRoleWithOptions(request, runtime);
+  }
+
+  /**
+   * Delete Conditional Access Policy
+   * 
+   * @remarks
+   * When deleting a specified conditional access policy, please ensure that the policy is no longer in use. After deletion, all configuration data will be removed and cannot be recovered.
+   * 
+   * @param request - DeleteConditionalAccessPolicyRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DeleteConditionalAccessPolicyResponse
+   */
+  async deleteConditionalAccessPolicyWithOptions(request: $_model.DeleteConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteConditionalAccessPolicyResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.conditionalAccessPolicyId)) {
+      query["ConditionalAccessPolicyId"] = request.conditionalAccessPolicyId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DeleteConditionalAccessPolicy",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DeleteConditionalAccessPolicyResponse>(await this.callApi(params, req, runtime), new $_model.DeleteConditionalAccessPolicyResponse({}));
+  }
+
+  /**
+   * Delete Conditional Access Policy
+   * 
+   * @remarks
+   * When deleting a specified conditional access policy, please ensure that the policy is no longer in use. After deletion, all configuration data will be removed and cannot be recovered.
+   * 
+   * @param request - DeleteConditionalAccessPolicyRequest
+   * @returns DeleteConditionalAccessPolicyResponse
+   */
+  async deleteConditionalAccessPolicy(request: $_model.DeleteConditionalAccessPolicyRequest): Promise<$_model.DeleteConditionalAccessPolicyResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.deleteConditionalAccessPolicyWithOptions(request, runtime);
+  }
+
+  /**
+   * 删除自定义条款
+   * 
+   * @param request - DeleteCustomPrivacyPolicyRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DeleteCustomPrivacyPolicyResponse
+   */
+  async deleteCustomPrivacyPolicyWithOptions(request: $_model.DeleteCustomPrivacyPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteCustomPrivacyPolicyResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.customPrivacyPolicyId)) {
+      query["CustomPrivacyPolicyId"] = request.customPrivacyPolicyId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DeleteCustomPrivacyPolicy",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DeleteCustomPrivacyPolicyResponse>(await this.callApi(params, req, runtime), new $_model.DeleteCustomPrivacyPolicyResponse({}));
   }
 
   /**
@@ -2409,6 +3189,56 @@ export default class Client extends OpenApi {
     return await this.deleteOrganizationalUnitChildrenWithOptions(request, runtime);
   }
 
+  /**
+   * 删除指定ResourceServer下的Scope
+   * 
+   * @param request - DeleteResourceServerScopeRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DeleteResourceServerScopeResponse
+   */
+  async deleteResourceServerScopeWithOptions(request: $_model.DeleteResourceServerScopeRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DeleteResourceServerScopeResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeId)) {
+      query["ResourceServerScopeId"] = request.resourceServerScopeId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DeleteResourceServerScope",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DeleteResourceServerScopeResponse>(await this.callApi(params, req, runtime), new $_model.DeleteResourceServerScopeResponse({}));
+  }
+
+  /**
+   * 删除指定ResourceServer下的Scope
+   * 
+   * @param request - DeleteResourceServerScopeRequest
+   * @returns DeleteResourceServerScopeResponse
+   */
+  async deleteResourceServerScope(request: $_model.DeleteResourceServerScopeRequest): Promise<$_model.DeleteResourceServerScopeResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.deleteResourceServerScopeWithOptions(request, runtime);
+  }
+
   /**
    * Deletes an Employee Identity and Access Management (EIAM) account of Identity as a Service (IDaaS). The information related to the account is cleared.
    * 
@@ -2749,6 +3579,52 @@ export default class Client extends OpenApi {
     return await this.disableApplicationFederatedCredentialWithOptions(request, runtime);
   }
 
+  /**
+   * 禁用M2M Client 能力
+   * 
+   * @param request - DisableApplicationM2MClientRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DisableApplicationM2MClientResponse
+   */
+  async disableApplicationM2MClientWithOptions(request: $_model.DisableApplicationM2MClientRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DisableApplicationM2MClientResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DisableApplicationM2MClient",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DisableApplicationM2MClientResponse>(await this.callApi(params, req, runtime), new $_model.DisableApplicationM2MClientResponse({}));
+  }
+
+  /**
+   * 禁用M2M Client 能力
+   * 
+   * @param request - DisableApplicationM2MClientRequest
+   * @returns DisableApplicationM2MClientResponse
+   */
+  async disableApplicationM2MClient(request: $_model.DisableApplicationM2MClientRequest): Promise<$_model.DisableApplicationM2MClientResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.disableApplicationM2MClientWithOptions(request, runtime);
+  }
+
   /**
    * Disables the account synchronization feature for an application in Identity as a Service (IDaaS) Employee IAM (EIAM).
    * 
@@ -2795,6 +3671,52 @@ export default class Client extends OpenApi {
     return await this.disableApplicationProvisioningWithOptions(request, runtime);
   }
 
+  /**
+   * 禁用ResourceServer能力
+   * 
+   * @param request - DisableApplicationResourceServerRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DisableApplicationResourceServerResponse
+   */
+  async disableApplicationResourceServerWithOptions(request: $_model.DisableApplicationResourceServerRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DisableApplicationResourceServerResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DisableApplicationResourceServer",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DisableApplicationResourceServerResponse>(await this.callApi(params, req, runtime), new $_model.DisableApplicationResourceServerResponse({}));
+  }
+
+  /**
+   * 禁用ResourceServer能力
+   * 
+   * @param request - DisableApplicationResourceServerRequest
+   * @returns DisableApplicationResourceServerResponse
+   */
+  async disableApplicationResourceServer(request: $_model.DisableApplicationResourceServerRequest): Promise<$_model.DisableApplicationResourceServerResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.disableApplicationResourceServerWithOptions(request, runtime);
+  }
+
   /**
    * Disables the single sign-on (SSO) feature for an Employee Identity and Access Management (EIAM) application. This way, employees cannot log on to the application by using SSO.
    * 
@@ -2938,20 +3860,25 @@ export default class Client extends OpenApi {
   }
 
   /**
-   * Disable Conditional Access Policy
+   * 禁用指定的应用ClientPublicKey
    * 
-   * @remarks
-   * When changing a conditional access policy from an enabled state to a disabled state, the policy will no longer intercept. Please confirm that you are aware of the potential risks associated with this action.
-   * 
-   * @param request - DisableConditionalAccessPolicyRequest
+   * @param request - DisableClientPublicKeyRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns DisableConditionalAccessPolicyResponse
+   * @returns DisableClientPublicKeyResponse
    */
-  async disableConditionalAccessPolicyWithOptions(request: $_model.DisableConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DisableConditionalAccessPolicyResponse> {
+  async disableClientPublicKeyWithOptions(request: $_model.DisableClientPublicKeyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DisableClientPublicKeyResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.conditionalAccessPolicyId)) {
-      query["ConditionalAccessPolicyId"] = request.conditionalAccessPolicyId;
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientPublicKeyId)) {
+      query["ClientPublicKeyId"] = request.clientPublicKeyId;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -2962,7 +3889,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "DisableConditionalAccessPolicy",
+      action: "DisableClientPublicKey",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -2972,13 +3899,116 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.DisableConditionalAccessPolicyResponse>(await this.callApi(params, req, runtime), new $_model.DisableConditionalAccessPolicyResponse({}));
+    return $dara.cast<$_model.DisableClientPublicKeyResponse>(await this.callApi(params, req, runtime), new $_model.DisableClientPublicKeyResponse({}));
   }
 
   /**
-   * Disable Conditional Access Policy
+   * 禁用指定的应用ClientPublicKey
    * 
-   * @remarks
+   * @param request - DisableClientPublicKeyRequest
+   * @returns DisableClientPublicKeyResponse
+   */
+  async disableClientPublicKey(request: $_model.DisableClientPublicKeyRequest): Promise<$_model.DisableClientPublicKeyResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.disableClientPublicKeyWithOptions(request, runtime);
+  }
+
+  /**
+   * 禁用云角色
+   * 
+   * @param request - DisableCloudAccountRoleRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DisableCloudAccountRoleResponse
+   */
+  async disableCloudAccountRoleWithOptions(request: $_model.DisableCloudAccountRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DisableCloudAccountRoleResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.cloudAccountRoleId)) {
+      query["CloudAccountRoleId"] = request.cloudAccountRoleId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DisableCloudAccountRole",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DisableCloudAccountRoleResponse>(await this.callApi(params, req, runtime), new $_model.DisableCloudAccountRoleResponse({}));
+  }
+
+  /**
+   * 禁用云角色
+   * 
+   * @param request - DisableCloudAccountRoleRequest
+   * @returns DisableCloudAccountRoleResponse
+   */
+  async disableCloudAccountRole(request: $_model.DisableCloudAccountRoleRequest): Promise<$_model.DisableCloudAccountRoleResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.disableCloudAccountRoleWithOptions(request, runtime);
+  }
+
+  /**
+   * Disable Conditional Access Policy
+   * 
+   * @remarks
+   * When changing a conditional access policy from an enabled state to a disabled state, the policy will no longer intercept. Please confirm that you are aware of the potential risks associated with this action.
+   * 
+   * @param request - DisableConditionalAccessPolicyRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DisableConditionalAccessPolicyResponse
+   */
+  async disableConditionalAccessPolicyWithOptions(request: $_model.DisableConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DisableConditionalAccessPolicyResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.conditionalAccessPolicyId)) {
+      query["ConditionalAccessPolicyId"] = request.conditionalAccessPolicyId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DisableConditionalAccessPolicy",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DisableConditionalAccessPolicyResponse>(await this.callApi(params, req, runtime), new $_model.DisableConditionalAccessPolicyResponse({}));
+  }
+
+  /**
+   * Disable Conditional Access Policy
+   * 
+   * @remarks
    * When changing a conditional access policy from an enabled state to a disabled state, the policy will no longer intercept. Please confirm that you are aware of the potential risks associated with this action.
    * 
    * @param request - DisableConditionalAccessPolicyRequest
@@ -3357,6 +4387,52 @@ export default class Client extends OpenApi {
     return await this.disableInternalAuthenticationSourceWithOptions(request, runtime);
   }
 
+  /**
+   * 禁用资源服务器自定义主体
+   * 
+   * @param request - DisableResourceServerCustomSubjectRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns DisableResourceServerCustomSubjectResponse
+   */
+  async disableResourceServerCustomSubjectWithOptions(request: $_model.DisableResourceServerCustomSubjectRequest, runtime: $dara.RuntimeOptions): Promise<$_model.DisableResourceServerCustomSubjectResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "DisableResourceServerCustomSubject",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.DisableResourceServerCustomSubjectResponse>(await this.callApi(params, req, runtime), new $_model.DisableResourceServerCustomSubjectResponse({}));
+  }
+
+  /**
+   * 禁用资源服务器自定义主体
+   * 
+   * @param request - DisableResourceServerCustomSubjectRequest
+   * @returns DisableResourceServerCustomSubjectResponse
+   */
+  async disableResourceServerCustomSubject(request: $_model.DisableResourceServerCustomSubjectRequest): Promise<$_model.DisableResourceServerCustomSubjectResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.disableResourceServerCustomSubjectWithOptions(request, runtime);
+  }
+
   /**
    * Disables an Identity as a Service (IDaaS) Employee Identity and Access Management (EIAM) account. If the account is disabled, a success message is returned.
    * 
@@ -3595,6 +4671,52 @@ export default class Client extends OpenApi {
     return await this.enableApplicationFederatedCredentialWithOptions(request, runtime);
   }
 
