diff --git a/reference.md b/reference.md
index a2b562d6e..63ce933c5 100644
--- a/reference.md
+++ b/reference.md
@@ -2349,7 +2349,7 @@ await client.connections.checkStatus("id");
 
 ## CustomDomains
 
-<details><summary><code>client.customDomains.<a href="/src/management/api/resources/customDomains/client/Client.ts">list</a>() -> Management.ListCustomDomainsResponseContent</code></summary>
+<details><summary><code>client.customDomains.<a href="/src/management/api/resources/customDomains/client/Client.ts">list</a>({ ...params }) -> core.Page<Management.CustomDomain, Management.ListCustomDomainsPaginatedResponseContent></code></summary>
 <dl>
 <dd>
 
@@ -2377,7 +2377,33 @@ Retrieve details on <a href="https://auth0.com/docs/custom-domains">custom domai
 <dd>
 
 ```typescript
-await client.customDomains.list();
+const pageableResponse = await client.customDomains.list({
+    take: 1,
+    from: "from",
+    q: "q",
+    fields: "fields",
+    include_fields: true,
+    sort: "sort",
+});
+for await (const item of pageableResponse) {
+    console.log(item);
+}
+
+// Or you can manually iterate page-by-page
+let page = await client.customDomains.list({
+    take: 1,
+    from: "from",
+    q: "q",
+    fields: "fields",
+    include_fields: true,
+    sort: "sort",
+});
+while (page.hasNextPage()) {
+    page = page.getNextPage();
+}
+
+// You can also access the underlying response
+const response = page.response;
 ```
 
 </dd>
@@ -2393,6 +2419,14 @@ await client.customDomains.list();
 <dl>
 <dd>
 
+**request:** `Management.ListCustomDomainsRequestParameters`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
 **requestOptions:** `CustomDomainsClient.RequestOptions`
 
 </dd>
@@ -9081,6 +9115,8 @@ await client.tickets.changePassword();
 
 Retrieve a list of all Token Exchange Profiles available in your tenant.
 
+By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta’s Master Subscription Agreement</a>. It is your responsibility to securely validate the user’s subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+
 This endpoint supports Checkpoint pagination. To search by checkpoint, use the following parameters:
 
 <ul>
@@ -9171,6 +9207,8 @@ const response = page.response;
 
 Create a new Token Exchange Profile within your tenant.
 
+By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta’s Master Subscription Agreement</a>. It is your responsibility to securely validate the user’s subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+
 </dd>
 </dl>
 </dd>
@@ -9238,6 +9276,8 @@ await client.tokenExchangeProfiles.create({
 
 Retrieve details about a single Token Exchange Profile specified by ID.
 
+By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta’s Master Subscription Agreement</a>. It is your responsibility to securely validate the user’s subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+
 </dd>
 </dl>
 </dd>
@@ -9301,6 +9341,8 @@ await client.tokenExchangeProfiles.get("id");
 
 Delete a Token Exchange Profile within your tenant.
 
+By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta's Master Subscription Agreement</a>. It is your responsibility to securely validate the user's subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+
 </dd>
 </dl>
 </dd>
@@ -9364,6 +9406,8 @@ await client.tokenExchangeProfiles.delete("id");
 
 Update a Token Exchange Profile within your tenant.
 
+By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta's Master Subscription Agreement</a>. It is your responsibility to securely validate the user's subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+
 </dd>
 </dl>
 </dd>
@@ -14196,9 +14240,9 @@ await client.connections.clients.update("id", [
 </dl>
 </details>
 
-## Connections Keys
+## Connections DirectoryProvisioning
 
-<details><summary><code>client.connections.keys.<a href="/src/management/api/resources/connections/resources/keys/client/Client.ts">get</a>(id) -> Management.ConnectionKey[]</code></summary>
+<details><summary><code>client.connections.directoryProvisioning.<a href="/src/management/api/resources/connections/resources/directoryProvisioning/client/Client.ts">get</a>(id) -> Management.GetDirectoryProvisioningResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14210,7 +14254,7 @@ await client.connections.clients.update("id", [
 <dl>
 <dd>
 
-Gets the connection keys for the Okta or OIDC connection strategy.
+Retrieve the directory provisioning configuration of a connection.
 
 </dd>
 </dl>
@@ -14226,7 +14270,7 @@ Gets the connection keys for the Okta or OIDC connection strategy.
 <dd>
 
 ```typescript
-await client.connections.keys.get("id");
+await client.connections.directoryProvisioning.get("id");
 ```
 
 </dd>
@@ -14242,7 +14286,7 @@ await client.connections.keys.get("id");
 <dl>
 <dd>
 
-**id:** `string` — ID of the connection
+**id:** `string` — The id of the connection to retrieve its directory provisioning configuration
 
 </dd>
 </dl>
@@ -14250,7 +14294,7 @@ await client.connections.keys.get("id");
 <dl>
 <dd>
 
-**requestOptions:** `KeysClient.RequestOptions`
+**requestOptions:** `DirectoryProvisioningClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14261,7 +14305,7 @@ await client.connections.keys.get("id");
 </dl>
 </details>
 
-<details><summary><code>client.connections.keys.<a href="/src/management/api/resources/connections/resources/keys/client/Client.ts">rotate</a>(id, { ...params }) -> Management.RotateConnectionsKeysResponseContent</code></summary>
+<details><summary><code>client.connections.directoryProvisioning.<a href="/src/management/api/resources/connections/resources/directoryProvisioning/client/Client.ts">create</a>(id, { ...params }) -> Management.CreateDirectoryProvisioningResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14273,7 +14317,7 @@ await client.connections.keys.get("id");
 <dl>
 <dd>
 
-Rotates the connection keys for the Okta or OIDC connection strategies.
+Create a directory provisioning configuration for a connection.
 
 </dd>
 </dl>
@@ -14289,7 +14333,7 @@ Rotates the connection keys for the Okta or OIDC connection strategies.
 <dd>
 
 ```typescript
-await client.connections.keys.rotate("id");
+await client.connections.directoryProvisioning.create("id");
 ```
 
 </dd>
@@ -14305,7 +14349,7 @@ await client.connections.keys.rotate("id");
 <dl>
 <dd>
 
-**id:** `string` — ID of the connection
+**id:** `string` — The id of the connection to create its directory provisioning configuration
 
 </dd>
 </dl>
@@ -14313,7 +14357,7 @@ await client.connections.keys.rotate("id");
 <dl>
 <dd>
 
-**request:** `Management.RotateConnectionKeysRequestContent | null`
+**request:** `Management.CreateDirectoryProvisioningRequestContent | null`
 
 </dd>
 </dl>
@@ -14321,7 +14365,7 @@ await client.connections.keys.rotate("id");
 <dl>
 <dd>
 
-**requestOptions:** `KeysClient.RequestOptions`
+**requestOptions:** `DirectoryProvisioningClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14332,9 +14376,7 @@ await client.connections.keys.rotate("id");
 </dl>
 </details>
 
-## Connections ScimConfiguration
-
-<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">get</a>(id) -> Management.GetScimConfigurationResponseContent</code></summary>
+<details><summary><code>client.connections.directoryProvisioning.<a href="/src/management/api/resources/connections/resources/directoryProvisioning/client/Client.ts">delete</a>(id) -> void</code></summary>
 <dl>
 <dd>
 
@@ -14346,7 +14388,7 @@ await client.connections.keys.rotate("id");
 <dl>
 <dd>
 
-Retrieves a scim configuration by its <code>connectionId</code>.
+Delete the directory provisioning configuration of a connection.
 
 </dd>
 </dl>
@@ -14362,7 +14404,7 @@ Retrieves a scim configuration by its <code>connectionId</code>.
 <dd>
 
 ```typescript
-await client.connections.scimConfiguration.get("id");
+await client.connections.directoryProvisioning.delete("id");
 ```
 
 </dd>
@@ -14378,7 +14420,7 @@ await client.connections.scimConfiguration.get("id");
 <dl>
 <dd>
 
-**id:** `string` — The id of the connection to retrieve its SCIM configuration
+**id:** `string` — The id of the connection to delete its directory provisioning configuration
 
 </dd>
 </dl>
@@ -14386,7 +14428,7 @@ await client.connections.scimConfiguration.get("id");
 <dl>
 <dd>
 
-**requestOptions:** `ScimConfigurationClient.RequestOptions`
+**requestOptions:** `DirectoryProvisioningClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14397,7 +14439,7 @@ await client.connections.scimConfiguration.get("id");
 </dl>
 </details>
 
-<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">create</a>(id, { ...params }) -> Management.CreateScimConfigurationResponseContent</code></summary>
+<details><summary><code>client.connections.directoryProvisioning.<a href="/src/management/api/resources/connections/resources/directoryProvisioning/client/Client.ts">update</a>(id, { ...params }) -> Management.UpdateDirectoryProvisioningResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14409,7 +14451,7 @@ await client.connections.scimConfiguration.get("id");
 <dl>
 <dd>
 
-Create a scim configuration for a connection.
+Update the directory provisioning configuration of a connection.
 
 </dd>
 </dl>
@@ -14425,7 +14467,7 @@ Create a scim configuration for a connection.
 <dd>
 
 ```typescript
-await client.connections.scimConfiguration.create("id");
+await client.connections.directoryProvisioning.update("id");
 ```
 
 </dd>
@@ -14441,7 +14483,7 @@ await client.connections.scimConfiguration.create("id");
 <dl>
 <dd>
 
-**id:** `string` — The id of the connection to create its SCIM configuration
+**id:** `string` — The id of the connection to create its directory provisioning configuration
 
 </dd>
 </dl>
@@ -14449,7 +14491,7 @@ await client.connections.scimConfiguration.create("id");
 <dl>
 <dd>
 
-**request:** `Management.CreateScimConfigurationRequestContent | null`
+**request:** `Management.UpdateDirectoryProvisioningRequestContent | null`
 
 </dd>
 </dl>
@@ -14457,7 +14499,7 @@ await client.connections.scimConfiguration.create("id");
 <dl>
 <dd>
 
-**requestOptions:** `ScimConfigurationClient.RequestOptions`
+**requestOptions:** `DirectoryProvisioningClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14468,7 +14510,7 @@ await client.connections.scimConfiguration.create("id");
 </dl>
 </details>
 
-<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">delete</a>(id) -> void</code></summary>
+<details><summary><code>client.connections.directoryProvisioning.<a href="/src/management/api/resources/connections/resources/directoryProvisioning/client/Client.ts">getDefaultMapping</a>(id) -> Management.GetDirectoryProvisioningDefaultMappingResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14480,7 +14522,7 @@ await client.connections.scimConfiguration.create("id");
 <dl>
 <dd>
 
-Deletes a scim configuration by its <code>connectionId</code>.
+Retrieve the directory provisioning default attribute mapping of a connection.
 
 </dd>
 </dl>
@@ -14496,7 +14538,7 @@ Deletes a scim configuration by its <code>connectionId</code>.
 <dd>
 
 ```typescript
-await client.connections.scimConfiguration.delete("id");
+await client.connections.directoryProvisioning.getDefaultMapping("id");
 ```
 
 </dd>
@@ -14512,7 +14554,7 @@ await client.connections.scimConfiguration.delete("id");
 <dl>
 <dd>
 
-**id:** `string` — The id of the connection to delete its SCIM configuration
+**id:** `string` — The id of the connection to retrieve its directory provisioning configuration
 
 </dd>
 </dl>
@@ -14520,7 +14562,7 @@ await client.connections.scimConfiguration.delete("id");
 <dl>
 <dd>
 
-**requestOptions:** `ScimConfigurationClient.RequestOptions`
+**requestOptions:** `DirectoryProvisioningClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14531,7 +14573,9 @@ await client.connections.scimConfiguration.delete("id");
 </dl>
 </details>
 
-<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">update</a>(id, { ...params }) -> Management.UpdateScimConfigurationResponseContent</code></summary>
+## Connections Keys
+
+<details><summary><code>client.connections.keys.<a href="/src/management/api/resources/connections/resources/keys/client/Client.ts">get</a>(id) -> Management.ConnectionKey[]</code></summary>
 <dl>
 <dd>
 
@@ -14543,7 +14587,7 @@ await client.connections.scimConfiguration.delete("id");
 <dl>
 <dd>
 
-Update a scim configuration by its <code>connectionId</code>.
+Gets the connection keys for the Okta or OIDC connection strategy.
 
 </dd>
 </dl>
@@ -14559,10 +14603,7 @@ Update a scim configuration by its <code>connectionId</code>.
 <dd>
 
 ```typescript
-await client.connections.scimConfiguration.update("id", {
-    user_id_attribute: "user_id_attribute",
-    mapping: [{}],
-});
+await client.connections.keys.get("id");
 ```
 
 </dd>
@@ -14578,15 +14619,7 @@ await client.connections.scimConfiguration.update("id", {
 <dl>
 <dd>
 
-**id:** `string` — The id of the connection to update its SCIM configuration
-
-</dd>
-</dl>
-
-<dl>
-<dd>
-
-**request:** `Management.UpdateScimConfigurationRequestContent`
+**id:** `string` — ID of the connection
 
 </dd>
 </dl>
@@ -14594,7 +14627,7 @@ await client.connections.scimConfiguration.update("id", {
 <dl>
 <dd>
 
-**requestOptions:** `ScimConfigurationClient.RequestOptions`
+**requestOptions:** `KeysClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14605,7 +14638,7 @@ await client.connections.scimConfiguration.update("id", {
 </dl>
 </details>
 
-<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">getDefaultMapping</a>(id) -> Management.GetScimConfigurationDefaultMappingResponseContent</code></summary>
+<details><summary><code>client.connections.keys.<a href="/src/management/api/resources/connections/resources/keys/client/Client.ts">rotate</a>(id, { ...params }) -> Management.RotateConnectionsKeysResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14617,7 +14650,7 @@ await client.connections.scimConfiguration.update("id", {
 <dl>
 <dd>
 
-Retrieves a scim configuration's default mapping by its <code>connectionId</code>.
+Rotates the connection keys for the Okta or OIDC connection strategies.
 
 </dd>
 </dl>
@@ -14633,7 +14666,7 @@ Retrieves a scim configuration's default mapping by its <code>connectionId</code
 <dd>
 
 ```typescript
-await client.connections.scimConfiguration.getDefaultMapping("id");
+await client.connections.keys.rotate("id");
 ```
 
 </dd>
@@ -14649,7 +14682,7 @@ await client.connections.scimConfiguration.getDefaultMapping("id");
 <dl>
 <dd>
 
-**id:** `string` — The id of the connection to retrieve its default SCIM mapping
+**id:** `string` — ID of the connection
 
 </dd>
 </dl>
@@ -14657,7 +14690,15 @@ await client.connections.scimConfiguration.getDefaultMapping("id");
 <dl>
 <dd>
 
-**requestOptions:** `ScimConfigurationClient.RequestOptions`
+**request:** `Management.RotateConnectionKeysRequestContent | null`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `KeysClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14668,9 +14709,9 @@ await client.connections.scimConfiguration.getDefaultMapping("id");
 </dl>
 </details>
 
-## Connections Users
+## Connections ScimConfiguration
 
-<details><summary><code>client.connections.users.<a href="/src/management/api/resources/connections/resources/users/client/Client.ts">deleteByEmail</a>(id, { ...params }) -> void</code></summary>
+<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">get</a>(id) -> Management.GetScimConfigurationResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14682,7 +14723,7 @@ await client.connections.scimConfiguration.getDefaultMapping("id");
 <dl>
 <dd>
 
-Deletes a specified connection user by its email (you cannot delete all users from specific connection). Currently, only Database Connections are supported.
+Retrieves a scim configuration by its <code>connectionId</code>.
 
 </dd>
 </dl>
@@ -14698,9 +14739,7 @@ Deletes a specified connection user by its email (you cannot delete all users fr
 <dd>
 
 ```typescript
-await client.connections.users.deleteByEmail("id", {
-    email: "email",
-});
+await client.connections.scimConfiguration.get("id");
 ```
 
 </dd>
@@ -14716,15 +14755,7 @@ await client.connections.users.deleteByEmail("id", {
 <dl>
 <dd>
 
-**id:** `string` — The id of the connection (currently only database connections are supported)
-
-</dd>
-</dl>
-
-<dl>
-<dd>
-
-**request:** `Management.DeleteConnectionUsersByEmailQueryParameters`
+**id:** `string` — The id of the connection to retrieve its SCIM configuration
 
 </dd>
 </dl>
@@ -14732,7 +14763,7 @@ await client.connections.users.deleteByEmail("id", {
 <dl>
 <dd>
 
-**requestOptions:** `UsersClient.RequestOptions`
+**requestOptions:** `ScimConfigurationClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14743,9 +14774,7 @@ await client.connections.users.deleteByEmail("id", {
 </dl>
 </details>
 
-## Connections ScimConfiguration Tokens
-
-<details><summary><code>client.connections.scimConfiguration.tokens.<a href="/src/management/api/resources/connections/resources/scimConfiguration/resources/tokens/client/Client.ts">get</a>(id) -> Management.GetScimTokensResponseContent</code></summary>
+<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">create</a>(id, { ...params }) -> Management.CreateScimConfigurationResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14757,7 +14786,7 @@ await client.connections.users.deleteByEmail("id", {
 <dl>
 <dd>
 
-Retrieves all scim tokens by its connection <code>id</code>.
+Create a scim configuration for a connection.
 
 </dd>
 </dl>
@@ -14773,7 +14802,7 @@ Retrieves all scim tokens by its connection <code>id</code>.
 <dd>
 
 ```typescript
-await client.connections.scimConfiguration.tokens.get("id");
+await client.connections.scimConfiguration.create("id");
 ```
 
 </dd>
@@ -14789,7 +14818,7 @@ await client.connections.scimConfiguration.tokens.get("id");
 <dl>
 <dd>
 
-**id:** `string` — The id of the connection to retrieve its SCIM configuration
+**id:** `string` — The id of the connection to create its SCIM configuration
 
 </dd>
 </dl>
@@ -14797,7 +14826,15 @@ await client.connections.scimConfiguration.tokens.get("id");
 <dl>
 <dd>
 
-**requestOptions:** `TokensClient.RequestOptions`
+**request:** `Management.CreateScimConfigurationRequestContent | null`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `ScimConfigurationClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14808,7 +14845,7 @@ await client.connections.scimConfiguration.tokens.get("id");
 </dl>
 </details>
 
-<details><summary><code>client.connections.scimConfiguration.tokens.<a href="/src/management/api/resources/connections/resources/scimConfiguration/resources/tokens/client/Client.ts">create</a>(id, { ...params }) -> Management.CreateScimTokenResponseContent</code></summary>
+<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">delete</a>(id) -> void</code></summary>
 <dl>
 <dd>
 
@@ -14820,7 +14857,7 @@ await client.connections.scimConfiguration.tokens.get("id");
 <dl>
 <dd>
 
-Create a scim token for a scim client.
+Deletes a scim configuration by its <code>connectionId</code>.
 
 </dd>
 </dl>
@@ -14836,7 +14873,7 @@ Create a scim token for a scim client.
 <dd>
 
 ```typescript
-await client.connections.scimConfiguration.tokens.create("id");
+await client.connections.scimConfiguration.delete("id");
 ```
 
 </dd>
@@ -14852,15 +14889,7 @@ await client.connections.scimConfiguration.tokens.create("id");
 <dl>
 <dd>
 
-**id:** `string` — The id of the connection to create its SCIM token
-
-</dd>
-</dl>
-
-<dl>
-<dd>
-
-**request:** `Management.CreateScimTokenRequestContent`
+**id:** `string` — The id of the connection to delete its SCIM configuration
 
 </dd>
 </dl>
@@ -14868,7 +14897,7 @@ await client.connections.scimConfiguration.tokens.create("id");
 <dl>
 <dd>
 
-**requestOptions:** `TokensClient.RequestOptions`
+**requestOptions:** `ScimConfigurationClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14879,7 +14908,7 @@ await client.connections.scimConfiguration.tokens.create("id");
 </dl>
 </details>
 
-<details><summary><code>client.connections.scimConfiguration.tokens.<a href="/src/management/api/resources/connections/resources/scimConfiguration/resources/tokens/client/Client.ts">delete</a>(id, tokenId) -> void</code></summary>
+<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">update</a>(id, { ...params }) -> Management.UpdateScimConfigurationResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14891,7 +14920,7 @@ await client.connections.scimConfiguration.tokens.create("id");
 <dl>
 <dd>
 
-Deletes a scim token by its connection <code>id</code> and <code>tokenId</code>.
+Update a scim configuration by its <code>connectionId</code>.
 
 </dd>
 </dl>
@@ -14907,7 +14936,10 @@ Deletes a scim token by its connection <code>id</code> and <code>tokenId</code>.
 <dd>
 
 ```typescript
-await client.connections.scimConfiguration.tokens.delete("id", "tokenId");
+await client.connections.scimConfiguration.update("id", {
+    user_id_attribute: "user_id_attribute",
+    mapping: [{}],
+});
 ```
 
 </dd>
@@ -14923,7 +14955,7 @@ await client.connections.scimConfiguration.tokens.delete("id", "tokenId");
 <dl>
 <dd>
 
-**id:** `string` — The connection id that owns the SCIM token to delete
+**id:** `string` — The id of the connection to update its SCIM configuration
 
 </dd>
 </dl>
@@ -14931,7 +14963,7 @@ await client.connections.scimConfiguration.tokens.delete("id", "tokenId");
 <dl>
 <dd>
 
-**tokenId:** `string` — The id of the scim token to delete
+**request:** `Management.UpdateScimConfigurationRequestContent`
 
 </dd>
 </dl>
@@ -14939,7 +14971,7 @@ await client.connections.scimConfiguration.tokens.delete("id", "tokenId");
 <dl>
 <dd>
 
-**requestOptions:** `TokensClient.RequestOptions`
+**requestOptions:** `ScimConfigurationClient.RequestOptions`
 
 </dd>
 </dl>
@@ -14950,9 +14982,7 @@ await client.connections.scimConfiguration.tokens.delete("id", "tokenId");
 </dl>
 </details>
 
-## Emails Provider
-
-<details><summary><code>client.emails.provider.<a href="/src/management/api/resources/emails/resources/provider/client/Client.ts">get</a>({ ...params }) -> Management.GetEmailProviderResponseContent</code></summary>
+<details><summary><code>client.connections.scimConfiguration.<a href="/src/management/api/resources/connections/resources/scimConfiguration/client/Client.ts">getDefaultMapping</a>(id) -> Management.GetScimConfigurationDefaultMappingResponseContent</code></summary>
 <dl>
 <dd>
 
@@ -14964,7 +14994,7 @@ await client.connections.scimConfiguration.tokens.delete("id", "tokenId");
 <dl>
 <dd>
 
-Retrieve details of the <a href="https://auth0.com/docs/customize/email/smtp-email-providers">email provider configuration</a> in your tenant. A list of fields to include or exclude may also be specified.
+Retrieves a scim configuration's default mapping by its <code>connectionId</code>.
 
 </dd>
 </dl>
@@ -14980,10 +15010,7 @@ Retrieve details of the <a href="https://auth0.com/docs/customize/email/smtp-ema
 <dd>
 
 ```typescript
-await client.emails.provider.get({
-    fields: "fields",
-    include_fields: true,
-});
+await client.connections.scimConfiguration.getDefaultMapping("id");
 ```
 
 </dd>
@@ -14999,7 +15026,7 @@ await client.emails.provider.get({
 <dl>
 <dd>
 
-**request:** `Management.GetEmailProviderRequestParameters`
+**id:** `string` — The id of the connection to retrieve its default SCIM mapping
 
 </dd>
 </dl>
@@ -15007,7 +15034,7 @@ await client.emails.provider.get({
 <dl>
 <dd>
 
-**requestOptions:** `ProviderClient.RequestOptions`
+**requestOptions:** `ScimConfigurationClient.RequestOptions`
 
 </dd>
 </dl>
@@ -15018,7 +15045,9 @@ await client.emails.provider.get({
 </dl>
 </details>
 
-<details><summary><code>client.emails.provider.<a href="/src/management/api/resources/emails/resources/provider/client/Client.ts">create</a>({ ...params }) -> Management.CreateEmailProviderResponseContent</code></summary>
+## Connections Users
+
+<details><summary><code>client.connections.users.<a href="/src/management/api/resources/connections/resources/users/client/Client.ts">deleteByEmail</a>(id, { ...params }) -> void</code></summary>
 <dl>
 <dd>
 
@@ -15030,49 +15059,8 @@ await client.emails.provider.get({
 <dl>
 <dd>
 
-Create an <a href="https://auth0.com/docs/email/providers">email provider</a>. The <code>credentials</code> object
-requires different properties depending on the email provider (which is specified using the <code>name</code> property):
+Deletes a specified connection user by its email (you cannot delete all users from specific connection). Currently, only Database Connections are supported.
 
-<ul>
-  <li><code>mandrill</code> requires <code>api_key</code></li>
-  <li><code>sendgrid</code> requires <code>api_key</code></li>
-  <li>
-    <code>sparkpost</code> requires <code>api_key</code>. Optionally, set <code>region</code> to <code>eu</code> to use
-    the SparkPost service hosted in Western Europe; set to <code>null</code> to use the SparkPost service hosted in
-    North America. <code>eu</code> or <code>null</code> are the only valid values for <code>region</code>.
-  </li>
-  <li>
-    <code>mailgun</code> requires <code>api_key</code> and <code>domain</code>. Optionally, set <code>region</code> to
-    <code>eu</code> to use the Mailgun service hosted in Europe; set to <code>null</code> otherwise. <code>eu</code> or
-    <code>null</code> are the only valid values for <code>region</code>.
-  </li>
-  <li><code>ses</code> requires <code>accessKeyId</code>, <code>secretAccessKey</code>, and <code>region</code></li>
-  <li>
-    <code>smtp</code> requires <code>smtp_host</code>, <code>smtp_port</code>, <code>smtp_user</code>, and
-    <code>smtp_pass</code>
-  </li>
-</ul>
-Depending on the type of provider it is possible to specify <code>settings</code> object with different configuration
-options, which will be used when sending an email:
-<ul>
-  <li>
-    <code>smtp</code> provider, <code>settings</code> may contain <code>headers</code> object.
-    <ul>
-      <li>
-        When using AWS SES SMTP host, you may provide a name of configuration set in
-        <code>X-SES-Configuration-Set</code> header. Value must be a string.
-      </li>
-      <li>
-        When using Sparkpost host, you may provide value for
-        <code>X-MSYS_API</code> header. Value must be an object.
-      </li>
-    </ul>
-  </li>
-  <li>
-    for <code>ses</code> provider, <code>settings</code> may contain <code>message</code> object, where you can provide
-    a name of configuration set in <code>configuration_set_name</code> property. Value must be a string.
-  </li>
-</ul>
 </dd>
 </dl>
 </dd>
@@ -15087,11 +15075,8 @@ options, which will be used when sending an email:
 <dd>
 
 ```typescript
-await client.emails.provider.create({
-    name: "mailgun",
-    credentials: {
-        api_key: "api_key",
-    },
+await client.connections.users.deleteByEmail("id", {
+    email: "email",
 });
 ```
 
@@ -15108,7 +15093,7 @@ await client.emails.provider.create({
 <dl>
 <dd>
 
-**request:** `Management.CreateEmailProviderRequestContent`
+**id:** `string` — The id of the connection (currently only database connections are supported)
 
 </dd>
 </dl>
@@ -15116,7 +15101,464 @@ await client.emails.provider.create({
 <dl>
 <dd>
 
-**requestOptions:** `ProviderClient.RequestOptions`
+**request:** `Management.DeleteConnectionUsersByEmailQueryParameters`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `UsersClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
+## Connections DirectoryProvisioning Synchronizations
+
+<details><summary><code>client.connections.directoryProvisioning.synchronizations.<a href="/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/client/Client.ts">create</a>(id) -> Management.CreateDirectorySynchronizationResponseContent</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Request an on-demand synchronization of the directory.
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.connections.directoryProvisioning.synchronizations.create("id");
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**id:** `string` — The id of the connection to trigger synchronization for
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `SynchronizationsClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
+## Connections ScimConfiguration Tokens
+
+<details><summary><code>client.connections.scimConfiguration.tokens.<a href="/src/management/api/resources/connections/resources/scimConfiguration/resources/tokens/client/Client.ts">get</a>(id) -> Management.GetScimTokensResponseContent</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Retrieves all scim tokens by its connection <code>id</code>.
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.connections.scimConfiguration.tokens.get("id");
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**id:** `string` — The id of the connection to retrieve its SCIM configuration
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `TokensClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
+<details><summary><code>client.connections.scimConfiguration.tokens.<a href="/src/management/api/resources/connections/resources/scimConfiguration/resources/tokens/client/Client.ts">create</a>(id, { ...params }) -> Management.CreateScimTokenResponseContent</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Create a scim token for a scim client.
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.connections.scimConfiguration.tokens.create("id");
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**id:** `string` — The id of the connection to create its SCIM token
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**request:** `Management.CreateScimTokenRequestContent`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `TokensClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
+<details><summary><code>client.connections.scimConfiguration.tokens.<a href="/src/management/api/resources/connections/resources/scimConfiguration/resources/tokens/client/Client.ts">delete</a>(id, tokenId) -> void</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Deletes a scim token by its connection <code>id</code> and <code>tokenId</code>.
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.connections.scimConfiguration.tokens.delete("id", "tokenId");
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**id:** `string` — The connection id that owns the SCIM token to delete
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**tokenId:** `string` — The id of the scim token to delete
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `TokensClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
+## Emails Provider
+
+<details><summary><code>client.emails.provider.<a href="/src/management/api/resources/emails/resources/provider/client/Client.ts">get</a>({ ...params }) -> Management.GetEmailProviderResponseContent</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Retrieve details of the <a href="https://auth0.com/docs/customize/email/smtp-email-providers">email provider configuration</a> in your tenant. A list of fields to include or exclude may also be specified.
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.emails.provider.get({
+    fields: "fields",
+    include_fields: true,
+});
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**request:** `Management.GetEmailProviderRequestParameters`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `ProviderClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
+<details><summary><code>client.emails.provider.<a href="/src/management/api/resources/emails/resources/provider/client/Client.ts">create</a>({ ...params }) -> Management.CreateEmailProviderResponseContent</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Create an <a href="https://auth0.com/docs/email/providers">email provider</a>. The <code>credentials</code> object
+requires different properties depending on the email provider (which is specified using the <code>name</code> property):
+
+<ul>
+  <li><code>mandrill</code> requires <code>api_key</code></li>
+  <li><code>sendgrid</code> requires <code>api_key</code></li>
+  <li>
+    <code>sparkpost</code> requires <code>api_key</code>. Optionally, set <code>region</code> to <code>eu</code> to use
+    the SparkPost service hosted in Western Europe; set to <code>null</code> to use the SparkPost service hosted in
+    North America. <code>eu</code> or <code>null</code> are the only valid values for <code>region</code>.
+  </li>
+  <li>
+    <code>mailgun</code> requires <code>api_key</code> and <code>domain</code>. Optionally, set <code>region</code> to
+    <code>eu</code> to use the Mailgun service hosted in Europe; set to <code>null</code> otherwise. <code>eu</code> or
+    <code>null</code> are the only valid values for <code>region</code>.
+  </li>
+  <li><code>ses</code> requires <code>accessKeyId</code>, <code>secretAccessKey</code>, and <code>region</code></li>
+  <li>
+    <code>smtp</code> requires <code>smtp_host</code>, <code>smtp_port</code>, <code>smtp_user</code>, and
+    <code>smtp_pass</code>
+  </li>
+</ul>
+Depending on the type of provider it is possible to specify <code>settings</code> object with different configuration
+options, which will be used when sending an email:
+<ul>
+  <li>
+    <code>smtp</code> provider, <code>settings</code> may contain <code>headers</code> object.
+    <ul>
+      <li>
+        When using AWS SES SMTP host, you may provide a name of configuration set in
+        <code>X-SES-Configuration-Set</code> header. Value must be a string.
+      </li>
+      <li>
+        When using Sparkpost host, you may provide value for
+        <code>X-MSYS_API</code> header. Value must be an object.
+      </li>
+    </ul>
+  </li>
+  <li>
+    for <code>ses</code> provider, <code>settings</code> may contain <code>message</code> object, where you can provide
+    a name of configuration set in <code>configuration_set_name</code> property. Value must be a string.
+  </li>
+</ul>
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.emails.provider.create({
+    name: "mailgun",
+    credentials: {
+        api_key: "api_key",
+    },
+});
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**request:** `Management.CreateEmailProviderRequestContent`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `ProviderClient.RequestOptions`
 
 </dd>
 </dl>
@@ -16992,7 +17434,7 @@ await client.guardian.factors.pushNotification.getApnsProvider();
 <dl>
 <dd>
 
-Modify configuration details of the multi-factor authentication APNS provider associated with your tenant.
+Overwrite all configuration details of the multi-factor authentication APNS provider associated with your tenant.
 
