firebase-tools 9.19.0 → 9.23.0

package/lib/emulator/auth/apiSpec.js

@@ -2055,6 +2055,74 @@ exports.default = {
                 { $ref: "#/components/parameters/upload_protocol" },
             ],
         },
+        "/v2/projects/{targetProjectId}/config": {
+            get: {
+                description: "Retrieve an Identity Toolkit project configuration.",
+                operationId: "identitytoolkit.projects.getConfig",
+                responses: {
+                    200: {
+                        description: "Successful response",
+                        content: {
+                            "*/*": {
+                                schema: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2Config" },
+                            },
+                        },
+                    },
+                },
+                parameters: [
+                    { name: "targetProjectId", in: "path", required: true, schema: { type: "string" } },
+                ],
+                security: [{ Oauth2: ["https://www.googleapis.com/auth/cloud-platform"] }, { apiKey: [] }],
+                tags: ["projects"],
+            },
+            patch: {
+                description: "Update an Identity Toolkit project configuration.",
+                operationId: "identitytoolkit.projects.updateConfig",
+                responses: {
+                    200: {
+                        description: "Successful response",
+                        content: {
+                            "*/*": {
+                                schema: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2Config" },
+                            },
+                        },
+                    },
+                },
+                parameters: [
+                    { name: "targetProjectId", in: "path", required: true, schema: { type: "string" } },
+                    {
+                        name: "updateMask",
+                        in: "query",
+                        description: "The update mask applies to the resource. Fields set in the config but not included in this update mask will be ignored. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask",
+                        schema: { type: "string" },
+                    },
+                ],
+                requestBody: {
+                    content: {
+                        "application/json": {
+                            schema: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2Config" },
+                        },
+                    },
+                },
+                security: [
+                    { Oauth2: ["https://www.googleapis.com/auth/cloud-platform"] },
+                    { Oauth2: ["https://www.googleapis.com/auth/firebase"] },
+                    { apiKey: [] },
+                ],
+                tags: ["projects"],
+            },
+            parameters: [
+                { $ref: "#/components/parameters/access_token" },
+                { $ref: "#/components/parameters/alt" },
+                { $ref: "#/components/parameters/callback" },
+                { $ref: "#/components/parameters/fields" },
+                { $ref: "#/components/parameters/oauth_token" },
+                { $ref: "#/components/parameters/prettyPrint" },
+                { $ref: "#/components/parameters/quotaUser" },
+                { $ref: "#/components/parameters/uploadType" },
+                { $ref: "#/components/parameters/upload_protocol" },
+            ],
+        },
         "/v2/projects/{targetProjectId}/defaultSupportedIdpConfigs": {
             post: {
                 description: "Create a default supported Idp configuration for an Identity Toolkit project.",
@@ -3512,6 +3580,37 @@ exports.default = {
                 tags: ["emulator"],
             },
         },
+        "/emulator/v1/projects/{targetProjectId}/tenants/{tenantId}/accounts": {
+            parameters: [
+                {
+                    name: "targetProjectId",
+                    in: "path",
+                    description: "The ID of the Google Cloud project that the accounts belong to.",
+                    required: true,
+                    schema: { type: "string" },
+                },
+                {
+                    name: "tenantId",
+                    in: "path",
+                    description: "The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned.",
+                    required: true,
+                    schema: { type: "string" },
+                },
+            ],
+            servers: [{ url: "" }],
+            delete: {
+                description: "Remove all accounts in the project, regardless of state.",
+                operationId: "emulator.projects.accounts.delete",
+                responses: {
+                    200: {
+                        description: "Successful response",
+                        content: { "application/json": { schema: { type: "object" } } },
+                    },
+                },
+                security: [],
+                tags: ["emulator"],
+            },
+        },
         "/emulator/v1/projects/{targetProjectId}/config": {
             parameters: [
                 {
@@ -3591,6 +3690,41 @@ exports.default = {
                 tags: ["emulator"],
             },
         },
+        "/emulator/v1/projects/{targetProjectId}/tenants/{tenantId}/oobCodes": {
+            parameters: [
+                {
+                    name: "targetProjectId",
+                    in: "path",
+                    description: "The ID of the Google Cloud project that the confirmation codes belongs to.",
+                    required: true,
+                    schema: { type: "string" },
+                },
+                {
