sailpoint-api-client 1.5.0 → 1.6.1

package/v3/api.ts

@@ -391,43 +391,43 @@ export interface AccessModelMetadataValuesInner {
     'status'?: string;
 }
 /**
- * Access Profile
+ * Access profile.
  * @export
  * @interface AccessProfile
  */
 export interface AccessProfile {
     /**
-     * The ID of the Access Profile
+     * Access profile ID.
      * @type {string}
      * @memberof AccessProfile
      */
     'id'?: string;
     /**
-     * Name of the Access Profile
+     * Access profile name.
      * @type {string}
      * @memberof AccessProfile
      */
     'name': string;
     /**
-     * Information about the Access Profile
+     * Access profile description.
      * @type {string}
      * @memberof AccessProfile
      */
     'description'?: string | null;
     /**
-     * Date the Access Profile was created
+     * Date and time when the access profile was created.
      * @type {string}
      * @memberof AccessProfile
      */
     'created'?: string;
     /**
-     * Date the Access Profile was last modified.
+     * Date and time when the access profile was last modified.
      * @type {string}
      * @memberof AccessProfile
      */
     'modified'?: string;
     /**
-     * Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement.
+     * Indicates whether the access profile is enabled. If it\'s enabled, you must include at least one entitlement.
      * @type {boolean}
      * @memberof AccessProfile
      */
@@ -445,13 +445,13 @@ export interface AccessProfile {
      */
     'source': AccessProfileSourceRef;
     /**
-     * A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement.
+     * List of entitlements associated with the access profile. If `enabled` is false, this can be empty. Otherwise, it must contain at least one entitlement.
      * @type {Array<EntitlementRef>}
      * @memberof AccessProfile
      */
     'entitlements'?: Array<EntitlementRef> | null;
     /**
-     * Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported  for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value  **false** in this field results in a 400 error.
+     * Indicates whether the access profile is requestable by access request. Currently, making an access profile non-requestable is only supported  for customers enabled with the new Request Center. Otherwise, attempting to create an access profile with a value  **false** in this field results in a 400 error.
      * @type {boolean}
      * @memberof AccessProfile
      */
@@ -469,7 +469,7 @@ export interface AccessProfile {
      */
     'revocationRequestConfig'?: Revocability | null;
     /**
-     * List of IDs of segments, if any, to which this Access Profile is assigned.
+     * List of segment IDs, if any, that the access profile is assigned to.
      * @type {Array<string>}
      * @memberof AccessProfile
      */
@@ -488,13 +488,13 @@ export interface AccessProfile {
  */
 export interface AccessProfileApprovalScheme {
     /**
-     * Describes the individual or group that is responsible for an approval step. Values are as follows. **APP_OWNER**: The owner of the Application  **OWNER**: Owner of the associated Access Profile or Role  **SOURCE_OWNER**: Owner of the Source associated with an Access Profile  **MANAGER**: Manager of the Identity making the request  **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field
+     * Describes the individual or group that is responsible for an approval step. These are the possible values: **APP_OWNER**: The owner of the Application  **OWNER**: Owner of the associated Access Profile or Role  **SOURCE_OWNER**: Owner of the Source associated with an Access Profile  **MANAGER**: Manager of the Identity making the request  **GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field
      * @type {string}
      * @memberof AccessProfileApprovalScheme
      */
     'approverType'?: AccessProfileApprovalSchemeApproverTypeV3;
     /**
-     * Id of the specific approver, used only when approverType is GOVERNANCE_GROUP
+     * Specific approver ID. Only use this when the `approverType` is `GOVERNANCE_GROUP`.
      * @type {string}
      * @memberof AccessProfileApprovalScheme
      */
@@ -985,19 +985,19 @@ export interface AccessProfileRole {
  */
 export interface AccessProfileSourceRef {
     /**
-     * The ID of the Source with with which the Access Profile is associated
+     * ID of the source the access profile is associated with.
      * @type {string}
      * @memberof AccessProfileSourceRef
      */
     'id'?: string;
     /**
-     * The type of the Source, will always be SOURCE
+     * Source\'s DTO type.
      * @type {string}
      * @memberof AccessProfileSourceRef
      */
     'type'?: AccessProfileSourceRefTypeV3;
     /**
-     * The display name of the associated Source
+     * Source name.
      * @type {string}
      * @memberof AccessProfileSourceRef
      */
@@ -1146,6 +1146,12 @@ export interface AccessRequest {
      * @memberof AccessRequest
      */
     'clientMetadata'?: { [key: string]: string; };
+    /**
+     * Additional submit data structure with requestedFor containing requestedItems allowing distinction for each request item and Identity. * Can only be used when \'requestedFor\' and \'requestedItems\' are not separately provided * Adds ability to specify which account the user wants the access on, in case they have multiple accounts on a source * Allows the ability to request items with different remove dates * Also allows different combinations of request items and identities in the same request 
+     * @type {Array<RequestedForDtoRef>}
+     * @memberof AccessRequest
+     */
+    'requestedForWithRequestedItems'?: Array<RequestedForDtoRef> | null;
 }
 
 
@@ -1228,6 +1234,18 @@ export interface AccessRequestItem {
      * @memberof AccessRequestItem
      */
     'removeDate'?: string;
+    /**
+     * The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. 
+     * @type {string}
+     * @memberof AccessRequestItem
+     */
+    'assignmentId'?: string | null;
+    /**
+     * The \'distinguishedName\' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. 
+     * @type {string}
+     * @memberof AccessRequestItem
+     */
+    'nativeIdentity'?: string | null;
 }
 
 export const AccessRequestItemTypeV3 = {
@@ -2544,6 +2562,25 @@ export interface AccountAttributesCreateAttributes {
      */
     'sourceId': string;
 }
+/**
+ * 
+ * @export
+ * @interface AccountItemRef
+ */
+export interface AccountItemRef {
+    /**
+     * The uuid for the account, available under the \'objectguid\' attribute
+     * @type {string}
+     * @memberof AccountItemRef
+     */
+    'accountUuid'?: string | null;
+    /**
+     * The \'distinguishedName\' attribute for the account
+     * @type {string}
+     * @memberof AccountItemRef
+     */
+    'nativeIdentity'?: string;
+}
 /**
  * 
  * @export
@@ -3628,7 +3665,8 @@ export const AttributeDefinitionType = {
     String: 'STRING',
     Long: 'LONG',
     Int: 'INT',
-    Boolean: 'BOOLEAN'
+    Boolean: 'BOOLEAN',
+    Date: 'DATE'
 } as const;
 
 export type AttributeDefinitionType = typeof AttributeDefinitionType[keyof typeof AttributeDefinitionType];
@@ -9835,6 +9873,188 @@ export const GetActiveCampaigns200ResponseInnerMandatoryCommentRequirementV3 = {
 
 export type GetActiveCampaigns200ResponseInnerMandatoryCommentRequirementV3 = typeof GetActiveCampaigns200ResponseInnerMandatoryCommentRequirementV3[keyof typeof GetActiveCampaigns200ResponseInnerMandatoryCommentRequirementV3];
 
