sailpoint-api-client 1.5.0 → 1.6.0

package/dist/v2024/api.d.ts

@@ -2254,6 +2254,18 @@ export interface AccessRequestItemV2024 {
      * @memberof AccessRequestItemV2024
      */
     'removeDate'?: string;
+    /**
+     * The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source.
+     * @type {string}
+     * @memberof AccessRequestItemV2024
+     */
+    'assignmentId'?: string | null;
+    /**
+     * The \'distinguishedName\' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source.
+     * @type {string}
+     * @memberof AccessRequestItemV2024
+     */
+    'nativeIdentity'?: string | null;
 }
 export declare const AccessRequestItemV2024TypeV2024: {
     readonly AccessProfile: "ACCESS_PROFILE";
@@ -2904,6 +2916,12 @@ export interface AccessRequestV2024 {
     'clientMetadata'?: {
         [key: string]: string;
     };
+    /**
+     * Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when \'requestedFor\' and \'requestedItems\' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request
+     * @type {Array<RequestedForDtoRefV2024>}
+     * @memberof AccessRequestV2024
+     */
+    'requestedForWithRequestedItems'?: Array<RequestedForDtoRefV2024> | null;
 }
 /**
  *
@@ -4428,6 +4446,62 @@ export interface AccountInfoDtoV2024 {
      */
     'uuid'?: string;
 }
+/**
+ *
+ * @export
+ * @interface AccountInfoRefV2024
+ */
+export interface AccountInfoRefV2024 {
+    /**
+     * The uuid for the account, available under the \'objectguid\' attribute
+     * @type {string}
+     * @memberof AccountInfoRefV2024
+     */
+    'uuid'?: string;
+    /**
+     * The \'distinguishedName\' attribute for the account
+     * @type {string}
+     * @memberof AccountInfoRefV2024
+     */
+    'nativeIdentity'?: string;
+    /**
+     *
+     * @type {DtoTypeV2024}
+     * @memberof AccountInfoRefV2024
+     */
+    'type'?: DtoTypeV2024;
+    /**
+     * The account id
+     * @type {string}
+     * @memberof AccountInfoRefV2024
+     */
+    'id'?: string;
+    /**
+     * The account display name
+     * @type {string}
+     * @memberof AccountInfoRefV2024
+     */
+    'name'?: string;
+}
+/**
+ *
+ * @export
+ * @interface AccountItemRefV2024
+ */
+export interface AccountItemRefV2024 {
+    /**
+     * The uuid for the account, available under the \'objectguid\' attribute
+     * @type {string}
+     * @memberof AccountItemRefV2024
+     */
+    'accountUuid'?: string | null;
+    /**
+     * The \'distinguishedName\' attribute for the account
+     * @type {string}
+     * @memberof AccountItemRefV2024
+     */
+    'nativeIdentity'?: string;
+}
 /**
  * If an account activity item is associated with an access request, captures details of that request.
  * @export
@@ -5191,6 +5265,52 @@ export interface AccountsExportReportArgumentsV2024 {
      */
     'sourceName': string;
 }
+/**
+ *
+ * @export
+ * @interface AccountsSelectionRequestV2024
+ */
+export interface AccountsSelectionRequestV2024 {
+    /**
+     * A list of Identity IDs for whom the Access is requested.
+     * @type {Array<string>}
+     * @memberof AccountsSelectionRequestV2024
+     */
+    'requestedFor': Array<string>;
+    /**
+     *
+     * @type {AccessRequestTypeV2024}
+     * @memberof AccountsSelectionRequestV2024
+     */
+    'requestType'?: AccessRequestTypeV2024 | null;
+    /**
+     *
+     * @type {Array<AccessRequestItemV2024>}
+     * @memberof AccountsSelectionRequestV2024
+     */
+    'requestedItems': Array<AccessRequestItemV2024>;
+    /**
+     * Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities.
+     * @type {{ [key: string]: string; }}
+     * @memberof AccountsSelectionRequestV2024
+     */
+    'clientMetadata'?: {
+        [key: string]: string;
+    };
+}
+/**
+ *
+ * @export
+ * @interface AccountsSelectionResponseV2024
+ */
+export interface AccountsSelectionResponseV2024 {
+    /**
+     * A list of available account selections per identity in the request, for all the requested items
+     * @type {Array<IdentityAccountSelectionsV2024>}
+     * @memberof AccountsSelectionResponseV2024
+     */
+    'identities'?: Array<IdentityAccountSelectionsV2024>;
+}
 /**
  *
  * @export
@@ -6513,6 +6633,7 @@ export declare const AttributeDefinitionTypeV2024: {
     readonly Long: "LONG";
     readonly Int: "INT";
     readonly Boolean: "BOOLEAN";
+    readonly Date: "DATE";
 };
 export type AttributeDefinitionTypeV2024 = typeof AttributeDefinitionTypeV2024[keyof typeof AttributeDefinitionTypeV2024];
 /**
@@ -15797,6 +15918,30 @@ export interface FeatureValueDtoV2024 {
      */
     'denominator'?: number;
 }
+/**
+ *
+ * @export
+ * @interface FederationProtocolDetailsV2024
+ */
+export interface FederationProtocolDetailsV2024 {
+    /**
+     * Federation protocol role
+     * @type {string}
+     * @memberof FederationProtocolDetailsV2024
+     */
+    'role'?: FederationProtocolDetailsV2024RoleV2024;
+    /**
+     * An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP).
+     * @type {string}
+     * @memberof FederationProtocolDetailsV2024
+     */
+    'entityId'?: string;
+}
+export declare const FederationProtocolDetailsV2024RoleV2024: {
+    readonly SamlIdp: "SAML_IDP";
+    readonly SamlSp: "SAML_SP";
+};
+export type FederationProtocolDetailsV2024RoleV2024 = typeof FederationProtocolDetailsV2024RoleV2024[keyof typeof FederationProtocolDetailsV2024RoleV2024];
 /**
  *
  * @export
@@ -16987,6 +17132,182 @@ export declare const GetActiveCampaigns200ResponseInnerV2024MandatoryCommentRequ
     readonly NoDecisions: "NO_DECISIONS";
 };
 export type GetActiveCampaigns200ResponseInnerV2024MandatoryCommentRequirementV2024 = typeof GetActiveCampaigns200ResponseInnerV2024MandatoryCommentRequirementV2024[keyof typeof GetActiveCampaigns200ResponseInnerV2024MandatoryCommentRequirementV2024];
+/**
+ *
+ * @export
+ * @interface GetCampaign200ResponseV2024
+ */
+export interface GetCampaign200ResponseV2024 {
+    /**
+     * Id of the campaign
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'id'?: string | null;
+    /**
+     * The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'name': string;
+    /**
+     * The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details.
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'description': string | null;
+    /**
+     * The campaign\'s completion deadline.  This date must be in the future in order to activate the campaign.  If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'deadline'?: string | null;
+    /**
+     * The type of campaign. Could be extended in the future.
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'type': GetCampaign200ResponseV2024TypeV2024;
+    /**
+     * Enables email notification for this campaign
+     * @type {boolean}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'emailNotificationEnabled'?: boolean;
+    /**
+     * Allows auto revoke for this campaign
+     * @type {boolean}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'autoRevokeAllowed'?: boolean;
+    /**
+     * Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.
+     * @type {boolean}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'recommendationsEnabled'?: boolean;
+    /**
+     * The campaign\'s current status.
