@distilled.cloud/cloudflare 0.19.0 → 0.19.2

package/lib/services/zero-trust.js

@@ -602,11 +602,25 @@ export const syncAccessAiControlMcpServer = /*@__PURE__*/ /*#__PURE__*/ API.make
     output: SyncAccessAiControlMcpServerResponse,
     errors: [],
 }));
-export const GetAccessApplicationRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+// =============================================================================
+// AccessApplication
+// =============================================================================
+const GetAccessApplicationBaseFields = {
+    appId: Schema.String.pipe(T.HttpPath("appId")),
+};
+export const GetAccessApplicationForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...GetAccessApplicationBaseFields,
+}).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}",
+    path: "/accounts/{account_id}/access/apps/{appId}",
 }));
+export const GetAccessApplicationForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...GetAccessApplicationBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/apps/{appId}" }));
 export const GetAccessApplicationResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Union([
     Schema.Struct({
@@ -4990,16 +5004,27 @@ export const GetAccessApplicationResponse =
         type: "type",
     })),
 ]).pipe(T.ResponsePath("result"));
-export const getAccessApplication = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: GetAccessApplicationRequest,
+export const getAccessApplicationForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessApplicationForAccountRequest,
     output: GetAccessApplicationResponse,
     errors: [],
 }));
-export const ListAccessApplicationsRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
-    method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps",
+export const getAccessApplicationForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessApplicationForZoneRequest,
+    output: GetAccessApplicationResponse,
+    errors: [],
 }));
+const ListAccessApplicationsBaseFields = {};
+export const ListAccessApplicationsForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListAccessApplicationsBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/accounts/{account_id}/access/apps" }));
+export const ListAccessApplicationsForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListAccessApplicationsBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/apps" }));
 export const ListAccessApplicationsResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     result: Schema.Array(Schema.Union([
@@ -9566,8 +9591,8 @@ export const ListAccessApplicationsResponse =
         Schema.Null,
     ])),
 }).pipe(Schema.encodeKeys({ result: "result", resultInfo: "result_info" }));
-export const listAccessApplications = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: ListAccessApplicationsRequest,
+export const listAccessApplicationsForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessApplicationsForAccountRequest,
     output: ListAccessApplicationsResponse,
     errors: [],
     pagination: {
@@ -9578,10 +9603,19 @@ export const listAccessApplications = /*@__PURE__*/ /*#__PURE__*/ API.makePagina
         pageSize: "perPage",
     },
 }));
-export const CreateAccessApplicationRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const listAccessApplicationsForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessApplicationsForZoneRequest,
+    output: ListAccessApplicationsResponse,
+    errors: [],
+    pagination: {
+        mode: "page",
+        inputToken: "page",
+        outputToken: "resultInfo.page",
+        items: "result",
+        pageSize: "perPage",
+    },
+}));
+const CreateAccessApplicationBaseFields = {
     domain: Schema.String,
     type: Schema.Literals([
         "self_hosted",
@@ -9811,6 +9845,11 @@ export const CreateAccessApplicationRequest =
     sessionDuration: Schema.optional(Schema.String),
     skipInterstitial: Schema.optional(Schema.Boolean),
     tags: Schema.optional(Schema.Array(Schema.String)),
+};
+export const CreateAccessApplicationForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...CreateAccessApplicationBaseFields,
 }).pipe(Schema.encodeKeys({
     domain: "domain",
     type: "type",
@@ -9840,10 +9879,41 @@ export const CreateAccessApplicationRequest =
     sessionDuration: "session_duration",
     skipInterstitial: "skip_interstitial",
     tags: "tags",
-}), T.Http({
-    method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps",
-}));
+}), T.Http({ method: "POST", path: "/accounts/{account_id}/access/apps" }));
+export const CreateAccessApplicationForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...CreateAccessApplicationBaseFields,
+}).pipe(Schema.encodeKeys({
+    domain: "domain",
+    type: "type",
+    allowAuthenticateViaWarp: "allow_authenticate_via_warp",
+    allowIframe: "allow_iframe",
+    allowedIdps: "allowed_idps",
+    appLauncherVisible: "app_launcher_visible",
+    autoRedirectToIdentity: "auto_redirect_to_identity",
+    corsHeaders: "cors_headers",
+    customDenyMessage: "custom_deny_message",
+    customDenyUrl: "custom_deny_url",
+    customNonIdentityDenyUrl: "custom_non_identity_deny_url",
+    customPages: "custom_pages",
+    destinations: "destinations",
+    enableBindingCookie: "enable_binding_cookie",
+    httpOnlyCookieAttribute: "http_only_cookie_attribute",
+    logoUrl: "logo_url",
+    name: "name",
+    optionsPreflightBypass: "options_preflight_bypass",
+    pathCookieAttribute: "path_cookie_attribute",
+    policies: "policies",
+    readServiceTokensFromHeader: "read_service_tokens_from_header",
+    sameSiteCookieAttribute: "same_site_cookie_attribute",
+    scimConfig: "scim_config",
+    selfHostedDomains: "self_hosted_domains",
+    serviceAuth_401Redirect: "service_auth_401_redirect",
+    sessionDuration: "session_duration",
+    skipInterstitial: "skip_interstitial",
+    tags: "tags",
+}), T.Http({ method: "POST", path: "/zones/{zone_id}/access/apps" }));
 export const CreateAccessApplicationResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Union([
     Schema.Struct({
@@ -14227,15 +14297,18 @@ export const CreateAccessApplicationResponse =
         type: "type",
     })),
 ]).pipe(T.ResponsePath("result"));
-export const createAccessApplication = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: CreateAccessApplicationRequest,
+export const createAccessApplicationForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessApplicationForAccountRequest,
     output: CreateAccessApplicationResponse,
     errors: [],
 }));
-export const UpdateAccessApplicationRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const createAccessApplicationForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessApplicationForZoneRequest,
+    output: CreateAccessApplicationResponse,
+    errors: [],
+}));
+const UpdateAccessApplicationBaseFields = {
+    appId: Schema.String.pipe(T.HttpPath("appId")),
     domain: Schema.String,
     type: Schema.Literals([
         "self_hosted",
@@ -14465,6 +14538,11 @@ export const UpdateAccessApplicationRequest =
     sessionDuration: Schema.optional(Schema.String),
     skipInterstitial: Schema.optional(Schema.Boolean),
     tags: Schema.optional(Schema.Array(Schema.String)),
+};
+export const UpdateAccessApplicationForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...UpdateAccessApplicationBaseFields,
 }).pipe(Schema.encodeKeys({
     domain: "domain",
     type: "type",
@@ -14496,8 +14574,42 @@ export const UpdateAccessApplicationRequest =
     tags: "tags",
 }), T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}",
+    path: "/accounts/{account_id}/access/apps/{appId}",
 }));
+export const UpdateAccessApplicationForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...UpdateAccessApplicationBaseFields,
+}).pipe(Schema.encodeKeys({
+    domain: "domain",
+    type: "type",
+    allowAuthenticateViaWarp: "allow_authenticate_via_warp",
+    allowIframe: "allow_iframe",
+    allowedIdps: "allowed_idps",
+    appLauncherVisible: "app_launcher_visible",
+    autoRedirectToIdentity: "auto_redirect_to_identity",
+    corsHeaders: "cors_headers",
+    customDenyMessage: "custom_deny_message",
+    customDenyUrl: "custom_deny_url",
+    customNonIdentityDenyUrl: "custom_non_identity_deny_url",
+    customPages: "custom_pages",
+    destinations: "destinations",
+    enableBindingCookie: "enable_binding_cookie",
+    httpOnlyCookieAttribute: "http_only_cookie_attribute",
+    logoUrl: "logo_url",
+    name: "name",
+    optionsPreflightBypass: "options_preflight_bypass",
+    pathCookieAttribute: "path_cookie_attribute",
+    policies: "policies",
+    readServiceTokensFromHeader: "read_service_tokens_from_header",
+    sameSiteCookieAttribute: "same_site_cookie_attribute",
+    scimConfig: "scim_config",
+    selfHostedDomains: "self_hosted_domains",
+    serviceAuth_401Redirect: "service_auth_401_redirect",
+    sessionDuration: "session_duration",
+    skipInterstitial: "skip_interstitial",
+    tags: "tags",
+}), T.Http({ method: "PUT", path: "/zones/{zone_id}/access/apps/{appId}" }));
 export const UpdateAccessApplicationResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Union([
     Schema.Struct({
@@ -18881,32 +18993,65 @@ export const UpdateAccessApplicationResponse =
         type: "type",
     })),
 ]).pipe(T.ResponsePath("result"));
-export const updateAccessApplication = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: UpdateAccessApplicationRequest,
+export const updateAccessApplicationForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessApplicationForAccountRequest,
     output: UpdateAccessApplicationResponse,
     errors: [],
 }));
-export const DeleteAccessApplicationRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+export const updateAccessApplicationForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessApplicationForZoneRequest,
+    output: UpdateAccessApplicationResponse,
+    errors: [],
+}));
+const DeleteAccessApplicationBaseFields = {
+    appId: Schema.String.pipe(T.HttpPath("appId")),
+};
+export const DeleteAccessApplicationForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...DeleteAccessApplicationBaseFields,
+}).pipe(T.Http({
     method: "DELETE",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}",
+    path: "/accounts/{account_id}/access/apps/{appId}",
 }));
+export const DeleteAccessApplicationForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...DeleteAccessApplicationBaseFields,
+}).pipe(T.Http({ method: "DELETE", path: "/zones/{zone_id}/access/apps/{appId}" }));
 export const DeleteAccessApplicationResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
 }).pipe(T.ResponsePath("result"));
-export const deleteAccessApplication = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: DeleteAccessApplicationRequest,