+/**
+ * 
+ * @export
+ * @interface GetCampaign200Response
+ */
+export interface GetCampaign200Response {
+    /**
+     * Id of the campaign
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'id'?: string;
+    /**
+     * The campaign name. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details. 
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'name': string;
+    /**
+     * The campaign description. If this object is part of a template, special formatting applies; see the `/campaign-templates/{id}/generate` endpoint documentation for details. 
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'description': string | null;
+    /**
+     * The campaign\'s completion deadline.  This date must be in the future in order to activate the campaign.  If you try to activate a campaign with a deadline of today or in the past, you will receive a 400 error response.
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'deadline'?: string;
+    /**
+     * The type of campaign. Could be extended in the future.
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'type': GetCampaign200ResponseTypeV3;
+    /**
+     * Enables email notification for this campaign
+     * @type {boolean}
+     * @memberof GetCampaign200Response
+     */
+    'emailNotificationEnabled'?: boolean;
+    /**
+     * Allows auto revoke for this campaign
+     * @type {boolean}
+     * @memberof GetCampaign200Response
+     */
+    'autoRevokeAllowed'?: boolean;
+    /**
+     * Enables IAI for this campaign. Accepts true even if the IAI product feature is off. If IAI is turned off then campaigns generated from this template will indicate false. The real value will then be returned if IAI is ever enabled for the org in the future.
+     * @type {boolean}
+     * @memberof GetCampaign200Response
+     */
+    'recommendationsEnabled'?: boolean;
+    /**
+     * The campaign\'s current status.
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'status'?: GetCampaign200ResponseStatusV3;
+    /**
+     * The correlatedStatus of the campaign. Only SOURCE_OWNER campaigns can be Uncorrelated. An Uncorrelated certification campaign only includes Uncorrelated identities (An identity is uncorrelated if it has no accounts on an authoritative source).
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'correlatedStatus'?: GetCampaign200ResponseCorrelatedStatusV3;
+    /**
+     * Created time of the campaign
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'created'?: string;
+    /**
+     * The total number of certifications in this campaign.
+     * @type {number}
+     * @memberof GetCampaign200Response
+     */
+    'totalCertifications'?: number;
+    /**
+     * The number of completed certifications in this campaign.
+     * @type {number}
+     * @memberof GetCampaign200Response
+     */
+    'completedCertifications'?: number;
+    /**
+     * A list of errors and warnings that have accumulated.
+     * @type {Array<CampaignAlert>}
+     * @memberof GetCampaign200Response
+     */
+    'alerts'?: Array<CampaignAlert>;
+    /**
+     * Modified time of the campaign
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'modified'?: string;
+    /**
+     * 
+     * @type {CampaignAllOfFilter}
+     * @memberof GetCampaign200Response
+     */
+    'filter'?: CampaignAllOfFilter;
+    /**
+     * Determines if comments on sunset date changes are required.
+     * @type {boolean}
+     * @memberof GetCampaign200Response
+     */
+    'sunsetCommentsRequired'?: boolean;
+    /**
+     * 
+     * @type {CampaignAllOfSourceOwnerCampaignInfo}
+     * @memberof GetCampaign200Response
+     */
+    'sourceOwnerCampaignInfo'?: CampaignAllOfSourceOwnerCampaignInfo;
+    /**
+     * 
+     * @type {CampaignAllOfSearchCampaignInfo}
+     * @memberof GetCampaign200Response
+     */
+    'searchCampaignInfo'?: CampaignAllOfSearchCampaignInfo;
+    /**
+     * 
+     * @type {CampaignAllOfRoleCompositionCampaignInfo}
+     * @memberof GetCampaign200Response
+     */
+    'roleCompositionCampaignInfo'?: CampaignAllOfRoleCompositionCampaignInfo;
+    /**
+     * 
+     * @type {CampaignAllOfMachineAccountCampaignInfo}
+     * @memberof GetCampaign200Response
+     */
+    'machineAccountCampaignInfo'?: CampaignAllOfMachineAccountCampaignInfo;
+    /**
+     * A list of sources in the campaign that contain \\\"orphan entitlements\\\" (entitlements without a corresponding Managed Attribute). An empty list indicates the campaign has no orphan entitlements. Null indicates there may be unknown orphan entitlements in the campaign (the campaign was created before this feature was implemented).
+     * @type {Array<CampaignAllOfSourcesWithOrphanEntitlements>}
+     * @memberof GetCampaign200Response
+     */
+    'sourcesWithOrphanEntitlements'?: Array<CampaignAllOfSourcesWithOrphanEntitlements>;
+    /**
+     * Determines whether comments are required for decisions during certification reviews. You can require comments for all decisions, revoke-only decisions, or no decisions. By default, comments are not required for decisions.
+     * @type {string}
+     * @memberof GetCampaign200Response
+     */
+    'mandatoryCommentRequirement'?: GetCampaign200ResponseMandatoryCommentRequirementV3;
+}
+
+export const GetCampaign200ResponseTypeV3 = {
+    Manager: 'MANAGER',
+    SourceOwner: 'SOURCE_OWNER',
+    Search: 'SEARCH',
+    RoleComposition: 'ROLE_COMPOSITION',
+    MachineAccount: 'MACHINE_ACCOUNT'
+} as const;
+
+export type GetCampaign200ResponseTypeV3 = typeof GetCampaign200ResponseTypeV3[keyof typeof GetCampaign200ResponseTypeV3];
+export const GetCampaign200ResponseStatusV3 = {
+    Pending: 'PENDING',
+    Staged: 'STAGED',
+    Canceling: 'CANCELING',
+    Activating: 'ACTIVATING',
+    Active: 'ACTIVE',
+    Completing: 'COMPLETING',
+    Completed: 'COMPLETED',
+    Error: 'ERROR',
+    Archived: 'ARCHIVED'
+} as const;
+
+export type GetCampaign200ResponseStatusV3 = typeof GetCampaign200ResponseStatusV3[keyof typeof GetCampaign200ResponseStatusV3];
+export const GetCampaign200ResponseCorrelatedStatusV3 = {
+    Correlated: 'CORRELATED',
+    Uncorrelated: 'UNCORRELATED'
+} as const;
+
+export type GetCampaign200ResponseCorrelatedStatusV3 = typeof GetCampaign200ResponseCorrelatedStatusV3[keyof typeof GetCampaign200ResponseCorrelatedStatusV3];
+export const GetCampaign200ResponseMandatoryCommentRequirementV3 = {
+    AllDecisions: 'ALL_DECISIONS',
+    RevokeOnlyDecisions: 'REVOKE_ONLY_DECISIONS',
+    NoDecisions: 'NO_DECISIONS'
+} as const;
+
+export type GetCampaign200ResponseMandatoryCommentRequirementV3 = typeof GetCampaign200ResponseMandatoryCommentRequirementV3[keyof typeof GetCampaign200ResponseMandatoryCommentRequirementV3];
+
 /**
  * @type GetDiscoveredApplications200ResponseInner
  * @export
@@ -11576,7 +11796,7 @@ export interface IdpDetails {
      * @type {string}
      * @memberof IdpDetails
      */
-    'authContext'?: string;
+    'authnContext'?: string;
     /**
      * The IDP logout URL. Used with IDP configurations.
      * @type {string}
@@ -11588,7 +11808,7 @@ export interface IdpDetails {
      * @type {boolean}
      * @memberof IdpDetails
      */
-    'includeAuthContext'?: boolean;
+    'includeAuthnContext'?: boolean;
     /**
      * The name id format to use. Used with IDP configurations.
      * @type {string}
@@ -11624,7 +11844,7 @@ export interface IdpDetails {
      * @type {string}
      * @memberof IdpDetails
      */
-    'mappingAttribute'?: string;
+    'mappingAttribute': string;
     /**
      * The expiration date extracted from the certificate.
      * @type {string}
@@ -11640,7 +11860,8 @@ export interface IdpDetails {
 }
 
 export const IdpDetailsRoleV3 = {
-    SamlIdp: 'SAML_IDP'
+    SamlIdp: 'SAML_IDP',
+    SamlSp: 'SAML_SP'
 } as const;
 
 export type IdpDetailsRoleV3 = typeof IdpDetailsRoleV3[keyof typeof IdpDetailsRoleV3];
@@ -14877,7 +15098,7 @@ export const OwnerDtoTypeV3 = {
 export type OwnerDtoTypeV3 = typeof OwnerDtoTypeV3[keyof typeof OwnerDtoTypeV3];
 
 /**
- * The owner of this object.
+ * Owner of the object.
  * @export
  * @interface OwnerReference
  */
@@ -14889,13 +15110,13 @@ export interface OwnerReference {
      */
     'type'?: OwnerReferenceTypeV3;
     /**
-     * Identity id
+     * Owner\'s identity ID.
      * @type {string}
      * @memberof OwnerReference
      */
     'id'?: string;
     /**
-     * Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner\'s display name, otherwise a 400 Bad Request error will result.
+     * Owner\'s name. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner\'s display name, otherwise a 400 Bad Request error will result.
      * @type {string}
      * @memberof OwnerReference
      */
@@ -15474,19 +15695,6 @@ export const PatOwnerTypeV3 = {
 
 export type PatOwnerTypeV3 = typeof PatOwnerTypeV3[keyof typeof PatOwnerTypeV3];
 
-/**
- * A JSONPatch document as defined by [RFC 6902 - JSON Patch](https://tools.ietf.org/html/rfc6902).  Only `replace` operations are accepted by this endpoint.
- * @export
- * @interface PatchServiceDeskIntegrationRequest
- */
-export interface PatchServiceDeskIntegrationRequest {
-    /**
-     * Operations to be applied
-     * @type {Array<JsonPatchOperation>}
-     * @memberof PatchServiceDeskIntegrationRequest
-     */
-    'operations'?: Array<JsonPatchOperation>;
-}
 /**
  * 
  * @export
@@ -15815,7 +16023,7 @@ export interface ProvisioningConfigPlanInitializerScript {
     'source'?: string;
 }
 /**
- * Defines matching criteria for an Account to be provisioned with a specific Access Profile
+ * Defines matching criteria for an account to be provisioned with a specific access profile.
  * @export
  * @interface ProvisioningCriteriaLevel1
  */
@@ -15827,19 +16035,19 @@ export interface ProvisioningCriteriaLevel1 {
      */
     'operation'?: ProvisioningCriteriaOperation;
     /**
-     * Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.
+     * Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error.
      * @type {string}
      * @memberof ProvisioningCriteriaLevel1
      */
     'attribute'?: string | null;
     /**
-     * String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.
+     * String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type.
      * @type {string}
      * @memberof ProvisioningCriteriaLevel1
      */
     'value'?: string | null;
     /**
-     * Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.
+     * Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.
      * @type {Array<ProvisioningCriteriaLevel2>}
      * @memberof ProvisioningCriteriaLevel1
      */
@@ -15848,7 +16056,7 @@ export interface ProvisioningCriteriaLevel1 {
 