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'status'?: GetCampaign200ResponseV2024StatusV2024 | null;
+    /**
+     * The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'correlatedStatus'?: GetCampaign200ResponseV2024CorrelatedStatusV2024;
+    /**
+     * Created time of the campaign
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'created'?: string | null;
+    /**
+     * The total number of certifications in this campaign.
+     * @type {number}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'totalCertifications'?: number | null;
+    /**
+     * The number of completed certifications in this campaign.
+     * @type {number}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'completedCertifications'?: number | null;
+    /**
+     * A list of errors and warnings that have accumulated.
+     * @type {Array<CampaignAlertV2024>}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'alerts'?: Array<CampaignAlertV2024> | null;
+    /**
+     * Modified time of the campaign
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'modified'?: string | null;
+    /**
+     *
+     * @type {CampaignAllOfFilterV2024}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'filter'?: CampaignAllOfFilterV2024 | null;
+    /**
+     * Determines if comments on sunset date changes are required.
+     * @type {boolean}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'sunsetCommentsRequired'?: boolean;
+    /**
+     *
+     * @type {CampaignAllOfSourceOwnerCampaignInfoV2024}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'sourceOwnerCampaignInfo'?: CampaignAllOfSourceOwnerCampaignInfoV2024 | null;
+    /**
+     *
+     * @type {CampaignAllOfSearchCampaignInfoV2024}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'searchCampaignInfo'?: CampaignAllOfSearchCampaignInfoV2024 | null;
+    /**
+     *
+     * @type {CampaignAllOfRoleCompositionCampaignInfoV2024}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'roleCompositionCampaignInfo'?: CampaignAllOfRoleCompositionCampaignInfoV2024 | null;
+    /**
+     *
+     * @type {CampaignAllOfMachineAccountCampaignInfoV2024}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'machineAccountCampaignInfo'?: CampaignAllOfMachineAccountCampaignInfoV2024 | null;
+    /**
+     * A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).
+     * @type {Array<CampaignAllOfSourcesWithOrphanEntitlementsV2024>}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'sourcesWithOrphanEntitlements'?: Array<CampaignAllOfSourcesWithOrphanEntitlementsV2024> | null;
+    /**
+     * Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.
+     * @type {string}
+     * @memberof GetCampaign200ResponseV2024
+     */
+    'mandatoryCommentRequirement'?: GetCampaign200ResponseV2024MandatoryCommentRequirementV2024;
+}
+export declare const GetCampaign200ResponseV2024TypeV2024: {
+    readonly Manager: "MANAGER";
+    readonly SourceOwner: "SOURCE_OWNER";
+    readonly Search: "SEARCH";
+    readonly RoleComposition: "ROLE_COMPOSITION";
+    readonly MachineAccount: "MACHINE_ACCOUNT";
+};
+export type GetCampaign200ResponseV2024TypeV2024 = typeof GetCampaign200ResponseV2024TypeV2024[keyof typeof GetCampaign200ResponseV2024TypeV2024];
+export declare const GetCampaign200ResponseV2024StatusV2024: {
+    readonly Pending: "PENDING";
+    readonly Staged: "STAGED";
+    readonly Canceling: "CANCELING";
+    readonly Activating: "ACTIVATING";
+    readonly Active: "ACTIVE";
+    readonly Completing: "COMPLETING";
+    readonly Completed: "COMPLETED";
+    readonly Error: "ERROR";
+    readonly Archived: "ARCHIVED";
+};
+export type GetCampaign200ResponseV2024StatusV2024 = typeof GetCampaign200ResponseV2024StatusV2024[keyof typeof GetCampaign200ResponseV2024StatusV2024];
+export declare const GetCampaign200ResponseV2024CorrelatedStatusV2024: {
+    readonly Correlated: "CORRELATED";
+    readonly Uncorrelated: "UNCORRELATED";
+};
+export type GetCampaign200ResponseV2024CorrelatedStatusV2024 = typeof GetCampaign200ResponseV2024CorrelatedStatusV2024[keyof typeof GetCampaign200ResponseV2024CorrelatedStatusV2024];
+export declare const GetCampaign200ResponseV2024MandatoryCommentRequirementV2024: {
+    readonly AllDecisions: "ALL_DECISIONS";
+    readonly RevokeOnlyDecisions: "REVOKE_ONLY_DECISIONS";
+    readonly NoDecisions: "NO_DECISIONS";
+};
+export type GetCampaign200ResponseV2024MandatoryCommentRequirementV2024 = typeof GetCampaign200ResponseV2024MandatoryCommentRequirementV2024[keyof typeof GetCampaign200ResponseV2024MandatoryCommentRequirementV2024];
 /**
  * @type GetDiscoveredApplications200ResponseInnerV2024
  * @export
@@ -17548,6 +17869,43 @@ export type IdentityAccessV2024 = {
 } & AccessProfileEntitlementV2024 | {
     type: 'ROLE';
 } & AccessProfileRoleV2024;
+/**
+ *
+ * @export
+ * @interface IdentityAccountSelectionsV2024
+ */
+export interface IdentityAccountSelectionsV2024 {
+    /**
+     * Available account selections for the identity, per requested item
+     * @type {Array<RequestedItemAccountSelectionsV2024>}
+     * @memberof IdentityAccountSelectionsV2024
+     */
+    'requestedItems'?: Array<RequestedItemAccountSelectionsV2024>;
+    /**
+     * A boolean indicating whether any account selections will be required for the user to raise an access request
+     * @type {boolean}
+     * @memberof IdentityAccountSelectionsV2024
+     */
+    'accountsSelectionRequired'?: boolean;
+    /**
+     *
+     * @type {DtoTypeV2024}
+     * @memberof IdentityAccountSelectionsV2024
+     */
+    'type'?: DtoTypeV2024;
+    /**
+     * The identity id for the user
+     * @type {string}
+     * @memberof IdentityAccountSelectionsV2024
+     */
+    'id'?: string;
+    /**
+     * The name of the identity
+     * @type {string}
+     * @memberof IdentityAccountSelectionsV2024
+     */
+    'name'?: string;
+}
 /**
  *
  * @export
@@ -19674,6 +20032,102 @@ export interface IdentityWithNewAccessV2024 {
      */
     'accessRefs': Array<IdentityWithNewAccessAccessRefsInnerV2024>;
 }
+/**
+ *
+ * @export
+ * @interface IdpDetailsV2024
+ */
+export interface IdpDetailsV2024 {
+    /**
+     * Federation protocol role
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'role'?: IdpDetailsV2024RoleV2024;
+    /**
+     * An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP).
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'entityId'?: string;
+    /**
+     * Defines the binding used for the SAML flow. Used with IDP configurations.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'binding'?: string;
+    /**
+     * Specifies the SAML authentication method to use. Used with IDP configurations.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'authnContext'?: string;
+    /**
+     * The IDP logout URL. Used with IDP configurations.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'logoutUrl'?: string;
+    /**
+     * Determines if the configured AuthnContext should be used or the default. Used with IDP configurations.