 </dd>
 </dl>
@@ -17008,7 +17450,7 @@ Modify configuration details of the multi-factor authentication APNS provider as
 <dd>
 
 ```typescript
-await client.guardian.factors.pushNotification.setApnsProvider({});
+await client.guardian.factors.pushNotification.setApnsProvider();
 ```
 
 </dd>
@@ -17043,6 +17485,69 @@ await client.guardian.factors.pushNotification.setApnsProvider({});
 </dl>
 </details>
 
+<details><summary><code>client.guardian.factors.pushNotification.<a href="/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts">updateApnsProvider</a>({ ...params }) -> Management.UpdateGuardianFactorsProviderPushNotificationApnsResponseContent</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Modify configuration details of the multi-factor authentication APNS provider associated with your tenant.
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.guardian.factors.pushNotification.updateApnsProvider();
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**request:** `Management.UpdateGuardianFactorsProviderPushNotificationApnsRequestContent`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `PushNotificationClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
 <details><summary><code>client.guardian.factors.pushNotification.<a href="/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts">setFcmProvider</a>({ ...params }) -> Management.SetGuardianFactorsProviderPushNotificationFcmResponseContent</code></summary>
 <dl>
 <dd>
@@ -17055,7 +17560,7 @@ await client.guardian.factors.pushNotification.setApnsProvider({});
 <dl>
 <dd>
 
-Modify configuration details of the multi-factor authentication FCM provider associated with your tenant.
+Overwrite all configuration details of the multi-factor authentication FCM provider associated with your tenant.
 
 </dd>
 </dl>
@@ -17071,7 +17576,7 @@ Modify configuration details of the multi-factor authentication FCM provider ass
 <dd>
 
 ```typescript
-await client.guardian.factors.pushNotification.setFcmProvider({});
+await client.guardian.factors.pushNotification.setFcmProvider();
 ```
 
 </dd>
@@ -17106,6 +17611,69 @@ await client.guardian.factors.pushNotification.setFcmProvider({});
 </dl>
 </details>
 
+<details><summary><code>client.guardian.factors.pushNotification.<a href="/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts">updateFcmProvider</a>({ ...params }) -> Management.UpdateGuardianFactorsProviderPushNotificationFcmResponseContent</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Modify configuration details of the multi-factor authentication FCM provider associated with your tenant.
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.guardian.factors.pushNotification.updateFcmProvider();
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**request:** `Management.UpdateGuardianFactorsProviderPushNotificationFcmRequestContent`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `PushNotificationClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
 <details><summary><code>client.guardian.factors.pushNotification.<a href="/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts">setFcmv1Provider</a>({ ...params }) -> Management.SetGuardianFactorsProviderPushNotificationFcmv1ResponseContent</code></summary>
 <dl>
 <dd>
@@ -17118,7 +17686,7 @@ await client.guardian.factors.pushNotification.setFcmProvider({});
 <dl>
 <dd>
 
-Modify configuration details of the multi-factor authentication FCMV1 provider associated with your tenant.
+Overwrite all configuration details of the multi-factor authentication FCMV1 provider associated with your tenant.
 
 </dd>
 </dl>
@@ -17134,7 +17702,7 @@ Modify configuration details of the multi-factor authentication FCMV1 provider a
 <dd>
 
 ```typescript
-await client.guardian.factors.pushNotification.setFcmv1Provider({});
+await client.guardian.factors.pushNotification.setFcmv1Provider();
 ```
 
 </dd>
@@ -17169,6 +17737,69 @@ await client.guardian.factors.pushNotification.setFcmv1Provider({});
 </dl>
 </details>
 
+<details><summary><code>client.guardian.factors.pushNotification.<a href="/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts">updateFcmv1Provider</a>({ ...params }) -> Management.UpdateGuardianFactorsProviderPushNotificationFcmv1ResponseContent</code></summary>
+<dl>
+<dd>
+
+#### 📝 Description
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+Modify configuration details of the multi-factor authentication FCMV1 provider associated with your tenant.
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### 🔌 Usage
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+```typescript
+await client.guardian.factors.pushNotification.updateFcmv1Provider();
+```
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+#### ⚙️ Parameters
+
+<dl>
+<dd>
+
+<dl>
+<dd>
+
+**request:** `Management.UpdateGuardianFactorsProviderPushNotificationFcmv1RequestContent`
+
+</dd>
+</dl>
+
+<dl>
+<dd>
+
+**requestOptions:** `PushNotificationClient.RequestOptions`
+
+</dd>
+</dl>
+</dd>
+</dl>
+
+</dd>
+</dl>
+</details>
+
 <details><summary><code>client.guardian.factors.pushNotification.<a href="/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts">getSnsProvider</a>() -> Management.GetGuardianFactorsProviderSnsResponseContent</code></summary>
 <dl>
 <dd>
@@ -19745,7 +20376,7 @@ const response = page.response;
 <dl>
 <dd>
 
-Update the verification status for an organization discovery domain. The <code>status</code> field must be either <code>pending</code> or <code>verified</code>.
+Update the verification status and/or use_for_organization_discovery for an organization discovery domain. The <code>status</code> field must be either <code>pending</code> or <code>verified</code>. The <code>use_for_organization_discovery</code> field can be <code>true</code> or <code>false</code> (default: <code>true</code>).
 
 </dd>
 </dl>
@@ -19960,7 +20591,7 @@ await client.organizations.discoveryDomains.delete("id", "discovery_domain_id");
 <dl>
 <dd>
 
-Update the verification status for an organization discovery domain. The <code>status</code> field must be either <code>pending</code> or <code>verified</code>.
+Update the verification status and/or use_for_organization_discovery for an organization discovery domain. The <code>status</code> field must be either <code>pending</code> or <code>verified</code>. The <code>use_for_organization_discovery</code> field can be <code>true</code> or <code>false</code> (default: <code>true</code>).
 
 </dd>
 </dl>
@@ -21346,32 +21977,6 @@ const response = page.response;
 
 Learn more about <a href='https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens'>configuring render settings</a> for advanced customization.
 
-<p>
-  Example <code>head_tags</code> array. See our <a href='https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens'>documentation</a> on using Liquid variables within head tags.
-</p>
-<pre>{
-  "head_tags": [
-    {
-      "tag": "script",
-      "attributes": {
-        "defer": true,
-        "src": "URL_TO_ASSET",
-        "async": true,
-        "integrity": [
-          "ASSET_SHA"
-        ]
-      }
-    },
-    {
-      "tag": "link",
-      "attributes": {
-        "href": "URL_TO_ASSET",
-        "rel": "stylesheet"
-      }
-    }
-  ]
-}
-</pre>
 </dd>
 </dl>
 </dd>
@@ -21513,32 +22118,6 @@ await client.prompts.rendering.get("login", "login");
 
 Learn more about <a href='https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens'>configuring render settings</a> for advanced customization.
 
-<p>
-  Example <code>head_tags</code> array. See our <a href='https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens'>documentation</a> on using Liquid variables within head tags.
-</p>
-<pre>{
-  "head_tags": [
-    {
-      "tag": "script",
-      "attributes": {
-        "defer": true,
-        "src": "URL_TO_ASSET",
-        "async": true,
-        "integrity": [
-          "ASSET_SHA"
-        ]
-      }
-    },
-    {
-      "tag": "link",
-      "attributes": {
-        "href": "URL_TO_ASSET",
-        "rel": "stylesheet"
-      }
-    }
-  ]
-}
-</pre>
 </dd>
 </dl>
 </dd>
diff --git a/src/management/api/requests/requests.ts b/src/management/api/requests/requests.ts
index 323038652..a0df0e8f6 100644
--- a/src/management/api/requests/requests.ts
+++ b/src/management/api/requests/requests.ts
@@ -289,6 +289,7 @@ export interface CreateClientRequestContent {
      * See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
      */
     skip_non_verifiable_callback_uri_confirmation_prompt?: boolean;
+    token_exchange?: Management.ClientTokenExchangeConfiguration;
     /** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
     par_request_expiry?: number | null;
     token_quota?: Management.CreateTokenQuota;
@@ -393,6 +394,7 @@ export interface UpdateClientRequestContent {
      * See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
      */
     skip_non_verifiable_callback_uri_confirmation_prompt?: boolean | null;
+    token_exchange?: Management.ClientTokenExchangeConfigurationOrNull | null;
     /** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
     par_request_expiry?: number | null;
     express_configuration?: Management.ExpressConfigurationOrNull | null;
@@ -528,6 +530,32 @@ export interface UpdateConnectionRequestContent {
     connected_accounts?: Management.ConnectionConnectedAccountsPurpose;
 }
 
+/**
+ * @example
+ *     {
+ *         take: 1,
+ *         from: "from",
+ *         q: "q",
+ *         fields: "fields",
+ *         include_fields: true,
+ *         sort: "sort"
+ *     }
+ */
+export interface ListCustomDomainsRequestParameters {
+    /** Number of results per page. Defaults to 50. */
+    take?: number | null;
+    /** Optional Id from which to start selection. */
+    from?: string | null;
+    /** Query in <a href ="http://www.lucenetutorial.com/lucene-query-syntax.html">Lucene query string syntax</a>. */
+    q?: string | null;
+    /** Comma-separated list of fields to include or exclude (based on value provided for include_fields) in the result. Leave empty to retrieve all fields. */
+    fields?: string | null;
+    /** Whether specified fields are to be included (true) or excluded (false). */
+    include_fields?: boolean | null;
+    /** Field to sort by. Only <code>domain:1</code> (ascending order by domain) is supported at this time. */
+    sort?: string | null;
+}
+
 /**
  * @example
  *     {
@@ -542,6 +570,7 @@ export interface CreateCustomDomainRequestContent {
     verification_method?: Management.CustomDomainVerificationMethodEnum;
     tls_policy?: Management.CustomDomainTlsPolicyEnum;
     custom_client_ip_header?: Management.CustomDomainCustomClientIpHeader | undefined;
+    domain_metadata?: Management.DomainMetadata;
 }
 
 /**
@@ -551,6 +580,7 @@ export interface CreateCustomDomainRequestContent {
 export interface UpdateCustomDomainRequestContent {
     tls_policy?: Management.CustomDomainTlsPolicyEnum;
     custom_client_ip_header?: Management.CustomDomainCustomClientIpHeader | undefined;
+    domain_metadata?: Management.DomainMetadata;
 }
 
 /**
@@ -1476,6 +1506,7 @@ export interface ChangePasswordTicketRequestContent {
     mark_email_as_verified?: boolean;
     /** Whether to include the email address as part of the returnUrl in the reset_email (true), or not (false). */
     includeEmailInRedirect?: boolean;
+    identity?: Management.ChangePasswordTicketIdentity;
 }
 
 /**
@@ -2518,6 +2549,58 @@ export interface SetGuardianFactorPhoneTemplatesRequestContent {
     verification_message: string;
 }
 
+/**
+ * @example
+ *     {}
+ */
+export interface SetGuardianFactorsProviderPushNotificationApnsRequestContent {
+    sandbox?: boolean;
+    bundle_id?: string | null;
+    p12?: string | null;
+}
+
+/**
+ * @example
+ *     {}
+ */
+export interface UpdateGuardianFactorsProviderPushNotificationApnsRequestContent {
+    sandbox?: boolean;
+    bundle_id?: string | null;
+    p12?: string | null;
+}
+
+/**
+ * @example
+ *     {}
+ */
+export interface SetGuardianFactorsProviderPushNotificationFcmRequestContent {
+    server_key?: string | null;
+}
+
+/**
+ * @example
+ *     {}
+ */
+export interface UpdateGuardianFactorsProviderPushNotificationFcmRequestContent {
+    server_key?: string | null;
+}
+
+/**
+ * @example
+ *     {}
+ */
+export interface SetGuardianFactorsProviderPushNotificationFcmv1RequestContent {
+    server_credentials?: string | null;
+}
+
+/**
+ * @example
+ *     {}
+ */
+export interface UpdateGuardianFactorsProviderPushNotificationFcmv1RequestContent {
+    server_credentials?: string | null;
+}
+
 /**
  * @example
  *     {}
@@ -2771,6 +2854,8 @@ export interface CreateOrganizationDiscoveryDomainRequestContent {
     /** The domain name to associate with the organization e.g. acme.com. */
     domain: string;
     status?: Management.OrganizationDiscoveryDomainStatus;
+    /** Indicates whether this discovery domain should be used for organization discovery. */
+    use_for_organization_discovery?: boolean;
 }
 
 /**
@@ -2779,6 +2864,8 @@ export interface CreateOrganizationDiscoveryDomainRequestContent {
  */
 export interface UpdateOrganizationDiscoveryDomainRequestContent {
     status?: Management.OrganizationDiscoveryDomainStatus;
+    /** Indicates whether this discovery domain should be used for organization discovery. */
+    use_for_organization_discovery?: boolean;
 }
 
 /**
@@ -3029,15 +3116,14 @@ export interface BulkUpdateAculRequestContent {
  */
 export interface UpdateAculRequestContent {
     rendering_mode?: Management.AculRenderingModeEnum;
-    /** Context values to make available */
-    context_configuration?: string[];
+    context_configuration?: Management.AculContextConfiguration;
     /** Override Universal Login default head tags */
     default_head_tags_disabled?: boolean | null;
+    /** Use page template with ACUL */
+    use_page_template?: boolean | null;
     /** An array of head tags */
     head_tags?: Management.AculHeadTag[];
     filters?: Management.AculFilters | null;
-    /** Use page template with ACUL */
-    use_page_template?: boolean | null;
 }
 
 /**
diff --git a/src/management/api/resources/connections/client/Client.ts b/src/management/api/resources/connections/client/Client.ts
index 11a7b6fef..dc5964db7 100644
--- a/src/management/api/resources/connections/client/Client.ts
+++ b/src/management/api/resources/connections/client/Client.ts
@@ -9,6 +9,7 @@ import { mergeHeaders } from "../../../../core/headers.js";
 import * as errors from "../../../../errors/index.js";
 import { handleNonStatusCodeError } from "../../../../errors/handleNonStatusCodeError.js";
 import { ClientsClient } from "../resources/clients/client/Client.js";
+import { DirectoryProvisioningClient } from "../resources/directoryProvisioning/client/Client.js";
 import { KeysClient } from "../resources/keys/client/Client.js";
 import { ScimConfigurationClient } from "../resources/scimConfiguration/client/Client.js";
 import { UsersClient } from "../resources/users/client/Client.js";
@@ -22,6 +23,7 @@ export declare namespace ConnectionsClient {
 export class ConnectionsClient {
     protected readonly _options: NormalizedClientOptionsWithAuth<ConnectionsClient.Options>;
     protected _clients: ClientsClient | undefined;
+    protected _directoryProvisioning: DirectoryProvisioningClient | undefined;
     protected _keys: KeysClient | undefined;
     protected _scimConfiguration: ScimConfigurationClient | undefined;
     protected _users: UsersClient | undefined;
@@ -34,6 +36,10 @@ export class ConnectionsClient {
         return (this._clients ??= new ClientsClient(this._options));
     }
 
+    public get directoryProvisioning(): DirectoryProvisioningClient {
+        return (this._directoryProvisioning ??= new DirectoryProvisioningClient(this._options));
+    }
+
     public get keys(): KeysClient {
         return (this._keys ??= new KeysClient(this._options));
     }
diff --git a/src/management/api/resources/connections/resources/directoryProvisioning/client/Client.ts b/src/management/api/resources/connections/resources/directoryProvisioning/client/Client.ts
new file mode 100644
index 000000000..67bc43acd
--- /dev/null
+++ b/src/management/api/resources/connections/resources/directoryProvisioning/client/Client.ts
@@ -0,0 +1,462 @@
+// This file was auto-generated by Fern from our API Definition.
+
+import type { BaseClientOptions, BaseRequestOptions } from "../../../../../../BaseClient.js";
+import { type NormalizedClientOptionsWithAuth, normalizeClientOptionsWithAuth } from "../../../../../../BaseClient.js";
+import * as environments from "../../../../../../environments.js";
+import * as core from "../../../../../../core/index.js";
+import * as Management from "../../../../../index.js";
+import { mergeHeaders } from "../../../../../../core/headers.js";
+import * as errors from "../../../../../../errors/index.js";
+import { handleNonStatusCodeError } from "../../../../../../errors/handleNonStatusCodeError.js";
+import { SynchronizationsClient } from "../resources/synchronizations/client/Client.js";
+
+export declare namespace DirectoryProvisioningClient {
+    export type Options = BaseClientOptions;
+
+    export interface RequestOptions extends BaseRequestOptions {}
+}
+
+export class DirectoryProvisioningClient {
+    protected readonly _options: NormalizedClientOptionsWithAuth<DirectoryProvisioningClient.Options>;
+    protected _synchronizations: SynchronizationsClient | undefined;
+
+    constructor(options: DirectoryProvisioningClient.Options) {
+        this._options = normalizeClientOptionsWithAuth(options);
+    }
+
+    public get synchronizations(): SynchronizationsClient {
+        return (this._synchronizations ??= new SynchronizationsClient(this._options));
+    }
+
+    /**
+     * Retrieve the directory provisioning configuration of a connection.
+     *
+     * @param {string} id - The id of the connection to retrieve its directory provisioning configuration
+     * @param {DirectoryProvisioningClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     * @throws {@link Management.NotFoundError}
+     * @throws {@link Management.TooManyRequestsError}
+     *
+     * @example
+     *     await client.connections.directoryProvisioning.get("id")
+     */
+    public get(
+        id: string,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): core.HttpResponsePromise<Management.GetDirectoryProvisioningResponseContent> {
+        return core.HttpResponsePromise.fromPromise(this.__get(id, requestOptions));
+    }
+
+    private async __get(
+        id: string,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): Promise<core.WithRawResponse<Management.GetDirectoryProvisioningResponseContent>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                `connections/${core.url.encodePathParam(id)}/directory-provisioning`,
+            ),
+            method: "GET",
+            headers: _headers,
+            queryParameters: requestOptions?.queryParams,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body as Management.GetDirectoryProvisioningResponseContent,
+                rawResponse: _response.rawResponse,
+            };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                case 404:
+                    throw new Management.NotFoundError(_response.error.body as unknown, _response.rawResponse);
+                case 429:
+                    throw new Management.TooManyRequestsError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "GET",
+            "/connections/{id}/directory-provisioning",
+        );
+    }
+
+    /**
+     * Create a directory provisioning configuration for a connection.
+     *
+     * @param {string} id - The id of the connection to create its directory provisioning configuration
+     * @param {Management.CreateDirectoryProvisioningRequestContent | null} request
+     * @param {DirectoryProvisioningClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     * @throws {@link Management.NotFoundError}
+     * @throws {@link Management.ConflictError}
+     * @throws {@link Management.TooManyRequestsError}
+     *
+     * @example
+     *     await client.connections.directoryProvisioning.create("id")
+     */
+    public create(
+        id: string,
+        request?: Management.CreateDirectoryProvisioningRequestContent | null,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): core.HttpResponsePromise<Management.CreateDirectoryProvisioningResponseContent> {
+        return core.HttpResponsePromise.fromPromise(this.__create(id, request, requestOptions));
+    }
+
+    private async __create(
+        id: string,
+        request?: Management.CreateDirectoryProvisioningRequestContent | null,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): Promise<core.WithRawResponse<Management.CreateDirectoryProvisioningResponseContent>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                `connections/${core.url.encodePathParam(id)}/directory-provisioning`,
+            ),
+            method: "POST",
+            headers: _headers,
+            contentType: "application/json",
+            queryParameters: requestOptions?.queryParams,
+            requestType: "json",
+            body: request != null ? request : undefined,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body as Management.CreateDirectoryProvisioningResponseContent,
+                rawResponse: _response.rawResponse,
+            };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                case 404:
+                    throw new Management.NotFoundError(_response.error.body as unknown, _response.rawResponse);
+                case 409:
+                    throw new Management.ConflictError(_response.error.body as unknown, _response.rawResponse);
+                case 429:
+                    throw new Management.TooManyRequestsError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "POST",
+            "/connections/{id}/directory-provisioning",
+        );
+    }
+
+    /**
+     * Delete the directory provisioning configuration of a connection.
+     *
+     * @param {string} id - The id of the connection to delete its directory provisioning configuration
+     * @param {DirectoryProvisioningClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     * @throws {@link Management.NotFoundError}
+     * @throws {@link Management.TooManyRequestsError}
+     *
+     * @example
+     *     await client.connections.directoryProvisioning.delete("id")
+     */
+    public delete(
+        id: string,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): core.HttpResponsePromise<void> {
+        return core.HttpResponsePromise.fromPromise(this.__delete(id, requestOptions));
+    }
+
+    private async __delete(
+        id: string,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): Promise<core.WithRawResponse<void>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                `connections/${core.url.encodePathParam(id)}/directory-provisioning`,
+            ),
+            method: "DELETE",
+            headers: _headers,
+            queryParameters: requestOptions?.queryParams,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return { data: undefined, rawResponse: _response.rawResponse };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                case 404:
+                    throw new Management.NotFoundError(_response.error.body as unknown, _response.rawResponse);
+                case 429:
+                    throw new Management.TooManyRequestsError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "DELETE",
+            "/connections/{id}/directory-provisioning",
+        );
+    }
+
+    /**
+     * Update the directory provisioning configuration of a connection.
+     *
+     * @param {string} id - The id of the connection to create its directory provisioning configuration
+     * @param {Management.UpdateDirectoryProvisioningRequestContent | null} request
+     * @param {DirectoryProvisioningClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     * @throws {@link Management.NotFoundError}
+     * @throws {@link Management.TooManyRequestsError}
+     *
+     * @example
+     *     await client.connections.directoryProvisioning.update("id")
+     */
+    public update(
+        id: string,
+        request?: Management.UpdateDirectoryProvisioningRequestContent | null,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): core.HttpResponsePromise<Management.UpdateDirectoryProvisioningResponseContent> {
+        return core.HttpResponsePromise.fromPromise(this.__update(id, request, requestOptions));
+    }
+
+    private async __update(
+        id: string,
+        request?: Management.UpdateDirectoryProvisioningRequestContent | null,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): Promise<core.WithRawResponse<Management.UpdateDirectoryProvisioningResponseContent>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                `connections/${core.url.encodePathParam(id)}/directory-provisioning`,
+            ),
+            method: "PATCH",
+            headers: _headers,
+            contentType: "application/json",
+            queryParameters: requestOptions?.queryParams,
+            requestType: "json",
+            body: request != null ? request : undefined,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body as Management.UpdateDirectoryProvisioningResponseContent,
+                rawResponse: _response.rawResponse,
+            };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                case 404:
+                    throw new Management.NotFoundError(_response.error.body as unknown, _response.rawResponse);
+                case 429:
+                    throw new Management.TooManyRequestsError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "PATCH",
+            "/connections/{id}/directory-provisioning",
+        );
+    }
+
+    /**
+     * Retrieve the directory provisioning default attribute mapping of a connection.
+     *
+     * @param {string} id - The id of the connection to retrieve its directory provisioning configuration
+     * @param {DirectoryProvisioningClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     * @throws {@link Management.NotFoundError}
+     * @throws {@link Management.TooManyRequestsError}
+     *
+     * @example
+     *     await client.connections.directoryProvisioning.getDefaultMapping("id")
+     */
+    public getDefaultMapping(
+        id: string,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): core.HttpResponsePromise<Management.GetDirectoryProvisioningDefaultMappingResponseContent> {
+        return core.HttpResponsePromise.fromPromise(this.__getDefaultMapping(id, requestOptions));
+    }
+
+    private async __getDefaultMapping(
+        id: string,
+        requestOptions?: DirectoryProvisioningClient.RequestOptions,
+    ): Promise<core.WithRawResponse<Management.GetDirectoryProvisioningDefaultMappingResponseContent>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                `connections/${core.url.encodePathParam(id)}/directory-provisioning/default-mapping`,
+            ),
+            method: "GET",
+            headers: _headers,
+            queryParameters: requestOptions?.queryParams,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body as Management.GetDirectoryProvisioningDefaultMappingResponseContent,
+                rawResponse: _response.rawResponse,
+            };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                case 404:
+                    throw new Management.NotFoundError(_response.error.body as unknown, _response.rawResponse);
+                case 429:
+                    throw new Management.TooManyRequestsError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "GET",
+            "/connections/{id}/directory-provisioning/default-mapping",
+        );
+    }
+}
diff --git a/src/management/api/resources/connections/resources/directoryProvisioning/client/index.ts b/src/management/api/resources/connections/resources/directoryProvisioning/client/index.ts
new file mode 100644
index 000000000..cb0ff5c3b
--- /dev/null
+++ b/src/management/api/resources/connections/resources/directoryProvisioning/client/index.ts
@@ -0,0 +1 @@
+export {};
diff --git a/src/management/api/resources/connections/resources/directoryProvisioning/index.ts b/src/management/api/resources/connections/resources/directoryProvisioning/index.ts
new file mode 100644
index 000000000..9eb1192dc
--- /dev/null
+++ b/src/management/api/resources/connections/resources/directoryProvisioning/index.ts
@@ -0,0 +1,2 @@
+export * from "./client/index.js";
+export * from "./resources/index.js";
diff --git a/src/management/api/resources/connections/resources/directoryProvisioning/resources/index.ts b/src/management/api/resources/connections/resources/directoryProvisioning/resources/index.ts
new file mode 100644
index 000000000..6ba36a311
--- /dev/null
+++ b/src/management/api/resources/connections/resources/directoryProvisioning/resources/index.ts
@@ -0,0 +1 @@
+export * as synchronizations from "./synchronizations/index.js";
diff --git a/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/client/Client.ts b/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/client/Client.ts
new file mode 100644
index 000000000..08cee0e98
--- /dev/null
+++ b/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/client/Client.ts
@@ -0,0 +1,114 @@
+// This file was auto-generated by Fern from our API Definition.
+
+import type { BaseClientOptions, BaseRequestOptions } from "../../../../../../../../BaseClient.js";
+import {
+    type NormalizedClientOptionsWithAuth,
+    normalizeClientOptionsWithAuth,
+} from "../../../../../../../../BaseClient.js";
+import * as environments from "../../../../../../../../environments.js";
+import * as core from "../../../../../../../../core/index.js";
+import * as Management from "../../../../../../../index.js";
+import { mergeHeaders } from "../../../../../../../../core/headers.js";
+import * as errors from "../../../../../../../../errors/index.js";
+import { handleNonStatusCodeError } from "../../../../../../../../errors/handleNonStatusCodeError.js";
+
+export declare namespace SynchronizationsClient {
+    export type Options = BaseClientOptions;
+
+    export interface RequestOptions extends BaseRequestOptions {}
+}
+
+export class SynchronizationsClient {
+    protected readonly _options: NormalizedClientOptionsWithAuth<SynchronizationsClient.Options>;
+
+    constructor(options: SynchronizationsClient.Options) {
+        this._options = normalizeClientOptionsWithAuth(options);
+    }
+
+    /**
+     * Request an on-demand synchronization of the directory.
+     *
+     * @param {string} id - The id of the connection to trigger synchronization for
+     * @param {SynchronizationsClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     * @throws {@link Management.NotFoundError}
+     * @throws {@link Management.ConflictError}
+     * @throws {@link Management.TooManyRequestsError}
+     *
+     * @example
+     *     await client.connections.directoryProvisioning.synchronizations.create("id")
+     */
+    public create(
+        id: string,
+        requestOptions?: SynchronizationsClient.RequestOptions,
+    ): core.HttpResponsePromise<Management.CreateDirectorySynchronizationResponseContent> {
+        return core.HttpResponsePromise.fromPromise(this.__create(id, requestOptions));
+    }
+
+    private async __create(
+        id: string,
+        requestOptions?: SynchronizationsClient.RequestOptions,
+    ): Promise<core.WithRawResponse<Management.CreateDirectorySynchronizationResponseContent>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                `connections/${core.url.encodePathParam(id)}/directory-provisioning/synchronizations`,
+            ),
+            method: "POST",
+            headers: _headers,
+            queryParameters: requestOptions?.queryParams,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body as Management.CreateDirectorySynchronizationResponseContent,
+                rawResponse: _response.rawResponse,
+            };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                case 404:
+                    throw new Management.NotFoundError(_response.error.body as unknown, _response.rawResponse);
+                case 409:
+                    throw new Management.ConflictError(_response.error.body as unknown, _response.rawResponse);
+                case 429:
+                    throw new Management.TooManyRequestsError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "POST",
+            "/connections/{id}/directory-provisioning/synchronizations",
+        );
+    }
+}
diff --git a/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/client/index.ts b/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/client/index.ts
new file mode 100644
index 000000000..cb0ff5c3b
--- /dev/null
+++ b/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/client/index.ts
@@ -0,0 +1 @@
+export {};
diff --git a/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/index.ts b/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/index.ts
new file mode 100644
index 000000000..914b8c3c7
--- /dev/null
+++ b/src/management/api/resources/connections/resources/directoryProvisioning/resources/synchronizations/index.ts
@@ -0,0 +1 @@
+export * from "./client/index.js";
diff --git a/src/management/api/resources/connections/resources/index.ts b/src/management/api/resources/connections/resources/index.ts
index 3e7c6770f..b8c33cf09 100644
--- a/src/management/api/resources/connections/resources/index.ts
+++ b/src/management/api/resources/connections/resources/index.ts
@@ -1,4 +1,5 @@
 export * as clients from "./clients/index.js";
+export * as directoryProvisioning from "./directoryProvisioning/index.js";
 export * as keys from "./keys/index.js";
 export * as scimConfiguration from "./scimConfiguration/index.js";
 export * as users from "./users/index.js";
diff --git a/src/management/api/resources/customDomains/client/Client.ts b/src/management/api/resources/customDomains/client/Client.ts
index b25cd247b..20e1b2cdc 100644
--- a/src/management/api/resources/customDomains/client/Client.ts
+++ b/src/management/api/resources/customDomains/client/Client.ts
@@ -25,6 +25,7 @@ export class CustomDomainsClient {
     /**
      * Retrieve details on <a href="https://auth0.com/docs/custom-domains">custom domains</a>.
      *
+     * @param {Management.ListCustomDomainsRequestParameters} request
      * @param {CustomDomainsClient.RequestOptions} requestOptions - Request-specific configuration.
      *
      * @throws {@link Management.UnauthorizedError}
@@ -32,64 +33,107 @@ export class CustomDomainsClient {
      * @throws {@link Management.TooManyRequestsError}
      *
      * @example
-     *     await client.customDomains.list()
+     *     await client.customDomains.list({
+     *         take: 1,
+     *         from: "from",
+     *         q: "q",
+     *         fields: "fields",
+     *         include_fields: true,
+     *         sort: "sort"
+     *     })
      */
-    public list(
-        requestOptions?: CustomDomainsClient.RequestOptions,
-    ): core.HttpResponsePromise<Management.ListCustomDomainsResponseContent> {
-        return core.HttpResponsePromise.fromPromise(this.__list(requestOptions));
-    }
-
-    private async __list(
+    public async list(
+        request: Management.ListCustomDomainsRequestParameters = {},
         requestOptions?: CustomDomainsClient.RequestOptions,
-    ): Promise<core.WithRawResponse<Management.ListCustomDomainsResponseContent>> {
-        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
-        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
-            _authRequest.headers,
-            this._options?.headers,
-            requestOptions?.headers,
+    ): Promise<core.Page<Management.CustomDomain, Management.ListCustomDomainsPaginatedResponseContent>> {
+        const list = core.HttpResponsePromise.interceptFunction(
+            async (
+                request: Management.ListCustomDomainsRequestParameters,
+            ): Promise<core.WithRawResponse<Management.ListCustomDomainsPaginatedResponseContent>> => {
+                const { take = 50, from: from_, q, fields, include_fields: includeFields, sort } = request;
+                const _queryParams: Record<string, string | string[] | object | object[] | null> = {};
+                if (take !== undefined) {
+                    _queryParams["take"] = take?.toString() ?? null;
+                }
+                if (from_ !== undefined) {
+                    _queryParams["from"] = from_;
+                }
+                if (q !== undefined) {
+                    _queryParams["q"] = q;
+                }
+                if (fields !== undefined) {
+                    _queryParams["fields"] = fields;
+                }
+                if (includeFields !== undefined) {
+                    _queryParams["include_fields"] = includeFields?.toString() ?? null;
+                }
+                if (sort !== undefined) {
+                    _queryParams["sort"] = sort;
+                }
+                const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+                let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+                    _authRequest.headers,
+                    this._options?.headers,
+                    requestOptions?.headers,
+                );
+                const _response = await (this._options.fetcher ?? core.fetcher)({
+                    url: core.url.join(
+                        (await core.Supplier.get(this._options.baseUrl)) ??
+                            (await core.Supplier.get(this._options.environment)) ??
+                            environments.ManagementEnvironment.Default,
+                        "custom-domains",
+                    ),
+                    method: "GET",
+                    headers: _headers,
+                    queryParameters: { ..._queryParams, ...requestOptions?.queryParams },
+                    timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+                    maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+                    abortSignal: requestOptions?.abortSignal,
+                    fetchFn: this._options?.fetch,
+                    logging: this._options.logging,
+                });
+                if (_response.ok) {
+                    return {
+                        data: _response.body as Management.ListCustomDomainsPaginatedResponseContent,
+                        rawResponse: _response.rawResponse,
+                    };
+                }
+                if (_response.error.reason === "status-code") {
+                    switch (_response.error.statusCode) {
+                        case 401:
+                            throw new Management.UnauthorizedError(
+                                _response.error.body as unknown,
+                                _response.rawResponse,
+                            );
+                        case 403:
+                            throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                        case 429:
+                            throw new Management.TooManyRequestsError(
+                                _response.error.body as unknown,
+                                _response.rawResponse,
+                            );
+                        default:
+                            throw new errors.ManagementError({
+                                statusCode: _response.error.statusCode,
+                                body: _response.error.body,
+                                rawResponse: _response.rawResponse,
+                            });
+                    }
+                }
+                return handleNonStatusCodeError(_response.error, _response.rawResponse, "GET", "/custom-domains");
+            },
         );
-        const _response = await (this._options.fetcher ?? core.fetcher)({
-            url: core.url.join(
-                (await core.Supplier.get(this._options.baseUrl)) ??
-                    (await core.Supplier.get(this._options.environment)) ??
-                    environments.ManagementEnvironment.Default,
-                "custom-domains",
-            ),
-            method: "GET",
-            headers: _headers,
-            queryParameters: requestOptions?.queryParams,
-            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
-            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
-            abortSignal: requestOptions?.abortSignal,
-            fetchFn: this._options?.fetch,
-            logging: this._options.logging,
+        const dataWithRawResponse = await list(request).withRawResponse();
+        return new core.Page<Management.CustomDomain, Management.ListCustomDomainsPaginatedResponseContent>({
+            response: dataWithRawResponse.data,
+            rawResponse: dataWithRawResponse.rawResponse,
+            hasNextPage: (response) =>
+                response?.next != null && !(typeof response?.next === "string" && response?.next === ""),
+            getItems: (response) => response?.custom_domains ?? [],
+            loadPage: (response) => {
+                return list(core.setObjectProperty(request, "from", response?.next));
+            },
         });
-        if (_response.ok) {
-            return {
-                data: _response.body as Management.ListCustomDomainsResponseContent,
-                rawResponse: _response.rawResponse,
-            };
-        }
-
-        if (_response.error.reason === "status-code") {
-            switch (_response.error.statusCode) {
-                case 401:
-                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
-                case 403:
-                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
-                case 429:
-                    throw new Management.TooManyRequestsError(_response.error.body as unknown, _response.rawResponse);
-                default:
-                    throw new errors.ManagementError({
-                        statusCode: _response.error.statusCode,
-                        body: _response.error.body,
-                        rawResponse: _response.rawResponse,
-                    });
-            }
-        }
-
-        return handleNonStatusCodeError(_response.error, _response.rawResponse, "GET", "/custom-domains");
     }
 