 
 /**
- * Defines matching criteria for an Account to be provisioned with a specific Access Profile
+ * Defines matching criteria for an account to be provisioned with a specific access profile.
  * @export
  * @interface ProvisioningCriteriaLevel2
  */
@@ -15860,19 +16068,19 @@ export interface ProvisioningCriteriaLevel2 {
      */
     'operation'?: ProvisioningCriteriaOperation;
     /**
-     * Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.
+     * Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error.
      * @type {string}
      * @memberof ProvisioningCriteriaLevel2
      */
     'attribute'?: string | null;
     /**
-     * String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.
+     * String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type.
      * @type {string}
      * @memberof ProvisioningCriteriaLevel2
      */
     'value'?: string | null;
     /**
-     * Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.
+     * Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.
      * @type {Array<ProvisioningCriteriaLevel3>}
      * @memberof ProvisioningCriteriaLevel2
      */
@@ -15881,7 +16089,7 @@ export interface ProvisioningCriteriaLevel2 {
 
 
 /**
- * Defines matching criteria for an Account to be provisioned with a specific Access Profile
+ * Defines matching criteria for an account to be provisioned with a specific access profile.
  * @export
  * @interface ProvisioningCriteriaLevel3
  */
@@ -15893,19 +16101,19 @@ export interface ProvisioningCriteriaLevel3 {
      */
     'operation'?: ProvisioningCriteriaOperation;
     /**
-     * Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS, this field is required. Otherwise, specifying it is an error.
+     * Name of the account attribute to be tested. If **operation** is one of `EQUALS`, `NOT_EQUALS`, `CONTAINS`, or `HAS`, this field is required. Otherwise, specifying it results in an error.
      * @type {string}
      * @memberof ProvisioningCriteriaLevel3
      */
     'attribute'?: string | null;
     /**
-     * String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS, NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is not String-typed, it will be converted to the appropriate type.
+     * String value to test the account attribute w/r/t the specified operation. If the operation is one of `EQUALS`, `NOT_EQUALS`, or `CONTAINS`, this field is required. Otherwise, specifying it results in an error. If the attribute is not string-typed, the API will convert it to the appropriate type.
      * @type {string}
      * @memberof ProvisioningCriteriaLevel3
      */
-    'value'?: string;
+    'value'?: string | null;
     /**
-     * Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.
+     * Array of child criteria. This field is required if the operation is `AND` or `OR`. Otherwise, it must be left null. A maximum of three levels of criteria are supported, including leaf nodes.
      * @type {string}
      * @memberof ProvisioningCriteriaLevel3
      */
@@ -15914,7 +16122,7 @@ export interface ProvisioningCriteriaLevel3 {
 
 
 /**
- * Supported operations on ProvisioningCriteria
+ * Supported operations on `ProvisioningCriteria`.
  * @export
  * @enum {string}
  */
@@ -15955,7 +16163,7 @@ export interface ProvisioningPolicy {
      * @type {string}
      * @memberof ProvisioningPolicy
      */
-    'name': string;
+    'name': string | null;
     /**
      * the description of the provisioning policy
      * @type {string}
@@ -15988,7 +16196,7 @@ export interface ProvisioningPolicyDto {
      * @type {string}
      * @memberof ProvisioningPolicyDto
      */
-    'name': string;
+    'name': string | null;
     /**
      * the description of the provisioning policy
      * @type {string}
@@ -17005,19 +17213,25 @@ export interface RequestOnBehalfOfConfig {
  */
 export interface Requestability {
     /**
-     * Whether the requester of the containing object must provide comments justifying the request
+     * Indicates whether the requester of the containing object must provide comments justifying the request.
      * @type {boolean}
      * @memberof Requestability
      */
     'commentsRequired'?: boolean | null;
     /**
-     * Whether an approver must provide comments when denying the request
+     * Indicates whether an approver must provide comments when denying the request.
      * @type {boolean}
      * @memberof Requestability
      */
     'denialCommentsRequired'?: boolean | null;
     /**
-     * List describing the steps in approving the request
+     * Indicates whether reauthorization is required for the request.
+     * @type {boolean}
+     * @memberof Requestability
+     */
+    'reauthorizationRequired'?: boolean | null;
+    /**
+     * List describing the steps involved in approving the request.
      * @type {Array<AccessProfileApprovalScheme>}
      * @memberof Requestability
      */
@@ -17041,6 +17255,12 @@ export interface RequestabilityForRole {
      * @memberof RequestabilityForRole
      */
     'denialCommentsRequired'?: boolean | null;
+    /**
+     * Indicates whether reauthorization is required for the request.
+     * @type {boolean}
+     * @memberof RequestabilityForRole
+     */
+    'reauthorizationRequired'?: boolean | null;
     /**
      * List describing the steps in approving the request
      * @type {Array<ApprovalSchemeForRole>}
@@ -17226,6 +17446,25 @@ export interface RequestedAccountRef {
 }
 
 
+/**
+ * 
+ * @export
+ * @interface RequestedForDtoRef
+ */
+export interface RequestedForDtoRef {
+    /**
+     * The identity id for which the access is requested
+     * @type {string}
+     * @memberof RequestedForDtoRef
+     */
+    'identityId': string;
+    /**
+     * the details for the access items that are requested for the identity
+     * @type {Array<RequestedItemDtoRef>}
+     * @memberof RequestedForDtoRef
+     */
+    'requestedItems': Array<RequestedItemDtoRef>;
+}
 /**
  * 
  * @export
@@ -17254,6 +17493,70 @@ export const RequestedItemDetailsTypeV3 = {
 
 export type RequestedItemDetailsTypeV3 = typeof RequestedItemDetailsTypeV3[keyof typeof RequestedItemDetailsTypeV3];
 
+/**
+ * 
+ * @export
+ * @interface RequestedItemDtoRef
+ */
+export interface RequestedItemDtoRef {
+    /**
+     * The type of the item being requested.
+     * @type {string}
+     * @memberof RequestedItemDtoRef
+     */
+    'type': RequestedItemDtoRefTypeV3;
+    /**
+     * ID of Role, Access Profile or Entitlement being requested.
+     * @type {string}
+     * @memberof RequestedItemDtoRef
+     */
+    'id': string;
+    /**
+     * Comment provided by requester. * Comment is required when the request is of type Revoke Access. 
+     * @type {string}
+     * @memberof RequestedItemDtoRef
+     */
+    'comment'?: string;
+    /**
+     * Arbitrary key-value pairs. They will never be processed by the IdentityNow system but will be returned on associated APIs such as /account-activities and /access-request-status.
+     * @type {{ [key: string]: string; }}
+     * @memberof RequestedItemDtoRef
+     */
+    'clientMetadata'?: { [key: string]: string; };
+    /**
+     * The date the role or access profile or entitlement is no longer assigned to the specified identity. Also known as the expiration date. * Specify a date in the future. * The current SLA for the deprovisioning is 24 hours. * This date can be modified to either extend or decrease the duration of access item assignments for the specified identity. You can change the expiration date for requests for yourself or direct reports, but you cannot remove an expiration date on an already approved item. If the access request has not been approved, you can cancel it and submit a new one without the expiration. If it has already been approved, then you have to revoke the access and then re-request without the expiration. 
+     * @type {string}
+     * @memberof RequestedItemDtoRef
+     */
+    'removeDate'?: string;
+    /**
+     * The assignmentId for a specific role assignment on the identity. This id is used to revoke that specific roleAssignment on that identity. * For use with REVOKE_ACCESS requests for roles for identities with multiple accounts on a single source. 
+     * @type {string}
+     * @memberof RequestedItemDtoRef
+     */
+    'assignmentId'?: string | null;
+    /**
+     * The \'distinguishedName\' field for an account on the identity, also called nativeIdentity. This nativeIdentity is used to revoke a specific attributeAssignment on the identity. * For use with REVOKE_ACCESS requests for entitlements for identities with multiple accounts on a single source. 
+     * @type {string}
+     * @memberof RequestedItemDtoRef
+     */
+    'nativeIdentity'?: string | null;
+    /**
+     * The accounts where the access item will be provisioned to * Includes selections performed by the user in the event of multiple accounts existing on the same source * Also includes details for sources where user only has one account 
+     * @type {Array<SourceItemRef>}
+     * @memberof RequestedItemDtoRef
+     */
+    'accountSelection'?: Array<SourceItemRef> | null;
+}
+
+export const RequestedItemDtoRefTypeV3 = {
+    AccessProfile: 'ACCESS_PROFILE',
+    Role: 'ROLE',
+    Entitlement: 'ENTITLEMENT'
+} as const;
+
+export type RequestedItemDtoRefTypeV3 = typeof RequestedItemDtoRefTypeV3[keyof typeof RequestedItemDtoRefTypeV3];
+
 /**
  * 
  * @export
@@ -18129,7 +18432,7 @@ export type ReviewerTypeV3 = typeof ReviewerTypeV3[keyof typeof ReviewerTypeV3];
  */
 export interface Revocability {
     /**
-     * List describing the steps in approving the revocation request
+     * List describing the steps involved in approving the revocation request.
      * @type {Array<AccessProfileApprovalScheme>}
      * @memberof Revocability
      */
@@ -20714,10 +21017,121 @@ export interface ServiceProviderConfiguration {
     'federationProtocolDetails'?: Array<ServiceProviderConfigurationFederationProtocolDetailsInner>;
 }
 /**
- * @type ServiceProviderConfigurationFederationProtocolDetailsInner
+ * 
  * @export
+ * @interface ServiceProviderConfigurationFederationProtocolDetailsInner
  */
-export type ServiceProviderConfigurationFederationProtocolDetailsInner = IdpDetails | SpDetails;
+export interface ServiceProviderConfigurationFederationProtocolDetailsInner {
+    /**
+     * Federation protocol role
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'role'?: ServiceProviderConfigurationFederationProtocolDetailsInnerRoleV3;
+    /**
+     * An entity ID is a globally unique name for a SAML entity, either an Identity Provider (IDP) or a Service Provider (SP).
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'entityId'?: string;
+    /**
+     * Defines the binding used for the SAML flow. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'binding'?: string;
+    /**
+     * Specifies the SAML authentication method to use. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'authnContext'?: string;
+    /**
+     * The IDP logout URL. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'logoutUrl'?: string;
+    /**
+     * Determines if the configured AuthnContext should be used or the default. Used with IDP configurations.
+     * @type {boolean}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'includeAuthnContext'?: boolean;
+    /**
+     * The name id format to use. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'nameId'?: string;
+    /**
+     * 
+     * @type {JITConfiguration}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'jitConfiguration'?: JITConfiguration;
+    /**
+     * The Base64-encoded certificate used by the IDP. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'cert'?: string;
+    /**
+     * The IDP POST URL, used with IDP HTTP-POST bindings for IDP-initiated logins. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'loginUrlPost'?: string;
+    /**
+     * The IDP Redirect URL. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'loginUrlRedirect'?: string;
+    /**
+     * Return the saml Id for the given user, based on the IDN as SP settings of the org. Used with IDP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'mappingAttribute': string;
+    /**
+     * The expiration date extracted from the certificate.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'certificateExpirationDate'?: string;
+    /**
+     * The name extracted from the certificate.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'certificateName'?: string;
+    /**
+     * Unique alias used to identify the selected local service provider based on used URL. Used with SP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'alias'?: string;
+    /**
+     * The allowed callback URL where users will be redirected to after authentication. Used with SP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'callbackUrl': string;
+    /**
+     * The legacy ACS URL used for SAML authentication. Used with SP configurations.
+     * @type {string}
+     * @memberof ServiceProviderConfigurationFederationProtocolDetailsInner
+     */
+    'legacyAcsUrl'?: string;
+}
+
+export const ServiceProviderConfigurationFederationProtocolDetailsInnerRoleV3 = {
+    SamlIdp: 'SAML_IDP',
+    SamlSp: 'SAML_SP'
+} as const;
+
+export type ServiceProviderConfigurationFederationProtocolDetailsInnerRoleV3 = typeof ServiceProviderConfigurationFederationProtocolDetailsInnerRoleV3[keyof typeof ServiceProviderConfigurationFederationProtocolDetailsInnerRoleV3];
 