+     * @type {boolean}
+     * @memberof IdpDetailsV2024
+     */
+    'includeAuthnContext'?: boolean;
+    /**
+     * The name id format to use. Used with IDP configurations.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'nameId'?: string;
+    /**
+     *
+     * @type {JITConfigurationV2024}
+     * @memberof IdpDetailsV2024
+     */
+    'jitConfiguration'?: JITConfigurationV2024;
+    /**
+     * The Base64-encoded certificate used by the IDP. Used with IDP configurations.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'cert'?: string;
+    /**
+     * The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'loginUrlPost'?: string;
+    /**
+     * The IDP Redirect URL. Used with IDP configurations.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'loginUrlRedirect'?: string;
+    /**
+     * Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'mappingAttribute': string;
+    /**
+     * The expiration date extracted from the certificate.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'certificateExpirationDate'?: string;
+    /**
+     * The name extracted from the certificate.
+     * @type {string}
+     * @memberof IdpDetailsV2024
+     */
+    'certificateName'?: string;
+}
+export declare const IdpDetailsV2024RoleV2024: {
+    readonly SamlIdp: "SAML_IDP";
+    readonly SamlSp: "SAML_SP";
+};
+export type IdpDetailsV2024RoleV2024 = typeof IdpDetailsV2024RoleV2024[keyof typeof IdpDetailsV2024RoleV2024];
 /**
  *
  * @export
@@ -20107,6 +20561,33 @@ export interface InvocationV2024 {
      */
     'contentJson'?: object;
 }
+/**
+ *
+ * @export
+ * @interface JITConfigurationV2024
+ */
+export interface JITConfigurationV2024 {
+    /**
+     * The indicator for just-in-time provisioning enabled
+     * @type {boolean}
+     * @memberof JITConfigurationV2024
+     */
+    'enabled'?: boolean;
+    /**
+     * the sourceId that mapped to just-in-time provisioning configuration
+     * @type {string}
+     * @memberof JITConfigurationV2024
+     */
+    'sourceId'?: string;
+    /**
+     * A mapping of identity profile attribute names to SAML assertion attribute names
+     * @type {{ [key: string]: string; }}
+     * @memberof JITConfigurationV2024
+     */
+    'sourceAttributeMappings'?: {
+        [key: string]: string;
+    };
+}
 /**
  * A JSONPatch Operation as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902)
  * @export
@@ -20448,6 +20929,7 @@ export interface LifecyclestateDeletedV2024 {
 }
 export declare const LifecyclestateDeletedV2024TypeV2024: {
     readonly LifecycleState: "LIFECYCLE_STATE";
+    readonly TaskResult: "TASK_RESULT";
 };
 export type LifecyclestateDeletedV2024TypeV2024 = typeof LifecyclestateDeletedV2024TypeV2024[keyof typeof LifecyclestateDeletedV2024TypeV2024];
 /**
@@ -21174,6 +21656,31 @@ export interface LocalizedMessageV2024 {
      */
     'message': string;
 }
+/**
+ *
+ * @export
+ * @interface LockoutConfigurationV2024
+ */
+export interface LockoutConfigurationV2024 {
+    /**
+     * The maximum attempts allowed before lockout occurs.
+     * @type {number}
+     * @memberof LockoutConfigurationV2024
+     */
+    'maximumAttempts'?: number;
+    /**
+     * The total time in minutes a user will be locked out.
+     * @type {number}
+     * @memberof LockoutConfigurationV2024
+     */
+    'lockoutDuration'?: number;
+    /**
+     * A rolling window where authentication attempts in a series count towards the maximum before lockout occurs.
+     * @type {number}
+     * @memberof LockoutConfigurationV2024
+     */
+    'lockoutWindow'?: number;
+}
 /**
  * The definition of an Identity according to the Reassignment Configuration service
  * @export
@@ -27179,7 +27686,7 @@ export interface ProvisioningPolicyDtoV2024 {
      * @type {string}
      * @memberof ProvisioningPolicyDtoV2024
      */
-    'name': string;
+    'name': string | null;
     /**
      * the description of the provisioning policy
      * @type {string}
@@ -27210,7 +27717,7 @@ export interface ProvisioningPolicyV2024 {
      * @type {string}
      * @memberof ProvisioningPolicyV2024
      */
-    'name': string;
+    'name': string | null;
     /**
      * the description of the provisioning policy
      * @type {string}
@@ -28701,6 +29208,80 @@ export interface RequestedAccountRefV2024 {
      */
     'sourceName'?: string;
 }
+/**
+ *
+ * @export
+ * @interface RequestedForDtoRefV2024
+ */
+export interface RequestedForDtoRefV2024 {
+    /**
+     * The identity id for which the access is requested
+     * @type {string}
+     * @memberof RequestedForDtoRefV2024
+     */
+    'identityId': string;
+    /**
+     * the details for the access items that are requested for the identity
+     * @type {Array<RequestedItemDtoRefV2024>}
+     * @memberof RequestedForDtoRefV2024
+     */
+    'requestedItems': Array<RequestedItemDtoRefV2024>;
+}
+/**
+ *
+ * @export
+ * @interface RequestedItemAccountSelectionsV2024
+ */
+export interface RequestedItemAccountSelectionsV2024 {
+    /**
+     * The description for this requested item
+     * @type {string}
+     * @memberof RequestedItemAccountSelectionsV2024
+     */
+    'description'?: string;
+    /**
+     * This field indicates if account selections are not allowed for this requested item. * If true, this field indicates that account selections will not be available for this item and user combination. In this case, no account selections should be provided in the access request for this item and user combination, irrespective of whether the user has single or multiple accounts on a source. * An example is where a user is requesting an access profile that is already assigned to one of their accounts.
+     * @type {boolean}
+     * @memberof RequestedItemAccountSelectionsV2024
+     */
+    'accountsSelectionBlocked'?: boolean;
+    /**
+     * If account selections are not allowed for an item, this field will denote the reason.
+     * @type {string}
+     * @memberof RequestedItemAccountSelectionsV2024
+     */
+    'accountsSelectionBlockedReason'?: string | null;
+    /**
+     * The type of the item being requested.
+     * @type {string}
+     * @memberof RequestedItemAccountSelectionsV2024
+     */
+    'type'?: RequestedItemAccountSelectionsV2024TypeV2024;
+    /**
+     * The id of the requested item
+     * @type {string}
+     * @memberof RequestedItemAccountSelectionsV2024
+     */
+    'id'?: string;
+    /**
+     * The name of the requested item
+     * @type {string}
+     * @memberof RequestedItemAccountSelectionsV2024
+     */
+    'name'?: string;
+    /**
+     * The details for the sources and accounts for the requested item and identity combination
+     * @type {Array<SourceAccountSelectionsV2024>}
+     * @memberof RequestedItemAccountSelectionsV2024
+     */
+    'sources'?: Array<SourceAccountSelectionsV2024>;
+}
+export declare const RequestedItemAccountSelectionsV2024TypeV2024: {
+    readonly AccessProfile: "ACCESS_PROFILE";
+    readonly Role: "ROLE";
+    readonly Entitlement: "ENTITLEMENT";
+};
+export type RequestedItemAccountSelectionsV2024TypeV2024 = typeof RequestedItemAccountSelectionsV2024TypeV2024[keyof typeof RequestedItemAccountSelectionsV2024TypeV2024];
 /**
  *
  * @export
@@ -28726,6 +29307,69 @@ export declare const RequestedItemDetailsV2024TypeV2024: {
     readonly Role: "ROLE";
 };
 export type RequestedItemDetailsV2024TypeV2024 = typeof RequestedItemDetailsV2024TypeV2024[keyof typeof RequestedItemDetailsV2024TypeV2024];
+/**
+ *
+ * @export
+ * @interface RequestedItemDtoRefV2024
+ */
+export interface RequestedItemDtoRefV2024 {
+    /**
+     * The type of the item being requested.