+                    name: "tenantId",
+                    in: "path",
+                    description: "The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned.",
+                    required: true,
+                    schema: { type: "string" },
+                },
+            ],
+            servers: [{ url: "" }],
+            get: {
+                description: "List all pending confirmation codes for the project.",
+                operationId: "emulator.projects.oobCodes.list",
+                responses: {
+                    200: {
+                        description: "Successful response",
+                        content: {
+                            "application/json": {
+                                schema: { $ref: "#/components/schemas/EmulatorV1ProjectsOobCodes" },
+                            },
+                        },
+                    },
+                },
+                security: [],
+                tags: ["emulator"],
+            },
+        },
         "/emulator/v1/projects/{targetProjectId}/verificationCodes": {
             parameters: [
                 {
@@ -3619,6 +3753,41 @@ exports.default = {
                 tags: ["emulator"],
             },
         },
+        "/emulator/v1/projects/{targetProjectId}/tenants/{tenantId}/verificationCodes": {
+            parameters: [
+                {
+                    name: "targetProjectId",
+                    in: "path",
+                    description: "The ID of the Google Cloud project that the verification codes belongs to.",
+                    required: true,
+                    schema: { type: "string" },
+                },
+                {
+                    name: "tenantId",
+                    in: "path",
+                    description: "The ID of the Identity Platform tenant the accounts belongs to. If not specified, accounts on the Identity Platform project are returned.",
+                    required: true,
+                    schema: { type: "string" },
+                },
+            ],
+            servers: [{ url: "" }],
+            get: {
+                description: "List all pending phone verification codes for the project.",
+                operationId: "emulator.projects.verificationCodes.list",
+                responses: {
+                    200: {
+                        description: "Successful response",
+                        content: {
+                            "application/json": {
+                                schema: { $ref: "#/components/schemas/EmulatorV1ProjectsOobCodes" },
+                            },
+                        },
+                    },
+                },
+                security: [],
+                tags: ["emulator"],
+            },
+        },
     },
     components: {
         schemas: {
@@ -4840,7 +5009,7 @@ exports.default = {
                         type: "string",
                     },
                     postBody: {
-                        description: "If the user is signing in with an authorization response obtained via a previous CreateAuthUri authorization request, this is the body of the HTTP POST callback from the IdP, if present. Otherwise, if the user is signing in with a manually provided IdP credential, this should be a URL-encoded form that contains the credential (e.g. an ID token or access token for OAuth 2.0 IdPs) and the provider ID of the IdP that issued the credential. For example, if the user is signing in to the Google provider using a Google ID token, this should be set to `id_token=[GOOGLE_ID_TOKEN]&providerId=google.com`, where `[GOOGLE_ID_TOKEN]` should be replaced with the Google ID token. If the user is signing in to the Facebook provider using a Facebook access token, this should be set to `access_token=[FACEBOOK_ACCESS_TOKEN]&providerId=facebook.com`, where `[FACEBOOK_ACCESS_TOKEN]` should be replaced with the Facebook access token. If the user is signing in to the Twitter provider using a Twitter OAuth 1.0 credential, this should be set to `access_token=[TWITTER_ACCESS_TOKEN]&oauth_token_secret=[TWITTER_TOKEN_SECRET]&providerId=twitter.com`, where `[TWITTER_ACCESS_TOKEN]` and `[TWITTER_TOKEN_SECRET]` should be replaced with the Twitter OAuth access token and Twitter OAuth token secret respectively.",
+                        description: "If the user is signing in with an authorization response obtained via a previous CreateAuthUri authorization request, this is the body of the HTTP POST callback from the IdP, if present. Otherwise, if the user is signing in with a manually provided IdP credential, this should be a URL-encoded form that contains the credential (e.g. an ID token or access token for OAuth 2.0 IdPs) and the provider ID of the IdP that issued the credential. For example, if the user is signing in to the Google provider using a Google ID token, this should be set to `id_token=[GOOGLE_ID_TOKEN]&providerId=google.com`, where `[GOOGLE_ID_TOKEN]` should be replaced with the Google ID token. If the user is signing in to the Facebook provider using a Facebook authentication token, this should be set to `id_token=[FACEBOOK_AUTHENTICATION_TOKEN]&providerId=facebook.com&nonce= [NONCE]`, where `[FACEBOOK_AUTHENTICATION_TOKEN]` should be replaced with the Facebook authentication token. Nonce is required for validating the token. The request will fail if no nonce is provided. If the user is signing in to the Facebook provider using a Facebook access token, this should be set to `access_token=[FACEBOOK_ACCESS_TOKEN]&providerId=facebook.com`, where `[FACEBOOK_ACCESS_TOKEN]` should be replaced with the Facebook access token. If the user is signing in to the Twitter provider using a Twitter OAuth 1.0 credential, this should be set to `access_token=[TWITTER_ACCESS_TOKEN]&oauth_token_secret=[TWITTER_TOKEN_SECRET]&providerId=twitter.com`, where `[TWITTER_ACCESS_TOKEN]` and `[TWITTER_TOKEN_SECRET]` should be replaced with the Twitter OAuth access token and Twitter OAuth token secret respectively.",