+  /**
+   * 启用M2M Client 能力
+   * 
+   * @param request - EnableApplicationM2MClientRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns EnableApplicationM2MClientResponse
+   */
+  async enableApplicationM2MClientWithOptions(request: $_model.EnableApplicationM2MClientRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableApplicationM2MClientResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "EnableApplicationM2MClient",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.EnableApplicationM2MClientResponse>(await this.callApi(params, req, runtime), new $_model.EnableApplicationM2MClientResponse({}));
+  }
+
+  /**
+   * 启用M2M Client 能力
+   * 
+   * @param request - EnableApplicationM2MClientRequest
+   * @returns EnableApplicationM2MClientResponse
+   */
+  async enableApplicationM2MClient(request: $_model.EnableApplicationM2MClientRequest): Promise<$_model.EnableApplicationM2MClientResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.enableApplicationM2MClientWithOptions(request, runtime);
+  }
+
   /**
    * Enables the account synchronization feature for an application in Identity as a Service (IDaaS) Employee IAM (EIAM).
    * 
@@ -3641,6 +4763,52 @@ export default class Client extends OpenApi {
     return await this.enableApplicationProvisioningWithOptions(request, runtime);
   }
 
+  /**
+   * 启用ResourceServer能力
+   * 
+   * @param request - EnableApplicationResourceServerRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns EnableApplicationResourceServerResponse
+   */
+  async enableApplicationResourceServerWithOptions(request: $_model.EnableApplicationResourceServerRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableApplicationResourceServerResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "EnableApplicationResourceServer",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.EnableApplicationResourceServerResponse>(await this.callApi(params, req, runtime), new $_model.EnableApplicationResourceServerResponse({}));
+  }
+
+  /**
+   * 启用ResourceServer能力
+   * 
+   * @param request - EnableApplicationResourceServerRequest
+   * @returns EnableApplicationResourceServerResponse
+   */
+  async enableApplicationResourceServer(request: $_model.EnableApplicationResourceServerRequest): Promise<$_model.EnableApplicationResourceServerResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.enableApplicationResourceServerWithOptions(request, runtime);
+  }
+
   /**
    * Enables the single sign-on (SSO) feature for an Employee Identity and Access Management (EIAM) application.
    * 
@@ -3784,20 +4952,25 @@ export default class Client extends OpenApi {
   }
 
   /**
-   * Enable Conditional Access Policy
-   * 
-   * @remarks
-   * When changing the status of a conditional access policy from enabled to disabled, the policy will no longer intercept. Please confirm that you are aware of the potential risks associated with this action.
+   * 启用指定的应用ClientPublicKey
    * 
-   * @param request - EnableConditionalAccessPolicyRequest
+   * @param request - EnableClientPublicKeyRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns EnableConditionalAccessPolicyResponse
+   * @returns EnableClientPublicKeyResponse
    */
-  async enableConditionalAccessPolicyWithOptions(request: $_model.EnableConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableConditionalAccessPolicyResponse> {
+  async enableClientPublicKeyWithOptions(request: $_model.EnableClientPublicKeyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableClientPublicKeyResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.conditionalAccessPolicyId)) {
-      query["ConditionalAccessPolicyId"] = request.conditionalAccessPolicyId;
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientPublicKeyId)) {
+      query["ClientPublicKeyId"] = request.clientPublicKeyId;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -3808,7 +4981,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "EnableConditionalAccessPolicy",
+      action: "EnableClientPublicKey",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -3818,35 +4991,40 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.EnableConditionalAccessPolicyResponse>(await this.callApi(params, req, runtime), new $_model.EnableConditionalAccessPolicyResponse({}));
+    return $dara.cast<$_model.EnableClientPublicKeyResponse>(await this.callApi(params, req, runtime), new $_model.EnableClientPublicKeyResponse({}));
   }
 
   /**
-   * Enable Conditional Access Policy
-   * 
-   * @remarks
-   * When changing the status of a conditional access policy from enabled to disabled, the policy will no longer intercept. Please confirm that you are aware of the potential risks associated with this action.
+   * 启用指定的应用ClientPublicKey
    * 
-   * @param request - EnableConditionalAccessPolicyRequest
-   * @returns EnableConditionalAccessPolicyResponse
+   * @param request - EnableClientPublicKeyRequest
+   * @returns EnableClientPublicKeyResponse
    */
-  async enableConditionalAccessPolicy(request: $_model.EnableConditionalAccessPolicyRequest): Promise<$_model.EnableConditionalAccessPolicyResponse> {
+  async enableClientPublicKey(request: $_model.EnableClientPublicKeyRequest): Promise<$_model.EnableClientPublicKeyResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.enableConditionalAccessPolicyWithOptions(request, runtime);
+    return await this.enableClientPublicKeyWithOptions(request, runtime);
   }
 
   /**
-   * 启用自定义条款
+   * 启用云角色
    * 
-   * @param request - EnableCustomPrivacyPolicyRequest
+   * @param request - EnableCloudAccountRoleRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns EnableCustomPrivacyPolicyResponse
+   * @returns EnableCloudAccountRoleResponse
    */
-  async enableCustomPrivacyPolicyWithOptions(request: $_model.EnableCustomPrivacyPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableCustomPrivacyPolicyResponse> {
+  async enableCloudAccountRoleWithOptions(request: $_model.EnableCloudAccountRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableCloudAccountRoleResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.customPrivacyPolicyId)) {
-      query["CustomPrivacyPolicyId"] = request.customPrivacyPolicyId;
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.cloudAccountRoleId)) {
+      query["CloudAccountRoleId"] = request.cloudAccountRoleId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -3857,7 +5035,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "EnableCustomPrivacyPolicy",
+      action: "EnableCloudAccountRole",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -3867,36 +5045,35 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.EnableCustomPrivacyPolicyResponse>(await this.callApi(params, req, runtime), new $_model.EnableCustomPrivacyPolicyResponse({}));
+    return $dara.cast<$_model.EnableCloudAccountRoleResponse>(await this.callApi(params, req, runtime), new $_model.EnableCloudAccountRoleResponse({}));
   }
 
   /**
-   * 启用自定义条款
+   * 启用云角色
    * 
-   * @param request - EnableCustomPrivacyPolicyRequest
-   * @returns EnableCustomPrivacyPolicyResponse
+   * @param request - EnableCloudAccountRoleRequest
+   * @returns EnableCloudAccountRoleResponse
    */
-  async enableCustomPrivacyPolicy(request: $_model.EnableCustomPrivacyPolicyRequest): Promise<$_model.EnableCustomPrivacyPolicyResponse> {
+  async enableCloudAccountRole(request: $_model.EnableCloudAccountRoleRequest): Promise<$_model.EnableCloudAccountRoleResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.enableCustomPrivacyPolicyWithOptions(request, runtime);
+    return await this.enableCloudAccountRoleWithOptions(request, runtime);
   }
 
   /**
-   * Enables a proxy token for a domain name of an Employee Identity and Access Management (EIAM) instance. The proxy token is used to verify the security of the domain name.
+   * Enable Conditional Access Policy
    * 
-   * @param request - EnableDomainProxyTokenRequest
+   * @remarks
+   * When changing the status of a conditional access policy from enabled to disabled, the policy will no longer intercept. Please confirm that you are aware of the potential risks associated with this action.
+   * 
+   * @param request - EnableConditionalAccessPolicyRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns EnableDomainProxyTokenResponse
+   * @returns EnableConditionalAccessPolicyResponse
    */
-  async enableDomainProxyTokenWithOptions(request: $_model.EnableDomainProxyTokenRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableDomainProxyTokenResponse> {
+  async enableConditionalAccessPolicyWithOptions(request: $_model.EnableConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableConditionalAccessPolicyResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.domainId)) {
-      query["DomainId"] = request.domainId;
-    }
-
-    if (!$dara.isNull(request.domainProxyTokenId)) {
-      query["DomainProxyTokenId"] = request.domainProxyTokenId;
+    if (!$dara.isNull(request.conditionalAccessPolicyId)) {
+      query["ConditionalAccessPolicyId"] = request.conditionalAccessPolicyId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -3907,7 +5084,106 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "EnableDomainProxyToken",
+      action: "EnableConditionalAccessPolicy",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.EnableConditionalAccessPolicyResponse>(await this.callApi(params, req, runtime), new $_model.EnableConditionalAccessPolicyResponse({}));
+  }
+
+  /**
+   * Enable Conditional Access Policy
+   * 
+   * @remarks
+   * When changing the status of a conditional access policy from enabled to disabled, the policy will no longer intercept. Please confirm that you are aware of the potential risks associated with this action.
+   * 
+   * @param request - EnableConditionalAccessPolicyRequest
+   * @returns EnableConditionalAccessPolicyResponse
+   */
+  async enableConditionalAccessPolicy(request: $_model.EnableConditionalAccessPolicyRequest): Promise<$_model.EnableConditionalAccessPolicyResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.enableConditionalAccessPolicyWithOptions(request, runtime);
+  }
+
+  /**
+   * 启用自定义条款
+   * 
+   * @param request - EnableCustomPrivacyPolicyRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns EnableCustomPrivacyPolicyResponse
+   */
+  async enableCustomPrivacyPolicyWithOptions(request: $_model.EnableCustomPrivacyPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableCustomPrivacyPolicyResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.customPrivacyPolicyId)) {
+      query["CustomPrivacyPolicyId"] = request.customPrivacyPolicyId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "EnableCustomPrivacyPolicy",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.EnableCustomPrivacyPolicyResponse>(await this.callApi(params, req, runtime), new $_model.EnableCustomPrivacyPolicyResponse({}));
+  }
+
+  /**
+   * 启用自定义条款
+   * 
+   * @param request - EnableCustomPrivacyPolicyRequest
+   * @returns EnableCustomPrivacyPolicyResponse
+   */
+  async enableCustomPrivacyPolicy(request: $_model.EnableCustomPrivacyPolicyRequest): Promise<$_model.EnableCustomPrivacyPolicyResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.enableCustomPrivacyPolicyWithOptions(request, runtime);
+  }
+
+  /**
+   * Enables a proxy token for a domain name of an Employee Identity and Access Management (EIAM) instance. The proxy token is used to verify the security of the domain name.
+   * 
+   * @param request - EnableDomainProxyTokenRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns EnableDomainProxyTokenResponse
+   */
+  async enableDomainProxyTokenWithOptions(request: $_model.EnableDomainProxyTokenRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableDomainProxyTokenResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.domainId)) {
+      query["DomainId"] = request.domainId;
+    }
+
+    if (!$dara.isNull(request.domainProxyTokenId)) {
+      query["DomainProxyTokenId"] = request.domainProxyTokenId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "EnableDomainProxyToken",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -4203,6 +5479,52 @@ export default class Client extends OpenApi {
     return await this.enableInternalAuthenticationSourceWithOptions(request, runtime);
   }
 
+  /**
+   * 启用资源服务器自定义主体
+   * 
+   * @param request - EnableResourceServerCustomSubjectRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns EnableResourceServerCustomSubjectResponse
+   */
+  async enableResourceServerCustomSubjectWithOptions(request: $_model.EnableResourceServerCustomSubjectRequest, runtime: $dara.RuntimeOptions): Promise<$_model.EnableResourceServerCustomSubjectResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "EnableResourceServerCustomSubject",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.EnableResourceServerCustomSubjectResponse>(await this.callApi(params, req, runtime), new $_model.EnableResourceServerCustomSubjectResponse({}));
+  }
+
+  /**
+   * 启用资源服务器自定义主体
+   * 
+   * @param request - EnableResourceServerCustomSubjectRequest
+   * @returns EnableResourceServerCustomSubjectResponse
+   */
+  async enableResourceServerCustomSubject(request: $_model.EnableResourceServerCustomSubjectRequest): Promise<$_model.EnableResourceServerCustomSubjectResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.enableResourceServerCustomSubjectWithOptions(request, runtime);
+  }
+
   /**
    * Enables an Employee Identity and Access Management (EIAM) account of Identity as a Service (IDaaS).
    * 
@@ -4671,6 +5993,56 @@ export default class Client extends OpenApi {
     return await this.getApplicationProvisioningScopeWithOptions(request, runtime);
   }
 