+     * @type {string}
+     * @memberof RequestedItemDtoRefV2024
+     */
+    'type': RequestedItemDtoRefV2024TypeV2024;
+    /**
+     * ID of Role, Access Profile or Entitlement being requested.
+     * @type {string}
+     * @memberof RequestedItemDtoRefV2024
+     */
+    'id': string;
+    /**
+     * Comment provided by requester. * Comment is required when the request is of type Revoke Access.
+     * @type {string}
+     * @memberof RequestedItemDtoRefV2024
+     */
+    'comment'?: string;
+    /**
+     * Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status.
+     * @type {{ [key: string]: string; }}
+     * @memberof RequestedItemDtoRefV2024
+     */
+    'clientMetadata'?: {
+        [key: string]: string;
+    };
+    /**
+     * The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration.
+     * @type {string}
+     * @memberof RequestedItemDtoRefV2024
+     */
+    'removeDate'?: string;
+    /**
+     * The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source.
+     * @type {string}
+     * @memberof RequestedItemDtoRefV2024
+     */
+    'assignmentId'?: string | null;
+    /**
+     * The \'distinguishedName\' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source.
+     * @type {string}
+     * @memberof RequestedItemDtoRefV2024
+     */
+    'nativeIdentity'?: string | null;
+    /**
+     * The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account
+     * @type {Array<SourceItemRefV2024>}
+     * @memberof RequestedItemDtoRefV2024
+     */
+    'accountSelection'?: Array<SourceItemRefV2024> | null;
+}
+export declare const RequestedItemDtoRefV2024TypeV2024: {
+    readonly AccessProfile: "ACCESS_PROFILE";
+    readonly Role: "ROLE";
+    readonly Entitlement: "ENTITLEMENT";
+};
+export type RequestedItemDtoRefV2024TypeV2024 = typeof RequestedItemDtoRefV2024TypeV2024[keyof typeof RequestedItemDtoRefV2024TypeV2024];
 /**
  *
  * @export
@@ -34822,6 +35466,176 @@ export declare const ServiceDeskSourceV2024TypeV2024: {
     readonly Source: "SOURCE";
 };
 export type ServiceDeskSourceV2024TypeV2024 = typeof ServiceDeskSourceV2024TypeV2024[keyof typeof ServiceDeskSourceV2024TypeV2024];
+/**
+ *
+ * @export
+ * @interface ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+ */
+export interface ServiceProviderConfigurationFederationProtocolDetailsInnerV2024 {
+    /**
+     * Federation protocol role
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'role'?: ServiceProviderConfigurationFederationProtocolDetailsInnerV2024RoleV2024;
+    /**
+     * An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP).
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'entityId'?: string;
+    /**
+     * Defines the binding used for the SAML flow. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'binding'?: string;
+    /**
+     * Specifies the SAML authentication method to use. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'authnContext'?: string;
+    /**
+     * The IDP logout URL. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'logoutUrl'?: string;
+    /**
+     * Determines if the configured AuthnContext should be used or the default. Used with IDP configurations.
+     * @type {boolean}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'includeAuthnContext'?: boolean;
+    /**
+     * The name id format to use. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'nameId'?: string;
+    /**
+     *
+     * @type {JITConfigurationV2024}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'jitConfiguration'?: JITConfigurationV2024;
+    /**
+     * The Base64-encoded certificate used by the IDP. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'cert'?: string;
+    /**
+     * The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'loginUrlPost'?: string;
+    /**
+     * The IDP Redirect URL. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'loginUrlRedirect'?: string;
+    /**
+     * Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'mappingAttribute': string;
+    /**
+     * The expiration date extracted from the certificate.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'certificateExpirationDate'?: string;
+    /**
+     * The name extracted from the certificate.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'certificateName'?: string;
+    /**
+     * Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'alias'?: string;
+    /**
+     * The allowed callback URL where users will be redirected to after authentication. Used with SP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'callbackUrl': string;
+    /**
+     * The legacy ACS URL used for SAML authentication. Used with SP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024
+     */
+    'legacyAcsUrl'?: string;
+}
+export declare const ServiceProviderConfigurationFederationProtocolDetailsInnerV2024RoleV2024: {
+    readonly SamlIdp: "SAML_IDP";
+    readonly SamlSp: "SAML_SP";
+};
+export type ServiceProviderConfigurationFederationProtocolDetailsInnerV2024RoleV2024 = typeof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024RoleV2024[keyof typeof ServiceProviderConfigurationFederationProtocolDetailsInnerV2024RoleV2024];
+/**
+ * Represents the IdentityNow as Service Provider Configuration allowing customers to log into IDN via an Identity Provider
+ * @export
+ * @interface ServiceProviderConfigurationV2024
+ */
+export interface ServiceProviderConfigurationV2024 {
+    /**
+     * This determines whether or not the SAML authentication flow is enabled for an org
+     * @type {boolean}
+     * @memberof ServiceProviderConfigurationV2024
+     */
+    'enabled'?: boolean;
+    /**
+     * This allows basic login with the parameter prompt=true. This is often toggled on when debugging SAML authentication setup. When false, only org admins with MFA-enabled can bypass the IDP.
+     * @type {boolean}
+     * @memberof ServiceProviderConfigurationV2024
+     */
+    'bypassIdp'?: boolean;
+    /**
+     * This indicates whether or not the SAML configuration is valid.
+     * @type {boolean}
+     * @memberof ServiceProviderConfigurationV2024
+     */
+    'samlConfigurationValid'?: boolean;
+    /**
+     * A list of the abstract implementations of the Federation Protocol details. Typically, this will include on SpDetails object and one IdpDetails object used in tandem to define a SAML integration between a customer\'s identity provider and a customer\'s SailPoint instance (i.e., the service provider).
+     * @type {Array<ServiceProviderConfigurationFederationProtocolDetailsInnerV2024>}
+     * @memberof ServiceProviderConfigurationV2024
+     */
+    'federationProtocolDetails'?: Array<ServiceProviderConfigurationFederationProtocolDetailsInnerV2024>;
+}
+/**
+ *
+ * @export
+ * @interface SessionConfigurationV2024
+ */
+export interface SessionConfigurationV2024 {
+    /**
+     * The maximum time in minutes a session can be idle.
+     * @type {number}
+     * @memberof SessionConfigurationV2024
+     */
+    'maxIdleTime'?: number;
+    /**
+     * Denotes if \'remember me\' is enabled.
+     * @type {boolean}
+     * @memberof SessionConfigurationV2024
+     */
+    'rememberMe'?: boolean;
+    /**
+     * The maximum allowable session time in minutes.