 /**
  * 
@@ -21995,6 +22409,25 @@ export const SourceHealthDtoStatusV3 = {
 
 export type SourceHealthDtoStatusV3 = typeof SourceHealthDtoStatusV3[keyof typeof SourceHealthDtoStatusV3];
 
+/**
+ * 
+ * @export
+ * @interface SourceItemRef
+ */
+export interface SourceItemRef {
+    /**
+     * The id for the source on which account selections are made
+     * @type {string}
+     * @memberof SourceItemRef
+     */
+    'sourceId'?: string | null;
+    /**
+     * A list of account selections on the source. Currently, only one selection per source is supported.
+     * @type {Array<AccountItemRef>}
+     * @memberof SourceItemRef
+     */
+    'accounts'?: Array<AccountItemRef> | null;
+}
 /**
  * Reference to management workgroup for the source.
  * @export
@@ -22268,10 +22701,17 @@ export interface SpDetails {
      * @type {string}
      * @memberof SpDetails
      */
-    'callbackUrl'?: string;
+    'callbackUrl': string;
+    /**
+     * The legacy ACS URL used for SAML authentication. Used with SP configurations.
+     * @type {string}
+     * @memberof SpDetails
+     */
+    'legacyAcsUrl'?: string;
 }
 
 export const SpDetailsRoleV3 = {
+    SamlIdp: 'SAML_IDP',
     SamlSp: 'SAML_SP'
 } as const;
 
@@ -24304,6 +24744,7 @@ export const WorkflowExecutionStatusV3 = {
     Completed: 'Completed',
     Failed: 'Failed',
     Canceled: 'Canceled',
+    Queued: 'Queued',
     Running: 'Running'
 } as const;
 
@@ -24860,7 +25301,7 @@ export type WorkflowTriggerAttributesFrequencyV3 = typeof WorkflowTriggerAttribu
 export const AccessProfilesApiAxiosParamCreator = function (configuration?: Configuration) {
     return {
         /**
-         * Create an access profile. A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile\'s source. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles.  However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
+         * Create an access profile. A user with `ROLE_SUBADMIN` or `SOURCE_SUBADMIN` authority must be associated with the access profile\'s source. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles.  However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters. >**Note:** To use this endpoint, you need all the listed scopes.
          * @summary Create Access Profile
          * @param {AccessProfile} accessProfile 
          * @param {*} [axiosOptions] Override http request option.
@@ -25119,13 +25560,13 @@ export const AccessProfilesApiAxiosParamCreator = function (configuration?: Conf
             };
         },
         /**
-         * Get a list of access profiles. >**Note:** When you filter for access profiles that have the \'+\' symbol in their names, the response is blank. 
+         * Get a list of access profiles.  >**Note:** When you filter for access profiles that have the \'+\' symbol in their names, the response is blank. 
          * @summary List Access Profiles
          * @param {string} [forSubadmin] Filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID or the special value **me**, which is shorthand for the calling identity\&#39;s ID.  If you specify an identity that isn\&#39;t a subadmin, the API returns a 400 Bad Request error.
          * @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {number} [offset] Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {boolean} [count] If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count&#x3D;true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
-         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, lt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **source.id**: *eq, in*  Supported composite operators are *and, or*  Filtering is not supported for access profiles and entitlements that have the \&#39;+\&#39; symbol in their names. 
+         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **source.id**: *eq, in*  Supported composite operators are *and, or*  Filtering is not supported for access profiles and entitlements that have the \&#39;+\&#39; symbol in their names. 
          * @param {string} [sorters] Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **name, created, modified**
          * @param {string} [forSegmentIds] Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
          * @param {boolean} [includeUnsegmented] Indicates whether the response list should contain unsegmented access profiles. If &#x60;for-segment-ids&#x60; is absent or empty, specifying *include-unsegmented* as &#x60;false&#x60; results in an error.
@@ -25263,7 +25704,7 @@ export const AccessProfilesApiFp = function(configuration?: Configuration) {
     const localVarAxiosParamCreator = AccessProfilesApiAxiosParamCreator(configuration)
     return {
         /**
-         * Create an access profile. A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile\'s source. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles.  However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
+         * Create an access profile. A user with `ROLE_SUBADMIN` or `SOURCE_SUBADMIN` authority must be associated with the access profile\'s source. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles.  However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters. >**Note:** To use this endpoint, you need all the listed scopes.
          * @summary Create Access Profile
          * @param {AccessProfile} accessProfile 
          * @param {*} [axiosOptions] Override http request option.
@@ -25333,13 +25774,13 @@ export const AccessProfilesApiFp = function(configuration?: Configuration) {
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
         /**
-         * Get a list of access profiles. >**Note:** When you filter for access profiles that have the \'+\' symbol in their names, the response is blank. 
+         * Get a list of access profiles.  >**Note:** When you filter for access profiles that have the \'+\' symbol in their names, the response is blank. 
          * @summary List Access Profiles
          * @param {string} [forSubadmin] Filters the returned list according to what is visible to the indicated ROLE_SUBADMIN or SOURCE_SUBADMIN identity. The value of the parameter is either an identity ID or the special value **me**, which is shorthand for the calling identity\&#39;s ID.  If you specify an identity that isn\&#39;t a subadmin, the API returns a 400 Bad Request error.
          * @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {number} [offset] Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {boolean} [count] If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count&#x3D;true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
-         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, lt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **source.id**: *eq, in*  Supported composite operators are *and, or*  Filtering is not supported for access profiles and entitlements that have the \&#39;+\&#39; symbol in their names. 
+         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **source.id**: *eq, in*  Supported composite operators are *and, or*  Filtering is not supported for access profiles and entitlements that have the \&#39;+\&#39; symbol in their names. 
          * @param {string} [sorters] Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **name, created, modified**
          * @param {string} [forSegmentIds] Filters access profiles to only those assigned to the segment(s) with the specified IDs. If segmentation is currently unavailable, specifying this parameter results in an error.
          * @param {boolean} [includeUnsegmented] Indicates whether the response list should contain unsegmented access profiles. If &#x60;for-segment-ids&#x60; is absent or empty, specifying *include-unsegmented* as &#x60;false&#x60; results in an error.
@@ -25377,7 +25818,7 @@ export const AccessProfilesApiFactory = function (configuration?: Configuration,
     const localVarFp = AccessProfilesApiFp(configuration)
     return {
         /**
-         * Create an access profile. A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile\'s source. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles.  However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
+         * Create an access profile. A user with `ROLE_SUBADMIN` or `SOURCE_SUBADMIN` authority must be associated with the access profile\'s source. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles.  However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters. >**Note:** To use this endpoint, you need all the listed scopes.
          * @summary Create Access Profile
          * @param {AccessProfilesApiCreateAccessProfileRequest} requestParameters Request parameters.
          * @param {*} [axiosOptions] Override http request option.
@@ -25427,7 +25868,7 @@ export const AccessProfilesApiFactory = function (configuration?: Configuration,
             return localVarFp.getAccessProfileEntitlements(requestParameters.id, requestParameters.limit, requestParameters.offset, requestParameters.count, requestParameters.filters, requestParameters.sorters, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
-         * Get a list of access profiles. >**Note:** When you filter for access profiles that have the \'+\' symbol in their names, the response is blank. 
+         * Get a list of access profiles.  >**Note:** When you filter for access profiles that have the \'+\' symbol in their names, the response is blank. 
          * @summary List Access Profiles
          * @param {AccessProfilesApiListAccessProfilesRequest} requestParameters Request parameters.
          * @param {*} [axiosOptions] Override http request option.
@@ -25589,7 +26030,7 @@ export interface AccessProfilesApiListAccessProfilesRequest {
     readonly count?: boolean
 