+export const deleteAccessApplicationForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessApplicationForAccountRequest,
     output: DeleteAccessApplicationResponse,
     errors: [],
 }));
-export const GetAccessApplicationCaRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const deleteAccessApplicationForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessApplicationForZoneRequest,
+    output: DeleteAccessApplicationResponse,
+    errors: [],
+}));
+// =============================================================================
+// AccessApplicationCa
+// =============================================================================
+const GetAccessApplicationCaBaseFields = {
     appId: Schema.String.pipe(T.HttpPath("appId")),
+};
+export const GetAccessApplicationCaForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...GetAccessApplicationCaBaseFields,
 }).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/ca",
+    path: "/accounts/{account_id}/access/apps/{appId}/ca",
 }));
+export const GetAccessApplicationCaForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...GetAccessApplicationCaBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/apps/{appId}/ca" }));
 export const GetAccessApplicationCaResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
@@ -18915,16 +19060,27 @@ export const GetAccessApplicationCaResponse =
 })
     .pipe(Schema.encodeKeys({ id: "id", aud: "aud", publicKey: "public_key" }))
     .pipe(T.ResponsePath("result"));
-export const getAccessApplicationCa = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: GetAccessApplicationCaRequest,
+export const getAccessApplicationCaForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessApplicationCaForAccountRequest,
     output: GetAccessApplicationCaResponse,
     errors: [],
 }));
-export const ListAccessApplicationCasRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
-    method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/ca",
+export const getAccessApplicationCaForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessApplicationCaForZoneRequest,
+    output: GetAccessApplicationCaResponse,
+    errors: [],
 }));
+const ListAccessApplicationCasBaseFields = {};
+export const ListAccessApplicationCasForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListAccessApplicationCasBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/accounts/{account_id}/access/apps/ca" }));
+export const ListAccessApplicationCasForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListAccessApplicationCasBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/apps/ca" }));
 export const ListAccessApplicationCasResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     result: Schema.Array(Schema.Struct({
@@ -18947,8 +19103,8 @@ export const ListAccessApplicationCasResponse =
         Schema.Null,
     ])),
 }).pipe(Schema.encodeKeys({ result: "result", resultInfo: "result_info" }));
-export const listAccessApplicationCas = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: ListAccessApplicationCasRequest,
+export const listAccessApplicationCasForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessApplicationCasForAccountRequest,
     output: ListAccessApplicationCasResponse,
     errors: [],
     pagination: {
@@ -18959,13 +19115,34 @@ export const listAccessApplicationCas = /*@__PURE__*/ /*#__PURE__*/ API.makePagi
         pageSize: "perPage",
     },
 }));
-export const CreateAccessApplicationCaRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const listAccessApplicationCasForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessApplicationCasForZoneRequest,
+    output: ListAccessApplicationCasResponse,
+    errors: [],
+    pagination: {
+        mode: "page",
+        inputToken: "page",
+        outputToken: "resultInfo.page",
+        items: "result",
+        pageSize: "perPage",
+    },
+}));
+const CreateAccessApplicationCaBaseFields = {
     appId: Schema.String.pipe(T.HttpPath("appId")),
+};
+export const CreateAccessApplicationCaForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...CreateAccessApplicationCaBaseFields,
 }).pipe(T.Http({
     method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/ca",
+    path: "/accounts/{account_id}/access/apps/{appId}/ca",
 }));
+export const CreateAccessApplicationCaForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...CreateAccessApplicationCaBaseFields,
+}).pipe(T.Http({ method: "POST", path: "/zones/{zone_id}/access/apps/{appId}/ca" }));
 export const CreateAccessApplicationCaResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
@@ -18974,34 +19151,71 @@ export const CreateAccessApplicationCaResponse =
 })
     .pipe(Schema.encodeKeys({ id: "id", aud: "aud", publicKey: "public_key" }))
     .pipe(T.ResponsePath("result"));
-export const createAccessApplicationCa = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: CreateAccessApplicationCaRequest,
+export const createAccessApplicationCaForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessApplicationCaForAccountRequest,
     output: CreateAccessApplicationCaResponse,
     errors: [],
 }));
-export const DeleteAccessApplicationCaRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const createAccessApplicationCaForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessApplicationCaForZoneRequest,
+    output: CreateAccessApplicationCaResponse,
+    errors: [],
+}));
+const DeleteAccessApplicationCaBaseFields = {
     appId: Schema.String.pipe(T.HttpPath("appId")),
+};
+export const DeleteAccessApplicationCaForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...DeleteAccessApplicationCaBaseFields,
+}).pipe(T.Http({
+    method: "DELETE",
+    path: "/accounts/{account_id}/access/apps/{appId}/ca",
+}));
+export const DeleteAccessApplicationCaForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...DeleteAccessApplicationCaBaseFields,
 }).pipe(T.Http({
     method: "DELETE",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/ca",
+    path: "/zones/{zone_id}/access/apps/{appId}/ca",
 }));
 export const DeleteAccessApplicationCaResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
 }).pipe(T.ResponsePath("result"));
-export const deleteAccessApplicationCa = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: DeleteAccessApplicationCaRequest,
+export const deleteAccessApplicationCaForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessApplicationCaForAccountRequest,
     output: DeleteAccessApplicationCaResponse,
     errors: [],
 }));
-export const GetAccessApplicationPolicyRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const deleteAccessApplicationCaForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessApplicationCaForZoneRequest,
+    output: DeleteAccessApplicationCaResponse,
+    errors: [],
+}));
+// =============================================================================
+// AccessApplicationPolicy
+// =============================================================================
+const GetAccessApplicationPolicyBaseFields = {
     appId: Schema.String.pipe(T.HttpPath("appId")),
     policyId: Schema.String.pipe(T.HttpPath("policyId")),
+};
+export const GetAccessApplicationPolicyForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...GetAccessApplicationPolicyBaseFields,
 }).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/policies/{policyId}",
+    path: "/accounts/{account_id}/access/apps/{appId}/policies/{policyId}",
+}));
+export const GetAccessApplicationPolicyForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...GetAccessApplicationPolicyBaseFields,
+}).pipe(T.Http({
+    method: "GET",
+    path: "/zones/{zone_id}/access/apps/{appId}/policies/{policyId}",
 }));
 export const GetAccessApplicationPolicyResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -19533,17 +19747,34 @@ export const GetAccessApplicationPolicyResponse =
     updatedAt: "updated_at",
 }))
     .pipe(T.ResponsePath("result"));
-export const getAccessApplicationPolicy = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: GetAccessApplicationPolicyRequest,
+export const getAccessApplicationPolicyForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessApplicationPolicyForAccountRequest,
     output: GetAccessApplicationPolicyResponse,
     errors: [],
 }));
-export const ListAccessApplicationPoliciesRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const getAccessApplicationPolicyForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessApplicationPolicyForZoneRequest,
+    output: GetAccessApplicationPolicyResponse,
+    errors: [],
+}));
+const ListAccessApplicationPoliciesBaseFields = {
     appId: Schema.String.pipe(T.HttpPath("appId")),
+};
+export const ListAccessApplicationPoliciesForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListAccessApplicationPoliciesBaseFields,
 }).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/policies",
+    path: "/accounts/{account_id}/access/apps/{appId}/policies",
+}));
+export const ListAccessApplicationPoliciesForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListAccessApplicationPoliciesBaseFields,
+}).pipe(T.Http({
+    method: "GET",
+    path: "/zones/{zone_id}/access/apps/{appId}/policies",
 }));
 export const ListAccessApplicationPoliciesResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -20101,8 +20332,8 @@ export const ListAccessApplicationPoliciesResponse =
         Schema.Null,
     ])),
 }).pipe(Schema.encodeKeys({ result: "result", resultInfo: "result_info" }));
-export const listAccessApplicationPolicies = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: ListAccessApplicationPoliciesRequest,
+export const listAccessApplicationPoliciesForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessApplicationPoliciesForAccountRequest,
     output: ListAccessApplicationPoliciesResponse,
     errors: [],
     pagination: {
@@ -20113,11 +20344,20 @@ export const listAccessApplicationPolicies = /*@__PURE__*/ /*#__PURE__*/ API.mak
         pageSize: "perPage",
     },
 }));
-export const CreateAccessApplicationPolicyRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const listAccessApplicationPoliciesForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessApplicationPoliciesForZoneRequest,
+    output: ListAccessApplicationPoliciesResponse,
+    errors: [],
+    pagination: {
+        mode: "page",
+        inputToken: "page",
+        outputToken: "resultInfo.page",
+        items: "result",
+        pageSize: "perPage",
+    },
+}));
+const CreateAccessApplicationPolicyBaseFields = {
     appId: Schema.String.pipe(T.HttpPath("appId")),
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
     approvalGroups: Schema.optional(Schema.Array(Schema.Struct({
         approvalsNeeded: Schema.Number,
         emailAddresses: Schema.optional(Schema.Array(Schema.String)),