+  /**
+   * 获取角色信息
+   * 
+   * @param request - GetApplicationRoleRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns GetApplicationRoleResponse
+   */
+  async getApplicationRoleWithOptions(request: $_model.GetApplicationRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetApplicationRoleResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.applicationRoleId)) {
+      query["ApplicationRoleId"] = request.applicationRoleId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "GetApplicationRole",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.GetApplicationRoleResponse>(await this.callApi(params, req, runtime), new $_model.GetApplicationRoleResponse({}));
+  }
+
+  /**
+   * 获取角色信息
+   * 
+   * @param request - GetApplicationRoleRequest
+   * @returns GetApplicationRoleResponse
+   */
+  async getApplicationRole(request: $_model.GetApplicationRoleRequest): Promise<$_model.GetApplicationRoleResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.getApplicationRoleWithOptions(request, runtime);
+  }
+
   /**
    * Queries the single sign-on (SSO) configuration attributes of an application in Identity as a Service (IDaaS) Employee IAM (EIAM).
    * 
@@ -4806,20 +6178,21 @@ export default class Client extends OpenApi {
   }
 
   /**
-   * Get Conditional Access Policy
-   * 
-   * @remarks
-   * Query Conditional Access Policy
+   * 查询指定应用ClientPublicKey
    * 
-   * @param request - GetConditionalAccessPolicyRequest
+   * @param request - GetClientPublicKeyRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns GetConditionalAccessPolicyResponse
+   * @returns GetClientPublicKeyResponse
    */
-  async getConditionalAccessPolicyWithOptions(request: $_model.GetConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetConditionalAccessPolicyResponse> {
+  async getClientPublicKeyWithOptions(request: $_model.GetClientPublicKeyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetClientPublicKeyResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.conditionalAccessPolicyId)) {
-      query["ConditionalAccessPolicyId"] = request.conditionalAccessPolicyId;
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientPublicKeyId)) {
+      query["ClientPublicKeyId"] = request.clientPublicKeyId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -4830,7 +6203,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "GetConditionalAccessPolicy",
+      action: "GetClientPublicKey",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -4840,35 +6213,32 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.GetConditionalAccessPolicyResponse>(await this.callApi(params, req, runtime), new $_model.GetConditionalAccessPolicyResponse({}));
+    return $dara.cast<$_model.GetClientPublicKeyResponse>(await this.callApi(params, req, runtime), new $_model.GetClientPublicKeyResponse({}));
   }
 
   /**
-   * Get Conditional Access Policy
-   * 
-   * @remarks
-   * Query Conditional Access Policy
+   * 查询指定应用ClientPublicKey
    * 
-   * @param request - GetConditionalAccessPolicyRequest
-   * @returns GetConditionalAccessPolicyResponse
+   * @param request - GetClientPublicKeyRequest
+   * @returns GetClientPublicKeyResponse
    */
-  async getConditionalAccessPolicy(request: $_model.GetConditionalAccessPolicyRequest): Promise<$_model.GetConditionalAccessPolicyResponse> {
+  async getClientPublicKey(request: $_model.GetClientPublicKeyRequest): Promise<$_model.GetClientPublicKeyResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.getConditionalAccessPolicyWithOptions(request, runtime);
+    return await this.getClientPublicKeyWithOptions(request, runtime);
   }
 
   /**
-   * 获取自定义条款
+   * 获取云账号
    * 
-   * @param request - GetCustomPrivacyPolicyRequest
+   * @param request - GetCloudAccountRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns GetCustomPrivacyPolicyResponse
+   * @returns GetCloudAccountResponse
    */
-  async getCustomPrivacyPolicyWithOptions(request: $_model.GetCustomPrivacyPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetCustomPrivacyPolicyResponse> {
+  async getCloudAccountWithOptions(request: $_model.GetCloudAccountRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetCloudAccountResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.customPrivacyPolicyId)) {
-      query["CustomPrivacyPolicyId"] = request.customPrivacyPolicyId;
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -4879,7 +6249,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "GetCustomPrivacyPolicy",
+      action: "GetCloudAccount",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -4889,32 +6259,36 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.GetCustomPrivacyPolicyResponse>(await this.callApi(params, req, runtime), new $_model.GetCustomPrivacyPolicyResponse({}));
+    return $dara.cast<$_model.GetCloudAccountResponse>(await this.callApi(params, req, runtime), new $_model.GetCloudAccountResponse({}));
   }
 
   /**
-   * 获取自定义条款
+   * 获取云账号
    * 
-   * @param request - GetCustomPrivacyPolicyRequest
-   * @returns GetCustomPrivacyPolicyResponse
+   * @param request - GetCloudAccountRequest
+   * @returns GetCloudAccountResponse
    */
-  async getCustomPrivacyPolicy(request: $_model.GetCustomPrivacyPolicyRequest): Promise<$_model.GetCustomPrivacyPolicyResponse> {
+  async getCloudAccount(request: $_model.GetCloudAccountRequest): Promise<$_model.GetCloudAccountResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.getCustomPrivacyPolicyWithOptions(request, runtime);
+    return await this.getCloudAccountWithOptions(request, runtime);
   }
 
   /**
-   * Queries the information about a domain name of an Employee Identity and Access Management (EIAM) instance.
+   * 获取云角色
    * 
-   * @param request - GetDomainRequest
+   * @param request - GetCloudAccountRoleRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns GetDomainResponse
+   * @returns GetCloudAccountRoleResponse
    */
-  async getDomainWithOptions(request: $_model.GetDomainRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetDomainResponse> {
+  async getCloudAccountRoleWithOptions(request: $_model.GetCloudAccountRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetCloudAccountRoleResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.domainId)) {
-      query["DomainId"] = request.domainId;
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.cloudAccountRoleId)) {
+      query["CloudAccountRoleId"] = request.cloudAccountRoleId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -4925,7 +6299,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "GetDomain",
+      action: "GetCloudAccountRole",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -4935,32 +6309,35 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.GetDomainResponse>(await this.callApi(params, req, runtime), new $_model.GetDomainResponse({}));
+    return $dara.cast<$_model.GetCloudAccountRoleResponse>(await this.callApi(params, req, runtime), new $_model.GetCloudAccountRoleResponse({}));
   }
 
   /**
-   * Queries the information about a domain name of an Employee Identity and Access Management (EIAM) instance.
+   * 获取云角色
    * 
-   * @param request - GetDomainRequest
-   * @returns GetDomainResponse
+   * @param request - GetCloudAccountRoleRequest
+   * @returns GetCloudAccountRoleResponse
    */
-  async getDomain(request: $_model.GetDomainRequest): Promise<$_model.GetDomainResponse> {
+  async getCloudAccountRole(request: $_model.GetCloudAccountRoleRequest): Promise<$_model.GetCloudAccountRoleResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.getDomainWithOptions(request, runtime);
+    return await this.getCloudAccountRoleWithOptions(request, runtime);
   }
 
   /**
-   * Queries the domain name system (DNS) challenge records of a domain name of an Employee Identity and Access Management (EIAM) instance. The generated records are used to verify the ownership of the domain name.
+   * Get Conditional Access Policy
    * 
-   * @param request - GetDomainDnsChallengeRequest
+   * @remarks
+   * Query Conditional Access Policy
+   * 
+   * @param request - GetConditionalAccessPolicyRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns GetDomainDnsChallengeResponse
+   * @returns GetConditionalAccessPolicyResponse
    */
-  async getDomainDnsChallengeWithOptions(request: $_model.GetDomainDnsChallengeRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetDomainDnsChallengeResponse> {
+  async getConditionalAccessPolicyWithOptions(request: $_model.GetConditionalAccessPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetConditionalAccessPolicyResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.domain)) {
-      query["Domain"] = request.domain;
+    if (!$dara.isNull(request.conditionalAccessPolicyId)) {
+      query["ConditionalAccessPolicyId"] = request.conditionalAccessPolicyId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -4971,7 +6348,7 @@ export default class Client extends OpenApi {
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "GetDomainDnsChallenge",
+      action: "GetConditionalAccessPolicy",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -4981,18 +6358,159 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.GetDomainDnsChallengeResponse>(await this.callApi(params, req, runtime), new $_model.GetDomainDnsChallengeResponse({}));
+    return $dara.cast<$_model.GetConditionalAccessPolicyResponse>(await this.callApi(params, req, runtime), new $_model.GetConditionalAccessPolicyResponse({}));
   }
 
   /**
-   * Queries the domain name system (DNS) challenge records of a domain name of an Employee Identity and Access Management (EIAM) instance. The generated records are used to verify the ownership of the domain name.
+   * Get Conditional Access Policy
    * 
-   * @param request - GetDomainDnsChallengeRequest
-   * @returns GetDomainDnsChallengeResponse
+   * @remarks
+   * Query Conditional Access Policy
+   * 
+   * @param request - GetConditionalAccessPolicyRequest
+   * @returns GetConditionalAccessPolicyResponse
    */
-  async getDomainDnsChallenge(request: $_model.GetDomainDnsChallengeRequest): Promise<$_model.GetDomainDnsChallengeResponse> {
+  async getConditionalAccessPolicy(request: $_model.GetConditionalAccessPolicyRequest): Promise<$_model.GetConditionalAccessPolicyResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.getDomainDnsChallengeWithOptions(request, runtime);
+    return await this.getConditionalAccessPolicyWithOptions(request, runtime);
+  }
+
+  /**
+   * 获取自定义条款
+   * 
+   * @param request - GetCustomPrivacyPolicyRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns GetCustomPrivacyPolicyResponse
+   */
+  async getCustomPrivacyPolicyWithOptions(request: $_model.GetCustomPrivacyPolicyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetCustomPrivacyPolicyResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.customPrivacyPolicyId)) {
+      query["CustomPrivacyPolicyId"] = request.customPrivacyPolicyId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "GetCustomPrivacyPolicy",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.GetCustomPrivacyPolicyResponse>(await this.callApi(params, req, runtime), new $_model.GetCustomPrivacyPolicyResponse({}));
+  }
+
+  /**
+   * 获取自定义条款
+   * 
+   * @param request - GetCustomPrivacyPolicyRequest
+   * @returns GetCustomPrivacyPolicyResponse
+   */
+  async getCustomPrivacyPolicy(request: $_model.GetCustomPrivacyPolicyRequest): Promise<$_model.GetCustomPrivacyPolicyResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.getCustomPrivacyPolicyWithOptions(request, runtime);
+  }
+
+  /**
+   * Queries the information about a domain name of an Employee Identity and Access Management (EIAM) instance.
+   * 
+   * @param request - GetDomainRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns GetDomainResponse
+   */
+  async getDomainWithOptions(request: $_model.GetDomainRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetDomainResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.domainId)) {
+      query["DomainId"] = request.domainId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "GetDomain",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.GetDomainResponse>(await this.callApi(params, req, runtime), new $_model.GetDomainResponse({}));
+  }
+
+  /**
+   * Queries the information about a domain name of an Employee Identity and Access Management (EIAM) instance.
+   * 
+   * @param request - GetDomainRequest
+   * @returns GetDomainResponse
+   */
+  async getDomain(request: $_model.GetDomainRequest): Promise<$_model.GetDomainResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.getDomainWithOptions(request, runtime);
+  }
+
+  /**
+   * Queries the domain name system (DNS) challenge records of a domain name of an Employee Identity and Access Management (EIAM) instance. The generated records are used to verify the ownership of the domain name.
+   * 
+   * @param request - GetDomainDnsChallengeRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns GetDomainDnsChallengeResponse
+   */
+  async getDomainDnsChallengeWithOptions(request: $_model.GetDomainDnsChallengeRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetDomainDnsChallengeResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.domain)) {
+      query["Domain"] = request.domain;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "GetDomainDnsChallenge",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.GetDomainDnsChallengeResponse>(await this.callApi(params, req, runtime), new $_model.GetDomainDnsChallengeResponse({}));
+  }
+
+  /**
+   * Queries the domain name system (DNS) challenge records of a domain name of an Employee Identity and Access Management (EIAM) instance. The generated records are used to verify the ownership of the domain name.
+   * 
+   * @param request - GetDomainDnsChallengeRequest
+   * @returns GetDomainDnsChallengeResponse
+   */
+  async getDomainDnsChallenge(request: $_model.GetDomainDnsChallengeRequest): Promise<$_model.GetDomainDnsChallengeResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.getDomainDnsChallengeWithOptions(request, runtime);
   }
 