+     * @type {number}
+     * @memberof SessionConfigurationV2024
+     */
+    'maxSessionTime'?: number;
+}
 /**
  *
  * @export
@@ -35832,6 +36646,37 @@ export interface SourceAccountDeletedV2024 {
         [key: string]: any;
     };
 }
+/**
+ *
+ * @export
+ * @interface SourceAccountSelectionsV2024
+ */
+export interface SourceAccountSelectionsV2024 {
+    /**
+     *
+     * @type {DtoTypeV2024}
+     * @memberof SourceAccountSelectionsV2024
+     */
+    'type'?: DtoTypeV2024;
+    /**
+     * The source id
+     * @type {string}
+     * @memberof SourceAccountSelectionsV2024
+     */
+    'id'?: string;
+    /**
+     * The source name
+     * @type {string}
+     * @memberof SourceAccountSelectionsV2024
+     */
+    'name'?: string;
+    /**
+     * The accounts information for a particular source in the requested item
+     * @type {Array<AccountInfoRefV2024>}
+     * @memberof SourceAccountSelectionsV2024
+     */
+    'accounts'?: Array<AccountInfoRefV2024>;
+}
 /**
  *
  * @export
@@ -36601,6 +37446,25 @@ export declare const SourceHealthDtoV2024StatusV2024: {
     readonly SourceStateErrorAccountFileImport: "SOURCE_STATE_ERROR_ACCOUNT_FILE_IMPORT";
 };
 export type SourceHealthDtoV2024StatusV2024 = typeof SourceHealthDtoV2024StatusV2024[keyof typeof SourceHealthDtoV2024StatusV2024];
+/**
+ *
+ * @export
+ * @interface SourceItemRefV2024
+ */
+export interface SourceItemRefV2024 {
+    /**
+     * The id for the source on which account selections are made
+     * @type {string}
+     * @memberof SourceItemRefV2024
+     */
+    'sourceId'?: string | null;
+    /**
+     * A list of account selections on the source. Currently, only one selection per source is supported.
+     * @type {Array<AccountItemRefV2024>}
+     * @memberof SourceItemRefV2024
+     */
+    'accounts'?: Array<AccountItemRefV2024> | null;
+}
 /**
  * Reference to management workgroup for the source.
  * @export
@@ -37681,6 +38545,48 @@ export interface SpConfigRulesV2024 {
      */
     'editable'?: boolean;
 }
+/**
+ *
+ * @export
+ * @interface SpDetailsV2024
+ */
+export interface SpDetailsV2024 {
+    /**
+     * Federation protocol role
+     * @type {string}
+     * @memberof SpDetailsV2024
+     */
+    'role'?: SpDetailsV2024RoleV2024;
+    /**
+     * An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP).
+     * @type {string}
+     * @memberof SpDetailsV2024
+     */
+    'entityId'?: string;
+    /**
+     * Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations.
+     * @type {string}
+     * @memberof SpDetailsV2024
+     */
+    'alias'?: string;
+    /**
+     * The allowed callback URL where users will be redirected to after authentication. Used with SP configurations.
+     * @type {string}
+     * @memberof SpDetailsV2024
+     */
+    'callbackUrl': string;
+    /**
+     * The legacy ACS URL used for SAML authentication. Used with SP configurations.
+     * @type {string}
+     * @memberof SpDetailsV2024
+     */
+    'legacyAcsUrl'?: string;
+}
+export declare const SpDetailsV2024RoleV2024: {
+    readonly SamlIdp: "SAML_IDP";
+    readonly SamlSp: "SAML_SP";
+};
+export type SpDetailsV2024RoleV2024 = typeof SpDetailsV2024RoleV2024[keyof typeof SpDetailsV2024RoleV2024];
 /**
  *
  * @export
@@ -43465,7 +44371,7 @@ export declare const AccessRequestsV2024ApiAxiosParamCreator: (configuration?: C
      */
     closeAccessRequest: (closeAccessRequestV2024: CloseAccessRequestV2024, xSailPointExperimental?: string, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
     /**
-     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
+     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields.
      * @summary Submit Access Request
      * @param {AccessRequestV2024} accessRequestV2024
      * @param {*} [axiosOptions] Override http request option.
@@ -43513,6 +44419,14 @@ export declare const AccessRequestsV2024ApiAxiosParamCreator: (configuration?: C
      * @throws {RequiredError}
      */
     listAdministratorsAccessRequestStatus: (requestedFor?: string, requestedBy?: string, regardingIdentity?: string, assignedTo?: string, count?: boolean, limit?: number, offset?: number, filters?: string, sorters?: string, requestState?: string, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
+    /**
+     * Use this API to fetch account information for an identity against the items in an access request.  Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
+     * @summary Get accounts selections for identity
+     * @param {AccountsSelectionRequestV2024} accountsSelectionRequestV2024
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    loadAccountSelections: (accountsSelectionRequestV2024: AccountsSelectionRequestV2024, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
     /**
      * This endpoint replaces the current access-request configuration.
      * @summary Update Access Request Configuration
@@ -43561,7 +44475,7 @@ export declare const AccessRequestsV2024ApiFp: (configuration?: Configuration) =
      */
     closeAccessRequest(closeAccessRequestV2024: CloseAccessRequestV2024, xSailPointExperimental?: string, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<object>>;
     /**
-     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
+     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields.
      * @summary Submit Access Request
      * @param {AccessRequestV2024} accessRequestV2024
      * @param {*} [axiosOptions] Override http request option.
@@ -43609,6 +44523,14 @@ export declare const AccessRequestsV2024ApiFp: (configuration?: Configuration) =
      * @throws {RequiredError}
      */
     listAdministratorsAccessRequestStatus(requestedFor?: string, requestedBy?: string, regardingIdentity?: string, assignedTo?: string, count?: boolean, limit?: number, offset?: number, filters?: string, sorters?: string, requestState?: string, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Array<AccessRequestAdminItemStatusV2024>>>;
+    /**
+     * Use this API to fetch account information for an identity against the items in an access request.  Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
+     * @summary Get accounts selections for identity
+     * @param {AccountsSelectionRequestV2024} accountsSelectionRequestV2024
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    loadAccountSelections(accountsSelectionRequestV2024: AccountsSelectionRequestV2024, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<AccountsSelectionResponseV2024>>;
     /**
      * This endpoint replaces the current access-request configuration.
      * @summary Update Access Request Configuration
@@ -43656,7 +44578,7 @@ export declare const AccessRequestsV2024ApiFactory: (configuration?: Configurati
      */
     closeAccessRequest(requestParameters: AccessRequestsV2024ApiCloseAccessRequestRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<object>;
     /**
-     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
+     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields.
      * @summary Submit Access Request
      * @param {AccessRequestsV2024ApiCreateAccessRequestRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
@@ -43686,6 +44608,14 @@ export declare const AccessRequestsV2024ApiFactory: (configuration?: Configurati
      * @throws {RequiredError}
      */
     listAdministratorsAccessRequestStatus(requestParameters?: AccessRequestsV2024ApiListAdministratorsAccessRequestStatusRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<Array<AccessRequestAdminItemStatusV2024>>;
+    /**
+     * Use this API to fetch account information for an identity against the items in an access request.  Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
+     * @summary Get accounts selections for identity
+     * @param {AccessRequestsV2024ApiLoadAccountSelectionsRequest} requestParameters Request parameters.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    loadAccountSelections(requestParameters: AccessRequestsV2024ApiLoadAccountSelectionsRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<AccountsSelectionResponseV2024>;
     /**
      * This endpoint replaces the current access-request configuration.
      * @summary Update Access Request Configuration
@@ -43900,6 +44830,19 @@ export interface AccessRequestsV2024ApiListAdministratorsAccessRequestStatusRequ
      */
     readonly requestState?: string;
 }
+/**
+ * Request parameters for loadAccountSelections operation in AccessRequestsV2024Api.