     /**
diff --git a/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts b/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts
index 2428abf6d..5a8a5d532 100644
--- a/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts
+++ b/src/management/api/resources/guardian/resources/factors/resources/pushNotification/client/Client.ts
@@ -101,7 +101,7 @@ export class PushNotificationClient {
     }
 
     /**
-     * Modify configuration details of the multi-factor authentication APNS provider associated with your tenant.
+     * Overwrite all configuration details of the multi-factor authentication APNS provider associated with your tenant.
      *
      * @param {Management.SetGuardianFactorsProviderPushNotificationApnsRequestContent} request
      * @param {PushNotificationClient.RequestOptions} requestOptions - Request-specific configuration.
@@ -111,17 +111,17 @@ export class PushNotificationClient {
      * @throws {@link Management.ForbiddenError}
      *
      * @example
-     *     await client.guardian.factors.pushNotification.setApnsProvider({})
+     *     await client.guardian.factors.pushNotification.setApnsProvider()
      */
     public setApnsProvider(
-        request: Management.SetGuardianFactorsProviderPushNotificationApnsRequestContent,
+        request: Management.SetGuardianFactorsProviderPushNotificationApnsRequestContent = {},
         requestOptions?: PushNotificationClient.RequestOptions,
     ): core.HttpResponsePromise<Management.SetGuardianFactorsProviderPushNotificationApnsResponseContent> {
         return core.HttpResponsePromise.fromPromise(this.__setApnsProvider(request, requestOptions));
     }
 
     private async __setApnsProvider(
-        request: Management.SetGuardianFactorsProviderPushNotificationApnsRequestContent,
+        request: Management.SetGuardianFactorsProviderPushNotificationApnsRequestContent = {},
         requestOptions?: PushNotificationClient.RequestOptions,
     ): Promise<core.WithRawResponse<Management.SetGuardianFactorsProviderPushNotificationApnsResponseContent>> {
         const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
@@ -137,7 +137,7 @@ export class PushNotificationClient {
                     environments.ManagementEnvironment.Default,
                 "guardian/factors/push-notification/providers/apns",
             ),
-            method: "PATCH",
+            method: "PUT",
             headers: _headers,
             contentType: "application/json",
             queryParameters: requestOptions?.queryParams,
@@ -173,6 +173,87 @@ export class PushNotificationClient {
             }
         }
 
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "PUT",
+            "/guardian/factors/push-notification/providers/apns",
+        );
+    }
+
+    /**
+     * Modify configuration details of the multi-factor authentication APNS provider associated with your tenant.
+     *
+     * @param {Management.UpdateGuardianFactorsProviderPushNotificationApnsRequestContent} request
+     * @param {PushNotificationClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     *
+     * @example
+     *     await client.guardian.factors.pushNotification.updateApnsProvider()
+     */
+    public updateApnsProvider(
+        request: Management.UpdateGuardianFactorsProviderPushNotificationApnsRequestContent = {},
+        requestOptions?: PushNotificationClient.RequestOptions,
+    ): core.HttpResponsePromise<Management.UpdateGuardianFactorsProviderPushNotificationApnsResponseContent> {
+        return core.HttpResponsePromise.fromPromise(this.__updateApnsProvider(request, requestOptions));
+    }
+
+    private async __updateApnsProvider(
+        request: Management.UpdateGuardianFactorsProviderPushNotificationApnsRequestContent = {},
+        requestOptions?: PushNotificationClient.RequestOptions,
+    ): Promise<core.WithRawResponse<Management.UpdateGuardianFactorsProviderPushNotificationApnsResponseContent>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                "guardian/factors/push-notification/providers/apns",
+            ),
+            method: "PATCH",
+            headers: _headers,
+            contentType: "application/json",
+            queryParameters: requestOptions?.queryParams,
+            requestType: "json",
+            body: request,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body as Management.UpdateGuardianFactorsProviderPushNotificationApnsResponseContent,
+                rawResponse: _response.rawResponse,
+            };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
         return handleNonStatusCodeError(
             _response.error,
             _response.rawResponse,
@@ -182,7 +263,7 @@ export class PushNotificationClient {
     }
 
     /**
-     * Modify configuration details of the multi-factor authentication FCM provider associated with your tenant.
+     * Overwrite all configuration details of the multi-factor authentication FCM provider associated with your tenant.
      *
      * @param {Management.SetGuardianFactorsProviderPushNotificationFcmRequestContent} request
      * @param {PushNotificationClient.RequestOptions} requestOptions - Request-specific configuration.
@@ -192,17 +273,17 @@ export class PushNotificationClient {
      * @throws {@link Management.ForbiddenError}
      *
      * @example
-     *     await client.guardian.factors.pushNotification.setFcmProvider({})
+     *     await client.guardian.factors.pushNotification.setFcmProvider()
      */
     public setFcmProvider(
-        request: Management.SetGuardianFactorsProviderPushNotificationFcmRequestContent,
+        request: Management.SetGuardianFactorsProviderPushNotificationFcmRequestContent = {},
         requestOptions?: PushNotificationClient.RequestOptions,
     ): core.HttpResponsePromise<Management.SetGuardianFactorsProviderPushNotificationFcmResponseContent> {
         return core.HttpResponsePromise.fromPromise(this.__setFcmProvider(request, requestOptions));
     }
 
     private async __setFcmProvider(
-        request: Management.SetGuardianFactorsProviderPushNotificationFcmRequestContent,
+        request: Management.SetGuardianFactorsProviderPushNotificationFcmRequestContent = {},
         requestOptions?: PushNotificationClient.RequestOptions,
     ): Promise<core.WithRawResponse<Management.SetGuardianFactorsProviderPushNotificationFcmResponseContent>> {
         const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
@@ -218,7 +299,7 @@ export class PushNotificationClient {
                     environments.ManagementEnvironment.Default,
                 "guardian/factors/push-notification/providers/fcm",
             ),
-            method: "PATCH",
+            method: "PUT",
             headers: _headers,
             contentType: "application/json",
             queryParameters: requestOptions?.queryParams,
@@ -254,6 +335,87 @@ export class PushNotificationClient {
             }
         }
 
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "PUT",
+            "/guardian/factors/push-notification/providers/fcm",
+        );
+    }
+
+    /**
+     * Modify configuration details of the multi-factor authentication FCM provider associated with your tenant.
+     *
+     * @param {Management.UpdateGuardianFactorsProviderPushNotificationFcmRequestContent} request
+     * @param {PushNotificationClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     *
+     * @example
+     *     await client.guardian.factors.pushNotification.updateFcmProvider()
+     */
+    public updateFcmProvider(
+        request: Management.UpdateGuardianFactorsProviderPushNotificationFcmRequestContent = {},
+        requestOptions?: PushNotificationClient.RequestOptions,
+    ): core.HttpResponsePromise<Management.UpdateGuardianFactorsProviderPushNotificationFcmResponseContent> {
+        return core.HttpResponsePromise.fromPromise(this.__updateFcmProvider(request, requestOptions));
+    }
+
+    private async __updateFcmProvider(
+        request: Management.UpdateGuardianFactorsProviderPushNotificationFcmRequestContent = {},
+        requestOptions?: PushNotificationClient.RequestOptions,
+    ): Promise<core.WithRawResponse<Management.UpdateGuardianFactorsProviderPushNotificationFcmResponseContent>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                "guardian/factors/push-notification/providers/fcm",
+            ),
+            method: "PATCH",
+            headers: _headers,
+            contentType: "application/json",
+            queryParameters: requestOptions?.queryParams,
+            requestType: "json",
+            body: request,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body as Management.UpdateGuardianFactorsProviderPushNotificationFcmResponseContent,
+                rawResponse: _response.rawResponse,
+            };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
         return handleNonStatusCodeError(
             _response.error,
             _response.rawResponse,
@@ -263,7 +425,7 @@ export class PushNotificationClient {
     }
 
     /**
-     * Modify configuration details of the multi-factor authentication FCMV1 provider associated with your tenant.
+     * Overwrite all configuration details of the multi-factor authentication FCMV1 provider associated with your tenant.
      *
      * @param {Management.SetGuardianFactorsProviderPushNotificationFcmv1RequestContent} request
      * @param {PushNotificationClient.RequestOptions} requestOptions - Request-specific configuration.
@@ -273,17 +435,17 @@ export class PushNotificationClient {
      * @throws {@link Management.ForbiddenError}
      *
      * @example
-     *     await client.guardian.factors.pushNotification.setFcmv1Provider({})
+     *     await client.guardian.factors.pushNotification.setFcmv1Provider()
      */
     public setFcmv1Provider(
-        request: Management.SetGuardianFactorsProviderPushNotificationFcmv1RequestContent,
+        request: Management.SetGuardianFactorsProviderPushNotificationFcmv1RequestContent = {},
         requestOptions?: PushNotificationClient.RequestOptions,
     ): core.HttpResponsePromise<Management.SetGuardianFactorsProviderPushNotificationFcmv1ResponseContent> {
         return core.HttpResponsePromise.fromPromise(this.__setFcmv1Provider(request, requestOptions));
     }
 
     private async __setFcmv1Provider(
-        request: Management.SetGuardianFactorsProviderPushNotificationFcmv1RequestContent,
+        request: Management.SetGuardianFactorsProviderPushNotificationFcmv1RequestContent = {},
         requestOptions?: PushNotificationClient.RequestOptions,
     ): Promise<core.WithRawResponse<Management.SetGuardianFactorsProviderPushNotificationFcmv1ResponseContent>> {
         const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
@@ -299,7 +461,7 @@ export class PushNotificationClient {
                     environments.ManagementEnvironment.Default,
                 "guardian/factors/push-notification/providers/fcmv1",
             ),
-            method: "PATCH",
+            method: "PUT",
             headers: _headers,
             contentType: "application/json",
             queryParameters: requestOptions?.queryParams,
@@ -335,6 +497,87 @@ export class PushNotificationClient {
             }
         }
 
+        return handleNonStatusCodeError(
+            _response.error,
+            _response.rawResponse,
+            "PUT",
+            "/guardian/factors/push-notification/providers/fcmv1",
+        );
+    }
+
+    /**
+     * Modify configuration details of the multi-factor authentication FCMV1 provider associated with your tenant.
+     *
+     * @param {Management.UpdateGuardianFactorsProviderPushNotificationFcmv1RequestContent} request
+     * @param {PushNotificationClient.RequestOptions} requestOptions - Request-specific configuration.
+     *
+     * @throws {@link Management.BadRequestError}
+     * @throws {@link Management.UnauthorizedError}
+     * @throws {@link Management.ForbiddenError}
+     *
+     * @example
+     *     await client.guardian.factors.pushNotification.updateFcmv1Provider()
+     */
+    public updateFcmv1Provider(
+        request: Management.UpdateGuardianFactorsProviderPushNotificationFcmv1RequestContent = {},
+        requestOptions?: PushNotificationClient.RequestOptions,
+    ): core.HttpResponsePromise<Management.UpdateGuardianFactorsProviderPushNotificationFcmv1ResponseContent> {
+        return core.HttpResponsePromise.fromPromise(this.__updateFcmv1Provider(request, requestOptions));
+    }
+
+    private async __updateFcmv1Provider(
+        request: Management.UpdateGuardianFactorsProviderPushNotificationFcmv1RequestContent = {},
+        requestOptions?: PushNotificationClient.RequestOptions,
+    ): Promise<core.WithRawResponse<Management.UpdateGuardianFactorsProviderPushNotificationFcmv1ResponseContent>> {
+        const _authRequest: core.AuthRequest = await this._options.authProvider.getAuthRequest();
+        let _headers: core.Fetcher.Args["headers"] = mergeHeaders(
+            _authRequest.headers,
+            this._options?.headers,
+            requestOptions?.headers,
+        );
+        const _response = await (this._options.fetcher ?? core.fetcher)({
+            url: core.url.join(
+                (await core.Supplier.get(this._options.baseUrl)) ??
+                    (await core.Supplier.get(this._options.environment)) ??
+                    environments.ManagementEnvironment.Default,
+                "guardian/factors/push-notification/providers/fcmv1",
+            ),
+            method: "PATCH",
+            headers: _headers,
+            contentType: "application/json",
+            queryParameters: requestOptions?.queryParams,
+            requestType: "json",
+            body: request,
+            timeoutMs: (requestOptions?.timeoutInSeconds ?? this._options?.timeoutInSeconds ?? 60) * 1000,
+            maxRetries: requestOptions?.maxRetries ?? this._options?.maxRetries,
+            abortSignal: requestOptions?.abortSignal,
+            fetchFn: this._options?.fetch,
+            logging: this._options.logging,
+        });
+        if (_response.ok) {
+            return {
+                data: _response.body as Management.UpdateGuardianFactorsProviderPushNotificationFcmv1ResponseContent,
+                rawResponse: _response.rawResponse,
+            };
+        }
+
+        if (_response.error.reason === "status-code") {
+            switch (_response.error.statusCode) {
+                case 400:
+                    throw new Management.BadRequestError(_response.error.body as unknown, _response.rawResponse);
+                case 401:
+                    throw new Management.UnauthorizedError(_response.error.body as unknown, _response.rawResponse);
+                case 403:
+                    throw new Management.ForbiddenError(_response.error.body as unknown, _response.rawResponse);
+                default:
+                    throw new errors.ManagementError({
+                        statusCode: _response.error.statusCode,
+                        body: _response.error.body,
+                        rawResponse: _response.rawResponse,
+                    });
+            }
+        }
+
         return handleNonStatusCodeError(
             _response.error,
             _response.rawResponse,
diff --git a/src/management/api/resources/organizations/resources/discoveryDomains/client/Client.ts b/src/management/api/resources/organizations/resources/discoveryDomains/client/Client.ts
index f9a82e670..1d4d5b729 100644
--- a/src/management/api/resources/organizations/resources/discoveryDomains/client/Client.ts
+++ b/src/management/api/resources/organizations/resources/discoveryDomains/client/Client.ts
@@ -142,7 +142,7 @@ export class DiscoveryDomainsClient {
     }
 
     /**
-     * Update the verification status for an organization discovery domain. The <code>status</code> field must be either <code>pending</code> or <code>verified</code>.
+     * Update the verification status and/or use_for_organization_discovery for an organization discovery domain. The <code>status</code> field must be either <code>pending</code> or <code>verified</code>. The <code>use_for_organization_discovery</code> field can be <code>true</code> or <code>false</code> (default: <code>true</code>).
      *
      * @param {string} id - ID of the organization.
      * @param {Management.CreateOrganizationDiscoveryDomainRequestContent} request
@@ -405,7 +405,7 @@ export class DiscoveryDomainsClient {
     }
 
     /**
-     * Update the verification status for an organization discovery domain. The <code>status</code> field must be either <code>pending</code> or <code>verified</code>.
+     * Update the verification status and/or use_for_organization_discovery for an organization discovery domain. The <code>status</code> field must be either <code>pending</code> or <code>verified</code>. The <code>use_for_organization_discovery</code> field can be <code>true</code> or <code>false</code> (default: <code>true</code>).
      *
      * @param {string} id - ID of the organization.
      * @param {string} discovery_domain_id - ID of the discovery domain to update.
diff --git a/src/management/api/resources/prompts/resources/rendering/client/Client.ts b/src/management/api/resources/prompts/resources/rendering/client/Client.ts
index 5aafa4e64..18f2c082d 100644
--- a/src/management/api/resources/prompts/resources/rendering/client/Client.ts
+++ b/src/management/api/resources/prompts/resources/rendering/client/Client.ts
@@ -169,33 +169,6 @@ export class RenderingClient {
     /**
      * Learn more about <a href='https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens'>configuring render settings</a> for advanced customization.
      *
-     * <p>
-     *   Example <code>head_tags</code> array. See our <a href='https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens'>documentation</a> on using Liquid variables within head tags.
-     * </p>
-     * <pre>{
-     *   "head_tags": [
-     *     {
-     *       "tag": "script",
-     *       "attributes": {
-     *         "defer": true,
-     *         "src": "URL_TO_ASSET",
-     *         "async": true,
-     *         "integrity": [
-     *           "ASSET_SHA"
-     *         ]
-     *       }
-     *     },
-     *     {
-     *       "tag": "link",
-     *       "attributes": {
-     *         "href": "URL_TO_ASSET",
-     *         "rel": "stylesheet"
-     *       }
-     *     }
-     *   ]
-     * }
-     * </pre>
-     *
      * @param {Management.BulkUpdateAculRequestContent} request
      * @param {RenderingClient.RequestOptions} requestOptions - Request-specific configuration.
      *
@@ -370,33 +343,6 @@ export class RenderingClient {
     /**
      * Learn more about <a href='https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens'>configuring render settings</a> for advanced customization.
      *
-     * <p>
-     *   Example <code>head_tags</code> array. See our <a href='https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens'>documentation</a> on using Liquid variables within head tags.
-     * </p>
-     * <pre>{
-     *   "head_tags": [
-     *     {
-     *       "tag": "script",
-     *       "attributes": {
-     *         "defer": true,
-     *         "src": "URL_TO_ASSET",
-     *         "async": true,
-     *         "integrity": [
-     *           "ASSET_SHA"
-     *         ]
-     *       }
-     *     },
-     *     {
-     *       "tag": "link",
-     *       "attributes": {
-     *         "href": "URL_TO_ASSET",
-     *         "rel": "stylesheet"
-     *       }
-     *     }
-     *   ]
-     * }
-     * </pre>
-     *
      * @param {Management.PromptGroupNameEnum} prompt - Name of the prompt
      * @param {Management.ScreenGroupNameEnum} screen - Name of the screen
      * @param {Management.UpdateAculRequestContent} request
diff --git a/src/management/api/resources/tokenExchangeProfiles/client/Client.ts b/src/management/api/resources/tokenExchangeProfiles/client/Client.ts
index a35e3aadf..cb262f3a1 100644
--- a/src/management/api/resources/tokenExchangeProfiles/client/Client.ts
+++ b/src/management/api/resources/tokenExchangeProfiles/client/Client.ts
@@ -25,6 +25,8 @@ export class TokenExchangeProfilesClient {
     /**
      * Retrieve a list of all Token Exchange Profiles available in your tenant.
      *
+     * By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta’s Master Subscription Agreement</a>. It is your responsibility to securely validate the user’s subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+     *
      * This endpoint supports Checkpoint pagination. To search by checkpoint, use the following parameters:
      * <ul>
      * <li><code>from</code>: Optional id from which to start selection.</li>
@@ -147,6 +149,8 @@ export class TokenExchangeProfilesClient {
     /**
      * Create a new Token Exchange Profile within your tenant.
      *
+     * By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta’s Master Subscription Agreement</a>. It is your responsibility to securely validate the user’s subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+     *
      * @param {Management.CreateTokenExchangeProfileRequestContent} request
      * @param {TokenExchangeProfilesClient.RequestOptions} requestOptions - Request-specific configuration.
      *
@@ -233,6 +237,8 @@ export class TokenExchangeProfilesClient {
     /**
      * Retrieve details about a single Token Exchange Profile specified by ID.
      *
+     * By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta’s Master Subscription Agreement</a>. It is your responsibility to securely validate the user’s subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+     *
      * @param {string} id - ID of the Token Exchange Profile to retrieve.
      * @param {TokenExchangeProfilesClient.RequestOptions} requestOptions - Request-specific configuration.
      *
@@ -312,6 +318,9 @@ export class TokenExchangeProfilesClient {
     /**
      * Delete a Token Exchange Profile within your tenant.
      *
+     * By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta's Master Subscription Agreement</a>. It is your responsibility to securely validate the user's subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+     *
+     *
      * @param {string} id - ID of the Token Exchange Profile to delete.
      * @param {TokenExchangeProfilesClient.RequestOptions} requestOptions - Request-specific configuration.
      *
@@ -387,6 +396,9 @@ export class TokenExchangeProfilesClient {
     /**
      * Update a Token Exchange Profile within your tenant.
      *
+     * By using this feature, you agree to the applicable Free Trial terms in <a href="https://www.okta.com/legal/">Okta's Master Subscription Agreement</a>. It is your responsibility to securely validate the user's subject_token. See <a href="https://auth0.com/docs/authenticate/custom-token-exchange">User Guide</a> for more details.
+     *
+     *
      * @param {string} id - ID of the Token Exchange Profile to update.
      * @param {Management.UpdateTokenExchangeProfileRequestContent} request
      * @param {TokenExchangeProfilesClient.RequestOptions} requestOptions - Request-specific configuration.
diff --git a/src/management/api/types/types.ts b/src/management/api/types/types.ts
index 9f27064dd..f4c6b8e22 100644
--- a/src/management/api/types/types.ts
+++ b/src/management/api/types/types.ts
@@ -267,6 +267,9 @@ export const OauthScope = {
     /**
      * Update Event Deliveries */
     UpdateEventDeliveries: "update:event_deliveries",
+    /**
+     * Read Events */
+    ReadEvents: "read:events",
     /**
      * Read Extensions */
     ReadExtensions: "read:extensions",
@@ -1057,9 +1060,9 @@ export interface AculConfigsItem {
     rendering_mode?: Management.AculRenderingModeEnum;
     context_configuration?: Management.AculContextConfiguration;
     default_head_tags_disabled?: (Management.AculDefaultHeadTagsDisabled | undefined) | null;
+    use_page_template?: (Management.AculUsePageTemplate | undefined) | null;
     head_tags?: Management.AculHeadTags;
     filters?: Management.AculFilters | null;
-    use_page_template?: (Management.AculUsePageTemplate | undefined) | null;
 }
 
 /**
@@ -1072,7 +1075,33 @@ export type AculConfigs = Management.AculConfigsItem[];
  */
 export type AculContextConfiguration = Management.AculContextConfigurationItem[];
 
-export type AculContextConfigurationItem = string;
+export type AculContextConfigurationItem =
+    | Management.AculContextEnum
+    /**
+     * Dynamic authorization param ext key (e.g., `untrusted_data.authorization_params.ext-myKey`) */
+    | string;
+
+/** Static context values */
+export const AculContextEnum = {
+    BrandingSettings: "branding.settings",
+    BrandingThemesDefault: "branding.themes.default",
+    ClientLogoUri: "client.logo_uri",
+    ClientDescription: "client.description",
+    OrganizationDisplayName: "organization.display_name",
+    OrganizationBranding: "organization.branding",
+    ScreenTexts: "screen.texts",
+    TenantName: "tenant.name",
+    TenantFriendlyName: "tenant.friendly_name",
+    TenantLogoUrl: "tenant.logo_url",
+    TenantEnabledLocales: "tenant.enabled_locales",
+    UntrustedDataSubmittedFormData: "untrusted_data.submitted_form_data",
+    UntrustedDataAuthorizationParamsLoginHint: "untrusted_data.authorization_params.login_hint",
+    UntrustedDataAuthorizationParamsScreenHint: "untrusted_data.authorization_params.screen_hint",
+    UntrustedDataAuthorizationParamsUiLocales: "untrusted_data.authorization_params.ui_locales",
+    UserOrganizations: "user.organizations",
+    TransactionCustomDomainDomain: "transaction.custom_domain.domain",
+} as const;
+export type AculContextEnum = (typeof AculContextEnum)[keyof typeof AculContextEnum];
 
 /**
  * Override Universal Login default head tags
@@ -1115,23 +1144,21 @@ export interface AculHeadTag {
     /** Any HTML element valid for use in the head tag */
     tag?: string;
     attributes?: Management.AculHeadTagAttributes;
-    /**
-     * Text/content within the opening and closing tags of the element.
-     * See <a href="https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens">documentation</a> on using context variables
-     */
-    content?: string;
+    content?: Management.AculHeadTagContent;
     /** Accepts any additional properties */
     [key: string]: any;
 }
 
 /**
- * Attributes of the HTML tag
+ * Attributes of the HTML tag. See <a href="https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Attributes"> MDN documentation</a> for valid attributes.
  */
-export interface AculHeadTagAttributes {
-    integrity?: string[];
-    /** Accepts any additional properties */
-    [key: string]: any;
-}
+export type AculHeadTagAttributes = Record<string, unknown>;
+
+/**
+ * Text or markup between the element’s opening and closing tags.
+ * You can use <a href="https://auth0.com/docs/customize/login-pages/advanced-customizations/getting-started/configure-acul-screens">context variables</a> to display dynamic values.
+ */
+export type AculHeadTagContent = string;
 
 /**
  * An array of head tags
@@ -1179,11 +1206,11 @@ export interface AculResponseContent {
     context_configuration?: string[];
     /** Override Universal Login default head tags */
     default_head_tags_disabled?: boolean | null;
+    /** Use page template with ACUL */
+    use_page_template?: boolean | null;
     /** An array of head tags */
     head_tags?: Management.AculHeadTag[];
     filters?: Management.AculFilters | null;
-    /** Use page template with ACUL */
-    use_page_template?: boolean | null;
     /** Accepts any additional properties */
     [key: string]: any;
 }
@@ -1412,24 +1439,24 @@ export type BotDetectionChallengePolicyPasswordlessFlowEnum =
 export type BotDetectionCidrBlock = string;
 
 /**
- * IPv4 address or CIDR block
+ * IP address (IPv4 or IPv6) or CIDR block
  */
-export type BotDetectionIPv4 = string;
+export type BotDetectionIpAddressOrCidrBlock = string;
 
 /**
- * IPv6 address or CIDR block
+ * IPv4 address
  */
-export type BotDetectionIPv6 = string;
+export type BotDetectionIPv4 = string;
 
 /**
- * IP address (IPv4 or IPv6) or CIDR block
+ * IPv6 address
  */
-export type BotDetectionIpAddressOrCidrBlock = string;
+export type BotDetectionIPv6 = string;
 
 /**
  * IPv6 CIDR block
  */
-export type BotDetectionIpv6CidrBlock = string;
+export type BotDetectionIPv6CidrBlock = string;
 