   /**
@@ -5663,6 +7181,56 @@ export default class Client extends OpenApi {
     return await this.getPasswordInitializationConfigurationWithOptions(request, runtime);
   }
 
+  /**
+   * 查询指定ResourceServer下的Scope
+   * 
+   * @param request - GetResourceServerScopeRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns GetResourceServerScopeResponse
+   */
+  async getResourceServerScopeWithOptions(request: $_model.GetResourceServerScopeRequest, runtime: $dara.RuntimeOptions): Promise<$_model.GetResourceServerScopeResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeId)) {
+      query["ResourceServerScopeId"] = request.resourceServerScopeId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "GetResourceServerScope",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.GetResourceServerScopeResponse>(await this.callApi(params, req, runtime), new $_model.GetResourceServerScopeResponse({}));
+  }
+
+  /**
+   * 查询指定ResourceServer下的Scope
+   * 
+   * @param request - GetResourceServerScopeRequest
+   * @returns GetResourceServerScopeResponse
+   */
+  async getResourceServerScope(request: $_model.GetResourceServerScopeRequest): Promise<$_model.GetResourceServerScopeResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.getResourceServerScopeWithOptions(request, runtime);
+  }
+
   /**
    * Queries the information about the root organizational unit in Identity as a Service (IDaaS) Employee IAM (EIAM).
    * 
@@ -6067,6 +7635,64 @@ export default class Client extends OpenApi {
     return await this.listApplicationFederatedCredentialsForProviderWithOptions(request, runtime);
   }
 
+  /**
+   * 游标分页查询应用角色
+   * 
+   * @param request - ListApplicationRolesRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns ListApplicationRolesResponse
+   */
+  async listApplicationRolesWithOptions(request: $_model.ListApplicationRolesRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListApplicationRolesResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.filter)) {
+      query["Filter"] = request.filter;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.maxResults)) {
+      query["MaxResults"] = request.maxResults;
+    }
+
+    if (!$dara.isNull(request.nextToken)) {
+      query["NextToken"] = request.nextToken;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "ListApplicationRoles",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.ListApplicationRolesResponse>(await this.callApi(params, req, runtime), new $_model.ListApplicationRolesResponse({}));
+  }
+
+  /**
+   * 游标分页查询应用角色
+   * 
+   * @param request - ListApplicationRolesRequest
+   * @returns ListApplicationRolesResponse
+   */
+  async listApplicationRoles(request: $_model.ListApplicationRolesRequest): Promise<$_model.ListApplicationRolesResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.listApplicationRolesWithOptions(request, runtime);
+  }
+
   /**
    * 应用支持账户同步类型列表
    * 
@@ -6596,18 +8222,19 @@ export default class Client extends OpenApi {
   }
 
   /**
-   * List of Conditional Access Policies
-   * 
-   * @remarks
-   * Paginated query for the list of conditional access policies
+   * 查询指定应用所属的全部ClientPublicKey
    * 
-   * @param request - ListConditionalAccessPoliciesRequest
+   * @param request - ListClientPublicKeysRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns ListConditionalAccessPoliciesResponse
+   * @returns ListClientPublicKeysResponse
    */
-  async listConditionalAccessPoliciesWithOptions(request: $_model.ListConditionalAccessPoliciesRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListConditionalAccessPoliciesResponse> {
+  async listClientPublicKeysWithOptions(request: $_model.ListClientPublicKeysRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListClientPublicKeysResponse> {
     request.validate();
     let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
     if (!$dara.isNull(request.instanceId)) {
       query["InstanceId"] = request.instanceId;
     }
@@ -6620,15 +8247,11 @@ export default class Client extends OpenApi {
       query["NextToken"] = request.nextToken;
     }
 
-    if (!$dara.isNull(request.previousToken)) {
-      query["PreviousToken"] = request.previousToken;
-    }
-
     let req = new $OpenApiUtil.OpenApiRequest({
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "ListConditionalAccessPolicies",
+      action: "ListClientPublicKeys",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -6638,43 +8261,212 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.ListConditionalAccessPoliciesResponse>(await this.callApi(params, req, runtime), new $_model.ListConditionalAccessPoliciesResponse({}));
+    return $dara.cast<$_model.ListClientPublicKeysResponse>(await this.callApi(params, req, runtime), new $_model.ListClientPublicKeysResponse({}));
   }
 
   /**
-   * List of Conditional Access Policies
-   * 
-   * @remarks
-   * Paginated query for the list of conditional access policies
+   * 查询指定应用所属的全部ClientPublicKey
    * 
-   * @param request - ListConditionalAccessPoliciesRequest
-   * @returns ListConditionalAccessPoliciesResponse
+   * @param request - ListClientPublicKeysRequest
+   * @returns ListClientPublicKeysResponse
    */
-  async listConditionalAccessPolicies(request: $_model.ListConditionalAccessPoliciesRequest): Promise<$_model.ListConditionalAccessPoliciesResponse> {
+  async listClientPublicKeys(request: $_model.ListClientPublicKeysRequest): Promise<$_model.ListClientPublicKeysResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.listConditionalAccessPoliciesWithOptions(request, runtime);
+    return await this.listClientPublicKeysWithOptions(request, runtime);
   }
 
   /**
-   * 获取应用关联的条件访问策略列表
+   * 查询云角色列表
    * 
-   * @param request - ListConditionalAccessPoliciesForApplicationRequest
+   * @param request - ListCloudAccountRolesRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns ListConditionalAccessPoliciesForApplicationResponse
+   * @returns ListCloudAccountRolesResponse
    */
-  async listConditionalAccessPoliciesForApplicationWithOptions(request: $_model.ListConditionalAccessPoliciesForApplicationRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListConditionalAccessPoliciesForApplicationResponse> {
+  async listCloudAccountRolesWithOptions(request: $_model.ListCloudAccountRolesRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListCloudAccountRolesResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.applicationId)) {
-      query["ApplicationId"] = request.applicationId;
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.filter)) {
+      query["Filter"] = request.filter;
     }
 
     if (!$dara.isNull(request.instanceId)) {
       query["InstanceId"] = request.instanceId;
     }
 
-    let req = new $OpenApiUtil.OpenApiRequest({
-      query: OpenApiUtil.query(query),
+    if (!$dara.isNull(request.maxResults)) {
+      query["MaxResults"] = request.maxResults;
+    }
+
+    if (!$dara.isNull(request.nextToken)) {
+      query["NextToken"] = request.nextToken;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "ListCloudAccountRoles",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.ListCloudAccountRolesResponse>(await this.callApi(params, req, runtime), new $_model.ListCloudAccountRolesResponse({}));
+  }
+
+  /**
+   * 查询云角色列表
+   * 
+   * @param request - ListCloudAccountRolesRequest
+   * @returns ListCloudAccountRolesResponse
+   */
+  async listCloudAccountRoles(request: $_model.ListCloudAccountRolesRequest): Promise<$_model.ListCloudAccountRolesResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.listCloudAccountRolesWithOptions(request, runtime);
+  }
+
+  /**
+   * 查询云账号列表
+   * 
+   * @param request - ListCloudAccountsRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns ListCloudAccountsResponse
+   */
+  async listCloudAccountsWithOptions(request: $_model.ListCloudAccountsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListCloudAccountsResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.filter)) {
+      query["Filter"] = request.filter;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.maxResults)) {
+      query["MaxResults"] = request.maxResults;
+    }
+
+    if (!$dara.isNull(request.nextToken)) {
+      query["NextToken"] = request.nextToken;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "ListCloudAccounts",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.ListCloudAccountsResponse>(await this.callApi(params, req, runtime), new $_model.ListCloudAccountsResponse({}));
+  }
+
+  /**
+   * 查询云账号列表
+   * 
+   * @param request - ListCloudAccountsRequest
+   * @returns ListCloudAccountsResponse
+   */
+  async listCloudAccounts(request: $_model.ListCloudAccountsRequest): Promise<$_model.ListCloudAccountsResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.listCloudAccountsWithOptions(request, runtime);
+  }
+
+  /**
+   * List of Conditional Access Policies
+   * 
+   * @remarks
+   * Paginated query for the list of conditional access policies
+   * 
+   * @param request - ListConditionalAccessPoliciesRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns ListConditionalAccessPoliciesResponse
+   */
+  async listConditionalAccessPoliciesWithOptions(request: $_model.ListConditionalAccessPoliciesRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListConditionalAccessPoliciesResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.maxResults)) {
+      query["MaxResults"] = request.maxResults;
+    }
+
+    if (!$dara.isNull(request.nextToken)) {
+      query["NextToken"] = request.nextToken;
+    }
+
+    if (!$dara.isNull(request.previousToken)) {
+      query["PreviousToken"] = request.previousToken;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "ListConditionalAccessPolicies",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.ListConditionalAccessPoliciesResponse>(await this.callApi(params, req, runtime), new $_model.ListConditionalAccessPoliciesResponse({}));
+  }
+
+  /**
+   * List of Conditional Access Policies
+   * 
+   * @remarks
+   * Paginated query for the list of conditional access policies
+   * 
+   * @param request - ListConditionalAccessPoliciesRequest
+   * @returns ListConditionalAccessPoliciesResponse
+   */
+  async listConditionalAccessPolicies(request: $_model.ListConditionalAccessPoliciesRequest): Promise<$_model.ListConditionalAccessPoliciesResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.listConditionalAccessPoliciesWithOptions(request, runtime);
+  }
+
+  /**
+   * 获取应用关联的条件访问策略列表
+   * 
+   * @param request - ListConditionalAccessPoliciesForApplicationRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns ListConditionalAccessPoliciesForApplicationResponse
+   */
+  async listConditionalAccessPoliciesForApplicationWithOptions(request: $_model.ListConditionalAccessPoliciesForApplicationRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListConditionalAccessPoliciesForApplicationResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
       action: "ListConditionalAccessPoliciesForApplication",
@@ -7275,6 +9067,64 @@ export default class Client extends OpenApi {
     return await this.listGroupsForApplicationWithOptions(request, runtime);
   }
 
+  /**
+   * 查询ResourceServer授权的组和Scope权限
+   * 
+   * @param request - ListGroupsForResourceServerRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns ListGroupsForResourceServerResponse
+   */
+  async listGroupsForResourceServerWithOptions(request: $_model.ListGroupsForResourceServerRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListGroupsForResourceServerResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.filter)) {
+      query["Filter"] = request.filter;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.maxResults)) {
+      query["MaxResults"] = request.maxResults;
+    }
+
+    if (!$dara.isNull(request.nextToken)) {
+      query["NextToken"] = request.nextToken;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "ListGroupsForResourceServer",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.ListGroupsForResourceServerResponse>(await this.callApi(params, req, runtime), new $_model.ListGroupsForResourceServerResponse({}));
+  }
+
+  /**
+   * 查询ResourceServer授权的组和Scope权限
+   * 
+   * @param request - ListGroupsForResourceServerRequest
+   * @returns ListGroupsForResourceServerResponse
+   */
+  async listGroupsForResourceServer(request: $_model.ListGroupsForResourceServerRequest): Promise<$_model.ListGroupsForResourceServerResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.listGroupsForResourceServerWithOptions(request, runtime);
+  }
+
   /**
    * Queries a list of account groups to which an Employee Identity and Access Management (EIAM) account of Identity as a Service (IDaaS) belongs.
    * 
@@ -7909,6 +9759,64 @@ export default class Client extends OpenApi {
     return await this.listOrganizationalUnitsForApplicationWithOptions(request, runtime);
   }
 