     /**
-     * Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, lt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **source.id**: *eq, in*  Supported composite operators are *and, or*  Filtering is not supported for access profiles and entitlements that have the \&#39;+\&#39; symbol in their names. 
+     * Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **source.id**: *eq, in*  Supported composite operators are *and, or*  Filtering is not supported for access profiles and entitlements that have the \&#39;+\&#39; symbol in their names. 
      * @type {string}
      * @memberof AccessProfilesApiListAccessProfiles
      */
@@ -25646,7 +26087,7 @@ export interface AccessProfilesApiPatchAccessProfileRequest {
  */
 export class AccessProfilesApi extends BaseAPI {
     /**
-     * Create an access profile. A user with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the access profile\'s source. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles.  However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters.
+     * Create an access profile. A user with `ROLE_SUBADMIN` or `SOURCE_SUBADMIN` authority must be associated with the access profile\'s source. The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing access profiles.  However, any new access profiles as well as any updates to existing descriptions are limited to 2000 characters. >**Note:** To use this endpoint, you need all the listed scopes.
      * @summary Create Access Profile
      * @param {AccessProfilesApiCreateAccessProfileRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
@@ -25706,7 +26147,7 @@ export class AccessProfilesApi extends BaseAPI {
     }
 
     /**
-     * Get a list of access profiles. >**Note:** When you filter for access profiles that have the \'+\' symbol in their names, the response is blank. 
+     * Get a list of access profiles.  >**Note:** When you filter for access profiles that have the \'+\' symbol in their names, the response is blank. 
      * @summary List Access Profiles
      * @param {AccessProfilesApiListAccessProfilesRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
@@ -25955,7 +26396,7 @@ export const AccessRequestApprovalsApiAxiosParamCreator = function (configuratio
          * @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {number} [offset] Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {boolean} [count] If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count&#x3D;true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
-         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **requestedFor.id**: *eq, in*  **modified**: *gt, lt, ge, le, eq, in*  **accessRequestId**: *eq, in*
+         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **requestedFor.id**: *eq, in*  **modified**: *gt, lt, ge, le, eq, in*  **accessRequestId**: *eq, in*  **created**: *gt, lt, ge, le, eq, in*
          * @param {string} [sorters] Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **created, modified**
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
@@ -26141,7 +26582,7 @@ export const AccessRequestApprovalsApiFp = function(configuration?: Configuratio
          * @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {number} [offset] Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {boolean} [count] If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count&#x3D;true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
-         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **requestedFor.id**: *eq, in*  **modified**: *gt, lt, ge, le, eq, in*  **accessRequestId**: *eq, in*
+         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **requestedFor.id**: *eq, in*  **modified**: *gt, lt, ge, le, eq, in*  **accessRequestId**: *eq, in*  **created**: *gt, lt, ge, le, eq, in*
          * @param {string} [sorters] Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **created, modified**
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
@@ -26386,7 +26827,7 @@ export interface AccessRequestApprovalsApiListPendingApprovalsRequest {
     readonly count?: boolean
 
     /**
-     * Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **requestedFor.id**: *eq, in*  **modified**: *gt, lt, ge, le, eq, in*  **accessRequestId**: *eq, in*
+     * Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **requestedFor.id**: *eq, in*  **modified**: *gt, lt, ge, le, eq, in*  **accessRequestId**: *eq, in*  **created**: *gt, lt, ge, le, eq, in*
      * @type {string}
      * @memberof AccessRequestApprovalsApiListPendingApprovals
      */
@@ -26554,7 +26995,7 @@ export const AccessRequestsApiAxiosParamCreator = function (configuration?: Conf
             };
         },
         /**
-         * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. 
+         * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. 
          * @summary Submit Access Request
          * @param {AccessRequest} accessRequest 
          * @param {*} [axiosOptions] Override http request option.
@@ -26791,7 +27232,7 @@ export const AccessRequestsApiFp = function(configuration?: Configuration) {
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
         /**
-         * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. 
+         * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. 
          * @summary Submit Access Request
          * @param {AccessRequest} accessRequest 
          * @param {*} [axiosOptions] Override http request option.
@@ -26871,7 +27312,7 @@ export const AccessRequestsApiFactory = function (configuration?: Configuration,
             return localVarFp.cancelAccessRequest(requestParameters.cancelAccessRequest, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
-         * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. 
+         * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. 
          * @summary Submit Access Request
          * @param {AccessRequestsApiCreateAccessRequestRequest} requestParameters Request parameters.
          * @param {*} [axiosOptions] Override http request option.
@@ -27051,7 +27492,7 @@ export class AccessRequestsApi extends BaseAPI {
     }
 