                         type: "string",
                     },
                     requestUri: {
@@ -5530,6 +5699,16 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2Anonymous: {
+                description: "Configuration options related to authenticating an anonymous user.",
+                properties: {
+                    enabled: {
+                        description: "Whether anonymous user auth is enabled for the project or not.",
+                        type: "boolean",
+                    },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitAdminV2AppleSignInConfig: {
                 description: "Additional config for SignInWithApple.",
                 properties: {
@@ -5544,6 +5723,41 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2BlockingFunctionsConfig: {
+                description: "Configuration related to Blocking Functions.",
+                properties: {
+                    forwardInboundCredentials: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2ForwardInboundCredentials",
+                    },
+                    triggers: {
+                        additionalProperties: {
+                            $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2Trigger",
+                        },
+                        description: 'Map of Trigger to event type. Key should be one of the supported event types: "beforeCreate", "beforeSignIn"',
+                        type: "object",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2ClientConfig: {
+                description: "Options related to how clients making requests on behalf of a project should be configured.",
+                properties: {
+                    apiKey: {
+                        description: "Output only. API key that can be used when making requests for this project.",
+                        readOnly: true,
+                        type: "string",
+                    },
+                    firebaseSubdomain: {
+                        description: "Output only. Firebase subdomain.",
+                        readOnly: true,
+                        type: "string",
+                    },
+                    permissions: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2Permissions",
+                    },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitAdminV2CodeFlowConfig: {
                 description: "Additional config for Apple for code flow.",
                 properties: {
@@ -5556,6 +5770,46 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2Config: {
+                description: "Represents an Identity Toolkit project.",
+                properties: {
+                    authorizedDomains: {
+                        description: "List of domains authorized for OAuth redirects",
+                        items: { type: "string" },
+                        type: "array",
+                    },
+                    blockingFunctions: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2BlockingFunctionsConfig",
+                    },
+                    client: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2ClientConfig" },
+                    mfa: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfig",
+                    },
+                    monitoring: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2MonitoringConfig",
+                    },
+                    multiTenant: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2MultiTenantConfig",
+                    },
+                    name: {
+                        description: 'Output only. The name of the Config resource. Example: "projects/my-awesome-project/config"',
+                        readOnly: true,
+                        type: "string",
+                    },
+                    notification: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2NotificationConfig",
+                    },
+                    quota: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2QuotaConfig" },
+                    signIn: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2SignInConfig" },
+                    subtype: {
+                        description: "Output only. The subtype of this config.",
+                        enum: ["SUBTYPE_UNSPECIFIED", "IDENTITY_PLATFORM", "FIREBASE_AUTH"],
+                        readOnly: true,
+                        type: "string",
+                    },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitAdminV2DefaultSupportedIdp: {
                 description: "Standard Identity Toolkit-trusted IDPs.",
                 properties: {
@@ -5583,6 +5837,94 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2DnsInfo: {
+                description: "Information of custom domain DNS verification. By default, default_domain will be used. A custom domain can be configured using VerifyCustomDomain.",
+                properties: {
+                    customDomain: {
+                        description: "Output only. The applied verified custom domain.",
+                        readOnly: true,
+                        type: "string",
+                    },
+                    customDomainState: {
+                        description: "Output only. The current verification state of the custom domain. The custom domain will only be used once the domain verification is successful.",
+                        enum: [
+                            "VERIFICATION_STATE_UNSPECIFIED",