+  /**
+   * 查询被授权到组织的ResourceServers和Scopes权限
+   * 
+   * @param request - ListOrganizationalUnitsForResourceServerRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns ListOrganizationalUnitsForResourceServerResponse
+   */
+  async listOrganizationalUnitsForResourceServerWithOptions(request: $_model.ListOrganizationalUnitsForResourceServerRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListOrganizationalUnitsForResourceServerResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.filter)) {
+      query["Filter"] = request.filter;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.maxResults)) {
+      query["MaxResults"] = request.maxResults;
+    }
+
+    if (!$dara.isNull(request.nextToken)) {
+      query["NextToken"] = request.nextToken;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "ListOrganizationalUnitsForResourceServer",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.ListOrganizationalUnitsForResourceServerResponse>(await this.callApi(params, req, runtime), new $_model.ListOrganizationalUnitsForResourceServerResponse({}));
+  }
+
+  /**
+   * 查询被授权到组织的ResourceServers和Scopes权限
+   * 
+   * @param request - ListOrganizationalUnitsForResourceServerRequest
+   * @returns ListOrganizationalUnitsForResourceServerResponse
+   */
+  async listOrganizationalUnitsForResourceServer(request: $_model.ListOrganizationalUnitsForResourceServerRequest): Promise<$_model.ListOrganizationalUnitsForResourceServerResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.listOrganizationalUnitsForResourceServerWithOptions(request, runtime);
+  }
+
   /**
    * Queries the supported Alibaba Cloud regions.
    * 
@@ -7942,25 +9850,17 @@ export default class Client extends OpenApi {
   }
 
   /**
-   * 查询同步任务
+   * 查询用户的被授予ResourceServers和Scopes的权限
    * 
-   * @param request - ListSynchronizationJobsRequest
+   * @param request - ListResourceServersForUserRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns ListSynchronizationJobsResponse
+   * @returns ListResourceServersForUserResponse
    */
-  async listSynchronizationJobsWithOptions(request: $_model.ListSynchronizationJobsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListSynchronizationJobsResponse> {
+  async listResourceServersForUserWithOptions(request: $_model.ListResourceServersForUserRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListResourceServersForUserResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.direction)) {
-      query["Direction"] = request.direction;
-    }
-
-    if (!$dara.isNull(request.endTime)) {
-      query["EndTime"] = request.endTime;
-    }
-
-    if (!$dara.isNull(request.filters)) {
-      query["Filters"] = request.filters;
+    if (!$dara.isNull(request.filter)) {
+      query["Filter"] = request.filter;
     }
 
     if (!$dara.isNull(request.instanceId)) {
@@ -7975,8 +9875,74 @@ export default class Client extends OpenApi {
       query["NextToken"] = request.nextToken;
     }
 
-    if (!$dara.isNull(request.pageNumber)) {
-      query["PageNumber"] = request.pageNumber;
+    if (!$dara.isNull(request.userId)) {
+      query["UserId"] = request.userId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "ListResourceServersForUser",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.ListResourceServersForUserResponse>(await this.callApi(params, req, runtime), new $_model.ListResourceServersForUserResponse({}));
+  }
+
+  /**
+   * 查询用户的被授予ResourceServers和Scopes的权限
+   * 
+   * @param request - ListResourceServersForUserRequest
+   * @returns ListResourceServersForUserResponse
+   */
+  async listResourceServersForUser(request: $_model.ListResourceServersForUserRequest): Promise<$_model.ListResourceServersForUserResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.listResourceServersForUserWithOptions(request, runtime);
+  }
+
+  /**
+   * 查询同步任务
+   * 
+   * @param request - ListSynchronizationJobsRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns ListSynchronizationJobsResponse
+   */
+  async listSynchronizationJobsWithOptions(request: $_model.ListSynchronizationJobsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListSynchronizationJobsResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.direction)) {
+      query["Direction"] = request.direction;
+    }
+
+    if (!$dara.isNull(request.endTime)) {
+      query["EndTime"] = request.endTime;
+    }
+
+    if (!$dara.isNull(request.filters)) {
+      query["Filters"] = request.filters;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.maxResults)) {
+      query["MaxResults"] = request.maxResults;
+    }
+
+    if (!$dara.isNull(request.nextToken)) {
+      query["NextToken"] = request.nextToken;
+    }
+
+    if (!$dara.isNull(request.pageNumber)) {
+      query["PageNumber"] = request.pageNumber;
     }
 
     if (!$dara.isNull(request.pageSize)) {
@@ -8307,6 +10273,64 @@ export default class Client extends OpenApi {
     return await this.listUsersForGroupWithOptions(request, runtime);
   }
 
+  /**
+   * 查询ResourceServer授权的用户和Scope权限
+   * 
+   * @param request - ListUsersForResourceServerRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns ListUsersForResourceServerResponse
+   */
+  async listUsersForResourceServerWithOptions(request: $_model.ListUsersForResourceServerRequest, runtime: $dara.RuntimeOptions): Promise<$_model.ListUsersForResourceServerResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.filter)) {
+      query["Filter"] = request.filter;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.maxResults)) {
+      query["MaxResults"] = request.maxResults;
+    }
+
+    if (!$dara.isNull(request.nextToken)) {
+      query["NextToken"] = request.nextToken;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "ListUsersForResourceServer",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.ListUsersForResourceServerResponse>(await this.callApi(params, req, runtime), new $_model.ListUsersForResourceServerResponse({}));
+  }
+
+  /**
+   * 查询ResourceServer授权的用户和Scope权限
+   * 
+   * @param request - ListUsersForResourceServerRequest
+   * @returns ListUsersForResourceServerResponse
+   */
+  async listUsersForResourceServer(request: $_model.ListUsersForResourceServerRequest): Promise<$_model.ListUsersForResourceServerResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.listUsersForResourceServerWithOptions(request, runtime);
+  }
+
   /**
    * Queries a client key of an Employee Identity and Access Management (EIAM) application. The returned key secret is masked. If you want to query the key secret that is not masked, call the ListApplicationClientSecrets operation.
    * 
@@ -8458,36 +10482,294 @@ export default class Client extends OpenApi {
   }
 
   /**
-   * 删除一个当前应用下的指定员工的应用账号
+   * 删除一个当前应用下的指定员工的应用账号
+   * 
+   * @param request - RemoveApplicationAccountFromUserRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns RemoveApplicationAccountFromUserResponse
+   */
+  async removeApplicationAccountFromUserWithOptions(request: $_model.RemoveApplicationAccountFromUserRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RemoveApplicationAccountFromUserResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationAccountId)) {
+      query["ApplicationAccountId"] = request.applicationAccountId;
+    }
+
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.userId)) {
+      query["UserId"] = request.userId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "RemoveApplicationAccountFromUser",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.RemoveApplicationAccountFromUserResponse>(await this.callApi(params, req, runtime), new $_model.RemoveApplicationAccountFromUserResponse({}));
+  }
+
+  /**
+   * 删除一个当前应用下的指定员工的应用账号
+   * 
+   * @param request - RemoveApplicationAccountFromUserRequest
+   * @returns RemoveApplicationAccountFromUserResponse
+   */
+  async removeApplicationAccountFromUser(request: $_model.RemoveApplicationAccountFromUserRequest): Promise<$_model.RemoveApplicationAccountFromUserResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.removeApplicationAccountFromUserWithOptions(request, runtime);
+  }
+
+  /**
+   * 移除品牌关联条款
+   * 
+   * @param request - RemoveCustomPrivacyPoliciesFromBrandRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns RemoveCustomPrivacyPoliciesFromBrandResponse
+   */
+  async removeCustomPrivacyPoliciesFromBrandWithOptions(request: $_model.RemoveCustomPrivacyPoliciesFromBrandRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RemoveCustomPrivacyPoliciesFromBrandResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.brandId)) {
+      query["BrandId"] = request.brandId;
+    }
+
+    if (!$dara.isNull(request.customPrivacyPolicyIds)) {
+      query["CustomPrivacyPolicyIds"] = request.customPrivacyPolicyIds;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "RemoveCustomPrivacyPoliciesFromBrand",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.RemoveCustomPrivacyPoliciesFromBrandResponse>(await this.callApi(params, req, runtime), new $_model.RemoveCustomPrivacyPoliciesFromBrandResponse({}));
+  }
+
+  /**
+   * 移除品牌关联条款
+   * 
+   * @param request - RemoveCustomPrivacyPoliciesFromBrandRequest
+   * @returns RemoveCustomPrivacyPoliciesFromBrandResponse
+   */
+  async removeCustomPrivacyPoliciesFromBrand(request: $_model.RemoveCustomPrivacyPoliciesFromBrandRequest): Promise<$_model.RemoveCustomPrivacyPoliciesFromBrandResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.removeCustomPrivacyPoliciesFromBrandWithOptions(request, runtime);
+  }
+
+  /**
+   * Removes an Employee Identity and Access Management (EIAM) account from multiple EIAM organizations of Identity as a Service (IDaaS). You cannot remove an account from a primary organization.
+   * 
+   * @param request - RemoveUserFromOrganizationalUnitsRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns RemoveUserFromOrganizationalUnitsResponse
+   */
+  async removeUserFromOrganizationalUnitsWithOptions(request: $_model.RemoveUserFromOrganizationalUnitsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RemoveUserFromOrganizationalUnitsResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.organizationalUnitIds)) {
+      query["OrganizationalUnitIds"] = request.organizationalUnitIds;
+    }
+
+    if (!$dara.isNull(request.userId)) {
+      query["UserId"] = request.userId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "RemoveUserFromOrganizationalUnits",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.RemoveUserFromOrganizationalUnitsResponse>(await this.callApi(params, req, runtime), new $_model.RemoveUserFromOrganizationalUnitsResponse({}));
+  }
+
+  /**
+   * Removes an Employee Identity and Access Management (EIAM) account from multiple EIAM organizations of Identity as a Service (IDaaS). You cannot remove an account from a primary organization.
+   * 
+   * @param request - RemoveUserFromOrganizationalUnitsRequest
+   * @returns RemoveUserFromOrganizationalUnitsResponse
+   */
+  async removeUserFromOrganizationalUnits(request: $_model.RemoveUserFromOrganizationalUnitsRequest): Promise<$_model.RemoveUserFromOrganizationalUnitsResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.removeUserFromOrganizationalUnitsWithOptions(request, runtime);
+  }
+
+  /**
+   * Removes Employee Identity and Access Management (EIAM) accounts from an EIAM group of Identity as a Service (IDaaS).
+   * 
+   * @param request - RemoveUsersFromGroupRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns RemoveUsersFromGroupResponse
+   */
+  async removeUsersFromGroupWithOptions(request: $_model.RemoveUsersFromGroupRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RemoveUsersFromGroupResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.groupId)) {
+      query["GroupId"] = request.groupId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.userIds)) {
+      query["UserIds"] = request.userIds;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "RemoveUsersFromGroup",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.RemoveUsersFromGroupResponse>(await this.callApi(params, req, runtime), new $_model.RemoveUsersFromGroupResponse({}));
+  }
+
+  /**
+   * Removes Employee Identity and Access Management (EIAM) accounts from an EIAM group of Identity as a Service (IDaaS).
+   * 
+   * @param request - RemoveUsersFromGroupRequest
+   * @returns RemoveUsersFromGroupResponse
+   */
+  async removeUsersFromGroup(request: $_model.RemoveUsersFromGroupRequest): Promise<$_model.RemoveUsersFromGroupResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.removeUsersFromGroupWithOptions(request, runtime);
+  }
+
+  /**
+   * Revokes the permissions to access an application from multiple account groups at a time in Identity as a Service (IDaaS) Employee Identity and Access Management (EIAM).
+   * 
+   * @param request - RevokeApplicationFromGroupsRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns RevokeApplicationFromGroupsResponse
+   */
+  async revokeApplicationFromGroupsWithOptions(request: $_model.RevokeApplicationFromGroupsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeApplicationFromGroupsResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.applicationRoleId)) {
+      query["ApplicationRoleId"] = request.applicationRoleId;
+    }
+
+    if (!$dara.isNull(request.groupIds)) {
+      query["GroupIds"] = request.groupIds;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "RevokeApplicationFromGroups",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.RevokeApplicationFromGroupsResponse>(await this.callApi(params, req, runtime), new $_model.RevokeApplicationFromGroupsResponse({}));
+  }
+
+  /**
+   * Revokes the permissions to access an application from multiple account groups at a time in Identity as a Service (IDaaS) Employee Identity and Access Management (EIAM).
+   * 
+   * @param request - RevokeApplicationFromGroupsRequest
+   * @returns RevokeApplicationFromGroupsResponse
+   */
+  async revokeApplicationFromGroups(request: $_model.RevokeApplicationFromGroupsRequest): Promise<$_model.RevokeApplicationFromGroupsResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.revokeApplicationFromGroupsWithOptions(request, runtime);
+  }
+
+  /**
+   * Revokes the permissions to access an application from multiple Employee Identity and Access Management (EIAM) organizations at a time.
    * 
-   * @param request - RemoveApplicationAccountFromUserRequest
+   * @param request - RevokeApplicationFromOrganizationalUnitsRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns RemoveApplicationAccountFromUserResponse
+   * @returns RevokeApplicationFromOrganizationalUnitsResponse
    */
-  async removeApplicationAccountFromUserWithOptions(request: $_model.RemoveApplicationAccountFromUserRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RemoveApplicationAccountFromUserResponse> {
+  async revokeApplicationFromOrganizationalUnitsWithOptions(request: $_model.RevokeApplicationFromOrganizationalUnitsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeApplicationFromOrganizationalUnitsResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.applicationAccountId)) {
-      query["ApplicationAccountId"] = request.applicationAccountId;
-    }
-
     if (!$dara.isNull(request.applicationId)) {
       query["ApplicationId"] = request.applicationId;
     }
 