@@ -20133,6 +20373,11 @@ export const CreateAccessApplicationPolicyRequest =
     purposeJustificationPrompt: Schema.optional(Schema.String),
     purposeJustificationRequired: Schema.optional(Schema.Boolean),
     sessionDuration: Schema.optional(Schema.String),
+};
+export const CreateAccessApplicationPolicyForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...CreateAccessApplicationPolicyBaseFields,
 }).pipe(Schema.encodeKeys({
     approvalGroups: "approval_groups",
     approvalRequired: "approval_required",
@@ -20143,7 +20388,23 @@ export const CreateAccessApplicationPolicyRequest =
     sessionDuration: "session_duration",
 }), T.Http({
     method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/policies",
+    path: "/accounts/{account_id}/access/apps/{appId}/policies",
+}));
+export const CreateAccessApplicationPolicyForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...CreateAccessApplicationPolicyBaseFields,
+}).pipe(Schema.encodeKeys({
+    approvalGroups: "approval_groups",
+    approvalRequired: "approval_required",
+    isolationRequired: "isolation_required",
+    precedence: "precedence",
+    purposeJustificationPrompt: "purpose_justification_prompt",
+    purposeJustificationRequired: "purpose_justification_required",
+    sessionDuration: "session_duration",
+}), T.Http({
+    method: "POST",
+    path: "/zones/{zone_id}/access/apps/{appId}/policies",
 }));
 export const CreateAccessApplicationPolicyResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -20675,17 +20936,19 @@ export const CreateAccessApplicationPolicyResponse =
     updatedAt: "updated_at",
 }))
     .pipe(T.ResponsePath("result"));
-export const createAccessApplicationPolicy = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: CreateAccessApplicationPolicyRequest,
+export const createAccessApplicationPolicyForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessApplicationPolicyForAccountRequest,
     output: CreateAccessApplicationPolicyResponse,
     errors: [],
 }));
-export const UpdateAccessApplicationPolicyRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const createAccessApplicationPolicyForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessApplicationPolicyForZoneRequest,
+    output: CreateAccessApplicationPolicyResponse,
+    errors: [],
+}));
+const UpdateAccessApplicationPolicyBaseFields = {
     appId: Schema.String.pipe(T.HttpPath("appId")),
     policyId: Schema.String.pipe(T.HttpPath("policyId")),
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
     approvalGroups: Schema.optional(Schema.Array(Schema.Struct({
         approvalsNeeded: Schema.Number,
         emailAddresses: Schema.optional(Schema.Array(Schema.String)),
@@ -20701,6 +20964,11 @@ export const UpdateAccessApplicationPolicyRequest =
     purposeJustificationPrompt: Schema.optional(Schema.String),
     purposeJustificationRequired: Schema.optional(Schema.Boolean),
     sessionDuration: Schema.optional(Schema.String),
+};
+export const UpdateAccessApplicationPolicyForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...UpdateAccessApplicationPolicyBaseFields,
 }).pipe(Schema.encodeKeys({
     approvalGroups: "approval_groups",
     approvalRequired: "approval_required",
@@ -20711,7 +20979,23 @@ export const UpdateAccessApplicationPolicyRequest =
     sessionDuration: "session_duration",
 }), T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/policies/{policyId}",
+    path: "/accounts/{account_id}/access/apps/{appId}/policies/{policyId}",
+}));
+export const UpdateAccessApplicationPolicyForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...UpdateAccessApplicationPolicyBaseFields,
+}).pipe(Schema.encodeKeys({
+    approvalGroups: "approval_groups",
+    approvalRequired: "approval_required",
+    isolationRequired: "isolation_required",
+    precedence: "precedence",
+    purposeJustificationPrompt: "purpose_justification_prompt",
+    purposeJustificationRequired: "purpose_justification_required",
+    sessionDuration: "session_duration",
+}), T.Http({
+    method: "PUT",
+    path: "/zones/{zone_id}/access/apps/{appId}/policies/{policyId}",
 }));
 export const UpdateAccessApplicationPolicyResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -21243,25 +21527,47 @@ export const UpdateAccessApplicationPolicyResponse =
     updatedAt: "updated_at",
 }))
     .pipe(T.ResponsePath("result"));
-export const updateAccessApplicationPolicy = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: UpdateAccessApplicationPolicyRequest,
+export const updateAccessApplicationPolicyForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessApplicationPolicyForAccountRequest,
     output: UpdateAccessApplicationPolicyResponse,
     errors: [],
 }));
-export const DeleteAccessApplicationPolicyRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const updateAccessApplicationPolicyForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessApplicationPolicyForZoneRequest,
+    output: UpdateAccessApplicationPolicyResponse,
+    errors: [],
+}));
+const DeleteAccessApplicationPolicyBaseFields = {
     appId: Schema.String.pipe(T.HttpPath("appId")),
     policyId: Schema.String.pipe(T.HttpPath("policyId")),
+};
+export const DeleteAccessApplicationPolicyForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...DeleteAccessApplicationPolicyBaseFields,
+}).pipe(T.Http({
+    method: "DELETE",
+    path: "/accounts/{account_id}/access/apps/{appId}/policies/{policyId}",
+}));
+export const DeleteAccessApplicationPolicyForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...DeleteAccessApplicationPolicyBaseFields,
 }).pipe(T.Http({
     method: "DELETE",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/policies/{policyId}",
+    path: "/zones/{zone_id}/access/apps/{appId}/policies/{policyId}",
 }));
 export const DeleteAccessApplicationPolicyResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
 }).pipe(T.ResponsePath("result"));
-export const deleteAccessApplicationPolicy = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: DeleteAccessApplicationPolicyRequest,
+export const deleteAccessApplicationPolicyForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessApplicationPolicyForAccountRequest,
+    output: DeleteAccessApplicationPolicyResponse,
+    errors: [],
+}));
+export const deleteAccessApplicationPolicyForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessApplicationPolicyForZoneRequest,
     output: DeleteAccessApplicationPolicyResponse,
     errors: [],
 }));
@@ -21897,18 +22203,35 @@ export const listAccessApplicationPolicyTestUsers = /*@__PURE__*/ /*#__PURE__*/
         pageSize: "perPage",
     },
 }));
-export const PutAccessApplicationSettingRequest = 
+// =============================================================================
+// AccessApplicationSetting
+// =============================================================================
+const PutAccessApplicationSettingBaseFields = {
+    appId: Schema.String.pipe(T.HttpPath("appId")),
+    allowIframe: Schema.optional(Schema.Boolean),
+    skipInterstitial: Schema.optional(Schema.Boolean),
+};
+export const PutAccessApplicationSettingForAccountRequest = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...PutAccessApplicationSettingBaseFields,
+}).pipe(Schema.encodeKeys({
+    allowIframe: "allow_iframe",
+    skipInterstitial: "skip_interstitial",
+}), T.Http({
+    method: "PUT",
+    path: "/accounts/{account_id}/access/apps/{appId}/settings",
+}));
+export const PutAccessApplicationSettingForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
-    allowIframe: Schema.optional(Schema.Boolean),
-    skipInterstitial: Schema.optional(Schema.Boolean),
+    ...PutAccessApplicationSettingBaseFields,
 }).pipe(Schema.encodeKeys({
     allowIframe: "allow_iframe",
     skipInterstitial: "skip_interstitial",
 }), T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/settings",
+    path: "/zones/{zone_id}/access/apps/{appId}/settings",
 }));
 export const PutAccessApplicationSettingResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -21920,23 +22243,42 @@ export const PutAccessApplicationSettingResponse =
     skipInterstitial: "skip_interstitial",
 }))
     .pipe(T.ResponsePath("result"));
-export const putAccessApplicationSetting = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: PutAccessApplicationSettingRequest,
+export const putAccessApplicationSettingForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: PutAccessApplicationSettingForAccountRequest,
     output: PutAccessApplicationSettingResponse,
     errors: [],
 }));
-export const PatchAccessApplicationSettingRequest = 
+export const putAccessApplicationSettingForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: PutAccessApplicationSettingForZoneRequest,
+    output: PutAccessApplicationSettingResponse,
+    errors: [],
+}));
+const PatchAccessApplicationSettingBaseFields = {
+    appId: Schema.String.pipe(T.HttpPath("appId")),
+    allowIframe: Schema.optional(Schema.Boolean),
+    skipInterstitial: Schema.optional(Schema.Boolean),
+};
+export const PatchAccessApplicationSettingForAccountRequest = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...PatchAccessApplicationSettingBaseFields,
+}).pipe(Schema.encodeKeys({
+    allowIframe: "allow_iframe",
+    skipInterstitial: "skip_interstitial",
+}), T.Http({
+    method: "PATCH",
+    path: "/accounts/{account_id}/access/apps/{appId}/settings",
+}));
+export const PatchAccessApplicationSettingForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
-    allowIframe: Schema.optional(Schema.Boolean),
-    skipInterstitial: Schema.optional(Schema.Boolean),
+    ...PatchAccessApplicationSettingBaseFields,
 }).pipe(Schema.encodeKeys({
     allowIframe: "allow_iframe",
     skipInterstitial: "skip_interstitial",
 }), T.Http({
     method: "PATCH",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/settings",
+    path: "/zones/{zone_id}/access/apps/{appId}/settings",
 }));
 export const PatchAccessApplicationSettingResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -21948,15 +22290,37 @@ export const PatchAccessApplicationSettingResponse =
     skipInterstitial: "skip_interstitial",
 }))
     .pipe(T.ResponsePath("result"));
-export const patchAccessApplicationSetting = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: PatchAccessApplicationSettingRequest,
+export const patchAccessApplicationSettingForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: PatchAccessApplicationSettingForAccountRequest,
+    output: PatchAccessApplicationSettingResponse,
+    errors: [],
+}));
+export const patchAccessApplicationSettingForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: PatchAccessApplicationSettingForZoneRequest,
     output: PatchAccessApplicationSettingResponse,
     errors: [],
 }));
-export const ListAccessApplicationUserPolicyChecksRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+// =============================================================================
+// AccessApplicationUserPolicyCheck
+// =============================================================================
+const ListAccessApplicationUserPolicyChecksBaseFields = {
+    appId: Schema.String.pipe(T.HttpPath("appId")),
+};
+export const ListAccessApplicationUserPolicyChecksForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListAccessApplicationUserPolicyChecksBaseFields,
+}).pipe(T.Http({
+    method: "GET",
+    path: "/accounts/{account_id}/access/apps/{appId}/user_policy_checks",
+}));
+export const ListAccessApplicationUserPolicyChecksForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListAccessApplicationUserPolicyChecksBaseFields,
+}).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/user_policy_checks",
+    path: "/zones/{zone_id}/access/apps/{appId}/user_policy_checks",
 }));
 export const ListAccessApplicationUserPolicyChecksResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -22017,8 +22381,13 @@ export const ListAccessApplicationUserPolicyChecksResponse =
     userIdentity: "user_identity",
 }))
     .pipe(T.ResponsePath("result"));
-export const listAccessApplicationUserPolicyChecks = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: ListAccessApplicationUserPolicyChecksRequest,
+export const listAccessApplicationUserPolicyChecksForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: ListAccessApplicationUserPolicyChecksForAccountRequest,
+    output: ListAccessApplicationUserPolicyChecksResponse,
+    errors: [],
+}));
+export const listAccessApplicationUserPolicyChecksForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: ListAccessApplicationUserPolicyChecksForZoneRequest,
     output: ListAccessApplicationUserPolicyChecksResponse,
     errors: [],
 }));
@@ -22157,12 +22526,27 @@ export const deleteAccessBookmark = /*@__PURE__*/ /*#__PURE__*/ API.make(() => (
     output: DeleteAccessBookmarkResponse,
     errors: [],
 }));
-export const GetAccessCertificateRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+// =============================================================================
+// AccessCertificate
+// =============================================================================
+const GetAccessCertificateBaseFields = {
     certificateId: Schema.String.pipe(T.HttpPath("certificateId")),
+};
+export const GetAccessCertificateForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...GetAccessCertificateBaseFields,
+}).pipe(T.Http({
+    method: "GET",
+    path: "/accounts/{account_id}/access/certificates/{certificateId}",
+}));
+export const GetAccessCertificateForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...GetAccessCertificateBaseFields,
 }).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/certificates/{certificateId}",
+    path: "/zones/{zone_id}/access/certificates/{certificateId}",
 }));
 export const GetAccessCertificateResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -22180,16 +22564,30 @@ export const GetAccessCertificateResponse =
     name: "name",
 }))
     .pipe(T.ResponsePath("result"));
-export const getAccessCertificate = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: GetAccessCertificateRequest,
+export const getAccessCertificateForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessCertificateForAccountRequest,
     output: GetAccessCertificateResponse,
     errors: [],
 }));
-export const ListAccessCertificatesRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+export const getAccessCertificateForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessCertificateForZoneRequest,
+    output: GetAccessCertificateResponse,
+    errors: [],
+}));
+const ListAccessCertificatesBaseFields = {};
+export const ListAccessCertificatesForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListAccessCertificatesBaseFields,
+}).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/certificates",
+    path: "/accounts/{account_id}/access/certificates",
 }));
+export const ListAccessCertificatesForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListAccessCertificatesBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/certificates" }));
 export const ListAccessCertificatesResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     result: Schema.Array(Schema.Struct({
@@ -22220,8 +22618,8 @@ export const ListAccessCertificatesResponse =
         Schema.Null,
     ])),
 }).pipe(Schema.encodeKeys({ result: "result", resultInfo: "result_info" }));
-export const listAccessCertificates = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: ListAccessCertificatesRequest,
+export const listAccessCertificatesForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessCertificatesForAccountRequest,
     output: ListAccessCertificatesResponse,
     errors: [],
     pagination: {
@@ -22232,21 +22630,44 @@ export const listAccessCertificates = /*@__PURE__*/ /*#__PURE__*/ API.makePagina
         pageSize: "perPage",
     },
 }));
-export const CreateAccessCertificateRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const listAccessCertificatesForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessCertificatesForZoneRequest,
+    output: ListAccessCertificatesResponse,
+    errors: [],
+    pagination: {
+        mode: "page",
+        inputToken: "page",
+        outputToken: "resultInfo.page",
+        items: "result",
+        pageSize: "perPage",
+    },
+}));
+const CreateAccessCertificateBaseFields = {
     certificate: Schema.String,
     name: Schema.String,
     associatedHostnames: Schema.optional(Schema.Array(Schema.String)),
+};
+export const CreateAccessCertificateForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...CreateAccessCertificateBaseFields,
 }).pipe(Schema.encodeKeys({
     certificate: "certificate",
     name: "name",
     associatedHostnames: "associated_hostnames",
 }), T.Http({
     method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/certificates",
+    path: "/accounts/{account_id}/access/certificates",
 }));
+export const CreateAccessCertificateForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...CreateAccessCertificateBaseFields,
+}).pipe(Schema.encodeKeys({
+    certificate: "certificate",
+    name: "name",
+    associatedHostnames: "associated_hostnames",
+}), T.Http({ method: "POST", path: "/zones/{zone_id}/access/certificates" }));
 export const CreateAccessCertificateResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
@@ -22263,24 +22684,42 @@ export const CreateAccessCertificateResponse =
     name: "name",
 }))
     .pipe(T.ResponsePath("result"));
-export const createAccessCertificate = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: CreateAccessCertificateRequest,
+export const createAccessCertificateForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessCertificateForAccountRequest,
     output: CreateAccessCertificateResponse,
     errors: [],
 }));
-export const UpdateAccessCertificateRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const createAccessCertificateForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessCertificateForZoneRequest,
+    output: CreateAccessCertificateResponse,
+    errors: [],
+}));
+const UpdateAccessCertificateBaseFields = {
     certificateId: Schema.String.pipe(T.HttpPath("certificateId")),
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
     associatedHostnames: Schema.Array(Schema.String),
     name: Schema.optional(Schema.String),
+};
+export const UpdateAccessCertificateForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...UpdateAccessCertificateBaseFields,
+}).pipe(Schema.encodeKeys({
+    associatedHostnames: "associated_hostnames",
+    name: "name",
+}), T.Http({
+    method: "PUT",
+    path: "/accounts/{account_id}/access/certificates/{certificateId}",
+}));
+export const UpdateAccessCertificateForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...UpdateAccessCertificateBaseFields,
 }).pipe(Schema.encodeKeys({
     associatedHostnames: "associated_hostnames",
     name: "name",
 }), T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/certificates/{certificateId}",
+    path: "/zones/{zone_id}/access/certificates/{certificateId}",
 }));
 export const UpdateAccessCertificateResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -22298,31 +22737,68 @@ export const UpdateAccessCertificateResponse =
     name: "name",
 }))
     .pipe(T.ResponsePath("result"));
-export const updateAccessCertificate = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: UpdateAccessCertificateRequest,
+export const updateAccessCertificateForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessCertificateForAccountRequest,
     output: UpdateAccessCertificateResponse,
     errors: [],
 }));
-export const DeleteAccessCertificateRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const updateAccessCertificateForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessCertificateForZoneRequest,
+    output: UpdateAccessCertificateResponse,
+    errors: [],
+}));
+const DeleteAccessCertificateBaseFields = {
     certificateId: Schema.String.pipe(T.HttpPath("certificateId")),
+};
+export const DeleteAccessCertificateForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...DeleteAccessCertificateBaseFields,
+}).pipe(T.Http({
+    method: "DELETE",
+    path: "/accounts/{account_id}/access/certificates/{certificateId}",
+}));
+export const DeleteAccessCertificateForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...DeleteAccessCertificateBaseFields,
 }).pipe(T.Http({
     method: "DELETE",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/certificates/{certificateId}",
+    path: "/zones/{zone_id}/access/certificates/{certificateId}",
 }));
 export const DeleteAccessCertificateResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
 }).pipe(T.ResponsePath("result"));
-export const deleteAccessCertificate = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: DeleteAccessCertificateRequest,
+export const deleteAccessCertificateForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessCertificateForAccountRequest,
+    output: DeleteAccessCertificateResponse,
+    errors: [],
+}));
+export const deleteAccessCertificateForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessCertificateForZoneRequest,
     output: DeleteAccessCertificateResponse,
     errors: [],
 }));
-export const GetAccessCertificateSettingRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+// =============================================================================
+// AccessCertificateSetting
+// =============================================================================
+const GetAccessCertificateSettingBaseFields = {};
+export const GetAccessCertificateSettingForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...GetAccessCertificateSettingBaseFields,