+ * @export
+ * @interface AccessRequestsV2024ApiLoadAccountSelectionsRequest
+ */
+export interface AccessRequestsV2024ApiLoadAccountSelectionsRequest {
+    /**
+     *
+     * @type {AccountsSelectionRequestV2024}
+     * @memberof AccessRequestsV2024ApiLoadAccountSelections
+     */
+    readonly accountsSelectionRequestV2024: AccountsSelectionRequestV2024;
+}
 /**
  * Request parameters for setAccessRequestConfig operation in AccessRequestsV2024Api.
  * @export
@@ -43957,7 +44900,7 @@ export declare class AccessRequestsV2024Api extends BaseAPI {
      */
     closeAccessRequest(requestParameters: AccessRequestsV2024ApiCloseAccessRequestRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<object, any>>;
     /**
-     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone.
+     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields.
      * @summary Submit Access Request
      * @param {AccessRequestsV2024ApiCreateAccessRequestRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
@@ -43991,6 +44934,15 @@ export declare class AccessRequestsV2024Api extends BaseAPI {
      * @memberof AccessRequestsV2024Api
      */
     listAdministratorsAccessRequestStatus(requestParameters?: AccessRequestsV2024ApiListAdministratorsAccessRequestStatusRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<AccessRequestAdminItemStatusV2024[], any>>;
+    /**
+     * Use this API to fetch account information for an identity against the items in an access request.  Used to fetch accountSelection for the AccessRequest prior to submitting for async processing.
+     * @summary Get accounts selections for identity
+     * @param {AccessRequestsV2024ApiLoadAccountSelectionsRequest} requestParameters Request parameters.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     * @memberof AccessRequestsV2024Api
+     */
+    loadAccountSelections(requestParameters: AccessRequestsV2024ApiLoadAccountSelectionsRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<AccountsSelectionResponseV2024, any>>;
     /**
      * This endpoint replaces the current access-request configuration.
      * @summary Update Access Request Configuration
@@ -47834,7 +48786,7 @@ export declare const CertificationCampaignsV2024ApiFp: (configuration?: Configur
      * @param {*} [axiosOptions] Override http request option.
      * @throws {RequiredError}
      */
-    getCampaign(id: string, detail?: GetCampaignDetailV2024, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<GetActiveCampaigns200ResponseInnerV2024>>;
+    getCampaign(id: string, detail?: GetCampaignDetailV2024, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<GetCampaign200ResponseV2024>>;
     /**
      * Use this API to fetch all reports for a certification campaign by campaign ID.
      * @summary Get Campaign Reports
@@ -48025,7 +48977,7 @@ export declare const CertificationCampaignsV2024ApiFactory: (configuration?: Con
      * @param {*} [axiosOptions] Override http request option.
      * @throws {RequiredError}
      */
-    getCampaign(requestParameters: CertificationCampaignsV2024ApiGetCampaignRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<GetActiveCampaigns200ResponseInnerV2024>;
+    getCampaign(requestParameters: CertificationCampaignsV2024ApiGetCampaignRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<GetCampaign200ResponseV2024>;
     /**
      * Use this API to fetch all reports for a certification campaign by campaign ID.
      * @summary Get Campaign Reports
@@ -48591,7 +49543,7 @@ export declare class CertificationCampaignsV2024Api extends BaseAPI {
      * @throws {RequiredError}
      * @memberof CertificationCampaignsV2024Api
      */
-    getCampaign(requestParameters: CertificationCampaignsV2024ApiGetCampaignRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<GetActiveCampaigns200ResponseInnerV2024, any>>;
+    getCampaign(requestParameters: CertificationCampaignsV2024ApiGetCampaignRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<GetCampaign200ResponseV2024, any>>;
     /**
      * Use this API to fetch all reports for a certification campaign by campaign ID.
      * @summary Get Campaign Reports
@@ -55468,6 +56420,13 @@ export declare const GlobalTenantSecuritySettingsV2024ApiAxiosParamCreator: (con
      * @throws {RequiredError}
      */
     createAuthOrgNetworkConfig: (networkConfigurationV2024: NetworkConfigurationV2024, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
+    /**
+     * This API returns the details of an org\'s lockout auth configuration.
+     * @summary Get Auth Org Lockout Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgLockoutConfig: (axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
     /**
      * This API returns the details of an org\'s network auth configuration.
      * @summary Get security network configuration.
@@ -55475,6 +56434,28 @@ export declare const GlobalTenantSecuritySettingsV2024ApiAxiosParamCreator: (con
      * @throws {RequiredError}
      */
     getAuthOrgNetworkConfig: (axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
+    /**
+     * This API returns the details of an org\'s service provider auth configuration.
+     * @summary Get Service Provider Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgServiceProviderConfig: (axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
+    /**
+     * This API returns the details of an org\'s session auth configuration.
+     * @summary Get Auth Org Session Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgSessionConfig: (axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
+    /**
+     * This API updates an existing lockout configuration for an org using PATCH
+     * @summary Update Auth Org Lockout Configuration
+     * @param {Array<JsonPatchOperationV2024>} jsonPatchOperationV2024 A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are:   &#x60;1. maximumAttempts &gt;&#x3D; 1 &amp;&amp; maximumAttempts &lt;&#x3D; 15   2. lockoutDuration &gt;&#x3D; 5 &amp;&amp; lockoutDuration &lt;&#x3D; 60   3. lockoutWindow &gt;&#x3D; 5 &amp;&amp; lockoutDuration &lt;&#x3D; 60&#x60;
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgLockoutConfig: (jsonPatchOperationV2024: Array<JsonPatchOperationV2024>, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
     /**
      * This API updates an existing network configuration for an org using PATCH  Requires security scope of:  \'sp:auth-org:manage\'
      * @summary Update security network configuration.
@@ -55483,6 +56464,22 @@ export declare const GlobalTenantSecuritySettingsV2024ApiAxiosParamCreator: (con
      * @throws {RequiredError}
      */
     patchAuthOrgNetworkConfig: (jsonPatchOperationV2024: Array<JsonPatchOperationV2024>, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
+    /**
+     * This API updates an existing service provider configuration for an org using PATCH.
+     * @summary Update Service Provider Configuration
+     * @param {Array<JsonPatchOperationV2024>} jsonPatchOperationV2024 A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are:   1. Do not add or remove any elements in the federation protocol details in the service provider configuration.   2. Do not modify, add, or delete the service provider details element in the federation protocol details.   3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails.   4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID.   5. Any JIT configuration update must be valid.  Just in time configuration update must be valid when enabled. This includes:   - A Source ID   - Source attribute mappings   - Source attribute maps have all the required key values (firstName, lastName, email)
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgServiceProviderConfig: (jsonPatchOperationV2024: Array<JsonPatchOperationV2024>, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
+    /**
+     * This API updates an existing session configuration for an org using PATCH.
+     * @summary Update Auth Org Session Configuration
+     * @param {Array<JsonPatchOperationV2024>} jsonPatchOperationV2024 A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.  Ensures that the patched Session Config conforms to certain logical guidelines, which are:   &#x60;1. maxSessionTime &gt;&#x3D; 1 &amp;&amp; maxSessionTime &lt;&#x3D; 10080 (1 week)   2. maxIdleTime &gt;&#x3D; 1 &amp;&amp; maxIdleTime &lt;&#x3D; 1440 (1 day)   3. maxSessionTime must have a greater duration than maxIdleTime.&#x60;
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgSessionConfig: (jsonPatchOperationV2024: Array<JsonPatchOperationV2024>, axiosOptions?: RawAxiosRequestConfig) => Promise<RequestArgs>;
 };
 /**
  * GlobalTenantSecuritySettingsV2024Api - functional programming interface
@@ -55497,6 +56494,13 @@ export declare const GlobalTenantSecuritySettingsV2024ApiFp: (configuration?: Co
      * @throws {RequiredError}
      */
     createAuthOrgNetworkConfig(networkConfigurationV2024: NetworkConfigurationV2024, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<NetworkConfigurationV2024>>;
+    /**
+     * This API returns the details of an org\'s lockout auth configuration.