+                            "NOT_STARTED",
+                            "IN_PROGRESS",
+                            "FAILED",
+                            "SUCCEEDED",
+                        ],
+                        readOnly: true,
+                        type: "string",
+                    },
+                    domainVerificationRequestTime: {
+                        description: "Output only. The timestamp of initial request for the current domain verification.",
+                        format: "google-datetime",
+                        readOnly: true,
+                        type: "string",
+                    },
+                    pendingCustomDomain: {
+                        description: "Output only. The custom domain that's to be verified.",
+                        readOnly: true,
+                        type: "string",
+                    },
+                    useCustomDomain: { description: "Whether to use custom domain.", type: "boolean" },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2Email: {
+                description: "Configuration options related to authenticating a user by their email address.",
+                properties: {
+                    enabled: {
+                        description: "Whether email auth is enabled for the project or not.",
+                        type: "boolean",
+                    },
+                    passwordRequired: {
+                        description: "Whether a password is required for email auth or not. If true, both an email and password must be provided to sign in. If false, a user may sign in via either email/password or email link.",
+                        type: "boolean",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2EmailTemplate: {
+                description: "Email template. The subject and body fields can contain the following placeholders which will be replaced with the appropriate values: %LINK% - The link to use to redeem the send OOB code. %EMAIL% - The email where the email is being sent. %NEW_EMAIL% - The new email being set for the account (when applicable). %APP_NAME% - The GCP project's display name. %DISPLAY_NAME% - The user's display name.",
+                properties: {
+                    body: { description: "Email body", type: "string" },
+                    bodyFormat: {
+                        description: "Email body format",
+                        enum: ["BODY_FORMAT_UNSPECIFIED", "PLAIN_TEXT", "HTML"],
+                        type: "string",
+                    },
+                    customized: {
+                        description: "Output only. Whether the body or subject of the email is customized.",
+                        readOnly: true,
+                        type: "boolean",
+                    },
+                    replyTo: { description: "Reply-to address", type: "string" },
+                    senderDisplayName: { description: "Sender display name", type: "string" },
+                    senderLocalPart: { description: "Local part of From address", type: "string" },
+                    subject: { description: "Subject of the email", type: "string" },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2ForwardInboundCredentials: {
+                description: "Indicates which credentials to pass to the registered Blocking Functions.",
+                properties: {
+                    accessToken: {
+                        description: "Whether to pass the user's OAuth identity provider's access token.",
+                        type: "boolean",
+                    },
+                    idToken: {
+                        description: "Whether to pass the user's OIDC identity provider's ID token.",
+                        type: "boolean",
+                    },
+                    refreshToken: {
+                        description: "Whether to pass the user's OAuth identity provider's refresh token.",
+                        type: "boolean",
+                    },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitAdminV2HashConfig: {
                 description: "History information of the hash algorithm and key. Different accounts' passwords may be generated by different version.",
                 properties: {
@@ -5765,6 +6107,15 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2MonitoringConfig: {
+                description: "Configuration related to monitoring project activity.",
+                properties: {
+                    requestLogging: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2RequestLogging",
+                    },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitAdminV2MultiFactorAuthConfig: {
                 description: "Options related to MultiFactor Authentication for the project.",
                 properties: {
@@ -5781,6 +6132,32 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2MultiTenantConfig: {
+                description: "Configuration related to multi-tenant functionality.",
+                properties: {
+                    allowTenants: {
+                        description: "Whether this project can have tenants or not.",
+                        type: "boolean",
+                    },
+                    defaultTenantLocation: {
+                        description: 'The default cloud parent org or folder that the tenant project should be created under. The parent resource name should be in the format of "/", such as "folders/123" or "organizations/456". If the value is not set, the tenant will be created under the same organization or folder as the agent project.',
+                        type: "string",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2NotificationConfig: {
+                description: "Configuration related to sending notifications to users.",