 /** The level of bot detection sensitivity */
 export const BotDetectionLevelEnum = {
@@ -1769,6 +1796,17 @@ export interface BulkUpdateAculResponseContent {
     [key: string]: any;
 }
 
+/**
+ * The user's identity. If you set this value, you must also send the user_id parameter.
+ */
+export interface ChangePasswordTicketIdentity {
+    /** user_id of the identity. */
+    user_id: string;
+    provider: Management.IdentityProviderOnlyAuth0Enum;
+    /** connection_id of the identity. */
+    connection_id?: string;
+}
+
 export interface ChangePasswordTicketResponseContent {
     /** URL representing the ticket. */
     ticket: string;
@@ -1858,6 +1896,7 @@ export interface Client {
      * See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
      */
     skip_non_verifiable_callback_uri_confirmation_prompt?: boolean;
+    token_exchange?: Management.ClientTokenExchangeConfiguration;
     /** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
     par_request_expiry?: number | null;
     token_quota?: Management.TokenQuota;
@@ -2648,6 +2687,15 @@ export interface ClientRefreshTokenConfiguration {
     idle_token_lifetime?: number;
     /** Prevents tokens from expiring without use when `true` (takes precedence over `idle_token_lifetime` values) */
     infinite_idle_token_lifetime?: boolean;
+    /** A collection of policies governing multi-resource refresh token exchange (MRRT), defining how refresh tokens can be used across different resource servers */
+    policies?: Management.ClientRefreshTokenPolicy[];
+}
+
+export interface ClientRefreshTokenPolicy {
+    /** The identifier of the resource server to which the Multi Resource Refresh Token Policy applies */
+    audience: string;
+    /** The resource server permissions granted under the Multi Resource Refresh Token Policy, defining the context in which an access token can be used */
+    scope: string[];
 }
 
 export const ClientSessionTransferAllowedAuthenticationMethodsEnum = {
@@ -2735,6 +2783,24 @@ export const ClientTokenEndpointAuthMethodOrNullEnum = {
 export type ClientTokenEndpointAuthMethodOrNullEnum =
     (typeof ClientTokenEndpointAuthMethodOrNullEnum)[keyof typeof ClientTokenEndpointAuthMethodOrNullEnum];
 
+/**
+ * Configuration for token exchange.
+ */
+export interface ClientTokenExchangeConfiguration {
+    /** List the enabled token exchange types for this client. */
+    allow_any_profile_of_type?: Management.ClientTokenExchangeTypeEnum[];
+}
+
+/**
+ * Configuration for token exchange.
+ */
+export interface ClientTokenExchangeConfigurationOrNull {
+    /** List the enabled token exchange types for this client. */
+    allow_any_profile_of_type?: Management.ClientTokenExchangeTypeEnum[];
+}
+
+export type ClientTokenExchangeTypeEnum = "custom_authentication";
+
 export interface ConnectedAccount {
     /** The unique identifier for the connected account. */
     id: string;
@@ -2758,11 +2824,54 @@ export interface ConnectedAccount {
  */
 export type ConnectedAccountAccessTypeEnum = "offline";
 
+/**
+ * A list of the Authentication Context Class References that this OP supports
+ */
+export type ConnectionAcrValuesSupported = string[];
+
+/**
+ * List of allowed audiences in the ID token for Google Native Social Login
+ */
+export type ConnectionAllowedAudiencesGoogleOAuth2 = string[];
+
+/**
+ * The Azure AD application domain (e.g., 'contoso.onmicrosoft.com'). Used primarily with WS-Federation protocol and Azure AD v1 endpoints.
+ */
+export type ConnectionAppDomainAzureAd = string;
+
 export interface ConnectionAttributeIdentifier {
     /** Determines if the attribute is used for identification */
     active?: boolean;
 }
 
+/**
+ * Object containing mapping details for incoming claims
+ */
+export type ConnectionAttributeMapAttributes = Record<string, unknown>;
+
+/**
+ * Mapping of claims received from the identity provider (IdP)
+ */
+export interface ConnectionAttributeMapOidc {
+    attributes?: Management.ConnectionAttributeMapAttributes;
+    mapping_mode?: Management.ConnectionMappingModeEnumOidc;
+    userinfo_scope?: Management.ConnectionAttributeMapUserinfoScope;
+}
+
+/**
+ * Mapping of claims received from the identity provider (IdP)
+ */
+export interface ConnectionAttributeMapOkta {
+    attributes?: Management.ConnectionAttributeMapAttributes;
+    mapping_mode?: Management.ConnectionMappingModeEnumOkta;
+    userinfo_scope?: Management.ConnectionAttributeMapUserinfoScope;
+}
+
+/**
+ * Scopes to send to the IdP's Userinfo endpoint
+ */
+export type ConnectionAttributeMapUserinfoScope = string;
+
 /**
  * Attribute configuration
  */
@@ -2772,6 +2881,21 @@ export interface ConnectionAttributes {
     username?: Management.UsernameAttribute;
 }
 
+/**
+ * Additional properties for OAuth2 connection authentication parameters
+ */
+export type ConnectionAuthParamsAdditionalPropertiesOAuth2 = string;
+
+/**
+ * Maps parameter names from Auth0's /authorize endpoint to the identity provider's authorization endpoint parameters. For example, mapping 'audience' to 'resource' transforms the parameter name during authorization requests. Applied after authParams merging. See https://auth0.com/docs/authenticate/identity-providers/social-identity-providers/oauth2#pass-dynamic-parameters
+ */
+export type ConnectionAuthParamsMap = Record<string, string>;
+
+/**
+ * Additional static parameters included in every authorization request to the identity provider. These parameters are merged with runtime parameters before the authorization redirect. Keys and values are passed as-is to the identity provider's authorization endpoint. See https://auth0.com/docs/authenticate/identity-providers/social-identity-providers/oauth2#pass-static-parameters
+ */
+export type ConnectionAuthParamsOAuth2 = Record<string, Management.ConnectionAuthParamsAdditionalPropertiesOAuth2>;
+
 /**
  * Options for enabling authentication methods.
  */
@@ -2787,21 +2911,81 @@ export interface ConnectionAuthenticationPurpose {
     active: boolean;
 }
 
+export type ConnectionAuthorizationEndpoint = string;
+
+export type ConnectionAuthorizationEndpointOAuth2 = Management.ConnectionAuthorizationEndpoint;
+
 /**
  * Indicates whether brute force protection is enabled.
  */
 export type ConnectionBruteForceProtection = boolean;
 
 /**
- * The client ID of the connection.
+ * JSON array containing a list of the Claim Types that the OpenID Provider supports. These Claim Types are described in Section 5.6 of OpenID Connect Core 1.0 [OpenID.Core]. If omitted, the implementation supports only normal Claims.
+ */
+export type ConnectionClaimTypesSupported = string[];
+
+/**
+ * Languages and scripts supported for values in Claims being returned, represented as a JSON array of BCP47 [RFC5646] language tag values. Not all languages and scripts are necessarily supported for all Claim values.
+ */
+export type ConnectionClaimsLocalesSupported = string[];
+
+/**
+ * Boolean value specifying whether the OP supports use of the claims parameter, with true indicating support. If omitted, the default value is false.
+ */
+export type ConnectionClaimsParameterSupported = boolean;
+
+/**
+ * JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list.
+ */
+export type ConnectionClaimsSupported = string[];
+
+/**
+ * OAuth 2.0 client identifier issued by the identity provider during application registration. This value identifies your Auth0 connection to the identity provider.
  */
 export type ConnectionClientId = string;
 
+export type ConnectionClientIdAzureAd = Management.ConnectionClientId;
+
+/**
+ * Your Google OAuth 2.0 client ID. You can find this in your [Google Cloud Console](https://console.cloud.google.com/apis/credentials) under the OAuth 2.0 Client IDs section.
+ */
+export type ConnectionClientIdGoogleOAuth2 = (string | null) | undefined;
+
+export type ConnectionClientIdOAuth2 = Management.ConnectionClientId;
+
+export type ConnectionClientIdOidc = Management.ConnectionClientId;
+
 /**
- * The client secret of the connection.
+ * OAuth 2.0 client secret issued by the identity provider during application registration. Used to authenticate your Auth0 connection when exchanging authorization codes for tokens. May be null for public clients.
  */
 export type ConnectionClientSecret = string;
 
+/**
+ * The client secret (application password) from your Azure AD app registration. Used to authenticate your application when exchanging authorization codes for tokens.
+ */
+export type ConnectionClientSecretAzureAd = string;
+
+/**
+ * Your Google OAuth 2.0 client secret. You can find this in your [Google Cloud Console](https://console.cloud.google.com/apis/credentials) under the OAuth 2.0 Client IDs section.
+ */
+export type ConnectionClientSecretGoogleOAuth2 = (string | null) | undefined;
+
+export type ConnectionClientSecretOAuth2 = Management.ConnectionClientSecret;
+
+export type ConnectionClientSecretOidc = Management.ConnectionClientSecret;
+
+export interface ConnectionCommon {
+    authentication?: Management.ConnectionAuthenticationPurpose;
+    connected_accounts?: Management.ConnectionConnectedAccountsPurpose;
+    display_name?: Management.ConnectionDisplayName;
+    enabled_clients?: Management.ConnectionEnabledClients;
+    is_domain_connection?: Management.ConnectionIsDomainConnection;
+    metadata?: Management.ConnectionsMetadata;
+    realms?: Management.ConnectionRealms;
+    show_as_button?: Management.ConnectionShowAsButton;
+}
+
 /**
  * A hash of configuration key/value pairs.
  */
@@ -2815,6 +2999,28 @@ export interface ConnectionConnectedAccountsPurpose {
     cross_app_access?: boolean;
 }
 
+/**
+ * PKCE configuration for the connection
+ */
+export interface ConnectionConnectionSettings {
+    pkce?: Management.ConnectionConnectionSettingsPkceEnum;
+}
+
+/** PKCE configuration. */
+export const ConnectionConnectionSettingsPkceEnum = {
+    Auto: "auto",
+    S256: "S256",
+    Plain: "plain",
+    Disabled: "disabled",
+} as const;
+export type ConnectionConnectionSettingsPkceEnum =
+    (typeof ConnectionConnectionSettingsPkceEnum)[keyof typeof ConnectionConnectionSettingsPkceEnum];
+
+/**
+ * Custom HTTP headers sent with token exchange requests to the identity provider's token endpoint. Provided as key-value pairs (e.g., {'X-Custom-Header': 'value'}). Auth0's User-Agent header is always included by default.
+ */
+export type ConnectionCustomHeadersOAuth2 = Record<string, string>;
+
 /**
  * A map of scripts used to integrate with a custom database.
  */
@@ -2842,11 +3048,33 @@ export type ConnectionDisableSelfServiceChangePassword = boolean;
  */
 export type ConnectionDisableSignup = boolean;
 
+/**
+ * OIDC discovery URL. Discovery runs only when connection.options.oidc_metadata is empty and a discovery_url is provided.
+ */
+export type ConnectionDiscoveryUrl = string;
+
 /**
  * Connection name used in the new universal login experience
  */
 export type ConnectionDisplayName = string;
 
+/**
+ * JSON array containing a list of the JWS signing algorithms (alg values) supported by the Token Endpoint for the signature on the JWT [JWT] used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods. Servers SHOULD support RS256. The value none MUST NOT be used.
+ */
+export type ConnectionDisplayValuesSupported = string[];
+
+export type ConnectionDomainAliasesOne = string[];
+
+/**
+ * Alternative domain names associated with this Azure AD tenant. Allows users from multiple verified domains to authenticate through this connection. Can be an array of domain strings.
+ */
+export type ConnectionDomainAliasesAzureAd = string[];
+
+/**
+ * Domain of the Okta organization (e.g., dev-123456.okta.com). Should be just the domain of the okta server with no scheme or trailing backslash. Discovery runs only when connection.options.oidc_metadata is empty and a domain is provided
+ */
+export type ConnectionDomainOkta = string;
+
 /**
  * Set to true to inject context into custom DB scripts (warning: cannot be disabled once enabled)
  */
@@ -2869,6 +3097,43 @@ export type ConnectionEnabledClients = string[];
  */
 export type ConnectionEnabledDatabaseCustomization = boolean;
 
+/**
+ * URL of the identity provider's logout/end session endpoint. When configured as a static URL, users are redirected here after logging out from Auth0. Must use HTTPS scheme.
+ */
+export type ConnectionEndSessionEndpoint = string;
+
+export type ConnectionEndSessionEndpointOAuth2 = Management.ConnectionEndSessionEndpoint;
+
+/**
+ * Indicates to store whether the user is a domain administrator.
+ */
+export type ConnectionExtAdmin = boolean;
+
+/**
+ * Indicates to store whether the user has agreed to the terms of service.
+ */
+export type ConnectionExtAgreedTerms = boolean;
+
+/**
+ * Indicates whether to store a list of the Office 365 assigned plans for the user.
+ */
+export type ConnectionExtAssignedPlans = boolean;
+
+/**
+ * When enabled (true), retrieves and stores Azure AD security group memberships for the user. Requires Microsoft Graph API permissions (Directory.Read.All). Allows configuring max_groups_to_retrieve.
+ */
+export type ConnectionExtGroups = boolean;
+
+/**
+ * Indicates to store whether a user's account is suspended.
+ */
+export type ConnectionExtIsSuspended = boolean;
+
+/**
+ * When enabled (true), retrieves extended profile attributes from Azure AD via Microsoft Graph API (job title, department, office location, etc.). Requires Graph API permissions. Only available with Azure AD v1 or when explicitly enabled for v2.
+ */
+export type ConnectionExtProfile = boolean;
+
 /**
  * Federated Connections Access Tokens
  */
@@ -2877,6 +3142,11 @@ export interface ConnectionFederatedConnectionsAccessTokens {
     active?: boolean;
 }
 
+/**
+ * Mapping of user profile fields returned from the OAuth2 provider to Auth0 user attributes
+ */
+export type ConnectionFieldsMap = Record<string, string>;
+
 export interface ConnectionForList {
     /** The name of the connection */
     name?: string;
@@ -2913,9 +3183,9 @@ export interface ConnectionForOrganization {
 }
 
 /**
- * Array of freeform scopes
+ * Array of custom OAuth 2.0 scopes to request from Google during authentication. Use this to request scopes not covered by the predefined scope options.
  */
-export type ConnectionFreeformScopes = string[];
+export type ConnectionFreeformScopesGoogleOAuth2 = Management.ConnectionScopeArray;
 
 /**
  * Token-based authentication settings to be applied when connection is using an sms strategy.
@@ -2935,11 +3205,62 @@ export interface ConnectionGatewayAuthentication {
     [key: string]: any;
 }
 
+/**
+ * A list of the OAuth 2.0 Grant Type values that this OP supports. Dynamic OpenID Providers MUST support the authorization_code and implicit Grant Type values and MAY support other Grant Types. If omitted, the default value is ["authorization_code", "implicit"].
+ */
+export type ConnectionGrantTypesSupported = string[];
+
+export type ConnectionHttpsUrlWithHttpFallback = string;
+
+/**
+ * https url of the icon to be shown
+ */
+export type ConnectionIconUrl = string;
+
+/**
+ * URL for the connection icon displayed in Auth0 login pages. Accepts HTTPS URLs. Used for visual branding in authentication flows.
+ */
+export type ConnectionIconUrlAzureAd = Management.ConnectionIconUrl;
+
+export type ConnectionIconUrlGoogleOAuth2 = Management.ConnectionIconUrl;
+
 /**
  * The connection's identifier
  */
 export type ConnectionId = string;
 
+/**
+ * JSON array containing a list of the JWE encryption algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT
+ */
+export type ConnectionIdTokenEncryptionAlgValuesSupported = string[];
+
+/**
+ * JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for the ID Token to encode the Claims in a JWT [JWT].
+ */
+export type ConnectionIdTokenEncryptionEncValuesSupported = string[];
+
+/** Algorithm allowed to verify the ID tokens. */
+export const ConnectionIdTokenSignedResponseAlgEnum = {
+    Rs256: "RS256",
+    Rs512: "RS512",
+    Ps256: "PS256",
+    Es256: "ES256",
+} as const;
+export type ConnectionIdTokenSignedResponseAlgEnum =
+    (typeof ConnectionIdTokenSignedResponseAlgEnum)[keyof typeof ConnectionIdTokenSignedResponseAlgEnum];
+
+/**
+ * List of algorithms allowed to verify the ID tokens.
+ */
+export type ConnectionIdTokenSignedResponseAlgs =
+    | (Management.ConnectionIdTokenSignedResponseAlgEnum[] | null)
+    | undefined;
+
+/**
+ * A list of the JWS signing algorithms (alg values) supported by the OP for the ID Token to encode the Claims in a JWT. The algorithm RS256 MUST be included. The value none MAY be supported, but MUST NOT be used unless the Response Type used returns no ID Token from the Authorization Endpoint (such as when using the Authorization Code Flow). https://datatracker.ietf.org/doc/html/rfc7518
+ */
+export type ConnectionIdTokenSigningAlgValuesSupported = string[];
+
 /**
  * Order of precedence for attribute types. If the property is not specified, the default precedence of attributes will be used.
  */
@@ -2954,6 +3275,19 @@ export const ConnectionIdentifierPrecedenceEnum = {
 export type ConnectionIdentifierPrecedenceEnum =
     (typeof ConnectionIdentifierPrecedenceEnum)[keyof typeof ConnectionIdentifierPrecedenceEnum];
 
+/**
+ * The Azure AD endpoint version for authentication. 'microsoft-identity-platform-v2.0' (recommended, default) supports modern OAuth 2.0 features. 'azure-active-directory-v1.0' is the legacy endpoint with protocol limitations. Selection affects available features.
+ */
+export type ConnectionIdentityApiAzureAd = Management.ConnectionIdentityApiEnumAzureAd;
+
+/** Identity API version to use */
+export const ConnectionIdentityApiEnumAzureAd = {
+    MicrosoftIdentityPlatformV20: "microsoft-identity-platform-v2.0",
+    AzureActiveDirectoryV10: "azure-active-directory-v1.0",
+} as const;
+export type ConnectionIdentityApiEnumAzureAd =
+    (typeof ConnectionIdentityApiEnumAzureAd)[keyof typeof ConnectionIdentityApiEnumAzureAd];
+
 /** The identity provider identifier for the connection */
 export const ConnectionIdentityProviderEnum = {
     Ad: "ad",
@@ -3032,6 +3366,10 @@ export type ConnectionImportMode = boolean;
  */
 export type ConnectionIsDomainConnection = boolean;
 
+export type ConnectionIssuer = Management.ConnectionHttpsUrlWithHttpFallback;
+
+export type ConnectionJwksUri = Management.ConnectionHttpsUrlWithHttpFallback;
+
 export interface ConnectionKey {
     /** The key id of the signing key */
     kid: string;
@@ -3066,6 +3404,27 @@ export const ConnectionKeyUseEnum = {
 } as const;
 export type ConnectionKeyUseEnum = (typeof ConnectionKeyUseEnum)[keyof typeof ConnectionKeyUseEnum];
 
+/** Method used to map incoming claims when strategy=oidc. */
+export const ConnectionMappingModeEnumOidc = {
+    BindAll: "bind_all",
+    UseMap: "use_map",
+} as const;
+export type ConnectionMappingModeEnumOidc =
+    (typeof ConnectionMappingModeEnumOidc)[keyof typeof ConnectionMappingModeEnumOidc];
+
+/** Method used to map incoming claims when strategy=okta. */
+export const ConnectionMappingModeEnumOkta = {
+    BasicProfile: "basic_profile",
+    UseMap: "use_map",
+} as const;
+export type ConnectionMappingModeEnumOkta =
+    (typeof ConnectionMappingModeEnumOkta)[keyof typeof ConnectionMappingModeEnumOkta];
+
+/**
+ * Maximum number of Azure AD groups to retrieve per user during authentication. Helps prevent performance issues for users in many groups. Only applies when ext_groups is enabled. Leave empty to use platform default.
+ */
+export type ConnectionMaxGroupsToRetrieve = string;
+
 /**
  * Multi-factor authentication configuration
  */
@@ -3089,7 +3448,11 @@ export type ConnectionNamePrefixTemplate = string;
 /**
  * An array of user fields that should not be stored in the Auth0 database (https://auth0.com/docs/security/data-security/denylist)
  */
-export type ConnectionNonPersistentAttrs = (string[] | null) | undefined;
+export type ConnectionNonPersistentAttrs = string[];
+
+export type ConnectionOpPolicyUri = Management.ConnectionHttpsUrlWithHttpFallback;
+
+export type ConnectionOpTosUri = Management.ConnectionHttpsUrlWithHttpFallback;
 
 /**
  * In order to return options in the response, the `read:connections_options` scope must be present
@@ -3097,12 +3460,12 @@ export type ConnectionNonPersistentAttrs = (string[] | null) | undefined;
 export type ConnectionOptions = Record<string, unknown>;
 
 /**
- * options for the 'ad' connection
+ * Options for the 'ad' connection
  */
 export type ConnectionOptionsAd = Record<string, unknown>;
 
 /**
- * options for the 'adfs' connection
+ * Options for the 'adfs' connection
  */
 export type ConnectionOptionsAdfs = Record<string, unknown>;
 
@@ -3111,33 +3474,31 @@ export type ConnectionOptionsAol = Management.ConnectionOptionsOAuth2Common;
 export type ConnectionOptionsAmazon = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'apple' connection
+ * Options for the 'apple' connection
  */
-export interface ConnectionOptionsApple {
+export interface ConnectionOptionsApple extends Management.ConnectionOptionsCommon {
     /** Apple App Secret (must be a PEM) */
     app_secret?: string | null;
     /** Apple Services ID */
     client_id?: string | null;
-    /** Whether to request email from Apple */
+    /** User has the option to obfuscate the email with Apple's relay service */
     email?: boolean;
     /** Array of freeform scopes */
-    freeform_scopes?: Management.ConnectionFreeformScopes;
+    freeform_scopes?: string[];
     /** Apple Key ID */
     kid?: string | null;
     /** Whether to request name from Apple */
     name?: boolean;
-    non_persistent_attrs?: (Management.ConnectionNonPersistentAttrs | undefined) | null;
-    scope?: Management.ConnectionScopeString;
+    /** Space separated list of scopes */
+    scope?: string;
     set_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum;
     /** Apple Team ID */
     team_id?: string | null;
     upstream_params?: (Management.ConnectionUpstreamParams | undefined) | null;
-    /** Accepts any additional properties */
-    [key: string]: any;
 }
 
 /**
- * options for the 'auth0' connection
+ * Options for the 'auth0' connection
  */
 export interface ConnectionOptionsAuth0 extends Management.ConnectionOptionsCommon {
     attributes?: Management.ConnectionAttributes;
@@ -3164,14 +3525,125 @@ export interface ConnectionOptionsAuth0 extends Management.ConnectionOptionsComm
 }
 
 /**
- * options for the 'auth0-oidc' connection
+ * Options for the 'auth0-oidc' connection
  */
 export type ConnectionOptionsAuth0Oidc = Record<string, unknown>;
 
 /**
- * options for the 'waad' connection
+ * Options for the 'waad' connection
  */
-export type ConnectionOptionsAzureAd = Record<string, unknown>;
+export interface ConnectionOptionsAzureAd extends Management.ConnectionOptionsCommon {
+    /** Enable users API */
+    api_enable_users?: boolean;
+    app_domain?: Management.ConnectionAppDomainAzureAd;
+    /** The Application ID URI (App ID URI) for the Azure AD application. Required when using Azure AD v1 with the Resource Owner Password flow. Used to identify the resource being requested in OAuth token requests. */
+    app_id?: string;
+    /** Includes basic user profile information from Azure AD (name, email, given_name, family_name). Always enabled and required - represents the minimum profile data retrieved during authentication. */
+    basic_profile?: boolean;
+    client_id?: Management.ConnectionClientIdAzureAd;
+    client_secret?: Management.ConnectionClientSecretAzureAd;
+    domain_aliases?: Management.ConnectionDomainAliasesAzureAd;
+    /** When false, prevents storing the user's Azure AD access token in the Auth0 user profile. When true (default), the access token is persisted for API access. */
+    ext_access_token?: boolean;
+    /** When false, prevents storing whether the user's Azure AD account is enabled. When true (default), the account enabled status is persisted in the user profile. */
+    ext_account_enabled?: boolean;
+    ext_admin?: Management.ConnectionExtAdmin;
+    ext_agreed_terms?: Management.ConnectionExtAgreedTerms;
+    /** When false, prevents storing the list of Microsoft 365/Office 365 licenses assigned to the user. When true (default), license information is persisted in the user profile. */
+    ext_assigned_licenses?: boolean;
+    ext_assigned_plans?: Management.ConnectionExtAssignedPlans;
+    /** When false, prevents storing the user's Azure ID identifier. When true (default), the Azure ID is persisted. Note: 'oid' (Object ID) is the recommended unique identifier for single-tenant connections. */
+    ext_azure_id?: boolean;
+    /** When false, prevents storing the user's city from Azure AD. When true (default), city information is persisted in the user profile. */
+    ext_city?: boolean;
+    /** When false, prevents storing the user's country from Azure AD. When true (default), country information is persisted in the user profile. */
+    ext_country?: boolean;
+    /** When false, prevents storing the user's department from Azure AD. When true (default), department information is persisted in the user profile. */
+    ext_department?: boolean;
+    /** When false, prevents storing whether directory synchronization is enabled for the user. When true (default), directory sync status is persisted in the user profile. */
+    ext_dir_sync_enabled?: boolean;
+    /** When false, prevents storing the user's email address from Azure AD. When true (default), email is persisted in the user profile. */
+    ext_email?: boolean;
+    /** When false, prevents storing the token expiration time (in seconds). When true (default), expiration information is persisted in the user profile. */
+    ext_expires_in?: boolean;
+    /** When false, prevents storing the user's family name (last name) from Azure AD. When true (default), family name is persisted in the user profile. */
+    ext_family_name?: boolean;
+    /** When false, prevents storing the user's fax number from Azure AD. When true (default), fax information is persisted in the user profile. */
+    ext_fax?: boolean;
+    /** When false, prevents storing the user's given name (first name) from Azure AD. When true (default), given name is persisted in the user profile. */
+    ext_given_name?: boolean;
+    /** When false, prevents storing the list of Azure AD group IDs the user is a member of. When true (default), group membership IDs are persisted. See ext_groups for retrieving group details. */
+    ext_group_ids?: boolean;
+    ext_groups?: Management.ConnectionExtGroups;
+    ext_is_suspended?: Management.ConnectionExtIsSuspended;
+    /** When false, prevents storing the user's job title from Azure AD. When true (default), job title information is persisted in the user profile. */
+    ext_job_title?: boolean;
+    /** When false, prevents storing the timestamp of the last directory synchronization. When true (default), the last sync date is persisted in the user profile. */
+    ext_last_sync?: boolean;
+    /** When false, prevents storing the user's mobile phone number from Azure AD. When true (default), mobile number is persisted in the user profile. */
+    ext_mobile?: boolean;
+    /** When false, prevents storing the user's full name from Azure AD. When true (default), full name is persisted in the user profile. */
+    ext_name?: boolean;
+    /** When true, stores all groups the user is member of, including transitive group memberships (groups within groups). When false (default), only direct group memberships are included. */
+    ext_nested_groups?: boolean;
+    /** When false, prevents storing the user's nickname or display name from Azure AD. When true (default), nickname is persisted in the user profile. */
+    ext_nickname?: boolean;
+    /** When false, prevents storing the user's Object ID (oid) from Azure AD. When true (default), the oid is persisted. Note: 'oid' is the recommended unique identifier for single-tenant connections and required for SCIM. */
+    ext_oid?: boolean;
+    /** When false, prevents storing the user's phone number from Azure AD. When true (default), phone number is persisted in the user profile. */
+    ext_phone?: boolean;
+    /** When false, prevents storing the user's office location from Azure AD. When true (default), office location is persisted in the user profile. */
+    ext_physical_delivery_office_name?: boolean;
+    /** When false, prevents storing the user's postal code from Azure AD. When true (default), postal code is persisted in the user profile. */
+    ext_postal_code?: boolean;
+    /** When false, prevents storing the user's preferred language from Azure AD. When true (default), language preference is persisted in the user profile. */
+    ext_preferred_language?: boolean;
+    ext_profile?: Management.ConnectionExtProfile;
+    /** When false, prevents storing the list of service plans provisioned to the user. When true (default), provisioned plans are persisted in the user profile. */
+    ext_provisioned_plans?: boolean;
+    /** When false, prevents storing provisioning errors that occurred during synchronization. When true (default), error information is persisted. Useful for troubleshooting sync issues. */
+    ext_provisioning_errors?: boolean;
+    /** When false, prevents storing all proxy email addresses (email aliases) for the user. When true (default), proxy addresses are persisted in the user profile. */
+    ext_proxy_addresses?: boolean;
+    /** When false, prevents storing the user's Passport User ID (puid). When true (default), puid is persisted in the user profile. Legacy attribute. */
+    ext_puid?: boolean;
+    /** When false, prevents storing the Azure AD refresh token. When true (default), the refresh token is persisted for offline access. Required for token refresh in long-lived applications. */
+    ext_refresh_token?: boolean;
+    /** When false, prevents storing Azure AD application roles assigned to the user. When true (default), role information is persisted. Useful for RBAC in applications. */
+    ext_roles?: boolean;
+    /** When false, prevents storing the user's state (province/region) from Azure AD. When true (default), state information is persisted in the user profile. */
+    ext_state?: boolean;
+    /** When false, prevents storing the user's street address from Azure AD. When true (default), street address is persisted in the user profile. */
+    ext_street?: boolean;
+    /** When false, prevents storing the user's telephone number from Azure AD. When true (default), telephone number is persisted in the user profile. */
+    ext_telephoneNumber?: boolean;
+    /** When false, prevents storing the user's Azure AD tenant ID. When true (default), tenant ID is persisted. Useful for identifying which Azure AD organization the user belongs to. */
+    ext_tenantid?: boolean;
+    /** When false, prevents storing the user's User Principal Name (UPN) from Azure AD. When true (default), UPN is persisted. UPN is the user's logon name (e.g., user@contoso.com). */
+    ext_upn?: boolean;
+    /** When false, prevents storing the user's usage location for license assignment. When true (default), usage location is persisted in the user profile. */
+    ext_usage_location?: boolean;
+    /** When false, prevents storing an alternative user ID. When true (default), this user ID is persisted in the user profile. */
+    ext_user_id?: boolean;
+    federated_connections_access_tokens?: Management.ConnectionFederatedConnectionsAccessTokens | null;
+    /** Indicates whether admin consent has been granted for the required Azure AD permissions. Read-only status field managed by Auth0 during the OAuth authorization flow. */
+    granted?: boolean;
+    icon_url?: Management.ConnectionIconUrlAzureAd;
+    identity_api?: Management.ConnectionIdentityApiAzureAd;
+    max_groups_to_retrieve?: Management.ConnectionMaxGroupsToRetrieve;
+    scope?: Management.ConnectionScopeAzureAd;
+    set_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum;
+    should_trust_email_verified_connection?: Management.ConnectionShouldTrustEmailVerifiedConnectionEnum;
+    tenant_domain?: Management.ConnectionTenantDomainAzureAdOne;
+    tenantId?: Management.ConnectionTenantIdAzureAd;
+    thumbprints?: Management.ConnectionThumbprints;
+    upstream_params?: Management.ConnectionUpstreamParamsAzureAd | undefined;
+    /** Indicates WS-Federation protocol usage. When true, uses WS-Federation; when false, uses OpenID Connect. */
+    use_wsfed?: boolean;
+    useCommonEndpoint?: Management.ConnectionUseCommonEndpointAzureAd;
+    userid_attribute?: Management.ConnectionUseridAttributeAzureAd;
+    waad_protocol?: Management.ConnectionWaadProtocol;
+}
 
 export type ConnectionOptionsBaidu = Management.ConnectionOptionsOAuth2Common;
 