+}).pipe(T.Http({
+    method: "GET",
+    path: "/accounts/{account_id}/access/certificates/settings",
+}));
+export const GetAccessCertificateSettingForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...GetAccessCertificateSettingBaseFields,
+}).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/certificates/settings",
+    path: "/zones/{zone_id}/access/certificates/settings",
 }));
 export const GetAccessCertificateSettingResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -22336,8 +22812,8 @@ export const GetAccessCertificateSettingResponse =
         hostname: "hostname",
     }))),
 });
-export const getAccessCertificateSetting = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: GetAccessCertificateSettingRequest,
+export const getAccessCertificateSettingForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: GetAccessCertificateSettingForAccountRequest,
     output: GetAccessCertificateSettingResponse,
     errors: [],
     pagination: {
@@ -22345,10 +22821,16 @@ export const getAccessCertificateSetting = /*@__PURE__*/ /*#__PURE__*/ API.makeP
         items: "result",
     },
 }));
-export const PutAccessCertificateSettingRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const getAccessCertificateSettingForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: GetAccessCertificateSettingForZoneRequest,
+    output: GetAccessCertificateSettingResponse,
+    errors: [],
+    pagination: {
+        mode: "single",
+        items: "result",
+    },
+}));
+const PutAccessCertificateSettingBaseFields = {
     settings: Schema.Array(Schema.Struct({
         chinaNetwork: Schema.Boolean,
         clientCertificateForwarding: Schema.Boolean,
@@ -22358,9 +22840,22 @@ export const PutAccessCertificateSettingRequest =
         clientCertificateForwarding: "client_certificate_forwarding",
         hostname: "hostname",
     }))),
+};
+export const PutAccessCertificateSettingForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...PutAccessCertificateSettingBaseFields,
 }).pipe(T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/certificates/settings",
+    path: "/accounts/{account_id}/access/certificates/settings",
+}));
+export const PutAccessCertificateSettingForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...PutAccessCertificateSettingBaseFields,
+}).pipe(T.Http({
+    method: "PUT",
+    path: "/zones/{zone_id}/access/certificates/settings",
 }));
 export const PutAccessCertificateSettingResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -22374,8 +22869,17 @@ export const PutAccessCertificateSettingResponse =
         hostname: "hostname",
     }))),
 });
-export const putAccessCertificateSetting = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: PutAccessCertificateSettingRequest,
+export const putAccessCertificateSettingForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: PutAccessCertificateSettingForAccountRequest,
+    output: PutAccessCertificateSettingResponse,
+    errors: [],
+    pagination: {
+        mode: "single",
+        items: "result",
+    },
+}));
+export const putAccessCertificateSettingForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: PutAccessCertificateSettingForZoneRequest,
     output: PutAccessCertificateSettingResponse,
     errors: [],
     pagination: {
@@ -22577,12 +23081,25 @@ export const deleteAccessGatewayCa = /*@__PURE__*/ /*#__PURE__*/ API.make(() =>
     output: DeleteAccessGatewayCaResponse,
     errors: [],
 }));
-export const GetAccessGroupRequest = /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+// =============================================================================
+// AccessGroup
+// =============================================================================
+const GetAccessGroupBaseFields = {
     groupId: Schema.String.pipe(T.HttpPath("groupId")),
+};
+export const GetAccessGroupForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...GetAccessGroupBaseFields,
 }).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/groups/{groupId}",
+    path: "/accounts/{account_id}/access/groups/{groupId}",
 }));
+export const GetAccessGroupForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...GetAccessGroupBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/groups/{groupId}" }));
 export const GetAccessGroupResponse = /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
     exclude: Schema.optional(Schema.Union([
@@ -23240,16 +23757,27 @@ export const GetAccessGroupResponse = /*@__PURE__*/ /*#__PURE__*/ Schema.Struct(
     require: "require",
 }))
     .pipe(T.ResponsePath("result"));
-export const getAccessGroup = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: GetAccessGroupRequest,
+export const getAccessGroupForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessGroupForAccountRequest,
     output: GetAccessGroupResponse,
     errors: [],
 }));
-export const ListAccessGroupsRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
-    method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/groups",
+export const getAccessGroupForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessGroupForZoneRequest,
+    output: GetAccessGroupResponse,
+    errors: [],
 }));
+const ListAccessGroupsBaseFields = {};
+export const ListAccessGroupsForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListAccessGroupsBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/accounts/{account_id}/access/groups" }));
+export const ListAccessGroupsForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListAccessGroupsBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/groups" }));
 export const ListAccessGroupsResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     result: Schema.Array(Schema.Struct({
@@ -23938,8 +24466,8 @@ export const ListAccessGroupsResponse =
         Schema.Null,
     ])),
 }).pipe(Schema.encodeKeys({ result: "result", resultInfo: "result_info" }));
-export const listAccessGroups = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: ListAccessGroupsRequest,
+export const listAccessGroupsForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessGroupsForAccountRequest,
     output: ListAccessGroupsResponse,
     errors: [],
     pagination: {
@@ -23950,10 +24478,19 @@ export const listAccessGroups = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(()
         pageSize: "perPage",
     },
 }));
-export const CreateAccessGroupRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const listAccessGroupsForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessGroupsForZoneRequest,
+    output: ListAccessGroupsResponse,
+    errors: [],
+    pagination: {
+        mode: "page",
+        inputToken: "page",
+        outputToken: "resultInfo.page",
+        items: "result",
+        pageSize: "perPage",
+    },
+}));
+const CreateAccessGroupBaseFields = {
     include: Schema.Array(Schema.Union([
         Schema.Struct({
             group: Schema.Struct({
@@ -23962,9 +24499,7 @@ export const CreateAccessGroupRequest =
         }),
         Schema.Struct({
             anyValidServiceToken: Schema.Unknown,
-        }).pipe(Schema.encodeKeys({
-            anyValidServiceToken: "any_valid_service_token",
-        })),
+        }).pipe(Schema.encodeKeys({ anyValidServiceToken: "any_valid_service_token" })),
         Schema.Struct({
             authContext: Schema.Struct({
                 id: Schema.String,
@@ -24430,16 +24965,29 @@ export const CreateAccessGroupRequest =
             }).pipe(Schema.encodeKeys({ appUid: "app_uid" })),
         }).pipe(Schema.encodeKeys({ linkedAppToken: "linked_app_token" })),
     ]))),
+};
+export const CreateAccessGroupForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...CreateAccessGroupBaseFields,
 }).pipe(Schema.encodeKeys({
     include: "include",
     name: "name",
     exclude: "exclude",
     isDefault: "is_default",
     require: "require",
-}), T.Http({
-    method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/groups",
-}));
+}), T.Http({ method: "POST", path: "/accounts/{account_id}/access/groups" }));
+export const CreateAccessGroupForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...CreateAccessGroupBaseFields,
+}).pipe(Schema.encodeKeys({
+    include: "include",
+    name: "name",
+    exclude: "exclude",
+    isDefault: "is_default",
+    require: "require",
+}), T.Http({ method: "POST", path: "/zones/{zone_id}/access/groups" }));
 export const CreateAccessGroupResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
@@ -25098,16 +25646,18 @@ export const CreateAccessGroupResponse =
     require: "require",
 }))
     .pipe(T.ResponsePath("result"));
-export const createAccessGroup = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: CreateAccessGroupRequest,
+export const createAccessGroupForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessGroupForAccountRequest,
     output: CreateAccessGroupResponse,
     errors: [],
 }));
-export const UpdateAccessGroupRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const createAccessGroupForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessGroupForZoneRequest,
+    output: CreateAccessGroupResponse,
+    errors: [],
+}));
+const UpdateAccessGroupBaseFields = {
     groupId: Schema.String.pipe(T.HttpPath("groupId")),
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
     include: Schema.Array(Schema.Union([
         Schema.Struct({
             group: Schema.Struct({
@@ -25116,9 +25666,7 @@ export const UpdateAccessGroupRequest =
         }),
         Schema.Struct({
             anyValidServiceToken: Schema.Unknown,
-        }).pipe(Schema.encodeKeys({
-            anyValidServiceToken: "any_valid_service_token",
-        })),
+        }).pipe(Schema.encodeKeys({ anyValidServiceToken: "any_valid_service_token" })),
         Schema.Struct({
             authContext: Schema.Struct({
                 id: Schema.String,
@@ -25584,6 +26132,11 @@ export const UpdateAccessGroupRequest =
             }).pipe(Schema.encodeKeys({ appUid: "app_uid" })),
         }).pipe(Schema.encodeKeys({ linkedAppToken: "linked_app_token" })),
     ]))),
+};
+export const UpdateAccessGroupForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...UpdateAccessGroupBaseFields,
 }).pipe(Schema.encodeKeys({
     include: "include",
     name: "name",
@@ -25592,8 +26145,19 @@ export const UpdateAccessGroupRequest =
     require: "require",
 }), T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/groups/{groupId}",
+    path: "/accounts/{account_id}/access/groups/{groupId}",
 }));
+export const UpdateAccessGroupForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...UpdateAccessGroupBaseFields,
+}).pipe(Schema.encodeKeys({
+    include: "include",
+    name: "name",
+    exclude: "exclude",
+    isDefault: "is_default",
+    require: "require",