     /**
-     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. 
+     * Use this API to submit an access request in Identity Security Cloud (ISC), where it follows any ISC approval processes.  Access requests are processed asynchronously by ISC. A successful response from this endpoint means that the request has been submitted to ISC and is queued for processing. Because this endpoint is asynchronous, it doesn\'t return an error if you submit duplicate access requests in quick succession or submit an access request for access that is already in progress, approved, or rejected.  It\'s best practice to check for any existing access requests that reference the same access items before submitting a new access request. This can be accomplished by using the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) or the [Pending Access Request Approvals](https://developer.sailpoint.com/idn/api/v3/list-pending-approvals) APIs. You can also use the [Search API](https://developer.sailpoint.com/idn/api/v3/search) to check the existing access items an identity has before submitting an access request to ensure that you aren\'t requesting access that is already granted. If you use this API to request access that an identity already has, the API will ignore the request.  These ignored requests do not display when you use the [List Access Request Status](https://developer.sailpoint.com/idn/api/v3/list-access-request-status) API.  There are two types of access request:  __GRANT_ACCESS__ * Can be requested for multiple identities in a single request. * Supports self request and request on behalf of other users. Refer to the [Get Access Request Configuration](https://developer.sailpoint.com/idn/api/v3/get-access-request-config) endpoint for request configuration options.   * Allows any authenticated token (except API) to call this endpoint to request to grant access to themselves. Depending on the configuration, a user can request access for others. * Roles, access profiles and entitlements can be requested. * While requesting entitlements, maximum of 25 entitlements and 10 recipients are allowed in a request. * Now supports an alternate field \'requestedForWithRequestedItems\' for users to specify account selections while requesting items where they have more than one account on the source.   __REVOKE_ACCESS__ * Can only be requested for a single identity at a time. * You cannot use an access request to revoke access from an identity if that access has been granted by role membership or by birthright provisioning.  * Does not support self request. Only manager can request to revoke access for their directly managed employees. * If a `removeDate` is specified, then the access will be removed on that date and time only for roles, access profiles and entitlements. * Roles, access profiles, and entitlements can be requested for revocation. * Revoke requests for entitlements are limited to 1 entitlement per access request currently. * You can specify a `removeDate` if the access doesn\'t already have a sunset date. The `removeDate` must be a future date, in the UTC timezone.  * Allows a manager to request to revoke access for direct employees. A user with ORG_ADMIN authority can also request to revoke access from anyone. * Now supports REVOKE_ACCESS requests for identities with multiple accounts on a single source, with the help of \'assignmentId\' and \'nativeIdentity\' fields. 
      * @summary Submit Access Request
      * @param {AccessRequestsApiCreateAccessRequestRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
@@ -31793,7 +32234,7 @@ export const CertificationCampaignsApiFp = function(configuration?: Configuratio
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        async getCampaign(id: string, detail?: GetCampaignDetailV3, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<GetActiveCampaigns200ResponseInner>> {
+        async getCampaign(id: string, detail?: GetCampaignDetailV3, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<GetCampaign200Response>> {
             const localVarAxiosArgs = await localVarAxiosParamCreator.getCampaign(id, detail, axiosOptions);
             const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
             const localVarOperationServerBasePath = operationServerMap['CertificationCampaignsApi.getCampaign']?.[localVarOperationServerIndex]?.url;
@@ -32077,7 +32518,7 @@ export const CertificationCampaignsApiFactory = function (configuration?: Config
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        getCampaign(requestParameters: CertificationCampaignsApiGetCampaignRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<GetActiveCampaigns200ResponseInner> {
+        getCampaign(requestParameters: CertificationCampaignsApiGetCampaignRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<GetCampaign200Response> {
             return localVarFp.getCampaign(requestParameters.id, requestParameters.detail, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
@@ -50037,9 +50478,9 @@ export const RolesApiAxiosParamCreator = function (configuration?: Configuration
             };
         },
         /**
-         * This API deletes a Role by its ID.  A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
-         * @summary Delete a Role
-         * @param {string} id ID of the Role
+         * Delete a role by ID.  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups the ROLE_SUBADMIN is a member of.
+         * @summary Delete Role
+         * @param {string} id Role ID.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
@@ -50079,9 +50520,9 @@ export const RolesApiAxiosParamCreator = function (configuration?: Configuration
             };
         },
         /**
-         * This API returns a Role by its ID. A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
-         * @summary Get a Role
-         * @param {string} id ID of the Role
+         * Get a role by ID. A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups of the ROLE_SUBADMIN is a member of.
+         * @summary Get Role
+         * @param {string} id Role ID.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
@@ -50194,7 +50635,7 @@ export const RolesApiAxiosParamCreator = function (configuration?: Configuration
          * @param {number} [limit] Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {number} [offset] Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {boolean} [count] If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count&#x3D;true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
-         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, lt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*
+         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, ge, le*  **modified**: *lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **dimensional**: *eq*
          * @param {string} [sorters] Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **name, created, modified**
          * @param {string} [forSegmentIds] If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.  If segmentation is currently unavailable, specifying this parameter results in an error.
          * @param {boolean} [includeUnsegmented] Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.
@@ -50266,9 +50707,9 @@ export const RolesApiAxiosParamCreator = function (configuration?: Configuration
             };
         },
         /**
-         * This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * entitlements * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.  The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.  When you use this API to modify a role\'s membership identities, you can only modify up to a limit of 500 membership identities at a time. 
-         * @summary Patch a specified Role
-         * @param {string} id ID of the Role to patch
+         * Update an existing role, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * entitlements * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups of the ROLE_SUBADMIN is a member of.  The maximum supported length for the description field is 2000 characters. ISC preserves longer descriptions for existing roles. However, any new roles as well as any updates to existing descriptions are limited to 2000 characters.  When you use this API to modify a role\'s membership identities, you can only modify up to a limit of 500 membership identities at a time. 
+         * @summary Patch Role
+         * @param {string} id Role ID to patch
          * @param {Array<JsonPatchOperation>} jsonPatchOperation 
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
@@ -50350,9 +50791,9 @@ export const RolesApiFp = function(configuration?: Configuration) {
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
         /**
-         * This API deletes a Role by its ID.  A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
-         * @summary Delete a Role
-         * @param {string} id ID of the Role
+         * Delete a role by ID.  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups the ROLE_SUBADMIN is a member of.
+         * @summary Delete Role
+         * @param {string} id Role ID.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
@@ -50363,9 +50804,9 @@ export const RolesApiFp = function(configuration?: Configuration) {
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
         /**
-         * This API returns a Role by its ID. A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
-         * @summary Get a Role
-         * @param {string} id ID of the Role
+         * Get a role by ID. A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups of the ROLE_SUBADMIN is a member of.
+         * @summary Get Role
+         * @param {string} id Role ID.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
@@ -50400,7 +50841,7 @@ export const RolesApiFp = function(configuration?: Configuration) {
          * @param {number} [limit] Note that for this API the maximum value for limit is 50. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {number} [offset] Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {boolean} [count] If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored.  Since requesting a total count can have a performance impact, it is recommended not to send **count&#x3D;true** if that value will not be used.  See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
-         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, lt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*
+         * @param {string} [filters] Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, ge, le*  **modified**: *lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **dimensional**: *eq*
          * @param {string} [sorters] Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results)  Sorting is supported for the following fields: **name, created, modified**
          * @param {string} [forSegmentIds] If present and not empty, additionally filters Roles to those which are assigned to the Segment(s) with the specified IDs.  If segmentation is currently unavailable, specifying this parameter results in an error.
          * @param {boolean} [includeUnsegmented] Whether or not the response list should contain unsegmented Roles. If *for-segment-ids* is absent or empty, specifying *include-unsegmented* as false results in an error.
@@ -50414,9 +50855,9 @@ export const RolesApiFp = function(configuration?: Configuration) {
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
         /**
-         * This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * entitlements * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.  The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.  When you use this API to modify a role\'s membership identities, you can only modify up to a limit of 500 membership identities at a time. 
-         * @summary Patch a specified Role
-         * @param {string} id ID of the Role to patch
+         * Update an existing role, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * entitlements * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups of the ROLE_SUBADMIN is a member of.  The maximum supported length for the description field is 2000 characters. ISC preserves longer descriptions for existing roles. However, any new roles as well as any updates to existing descriptions are limited to 2000 characters.  When you use this API to modify a role\'s membership identities, you can only modify up to a limit of 500 membership identities at a time. 
+         * @summary Patch Role
+         * @param {string} id Role ID to patch
          * @param {Array<JsonPatchOperation>} jsonPatchOperation 
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
@@ -50458,8 +50899,8 @@ export const RolesApiFactory = function (configuration?: Configuration, basePath
             return localVarFp.deleteBulkRoles(requestParameters.roleBulkDeleteRequest, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
-         * This API deletes a Role by its ID.  A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
-         * @summary Delete a Role
+         * Delete a role by ID.  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups the ROLE_SUBADMIN is a member of.
+         * @summary Delete Role
          * @param {RolesApiDeleteRoleRequest} requestParameters Request parameters.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
@@ -50468,8 +50909,8 @@ export const RolesApiFactory = function (configuration?: Configuration, basePath
             return localVarFp.deleteRole(requestParameters.id, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
-         * This API returns a Role by its ID. A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
-         * @summary Get a Role
+         * Get a role by ID. A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups of the ROLE_SUBADMIN is a member of.
+         * @summary Get Role
          * @param {RolesApiGetRoleRequest} requestParameters Request parameters.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
@@ -50498,8 +50939,8 @@ export const RolesApiFactory = function (configuration?: Configuration, basePath
             return localVarFp.listRoles(requestParameters.forSubadmin, requestParameters.limit, requestParameters.offset, requestParameters.count, requestParameters.filters, requestParameters.sorters, requestParameters.forSegmentIds, requestParameters.includeUnsegmented, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
-         * This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * entitlements * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.  The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.  When you use this API to modify a role\'s membership identities, you can only modify up to a limit of 500 membership identities at a time. 
-         * @summary Patch a specified Role
+         * Update an existing role, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * entitlements * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups of the ROLE_SUBADMIN is a member of.  The maximum supported length for the description field is 2000 characters. ISC preserves longer descriptions for existing roles. However, any new roles as well as any updates to existing descriptions are limited to 2000 characters.  When you use this API to modify a role\'s membership identities, you can only modify up to a limit of 500 membership identities at a time. 
+         * @summary Patch Role
          * @param {RolesApiPatchRoleRequest} requestParameters Request parameters.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
@@ -50545,7 +50986,7 @@ export interface RolesApiDeleteBulkRolesRequest {
  */
 export interface RolesApiDeleteRoleRequest {
     /**
-     * ID of the Role
+     * Role ID.
      * @type {string}
      * @memberof RolesApiDeleteRole
      */
@@ -50559,7 +51000,7 @@ export interface RolesApiDeleteRoleRequest {
  */
 export interface RolesApiGetRoleRequest {
     /**
-     * ID of the Role
+     * Role ID.
      * @type {string}
      * @memberof RolesApiGetRole
      */
@@ -50650,7 +51091,7 @@ export interface RolesApiListRolesRequest {
     readonly count?: boolean
 
     /**
-     * Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, lt, ge, le*  **modified**: *gt, lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*
+     * Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results)  Filtering is supported for the following fields and operators:  **id**: *eq, in*  **name**: *eq, sw*  **created**: *gt, ge, le*  **modified**: *lt, ge, le*  **owner.id**: *eq, in*  **requestable**: *eq*  **dimensional**: *eq*
      * @type {string}
      * @memberof RolesApiListRoles
      */
@@ -50685,7 +51126,7 @@ export interface RolesApiListRolesRequest {
  */
 export interface RolesApiPatchRoleRequest {
     /**
-     * ID of the Role to patch
+     * Role ID to patch
      * @type {string}
      * @memberof RolesApiPatchRole
      */
@@ -50731,8 +51172,8 @@ export class RolesApi extends BaseAPI {
     }
 