@@ -3182,14 +3654,42 @@ export type ConnectionOptionsBitly = Management.ConnectionOptionsOAuth2Common;
 export type ConnectionOptionsBox = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * Common attributes for connection options including non-persistent attributes and cross-app access
+ * Common attributes for connection options including non-persistent attributes and Cross App Access
  */
 export interface ConnectionOptionsCommon {
-    non_persistent_attrs?: (Management.ConnectionNonPersistentAttrs | undefined) | null;
+    non_persistent_attrs?: Management.ConnectionNonPersistentAttrs;
 }
 
 /**
- * options for the 'custom' connection
+ * common options for OIDC connections
+ */
+export interface ConnectionOptionsCommonOidc {
+    authorization_endpoint?: Management.ConnectionAuthorizationEndpoint;
+    client_id: Management.ConnectionClientIdOidc;
+    client_secret?: Management.ConnectionClientSecretOidc;
+    connection_settings?: Management.ConnectionConnectionSettings;
+    federated_connections_access_tokens?: Management.ConnectionFederatedConnectionsAccessTokens | null;
+    domain_aliases?: Management.ConnectionDomainAliasesOne;
+    icon_url?: Management.ConnectionIconUrl;
+    id_token_signed_response_algs?: (Management.ConnectionIdTokenSignedResponseAlgs | undefined) | null;
+    issuer?: Management.ConnectionIssuer;
+    jwks_uri?: Management.ConnectionJwksUri;
+    oidc_metadata?: Management.ConnectionOptionsOidcMetadata;
+    scope?: Management.ConnectionScopeOidc;
+    send_back_channel_nonce?: Management.ConnectionSendBackChannelNonce;
+    set_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum;
+    tenant_domain?: (Management.ConnectionTenantDomain | undefined) | null;
+    token_endpoint?: Management.ConnectionTokenEndpointOidc;
+    token_endpoint_auth_method?: Management.ConnectionTokenEndpointAuthMethodEnum | null;
+    token_endpoint_auth_signing_alg?: Management.ConnectionTokenEndpointAuthSigningAlgEnum | null;
+    upstream_params?: Management.ConnectionUpstreamParamsOidc | undefined;
+    userinfo_endpoint?: Management.ConnectionUserinfoEndpointOidc;
+    /** Accepts any additional properties */
+    [key: string]: any;
+}
+
+/**
+ * Options for the 'custom' connection
  */
 export type ConnectionOptionsCustom = Record<string, unknown>;
 
@@ -3200,7 +3700,7 @@ export type ConnectionOptionsDropbox = Management.ConnectionOptionsOAuth2Common;
 export type ConnectionOptionsDwolla = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'email' connection
+ * Options for the 'email' connection
  */
 export type ConnectionOptionsEmail = Record<string, unknown>;
 
@@ -3213,37 +3713,176 @@ export type ConnectionOptionsEvernoteSandbox = Management.ConnectionOptionsEvern
 export type ConnectionOptionsExact = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'facebook' connection
+ * Options for the 'facebook' connection
  */
 export type ConnectionOptionsFacebook = Record<string, unknown>;
 
 /**
- * options for the 'fitbit' connection
+ * Options for the 'fitbit' connection
  */
 export type ConnectionOptionsFitbit = Record<string, unknown>;
 
 /**
- * options for the 'flickr' connection
+ * Options for the 'flickr' connection
  */
 export type ConnectionOptionsFlickr = Record<string, unknown>;
 
 /**
- * options for the 'github' connection
+ * Options for the 'github' connection
  */
 export type ConnectionOptionsGitHub = Record<string, unknown>;
 
 /**
- * options for the 'google-apps' connection
+ * Options for the 'google-apps' connection
  */
 export type ConnectionOptionsGoogleApps = Record<string, unknown>;
 
 /**
- * options for the 'google-oauth2' connection
- */
-export type ConnectionOptionsGoogleOAuth2 = Record<string, unknown>;
-
-/**
- * options for the 'ip' connection
+ * Options for the 'google-oauth2' connection
+ */
+export interface ConnectionOptionsGoogleOAuth2 extends Management.ConnectionOptionsCommon {
+    /** View and manage user's ad applications, ad units, and channels in AdSense */
+    adsense_management?: boolean;
+    allowed_audiences?: Management.ConnectionAllowedAudiencesGoogleOAuth2;
+    /** View user's configuration information and reports */
+    analytics?: boolean;
+    /** View and manage user's posts and blogs on Blogger and Blogger comments */
+    blogger?: boolean;
+    /** See, edit, share, and permanently delete all the calendars you can access using Google Calendar */
+    calendar?: boolean;
+    /** Run as a Calendar add-on */
+    calendar_addons_execute?: boolean;
+    /** View and edit events on all your calendars */
+    calendar_events?: boolean;
+    /** View events on all your calendars */
+    calendar_events_readonly?: boolean;
+    /** View your Calendar settings */
+    calendar_settings_readonly?: boolean;
+    /** Read access to user's chrome web store */
+    chrome_web_store?: boolean;
+    client_id?: (Management.ConnectionClientIdGoogleOAuth2 | undefined) | null;
+    client_secret?: (Management.ConnectionClientSecretGoogleOAuth2 | undefined) | null;
+    /** Full access to the authenticated user's contacts */
+    contacts?: boolean;
+    /** Full access to the authenticated user's contacts */
+    contacts_new?: boolean;
+    /** Read-only access to the authenticated user's 'Other contacts' */
+    contacts_other_readonly?: boolean;
+    /** Read-only access to the authenticated user's contacts */
+    contacts_readonly?: boolean;
+    /** View and manage user's products, feeds, and subaccounts */
+    content_api_for_shopping?: boolean;
+    /** Grants read and write access to the Coordinate API */
+    coordinate?: boolean;
+    /** Grants read access to the Coordinate API */
+    coordinate_readonly?: boolean;
+    /** Read-only access to the authenticated user's corporate directory (if applicable) */
+    directory_readonly?: boolean;
+    /** Access to Google Docs document list feed */
+    document_list?: boolean;
+    /** Full access to all files and folders in the user's Google Drive */
+    drive?: boolean;
+    /** View and add to the activity record of files in your Drive */
+    drive_activity?: boolean;
+    /** View the activity record of files in your Drive */
+    drive_activity_readonly?: boolean;
+    /** Access to the application's configuration data in the user's Google Drive */
+    drive_appdata?: boolean;
+    /** View apps authorized to access your Drive */
+    drive_apps_readonly?: boolean;
+    /** Access to files created or opened by the app */
+    drive_file?: boolean;
+    /** Access to file metadata, including listing files and folders */
+    drive_metadata?: boolean;
+    /** Read-only access to file metadata */
+    drive_metadata_readonly?: boolean;
+    /** Read-only access to the user's Google Photos */
+    drive_photos_readonly?: boolean;
+    /** Read-only access to all files and folders in the user's Google Drive */
+    drive_readonly?: boolean;
+    /** Modify the behavior of Google Apps Scripts */
+    drive_scripts?: boolean;
+    /** Email and verified email flag */
+    email?: boolean;
+    freeform_scopes?: Management.ConnectionFreeformScopesGoogleOAuth2;
+    /** Full access to the account's mailboxes, including permanent deletion of threads and messages */
+    gmail?: boolean;
+    /** Read all resources and their metadata—no write operations */
+    gmail_compose?: boolean;
+    /** Insert and import messages only */
+    gmail_insert?: boolean;
+    /** Create, read, update, and delete labels only */
+    gmail_labels?: boolean;
+    /** Read resources metadata including labels, history records, and email message headers, but not the message body or attachments */
+    gmail_metadata?: boolean;
+    /** All read/write operations except immediate, permanent deletion of threads and messages, bypassing Trash */
+    gmail_modify?: boolean;
+    /** Full access to the account's mailboxes, including permanent deletion of threads and messages */
+    gmail_new?: boolean;
+    /** Read all resources and their metadata—no write operations */
+    gmail_readonly?: boolean;
+    /** Send messages only. No read or modify privileges on mailbox */
+    gmail_send?: boolean;
+    /** Manage basic mail settings */
+    gmail_settings_basic?: boolean;
+    /** Manage sensitive mail settings, including forwarding rules and aliases. Note: Operations guarded by this scope are restricted to administrative use only */
+    gmail_settings_sharing?: boolean;
+    /** View and manage user's publisher data in the Google Affiliate Network */
+    google_affiliate_network?: boolean;
+    /** View and manage user's books and library in Google Books */
+    google_books?: boolean;
+    /** View and manage user's data stored in Google Cloud Storage */
+    google_cloud_storage?: boolean;
+    /** Full access to all files and folders in the user's Google Drive */
+    google_drive?: boolean;
+    /** Access to files created or opened by the app */
+    google_drive_files?: boolean;
+    /** Associate user with its public Google profile */
+    google_plus?: boolean;
+    icon_url?: Management.ConnectionIconUrlGoogleOAuth2;
+    /** View and manage user's best-available current location and location history in Google Latitude */
+    latitude_best?: boolean;
+    /** View and manage user's city-level current location and location history in Google Latitude */
+    latitude_city?: boolean;
+    /** View and manage user's votes, topics, and submissions */
+    moderator?: boolean;
+    /** Request a refresh token when the user authorizes your application */
+    offline_access?: boolean;
+    /** View and manage user's friends, applications and profile and status */
+    orkut?: boolean;
+    /** View and manage user's Google photos, videos, photo and video tags and comments */
+    picasa_web?: boolean;
+    /** Name, public profile URL, photo, country, language, and timezone */
+    profile?: boolean;
+    scope?: Management.ConnectionScopeGoogleOAuth2;
+    set_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum;
+    /** View and manage user's sites on Google Sites */
+    sites?: boolean;
+    /** Full access to create, edit, organize, and delete all your tasks */
+    tasks?: boolean;
+    /** Read-only access to view your tasks and task lists */
+    tasks_readonly?: boolean;
+    upstream_params?: (Management.ConnectionUpstreamParams | undefined) | null;
+    /** View, manage and view statistics user's short URLs */
+    url_shortener?: boolean;
+    /** View and manage user's sites and messages, view keywords */
+    webmaster_tools?: boolean;
+    /** Manage your YouTube account */
+    youtube?: boolean;
+    /** See a list of your current active channel members, their current level, and when they became a member */
+    youtube_channelmemberships_creator?: boolean;
+    /** Manage your YouTube account */
+    youtube_new?: boolean;
+    /** View your YouTube account */
+    youtube_readonly?: boolean;
+    /** Manage your YouTube videos */
+    youtube_upload?: boolean;
+    /** View and manage your assets and associated content on YouTube */
+    youtubepartner?: boolean;
+}
+
+/**
+ * Options for the 'ip' connection
  */
 export type ConnectionOptionsIp = Record<string, unknown>;
 
@@ -3252,18 +3891,40 @@ export type ConnectionOptionsInstagram = Management.ConnectionOptionsOAuth2Commo
 export type ConnectionOptionsLine = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'linkedin' connection
+ * Options for the 'linkedin' connection
  */
 export type ConnectionOptionsLinkedin = Record<string, unknown>;
 
 export type ConnectionOptionsMiicard = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'oauth1' connection
+ * Options for the 'oauth1' connection
  */
 export type ConnectionOptionsOAuth1 = Record<string, unknown>;
 
-export type ConnectionOptionsOAuth2 = Management.ConnectionOptionsOAuth2Common;
+/**
+ * Options for the 'oauth2' connection
+ */
+export interface ConnectionOptionsOAuth2 extends Management.ConnectionOptionsCommon {
+    authParams?: Management.ConnectionAuthParamsOAuth2;
+    authParamsMap?: Management.ConnectionAuthParamsMap;
+    authorizationURL?: Management.ConnectionAuthorizationEndpointOAuth2;
+    client_id?: Management.ConnectionClientIdOAuth2;
+    client_secret?: Management.ConnectionClientSecretOAuth2;
+    customHeaders?: Management.ConnectionCustomHeadersOAuth2;
+    fieldsMap?: Management.ConnectionFieldsMap;
+    icon_url?: Management.ConnectionIconUrl;
+    logoutUrl?: Management.ConnectionEndSessionEndpointOAuth2;
+    /** When true, enables Proof Key for Code Exchange (PKCE) for the authorization code flow. PKCE provides additional security by preventing authorization code interception attacks. */
+    pkce_enabled?: boolean;
+    scope?: Management.ConnectionScopeOAuth2;
+    scripts?: Management.ConnectionScriptsOAuth2;
+    set_user_root_attributes?: Management.ConnectionSetUserRootAttributesEnum;
+    tokenURL?: Management.ConnectionTokenEndpointOAuth2;
+    upstream_params?: (Management.ConnectionUpstreamParams | undefined) | null;
+    /** When true, uses space-delimited scopes (per OAuth 2.0 spec) instead of comma-delimited when calling the identity provider's authorization endpoint. Only relevant when using the connection_scope parameter. See https://auth0.com/docs/authenticate/identity-providers/adding-scopes-for-an-external-idp#pass-scopes-to-authorize-endpoint */
+    useOauthSpecScope?: boolean;
+}
 
 export interface ConnectionOptionsOAuth2Common extends Management.ConnectionOptionsCommon {
     client_id?: Management.ConnectionClientId;
@@ -3273,43 +3934,99 @@ export interface ConnectionOptionsOAuth2Common extends Management.ConnectionOpti
 }
 
 /**
- * options for the 'oidc' connection
- */
-export type ConnectionOptionsOidc = Record<string, unknown>;
+ * Options for the 'oidc' connection
+ */
+export interface ConnectionOptionsOidc
+    extends Management.ConnectionOptionsCommonOidc,
+        Management.ConnectionOptionsCommon {
+    attribute_map?: Management.ConnectionAttributeMapOidc;
+    discovery_url?: Management.ConnectionDiscoveryUrl;
+    type?: Management.ConnectionTypeEnumOidc;
+}
+
+/**
+ * OpenID Connect Provider Metadata as per https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
+ */
+export interface ConnectionOptionsOidcMetadata {
+    acr_values_supported?: Management.ConnectionAcrValuesSupported;
+    authorization_endpoint: Management.ConnectionAuthorizationEndpoint;
+    claim_types_supported?: Management.ConnectionClaimTypesSupported;
+    claims_locales_supported?: Management.ConnectionClaimsLocalesSupported;
+    claims_parameter_supported?: Management.ConnectionClaimsParameterSupported;
+    claims_supported?: Management.ConnectionClaimsSupported;
+    display_values_supported?: Management.ConnectionDisplayValuesSupported;
+    end_session_endpoint?: Management.ConnectionEndSessionEndpoint;
+    grant_types_supported?: Management.ConnectionGrantTypesSupported;
+    id_token_encryption_alg_values_supported?: Management.ConnectionIdTokenEncryptionAlgValuesSupported;
+    id_token_encryption_enc_values_supported?: Management.ConnectionIdTokenEncryptionEncValuesSupported;
+    id_token_signing_alg_values_supported: Management.ConnectionIdTokenSigningAlgValuesSupported;
+    issuer: Management.ConnectionIssuer;
+    jwks_uri: Management.ConnectionJwksUri;
+    op_policy_uri?: Management.ConnectionOpPolicyUri;
+    op_tos_uri?: Management.ConnectionOpTosUri;
+    registration_endpoint?: Management.ConnectionRegistrationEndpoint;
+    request_object_encryption_alg_values_supported?: Management.ConnectionRequestObjectEncryptionAlgValuesSupported;
+    request_object_encryption_enc_values_supported?: Management.ConnectionRequestObjectEncryptionEncValuesSupported;
+    request_object_signing_alg_values_supported?: Management.ConnectionRequestObjectSigningAlgValuesSupported;
+    request_parameter_supported?: Management.ConnectionRequestParameterSupported;
+    request_uri_parameter_supported?: Management.ConnectionRequestUriParameterSupported;
+    require_request_uri_registration?: Management.ConnectionRequireRequestUriRegistration;
+    response_modes_supported?: Management.ConnectionResponseModesSupported;
+    response_types_supported?: Management.ConnectionResponseTypesSupported;
+    scopes_supported?: (Management.ConnectionScopesSupported | undefined) | null;
+    service_documentation?: Management.ConnectionServiceDocumentation;
+    subject_types_supported?: Management.ConnectionSubjectTypesSupported;
+    token_endpoint?: Management.ConnectionTokenEndpoint;
+    token_endpoint_auth_methods_supported?: Management.ConnectionTokenEndpointAuthMethodsSupported;
+    token_endpoint_auth_signing_alg_values_supported?: Management.ConnectionTokenEndpointAuthSigningAlgValuesSupported;
+    ui_locales_supported?: Management.ConnectionUiLocalesSupported;
+    userinfo_encryption_alg_values_supported?: Management.ConnectionUserinfoEncryptionAlgValuesSupported;
+    userinfo_encryption_enc_values_supported?: Management.ConnectionUserinfoEncryptionEncValuesSupported;
+    userinfo_endpoint?: Management.ConnectionUserinfoEndpoint;
+    userinfo_signing_alg_values_supported?: Management.ConnectionUserinfoSigningAlgValuesSupported;
+    /** Accepts any additional properties */
+    [key: string]: any;
+}
 
 /**
- * options for the 'office365' connection
+ * Options for the 'office365' connection
  */
 export type ConnectionOptionsOffice365 = Record<string, unknown>;
 
 /**
- * options for the 'okta' connection
+ * Options for the 'okta' connection
  */
-export type ConnectionOptionsOkta = Record<string, unknown>;
+export interface ConnectionOptionsOkta
+    extends Management.ConnectionOptionsCommonOidc,
+        Management.ConnectionOptionsCommon {
+    attribute_map?: Management.ConnectionAttributeMapOkta;
+    domain?: Management.ConnectionDomainOkta;
+    type?: Management.ConnectionTypeEnumOkta;
+}
 
 export type ConnectionOptionsPaypal = Management.ConnectionOptionsOAuth2Common;
 
 export type ConnectionOptionsPaypalSandbox = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'pingfederate' connection
+ * Options for the 'pingfederate' connection
  */
 export type ConnectionOptionsPingFederate = Record<string, unknown>;
 
 /**
- * options for the 'planningcenter' connection
+ * Options for the 'planningcenter' connection
  */
 export type ConnectionOptionsPlanningCenter = Record<string, unknown>;
 
 export type ConnectionOptionsRenren = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'samlp' connection
+ * Options for the 'samlp' connection
  */
 export type ConnectionOptionsSaml = Record<string, unknown>;
 
 /**
- * options for the 'sms' connection
+ * Options for the 'sms' connection
  */
 export type ConnectionOptionsSms = Record<string, unknown>;
 
@@ -3324,7 +4041,7 @@ export type ConnectionOptionsSalesforceSandbox = Management.ConnectionOptionsSal
 export type ConnectionOptionsSharepoint = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'shop' connection
+ * Options for the 'shop' connection
  */
 export type ConnectionOptionsShop = Record<string, unknown>;
 
@@ -3339,7 +4056,7 @@ export type ConnectionOptionsTheCitySandbox = Management.ConnectionOptionsOAuth2
 export type ConnectionOptionsThirtySevenSignals = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'twitter' connection
+ * Options for the 'twitter' connection
  */
 export type ConnectionOptionsTwitter = Record<string, unknown>;
 
@@ -3350,7 +4067,7 @@ export type ConnectionOptionsVkontakte = Management.ConnectionOptionsOAuth2Commo
 export type ConnectionOptionsWeibo = Management.ConnectionOptionsOAuth2Common;
 
 /**
- * options for the 'windowslive' connection
+ * Options for the 'windowslive' connection
  */
 export type ConnectionOptionsWindowsLive = Record<string, unknown>;
 
@@ -3590,6 +4307,16 @@ export interface ConnectionPropertiesOptions {
     [key: string]: any;
 }
 
+/**
+ * A ticket used for provisioning the connection
+ */
+export type ConnectionProvisioningTicket = string;
+
+/**
+ * A ticket used for provisioning the connection
+ */
+export type ConnectionProvisioningTicketUrl = string;
+
 /**
  * Indicates whether to use realm fallback.
  */
@@ -3600,652 +4327,607 @@ export type ConnectionRealmFallback = boolean;
  */
 export type ConnectionRealms = string[];
 
-export interface ConnectionRequestCommon {
-    display_name?: Management.ConnectionDisplayName;
-    enabled_clients?: Management.ConnectionEnabledClients;
-    is_domain_connection?: Management.ConnectionIsDomainConnection;
-    show_as_button?: Management.ConnectionShowAsButton;
-    realms?: Management.ConnectionRealms;
-    metadata?: Management.ConnectionsMetadata;
-    authentication?: Management.ConnectionAuthenticationPurpose;
-    connected_accounts?: Management.ConnectionConnectedAccountsPurpose;
-}
+export type ConnectionRegistrationEndpoint = Management.ConnectionHttpsUrlWithHttpFallback;
+
+/**
+ * JSON array containing a list of the JWE encryption algorithms (alg values) supported by the OP for Request Objects. These algorithms are used both when the Request Object is passed by value and when it is passed by reference.
+ */
+export type ConnectionRequestObjectEncryptionAlgValuesSupported = string[];
+
+/**
+ * JSON array containing a list of the JWE encryption algorithms (enc values) supported by the OP for Request Objects. These algorithms are used both when the Request Object is passed by value and when it is passed by reference.
+ */
+export type ConnectionRequestObjectEncryptionEncValuesSupported = string[];
+
+/**
+ * JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects, which are described in Section 6.1 of OpenID Connect Core 1.0 [OpenID.Core]. These algorithms are used both when the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter). Servers SHOULD support none and RS256.
+ */
+export type ConnectionRequestObjectSigningAlgValuesSupported = string[];
+
+/**
+ * Boolean value specifying whether the OP supports use of the request parameter, with true indicating support. If omitted, the default value is false.
+ */
+export type ConnectionRequestParameterSupported = boolean;
+
+/**
+ * Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support. If omitted, the default value is false.
+ */
+export type ConnectionRequestUriParameterSupported = boolean;
+
+/**
+ * Boolean value specifying whether the OP requires use of the request_uri parameter. If omitted, the default value is false.
+ */
+export type ConnectionRequireRequestUriRegistration = boolean;
 
 /**
  * Indicates whether the user is required to provide a username in addition to an email address.
  */
 export type ConnectionRequiresUsername = boolean;
 
-export interface ConnectionResponseCommon extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseCommon extends Management.CreateConnectionCommon {
     id?: Management.ConnectionId;
-    strategy?: Management.ConnectionIdentityProviderEnum;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=ad
  */
-export interface ConnectionResponseContentAd extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentAd extends Management.ConnectionResponseCommon {
     strategy: "ad";
     options?: Management.ConnectionOptionsAd;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=adfs
  */
-export interface ConnectionResponseContentAdfs extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentAdfs extends Management.ConnectionResponseCommon {
     strategy: "adfs";
     options?: Management.ConnectionOptionsAdfs;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=aol
  */
-export interface ConnectionResponseContentAol extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentAol extends Management.ConnectionResponseCommon {
     strategy: "aol";
     options?: Management.ConnectionOptionsAol;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=amazon
  */
-export interface ConnectionResponseContentAmazon extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentAmazon extends Management.ConnectionResponseCommon {
     strategy: "amazon";
     options?: Management.ConnectionOptionsAmazon;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=apple
  */
-export interface ConnectionResponseContentApple extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentApple extends Management.ConnectionResponseCommon {
     strategy: "apple";
     options?: Management.ConnectionOptionsApple;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=auth0
  */
-export interface ConnectionResponseContentAuth0 extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentAuth0 extends Management.ConnectionResponseCommon {
     strategy: "auth0";
     options?: Management.ConnectionOptionsAuth0;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=auth0-oidc
  */
-export interface ConnectionResponseContentAuth0Oidc extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentAuth0Oidc extends Management.ConnectionResponseCommon {
     strategy: "auth0-oidc";
     options?: Management.ConnectionOptionsAuth0Oidc;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=waad
  */
-export interface ConnectionResponseContentAzureAd extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentAzureAd extends Management.ConnectionResponseCommon {
     strategy: "waad";
     options?: Management.ConnectionOptionsAzureAd;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
+    provisioning_ticket?: Management.ConnectionProvisioningTicket;
+    provisioning_ticket_url?: Management.ConnectionProvisioningTicketUrl;
+    strategy_version?: Management.ConnectionStrategyVersionEnumAzureAd;
 }
 
 /**
  * Response for connections with strategy=baidu
  */
-export interface ConnectionResponseContentBaidu extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentBaidu extends Management.ConnectionResponseCommon {
     strategy: "baidu";
     options?: Management.ConnectionOptionsBaidu;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=bitbucket
  */
-export interface ConnectionResponseContentBitbucket extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentBitbucket extends Management.ConnectionResponseCommon {
     strategy: "bitbucket";
     options?: Management.ConnectionOptionsBitbucket;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=bitly
  */
-export interface ConnectionResponseContentBitly extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentBitly extends Management.ConnectionResponseCommon {
     strategy: "bitly";
     options?: Management.ConnectionOptionsBitly;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=box
  */
-export interface ConnectionResponseContentBox extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentBox extends Management.ConnectionResponseCommon {
     strategy: "box";
     options?: Management.ConnectionOptionsBox;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=custom
  */
-export interface ConnectionResponseContentCustom extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentCustom extends Management.ConnectionResponseCommon {
     strategy: "custom";
     options?: Management.ConnectionOptionsCustom;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=daccount
  */
-export interface ConnectionResponseContentDaccount extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentDaccount extends Management.ConnectionResponseCommon {
     strategy: "daccount";
     options?: Management.ConnectionOptionsDaccount;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=dropbox
  */
-export interface ConnectionResponseContentDropbox extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentDropbox extends Management.ConnectionResponseCommon {
     strategy: "dropbox";
     options?: Management.ConnectionOptionsDropbox;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=dwolla
  */
-export interface ConnectionResponseContentDwolla extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentDwolla extends Management.ConnectionResponseCommon {
     strategy: "dwolla";
     options?: Management.ConnectionOptionsDwolla;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=email
  */
-export interface ConnectionResponseContentEmail extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentEmail extends Management.ConnectionResponseCommon {
     strategy: "email";
     options?: Management.ConnectionOptionsEmail;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=evernote
  */
-export interface ConnectionResponseContentEvernote extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentEvernote extends Management.ConnectionResponseCommon {
     strategy: "evernote";
     options?: Management.ConnectionOptionsEvernote;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=evernote-sandbox
  */
-export interface ConnectionResponseContentEvernoteSandbox extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentEvernoteSandbox extends Management.ConnectionResponseCommon {
     strategy: "evernote-sandbox";
     options?: Management.ConnectionOptionsEvernoteSandbox;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=exact
  */
-export interface ConnectionResponseContentExact extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentExact extends Management.ConnectionResponseCommon {
     strategy: "exact";
     options?: Management.ConnectionOptionsExact;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=facebook
  */
-export interface ConnectionResponseContentFacebook extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentFacebook extends Management.ConnectionResponseCommon {
     strategy: "facebook";
     options?: Management.ConnectionOptionsFacebook;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=fitbit
  */
-export interface ConnectionResponseContentFitbit extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentFitbit extends Management.ConnectionResponseCommon {
     strategy: "fitbit";
     options?: Management.ConnectionOptionsFitbit;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=flickr
  */
-export interface ConnectionResponseContentFlickr extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentFlickr extends Management.ConnectionResponseCommon {
     strategy: "flickr";
     options?: Management.ConnectionOptionsFlickr;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=github
  */
-export interface ConnectionResponseContentGitHub extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentGitHub extends Management.ConnectionResponseCommon {
     strategy: "github";
     options?: Management.ConnectionOptionsGitHub;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=google-apps
  */
-export interface ConnectionResponseContentGoogleApps extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentGoogleApps extends Management.ConnectionResponseCommon {
     strategy: "google-apps";
     options?: Management.ConnectionOptionsGoogleApps;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=google-oauth2
  */
-export interface ConnectionResponseContentGoogleOAuth2 extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentGoogleOAuth2 extends Management.ConnectionResponseCommon {
     strategy: "google-oauth2";
     options?: Management.ConnectionOptionsGoogleOAuth2;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=ip
  */
-export interface ConnectionResponseContentIp extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentIp extends Management.ConnectionResponseCommon {
     strategy: "ip";
     options?: Management.ConnectionOptionsIp;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=instagram
  */
-export interface ConnectionResponseContentInstagram extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentInstagram extends Management.ConnectionResponseCommon {
     strategy: "instagram";
     options?: Management.ConnectionOptionsInstagram;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=line
  */
-export interface ConnectionResponseContentLine extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentLine extends Management.ConnectionResponseCommon {
     strategy: "line";
     options?: Management.ConnectionOptionsLine;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=linkedin
  */
-export interface ConnectionResponseContentLinkedin extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentLinkedin extends Management.ConnectionResponseCommon {
     strategy: "linkedin";
     options?: Management.ConnectionOptionsLinkedin;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=miicard
  */
-export interface ConnectionResponseContentMiicard extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentMiicard extends Management.ConnectionResponseCommon {
     strategy: "miicard";
     options?: Management.ConnectionOptionsMiicard;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=oauth1
  */
-export interface ConnectionResponseContentOAuth1 extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentOAuth1 extends Management.ConnectionResponseCommon {
     strategy: "oauth1";
     options?: Management.ConnectionOptionsOAuth1;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=oauth2
  */
-export interface ConnectionResponseContentOAuth2 extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentOAuth2 extends Management.ConnectionResponseCommon {
     strategy: "oauth2";
     options?: Management.ConnectionOptionsOAuth2;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=oidc
  */
-export interface ConnectionResponseContentOidc extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentOidc extends Management.ConnectionResponseCommon {
     strategy: "oidc";
     options?: Management.ConnectionOptionsOidc;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=office365
  */
-export interface ConnectionResponseContentOffice365 extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentOffice365 extends Management.ConnectionResponseCommon {
     strategy: "office365";
     options?: Management.ConnectionOptionsOffice365;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=okta
  */
-export interface ConnectionResponseContentOkta extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentOkta extends Management.ConnectionResponseCommon {
     strategy: "okta";
     options?: Management.ConnectionOptionsOkta;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=paypal
  */
-export interface ConnectionResponseContentPaypal extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentPaypal extends Management.ConnectionResponseCommon {
     strategy: "paypal";
     options?: Management.ConnectionOptionsPaypal;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=paypal-sandbox
  */
-export interface ConnectionResponseContentPaypalSandbox extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentPaypalSandbox extends Management.ConnectionResponseCommon {
     strategy: "paypal-sandbox";
     options?: Management.ConnectionOptionsPaypalSandbox;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=pingfederate
  */
-export interface ConnectionResponseContentPingFederate extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentPingFederate extends Management.ConnectionResponseCommon {
     strategy: "pingfederate";
     options?: Management.ConnectionOptionsPingFederate;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=planningcenter
  */
-export interface ConnectionResponseContentPlanningCenter extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentPlanningCenter extends Management.ConnectionResponseCommon {
     strategy: "planningcenter";
     options?: Management.ConnectionOptionsPlanningCenter;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=renren
  */
-export interface ConnectionResponseContentRenren extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentRenren extends Management.ConnectionResponseCommon {
     strategy: "renren";
     options?: Management.ConnectionOptionsRenren;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=samlp
  */
-export interface ConnectionResponseContentSaml extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentSaml extends Management.ConnectionResponseCommon {
     strategy: "samlp";
     options?: Management.ConnectionOptionsSaml;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=sms
  */
-export interface ConnectionResponseContentSms extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentSms extends Management.ConnectionResponseCommon {
     strategy: "sms";
     options?: Management.ConnectionOptionsSms;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=salesforce
  */
-export interface ConnectionResponseContentSalesforce extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentSalesforce extends Management.ConnectionResponseCommon {
     strategy: "salesforce";
     options?: Management.ConnectionOptionsSalesforce;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=salesforce-community
  */
-export interface ConnectionResponseContentSalesforceCommunity extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentSalesforceCommunity extends Management.ConnectionResponseCommon {
     strategy: "salesforce-community";
     options?: Management.ConnectionOptionsSalesforceCommunity;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=salesforce-sandbox
  */
-export interface ConnectionResponseContentSalesforceSandbox extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentSalesforceSandbox extends Management.ConnectionResponseCommon {
     strategy: "salesforce-sandbox";
     options?: Management.ConnectionOptionsSalesforceSandbox;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=sharepoint
  */
-export interface ConnectionResponseContentSharepoint extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentSharepoint extends Management.ConnectionResponseCommon {
     strategy: "sharepoint";
     options?: Management.ConnectionOptionsSharepoint;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=shop
  */
-export interface ConnectionResponseContentShop extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentShop extends Management.ConnectionResponseCommon {
     strategy: "shop";
     options?: Management.ConnectionOptionsShop;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=shopify
  */
-export interface ConnectionResponseContentShopify extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentShopify extends Management.ConnectionResponseCommon {
     strategy: "shopify";
     options?: Management.ConnectionOptionsShopify;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=soundcloud
  */
-export interface ConnectionResponseContentSoundcloud extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentSoundcloud extends Management.ConnectionResponseCommon {
     strategy: "soundcloud";
     options?: Management.ConnectionOptionsSoundcloud;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=thecity
  */
-export interface ConnectionResponseContentTheCity extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentTheCity extends Management.ConnectionResponseCommon {
     strategy: "thecity";
     options?: Management.ConnectionOptionsTheCity;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=thecity-sandbox
  */
-export interface ConnectionResponseContentTheCitySandbox extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentTheCitySandbox extends Management.ConnectionResponseCommon {
     strategy: "thecity-sandbox";
     options?: Management.ConnectionOptionsTheCitySandbox;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=thirtysevensignals
  */
-export interface ConnectionResponseContentThirtySevenSignals extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentThirtySevenSignals extends Management.ConnectionResponseCommon {
     strategy: "thirtysevensignals";
     options?: Management.ConnectionOptionsThirtySevenSignals;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=twitter
  */
-export interface ConnectionResponseContentTwitter extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentTwitter extends Management.ConnectionResponseCommon {
     strategy: "twitter";
     options?: Management.ConnectionOptionsTwitter;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=untappd
  */
-export interface ConnectionResponseContentUntappd extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentUntappd extends Management.ConnectionResponseCommon {
     strategy: "untappd";
     options?: Management.ConnectionOptionsUntappd;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=vkontakte
  */
-export interface ConnectionResponseContentVkontakte extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentVkontakte extends Management.ConnectionResponseCommon {
     strategy: "vkontakte";
     options?: Management.ConnectionOptionsVkontakte;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=weibo
  */
-export interface ConnectionResponseContentWeibo extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentWeibo extends Management.ConnectionResponseCommon {
     strategy: "weibo";
     options?: Management.ConnectionOptionsWeibo;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=windowslive
  */
-export interface ConnectionResponseContentWindowsLive extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentWindowsLive extends Management.ConnectionResponseCommon {
     strategy: "windowslive";
     options?: Management.ConnectionOptionsWindowsLive;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=wordpress
  */
-export interface ConnectionResponseContentWordpress extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentWordpress extends Management.ConnectionResponseCommon {
     strategy: "wordpress";
     options?: Management.ConnectionOptionsWordpress;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=yahoo
  */
-export interface ConnectionResponseContentYahoo extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentYahoo extends Management.ConnectionResponseCommon {
     strategy: "yahoo";
     options?: Management.ConnectionOptionsYahoo;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=yammer
  */
-export interface ConnectionResponseContentYammer extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentYammer extends Management.ConnectionResponseCommon {
     strategy: "yammer";
     options?: Management.ConnectionOptionsYammer;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
  * Response for connections with strategy=yandex
  */
-export interface ConnectionResponseContentYandex extends Management.ConnectionRequestCommon {
+export interface ConnectionResponseContentYandex extends Management.ConnectionResponseCommon {
     strategy: "yandex";
     options?: Management.ConnectionOptionsYandex;
-    id?: Management.ConnectionId;
-    name?: Management.ConnectionName;
 }
 