+}), T.Http({ method: "PUT", path: "/zones/{zone_id}/access/groups/{groupId}" }));
 export const UpdateAccessGroupResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
@@ -26252,24 +26816,46 @@ export const UpdateAccessGroupResponse =
     require: "require",
 }))
     .pipe(T.ResponsePath("result"));
-export const updateAccessGroup = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: UpdateAccessGroupRequest,
+export const updateAccessGroupForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessGroupForAccountRequest,
     output: UpdateAccessGroupResponse,
     errors: [],
 }));
-export const DeleteAccessGroupRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const updateAccessGroupForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessGroupForZoneRequest,
+    output: UpdateAccessGroupResponse,
+    errors: [],
+}));
+const DeleteAccessGroupBaseFields = {
     groupId: Schema.String.pipe(T.HttpPath("groupId")),
+};
+export const DeleteAccessGroupForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...DeleteAccessGroupBaseFields,
 }).pipe(T.Http({
     method: "DELETE",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/groups/{groupId}",
+    path: "/accounts/{account_id}/access/groups/{groupId}",
+}));
+export const DeleteAccessGroupForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...DeleteAccessGroupBaseFields,
+}).pipe(T.Http({
+    method: "DELETE",
+    path: "/zones/{zone_id}/access/groups/{groupId}",
 }));
 export const DeleteAccessGroupResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
 }).pipe(T.ResponsePath("result"));
-export const deleteAccessGroup = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: DeleteAccessGroupRequest,
+export const deleteAccessGroupForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessGroupForAccountRequest,
+    output: DeleteAccessGroupResponse,
+    errors: [],
+}));
+export const deleteAccessGroupForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessGroupForZoneRequest,
     output: DeleteAccessGroupResponse,
     errors: [],
 }));
@@ -29979,12 +30565,27 @@ export const deleteAccessPolicy = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
     output: DeleteAccessPolicyResponse,
     errors: [],
 }));
-export const GetAccessServiceTokenRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+// =============================================================================
+// AccessServiceToken
+// =============================================================================
+const GetAccessServiceTokenBaseFields = {
     serviceTokenId: Schema.String.pipe(T.HttpPath("serviceTokenId")),
+};
+export const GetAccessServiceTokenForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...GetAccessServiceTokenBaseFields,
+}).pipe(T.Http({
+    method: "GET",
+    path: "/accounts/{account_id}/access/service_tokens/{serviceTokenId}",
+}));
+export const GetAccessServiceTokenForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...GetAccessServiceTokenBaseFields,
 }).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/service_tokens/{serviceTokenId}",
+    path: "/zones/{zone_id}/access/service_tokens/{serviceTokenId}",
 }));
 export const GetAccessServiceTokenResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -30002,16 +30603,30 @@ export const GetAccessServiceTokenResponse =
     name: "name",
 }))
     .pipe(T.ResponsePath("result"));
-export const getAccessServiceToken = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: GetAccessServiceTokenRequest,
+export const getAccessServiceTokenForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessServiceTokenForAccountRequest,
     output: GetAccessServiceTokenResponse,
     errors: [],
 }));
-export const ListAccessServiceTokensRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+export const getAccessServiceTokenForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetAccessServiceTokenForZoneRequest,
+    output: GetAccessServiceTokenResponse,
+    errors: [],
+}));
+const ListAccessServiceTokensBaseFields = {};
+export const ListAccessServiceTokensForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListAccessServiceTokensBaseFields,
+}).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/service_tokens",
+    path: "/accounts/{account_id}/access/service_tokens",
 }));
+export const ListAccessServiceTokensForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListAccessServiceTokensBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/service_tokens" }));
 export const ListAccessServiceTokensResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     result: Schema.Array(Schema.Struct({
@@ -30042,8 +30657,8 @@ export const ListAccessServiceTokensResponse =
         Schema.Null,
     ])),
 }).pipe(Schema.encodeKeys({ result: "result", resultInfo: "result_info" }));
-export const listAccessServiceTokens = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: ListAccessServiceTokensRequest,
+export const listAccessServiceTokensForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessServiceTokensForAccountRequest,
     output: ListAccessServiceTokensResponse,
     errors: [],
     pagination: {
@@ -30054,14 +30669,28 @@ export const listAccessServiceTokens = /*@__PURE__*/ /*#__PURE__*/ API.makePagin
         pageSize: "perPage",
     },
 }));
-export const CreateAccessServiceTokenRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const listAccessServiceTokensForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListAccessServiceTokensForZoneRequest,
+    output: ListAccessServiceTokensResponse,
+    errors: [],
+    pagination: {
+        mode: "page",
+        inputToken: "page",
+        outputToken: "resultInfo.page",
+        items: "result",
+        pageSize: "perPage",
+    },
+}));
+const CreateAccessServiceTokenBaseFields = {
     name: Schema.String,
     clientSecretVersion: Schema.optional(Schema.Number),
     duration: Schema.optional(Schema.String),
     previousClientSecretExpiresAt: Schema.optional(Schema.String),
+};
+export const CreateAccessServiceTokenForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...CreateAccessServiceTokenBaseFields,
 }).pipe(Schema.encodeKeys({
     name: "name",
     clientSecretVersion: "client_secret_version",
@@ -30069,8 +30698,18 @@ export const CreateAccessServiceTokenRequest =
     previousClientSecretExpiresAt: "previous_client_secret_expires_at",
 }), T.Http({
     method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/service_tokens",
+    path: "/accounts/{account_id}/access/service_tokens",
 }));
+export const CreateAccessServiceTokenForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...CreateAccessServiceTokenBaseFields,
+}).pipe(Schema.encodeKeys({
+    name: "name",
+    clientSecretVersion: "client_secret_version",
+    duration: "duration",
+    previousClientSecretExpiresAt: "previous_client_secret_expires_at",
+}), T.Http({ method: "POST", path: "/zones/{zone_id}/access/service_tokens" }));
 export const CreateAccessServiceTokenResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
@@ -30087,20 +30726,27 @@ export const CreateAccessServiceTokenResponse =
     name: "name",
 }))
     .pipe(T.ResponsePath("result"));
-export const createAccessServiceToken = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: CreateAccessServiceTokenRequest,
+export const createAccessServiceTokenForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessServiceTokenForAccountRequest,
     output: CreateAccessServiceTokenResponse,
     errors: [],
 }));
-export const UpdateAccessServiceTokenRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const createAccessServiceTokenForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateAccessServiceTokenForZoneRequest,
+    output: CreateAccessServiceTokenResponse,
+    errors: [],
+}));
+const UpdateAccessServiceTokenBaseFields = {
     serviceTokenId: Schema.String.pipe(T.HttpPath("serviceTokenId")),
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
     clientSecretVersion: Schema.optional(Schema.Number),
     duration: Schema.optional(Schema.String),
     name: Schema.optional(Schema.String),
     previousClientSecretExpiresAt: Schema.optional(Schema.String),
+};
+export const UpdateAccessServiceTokenForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...UpdateAccessServiceTokenBaseFields,
 }).pipe(Schema.encodeKeys({
     clientSecretVersion: "client_secret_version",
     duration: "duration",
@@ -30108,7 +30754,20 @@ export const UpdateAccessServiceTokenRequest =
     previousClientSecretExpiresAt: "previous_client_secret_expires_at",
 }), T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/service_tokens/{serviceTokenId}",
+    path: "/accounts/{account_id}/access/service_tokens/{serviceTokenId}",
+}));
+export const UpdateAccessServiceTokenForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...UpdateAccessServiceTokenBaseFields,
+}).pipe(Schema.encodeKeys({
+    clientSecretVersion: "client_secret_version",
+    duration: "duration",
+    name: "name",
+    previousClientSecretExpiresAt: "previous_client_secret_expires_at",
+}), T.Http({
+    method: "PUT",
+    path: "/zones/{zone_id}/access/service_tokens/{serviceTokenId}",
 }));
 export const UpdateAccessServiceTokenResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -30126,17 +30785,34 @@ export const UpdateAccessServiceTokenResponse =
     name: "name",
 }))
     .pipe(T.ResponsePath("result"));
-export const updateAccessServiceToken = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: UpdateAccessServiceTokenRequest,
+export const updateAccessServiceTokenForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessServiceTokenForAccountRequest,
     output: UpdateAccessServiceTokenResponse,
     errors: [],
 }));
-export const DeleteAccessServiceTokenRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const updateAccessServiceTokenForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateAccessServiceTokenForZoneRequest,
+    output: UpdateAccessServiceTokenResponse,
+    errors: [],
+}));
+const DeleteAccessServiceTokenBaseFields = {
     serviceTokenId: Schema.String.pipe(T.HttpPath("serviceTokenId")),
+};
+export const DeleteAccessServiceTokenForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...DeleteAccessServiceTokenBaseFields,
+}).pipe(T.Http({
+    method: "DELETE",
+    path: "/accounts/{account_id}/access/service_tokens/{serviceTokenId}",
+}));
+export const DeleteAccessServiceTokenForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...DeleteAccessServiceTokenBaseFields,
 }).pipe(T.Http({
     method: "DELETE",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/service_tokens/{serviceTokenId}",
+    path: "/zones/{zone_id}/access/service_tokens/{serviceTokenId}",
 }));
 export const DeleteAccessServiceTokenResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -30154,8 +30830,13 @@ export const DeleteAccessServiceTokenResponse =