+                properties: {
+                    defaultLocale: {
+                        description: "Default locale used for email and SMS in IETF BCP 47 format.",
+                        type: "string",
+                    },
+                    sendEmail: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2SendEmail" },
+                    sendSms: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2SendSms" },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitAdminV2OAuthIdpConfig: {
                 description: "Configuration options for authenticating with an OAuth IDP.",
                 properties: {
@@ -5826,6 +6203,139 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2Permissions: {
+                description: "Configuration related to restricting a user's ability to affect their account.",
+                properties: {
+                    disabledUserDeletion: {
+                        description: "When true, end users cannot delete their account on the associated project through any of our API methods",
+                        type: "boolean",
+                    },
+                    disabledUserSignup: {
+                        description: "When true, end users cannot sign up for a new account on the associated project through any of our API methods",
+                        type: "boolean",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2PhoneNumber: {
+                description: "Configuration options related to authenticated a user by their phone number.",
+                properties: {
+                    enabled: {
+                        description: "Whether phone number auth is enabled for the project or not.",
+                        type: "boolean",
+                    },
+                    testPhoneNumbers: {
+                        additionalProperties: { type: "string" },
+                        description: "A map of that can be used for phone auth testing.",
+                        type: "object",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2QuotaConfig: {
+                description: "Configuration related to quotas.",
+                properties: {
+                    signUpQuotaConfig: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2TemporaryQuota",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2RequestLogging: {
+                description: "Configuration for logging requests made to this project to Stackdriver Logging",
+                properties: {
+                    enabled: {
+                        description: "Whether logging is enabled for this project or not.",
+                        type: "boolean",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2SendEmail: {
+                description: "Options for email sending.",
+                properties: {
+                    callbackUri: { description: "action url in email template.", type: "string" },
+                    changeEmailTemplate: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+                    },
+                    dnsInfo: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2DnsInfo" },
+                    legacyResetPasswordTemplate: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+                    },
+                    method: {
+                        description: "The method used for sending an email.",
+                        enum: ["METHOD_UNSPECIFIED", "DEFAULT", "CUSTOM_SMTP"],
+                        type: "string",
+                    },
+                    resetPasswordTemplate: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+                    },
+                    revertSecondFactorAdditionTemplate: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+                    },
+                    smtp: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2Smtp" },
+                    verifyEmailTemplate: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2EmailTemplate",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2SendSms: {
+                description: "Options for SMS sending.",
+                properties: {
+                    smsTemplate: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2SmsTemplate",
+                    },
+                    useDeviceLocale: {
+                        description: "Whether to use the accept_language header for SMS.",
+                        type: "boolean",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2SignInConfig: {
+                description: "Configuration related to local sign in methods.",
+                properties: {
+                    allowDuplicateEmails: {
+                        description: "Whether to allow more than one account to have the same email.",
+                        type: "boolean",
+                    },
+                    anonymous: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2Anonymous" },
+                    email: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2Email" },
+                    hashConfig: { $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2HashConfig" },
+                    phoneNumber: {
+                        $ref: "#/components/schemas/GoogleCloudIdentitytoolkitAdminV2PhoneNumber",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2SmsTemplate: {
+                description: "The template to use when sending an SMS.",
+                properties: {
+                    content: {
+                        description: "Output only. The SMS's content. Can contain the following placeholders which will be replaced with the appropriate values: %APP_NAME% - For Android or iOS apps, the app's display name. For web apps, the domain hosting the application. %LOGIN_CODE% - The OOB code being sent in the SMS.",