 /**
- * Space separated list of scopes
+ * A list of the OAuth 2.0 response_mode values that this OP supports. If omitted, the default for Dynamic OpenID Providers is ["query", "fragment"]
+ */
+export type ConnectionResponseModesSupported = string[];
+
+/**
+ * A list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values
+ */
+export type ConnectionResponseTypesSupported = string[];
+
+/**
+ * Array of custom OAuth 2.0 scopes to request during authentication.
+ */
+export type ConnectionScopeArray = Management.ConnectionScopeItem[];
+
+/**
+ * OAuth 2.0 scopes to request from Azure AD during authentication. Each scope represents a permission (e.g., 'User.Read', 'Group.Read.All'). Only applies with Microsoft Identity Platform v2.0. See Microsoft Graph permissions reference for available scopes.
+ */
+export type ConnectionScopeAzureAd = string[];
+
+/**
+ * Array of OAuth 2.0 scopes requested during Google authentication.
+ */
+export type ConnectionScopeGoogleOAuth2 = Management.ConnectionScopeArray;
+
+/**
+ * A single OAuth 2.0 scope string
+ */
+export type ConnectionScopeItem = string;
+
+/**
+ * OAuth 2.0 scopes requested from the identity provider during authorization. Determines what user information and permissions Auth0 can access. Can be specified as a space-delimited string (e.g., 'openid profile email') or array of scope values. The 'useOauthSpecScope' setting controls delimiter behavior when using connection_scope parameter.
+ */
+export type ConnectionScopeOAuth2 = string | string[];
+
+/**
+ * Space-separated list of scopes requested during /authorize. Must contain openid, typically contains 'openid profile email'
+ */
+export type ConnectionScopeOidc = string;
+
+/**
+ * A list of the OAuth 2.0 [RFC6749] scope values that this server supports. The server MUST support the openid scope value. Servers MAY choose not to advertise some supported scope values even when this parameter is used, although those defined in [OpenID.Core] SHOULD be listed, if supported. RECOMMENDED but not REQUIRED
+ */
+export type ConnectionScopesSupported = (string[] | null) | undefined;
+
+/**
+ * Custom scripts to transform user profile data or modify OAuth2 flow behavior
+ */
+export interface ConnectionScriptsOAuth2 {
+    /** Custom JavaScript function to retrieve and transform user profile data from the identity provider. Called with the access token and token exchange response. Must return a user profile object. Executed in a sandboxed environment. If not provided, an empty profile object is used. */
+    fetchUserProfile?: string;
+    /** Custom JavaScript function to dynamically construct the logout URL for the identity provider. Called with the request query parameters and must invoke a callback with the logout URL. Only used if 'logoutUrl' is not configured. Executed in a sandboxed environment. */
+    getLogoutUrl?: string;
+}
+
+/**
+ * whether to send a nonce to the identity provider when `type=back_channel`
  */
-export type ConnectionScopeString = string;
+export type ConnectionSendBackChannelNonce = boolean;
+
+export type ConnectionServiceDocumentation = Management.ConnectionHttpsUrlWithHttpFallback;
 
 /** When using an external IdP, this flag determines  whether 'name', 'given_name', 'family_name', 'nickname', and 'picture' attributes are updated. In addition, it also determines whether the user is created when user doesnt exist previously. Possible values are 'on_each_login' (default value, it configures the connection to automatically create the user if necessary and update the root attributes from the external IdP with each user login. When this setting is used, root attributes cannot be independently updated), 'on_first_login' (configures the connection to create the user and set the root attributes on first login only, allowing them to be independently updated thereafter), and 'never_on_login' (configures the connection not to create the user and not to set the root attributes from the external IdP, allowing them to be independently updated). */
 export const ConnectionSetUserRootAttributesEnum = {
@@ -4256,6 +4938,14 @@ export const ConnectionSetUserRootAttributesEnum = {
 export type ConnectionSetUserRootAttributesEnum =
     (typeof ConnectionSetUserRootAttributesEnum)[keyof typeof ConnectionSetUserRootAttributesEnum];
 
+/** Choose how Auth0 sets the email_verified field in the user profile. */
+export const ConnectionShouldTrustEmailVerifiedConnectionEnum = {
+    NeverSetEmailsAsVerified: "never_set_emails_as_verified",
+    AlwaysSetEmailsAsVerified: "always_set_emails_as_verified",
+} as const;
+export type ConnectionShouldTrustEmailVerifiedConnectionEnum =
+    (typeof ConnectionShouldTrustEmailVerifiedConnectionEnum)[keyof typeof ConnectionShouldTrustEmailVerifiedConnectionEnum];
+
 /**
  * Enables showing a button for the connection in the login page (new experience only). If false, it will be usable only by HRD. (Defaults to <code>false</code>.)
  */
@@ -4328,6 +5018,87 @@ export const ConnectionStrategyEnum = {
 } as const;
 export type ConnectionStrategyEnum = (typeof ConnectionStrategyEnum)[keyof typeof ConnectionStrategyEnum];
 
+/**
+ * Strategy version
+ */
+export type ConnectionStrategyVersionEnumAzureAd = number;
+
+/**
+ * A list of the Subject Identifier types that this OP supports. Valid types include pairwise and public
+ */
+export type ConnectionSubjectTypesSupported = string[];
+
+/**
+ * Tenant domain
+ */
+export type ConnectionTenantDomain = (string | null) | undefined;
+
+export type ConnectionTenantDomainAzureAdOne = string;
+
+/**
+ * The Azure AD tenant ID as a UUID. The unique identifier for your Azure AD organization. Must be a valid 36-character UUID.
+ */
+export type ConnectionTenantIdAzureAd = string;
+
+/**
+ * Array of certificate thumbprints (SHA-128/SHA-256/SHA-512 hex hashes) for validating SAML signatures. Used with WS-Federation protocol. Maximum 20 thumbprints. Each thumbprint must be a hexadecimal string.
+ */
+export type ConnectionThumbprints = string[];
+
+/**
+ * URL of the identity provider's OAuth 2.0 token endpoint where authorization codes are exchanged for access tokens. Must be a valid HTTPS URL. Required for authorization code flow but optional for implicit flow.
+ */
+export type ConnectionTokenEndpoint = Management.ConnectionHttpsUrlWithHttpFallback;
+
+/** Requested Client Authentication method for the Token Endpoint. */
+export const ConnectionTokenEndpointAuthMethodEnum = {
+    ClientSecretPost: "client_secret_post",
+    PrivateKeyJwt: "private_key_jwt",
+} as const;
+export type ConnectionTokenEndpointAuthMethodEnum =
+    (typeof ConnectionTokenEndpointAuthMethodEnum)[keyof typeof ConnectionTokenEndpointAuthMethodEnum];
+
+/**
+ * JSON array containing a list of Client Authentication methods supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 9 of OpenID Connect Core 1.0 [OpenID.Core]. Other authentication methods MAY be defined by extensions. If omitted, the default is client_secret_basic -- the HTTP Basic Authentication Scheme specified in Section 2.3.1 of OAuth 2.0 [RFC6749].
+ */
+export type ConnectionTokenEndpointAuthMethodsSupported = string[];
+
+/** Algorithm used to sign client_assertions. */
+export const ConnectionTokenEndpointAuthSigningAlgEnum = {
+    Es256: "ES256",
+    Ps256: "PS256",
+    Rs256: "RS256",
+    Rs512: "RS512",
+} as const;
+export type ConnectionTokenEndpointAuthSigningAlgEnum =
+    (typeof ConnectionTokenEndpointAuthSigningAlgEnum)[keyof typeof ConnectionTokenEndpointAuthSigningAlgEnum];
+
+/**
+ * JSON array containing a list of the JWS signing algorithms (alg values) supported by the Token Endpoint for the signature on the JWT [JWT] used to authenticate the Client at the Token Endpoint for the private_key_jwt and client_secret_jwt authentication methods. Servers SHOULD support RS256. The value none MUST NOT be used.
+ */
+export type ConnectionTokenEndpointAuthSigningAlgValuesSupported = string[];
+
+export type ConnectionTokenEndpointOAuth2 = Management.ConnectionTokenEndpoint;
+
+export type ConnectionTokenEndpointOidc = Management.ConnectionTokenEndpoint;
+
+/** Connection type */
+export const ConnectionTypeEnumOidc = {
+    BackChannel: "back_channel",
+    FrontChannel: "front_channel",
+} as const;
+export type ConnectionTypeEnumOidc = (typeof ConnectionTypeEnumOidc)[keyof typeof ConnectionTypeEnumOidc];
+
+/**
+ * Connection type
+ */
+export type ConnectionTypeEnumOkta = "back_channel";
+
+/**
+ * Languages and scripts supported for the user interface, represented as a JSON array of BCP47 [RFC5646] language tag values.
+ */
+export type ConnectionUiLocalesSupported = string[];
+
 export type ConnectionUpstreamAdditionalProperties =
     | Management.ConnectionUpstreamAlias
     | Management.ConnectionUpstreamValue;
@@ -4360,10 +5131,54 @@ export type ConnectionUpstreamParams =
     | (Record<string, (Management.ConnectionUpstreamAdditionalProperties | null) | undefined> | null)
     | undefined;
 
+/**
+ * Custom parameters to include in authentication requests to Azure AD. Accepts up to 10 key-value pairs for passing additional parameters like domain hints or tenant hints to the identity provider.
+ */
+export type ConnectionUpstreamParamsAzureAd = ((Management.ConnectionUpstreamParams | undefined) | null) | undefined;
+
+export type ConnectionUpstreamParamsOidc = ((Management.ConnectionUpstreamParams | undefined) | null) | undefined;
+
 export interface ConnectionUpstreamValue {
     value?: string;
 }
 
+/**
+ * When enabled (true), uses the Azure AD common endpoint for multi-tenant authentication. Allows users from any Azure AD organization to sign in. Requires userid_attribute set to 'sub' (not 'oid'). Cannot be used with SCIM provisioning. Defaults to false.
+ */
+export type ConnectionUseCommonEndpointAzureAd = boolean;
+
+/**
+ * The Azure AD claim to use as the unique user identifier. 'oid' (Object ID) is recommended for single-tenant connections and required for SCIM. 'sub' (Subject) is required for multi-tenant/common endpoint. Only applies with OpenID Connect protocol.
+ */
+export type ConnectionUseridAttributeAzureAd = Management.ConnectionUseridAttributeEnumAzureAd;
+
+/** User ID attribute to use. Only applies when waad_protocol=openid-connect */
+export const ConnectionUseridAttributeEnumAzureAd = {
+    Oid: "oid",
+    Sub: "sub",
+} as const;
+export type ConnectionUseridAttributeEnumAzureAd =
+    (typeof ConnectionUseridAttributeEnumAzureAd)[keyof typeof ConnectionUseridAttributeEnumAzureAd];
+
+/**
+ * JSON array containing a list of the JWE [JWE] encryption algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].
+ */
+export type ConnectionUserinfoEncryptionAlgValuesSupported = string[];
+
+/**
+ * JSON array containing a list of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT].
+ */
+export type ConnectionUserinfoEncryptionEncValuesSupported = string[];
+
+export type ConnectionUserinfoEndpoint = Management.ConnectionHttpsUrlWithHttpFallback;
+
+export type ConnectionUserinfoEndpointOidc = Management.ConnectionUserinfoEndpoint;
+
+/**
+ * JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. The value none MAY be included.
+ */
+export type ConnectionUserinfoSigningAlgValuesSupported = string[];
+
 export interface ConnectionUsernameValidationOptions {
     min: number;
     max: number;
@@ -4376,6 +5191,19 @@ export interface ConnectionValidationOptions {
     username?: Management.ConnectionUsernameValidationOptions | null;
 }
 
+/**
+ * The authentication protocol for Azure AD v1 endpoints. 'openid-connect' (default, recommended) uses modern OAuth 2.0/OIDC. 'ws-federation' is a legacy SAML-based protocol for older integrations. Only available with Azure AD v1 API.
+ */
+export type ConnectionWaadProtocol = Management.ConnectionWaadProtocolEnumAzureAd;
+
+/** Available WAAD protocols */
+export const ConnectionWaadProtocolEnumAzureAd = {
+    WsFederation: "ws-federation",
+    OpenidConnect: "openid-connect",
+} as const;
+export type ConnectionWaadProtocolEnumAzureAd =
+    (typeof ConnectionWaadProtocolEnumAzureAd)[keyof typeof ConnectionWaadProtocolEnumAzureAd];
+
 /**
  * Metadata associated with the connection in the form of an object with string values (max 255 chars).  Maximum of 10 metadata properties allowed.
  */
@@ -4544,6 +5372,7 @@ export interface CreateClientResponseContent {
      * See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
      */
     skip_non_verifiable_callback_uri_confirmation_prompt?: boolean;
+    token_exchange?: Management.ClientTokenExchangeConfiguration;
     /** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
     par_request_expiry?: number | null;
     token_quota?: Management.TokenQuota;
@@ -4555,6 +5384,10 @@ export interface CreateClientResponseContent {
     [key: string]: any;
 }
 
+export interface CreateConnectionCommon extends Management.ConnectionCommon {
+    name?: Management.ConnectionName;
+}
+
 export interface CreateConnectionProfileResponseContent {
     id?: Management.ConnectionProfileId;
     name?: Management.ConnectionProfileName;
@@ -4568,7 +5401,7 @@ export interface CreateConnectionProfileResponseContent {
 /**
  * Create a connection with strategy=ad
  */
-export interface CreateConnectionRequestContentAd extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentAd extends Management.CreateConnectionCommon {
     strategy: "ad";
     options?: Management.ConnectionOptionsAd;
 }
@@ -4576,7 +5409,7 @@ export interface CreateConnectionRequestContentAd extends Management.ConnectionR
 /**
  * Create a connection with strategy=adfs
  */
-export interface CreateConnectionRequestContentAdfs extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentAdfs extends Management.CreateConnectionCommon {
     strategy: "adfs";
     options?: Management.ConnectionOptionsAdfs;
 }
@@ -4584,7 +5417,7 @@ export interface CreateConnectionRequestContentAdfs extends Management.Connectio
 /**
  * Create a connection with strategy=aol
  */
-export interface CreateConnectionRequestContentAol extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentAol extends Management.CreateConnectionCommon {
     strategy: "aol";
     options?: Management.ConnectionOptionsAol;
 }
@@ -4592,7 +5425,7 @@ export interface CreateConnectionRequestContentAol extends Management.Connection
 /**
  * Create a connection with strategy=amazon
  */
-export interface CreateConnectionRequestContentAmazon extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentAmazon extends Management.CreateConnectionCommon {
     strategy: "amazon";
     options?: Management.ConnectionOptionsAmazon;
 }
@@ -4600,7 +5433,7 @@ export interface CreateConnectionRequestContentAmazon extends Management.Connect
 /**
  * Create a connection with strategy=apple
  */
-export interface CreateConnectionRequestContentApple extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentApple extends Management.CreateConnectionCommon {
     strategy: "apple";
     options?: Management.ConnectionOptionsApple;
 }
@@ -4608,7 +5441,7 @@ export interface CreateConnectionRequestContentApple extends Management.Connecti
 /**
  * Create a connection with strategy=auth0
  */
-export interface CreateConnectionRequestContentAuth0 extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentAuth0 extends Management.CreateConnectionCommon {
     strategy: "auth0";
     options?: Management.ConnectionOptionsAuth0;
 }
@@ -4616,7 +5449,7 @@ export interface CreateConnectionRequestContentAuth0 extends Management.Connecti
 /**
  * Create a connection with strategy=auth0-oidc
  */
-export interface CreateConnectionRequestContentAuth0Oidc extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentAuth0Oidc extends Management.CreateConnectionCommon {
     strategy: "auth0-oidc";
     options?: Management.ConnectionOptionsAuth0Oidc;
 }
@@ -4624,15 +5457,17 @@ export interface CreateConnectionRequestContentAuth0Oidc extends Management.Conn
 /**
  * Create a connection with strategy=waad
  */
-export interface CreateConnectionRequestContentAzureAd extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentAzureAd extends Management.CreateConnectionCommon {
     strategy: "waad";
     options?: Management.ConnectionOptionsAzureAd;
+    provisioning_ticket?: Management.ConnectionProvisioningTicket;
+    provisioning_ticket_url?: Management.ConnectionProvisioningTicketUrl;
 }
 
 /**
  * Create a connection with strategy=baidu
  */
-export interface CreateConnectionRequestContentBaidu extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentBaidu extends Management.CreateConnectionCommon {
     strategy: "baidu";
     options?: Management.ConnectionOptionsBaidu;
 }
@@ -4640,7 +5475,7 @@ export interface CreateConnectionRequestContentBaidu extends Management.Connecti
 /**
  * Create a connection with strategy=bitbucket
  */
-export interface CreateConnectionRequestContentBitbucket extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentBitbucket extends Management.CreateConnectionCommon {
     strategy: "bitbucket";
     options?: Management.ConnectionOptionsBitbucket;
 }
@@ -4648,7 +5483,7 @@ export interface CreateConnectionRequestContentBitbucket extends Management.Conn
 /**
  * Create a connection with strategy=bitly
  */
-export interface CreateConnectionRequestContentBitly extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentBitly extends Management.CreateConnectionCommon {
     strategy: "bitly";
     options?: Management.ConnectionOptionsBitly;
 }
@@ -4656,7 +5491,7 @@ export interface CreateConnectionRequestContentBitly extends Management.Connecti
 /**
  * Create a connection with strategy=box
  */
-export interface CreateConnectionRequestContentBox extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentBox extends Management.CreateConnectionCommon {
     strategy: "box";
     options?: Management.ConnectionOptionsBox;
 }
@@ -4664,7 +5499,7 @@ export interface CreateConnectionRequestContentBox extends Management.Connection
 /**
  * Create a connection with strategy=custom
  */
-export interface CreateConnectionRequestContentCustom extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentCustom extends Management.CreateConnectionCommon {
     strategy: "custom";
     options?: Management.ConnectionOptionsCustom;
 }
@@ -4672,7 +5507,7 @@ export interface CreateConnectionRequestContentCustom extends Management.Connect
 /**
  * Create a connection with strategy=daccount
  */
-export interface CreateConnectionRequestContentDaccount extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentDaccount extends Management.CreateConnectionCommon {
     strategy: "daccount";
     options?: Management.ConnectionOptionsDaccount;
 }
@@ -4680,7 +5515,7 @@ export interface CreateConnectionRequestContentDaccount extends Management.Conne
 /**
  * Create a connection with strategy=dropbox
  */
-export interface CreateConnectionRequestContentDropbox extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentDropbox extends Management.CreateConnectionCommon {
     strategy: "dropbox";
     options?: Management.ConnectionOptionsDropbox;
 }
@@ -4688,7 +5523,7 @@ export interface CreateConnectionRequestContentDropbox extends Management.Connec
 /**
  * Create a connection with strategy=dwolla
  */
-export interface CreateConnectionRequestContentDwolla extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentDwolla extends Management.CreateConnectionCommon {
     strategy: "dwolla";
     options?: Management.ConnectionOptionsDwolla;
 }
@@ -4696,7 +5531,7 @@ export interface CreateConnectionRequestContentDwolla extends Management.Connect
 /**
  * Create a connection with strategy=email
  */
-export interface CreateConnectionRequestContentEmail extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentEmail extends Management.CreateConnectionCommon {
     strategy: "email";
     options?: Management.ConnectionOptionsEmail;
 }
@@ -4704,7 +5539,7 @@ export interface CreateConnectionRequestContentEmail extends Management.Connecti
 /**
  * Create a connection with strategy=evernote
  */
-export interface CreateConnectionRequestContentEvernote extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentEvernote extends Management.CreateConnectionCommon {
     strategy: "evernote";
     options?: Management.ConnectionOptionsEvernote;
 }
@@ -4712,7 +5547,7 @@ export interface CreateConnectionRequestContentEvernote extends Management.Conne
 /**
  * Create a connection with strategy=evernote-sandbox
  */
-export interface CreateConnectionRequestContentEvernoteSandbox extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentEvernoteSandbox extends Management.CreateConnectionCommon {
     strategy: "evernote-sandbox";
     options?: Management.ConnectionOptionsEvernoteSandbox;
 }
@@ -4720,7 +5555,7 @@ export interface CreateConnectionRequestContentEvernoteSandbox extends Managemen
 /**
  * Create a connection with strategy=exact
  */
-export interface CreateConnectionRequestContentExact extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentExact extends Management.CreateConnectionCommon {
     strategy: "exact";
     options?: Management.ConnectionOptionsExact;
 }
@@ -4728,7 +5563,7 @@ export interface CreateConnectionRequestContentExact extends Management.Connecti
 /**
  * Create a connection with strategy=facebook
  */
-export interface CreateConnectionRequestContentFacebook extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentFacebook extends Management.CreateConnectionCommon {
     strategy: "facebook";
     options?: Management.ConnectionOptionsFacebook;
 }
@@ -4736,7 +5571,7 @@ export interface CreateConnectionRequestContentFacebook extends Management.Conne
 /**
  * Create a connection with strategy=fitbit
  */
-export interface CreateConnectionRequestContentFitbit extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentFitbit extends Management.CreateConnectionCommon {
     strategy: "fitbit";
     options?: Management.ConnectionOptionsFitbit;
 }
@@ -4744,7 +5579,7 @@ export interface CreateConnectionRequestContentFitbit extends Management.Connect
 /**
  * Create a connection with strategy=flickr
  */
-export interface CreateConnectionRequestContentFlickr extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentFlickr extends Management.CreateConnectionCommon {
     strategy: "flickr";
     options?: Management.ConnectionOptionsFlickr;
 }
@@ -4752,7 +5587,7 @@ export interface CreateConnectionRequestContentFlickr extends Management.Connect
 /**
  * Create a connection with strategy=github
  */
-export interface CreateConnectionRequestContentGitHub extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentGitHub extends Management.CreateConnectionCommon {
     strategy: "github";
     options?: Management.ConnectionOptionsGitHub;
 }
@@ -4760,7 +5595,7 @@ export interface CreateConnectionRequestContentGitHub extends Management.Connect
 /**
  * Create a connection with strategy=google-apps
  */
-export interface CreateConnectionRequestContentGoogleApps extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentGoogleApps extends Management.CreateConnectionCommon {
     strategy: "google-apps";
     options?: Management.ConnectionOptionsGoogleApps;
 }
@@ -4768,7 +5603,7 @@ export interface CreateConnectionRequestContentGoogleApps extends Management.Con
 /**
  * Create a connection with strategy=google-oauth2
  */
-export interface CreateConnectionRequestContentGoogleOAuth2 extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentGoogleOAuth2 extends Management.CreateConnectionCommon {
     strategy: "google-oauth2";
     options?: Management.ConnectionOptionsGoogleOAuth2;
 }
@@ -4776,7 +5611,7 @@ export interface CreateConnectionRequestContentGoogleOAuth2 extends Management.C
 /**
  * Create a connection with strategy=ip
  */
-export interface CreateConnectionRequestContentIp extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentIp extends Management.CreateConnectionCommon {
     strategy: "ip";
     options?: Management.ConnectionOptionsIp;
 }
@@ -4784,7 +5619,7 @@ export interface CreateConnectionRequestContentIp extends Management.ConnectionR
 /**
  * Create a connection with strategy=instagram
  */
-export interface CreateConnectionRequestContentInstagram extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentInstagram extends Management.CreateConnectionCommon {
     strategy: "instagram";
     options?: Management.ConnectionOptionsInstagram;
 }
@@ -4792,7 +5627,7 @@ export interface CreateConnectionRequestContentInstagram extends Management.Conn
 /**
  * Create a connection with strategy=line
  */
-export interface CreateConnectionRequestContentLine extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentLine extends Management.CreateConnectionCommon {
     strategy: "line";
     options?: Management.ConnectionOptionsLine;
 }
@@ -4800,7 +5635,7 @@ export interface CreateConnectionRequestContentLine extends Management.Connectio
 /**
  * Create a connection with strategy=linkedin
  */
-export interface CreateConnectionRequestContentLinkedin extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentLinkedin extends Management.CreateConnectionCommon {
     strategy: "linkedin";
     options?: Management.ConnectionOptionsLinkedin;
 }
@@ -4808,7 +5643,7 @@ export interface CreateConnectionRequestContentLinkedin extends Management.Conne
 /**
  * Create a connection with strategy=miicard
  */
-export interface CreateConnectionRequestContentMiicard extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentMiicard extends Management.CreateConnectionCommon {
     strategy: "miicard";
     options?: Management.ConnectionOptionsMiicard;
 }
@@ -4816,7 +5651,7 @@ export interface CreateConnectionRequestContentMiicard extends Management.Connec
 /**
  * Create a connection with strategy=oauth1
  */
-export interface CreateConnectionRequestContentOAuth1 extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentOAuth1 extends Management.CreateConnectionCommon {
     strategy: "oauth1";
     options?: Management.ConnectionOptionsOAuth1;
 }
@@ -4824,7 +5659,7 @@ export interface CreateConnectionRequestContentOAuth1 extends Management.Connect
 /**
  * Create a connection with strategy=oauth2
  */
-export interface CreateConnectionRequestContentOAuth2 extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentOAuth2 extends Management.CreateConnectionCommon {
     strategy: "oauth2";
     options?: Management.ConnectionOptionsOAuth2;
 }
@@ -4832,7 +5667,7 @@ export interface CreateConnectionRequestContentOAuth2 extends Management.Connect
 /**
  * Create a connection with strategy=oidc
  */
-export interface CreateConnectionRequestContentOidc extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentOidc extends Management.CreateConnectionCommon {
     strategy: "oidc";
     options?: Management.ConnectionOptionsOidc;
 }
@@ -4840,7 +5675,7 @@ export interface CreateConnectionRequestContentOidc extends Management.Connectio
 /**
  * Create a connection with strategy=office365
  */
-export interface CreateConnectionRequestContentOffice365 extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentOffice365 extends Management.CreateConnectionCommon {
     strategy: "office365";
     options?: Management.ConnectionOptionsOffice365;
 }
@@ -4848,7 +5683,7 @@ export interface CreateConnectionRequestContentOffice365 extends Management.Conn
 /**
  * Create a connection with strategy=okta
  */
-export interface CreateConnectionRequestContentOkta extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentOkta extends Management.CreateConnectionCommon {
     strategy: "okta";
     options?: Management.ConnectionOptionsOkta;
 }
@@ -4856,7 +5691,7 @@ export interface CreateConnectionRequestContentOkta extends Management.Connectio
 /**
  * Create a connection with strategy=paypal
  */
-export interface CreateConnectionRequestContentPaypal extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentPaypal extends Management.CreateConnectionCommon {
     strategy: "paypal";
     options?: Management.ConnectionOptionsPaypal;
 }
@@ -4864,7 +5699,7 @@ export interface CreateConnectionRequestContentPaypal extends Management.Connect
 /**
  * Create a connection with strategy=paypal-sandbox
  */
-export interface CreateConnectionRequestContentPaypalSandbox extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentPaypalSandbox extends Management.CreateConnectionCommon {
     strategy: "paypal-sandbox";
     options?: Management.ConnectionOptionsPaypalSandbox;
 }
@@ -4872,7 +5707,7 @@ export interface CreateConnectionRequestContentPaypalSandbox extends Management.
 /**
  * Create a connection with strategy=pingfederate
  */
-export interface CreateConnectionRequestContentPingFederate extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentPingFederate extends Management.CreateConnectionCommon {
     strategy: "pingfederate";
     options?: Management.ConnectionOptionsPingFederate;
 }
@@ -4880,7 +5715,7 @@ export interface CreateConnectionRequestContentPingFederate extends Management.C
 /**
  * Create a connection with strategy=planningcenter
  */
-export interface CreateConnectionRequestContentPlanningCenter extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentPlanningCenter extends Management.CreateConnectionCommon {
     strategy: "planningcenter";
     options?: Management.ConnectionOptionsPlanningCenter;
 }
@@ -4888,7 +5723,7 @@ export interface CreateConnectionRequestContentPlanningCenter extends Management
 /**
  * Create a connection with strategy=renren
  */
-export interface CreateConnectionRequestContentRenren extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentRenren extends Management.CreateConnectionCommon {
     strategy: "renren";
     options?: Management.ConnectionOptionsRenren;
 }
@@ -4896,7 +5731,7 @@ export interface CreateConnectionRequestContentRenren extends Management.Connect
 /**
  * Create a connection with strategy=samlp
  */
-export interface CreateConnectionRequestContentSaml extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentSaml extends Management.CreateConnectionCommon {
     strategy: "samlp";
     options?: Management.ConnectionOptionsSaml;
 }
@@ -4904,7 +5739,7 @@ export interface CreateConnectionRequestContentSaml extends Management.Connectio
 /**
  * Create a connection with strategy=sms
  */
-export interface CreateConnectionRequestContentSms extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentSms extends Management.CreateConnectionCommon {
     strategy: "sms";
     options?: Management.ConnectionOptionsSms;
 }
@@ -4912,7 +5747,7 @@ export interface CreateConnectionRequestContentSms extends Management.Connection
 /**
  * Create a connection with strategy=salesforce
  */
-export interface CreateConnectionRequestContentSalesforce extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentSalesforce extends Management.CreateConnectionCommon {
     strategy: "salesforce";
     options?: Management.ConnectionOptionsSalesforce;
 }
@@ -4920,7 +5755,7 @@ export interface CreateConnectionRequestContentSalesforce extends Management.Con
 /**
  * Create a connection with strategy=salesforce-community
  */
-export interface CreateConnectionRequestContentSalesforceCommunity extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentSalesforceCommunity extends Management.CreateConnectionCommon {
     strategy: "salesforce-community";
     options?: Management.ConnectionOptionsSalesforceCommunity;
 }
@@ -4928,7 +5763,7 @@ export interface CreateConnectionRequestContentSalesforceCommunity extends Manag
 /**
  * Create a connection with strategy=salesforce-sandbox
  */
-export interface CreateConnectionRequestContentSalesforceSandbox extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentSalesforceSandbox extends Management.CreateConnectionCommon {
     strategy: "salesforce-sandbox";
     options?: Management.ConnectionOptionsSalesforceSandbox;
 }
@@ -4936,7 +5771,7 @@ export interface CreateConnectionRequestContentSalesforceSandbox extends Managem
 /**
  * Create a connection with strategy=sharepoint
  */
-export interface CreateConnectionRequestContentSharepoint extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentSharepoint extends Management.CreateConnectionCommon {
     strategy: "sharepoint";
     options?: Management.ConnectionOptionsSharepoint;
 }
@@ -4944,7 +5779,7 @@ export interface CreateConnectionRequestContentSharepoint extends Management.Con
 /**
  * Create a connection with strategy=shop
  */
-export interface CreateConnectionRequestContentShop extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentShop extends Management.CreateConnectionCommon {
     strategy: "shop";
     options?: Management.ConnectionOptionsShop;
 }
@@ -4952,7 +5787,7 @@ export interface CreateConnectionRequestContentShop extends Management.Connectio
 /**
  * Create a connection with strategy=shopify
  */
-export interface CreateConnectionRequestContentShopify extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentShopify extends Management.CreateConnectionCommon {
     strategy: "shopify";
     options?: Management.ConnectionOptionsShopify;
 }
@@ -4960,7 +5795,7 @@ export interface CreateConnectionRequestContentShopify extends Management.Connec
 /**
  * Create a connection with strategy=soundcloud
  */
-export interface CreateConnectionRequestContentSoundcloud extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentSoundcloud extends Management.CreateConnectionCommon {
     strategy: "soundcloud";
     options?: Management.ConnectionOptionsSoundcloud;
 }
@@ -4968,7 +5803,7 @@ export interface CreateConnectionRequestContentSoundcloud extends Management.Con
 /**
  * Create a connection with strategy=thecity
  */
-export interface CreateConnectionRequestContentTheCity extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentTheCity extends Management.CreateConnectionCommon {
     strategy: "thecity";
     options?: Management.ConnectionOptionsTheCity;
 }
@@ -4976,7 +5811,7 @@ export interface CreateConnectionRequestContentTheCity extends Management.Connec
 /**
  * Create a connection with strategy=thecity-sandbox
  */
-export interface CreateConnectionRequestContentTheCitySandbox extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentTheCitySandbox extends Management.CreateConnectionCommon {
     strategy: "thecity-sandbox";
     options?: Management.ConnectionOptionsTheCitySandbox;
 }
@@ -4984,7 +5819,7 @@ export interface CreateConnectionRequestContentTheCitySandbox extends Management
 /**
  * Create a connection with strategy=thirtysevensignals
  */
-export interface CreateConnectionRequestContentThirtySevenSignals extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentThirtySevenSignals extends Management.CreateConnectionCommon {
     strategy: "thirtysevensignals";
     options?: Management.ConnectionOptionsThirtySevenSignals;
 }
@@ -4992,7 +5827,7 @@ export interface CreateConnectionRequestContentThirtySevenSignals extends Manage
 /**
  * Create a connection with strategy=twitter
  */
-export interface CreateConnectionRequestContentTwitter extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentTwitter extends Management.CreateConnectionCommon {
     strategy: "twitter";
     options?: Management.ConnectionOptionsTwitter;
 }
@@ -5000,7 +5835,7 @@ export interface CreateConnectionRequestContentTwitter extends Management.Connec
 /**
  * Create a connection with strategy=untappd
  */
-export interface CreateConnectionRequestContentUntappd extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentUntappd extends Management.CreateConnectionCommon {
     strategy: "untappd";
     options?: Management.ConnectionOptionsUntappd;
 }
@@ -5008,7 +5843,7 @@ export interface CreateConnectionRequestContentUntappd extends Management.Connec
 /**
  * Create a connection with strategy=vkontakte
  */
-export interface CreateConnectionRequestContentVkontakte extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentVkontakte extends Management.CreateConnectionCommon {
     strategy: "vkontakte";
     options?: Management.ConnectionOptionsVkontakte;
 }
@@ -5016,7 +5851,7 @@ export interface CreateConnectionRequestContentVkontakte extends Management.Conn
 /**
  * Create a connection with strategy=weibo
  */
-export interface CreateConnectionRequestContentWeibo extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentWeibo extends Management.CreateConnectionCommon {
     strategy: "weibo";
     options?: Management.ConnectionOptionsWeibo;
 }
@@ -5024,7 +5859,7 @@ export interface CreateConnectionRequestContentWeibo extends Management.Connecti
 /**
  * Create a connection with strategy=windowslive
  */
-export interface CreateConnectionRequestContentWindowsLive extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentWindowsLive extends Management.CreateConnectionCommon {
     strategy: "windowslive";
     options?: Management.ConnectionOptionsWindowsLive;
 }
@@ -5032,7 +5867,7 @@ export interface CreateConnectionRequestContentWindowsLive extends Management.Co
 /**
  * Create a connection with strategy=wordpress
  */
-export interface CreateConnectionRequestContentWordpress extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentWordpress extends Management.CreateConnectionCommon {
     strategy: "wordpress";
     options?: Management.ConnectionOptionsWordpress;
 }
@@ -5040,7 +5875,7 @@ export interface CreateConnectionRequestContentWordpress extends Management.Conn
 /**
  * Create a connection with strategy=yahoo
  */
-export interface CreateConnectionRequestContentYahoo extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentYahoo extends Management.CreateConnectionCommon {
     strategy: "yahoo";
     options?: Management.ConnectionOptionsYahoo;
 }
@@ -5048,7 +5883,7 @@ export interface CreateConnectionRequestContentYahoo extends Management.Connecti
 /**
  * Create a connection with strategy=yammer
  */
-export interface CreateConnectionRequestContentYammer extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentYammer extends Management.CreateConnectionCommon {
     strategy: "yammer";
     options?: Management.ConnectionOptionsYammer;
 }
@@ -5056,7 +5891,7 @@ export interface CreateConnectionRequestContentYammer extends Management.Connect
 /**
  * Create a connection with strategy=yandex
  */
-export interface CreateConnectionRequestContentYandex extends Management.ConnectionRequestCommon {
+export interface CreateConnectionRequestContentYandex extends Management.CreateConnectionCommon {
     strategy: "yandex";
     options?: Management.ConnectionOptionsYandex;
 }
@@ -5098,9 +5933,49 @@ export interface CreateCustomDomainResponseContent {
     custom_client_ip_header?: string | null;
     /** The TLS version policy */
     tls_policy?: string;
+    domain_metadata?: Management.DomainMetadata;
     certificate?: Management.DomainCertificate;
 }
 