     name: "name",
 }))
     .pipe(T.ResponsePath("result"));
-export const deleteAccessServiceToken = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: DeleteAccessServiceTokenRequest,
+export const deleteAccessServiceTokenForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessServiceTokenForAccountRequest,
+    output: DeleteAccessServiceTokenResponse,
+    errors: [],
+}));
+export const deleteAccessServiceTokenForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteAccessServiceTokenForZoneRequest,
     output: DeleteAccessServiceTokenResponse,
     errors: [],
 }));
@@ -48413,12 +49094,27 @@ export const deleteGatewayRule = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
     output: DeleteGatewayRuleResponse,
     errors: [],
 }));
-export const GetIdentityProviderRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+// =============================================================================
+// IdentityProvider
+// =============================================================================
+const GetIdentityProviderBaseFields = {
     identityProviderId: Schema.String.pipe(T.HttpPath("identityProviderId")),
+};
+export const GetIdentityProviderForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...GetIdentityProviderBaseFields,
+}).pipe(T.Http({
+    method: "GET",
+    path: "/accounts/{account_id}/access/identity_providers/{identityProviderId}",
+}));
+export const GetIdentityProviderForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...GetIdentityProviderBaseFields,
 }).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/identity_providers/{identityProviderId}",
+    path: "/zones/{zone_id}/access/identity_providers/{identityProviderId}",
 }));
 export const GetIdentityProviderResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Union([
@@ -49099,15 +49795,32 @@ export const GetIdentityProviderResponse =
         scimConfig: "scim_config",
     })),
 ]).pipe(T.ResponsePath("result"));
-export const getIdentityProvider = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: GetIdentityProviderRequest,
+export const getIdentityProviderForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetIdentityProviderForAccountRequest,
+    output: GetIdentityProviderResponse,
+    errors: [],
+}));
+export const getIdentityProviderForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: GetIdentityProviderForZoneRequest,
     output: GetIdentityProviderResponse,
     errors: [],
 }));
-export const ListIdentityProvidersRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+const ListIdentityProvidersBaseFields = {};
+export const ListIdentityProvidersForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListIdentityProvidersBaseFields,
+}).pipe(T.Http({
+    method: "GET",
+    path: "/accounts/{account_id}/access/identity_providers",
+}));
+export const ListIdentityProvidersForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListIdentityProvidersBaseFields,
+}).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/identity_providers",
+    path: "/zones/{zone_id}/access/identity_providers",
 }));
 export const ListIdentityProvidersResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
@@ -49754,8 +50467,8 @@ export const ListIdentityProvidersResponse =
         Schema.Null,
     ])),
 }).pipe(Schema.encodeKeys({ result: "result", resultInfo: "result_info" }));
-export const listIdentityProviders = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
-    input: ListIdentityProvidersRequest,
+export const listIdentityProvidersForAccount = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListIdentityProvidersForAccountRequest,
     output: ListIdentityProvidersResponse,
     errors: [],
     pagination: {
@@ -49766,10 +50479,19 @@ export const listIdentityProviders = /*@__PURE__*/ /*#__PURE__*/ API.makePaginat
         pageSize: "perPage",
     },
 }));
-export const CreateIdentityProviderRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const listIdentityProvidersForZone = /*@__PURE__*/ /*#__PURE__*/ API.makePaginated(() => ({
+    input: ListIdentityProvidersForZoneRequest,
+    output: ListIdentityProvidersResponse,
+    errors: [],
+    pagination: {
+        mode: "page",
+        inputToken: "page",
+        outputToken: "resultInfo.page",
+        items: "result",
+        pageSize: "perPage",
+    },
+}));
+const CreateIdentityProviderBaseFields = {
     config: Schema.Struct({
         claims: Schema.optional(Schema.Array(Schema.String)),
         clientId: Schema.optional(Schema.String),
@@ -49817,6 +50539,11 @@ export const CreateIdentityProviderRequest =
         seatDeprovision: "seat_deprovision",
         userDeprovision: "user_deprovision",
     }))),
+};
+export const CreateIdentityProviderForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...CreateIdentityProviderBaseFields,
 }).pipe(Schema.encodeKeys({
     config: "config",
     name: "name",
@@ -49824,7 +50551,20 @@ export const CreateIdentityProviderRequest =
     scimConfig: "scim_config",
 }), T.Http({
     method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/identity_providers",
+    path: "/accounts/{account_id}/access/identity_providers",
+}));
+export const CreateIdentityProviderForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...CreateIdentityProviderBaseFields,
+}).pipe(Schema.encodeKeys({
+    config: "config",
+    name: "name",
+    type: "type",
+    scimConfig: "scim_config",
+}), T.Http({
+    method: "POST",
+    path: "/zones/{zone_id}/access/identity_providers",
 }));
 export const CreateIdentityProviderResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Union([
@@ -50505,16 +51245,18 @@ export const CreateIdentityProviderResponse =
         scimConfig: "scim_config",
     })),
 ]).pipe(T.ResponsePath("result"));
-export const createIdentityProvider = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: CreateIdentityProviderRequest,
+export const createIdentityProviderForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateIdentityProviderForAccountRequest,
     output: CreateIdentityProviderResponse,
     errors: [],
 }));
-export const UpdateIdentityProviderRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const createIdentityProviderForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateIdentityProviderForZoneRequest,
+    output: CreateIdentityProviderResponse,
+    errors: [],
+}));
+const UpdateIdentityProviderBaseFields = {
     identityProviderId: Schema.String.pipe(T.HttpPath("identityProviderId")),
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
     config: Schema.Struct({
         claims: Schema.optional(Schema.Array(Schema.String)),
         clientId: Schema.optional(Schema.String),
@@ -50562,6 +51304,24 @@ export const UpdateIdentityProviderRequest =
         seatDeprovision: "seat_deprovision",
         userDeprovision: "user_deprovision",
     }))),
+};
+export const UpdateIdentityProviderForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...UpdateIdentityProviderBaseFields,
+}).pipe(Schema.encodeKeys({
+    config: "config",
+    name: "name",
+    type: "type",
+    scimConfig: "scim_config",
+}), T.Http({
+    method: "PUT",
+    path: "/accounts/{account_id}/access/identity_providers/{identityProviderId}",
+}));
+export const UpdateIdentityProviderForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...UpdateIdentityProviderBaseFields,
 }).pipe(Schema.encodeKeys({
     config: "config",
     name: "name",
@@ -50569,7 +51329,7 @@ export const UpdateIdentityProviderRequest =
     scimConfig: "scim_config",
 }), T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/identity_providers/{identityProviderId}",
+    path: "/zones/{zone_id}/access/identity_providers/{identityProviderId}",
 }));
 export const UpdateIdentityProviderResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Union([
@@ -51250,24 +52010,46 @@ export const UpdateIdentityProviderResponse =
         scimConfig: "scim_config",
     })),
 ]).pipe(T.ResponsePath("result"));
-export const updateIdentityProvider = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: UpdateIdentityProviderRequest,
+export const updateIdentityProviderForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateIdentityProviderForAccountRequest,
     output: UpdateIdentityProviderResponse,
     errors: [],
 }));
-export const DeleteIdentityProviderRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+export const updateIdentityProviderForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateIdentityProviderForZoneRequest,
+    output: UpdateIdentityProviderResponse,
+    errors: [],
+}));
+const DeleteIdentityProviderBaseFields = {
     identityProviderId: Schema.String.pipe(T.HttpPath("identityProviderId")),
+};
+export const DeleteIdentityProviderForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...DeleteIdentityProviderBaseFields,
+}).pipe(T.Http({
+    method: "DELETE",
+    path: "/accounts/{account_id}/access/identity_providers/{identityProviderId}",
+}));
+export const DeleteIdentityProviderForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...DeleteIdentityProviderBaseFields,
 }).pipe(T.Http({
     method: "DELETE",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/identity_providers/{identityProviderId}",
+    path: "/zones/{zone_id}/access/identity_providers/{identityProviderId}",
 }));
 export const DeleteIdentityProviderResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     id: Schema.optional(Schema.Union([Schema.String, Schema.Null])),
 }).pipe(T.ResponsePath("result"));
-export const deleteIdentityProvider = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: DeleteIdentityProviderRequest,
+export const deleteIdentityProviderForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteIdentityProviderForAccountRequest,
+    output: DeleteIdentityProviderResponse,
+    errors: [],
+}));
+export const deleteIdentityProviderForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: DeleteIdentityProviderForZoneRequest,
     output: DeleteIdentityProviderResponse,
     errors: [],
 }));
@@ -52277,11 +53059,23 @@ export const deleteNetworkVirtualNetwork = /*@__PURE__*/ /*#__PURE__*/ API.make(
     output: DeleteNetworkVirtualNetworkResponse,
     errors: [],
 }));
-export const ListOrganizationsRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+// =============================================================================
+// Organization
+// =============================================================================
+const ListOrganizationsBaseFields = {};
+export const ListOrganizationsForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...ListOrganizationsBaseFields,
+}).pipe(T.Http({
     method: "GET",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/organizations",
+    path: "/accounts/{account_id}/access/organizations",