+    if (!$dara.isNull(request.applicationRoleId)) {
+      query["ApplicationRoleId"] = request.applicationRoleId;
+    }
+
     if (!$dara.isNull(request.instanceId)) {
       query["InstanceId"] = request.instanceId;
     }
 
-    if (!$dara.isNull(request.userId)) {
-      query["UserId"] = request.userId;
+    if (!$dara.isNull(request.organizationalUnitIds)) {
+      query["OrganizationalUnitIds"] = request.organizationalUnitIds;
     }
 
     let req = new $OpenApiUtil.OpenApiRequest({
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "RemoveApplicationAccountFromUser",
+      action: "RevokeApplicationFromOrganizationalUnits",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -8497,47 +10779,51 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.RemoveApplicationAccountFromUserResponse>(await this.callApi(params, req, runtime), new $_model.RemoveApplicationAccountFromUserResponse({}));
+    return $dara.cast<$_model.RevokeApplicationFromOrganizationalUnitsResponse>(await this.callApi(params, req, runtime), new $_model.RevokeApplicationFromOrganizationalUnitsResponse({}));
   }
 
   /**
-   * 删除一个当前应用下的指定员工的应用账号
+   * Revokes the permissions to access an application from multiple Employee Identity and Access Management (EIAM) organizations at a time.
    * 
-   * @param request - RemoveApplicationAccountFromUserRequest
-   * @returns RemoveApplicationAccountFromUserResponse
+   * @param request - RevokeApplicationFromOrganizationalUnitsRequest
+   * @returns RevokeApplicationFromOrganizationalUnitsResponse
    */
-  async removeApplicationAccountFromUser(request: $_model.RemoveApplicationAccountFromUserRequest): Promise<$_model.RemoveApplicationAccountFromUserResponse> {
+  async revokeApplicationFromOrganizationalUnits(request: $_model.RevokeApplicationFromOrganizationalUnitsRequest): Promise<$_model.RevokeApplicationFromOrganizationalUnitsResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.removeApplicationAccountFromUserWithOptions(request, runtime);
+    return await this.revokeApplicationFromOrganizationalUnitsWithOptions(request, runtime);
   }
 
   /**
-   * 移除品牌关联条款
+   * Revokes the permissions to access an application from multiple Employee Identity and Access Management (EIAM) accounts at a time.
    * 
-   * @param request - RemoveCustomPrivacyPoliciesFromBrandRequest
+   * @param request - RevokeApplicationFromUsersRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns RemoveCustomPrivacyPoliciesFromBrandResponse
+   * @returns RevokeApplicationFromUsersResponse
    */
-  async removeCustomPrivacyPoliciesFromBrandWithOptions(request: $_model.RemoveCustomPrivacyPoliciesFromBrandRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RemoveCustomPrivacyPoliciesFromBrandResponse> {
+  async revokeApplicationFromUsersWithOptions(request: $_model.RevokeApplicationFromUsersRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeApplicationFromUsersResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.brandId)) {
-      query["BrandId"] = request.brandId;
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
     }
 
-    if (!$dara.isNull(request.customPrivacyPolicyIds)) {
-      query["CustomPrivacyPolicyIds"] = request.customPrivacyPolicyIds;
+    if (!$dara.isNull(request.applicationRoleId)) {
+      query["ApplicationRoleId"] = request.applicationRoleId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
       query["InstanceId"] = request.instanceId;
     }
 
+    if (!$dara.isNull(request.userIds)) {
+      query["UserIds"] = request.userIds;
+    }
+
     let req = new $OpenApiUtil.OpenApiRequest({
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "RemoveCustomPrivacyPoliciesFromBrand",
+      action: "RevokeApplicationFromUsers",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -8547,47 +10833,47 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.RemoveCustomPrivacyPoliciesFromBrandResponse>(await this.callApi(params, req, runtime), new $_model.RemoveCustomPrivacyPoliciesFromBrandResponse({}));
+    return $dara.cast<$_model.RevokeApplicationFromUsersResponse>(await this.callApi(params, req, runtime), new $_model.RevokeApplicationFromUsersResponse({}));
   }
 
   /**
-   * 移除品牌关联条款
+   * Revokes the permissions to access an application from multiple Employee Identity and Access Management (EIAM) accounts at a time.
    * 
-   * @param request - RemoveCustomPrivacyPoliciesFromBrandRequest
-   * @returns RemoveCustomPrivacyPoliciesFromBrandResponse
+   * @param request - RevokeApplicationFromUsersRequest
+   * @returns RevokeApplicationFromUsersResponse
    */
-  async removeCustomPrivacyPoliciesFromBrand(request: $_model.RemoveCustomPrivacyPoliciesFromBrandRequest): Promise<$_model.RemoveCustomPrivacyPoliciesFromBrandResponse> {
+  async revokeApplicationFromUsers(request: $_model.RevokeApplicationFromUsersRequest): Promise<$_model.RevokeApplicationFromUsersResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.removeCustomPrivacyPoliciesFromBrandWithOptions(request, runtime);
+    return await this.revokeApplicationFromUsersWithOptions(request, runtime);
   }
 
   /**
-   * Removes an Employee Identity and Access Management (EIAM) account from multiple EIAM organizations of Identity as a Service (IDaaS). You cannot remove an account from a primary organization.
+   * 解除指定ResourceServer到Client的授权
    * 
-   * @param request - RemoveUserFromOrganizationalUnitsRequest
+   * @param request - RevokeResourceServerFromClientRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns RemoveUserFromOrganizationalUnitsResponse
+   * @returns RevokeResourceServerFromClientResponse
    */
-  async removeUserFromOrganizationalUnitsWithOptions(request: $_model.RemoveUserFromOrganizationalUnitsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RemoveUserFromOrganizationalUnitsResponse> {
+  async revokeResourceServerFromClientWithOptions(request: $_model.RevokeResourceServerFromClientRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeResourceServerFromClientResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.instanceId)) {
-      query["InstanceId"] = request.instanceId;
+    if (!$dara.isNull(request.clientApplicationId)) {
+      query["ClientApplicationId"] = request.clientApplicationId;
     }
 
-    if (!$dara.isNull(request.organizationalUnitIds)) {
-      query["OrganizationalUnitIds"] = request.organizationalUnitIds;
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
     }
 
-    if (!$dara.isNull(request.userId)) {
-      query["UserId"] = request.userId;
+    if (!$dara.isNull(request.resourceServerApplicationId)) {
+      query["ResourceServerApplicationId"] = request.resourceServerApplicationId;
     }
 
     let req = new $OpenApiUtil.OpenApiRequest({
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "RemoveUserFromOrganizationalUnits",
+      action: "RevokeResourceServerFromClient",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -8597,47 +10883,51 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.RemoveUserFromOrganizationalUnitsResponse>(await this.callApi(params, req, runtime), new $_model.RemoveUserFromOrganizationalUnitsResponse({}));
+    return $dara.cast<$_model.RevokeResourceServerFromClientResponse>(await this.callApi(params, req, runtime), new $_model.RevokeResourceServerFromClientResponse({}));
   }
 
   /**
-   * Removes an Employee Identity and Access Management (EIAM) account from multiple EIAM organizations of Identity as a Service (IDaaS). You cannot remove an account from a primary organization.
+   * 解除指定ResourceServer到Client的授权
    * 
-   * @param request - RemoveUserFromOrganizationalUnitsRequest
-   * @returns RemoveUserFromOrganizationalUnitsResponse
+   * @param request - RevokeResourceServerFromClientRequest
+   * @returns RevokeResourceServerFromClientResponse
    */
-  async removeUserFromOrganizationalUnits(request: $_model.RemoveUserFromOrganizationalUnitsRequest): Promise<$_model.RemoveUserFromOrganizationalUnitsResponse> {
+  async revokeResourceServerFromClient(request: $_model.RevokeResourceServerFromClientRequest): Promise<$_model.RevokeResourceServerFromClientResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.removeUserFromOrganizationalUnitsWithOptions(request, runtime);
+    return await this.revokeResourceServerFromClientWithOptions(request, runtime);
   }
 
   /**
-   * Removes Employee Identity and Access Management (EIAM) accounts from an EIAM group of Identity as a Service (IDaaS).
+   * 解除指定ResourceServer下的Scope给Client
    * 
-   * @param request - RemoveUsersFromGroupRequest
+   * @param request - RevokeResourceServerScopesFromClientRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns RemoveUsersFromGroupResponse
+   * @returns RevokeResourceServerScopesFromClientResponse
    */
-  async removeUsersFromGroupWithOptions(request: $_model.RemoveUsersFromGroupRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RemoveUsersFromGroupResponse> {
+  async revokeResourceServerScopesFromClientWithOptions(request: $_model.RevokeResourceServerScopesFromClientRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeResourceServerScopesFromClientResponse> {
     request.validate();
     let query = { };
-    if (!$dara.isNull(request.groupId)) {
-      query["GroupId"] = request.groupId;
+    if (!$dara.isNull(request.clientApplicationId)) {
+      query["ClientApplicationId"] = request.clientApplicationId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
       query["InstanceId"] = request.instanceId;
     }
 
-    if (!$dara.isNull(request.userIds)) {
-      query["UserIds"] = request.userIds;
+    if (!$dara.isNull(request.resourceServerApplicationId)) {
+      query["ResourceServerApplicationId"] = request.resourceServerApplicationId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeIds)) {
+      query["ResourceServerScopeIds"] = request.resourceServerScopeIds;
     }
 
     let req = new $OpenApiUtil.OpenApiRequest({
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "RemoveUsersFromGroup",
+      action: "RevokeResourceServerScopesFromClient",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -8647,51 +10937,51 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.RemoveUsersFromGroupResponse>(await this.callApi(params, req, runtime), new $_model.RemoveUsersFromGroupResponse({}));
+    return $dara.cast<$_model.RevokeResourceServerScopesFromClientResponse>(await this.callApi(params, req, runtime), new $_model.RevokeResourceServerScopesFromClientResponse({}));
   }
 