+export interface CreateDirectoryProvisioningRequestContent {
+    /** The mapping between Auth0 and IDP user attributes */
+    mapping?: Management.DirectoryProvisioningMappingItem[];
+    /** Whether periodic automatic synchronization is enabled */
+    synchronize_automatically?: boolean;
+}
+
+export interface CreateDirectoryProvisioningResponseContent {
+    /** The connection's identifier */
+    connection_id: string;
+    /** The connection's name */
+    connection_name: string;
+    /** The connection's strategy */
+    strategy: string;
+    /** The mapping between Auth0 and IDP user attributes */
+    mapping: Management.DirectoryProvisioningMappingItem[];
+    /** Whether periodic automatic synchronization is enabled */
+    synchronize_automatically: boolean;
+    /** The timestamp at which the directory provisioning configuration was created */
+    created_at: string;
+    /** The timestamp at which the directory provisioning configuration was last updated */
+    updated_at: string;
+    /** The timestamp at which the connection was last synchronized */
+    last_synchronization_at?: string;
+    /** The status of the last synchronization */
+    last_synchronization_status?: string;
+    /** The error message of the last synchronization, if any */
+    last_synchronization_error?: string;
+}
+
+export interface CreateDirectorySynchronizationResponseContent {
+    /** The connection's identifier */
+    connection_id: string;
+    /** The synchronization's identifier */
+    synchronization_id: string;
+    /** The synchronization status */
+    status: string;
+}
+
 export interface CreateEmailProviderResponseContent {
     /** Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`. */
     name?: string;
@@ -5900,6 +6775,8 @@ export interface CreateOrganizationDiscoveryDomainResponseContent {
     /** The domain name to associate with the organization e.g. acme.com. */
     domain: string;
     status: Management.OrganizationDiscoveryDomainStatus;
+    /** Indicates whether this domain should be used for organization discovery. Note: This field is only returned when the ss_org_dove_enabled feature flag is enabled for the tenant. */
+    use_for_organization_discovery?: boolean;
     /** A unique token generated for the discovery domain. This must be placed in a DNS TXT record at the location specified by the verification_host field to prove domain ownership. */
     verification_txt: string;
     /** The full domain where the TXT record should be added. */
@@ -6274,6 +7151,7 @@ export interface CustomDomain {
     custom_client_ip_header?: string | null;
     /** The TLS version policy */
     tls_policy?: string;
+    domain_metadata?: Management.DomainMetadata;
     certificate?: Management.DomainCertificate;
 }
 
@@ -6553,6 +7431,13 @@ export const DeviceCredentialTypeEnum = {
 } as const;
 export type DeviceCredentialTypeEnum = (typeof DeviceCredentialTypeEnum)[keyof typeof DeviceCredentialTypeEnum];
 
+export interface DirectoryProvisioningMappingItem {
+    /** The field location in the Auth0 schema */
+    auth0: string;
+    /** The field location in the IDP schema */
+    idp: string;
+}
+
 /**
  * Certificate information. This object is relevant only for Custom Domains with Auth0-Managed Certificates.
  */
@@ -6583,6 +7468,11 @@ export const DomainCertificateStatusEnum = {
 export type DomainCertificateStatusEnum =
     (typeof DomainCertificateStatusEnum)[keyof typeof DomainCertificateStatusEnum];
 
+/**
+ * Domain metadata associated with the custom domain, in the form of an object with string values (max 255 chars). Maximum of 10 domain metadata properties allowed.
+ */
+export type DomainMetadata = Record<string, (string | null) | undefined>;
+
 /**
  * Domain verification settings.
  */
@@ -6626,6 +7516,8 @@ export type DomainVerificationStatusEnum =
  */
 export interface EmailAttribute {
     identifier?: Management.ConnectionAttributeIdentifier;
+    /** Determines if the attribute is unique in a given connection */
+    unique?: boolean;
     /** Determines if property should be required for users */
     profile_required?: boolean;
     verification_method?: Management.VerificationMethodEnum;
@@ -9708,11 +10600,11 @@ export interface GetAculResponseContent {
     context_configuration?: string[];
     /** Override Universal Login default head tags */
     default_head_tags_disabled?: boolean;
+    /** Use page template with ACUL */
+    use_page_template?: boolean | null;
     /** An array of head tags */
     head_tags?: Management.AculHeadTag[];
     filters?: Management.AculFilters | null;
-    /** Use page template with ACUL */
-    use_page_template?: boolean | null;
     /** Accepts any additional properties */
     [key: string]: any;
 }
@@ -9955,6 +10847,7 @@ export interface GetClientResponseContent {
      * See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
      */
     skip_non_verifiable_callback_uri_confirmation_prompt?: boolean;
+    token_exchange?: Management.ClientTokenExchangeConfiguration;
     /** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
     par_request_expiry?: number | null;
     token_quota?: Management.TokenQuota;
@@ -10032,6 +10925,7 @@ export interface GetCustomDomainResponseContent {
     custom_client_ip_header?: string | null;
     /** The TLS version policy */
     tls_policy?: string;
+    domain_metadata?: Management.DomainMetadata;
     certificate?: Management.DomainCertificate;
 }
 
@@ -10048,6 +10942,34 @@ export interface GetCustomSigningKeysResponseContent {
  */
 export type GetCustomTextsByLanguageResponseContent = Record<string, unknown>;
 
+export interface GetDirectoryProvisioningDefaultMappingResponseContent {
+    /** The mapping between Auth0 and IDP user attributes */
+    mapping?: Management.DirectoryProvisioningMappingItem[];
+}
+
+export interface GetDirectoryProvisioningResponseContent {
+    /** The connection's identifier */
+    connection_id: string;
+    /** The connection's name */
+    connection_name: string;
+    /** The connection's strategy */
+    strategy: string;
+    /** The mapping between Auth0 and IDP user attributes */
+    mapping: Management.DirectoryProvisioningMappingItem[];
+    /** Whether periodic automatic synchronization is enabled */
+    synchronize_automatically: boolean;
+    /** The timestamp at which the directory provisioning configuration was created */
+    created_at: string;
+    /** The timestamp at which the directory provisioning configuration was last updated */
+    updated_at: string;
+    /** The timestamp at which the connection was last synchronized */
+    last_synchronization_at?: string;
+    /** The status of the last synchronization */
+    last_synchronization_status?: string;
+    /** The error message of the last synchronization, if any */
+    last_synchronization_error?: string;
+}
+
 export interface GetEmailProviderResponseContent {
     /** Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`. */
     name?: string;
@@ -10453,12 +11375,28 @@ export interface GetOrganizationConnectionResponseContent {
     connection?: Management.OrganizationConnectionInformation;
 }
 
+export interface GetOrganizationDiscoveryDomainByNameResponseContent {
+    /** Organization discovery domain identifier. */
+    id: string;
+    /** The domain name to associate with the organization e.g. acme.com. */
+    domain: string;
+    status: Management.OrganizationDiscoveryDomainStatus;
+    /** Indicates whether this domain should be used for organization discovery. Note: This field is only returned when the ss_org_dove_enabled feature flag is enabled for the tenant. */
+    use_for_organization_discovery?: boolean;
+    /** A unique token generated for the discovery domain. This must be placed in a DNS TXT record at the location specified by the verification_host field to prove domain ownership. */
+    verification_txt: string;
+    /** The full domain where the TXT record should be added. */
+    verification_host: string;
+}
+
 export interface GetOrganizationDiscoveryDomainResponseContent {
     /** Organization discovery domain identifier. */
     id: string;
     /** The domain name to associate with the organization e.g. acme.com. */
     domain: string;
     status: Management.OrganizationDiscoveryDomainStatus;
+    /** Indicates whether this domain should be used for organization discovery. Note: This field is only returned when the ss_org_dove_enabled feature flag is enabled for the tenant. */
+    use_for_organization_discovery?: boolean;
     /** A unique token generated for the discovery domain. This must be placed in a DNS TXT record at the location specified by the verification_host field to prove domain ownership. */
     verification_txt: string;
     /** The full domain where the TXT record should be added. */
@@ -11151,6 +12089,11 @@ export const IdentityProviderEnum = {
 } as const;
 export type IdentityProviderEnum = (typeof IdentityProviderEnum)[keyof typeof IdentityProviderEnum];
 
+/**
+ * Identity provider name of the identity. Only `auth0` is supported
+ */
+export type IdentityProviderOnlyAuth0Enum = "auth0";
+
 /**
  * Encryption key
  */
@@ -11400,7 +12343,11 @@ export interface ListConnectionsCheckpointPaginatedResponseContent {
     connections?: Management.ConnectionForList[];
 }
 
-export type ListCustomDomainsResponseContent = Management.CustomDomain[];
+export interface ListCustomDomainsPaginatedResponseContent {
+    custom_domains: Management.CustomDomain[];
+    /** A cursor to be used as the "from" query parameter for the next page of results. */
+    next?: string;
+}
 
 export interface ListDeviceCredentialsOffsetPaginatedResponseContent {
     start?: number;
@@ -12435,6 +13382,8 @@ export interface OrganizationDiscoveryDomain {
     /** The domain name to associate with the organization e.g. acme.com. */
     domain: string;
     status: Management.OrganizationDiscoveryDomainStatus;
+    /** Indicates whether this domain should be used for organization discovery. Note: This field is only returned when the ss_org_dove_enabled feature flag is enabled for the tenant. */
+    use_for_organization_discovery?: boolean;
     /** A unique token generated for the discovery domain. This must be placed in a DNS TXT record at the location specified by the verification_host field to prove domain ownership. */
     verification_txt: string;
     /** The full domain where the TXT record should be added. */
@@ -13255,6 +14204,7 @@ export interface RotateClientSecretResponseContent {
      * See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
      */
     skip_non_verifiable_callback_uri_confirmation_prompt?: boolean;
+    token_exchange?: Management.ClientTokenExchangeConfiguration;
     /** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
     par_request_expiry?: number | null;
     token_quota?: Management.TokenQuota;
@@ -13573,6 +14523,14 @@ export interface SelfServiceProfileSsoTicketEnabledOrganization {
     show_as_button?: boolean;
 }
 
+/**
+ * Configuration for Google Workspace Directory Sync during the self-service flow.
+ */
+export interface SelfServiceProfileSsoTicketGoogleWorkspaceConfig {
+    /** Whether to enable Google Workspace Directory Sync for users during the self-service flow. */
+    sync_users: boolean;
+}
+
 /** The protocol used to connect to the the default application */
 export const SelfServiceProfileSsoTicketIdpInitiatedClientProtocolEnum = {
     Samlp: "samlp",
@@ -13601,6 +14559,7 @@ export interface SelfServiceProfileSsoTicketIdpInitiatedOptions {
 export interface SelfServiceProfileSsoTicketProvisioningConfig {
     /** The scopes of the SCIM tokens generated during the self-service flow. */
     scopes?: Management.SelfServiceProfileSsoTicketProvisioningScopeEnum[];
+    google_workspace?: Management.SelfServiceProfileSsoTicketGoogleWorkspaceConfig;
     /** Lifetime of the tokens in seconds. Must be greater than 900. If not provided, the tokens don't expire. */
     token_lifetime?: number | null;
 }
@@ -13823,27 +14782,13 @@ export interface SetGuardianFactorsProviderPhoneTwilioResponseContent {
     sid?: string | null;
 }
 
-export interface SetGuardianFactorsProviderPushNotificationApnsRequestContent {
-    sandbox?: boolean;
-    bundle_id?: string | null;
-    p12?: string | null;
-}
-
 export interface SetGuardianFactorsProviderPushNotificationApnsResponseContent {
     sandbox?: boolean;
     bundle_id?: string | null;
 }
 
-export interface SetGuardianFactorsProviderPushNotificationFcmRequestContent {
-    server_key?: string | null;
-}
-
 export type SetGuardianFactorsProviderPushNotificationFcmResponseContent = Record<string, unknown>;
 
-export interface SetGuardianFactorsProviderPushNotificationFcmv1RequestContent {
-    server_credentials?: string | null;
-}
-
 export type SetGuardianFactorsProviderPushNotificationFcmv1ResponseContent = Record<string, unknown>;
 
 export interface SetGuardianFactorsProviderPushNotificationResponseContent {
@@ -13964,7 +14909,7 @@ export type SetUserAuthenticationMethodsRequestContent = Management.SetUserAuthe
  */
 export type SetsCustomTextsByLanguageRequestContent = Record<string, unknown>;
 
-/** Algorithm used to sign JWTs. Can be `HS256` or `RS256`. `PS256` available via addon. */
+/** Algorithm used to sign JWTs. Can be `HS256` (default) or `RS256`. `PS256` available via addon. */
 export const SigningAlgorithmEnum = {
     Hs256: "HS256",
     Rs256: "RS256",
@@ -14436,11 +15381,11 @@ export interface UpdateAculResponseContent {
     context_configuration?: string[];
     /** Override Universal Login default head tags */
     default_head_tags_disabled?: boolean | null;
+    /** Use page template with ACUL */
+    use_page_template?: boolean | null;
     /** An array of head tags */
     head_tags?: Management.AculHeadTag[];
     filters?: Management.AculFilters | null;
-    /** Use page template with ACUL */
-    use_page_template?: boolean | null;
     /** Accepts any additional properties */
     [key: string]: any;
 }
@@ -14699,6 +15644,7 @@ export interface UpdateClientResponseContent {
      * See https://auth0.com/docs/secure/security-guidance/measures-against-app-impersonation for more information.
      */
     skip_non_verifiable_callback_uri_confirmation_prompt?: boolean;
+    token_exchange?: Management.ClientTokenExchangeConfiguration;
     /** Specifies how long, in seconds, a Pushed Authorization Request URI remains valid */
     par_request_expiry?: number | null;
     token_quota?: Management.TokenQuota;
@@ -14798,9 +15744,40 @@ export interface UpdateCustomDomainResponseContent {
     custom_client_ip_header?: string | null;
     /** The TLS version policy */
     tls_policy?: string;
+    domain_metadata?: Management.DomainMetadata;
     certificate?: Management.DomainCertificate;
 }
 
+export interface UpdateDirectoryProvisioningRequestContent {
+    /** The mapping between Auth0 and IDP user attributes */
+    mapping?: Management.DirectoryProvisioningMappingItem[];
+    /** Whether periodic automatic synchronization is enabled */
+    synchronize_automatically?: boolean;
+}
+
+export interface UpdateDirectoryProvisioningResponseContent {
+    /** The connection's identifier */
+    connection_id: string;
+    /** The connection's name */
+    connection_name: string;
+    /** The connection's strategy */
+    strategy: string;
+    /** The mapping between Auth0 and IDP user attributes */
+    mapping: Management.DirectoryProvisioningMappingItem[];
+    /** Whether periodic automatic synchronization is enabled */
+    synchronize_automatically: boolean;
+    /** The timestamp at which the directory provisioning configuration was created */
+    created_at: string;
+    /** The timestamp at which the directory provisioning configuration was last updated */
+    updated_at: string;
+    /** The timestamp at which the connection was last synchronized */
+    last_synchronization_at?: string;
+    /** The status of the last synchronization */
+    last_synchronization_status?: string;
+    /** The error message of the last synchronization, if any */
+    last_synchronization_error?: string;
+}
+
 export interface UpdateEmailProviderResponseContent {
     /** Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, `ms365`, or `custom`. */
     name?: string;
@@ -14918,6 +15895,15 @@ export interface UpdateGuardianFactorDuoSettingsResponseContent {
     host?: string;
 }
 
+export interface UpdateGuardianFactorsProviderPushNotificationApnsResponseContent {
+    sandbox?: boolean;
+    bundle_id?: string | null;
+}
+
+export type UpdateGuardianFactorsProviderPushNotificationFcmResponseContent = Record<string, unknown>;
+
+export type UpdateGuardianFactorsProviderPushNotificationFcmv1ResponseContent = Record<string, unknown>;
+
 export interface UpdateGuardianFactorsProviderPushNotificationSnsResponseContent {
     aws_access_key_id?: string | null;
     aws_secret_access_key?: string | null;
@@ -14987,6 +15973,8 @@ export interface UpdateOrganizationDiscoveryDomainResponseContent {
     /** The domain name to associate with the organization e.g. acme.com. */
     domain: string;
     status: Management.OrganizationDiscoveryDomainStatus;
+    /** Indicates whether this domain should be used for organization discovery. Note: This field is only returned when the ss_org_dove_enabled feature flag is enabled for the tenant. */
+    use_for_organization_discovery?: boolean;
     /** A unique token generated for the discovery domain. This must be placed in a DNS TXT record at the location specified by the verification_host field to prove domain ownership. */
     verification_txt: string;
     /** The full domain where the TXT record should be added. */
@@ -15900,6 +16888,7 @@ export interface VerifyCustomDomainResponseContent {
     custom_client_ip_header?: string | null;
     /** The TLS version policy */
     tls_policy?: string;
+    domain_metadata?: Management.DomainMetadata;
     certificate?: Management.DomainCertificate;
 }
 