+     * @summary Get Auth Org Lockout Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgLockoutConfig(axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<LockoutConfigurationV2024>>;
     /**
      * This API returns the details of an org\'s network auth configuration.
      * @summary Get security network configuration.
@@ -55504,6 +56508,28 @@ export declare const GlobalTenantSecuritySettingsV2024ApiFp: (configuration?: Co
      * @throws {RequiredError}
      */
     getAuthOrgNetworkConfig(axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<NetworkConfigurationV2024>>;
+    /**
+     * This API returns the details of an org\'s service provider auth configuration.
+     * @summary Get Service Provider Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgServiceProviderConfig(axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<ServiceProviderConfigurationV2024>>;
+    /**
+     * This API returns the details of an org\'s session auth configuration.
+     * @summary Get Auth Org Session Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgSessionConfig(axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<SessionConfigurationV2024>>;
+    /**
+     * This API updates an existing lockout configuration for an org using PATCH
+     * @summary Update Auth Org Lockout Configuration
+     * @param {Array<JsonPatchOperationV2024>} jsonPatchOperationV2024 A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are:   &#x60;1. maximumAttempts &gt;&#x3D; 1 &amp;&amp; maximumAttempts &lt;&#x3D; 15   2. lockoutDuration &gt;&#x3D; 5 &amp;&amp; lockoutDuration &lt;&#x3D; 60   3. lockoutWindow &gt;&#x3D; 5 &amp;&amp; lockoutDuration &lt;&#x3D; 60&#x60;
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgLockoutConfig(jsonPatchOperationV2024: Array<JsonPatchOperationV2024>, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<LockoutConfigurationV2024>>;
     /**
      * This API updates an existing network configuration for an org using PATCH  Requires security scope of:  \'sp:auth-org:manage\'
      * @summary Update security network configuration.
@@ -55512,6 +56538,22 @@ export declare const GlobalTenantSecuritySettingsV2024ApiFp: (configuration?: Co
      * @throws {RequiredError}
      */
     patchAuthOrgNetworkConfig(jsonPatchOperationV2024: Array<JsonPatchOperationV2024>, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<NetworkConfigurationV2024>>;
+    /**
+     * This API updates an existing service provider configuration for an org using PATCH.
+     * @summary Update Service Provider Configuration
+     * @param {Array<JsonPatchOperationV2024>} jsonPatchOperationV2024 A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are:   1. Do not add or remove any elements in the federation protocol details in the service provider configuration.   2. Do not modify, add, or delete the service provider details element in the federation protocol details.   3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails.   4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID.   5. Any JIT configuration update must be valid.  Just in time configuration update must be valid when enabled. This includes:   - A Source ID   - Source attribute mappings   - Source attribute maps have all the required key values (firstName, lastName, email)
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgServiceProviderConfig(jsonPatchOperationV2024: Array<JsonPatchOperationV2024>, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<ServiceProviderConfigurationV2024>>;
+    /**
+     * This API updates an existing session configuration for an org using PATCH.
+     * @summary Update Auth Org Session Configuration
+     * @param {Array<JsonPatchOperationV2024>} jsonPatchOperationV2024 A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.  Ensures that the patched Session Config conforms to certain logical guidelines, which are:   &#x60;1. maxSessionTime &gt;&#x3D; 1 &amp;&amp; maxSessionTime &lt;&#x3D; 10080 (1 week)   2. maxIdleTime &gt;&#x3D; 1 &amp;&amp; maxIdleTime &lt;&#x3D; 1440 (1 day)   3. maxSessionTime must have a greater duration than maxIdleTime.&#x60;
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgSessionConfig(jsonPatchOperationV2024: Array<JsonPatchOperationV2024>, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<SessionConfigurationV2024>>;
 };
 /**
  * GlobalTenantSecuritySettingsV2024Api - factory interface
@@ -55526,6 +56568,13 @@ export declare const GlobalTenantSecuritySettingsV2024ApiFactory: (configuration
      * @throws {RequiredError}
      */
     createAuthOrgNetworkConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiCreateAuthOrgNetworkConfigRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<NetworkConfigurationV2024>;
+    /**
+     * This API returns the details of an org\'s lockout auth configuration.
+     * @summary Get Auth Org Lockout Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgLockoutConfig(axiosOptions?: RawAxiosRequestConfig): AxiosPromise<LockoutConfigurationV2024>;
     /**
      * This API returns the details of an org\'s network auth configuration.
      * @summary Get security network configuration.
@@ -55533,6 +56582,28 @@ export declare const GlobalTenantSecuritySettingsV2024ApiFactory: (configuration
      * @throws {RequiredError}
      */
     getAuthOrgNetworkConfig(axiosOptions?: RawAxiosRequestConfig): AxiosPromise<NetworkConfigurationV2024>;
+    /**
+     * This API returns the details of an org\'s service provider auth configuration.
+     * @summary Get Service Provider Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgServiceProviderConfig(axiosOptions?: RawAxiosRequestConfig): AxiosPromise<ServiceProviderConfigurationV2024>;
+    /**
+     * This API returns the details of an org\'s session auth configuration.
+     * @summary Get Auth Org Session Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    getAuthOrgSessionConfig(axiosOptions?: RawAxiosRequestConfig): AxiosPromise<SessionConfigurationV2024>;
+    /**
+     * This API updates an existing lockout configuration for an org using PATCH
+     * @summary Update Auth Org Lockout Configuration
+     * @param {GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgLockoutConfigRequest} requestParameters Request parameters.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgLockoutConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgLockoutConfigRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<LockoutConfigurationV2024>;
     /**
      * This API updates an existing network configuration for an org using PATCH  Requires security scope of:  \'sp:auth-org:manage\'
      * @summary Update security network configuration.
@@ -55541,6 +56612,22 @@ export declare const GlobalTenantSecuritySettingsV2024ApiFactory: (configuration
      * @throws {RequiredError}
      */
     patchAuthOrgNetworkConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgNetworkConfigRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<NetworkConfigurationV2024>;
+    /**
+     * This API updates an existing service provider configuration for an org using PATCH.
+     * @summary Update Service Provider Configuration
+     * @param {GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgServiceProviderConfigRequest} requestParameters Request parameters.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgServiceProviderConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgServiceProviderConfigRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<ServiceProviderConfigurationV2024>;
+    /**
+     * This API updates an existing session configuration for an org using PATCH.
+     * @summary Update Auth Org Session Configuration
+     * @param {GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgSessionConfigRequest} requestParameters Request parameters.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     */
+    patchAuthOrgSessionConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgSessionConfigRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<SessionConfigurationV2024>;
 };
 /**
  * Request parameters for createAuthOrgNetworkConfig operation in GlobalTenantSecuritySettingsV2024Api.