   /**
-   * Removes Employee Identity and Access Management (EIAM) accounts from an EIAM group of Identity as a Service (IDaaS).
+   * 解除指定ResourceServer下的Scope给Client
    * 
-   * @param request - RemoveUsersFromGroupRequest
-   * @returns RemoveUsersFromGroupResponse
+   * @param request - RevokeResourceServerScopesFromClientRequest
+   * @returns RevokeResourceServerScopesFromClientResponse
    */
-  async removeUsersFromGroup(request: $_model.RemoveUsersFromGroupRequest): Promise<$_model.RemoveUsersFromGroupResponse> {
+  async revokeResourceServerScopesFromClient(request: $_model.RevokeResourceServerScopesFromClientRequest): Promise<$_model.RevokeResourceServerScopesFromClientResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.removeUsersFromGroupWithOptions(request, runtime);
+    return await this.revokeResourceServerScopesFromClientWithOptions(request, runtime);
   }
 
   /**
-   * Revokes the permissions to access an application from multiple account groups at a time in Identity as a Service (IDaaS) Employee Identity and Access Management (EIAM).
+   * 取消被授予到组的ResourceServerScope权限
    * 
-   * @param request - RevokeApplicationFromGroupsRequest
+   * @param request - RevokeResourceServerScopesFromGroupRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns RevokeApplicationFromGroupsResponse
+   * @returns RevokeResourceServerScopesFromGroupResponse
    */
-  async revokeApplicationFromGroupsWithOptions(request: $_model.RevokeApplicationFromGroupsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeApplicationFromGroupsResponse> {
+  async revokeResourceServerScopesFromGroupWithOptions(request: $_model.RevokeResourceServerScopesFromGroupRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeResourceServerScopesFromGroupResponse> {
     request.validate();
     let query = { };
     if (!$dara.isNull(request.applicationId)) {
       query["ApplicationId"] = request.applicationId;
     }
 
-    if (!$dara.isNull(request.applicationRoleId)) {
-      query["ApplicationRoleId"] = request.applicationRoleId;
-    }
-
-    if (!$dara.isNull(request.groupIds)) {
-      query["GroupIds"] = request.groupIds;
+    if (!$dara.isNull(request.groupId)) {
+      query["GroupId"] = request.groupId;
     }
 
     if (!$dara.isNull(request.instanceId)) {
       query["InstanceId"] = request.instanceId;
     }
 
+    if (!$dara.isNull(request.resourceServerScopeIds)) {
+      query["ResourceServerScopeIds"] = request.resourceServerScopeIds;
+    }
+
     let req = new $OpenApiUtil.OpenApiRequest({
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "RevokeApplicationFromGroups",
+      action: "RevokeResourceServerScopesFromGroup",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -8701,51 +10991,51 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.RevokeApplicationFromGroupsResponse>(await this.callApi(params, req, runtime), new $_model.RevokeApplicationFromGroupsResponse({}));
+    return $dara.cast<$_model.RevokeResourceServerScopesFromGroupResponse>(await this.callApi(params, req, runtime), new $_model.RevokeResourceServerScopesFromGroupResponse({}));
   }
 
   /**
-   * Revokes the permissions to access an application from multiple account groups at a time in Identity as a Service (IDaaS) Employee Identity and Access Management (EIAM).
+   * 取消被授予到组的ResourceServerScope权限
    * 
-   * @param request - RevokeApplicationFromGroupsRequest
-   * @returns RevokeApplicationFromGroupsResponse
+   * @param request - RevokeResourceServerScopesFromGroupRequest
+   * @returns RevokeResourceServerScopesFromGroupResponse
    */
-  async revokeApplicationFromGroups(request: $_model.RevokeApplicationFromGroupsRequest): Promise<$_model.RevokeApplicationFromGroupsResponse> {
+  async revokeResourceServerScopesFromGroup(request: $_model.RevokeResourceServerScopesFromGroupRequest): Promise<$_model.RevokeResourceServerScopesFromGroupResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.revokeApplicationFromGroupsWithOptions(request, runtime);
+    return await this.revokeResourceServerScopesFromGroupWithOptions(request, runtime);
   }
 
   /**
-   * Revokes the permissions to access an application from multiple Employee Identity and Access Management (EIAM) organizations at a time.
+   * 取消被授予到组织的ResourceServerScope权限
    * 
-   * @param request - RevokeApplicationFromOrganizationalUnitsRequest
+   * @param request - RevokeResourceServerScopesFromOrganizationalUnitRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns RevokeApplicationFromOrganizationalUnitsResponse
+   * @returns RevokeResourceServerScopesFromOrganizationalUnitResponse
    */
-  async revokeApplicationFromOrganizationalUnitsWithOptions(request: $_model.RevokeApplicationFromOrganizationalUnitsRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeApplicationFromOrganizationalUnitsResponse> {
+  async revokeResourceServerScopesFromOrganizationalUnitWithOptions(request: $_model.RevokeResourceServerScopesFromOrganizationalUnitRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeResourceServerScopesFromOrganizationalUnitResponse> {
     request.validate();
     let query = { };
     if (!$dara.isNull(request.applicationId)) {
       query["ApplicationId"] = request.applicationId;
     }
 
-    if (!$dara.isNull(request.applicationRoleId)) {
-      query["ApplicationRoleId"] = request.applicationRoleId;
-    }
-
     if (!$dara.isNull(request.instanceId)) {
       query["InstanceId"] = request.instanceId;
     }
 
-    if (!$dara.isNull(request.organizationalUnitIds)) {
-      query["OrganizationalUnitIds"] = request.organizationalUnitIds;
+    if (!$dara.isNull(request.organizationalUnitId)) {
+      query["OrganizationalUnitId"] = request.organizationalUnitId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeIds)) {
+      query["ResourceServerScopeIds"] = request.resourceServerScopeIds;
     }
 
     let req = new $OpenApiUtil.OpenApiRequest({
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "RevokeApplicationFromOrganizationalUnits",
+      action: "RevokeResourceServerScopesFromOrganizationalUnit",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -8755,51 +11045,51 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.RevokeApplicationFromOrganizationalUnitsResponse>(await this.callApi(params, req, runtime), new $_model.RevokeApplicationFromOrganizationalUnitsResponse({}));
+    return $dara.cast<$_model.RevokeResourceServerScopesFromOrganizationalUnitResponse>(await this.callApi(params, req, runtime), new $_model.RevokeResourceServerScopesFromOrganizationalUnitResponse({}));
   }
 
   /**
-   * Revokes the permissions to access an application from multiple Employee Identity and Access Management (EIAM) organizations at a time.
+   * 取消被授予到组织的ResourceServerScope权限
    * 
-   * @param request - RevokeApplicationFromOrganizationalUnitsRequest
-   * @returns RevokeApplicationFromOrganizationalUnitsResponse
+   * @param request - RevokeResourceServerScopesFromOrganizationalUnitRequest
+   * @returns RevokeResourceServerScopesFromOrganizationalUnitResponse
    */
-  async revokeApplicationFromOrganizationalUnits(request: $_model.RevokeApplicationFromOrganizationalUnitsRequest): Promise<$_model.RevokeApplicationFromOrganizationalUnitsResponse> {
+  async revokeResourceServerScopesFromOrganizationalUnit(request: $_model.RevokeResourceServerScopesFromOrganizationalUnitRequest): Promise<$_model.RevokeResourceServerScopesFromOrganizationalUnitResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.revokeApplicationFromOrganizationalUnitsWithOptions(request, runtime);
+    return await this.revokeResourceServerScopesFromOrganizationalUnitWithOptions(request, runtime);
   }
 
   /**
-   * Revokes the permissions to access an application from multiple Employee Identity and Access Management (EIAM) accounts at a time.
+   * 取消被授予用户的ResourceServerScope权限
    * 
-   * @param request - RevokeApplicationFromUsersRequest
+   * @param request - RevokeResourceServerScopesFromUserRequest
    * @param runtime - runtime options for this request RuntimeOptions
-   * @returns RevokeApplicationFromUsersResponse
+   * @returns RevokeResourceServerScopesFromUserResponse
    */
-  async revokeApplicationFromUsersWithOptions(request: $_model.RevokeApplicationFromUsersRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeApplicationFromUsersResponse> {
+  async revokeResourceServerScopesFromUserWithOptions(request: $_model.RevokeResourceServerScopesFromUserRequest, runtime: $dara.RuntimeOptions): Promise<$_model.RevokeResourceServerScopesFromUserResponse> {
     request.validate();
     let query = { };
     if (!$dara.isNull(request.applicationId)) {
       query["ApplicationId"] = request.applicationId;
     }
 
-    if (!$dara.isNull(request.applicationRoleId)) {
-      query["ApplicationRoleId"] = request.applicationRoleId;
-    }
-
     if (!$dara.isNull(request.instanceId)) {
       query["InstanceId"] = request.instanceId;
     }
 
-    if (!$dara.isNull(request.userIds)) {
-      query["UserIds"] = request.userIds;
+    if (!$dara.isNull(request.resourceServerScopeIds)) {
+      query["ResourceServerScopeIds"] = request.resourceServerScopeIds;
+    }
+
+    if (!$dara.isNull(request.userId)) {
+      query["UserId"] = request.userId;
     }
 
     let req = new $OpenApiUtil.OpenApiRequest({
       query: OpenApiUtil.query(query),
     });
     let params = new $OpenApiUtil.Params({
-      action: "RevokeApplicationFromUsers",
+      action: "RevokeResourceServerScopesFromUser",
       version: "2021-12-01",
       protocol: "HTTPS",
       pathname: "/",
@@ -8809,18 +11099,18 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.RevokeApplicationFromUsersResponse>(await this.callApi(params, req, runtime), new $_model.RevokeApplicationFromUsersResponse({}));
+    return $dara.cast<$_model.RevokeResourceServerScopesFromUserResponse>(await this.callApi(params, req, runtime), new $_model.RevokeResourceServerScopesFromUserResponse({}));
   }
 
   /**
-   * Revokes the permissions to access an application from multiple Employee Identity and Access Management (EIAM) accounts at a time.
+   * 取消被授予用户的ResourceServerScope权限
    * 
-   * @param request - RevokeApplicationFromUsersRequest
-   * @returns RevokeApplicationFromUsersResponse
+   * @param request - RevokeResourceServerScopesFromUserRequest
+   * @returns RevokeResourceServerScopesFromUserResponse
    */
-  async revokeApplicationFromUsers(request: $_model.RevokeApplicationFromUsersRequest): Promise<$_model.RevokeApplicationFromUsersResponse> {
+  async revokeResourceServerScopesFromUser(request: $_model.RevokeResourceServerScopesFromUserRequest): Promise<$_model.RevokeResourceServerScopesFromUserResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.revokeApplicationFromUsersWithOptions(request, runtime);
+    return await this.revokeResourceServerScopesFromUserWithOptions(request, runtime);
   }
 
   /**
@@ -9109,6 +11399,60 @@ export default class Client extends OpenApi {
     return await this.setApplicationProvisioningUserPrimaryOrganizationalUnitWithOptions(request, runtime);
   }
 