 }));
+export const ListOrganizationsForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...ListOrganizationsBaseFields,
+}).pipe(T.Http({ method: "GET", path: "/zones/{zone_id}/access/organizations" }));
 export const ListOrganizationsResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     allowAuthenticateViaWarp: Schema.optional(Schema.Union([Schema.Boolean, Schema.Null])),
@@ -52334,15 +53128,17 @@ export const ListOrganizationsResponse =
     warpAuthSessionDuration: "warp_auth_session_duration",
 }))
     .pipe(T.ResponsePath("result"));
-export const listOrganizations = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: ListOrganizationsRequest,
+export const listOrganizationsForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: ListOrganizationsForAccountRequest,
     output: ListOrganizationsResponse,
     errors: [],
 }));
-export const CreateOrganizationRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const listOrganizationsForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: ListOrganizationsForZoneRequest,
+    output: ListOrganizationsResponse,
+    errors: [],
+}));
+const CreateOrganizationBaseFields = {
     authDomain: Schema.String,
     name: Schema.String,
     allowAuthenticateViaWarp: Schema.optional(Schema.Boolean),
@@ -52365,6 +53161,11 @@ export const CreateOrganizationRequest =
     uiReadOnlyToggleReason: Schema.optional(Schema.String),
     userSeatExpirationInactiveTime: Schema.optional(Schema.String),
     warpAuthSessionDuration: Schema.optional(Schema.String),
+};
+export const CreateOrganizationForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...CreateOrganizationBaseFields,
 }).pipe(Schema.encodeKeys({
     authDomain: "auth_domain",
     name: "name",
@@ -52378,8 +53179,24 @@ export const CreateOrganizationRequest =
     warpAuthSessionDuration: "warp_auth_session_duration",
 }), T.Http({
     method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/organizations",
+    path: "/accounts/{account_id}/access/organizations",
 }));
+export const CreateOrganizationForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...CreateOrganizationBaseFields,
+}).pipe(Schema.encodeKeys({
+    authDomain: "auth_domain",
+    name: "name",
+    allowAuthenticateViaWarp: "allow_authenticate_via_warp",
+    autoRedirectToIdentity: "auto_redirect_to_identity",
+    isUiReadOnly: "is_ui_read_only",
+    loginDesign: "login_design",
+    sessionDuration: "session_duration",
+    uiReadOnlyToggleReason: "ui_read_only_toggle_reason",
+    userSeatExpirationInactiveTime: "user_seat_expiration_inactive_time",
+    warpAuthSessionDuration: "warp_auth_session_duration",
+}), T.Http({ method: "POST", path: "/zones/{zone_id}/access/organizations" }));
 export const CreateOrganizationResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     allowAuthenticateViaWarp: Schema.optional(Schema.Union([Schema.Boolean, Schema.Null])),
@@ -52432,15 +53249,17 @@ export const CreateOrganizationResponse =
     warpAuthSessionDuration: "warp_auth_session_duration",
 }))
     .pipe(T.ResponsePath("result"));
-export const createOrganization = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: CreateOrganizationRequest,
+export const createOrganizationForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateOrganizationForAccountRequest,
     output: CreateOrganizationResponse,
     errors: [],
 }));
-export const UpdateOrganizationRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+export const createOrganizationForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: CreateOrganizationForZoneRequest,
+    output: CreateOrganizationResponse,
+    errors: [],
+}));
+const UpdateOrganizationBaseFields = {
     allowAuthenticateViaWarp: Schema.optional(Schema.Boolean),
     authDomain: Schema.optional(Schema.String),
     autoRedirectToIdentity: Schema.optional(Schema.Boolean),
@@ -52470,6 +53289,11 @@ export const UpdateOrganizationRequest =
     uiReadOnlyToggleReason: Schema.optional(Schema.String),
     userSeatExpirationInactiveTime: Schema.optional(Schema.String),
     warpAuthSessionDuration: Schema.optional(Schema.String),
+};
+export const UpdateOrganizationForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...UpdateOrganizationBaseFields,
 }).pipe(Schema.encodeKeys({
     allowAuthenticateViaWarp: "allow_authenticate_via_warp",
     authDomain: "auth_domain",
@@ -52484,8 +53308,25 @@ export const UpdateOrganizationRequest =
     warpAuthSessionDuration: "warp_auth_session_duration",
 }), T.Http({
     method: "PUT",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/organizations",
+    path: "/accounts/{account_id}/access/organizations",
 }));
+export const UpdateOrganizationForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...UpdateOrganizationBaseFields,
+}).pipe(Schema.encodeKeys({
+    allowAuthenticateViaWarp: "allow_authenticate_via_warp",
+    authDomain: "auth_domain",
+    autoRedirectToIdentity: "auto_redirect_to_identity",
+    customPages: "custom_pages",
+    isUiReadOnly: "is_ui_read_only",
+    loginDesign: "login_design",
+    name: "name",
+    sessionDuration: "session_duration",
+    uiReadOnlyToggleReason: "ui_read_only_toggle_reason",
+    userSeatExpirationInactiveTime: "user_seat_expiration_inactive_time",
+    warpAuthSessionDuration: "warp_auth_session_duration",
+}), T.Http({ method: "PUT", path: "/zones/{zone_id}/access/organizations" }));
 export const UpdateOrganizationResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
     allowAuthenticateViaWarp: Schema.optional(Schema.Union([Schema.Boolean, Schema.Null])),
@@ -52538,8 +53379,13 @@ export const UpdateOrganizationResponse =
     warpAuthSessionDuration: "warp_auth_session_duration",
 }))
     .pipe(T.ResponsePath("result"));
-export const updateOrganization = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: UpdateOrganizationRequest,
+export const updateOrganizationForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateOrganizationForAccountRequest,
+    output: UpdateOrganizationResponse,
+    errors: [],
+}));
+export const updateOrganizationForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: UpdateOrganizationForZoneRequest,
     output: UpdateOrganizationResponse,
     errors: [],
 }));
@@ -53487,15 +54333,37 @@ export const overTimeDexFleetStatus = /*@__PURE__*/ /*#__PURE__*/ API.make(() =>
     output: OverTimeDexFleetStatusResponse,
     errors: [],
 }));
-export const RevokeTokensAccessApplicationRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({}).pipe(T.Http({
+// =============================================================================
+// TokensAccessApplication
+// =============================================================================
+const RevokeTokensAccessApplicationBaseFields = {
+    appId: Schema.String.pipe(T.HttpPath("appId")),
+};
+export const RevokeTokensAccessApplicationForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...RevokeTokensAccessApplicationBaseFields,
+}).pipe(T.Http({
+    method: "POST",
+    path: "/accounts/{account_id}/access/apps/{appId}/revoke_tokens",
+}));
+export const RevokeTokensAccessApplicationForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...RevokeTokensAccessApplicationBaseFields,
+}).pipe(T.Http({
     method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/apps/{appId}/revoke_tokens",
+    path: "/zones/{zone_id}/access/apps/{appId}/revoke_tokens",
 }));
 export const RevokeTokensAccessApplicationResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Unknown.pipe(T.ResponsePath("result"));
-export const revokeTokensAccessApplication = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: RevokeTokensAccessApplicationRequest,
+export const revokeTokensAccessApplicationForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: RevokeTokensAccessApplicationForAccountRequest,
+    output: RevokeTokensAccessApplicationResponse,
+    errors: [],
+}));
+export const revokeTokensAccessApplicationForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: RevokeTokensAccessApplicationForZoneRequest,
     output: RevokeTokensAccessApplicationResponse,
     errors: [],
 }));
@@ -54934,15 +55802,33 @@ export const getTunnelWarpConnectorToken = /*@__PURE__*/ /*#__PURE__*/ API.make(
     output: GetTunnelWarpConnectorTokenResponse,
     errors: [],
 }));
-export const RevokeUsersOrganizationRequest = 
-/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
-    accountId: Schema.String.pipe(T.HttpPath("account_id")),
-    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+// =============================================================================
+// UsersOrganization
+// =============================================================================
+const RevokeUsersOrganizationBaseFields = {
     queryDevices: Schema.optional(Schema.Boolean).pipe(T.HttpQuery("query_devices")),
     email: Schema.String,
     bodyDevices: Schema.optional(Schema.Boolean),
     userUid: Schema.optional(Schema.String),
     warpSessionReauth: Schema.optional(Schema.Boolean),
+};
+export const RevokeUsersOrganizationForAccountRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    accountId: Schema.String.pipe(T.HttpPath("account_id")),
+    ...RevokeUsersOrganizationBaseFields,
+}).pipe(Schema.encodeKeys({
+    email: "email",
+    bodyDevices: "body_devices",
+    userUid: "user_uid",
+    warpSessionReauth: "warp_session_reauth",
+}), T.Http({
+    method: "POST",
+    path: "/accounts/{account_id}/access/organizations/revoke_user",
+}));
+export const RevokeUsersOrganizationForZoneRequest = 
+/*@__PURE__*/ /*#__PURE__*/ Schema.Struct({
+    zoneId: Schema.String.pipe(T.HttpPath("zone_id")),
+    ...RevokeUsersOrganizationBaseFields,
 }).pipe(Schema.encodeKeys({
     email: "email",
     bodyDevices: "body_devices",
@@ -54950,12 +55836,17 @@ export const RevokeUsersOrganizationRequest =
     warpSessionReauth: "warp_session_reauth",
 }), T.Http({
     method: "POST",
-    path: "/{accountOrZone}/{accountOrZoneId}/access/organizations/revoke_user",
+    path: "/zones/{zone_id}/access/organizations/revoke_user",
 }));
 export const RevokeUsersOrganizationResponse = 
 /*@__PURE__*/ /*#__PURE__*/ Schema.Literals([true, false]).pipe(T.ResponsePath("result"));
-export const revokeUsersOrganization = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
-    input: RevokeUsersOrganizationRequest,
+export const revokeUsersOrganizationForAccount = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: RevokeUsersOrganizationForAccountRequest,
+    output: RevokeUsersOrganizationResponse,
+    errors: [],
+}));
+export const revokeUsersOrganizationForZone = /*@__PURE__*/ /*#__PURE__*/ API.make(() => ({
+    input: RevokeUsersOrganizationForZoneRequest,
     output: RevokeUsersOrganizationResponse,
     errors: [],
 }));