@@ -55555,6 +56642,19 @@ export interface GlobalTenantSecuritySettingsV2024ApiCreateAuthOrgNetworkConfigR
      */
     readonly networkConfigurationV2024: NetworkConfigurationV2024;
 }
+/**
+ * Request parameters for patchAuthOrgLockoutConfig operation in GlobalTenantSecuritySettingsV2024Api.
+ * @export
+ * @interface GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgLockoutConfigRequest
+ */
+export interface GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgLockoutConfigRequest {
+    /**
+     * A list of auth org lockout configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Ensures that the patched Lockout Config conforms to certain logical guidelines, which are:   &#x60;1. maximumAttempts &gt;&#x3D; 1 &amp;&amp; maximumAttempts &lt;&#x3D; 15   2. lockoutDuration &gt;&#x3D; 5 &amp;&amp; lockoutDuration &lt;&#x3D; 60   3. lockoutWindow &gt;&#x3D; 5 &amp;&amp; lockoutDuration &lt;&#x3D; 60&#x60;
+     * @type {Array<JsonPatchOperationV2024>}
+     * @memberof GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgLockoutConfig
+     */
+    readonly jsonPatchOperationV2024: Array<JsonPatchOperationV2024>;
+}
 /**
  * Request parameters for patchAuthOrgNetworkConfig operation in GlobalTenantSecuritySettingsV2024Api.
  * @export
@@ -55568,6 +56668,32 @@ export interface GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgNetworkConfigRe
      */
     readonly jsonPatchOperationV2024: Array<JsonPatchOperationV2024>;
 }
+/**
+ * Request parameters for patchAuthOrgServiceProviderConfig operation in GlobalTenantSecuritySettingsV2024Api.
+ * @export
+ * @interface GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgServiceProviderConfigRequest
+ */
+export interface GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgServiceProviderConfigRequest {
+    /**
+     * A list of auth org service provider configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. Note: /federationProtocolDetails/0 is IdpDetails /federationProtocolDetails/1 is SpDetails Ensures that the patched ServiceProviderConfig conforms to certain logical guidelines, which are:   1. Do not add or remove any elements in the federation protocol details in the service provider configuration.   2. Do not modify, add, or delete the service provider details element in the federation protocol details.   3. If this is the first time the patched ServiceProviderConfig enables Remote IDP sign-in, it must also include IDPDetails.   4. If the patch enables Remote IDP sign in, the entityID in the IDPDetails cannot be null. IDPDetails must include an entityID.   5. Any JIT configuration update must be valid.  Just in time configuration update must be valid when enabled. This includes:   - A Source ID   - Source attribute mappings   - Source attribute maps have all the required key values (firstName, lastName, email)
+     * @type {Array<JsonPatchOperationV2024>}
+     * @memberof GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgServiceProviderConfig
+     */
+    readonly jsonPatchOperationV2024: Array<JsonPatchOperationV2024>;
+}
+/**
+ * Request parameters for patchAuthOrgSessionConfig operation in GlobalTenantSecuritySettingsV2024Api.
+ * @export
+ * @interface GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgSessionConfigRequest
+ */
+export interface GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgSessionConfigRequest {
+    /**
+     * A list of auth org session configuration update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.  Ensures that the patched Session Config conforms to certain logical guidelines, which are:   &#x60;1. maxSessionTime &gt;&#x3D; 1 &amp;&amp; maxSessionTime &lt;&#x3D; 10080 (1 week)   2. maxIdleTime &gt;&#x3D; 1 &amp;&amp; maxIdleTime &lt;&#x3D; 1440 (1 day)   3. maxSessionTime must have a greater duration than maxIdleTime.&#x60;
+     * @type {Array<JsonPatchOperationV2024>}
+     * @memberof GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgSessionConfig
+     */
+    readonly jsonPatchOperationV2024: Array<JsonPatchOperationV2024>;
+}
 /**
  * GlobalTenantSecuritySettingsV2024Api - object-oriented interface
  * @export
@@ -55584,6 +56710,14 @@ export declare class GlobalTenantSecuritySettingsV2024Api extends BaseAPI {
      * @memberof GlobalTenantSecuritySettingsV2024Api
      */
     createAuthOrgNetworkConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiCreateAuthOrgNetworkConfigRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<NetworkConfigurationV2024, any>>;
+    /**
+     * This API returns the details of an org\'s lockout auth configuration.
+     * @summary Get Auth Org Lockout Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     * @memberof GlobalTenantSecuritySettingsV2024Api
+     */
+    getAuthOrgLockoutConfig(axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<LockoutConfigurationV2024, any>>;
     /**
      * This API returns the details of an org\'s network auth configuration.
      * @summary Get security network configuration.
@@ -55592,6 +56726,31 @@ export declare class GlobalTenantSecuritySettingsV2024Api extends BaseAPI {
      * @memberof GlobalTenantSecuritySettingsV2024Api
      */
     getAuthOrgNetworkConfig(axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<NetworkConfigurationV2024, any>>;
+    /**
+     * This API returns the details of an org\'s service provider auth configuration.
+     * @summary Get Service Provider Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     * @memberof GlobalTenantSecuritySettingsV2024Api
+     */
+    getAuthOrgServiceProviderConfig(axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<ServiceProviderConfigurationV2024, any>>;
+    /**
+     * This API returns the details of an org\'s session auth configuration.
+     * @summary Get Auth Org Session Configuration.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     * @memberof GlobalTenantSecuritySettingsV2024Api
+     */
+    getAuthOrgSessionConfig(axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<SessionConfigurationV2024, any>>;
+    /**
+     * This API updates an existing lockout configuration for an org using PATCH
+     * @summary Update Auth Org Lockout Configuration
+     * @param {GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgLockoutConfigRequest} requestParameters Request parameters.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     * @memberof GlobalTenantSecuritySettingsV2024Api
+     */
+    patchAuthOrgLockoutConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgLockoutConfigRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<LockoutConfigurationV2024, any>>;
     /**
      * This API updates an existing network configuration for an org using PATCH  Requires security scope of:  \'sp:auth-org:manage\'
      * @summary Update security network configuration.
@@ -55601,6 +56760,24 @@ export declare class GlobalTenantSecuritySettingsV2024Api extends BaseAPI {
      * @memberof GlobalTenantSecuritySettingsV2024Api
      */
     patchAuthOrgNetworkConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgNetworkConfigRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<NetworkConfigurationV2024, any>>;
+    /**
+     * This API updates an existing service provider configuration for an org using PATCH.
+     * @summary Update Service Provider Configuration
+     * @param {GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgServiceProviderConfigRequest} requestParameters Request parameters.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     * @memberof GlobalTenantSecuritySettingsV2024Api
+     */
+    patchAuthOrgServiceProviderConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgServiceProviderConfigRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<ServiceProviderConfigurationV2024, any>>;
+    /**
+     * This API updates an existing session configuration for an org using PATCH.
+     * @summary Update Auth Org Session Configuration
+     * @param {GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgSessionConfigRequest} requestParameters Request parameters.
+     * @param {*} [axiosOptions] Override http request option.
+     * @throws {RequiredError}
+     * @memberof GlobalTenantSecuritySettingsV2024Api
+     */
+    patchAuthOrgSessionConfig(requestParameters: GlobalTenantSecuritySettingsV2024ApiPatchAuthOrgSessionConfigRequest, axiosOptions?: RawAxiosRequestConfig): Promise<import("axios").AxiosResponse<SessionConfigurationV2024, any>>;
 }
 /**
  * GovernanceGroupsV2024Api - axios parameter creator