     /**
-     * This API deletes a Role by its ID.  A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
-     * @summary Delete a Role
+     * Delete a role by ID.  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups the ROLE_SUBADMIN is a member of.
+     * @summary Delete Role
      * @param {RolesApiDeleteRoleRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
      * @throws {RequiredError}
@@ -50743,8 +51184,8 @@ export class RolesApi extends BaseAPI {
     }
 
     /**
-     * This API returns a Role by its ID. A user with ROLE_SUBADMIN authority may only call this API if all Access Profiles included in the Role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.
-     * @summary Get a Role
+     * Get a role by ID. A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups of the ROLE_SUBADMIN is a member of.
+     * @summary Get Role
      * @param {RolesApiGetRoleRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
      * @throws {RequiredError}
@@ -50779,8 +51220,8 @@ export class RolesApi extends BaseAPI {
     }
 
     /**
-     * This API updates an existing role using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * entitlements * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to Sources with management workgroups of which the ROLE_SUBADMIN is a member.  The maximum supported length for the description field is 2000 characters. Longer descriptions will be preserved for existing roles, however, any new roles as well as any updates to existing descriptions will be limited to 2000 characters.  When you use this API to modify a role\'s membership identities, you can only modify up to a limit of 500 membership identities at a time. 
-     * @summary Patch a specified Role
+     * Update an existing role, using the [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax. The following fields are patchable: * name * description * enabled * owner * accessProfiles * entitlements * membership * requestable * accessRequestConfig * revokeRequestConfig * segments * accessModelMetadata  A user with ROLE_SUBADMIN authority may only call this API if all access profiles included in the role are associated to sources with management workgroups of the ROLE_SUBADMIN is a member of.  The maximum supported length for the description field is 2000 characters. ISC preserves longer descriptions for existing roles. However, any new roles as well as any updates to existing descriptions are limited to 2000 characters.  When you use this API to modify a role\'s membership identities, you can only modify up to a limit of 500 membership identities at a time. 
+     * @summary Patch Role
      * @param {RolesApiPatchRoleRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
      * @throws {RequiredError}
@@ -55938,15 +56379,15 @@ export const ServiceDeskIntegrationApiAxiosParamCreator = function (configuratio
          * Update an existing Service Desk integration by ID with a PATCH request.
          * @summary Patch a Service Desk Integration
          * @param {string} id ID of the Service Desk integration to update
-         * @param {PatchServiceDeskIntegrationRequest} patchServiceDeskIntegrationRequest A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.  Only &#x60;replace&#x60; operations are accepted by this endpoint.  A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed. 
+         * @param {Array<JsonPatchOperation>} jsonPatchOperation A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.  Only &#x60;replace&#x60; operations are accepted by this endpoint.  A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed. 
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        patchServiceDeskIntegration: async (id: string, patchServiceDeskIntegrationRequest: PatchServiceDeskIntegrationRequest, axiosOptions: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+        patchServiceDeskIntegration: async (id: string, jsonPatchOperation: Array<JsonPatchOperation>, axiosOptions: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
             // verify required parameter 'id' is not null or undefined
             assertParamExists('patchServiceDeskIntegration', 'id', id)
-            // verify required parameter 'patchServiceDeskIntegrationRequest' is not null or undefined
-            assertParamExists('patchServiceDeskIntegration', 'patchServiceDeskIntegrationRequest', patchServiceDeskIntegrationRequest)
+            // verify required parameter 'jsonPatchOperation' is not null or undefined
+            assertParamExists('patchServiceDeskIntegration', 'jsonPatchOperation', jsonPatchOperation)
             const localVarPath = `/service-desk-integrations/{id}`
                 .replace(`{${"id"}}`, encodeURIComponent(String(id)));
             // use dummy base URL string because the URL constructor only accepts absolute URLs.
@@ -55975,7 +56416,7 @@ export const ServiceDeskIntegrationApiAxiosParamCreator = function (configuratio
             setSearchParams(localVarUrlObj, localVarQueryParameter);
             let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
             localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...axiosOptions.headers};
-            localVarRequestOptions.data = serializeDataIfNeeded(patchServiceDeskIntegrationRequest, localVarRequestOptions, configuration)
+            localVarRequestOptions.data = serializeDataIfNeeded(jsonPatchOperation, localVarRequestOptions, configuration)
 
             return {
                 url: toPathString(localVarUrlObj),
@@ -56181,12 +56622,12 @@ export const ServiceDeskIntegrationApiFp = function(configuration?: Configuratio
          * Update an existing Service Desk integration by ID with a PATCH request.
          * @summary Patch a Service Desk Integration
          * @param {string} id ID of the Service Desk integration to update
-         * @param {PatchServiceDeskIntegrationRequest} patchServiceDeskIntegrationRequest A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.  Only &#x60;replace&#x60; operations are accepted by this endpoint.  A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed. 
+         * @param {Array<JsonPatchOperation>} jsonPatchOperation A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.  Only &#x60;replace&#x60; operations are accepted by this endpoint.  A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed. 
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        async patchServiceDeskIntegration(id: string, patchServiceDeskIntegrationRequest: PatchServiceDeskIntegrationRequest, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<ServiceDeskIntegrationDto>> {
-            const localVarAxiosArgs = await localVarAxiosParamCreator.patchServiceDeskIntegration(id, patchServiceDeskIntegrationRequest, axiosOptions);
+        async patchServiceDeskIntegration(id: string, jsonPatchOperation: Array<JsonPatchOperation>, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<ServiceDeskIntegrationDto>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.patchServiceDeskIntegration(id, jsonPatchOperation, axiosOptions);
             const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
             const localVarOperationServerBasePath = operationServerMap['ServiceDeskIntegrationApi.patchServiceDeskIntegration']?.[localVarOperationServerIndex]?.url;
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
@@ -56304,7 +56745,7 @@ export const ServiceDeskIntegrationApiFactory = function (configuration?: Config
          * @throws {RequiredError}
          */
         patchServiceDeskIntegration(requestParameters: ServiceDeskIntegrationApiPatchServiceDeskIntegrationRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<ServiceDeskIntegrationDto> {
-            return localVarFp.patchServiceDeskIntegration(requestParameters.id, requestParameters.patchServiceDeskIntegrationRequest, axiosOptions).then((request) => request(axios, basePath));
+            return localVarFp.patchServiceDeskIntegration(requestParameters.id, requestParameters.jsonPatchOperation, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
          * Update an existing Service Desk integration by ID.
@@ -56442,10 +56883,10 @@ export interface ServiceDeskIntegrationApiPatchServiceDeskIntegrationRequest {
 
     /**
      * A list of SDIM update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.  Only &#x60;replace&#x60; operations are accepted by this endpoint.  A 403 Forbidden Error indicates that a PATCH operation was attempted that is not allowed. 
-     * @type {PatchServiceDeskIntegrationRequest}
+     * @type {Array<JsonPatchOperation>}
      * @memberof ServiceDeskIntegrationApiPatchServiceDeskIntegration
      */
-    readonly patchServiceDeskIntegrationRequest: PatchServiceDeskIntegrationRequest
+    readonly jsonPatchOperation: Array<JsonPatchOperation>
 }
 
 /**
@@ -56581,7 +57022,7 @@ export class ServiceDeskIntegrationApi extends BaseAPI {
      * @memberof ServiceDeskIntegrationApi
      */
     public patchServiceDeskIntegration(requestParameters: ServiceDeskIntegrationApiPatchServiceDeskIntegrationRequest, axiosOptions?: RawAxiosRequestConfig) {
-        return ServiceDeskIntegrationApiFp(this.configuration).patchServiceDeskIntegration(requestParameters.id, requestParameters.patchServiceDeskIntegrationRequest, axiosOptions).then((request) => request(this.axios, this.basePath));
+        return ServiceDeskIntegrationApiFp(this.configuration).patchServiceDeskIntegration(requestParameters.id, requestParameters.jsonPatchOperation, axiosOptions).then((request) => request(this.axios, this.basePath));
     }
 
     /**
@@ -63174,10 +63615,11 @@ export const WorkflowsApiAxiosParamCreator = function (configuration?: Configura
          * Get a single workflow by id.
          * @summary Get Workflow By Id
          * @param {string} id Id of the workflow
+         * @param {boolean} [workflowMetrics] disable workflow metrics
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        getWorkflow: async (id: string, axiosOptions: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+        getWorkflow: async (id: string, workflowMetrics?: boolean, axiosOptions: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
             // verify required parameter 'id' is not null or undefined
             assertParamExists('getWorkflow', 'id', id)
             const localVarPath = `/workflows/{id}`
@@ -63201,6 +63643,10 @@ export const WorkflowsApiAxiosParamCreator = function (configuration?: Configura
             // oauth required
             await setOAuthToObject(localVarHeaderParameter, "userAuth", [], configuration)
 