diff --git a/src/management/tests/wire/clients.test.ts b/src/management/tests/wire/clients.test.ts
index 2735c2375..93f96d54b 100644
--- a/src/management/tests/wire/clients.test.ts
+++ b/src/management/tests/wire/clients.test.ts
@@ -401,6 +401,7 @@ describe("ClientsClient", () => {
                 infinite_token_lifetime: true,
                 idle_token_lifetime: 1,
                 infinite_idle_token_lifetime: true,
+                policies: [{ audience: "audience", scope: ["scope"] }],
             },
             default_organization: { organization_id: "organization_id", flows: ["client_credentials"] },
             organization_usage: "deny",
@@ -416,6 +417,7 @@ describe("ClientsClient", () => {
             signed_request_object: { required: true, credentials: [{ id: "id" }] },
             compliance_level: "none",
             skip_non_verifiable_callback_uri_confirmation_prompt: true,
+            token_exchange: { allow_any_profile_of_type: ["custom_authentication"] },
             par_request_expiry: 1,
             token_quota: { client_credentials: { enforce: true, per_day: 1, per_hour: 1 } },
             express_configuration: {
@@ -679,6 +681,12 @@ describe("ClientsClient", () => {
                 infinite_token_lifetime: true,
                 idle_token_lifetime: 1,
                 infinite_idle_token_lifetime: true,
+                policies: [
+                    {
+                        audience: "audience",
+                        scope: ["scope"],
+                    },
+                ],
             },
             default_organization: {
                 organization_id: "organization_id",
@@ -722,6 +730,9 @@ describe("ClientsClient", () => {
             },
             compliance_level: "none",
             skip_non_verifiable_callback_uri_confirmation_prompt: true,
+            token_exchange: {
+                allow_any_profile_of_type: ["custom_authentication"],
+            },
             par_request_expiry: 1,
             token_quota: {
                 client_credentials: {
@@ -1017,6 +1028,7 @@ describe("ClientsClient", () => {
                 infinite_token_lifetime: true,
                 idle_token_lifetime: 1,
                 infinite_idle_token_lifetime: true,
+                policies: [{ audience: "audience", scope: ["scope"] }],
             },
             default_organization: { organization_id: "organization_id", flows: ["client_credentials"] },
             organization_usage: "deny",
@@ -1032,6 +1044,7 @@ describe("ClientsClient", () => {
             signed_request_object: { required: true, credentials: [{ id: "id" }] },
             compliance_level: "none",
             skip_non_verifiable_callback_uri_confirmation_prompt: true,
+            token_exchange: { allow_any_profile_of_type: ["custom_authentication"] },
             par_request_expiry: 1,
             token_quota: { client_credentials: { enforce: true, per_day: 1, per_hour: 1 } },
             express_configuration: {
@@ -1289,6 +1302,12 @@ describe("ClientsClient", () => {
                 infinite_token_lifetime: true,
                 idle_token_lifetime: 1,
                 infinite_idle_token_lifetime: true,
+                policies: [
+                    {
+                        audience: "audience",
+                        scope: ["scope"],
+                    },
+                ],
             },
             default_organization: {
                 organization_id: "organization_id",
@@ -1332,6 +1351,9 @@ describe("ClientsClient", () => {
             },
             compliance_level: "none",
             skip_non_verifiable_callback_uri_confirmation_prompt: true,
+            token_exchange: {
+                allow_any_profile_of_type: ["custom_authentication"],
+            },
             par_request_expiry: 1,
             token_quota: {
                 client_credentials: {
@@ -1640,6 +1662,7 @@ describe("ClientsClient", () => {
                 infinite_token_lifetime: true,
                 idle_token_lifetime: 1,
                 infinite_idle_token_lifetime: true,
+                policies: [{ audience: "audience", scope: ["scope"] }],
             },
             default_organization: { organization_id: "organization_id", flows: ["client_credentials"] },
             organization_usage: "deny",
@@ -1655,6 +1678,7 @@ describe("ClientsClient", () => {
             signed_request_object: { required: true, credentials: [{ id: "id" }] },
             compliance_level: "none",
             skip_non_verifiable_callback_uri_confirmation_prompt: true,
+            token_exchange: { allow_any_profile_of_type: ["custom_authentication"] },
             par_request_expiry: 1,
             token_quota: { client_credentials: { enforce: true, per_day: 1, per_hour: 1 } },
             express_configuration: {
@@ -1916,6 +1940,12 @@ describe("ClientsClient", () => {
                 infinite_token_lifetime: true,
                 idle_token_lifetime: 1,
                 infinite_idle_token_lifetime: true,
+                policies: [
+                    {
+                        audience: "audience",
+                        scope: ["scope"],
+                    },
+                ],
             },
             default_organization: {
                 organization_id: "organization_id",
@@ -1959,6 +1989,9 @@ describe("ClientsClient", () => {
             },
             compliance_level: "none",
             skip_non_verifiable_callback_uri_confirmation_prompt: true,
+            token_exchange: {
+                allow_any_profile_of_type: ["custom_authentication"],
+            },
             par_request_expiry: 1,
             token_quota: {
                 client_credentials: {
@@ -2244,6 +2277,7 @@ describe("ClientsClient", () => {
                 infinite_token_lifetime: true,
                 idle_token_lifetime: 1,
                 infinite_idle_token_lifetime: true,
+                policies: [{ audience: "audience", scope: ["scope"] }],
             },
             default_organization: { organization_id: "organization_id", flows: ["client_credentials"] },
             organization_usage: "deny",
@@ -2259,6 +2293,7 @@ describe("ClientsClient", () => {
             signed_request_object: { required: true, credentials: [{ id: "id" }] },
             compliance_level: "none",
             skip_non_verifiable_callback_uri_confirmation_prompt: true,
+            token_exchange: { allow_any_profile_of_type: ["custom_authentication"] },
             par_request_expiry: 1,
             token_quota: { client_credentials: { enforce: true, per_day: 1, per_hour: 1 } },
             express_configuration: {
@@ -2519,6 +2554,12 @@ describe("ClientsClient", () => {
                 infinite_token_lifetime: true,
                 idle_token_lifetime: 1,
                 infinite_idle_token_lifetime: true,
+                policies: [
+                    {
+                        audience: "audience",
+                        scope: ["scope"],
+                    },
+                ],
             },
             default_organization: {
                 organization_id: "organization_id",
@@ -2562,6 +2603,9 @@ describe("ClientsClient", () => {
             },
             compliance_level: "none",
             skip_non_verifiable_callback_uri_confirmation_prompt: true,
+            token_exchange: {
+                allow_any_profile_of_type: ["custom_authentication"],
+            },
             par_request_expiry: 1,
             token_quota: {
                 client_credentials: {
diff --git a/src/management/tests/wire/connections/directoryProvisioning.test.ts b/src/management/tests/wire/connections/directoryProvisioning.test.ts
new file mode 100644
index 000000000..65d741d99
--- /dev/null
+++ b/src/management/tests/wire/connections/directoryProvisioning.test.ts
@@ -0,0 +1,641 @@
+// This file was auto-generated by Fern from our API Definition.
+
+import { mockServerPool } from "../../mock-server/MockServerPool";
+import { ManagementClient } from "../../../Client";
+import * as Management from "../../../api/index";
+
+describe("DirectoryProvisioningClient", () => {
+    test("get (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = {
+            connection_id: "connection_id",
+            connection_name: "connection_name",
+            strategy: "strategy",
+            mapping: [{ auth0: "auth0", idp: "idp" }],
+            synchronize_automatically: true,
+            created_at: "2024-01-15T09:30:00Z",
+            updated_at: "2024-01-15T09:30:00Z",
+            last_synchronization_at: "2024-01-15T09:30:00Z",
+            last_synchronization_status: "last_synchronization_status",
+            last_synchronization_error: "last_synchronization_error",
+        };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        const response = await client.connections.directoryProvisioning.get("id");
+        expect(response).toEqual({
+            connection_id: "connection_id",
+            connection_name: "connection_name",
+            strategy: "strategy",
+            mapping: [
+                {
+                    auth0: "auth0",
+                    idp: "idp",
+                },
+            ],
+            synchronize_automatically: true,
+            created_at: "2024-01-15T09:30:00Z",
+            updated_at: "2024-01-15T09:30:00Z",
+            last_synchronization_at: "2024-01-15T09:30:00Z",
+            last_synchronization_status: "last_synchronization_status",
+            last_synchronization_error: "last_synchronization_error",
+        });
+    });
+
+    test("get (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.get("id");
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("get (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.get("id");
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("get (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.get("id");
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("get (5)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(404)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.get("id");
+        }).rejects.toThrow(Management.NotFoundError);
+    });
+
+    test("get (6)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(429)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.get("id");
+        }).rejects.toThrow(Management.TooManyRequestsError);
+    });
+
+    test("create (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = {
+            connection_id: "connection_id",
+            connection_name: "connection_name",
+            strategy: "strategy",
+            mapping: [{ auth0: "auth0", idp: "idp" }],
+            synchronize_automatically: true,
+            created_at: "2024-01-15T09:30:00Z",
+            updated_at: "2024-01-15T09:30:00Z",
+            last_synchronization_at: "2024-01-15T09:30:00Z",
+            last_synchronization_status: "last_synchronization_status",
+            last_synchronization_error: "last_synchronization_error",
+        };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        const response = await client.connections.directoryProvisioning.create("id");
+        expect(response).toEqual({
+            connection_id: "connection_id",
+            connection_name: "connection_name",
+            strategy: "strategy",
+            mapping: [
+                {
+                    auth0: "auth0",
+                    idp: "idp",
+                },
+            ],
+            synchronize_automatically: true,
+            created_at: "2024-01-15T09:30:00Z",
+            updated_at: "2024-01-15T09:30:00Z",
+            last_synchronization_at: "2024-01-15T09:30:00Z",
+            last_synchronization_status: "last_synchronization_status",
+            last_synchronization_error: "last_synchronization_error",
+        });
+    });
+
+    test("create (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.create("id", undefined);
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("create (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.create("id", undefined);
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("create (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.create("id", undefined);
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("create (5)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(404)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.create("id", undefined);
+        }).rejects.toThrow(Management.NotFoundError);
+    });
+
+    test("create (6)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(409)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.create("id", undefined);
+        }).rejects.toThrow(Management.ConflictError);
+    });
+
+    test("create (7)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(429)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.create("id", undefined);
+        }).rejects.toThrow(Management.TooManyRequestsError);
+    });
+
+    test("delete (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        server.mockEndpoint().delete("/connections/id/directory-provisioning").respondWith().statusCode(200).build();
+
+        const response = await client.connections.directoryProvisioning.delete("id");
+        expect(response).toEqual(undefined);
+    });
+
+    test("delete (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .delete("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.delete("id");
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("delete (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .delete("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.delete("id");
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("delete (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .delete("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.delete("id");
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("delete (5)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .delete("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(404)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.delete("id");
+        }).rejects.toThrow(Management.NotFoundError);
+    });
+
+    test("delete (6)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .delete("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(429)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.delete("id");
+        }).rejects.toThrow(Management.TooManyRequestsError);
+    });
+
+    test("update (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = {
+            connection_id: "connection_id",
+            connection_name: "connection_name",
+            strategy: "strategy",
+            mapping: [{ auth0: "auth0", idp: "idp" }],
+            synchronize_automatically: true,
+            created_at: "2024-01-15T09:30:00Z",
+            updated_at: "2024-01-15T09:30:00Z",
+            last_synchronization_at: "2024-01-15T09:30:00Z",
+            last_synchronization_status: "last_synchronization_status",
+            last_synchronization_error: "last_synchronization_error",
+        };
+        server
+            .mockEndpoint()
+            .patch("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        const response = await client.connections.directoryProvisioning.update("id");
+        expect(response).toEqual({
+            connection_id: "connection_id",
+            connection_name: "connection_name",
+            strategy: "strategy",
+            mapping: [
+                {
+                    auth0: "auth0",
+                    idp: "idp",
+                },
+            ],
+            synchronize_automatically: true,
+            created_at: "2024-01-15T09:30:00Z",
+            updated_at: "2024-01-15T09:30:00Z",
+            last_synchronization_at: "2024-01-15T09:30:00Z",
+            last_synchronization_status: "last_synchronization_status",
+            last_synchronization_error: "last_synchronization_error",
+        });
+    });
+
+    test("update (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.update("id", undefined);
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("update (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.update("id", undefined);
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("update (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.update("id", undefined);
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("update (5)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(404)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.update("id", undefined);
+        }).rejects.toThrow(Management.NotFoundError);
+    });
+
+    test("update (6)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/connections/id/directory-provisioning")
+            .respondWith()
+            .statusCode(429)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.update("id", undefined);
+        }).rejects.toThrow(Management.TooManyRequestsError);
+    });
+
+    test("getDefaultMapping (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { mapping: [{ auth0: "auth0", idp: "idp" }] };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning/default-mapping")
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        const response = await client.connections.directoryProvisioning.getDefaultMapping("id");
+        expect(response).toEqual({
+            mapping: [
+                {
+                    auth0: "auth0",
+                    idp: "idp",
+                },
+            ],
+        });
+    });
+
+    test("getDefaultMapping (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning/default-mapping")
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.getDefaultMapping("id");
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("getDefaultMapping (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning/default-mapping")
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.getDefaultMapping("id");
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("getDefaultMapping (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning/default-mapping")
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.getDefaultMapping("id");
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("getDefaultMapping (5)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning/default-mapping")
+            .respondWith()
+            .statusCode(404)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.getDefaultMapping("id");
+        }).rejects.toThrow(Management.NotFoundError);
+    });
+
+    test("getDefaultMapping (6)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .get("/connections/id/directory-provisioning/default-mapping")
+            .respondWith()
+            .statusCode(429)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.getDefaultMapping("id");
+        }).rejects.toThrow(Management.TooManyRequestsError);
+    });
+});
diff --git a/src/management/tests/wire/connections/directoryProvisioning/synchronizations.test.ts b/src/management/tests/wire/connections/directoryProvisioning/synchronizations.test.ts
new file mode 100644
index 000000000..29a17e46c
--- /dev/null
+++ b/src/management/tests/wire/connections/directoryProvisioning/synchronizations.test.ts
@@ -0,0 +1,140 @@
+// This file was auto-generated by Fern from our API Definition.
+
+import { mockServerPool } from "../../../mock-server/MockServerPool";
+import { ManagementClient } from "../../../../Client";
+import * as Management from "../../../../api/index";
+
+describe("SynchronizationsClient", () => {
+    test("create (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = {
+            connection_id: "connection_id",
+            synchronization_id: "synchronization_id",
+            status: "status",
+        };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning/synchronizations")
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        const response = await client.connections.directoryProvisioning.synchronizations.create("id");
+        expect(response).toEqual({
+            connection_id: "connection_id",
+            synchronization_id: "synchronization_id",
+            status: "status",
+        });
+    });
+
+    test("create (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning/synchronizations")
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.synchronizations.create("id");
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("create (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning/synchronizations")
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.synchronizations.create("id");
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("create (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning/synchronizations")
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.synchronizations.create("id");
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("create (5)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning/synchronizations")
+            .respondWith()
+            .statusCode(404)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.synchronizations.create("id");
+        }).rejects.toThrow(Management.NotFoundError);
+    });
+
+    test("create (6)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning/synchronizations")
+            .respondWith()
+            .statusCode(409)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.synchronizations.create("id");
+        }).rejects.toThrow(Management.ConflictError);
+    });
+
+    test("create (7)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .post("/connections/id/directory-provisioning/synchronizations")
+            .respondWith()
+            .statusCode(429)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.connections.directoryProvisioning.synchronizations.create("id");
+        }).rejects.toThrow(Management.TooManyRequestsError);
+    });
+});
diff --git a/src/management/tests/wire/customDomains.test.ts b/src/management/tests/wire/customDomains.test.ts
index ad5ccc2dd..5f4a0b890 100644
--- a/src/management/tests/wire/customDomains.test.ts
+++ b/src/management/tests/wire/customDomains.test.ts
@@ -9,62 +9,57 @@ describe("CustomDomainsClient", () => {
         const server = mockServerPool.createServer();
         const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
 
-        const rawResponseBody = [
-            {
-                custom_domain_id: "custom_domain_id",
-                domain: "domain",
-                primary: true,
-                status: "pending_verification",
-                type: "auth0_managed_certs",
-                origin_domain_name: "origin_domain_name",
-                verification: {
-                    methods: [{ name: "cname", record: "record" }],
-                    status: "verified",
-                    error_msg: "error_msg",
-                    last_verified_at: "last_verified_at",
-                },
-                custom_client_ip_header: "custom_client_ip_header",
-                tls_policy: "tls_policy",
-                certificate: {
-                    status: "provisioning",
-                    error_msg: "error_msg",
-                    certificate_authority: "letsencrypt",
-                    renews_before: "renews_before",
+        const rawResponseBody = {
+            custom_domains: [
+                {
+                    custom_domain_id: "custom_domain_id",
+                    domain: "domain",
+                    primary: true,
+                    status: "pending_verification",
+                    type: "auth0_managed_certs",
+                    origin_domain_name: "origin_domain_name",
+                    custom_client_ip_header: "custom_client_ip_header",
+                    tls_policy: "tls_policy",
                 },
-            },
-        ];
-        server.mockEndpoint().get("/custom-domains").respondWith().statusCode(200).jsonBody(rawResponseBody).build();
+            ],
+            next: "next",
+        };
+        server
+            .mockEndpoint({ once: false })
+            .get("/custom-domains")
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
 
-        const response = await client.customDomains.list();
-        expect(response).toEqual([
-            {
-                custom_domain_id: "custom_domain_id",
-                domain: "domain",
-                primary: true,
-                status: "pending_verification",
-                type: "auth0_managed_certs",
-                origin_domain_name: "origin_domain_name",
-                verification: {
-                    methods: [
-                        {
-                            name: "cname",
-                            record: "record",
-                        },
-                    ],
-                    status: "verified",
-                    error_msg: "error_msg",
-                    last_verified_at: "last_verified_at",
+        const expected = {
+            custom_domains: [
+                {
+                    custom_domain_id: "custom_domain_id",
+                    domain: "domain",
+                    primary: true,
+                    status: "pending_verification",
+                    type: "auth0_managed_certs",
+                    origin_domain_name: "origin_domain_name",
+                    custom_client_ip_header: "custom_client_ip_header",
+                    tls_policy: "tls_policy",
                 },
-                custom_client_ip_header: "custom_client_ip_header",
-                tls_policy: "tls_policy",
-                certificate: {
-                    status: "provisioning",
-                    error_msg: "error_msg",
-                    certificate_authority: "letsencrypt",
-                    renews_before: "renews_before",
-                },
-            },
-        ]);
+            ],
+            next: "next",
+        };
+        const page = await client.customDomains.list({
+            take: 1,
+            from: "from",
+            q: "q",
+            fields: "fields",
+            include_fields: true,
+            sort: "sort",
+        });
+
+        expect(expected.custom_domains).toEqual(page.data);
+        expect(page.hasNextPage()).toBe(true);
+        const nextPage = await page.getNextPage();
+        expect(expected.custom_domains).toEqual(nextPage.data);
     });
 
     test("list (2)", async () => {
@@ -72,7 +67,13 @@ describe("CustomDomainsClient", () => {
         const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
 
         const rawResponseBody = { key: "value" };
-        server.mockEndpoint().get("/custom-domains").respondWith().statusCode(401).jsonBody(rawResponseBody).build();
+        server
+            .mockEndpoint({ once: false })
+            .get("/custom-domains")
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
 
         await expect(async () => {
             return await client.customDomains.list();
@@ -84,7 +85,13 @@ describe("CustomDomainsClient", () => {
         const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
 
         const rawResponseBody = { key: "value" };
-        server.mockEndpoint().get("/custom-domains").respondWith().statusCode(403).jsonBody(rawResponseBody).build();
+        server
+            .mockEndpoint({ once: false })
+            .get("/custom-domains")
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
 
         await expect(async () => {
             return await client.customDomains.list();
@@ -96,7 +103,13 @@ describe("CustomDomainsClient", () => {
         const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
 
         const rawResponseBody = { key: "value" };
-        server.mockEndpoint().get("/custom-domains").respondWith().statusCode(429).jsonBody(rawResponseBody).build();
+        server
+            .mockEndpoint({ once: false })
+            .get("/custom-domains")
+            .respondWith()
+            .statusCode(429)
+            .jsonBody(rawResponseBody)
+            .build();
 
         await expect(async () => {
             return await client.customDomains.list();
@@ -121,6 +134,7 @@ describe("CustomDomainsClient", () => {
             },
             custom_client_ip_header: "custom_client_ip_header",
             tls_policy: "tls_policy",
+            domain_metadata: { key: "value" },
             certificate: {
                 status: "provisioning",
                 error_msg: "error_msg",
@@ -160,6 +174,9 @@ describe("CustomDomainsClient", () => {
             },
             custom_client_ip_header: "custom_client_ip_header",
             tls_policy: "tls_policy",
+            domain_metadata: {
+                key: "value",
+            },
             certificate: {
                 status: "provisioning",
                 error_msg: "error_msg",
@@ -298,6 +315,7 @@ describe("CustomDomainsClient", () => {
             },
             custom_client_ip_header: "custom_client_ip_header",
             tls_policy: "tls_policy",
+            domain_metadata: { key: "value" },
             certificate: {
                 status: "provisioning",
                 error_msg: "error_msg",
@@ -328,6 +346,9 @@ describe("CustomDomainsClient", () => {
             },
             custom_client_ip_header: "custom_client_ip_header",
             tls_policy: "tls_policy",
+            domain_metadata: {
+                key: "value",
+            },
             certificate: {
                 status: "provisioning",
                 error_msg: "error_msg",
@@ -497,6 +518,7 @@ describe("CustomDomainsClient", () => {
             },
             custom_client_ip_header: "custom_client_ip_header",
             tls_policy: "tls_policy",
+            domain_metadata: { key: "value" },
             certificate: {
                 status: "provisioning",
                 error_msg: "error_msg",
@@ -533,6 +555,9 @@ describe("CustomDomainsClient", () => {
             },
             custom_client_ip_header: "custom_client_ip_header",
             tls_policy: "tls_policy",
+            domain_metadata: {
+                key: "value",
+            },
             certificate: {
                 status: "provisioning",
                 error_msg: "error_msg",
@@ -748,6 +773,7 @@ describe("CustomDomainsClient", () => {
             },
             custom_client_ip_header: "custom_client_ip_header",
             tls_policy: "tls_policy",
+            domain_metadata: { key: "value" },
             certificate: {
                 status: "provisioning",
                 error_msg: "error_msg",
@@ -785,6 +811,9 @@ describe("CustomDomainsClient", () => {
             },
             custom_client_ip_header: "custom_client_ip_header",
             tls_policy: "tls_policy",
+            domain_metadata: {
+                key: "value",
+            },
             certificate: {
                 status: "provisioning",
                 error_msg: "error_msg",
diff --git a/src/management/tests/wire/guardian/factors/pushNotification.test.ts b/src/management/tests/wire/guardian/factors/pushNotification.test.ts
index 2589cf3fd..900328e34 100644
--- a/src/management/tests/wire/guardian/factors/pushNotification.test.ts
+++ b/src/management/tests/wire/guardian/factors/pushNotification.test.ts
@@ -87,14 +87,14 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { sandbox: true, bundle_id: "bundle_id" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/apns")
+            .put("/guardian/factors/push-notification/providers/apns")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(200)
             .jsonBody(rawResponseBody)
             .build();
 
-        const response = await client.guardian.factors.pushNotification.setApnsProvider({});
+        const response = await client.guardian.factors.pushNotification.setApnsProvider();
         expect(response).toEqual({
             sandbox: true,
             bundle_id: "bundle_id",
@@ -108,7 +108,7 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { key: "value" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/apns")
+            .put("/guardian/factors/push-notification/providers/apns")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(400)
@@ -116,7 +116,7 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setApnsProvider({});
+            return await client.guardian.factors.pushNotification.setApnsProvider();
         }).rejects.toThrow(Management.BadRequestError);
     });
 
@@ -127,7 +127,7 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { key: "value" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/apns")
+            .put("/guardian/factors/push-notification/providers/apns")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(401)
@@ -135,11 +135,89 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setApnsProvider({});
+            return await client.guardian.factors.pushNotification.setApnsProvider();
         }).rejects.toThrow(Management.UnauthorizedError);
     });
 
     test("setApnsProvider (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .put("/guardian/factors/push-notification/providers/apns")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.setApnsProvider();
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("updateApnsProvider (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { sandbox: true, bundle_id: "bundle_id" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/apns")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        const response = await client.guardian.factors.pushNotification.updateApnsProvider();
+        expect(response).toEqual({
+            sandbox: true,
+            bundle_id: "bundle_id",
+        });
+    });
+
+    test("updateApnsProvider (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/apns")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.updateApnsProvider();
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("updateApnsProvider (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/apns")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.updateApnsProvider();
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("updateApnsProvider (4)", async () => {
         const server = mockServerPool.createServer();
         const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
         const rawRequestBody = {};
@@ -154,7 +232,7 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setApnsProvider({});
+            return await client.guardian.factors.pushNotification.updateApnsProvider();
         }).rejects.toThrow(Management.ForbiddenError);
     });
 
@@ -165,14 +243,14 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { key: "value" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/fcm")
+            .put("/guardian/factors/push-notification/providers/fcm")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(200)
             .jsonBody(rawResponseBody)
             .build();
 
-        const response = await client.guardian.factors.pushNotification.setFcmProvider({});
+        const response = await client.guardian.factors.pushNotification.setFcmProvider();
         expect(response).toEqual({
             key: "value",
         });
@@ -185,7 +263,7 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { key: "value" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/fcm")
+            .put("/guardian/factors/push-notification/providers/fcm")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(400)
@@ -193,7 +271,7 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setFcmProvider({});
+            return await client.guardian.factors.pushNotification.setFcmProvider();
         }).rejects.toThrow(Management.BadRequestError);
     });
 
@@ -204,7 +282,7 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { key: "value" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/fcm")
+            .put("/guardian/factors/push-notification/providers/fcm")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(401)
@@ -212,11 +290,88 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setFcmProvider({});
+            return await client.guardian.factors.pushNotification.setFcmProvider();
         }).rejects.toThrow(Management.UnauthorizedError);
     });
 
     test("setFcmProvider (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .put("/guardian/factors/push-notification/providers/fcm")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.setFcmProvider();
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("updateFcmProvider (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/fcm")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        const response = await client.guardian.factors.pushNotification.updateFcmProvider();
+        expect(response).toEqual({
+            key: "value",
+        });
+    });
+
+    test("updateFcmProvider (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/fcm")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.updateFcmProvider();
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("updateFcmProvider (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/fcm")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.updateFcmProvider();
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("updateFcmProvider (4)", async () => {
         const server = mockServerPool.createServer();
         const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
         const rawRequestBody = {};
@@ -231,7 +386,7 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setFcmProvider({});
+            return await client.guardian.factors.pushNotification.updateFcmProvider();
         }).rejects.toThrow(Management.ForbiddenError);
     });
 
@@ -242,14 +397,14 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { key: "value" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/fcmv1")
+            .put("/guardian/factors/push-notification/providers/fcmv1")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(200)
             .jsonBody(rawResponseBody)
             .build();
 
-        const response = await client.guardian.factors.pushNotification.setFcmv1Provider({});
+        const response = await client.guardian.factors.pushNotification.setFcmv1Provider();
         expect(response).toEqual({
             key: "value",
         });
@@ -262,7 +417,7 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { key: "value" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/fcmv1")
+            .put("/guardian/factors/push-notification/providers/fcmv1")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(400)
@@ -270,7 +425,7 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setFcmv1Provider({});
+            return await client.guardian.factors.pushNotification.setFcmv1Provider();
         }).rejects.toThrow(Management.BadRequestError);
     });
 
@@ -281,7 +436,7 @@ describe("PushNotificationClient", () => {
         const rawResponseBody = { key: "value" };
         server
             .mockEndpoint()
-            .patch("/guardian/factors/push-notification/providers/fcmv1")
+            .put("/guardian/factors/push-notification/providers/fcmv1")
             .jsonBody(rawRequestBody)
             .respondWith()
             .statusCode(401)
@@ -289,11 +444,88 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setFcmv1Provider({});
+            return await client.guardian.factors.pushNotification.setFcmv1Provider();
         }).rejects.toThrow(Management.UnauthorizedError);
     });
 
     test("setFcmv1Provider (4)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .put("/guardian/factors/push-notification/providers/fcmv1")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(403)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.setFcmv1Provider();
+        }).rejects.toThrow(Management.ForbiddenError);
+    });
+
+    test("updateFcmv1Provider (1)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/fcmv1")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(200)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        const response = await client.guardian.factors.pushNotification.updateFcmv1Provider();
+        expect(response).toEqual({
+            key: "value",
+        });
+    });
+
+    test("updateFcmv1Provider (2)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/fcmv1")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(400)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.updateFcmv1Provider();
+        }).rejects.toThrow(Management.BadRequestError);
+    });
+
+    test("updateFcmv1Provider (3)", async () => {
+        const server = mockServerPool.createServer();
+        const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
+        const rawRequestBody = {};
+        const rawResponseBody = { key: "value" };
+        server
+            .mockEndpoint()
+            .patch("/guardian/factors/push-notification/providers/fcmv1")
+            .jsonBody(rawRequestBody)
+            .respondWith()
+            .statusCode(401)
+            .jsonBody(rawResponseBody)
+            .build();
+
+        await expect(async () => {
+            return await client.guardian.factors.pushNotification.updateFcmv1Provider();
+        }).rejects.toThrow(Management.UnauthorizedError);
+    });
+
+    test("updateFcmv1Provider (4)", async () => {
         const server = mockServerPool.createServer();
         const client = new ManagementClient({ maxRetries: 0, token: "test", environment: server.baseUrl });
         const rawRequestBody = {};
@@ -308,7 +540,7 @@ describe("PushNotificationClient", () => {
             .build();
 
         await expect(async () => {
-            return await client.guardian.factors.pushNotification.setFcmv1Provider({});
+            return await client.guardian.factors.pushNotification.updateFcmv1Provider();
         }).rejects.toThrow(Management.ForbiddenError);
     });
 
diff --git a/src/management/tests/wire/organizations/discoveryDomains.test.ts b/src/management/tests/wire/organizations/discoveryDomains.test.ts
index 94ab56d7d..411379024 100644
--- a/src/management/tests/wire/organizations/discoveryDomains.test.ts
+++ b/src/management/tests/wire/organizations/discoveryDomains.test.ts
@@ -16,6 +16,7 @@ describe("DiscoveryDomainsClient", () => {
                     id: "id",
                     domain: "domain",
                     status: "pending",
+                    use_for_organization_discovery: true,
                     verification_txt: "verification_txt",
                     verification_host: "verification_host",
                 },
@@ -36,6 +37,7 @@ describe("DiscoveryDomainsClient", () => {
                     id: "id",
                     domain: "domain",
                     status: "pending",
+                    use_for_organization_discovery: true,
                     verification_txt: "verification_txt",
                     verification_host: "verification_host",
                 },
@@ -150,6 +152,7 @@ describe("DiscoveryDomainsClient", () => {
             id: "id",
             domain: "domain",
             status: "pending",
+            use_for_organization_discovery: true,
             verification_txt: "verification_txt",
             verification_host: "verification_host",
         };
@@ -169,6 +172,7 @@ describe("DiscoveryDomainsClient", () => {
             id: "id",
             domain: "domain",
             status: "pending",
+            use_for_organization_discovery: true,
             verification_txt: "verification_txt",
             verification_host: "verification_host",
         });
@@ -308,6 +312,7 @@ describe("DiscoveryDomainsClient", () => {
             id: "id",
             domain: "domain",
             status: "pending",
+            use_for_organization_discovery: true,
             verification_txt: "verification_txt",
             verification_host: "verification_host",
         };
@@ -324,6 +329,7 @@ describe("DiscoveryDomainsClient", () => {
             id: "id",
             domain: "domain",
             status: "pending",
+            use_for_organization_discovery: true,
             verification_txt: "verification_txt",
             verification_host: "verification_host",
         });
@@ -514,6 +520,7 @@ describe("DiscoveryDomainsClient", () => {
             id: "id",
             domain: "domain",
             status: "pending",
+            use_for_organization_discovery: true,
             verification_txt: "verification_txt",
             verification_host: "verification_host",
         };
@@ -531,6 +538,7 @@ describe("DiscoveryDomainsClient", () => {
             id: "id",
             domain: "domain",
             status: "pending",
+            use_for_organization_discovery: true,
             verification_txt: "verification_txt",
             verification_host: "verification_host",
         });
diff --git a/src/management/tests/wire/prompts/rendering.test.ts b/src/management/tests/wire/prompts/rendering.test.ts
index aedcbae0d..17710ed33 100644
--- a/src/management/tests/wire/prompts/rendering.test.ts
+++ b/src/management/tests/wire/prompts/rendering.test.ts
@@ -15,8 +15,8 @@ describe("RenderingClient", () => {
                     rendering_mode: "advanced",
                     context_configuration: ["context_configuration"],
                     default_head_tags_disabled: true,
-                    head_tags: [{}],
                     use_page_template: true,
+                    head_tags: [{}],
                 },
             ],
             start: 1.1,
@@ -37,8 +37,8 @@ describe("RenderingClient", () => {
                     rendering_mode: "advanced",
                     context_configuration: ["context_configuration"],
                     default_head_tags_disabled: true,
-                    head_tags: [{}],
                     use_page_template: true,
+                    head_tags: [{}],
                 },
             ],
             start: 1.1,
@@ -162,10 +162,10 @@ describe("RenderingClient", () => {
                     prompt: "login",
                     screen: "login",
                     rendering_mode: "advanced",
-                    context_configuration: ["context_configuration"],
+                    context_configuration: ["branding.settings"],
                     default_head_tags_disabled: true,
-                    head_tags: [{}],
                     use_page_template: true,
+                    head_tags: [{}],
                 },
             ],
         };
@@ -192,10 +192,10 @@ describe("RenderingClient", () => {
                     prompt: "login",
                     screen: "login",
                     rendering_mode: "advanced",
-                    context_configuration: ["context_configuration"],
+                    context_configuration: ["branding.settings"],
                     default_head_tags_disabled: true,
-                    head_tags: [{}],
                     use_page_template: true,
+                    head_tags: [{}],
                 },
             ],
         });
@@ -387,14 +387,14 @@ describe("RenderingClient", () => {
             rendering_mode: "advanced",
             context_configuration: ["context_configuration"],
             default_head_tags_disabled: true,
-            head_tags: [{ tag: "tag", content: "content" }],
+            use_page_template: true,
+            head_tags: [{ tag: "tag", attributes: { key: "value" }, content: "content" }],
             filters: {
                 match_type: "includes_any",
                 clients: [{ id: "id" }],
                 organizations: [{ id: "id" }],
                 domains: [{ id: "id" }],
             },
-            use_page_template: true,
         };
         server
             .mockEndpoint()
@@ -412,9 +412,13 @@ describe("RenderingClient", () => {
             rendering_mode: "advanced",
             context_configuration: ["context_configuration"],
             default_head_tags_disabled: true,
+            use_page_template: true,
             head_tags: [
                 {
                     tag: "tag",
+                    attributes: {
+                        key: "value",
+                    },
                     content: "content",
                 },
             ],
@@ -436,7 +440,6 @@ describe("RenderingClient", () => {
                     },
                 ],
             },
-            use_page_template: true,
         });
     });
 
@@ -556,14 +559,14 @@ describe("RenderingClient", () => {
             rendering_mode: "advanced",
             context_configuration: ["context_configuration"],
             default_head_tags_disabled: true,
-            head_tags: [{ tag: "tag", content: "content" }],
+            use_page_template: true,
+            head_tags: [{ tag: "tag", attributes: { key: "value" }, content: "content" }],
             filters: {
                 match_type: "includes_any",
                 clients: [{ id: "id" }],
                 organizations: [{ id: "id" }],
                 domains: [{ id: "id" }],
             },
-            use_page_template: true,
         };
         server
             .mockEndpoint()
@@ -579,9 +582,13 @@ describe("RenderingClient", () => {
             rendering_mode: "advanced",
             context_configuration: ["context_configuration"],
             default_head_tags_disabled: true,
+            use_page_template: true,
             head_tags: [
                 {
                     tag: "tag",
+                    attributes: {
+                        key: "value",
+                    },
                     content: "content",
                 },
             ],
@@ -603,7 +610,6 @@ describe("RenderingClient", () => {
                     },
                 ],
             },
-            use_page_template: true,
         });
     });