+  /**
+   * 设置ResourceServer的Identifier
+   * 
+   * @param request - SetApplicationResourceServerIdentifierRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns SetApplicationResourceServerIdentifierResponse
+   */
+  async setApplicationResourceServerIdentifierWithOptions(request: $_model.SetApplicationResourceServerIdentifierRequest, runtime: $dara.RuntimeOptions): Promise<$_model.SetApplicationResourceServerIdentifierResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerIdentifier)) {
+      query["ResourceServerIdentifier"] = request.resourceServerIdentifier;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "SetApplicationResourceServerIdentifier",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.SetApplicationResourceServerIdentifierResponse>(await this.callApi(params, req, runtime), new $_model.SetApplicationResourceServerIdentifierResponse({}));
+  }
+
+  /**
+   * 设置ResourceServer的Identifier
+   * 
+   * @param request - SetApplicationResourceServerIdentifierRequest
+   * @returns SetApplicationResourceServerIdentifierResponse
+   */
+  async setApplicationResourceServerIdentifier(request: $_model.SetApplicationResourceServerIdentifierRequest): Promise<$_model.SetApplicationResourceServerIdentifierResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.setApplicationResourceServerIdentifierWithOptions(request, runtime);
+  }
+
   /**
    * Specifies the single sign-on (SSO) configuration attributes of an application in Identity as a Service (IDaaS) Employee IAM (EIAM).
    * 
@@ -9619,18 +11963,72 @@ export default class Client extends OpenApi {
       reqBodyType: "formData",
       bodyType: "json",
     });
-    return $dara.cast<$_model.SetPasswordInitializationConfigurationResponse>(await this.callApi(params, req, runtime), new $_model.SetPasswordInitializationConfigurationResponse({}));
+    return $dara.cast<$_model.SetPasswordInitializationConfigurationResponse>(await this.callApi(params, req, runtime), new $_model.SetPasswordInitializationConfigurationResponse({}));
+  }
+
+  /**
+   * Sets the password initialization configurations for an Employee Identity and Access Management (EIAM) instance of Identity as a Service (IDaaS).
+   * 
+   * @param request - SetPasswordInitializationConfigurationRequest
+   * @returns SetPasswordInitializationConfigurationResponse
+   */
+  async setPasswordInitializationConfiguration(request: $_model.SetPasswordInitializationConfigurationRequest): Promise<$_model.SetPasswordInitializationConfigurationResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.setPasswordInitializationConfigurationWithOptions(request, runtime);
+  }
+
+  /**
+   * 设置指定的应用ClientPublicKey优先启用状态
+   * 
+   * @param request - SetPrimaryClientPublicKeyRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns SetPrimaryClientPublicKeyResponse
+   */
+  async setPrimaryClientPublicKeyWithOptions(request: $_model.SetPrimaryClientPublicKeyRequest, runtime: $dara.RuntimeOptions): Promise<$_model.SetPrimaryClientPublicKeyResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.clientPublicKeyId)) {
+      query["ClientPublicKeyId"] = request.clientPublicKeyId;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "SetPrimaryClientPublicKey",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.SetPrimaryClientPublicKeyResponse>(await this.callApi(params, req, runtime), new $_model.SetPrimaryClientPublicKeyResponse({}));
   }
 
   /**
-   * Sets the password initialization configurations for an Employee Identity and Access Management (EIAM) instance of Identity as a Service (IDaaS).
+   * 设置指定的应用ClientPublicKey优先启用状态
    * 
-   * @param request - SetPasswordInitializationConfigurationRequest
-   * @returns SetPasswordInitializationConfigurationResponse
+   * @param request - SetPrimaryClientPublicKeyRequest
+   * @returns SetPrimaryClientPublicKeyResponse
    */
-  async setPasswordInitializationConfiguration(request: $_model.SetPasswordInitializationConfigurationRequest): Promise<$_model.SetPasswordInitializationConfigurationResponse> {
+  async setPrimaryClientPublicKey(request: $_model.SetPrimaryClientPublicKeyRequest): Promise<$_model.SetPrimaryClientPublicKeyResponse> {
     let runtime = new $dara.RuntimeOptions({ });
-    return await this.setPasswordInitializationConfigurationWithOptions(request, runtime);
+    return await this.setPrimaryClientPublicKeyWithOptions(request, runtime);
   }
 
   /**
@@ -10161,6 +12559,118 @@ export default class Client extends OpenApi {
     return await this.updateApplicationInfoWithOptions(request, runtime);
   }
 
+  /**
+   * 修改应用角色
+   * 
+   * @param request - UpdateApplicationRoleRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns UpdateApplicationRoleResponse
+   */
+  async updateApplicationRoleWithOptions(request: $_model.UpdateApplicationRoleRequest, runtime: $dara.RuntimeOptions): Promise<$_model.UpdateApplicationRoleResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.applicationRoleId)) {
+      query["ApplicationRoleId"] = request.applicationRoleId;
+    }
+
+    if (!$dara.isNull(request.applicationRoleName)) {
+      query["ApplicationRoleName"] = request.applicationRoleName;
+    }
+
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "UpdateApplicationRole",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.UpdateApplicationRoleResponse>(await this.callApi(params, req, runtime), new $_model.UpdateApplicationRoleResponse({}));
+  }
+
+  /**
+   * 修改应用角色
+   * 
+   * @param request - UpdateApplicationRoleRequest
+   * @returns UpdateApplicationRoleResponse
+   */
+  async updateApplicationRole(request: $_model.UpdateApplicationRoleRequest): Promise<$_model.UpdateApplicationRoleResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.updateApplicationRoleWithOptions(request, runtime);
+  }
+
+  /**
+   * 修改应用角色描述
+   * 
+   * @param request - UpdateApplicationRoleDescriptionRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns UpdateApplicationRoleDescriptionResponse
+   */
+  async updateApplicationRoleDescriptionWithOptions(request: $_model.UpdateApplicationRoleDescriptionRequest, runtime: $dara.RuntimeOptions): Promise<$_model.UpdateApplicationRoleDescriptionResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.applicationRoleId)) {
+      query["ApplicationRoleId"] = request.applicationRoleId;
+    }
+
+    if (!$dara.isNull(request.description)) {
+      query["Description"] = request.description;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "UpdateApplicationRoleDescription",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.UpdateApplicationRoleDescriptionResponse>(await this.callApi(params, req, runtime), new $_model.UpdateApplicationRoleDescriptionResponse({}));
+  }
+
+  /**
+   * 修改应用角色描述
+   * 
+   * @param request - UpdateApplicationRoleDescriptionRequest
+   * @returns UpdateApplicationRoleDescriptionResponse
+   */
+  async updateApplicationRoleDescription(request: $_model.UpdateApplicationRoleDescriptionRequest): Promise<$_model.UpdateApplicationRoleDescriptionResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.updateApplicationRoleDescriptionWithOptions(request, runtime);
+  }
+
   /**
    * 更新模板应用的SSO参数
    * 
@@ -10315,6 +12825,172 @@ export default class Client extends OpenApi {
     return await this.updateBrandWithOptions(request, runtime);
   }
 
+  /**
+   * 更新云账号
+   * 
+   * @param request - UpdateCloudAccountRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns UpdateCloudAccountResponse
+   */
+  async updateCloudAccountWithOptions(request: $_model.UpdateCloudAccountRequest, runtime: $dara.RuntimeOptions): Promise<$_model.UpdateCloudAccountResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.cloudAccountName)) {
+      query["CloudAccountName"] = request.cloudAccountName;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "UpdateCloudAccount",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.UpdateCloudAccountResponse>(await this.callApi(params, req, runtime), new $_model.UpdateCloudAccountResponse({}));
+  }
+
+  /**
+   * 更新云账号
+   * 
+   * @param request - UpdateCloudAccountRequest
+   * @returns UpdateCloudAccountResponse
+   */
+  async updateCloudAccount(request: $_model.UpdateCloudAccountRequest): Promise<$_model.UpdateCloudAccountResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.updateCloudAccountWithOptions(request, runtime);
+  }
+
+  /**
+   * 更新云账号描述
+   * 
+   * @param request - UpdateCloudAccountDescriptionRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns UpdateCloudAccountDescriptionResponse
+   */
+  async updateCloudAccountDescriptionWithOptions(request: $_model.UpdateCloudAccountDescriptionRequest, runtime: $dara.RuntimeOptions): Promise<$_model.UpdateCloudAccountDescriptionResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.description)) {
+      query["Description"] = request.description;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "UpdateCloudAccountDescription",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.UpdateCloudAccountDescriptionResponse>(await this.callApi(params, req, runtime), new $_model.UpdateCloudAccountDescriptionResponse({}));
+  }
+
+  /**
+   * 更新云账号描述
+   * 
+   * @param request - UpdateCloudAccountDescriptionRequest
+   * @returns UpdateCloudAccountDescriptionResponse
+   */
+  async updateCloudAccountDescription(request: $_model.UpdateCloudAccountDescriptionRequest): Promise<$_model.UpdateCloudAccountDescriptionResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.updateCloudAccountDescriptionWithOptions(request, runtime);
+  }
+
+  /**
+   * 更新云角色描述
+   * 
+   * @param request - UpdateCloudAccountRoleDescriptionRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns UpdateCloudAccountRoleDescriptionResponse
+   */
+  async updateCloudAccountRoleDescriptionWithOptions(request: $_model.UpdateCloudAccountRoleDescriptionRequest, runtime: $dara.RuntimeOptions): Promise<$_model.UpdateCloudAccountRoleDescriptionResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.clientToken)) {
+      query["ClientToken"] = request.clientToken;
+    }
+
+    if (!$dara.isNull(request.cloudAccountId)) {
+      query["CloudAccountId"] = request.cloudAccountId;
+    }
+
+    if (!$dara.isNull(request.cloudAccountRoleId)) {
+      query["CloudAccountRoleId"] = request.cloudAccountRoleId;
+    }
+
+    if (!$dara.isNull(request.description)) {
+      query["Description"] = request.description;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "UpdateCloudAccountRoleDescription",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.UpdateCloudAccountRoleDescriptionResponse>(await this.callApi(params, req, runtime), new $_model.UpdateCloudAccountRoleDescriptionResponse({}));
+  }
+
+  /**
+   * 更新云角色描述
+   * 
+   * @param request - UpdateCloudAccountRoleDescriptionRequest
+   * @returns UpdateCloudAccountRoleDescriptionResponse
+   */
+  async updateCloudAccountRoleDescription(request: $_model.UpdateCloudAccountRoleDescriptionRequest): Promise<$_model.UpdateCloudAccountRoleDescriptionResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.updateCloudAccountRoleDescriptionWithOptions(request, runtime);
+  }
+
   /**
    * Update Conditional Access Policy
    * 
@@ -11281,6 +13957,60 @@ export default class Client extends OpenApi {
     return await this.updateOrganizationalUnitParentIdWithOptions(request, runtime);
   }
 
+  /**
+   * 更新指定ResourceServer下的Scope
+   * 
+   * @param request - UpdateResourceServerScopeRequest
+   * @param runtime - runtime options for this request RuntimeOptions
+   * @returns UpdateResourceServerScopeResponse
+   */
+  async updateResourceServerScopeWithOptions(request: $_model.UpdateResourceServerScopeRequest, runtime: $dara.RuntimeOptions): Promise<$_model.UpdateResourceServerScopeResponse> {
+    request.validate();
+    let query = { };
+    if (!$dara.isNull(request.applicationId)) {
+      query["ApplicationId"] = request.applicationId;
+    }
+
+    if (!$dara.isNull(request.instanceId)) {
+      query["InstanceId"] = request.instanceId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeId)) {
+      query["ResourceServerScopeId"] = request.resourceServerScopeId;
+    }
+
+    if (!$dara.isNull(request.resourceServerScopeName)) {
+      query["ResourceServerScopeName"] = request.resourceServerScopeName;
+    }
+
+    let req = new $OpenApiUtil.OpenApiRequest({
+      query: OpenApiUtil.query(query),
+    });
+    let params = new $OpenApiUtil.Params({
+      action: "UpdateResourceServerScope",
+      version: "2021-12-01",
+      protocol: "HTTPS",
+      pathname: "/",
+      method: "POST",
+      authType: "AK",
+      style: "RPC",
+      reqBodyType: "formData",
+      bodyType: "json",
+    });
+    return $dara.cast<$_model.UpdateResourceServerScopeResponse>(await this.callApi(params, req, runtime), new $_model.UpdateResourceServerScopeResponse({}));
+  }
+
+  /**
+   * 更新指定ResourceServer下的Scope
+   * 
+   * @param request - UpdateResourceServerScopeRequest
+   * @returns UpdateResourceServerScopeResponse
+   */
+  async updateResourceServerScope(request: $_model.UpdateResourceServerScopeRequest): Promise<$_model.UpdateResourceServerScopeResponse> {
+    let runtime = new $dara.RuntimeOptions({ });
+    return await this.updateResourceServerScopeWithOptions(request, runtime);
+  }
+
   /**
    * Updates the basic information about an Employee Identity and Access Management (EIAM) account of Identity as a Service (IDaaS).
    *