+            if (workflowMetrics !== undefined) {
+                localVarQueryParameter['workflowMetrics'] = workflowMetrics;
+            }
+
 
     
             setSearchParams(localVarUrlObj, localVarQueryParameter);
@@ -63213,7 +63659,7 @@ export const WorkflowsApiAxiosParamCreator = function (configuration?: Configura
             };
         },
         /**
-         * Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.
+         * Get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.
          * @summary Get Workflow Execution
          * @param {string} id Workflow execution ID.
          * @param {*} [axiosOptions] Override http request option.
@@ -63553,10 +63999,14 @@ export const WorkflowsApiAxiosParamCreator = function (configuration?: Configura
         /**
          * List all workflows in the tenant.
          * @summary List Workflows
+         * @param {string} [triggerId] Trigger ID
+         * @param {string} [connectorInstanceId] Connector Instance ID
+         * @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
+         * @param {number} [offset] Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        listWorkflows: async (axiosOptions: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+        listWorkflows: async (triggerId?: string, connectorInstanceId?: string, limit?: number, offset?: number, axiosOptions: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
             const localVarPath = `/workflows`;
             // use dummy base URL string because the URL constructor only accepts absolute URLs.
             const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
@@ -63577,6 +64027,22 @@ export const WorkflowsApiAxiosParamCreator = function (configuration?: Configura
             // oauth required
             await setOAuthToObject(localVarHeaderParameter, "userAuth", [], configuration)
 
+            if (triggerId !== undefined) {
+                localVarQueryParameter['triggerId'] = triggerId;
+            }
+
+            if (connectorInstanceId !== undefined) {
+                localVarQueryParameter['connectorInstanceId'] = connectorInstanceId;
+            }
+
+            if (limit !== undefined) {
+                localVarQueryParameter['limit'] = limit;
+            }
+
+            if (offset !== undefined) {
+                localVarQueryParameter['offset'] = offset;
+            }
+
 
     
             setSearchParams(localVarUrlObj, localVarQueryParameter);
@@ -63858,17 +64324,18 @@ export const WorkflowsApiFp = function(configuration?: Configuration) {
          * Get a single workflow by id.
          * @summary Get Workflow By Id
          * @param {string} id Id of the workflow
+         * @param {boolean} [workflowMetrics] disable workflow metrics
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        async getWorkflow(id: string, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Workflow>> {
-            const localVarAxiosArgs = await localVarAxiosParamCreator.getWorkflow(id, axiosOptions);
+        async getWorkflow(id: string, workflowMetrics?: boolean, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Workflow>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.getWorkflow(id, workflowMetrics, axiosOptions);
             const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
             const localVarOperationServerBasePath = operationServerMap['WorkflowsApi.getWorkflow']?.[localVarOperationServerIndex]?.url;
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
         /**
-         * Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.
+         * Get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.
          * @summary Get Workflow Execution
          * @param {string} id Workflow execution ID.
          * @param {*} [axiosOptions] Override http request option.
@@ -63969,11 +64436,15 @@ export const WorkflowsApiFp = function(configuration?: Configuration) {
         /**
          * List all workflows in the tenant.
          * @summary List Workflows
+         * @param {string} [triggerId] Trigger ID
+         * @param {string} [connectorInstanceId] Connector Instance ID
+         * @param {number} [limit] Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
+         * @param {number} [offset] Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        async listWorkflows(axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Array<Workflow>>> {
-            const localVarAxiosArgs = await localVarAxiosParamCreator.listWorkflows(axiosOptions);
+        async listWorkflows(triggerId?: string, connectorInstanceId?: string, limit?: number, offset?: number, axiosOptions?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<Array<Workflow>>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.listWorkflows(triggerId, connectorInstanceId, limit, offset, axiosOptions);
             const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
             const localVarOperationServerBasePath = operationServerMap['WorkflowsApi.listWorkflows']?.[localVarOperationServerIndex]?.url;
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
@@ -64102,10 +64573,10 @@ export const WorkflowsApiFactory = function (configuration?: Configuration, base
          * @throws {RequiredError}
          */
         getWorkflow(requestParameters: WorkflowsApiGetWorkflowRequest, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<Workflow> {
-            return localVarFp.getWorkflow(requestParameters.id, axiosOptions).then((request) => request(axios, basePath));
+            return localVarFp.getWorkflow(requestParameters.id, requestParameters.workflowMetrics, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
-         * Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.
+         * Get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.
          * @summary Get Workflow Execution
          * @param {WorkflowsApiGetWorkflowExecutionRequest} requestParameters Request parameters.
          * @param {*} [axiosOptions] Override http request option.
@@ -64176,11 +64647,12 @@ export const WorkflowsApiFactory = function (configuration?: Configuration, base
         /**
          * List all workflows in the tenant.
          * @summary List Workflows
+         * @param {WorkflowsApiListWorkflowsRequest} requestParameters Request parameters.
          * @param {*} [axiosOptions] Override http request option.
          * @throws {RequiredError}
          */
-        listWorkflows(axiosOptions?: RawAxiosRequestConfig): AxiosPromise<Array<Workflow>> {
-            return localVarFp.listWorkflows(axiosOptions).then((request) => request(axios, basePath));
+        listWorkflows(requestParameters: WorkflowsApiListWorkflowsRequest = {}, axiosOptions?: RawAxiosRequestConfig): AxiosPromise<Array<Workflow>> {
+            return localVarFp.listWorkflows(requestParameters.triggerId, requestParameters.connectorInstanceId, requestParameters.limit, requestParameters.offset, axiosOptions).then((request) => request(axios, basePath));
         },
         /**
          * Partially update an existing Workflow using [JSON Patch](https://tools.ietf.org/html/rfc6902) syntax.
@@ -64314,6 +64786,13 @@ export interface WorkflowsApiGetWorkflowRequest {
      * @memberof WorkflowsApiGetWorkflow
      */
     readonly id: string
+
+    /**
+     * disable workflow metrics
+     * @type {boolean}
+     * @memberof WorkflowsApiGetWorkflow
+     */
+    readonly workflowMetrics?: boolean
 }
 
 /**
@@ -64463,6 +64942,41 @@ export interface WorkflowsApiListWorkflowLibraryTriggersRequest {
     readonly filters?: string
 }
 
+/**
+ * Request parameters for listWorkflows operation in WorkflowsApi.
+ * @export
+ * @interface WorkflowsApiListWorkflowsRequest
+ */
+export interface WorkflowsApiListWorkflowsRequest {
+    /**
+     * Trigger ID
+     * @type {string}
+     * @memberof WorkflowsApiListWorkflows
+     */
+    readonly triggerId?: string
+
+    /**
+     * Connector Instance ID
+     * @type {string}
+     * @memberof WorkflowsApiListWorkflows
+     */
+    readonly connectorInstanceId?: string
+
+    /**
+     * Max number of results to return. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
+     * @type {number}
+     * @memberof WorkflowsApiListWorkflows
+     */
+    readonly limit?: number
+
+    /**
+     * Offset into the full result set. Usually specified with *limit* to paginate through the results. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information.
+     * @type {number}
+     * @memberof WorkflowsApiListWorkflows
+     */
+    readonly offset?: number
+}
+
 /**
  * Request parameters for patchWorkflow operation in WorkflowsApi.
  * @export
@@ -64623,11 +65137,11 @@ export class WorkflowsApi extends BaseAPI {
      * @memberof WorkflowsApi
      */
     public getWorkflow(requestParameters: WorkflowsApiGetWorkflowRequest, axiosOptions?: RawAxiosRequestConfig) {
-        return WorkflowsApiFp(this.configuration).getWorkflow(requestParameters.id, axiosOptions).then((request) => request(this.axios, this.basePath));
+        return WorkflowsApiFp(this.configuration).getWorkflow(requestParameters.id, requestParameters.workflowMetrics, axiosOptions).then((request) => request(this.axios, this.basePath));
     }
 
     /**
-     * Use this API to get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.
+     * Get a single workflow execution. Workflow executions are available for up to 90 days before being archived. If you attempt to access a workflow execution that has been archived, you will receive a \"404 Not Found\" response.
      * @summary Get Workflow Execution
      * @param {WorkflowsApiGetWorkflowExecutionRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
@@ -64712,12 +65226,13 @@ export class WorkflowsApi extends BaseAPI {
     /**
      * List all workflows in the tenant.
      * @summary List Workflows
+     * @param {WorkflowsApiListWorkflowsRequest} requestParameters Request parameters.
      * @param {*} [axiosOptions] Override http request option.
      * @throws {RequiredError}
      * @memberof WorkflowsApi
      */
-    public listWorkflows(axiosOptions?: RawAxiosRequestConfig) {
-        return WorkflowsApiFp(this.configuration).listWorkflows(axiosOptions).then((request) => request(this.axios, this.basePath));
+    public listWorkflows(requestParameters: WorkflowsApiListWorkflowsRequest = {}, axiosOptions?: RawAxiosRequestConfig) {
+        return WorkflowsApiFp(this.configuration).listWorkflows(requestParameters.triggerId, requestParameters.connectorInstanceId, requestParameters.limit, requestParameters.offset, axiosOptions).then((request) => request(this.axios, this.basePath));
     }
 
     /**