+                        readOnly: true,
+                        type: "string",
+                    },
+                },
+                type: "object",
+            },
+            GoogleCloudIdentitytoolkitAdminV2Smtp: {
+                description: "Configuration for SMTP relay",
+                properties: {
+                    host: { description: "SMTP relay host", type: "string" },
+                    password: { description: "SMTP relay password", type: "string" },
+                    port: { description: "SMTP relay port", format: "int32", type: "integer" },
+                    securityMode: {
+                        description: "SMTP security mode.",
+                        enum: ["SECURITY_MODE_UNSPECIFIED", "SSL", "START_TLS"],
+                        type: "string",
+                    },
+                    senderEmail: { description: "Sender email for the SMTP relay", type: "string" },
+                    username: { description: "SMTP relay username", type: "string" },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitAdminV2SpCertificate: {
                 description: "The SP's certificate data for IDP to verify the SAMLRequest generated by the SP.",
                 properties: {
@@ -5855,6 +6365,27 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2TemporaryQuota: {
+                description: "Temporary quota increase / decrease",
+                properties: {
+                    quota: {
+                        description: "Corresponds to the 'refill_token_count' field in QuotaServer config",
+                        format: "int64",
+                        type: "string",
+                    },
+                    quotaDuration: {
+                        description: "How long this quota will be active for",
+                        format: "google-duration",
+                        type: "string",
+                    },
+                    startTime: {
+                        description: "When this quota will take affect",
+                        format: "google-datetime",
+                        type: "string",
+                    },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitAdminV2Tenant: {
                 description: "A Tenant contains configuration for the tenant in a multi-tenant project.",
                 properties: {
@@ -5895,6 +6426,18 @@ exports.default = {
                 },
                 type: "object",
             },
+            GoogleCloudIdentitytoolkitAdminV2Trigger: {
+                description: "Synchronous Cloud Function with HTTP Trigger",
+                properties: {
+                    functionUri: { description: "HTTP URI trigger for the Cloud Function.", type: "string" },
+                    updateTime: {
+                        description: "When the trigger was changed.",
+                        format: "google-datetime",
+                        type: "string",
+                    },
+                },
+                type: "object",
+            },
             GoogleCloudIdentitytoolkitV2AutoRetrievalInfo: {
                 description: "The information required to auto-retrieve an SMS.",
                 properties: {
@@ -6153,16 +6696,16 @@ exports.default = {
                 type: "object",
             },
             GoogleIamV1Binding: {
-                description: "Associates `members` with a `role`.",
+                description: "Associates `members`, or principals, with a `role`.",
                 properties: {
                     condition: { $ref: "#/components/schemas/GoogleTypeExpr" },
                     members: {
-                        description: "Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
+                        description: "Specifies the principals requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ",
                         items: { type: "string" },
                         type: "array",
                     },
                     role: {
-                        description: "Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.",
+                        description: "Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.",
                         type: "string",
                     },
                 },
@@ -6185,7 +6728,7 @@ exports.default = {
                 type: "object",
             },
             GoogleIamV1Policy: {
-                description: 'An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp(\'2020-10-01T00:00:00.000Z\')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp(\'2020-10-01T00:00:00.000Z\') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).',
+                description: 'An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members`, or principals, to a single `role`. Principals can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp(\'2020-10-01T00:00:00.000Z\')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp(\'2020-10-01T00:00:00.000Z\') etag: BwWWja0YfJA= version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/).',
                 properties: {
                     auditConfigs: {
                         description: "Specifies cloud audit logging configuration for this policy.",
@@ -6193,7 +6736,7 @@ exports.default = {
                         type: "array",
                     },
                     bindings: {
-                        description: "Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member.",
+                        description: "Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.",
                         items: { $ref: "#/components/schemas/GoogleIamV1Binding" },
                         type: "array",
                     },