Merge origin/main into feature/fleetdm

Resolve OpenAPI spec conflict by keeping both FleetDM schemas and new IntegrationSyncFilters/IntegrationEnabled schemas. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-05-15 13:19:56 +00:00 · 2026-03-31 12:26:24 +02:00
parent 8191694774 a62d472bc4
commit d90992250d
183 changed files with 57744 additions and 2162 deletions
--- a/shared/management/http/api/openapi.yml
+++ b/shared/management/http/api/openapi.yml
--- a/shared/management/http/api/types.gen.go
+++ b/shared/management/http/api/types.gen.go
@@ -9,6 +9,7 @@ import (
 	"time"

 	"github.com/oapi-codegen/runtime"
+	openapi_types "github.com/oapi-codegen/runtime/types"
 )

 const (
@@ -16,6 +17,24 @@ const (
 	TokenAuthScopes  = "TokenAuth.Scopes"
 )

+// Defines values for CreateAzureIntegrationRequestHost.
+const (
+	CreateAzureIntegrationRequestHostMicrosoftCom CreateAzureIntegrationRequestHost = "microsoft.com"
+	CreateAzureIntegrationRequestHostMicrosoftUs  CreateAzureIntegrationRequestHost = "microsoft.us"
+)
+
+// Valid indicates whether the value is a known member of the CreateAzureIntegrationRequestHost enum.
+func (e CreateAzureIntegrationRequestHost) Valid() bool {
+	switch e {
+	case CreateAzureIntegrationRequestHostMicrosoftCom:
+		return true
+	case CreateAzureIntegrationRequestHostMicrosoftUs:
+		return true
+	default:
+		return false
+	}
+}
+
 // Defines values for CreateIntegrationRequestPlatform.
 const (
 	CreateIntegrationRequestPlatformDatadog     CreateIntegrationRequestPlatform = "datadog"
@@ -664,6 +683,24 @@ func (e NetworkResourceType) Valid() bool {
 	}
 }

+// Defines values for NotificationChannelType.
+const (
+	NotificationChannelTypeEmail   NotificationChannelType = "email"
+	NotificationChannelTypeWebhook NotificationChannelType = "webhook"
+)
+
+// Valid indicates whether the value is a known member of the NotificationChannelType enum.
+func (e NotificationChannelType) Valid() bool {
+	switch e {
+	case NotificationChannelTypeEmail:
+		return true
+	case NotificationChannelTypeWebhook:
+		return true
+	default:
+		return false
+	}
+}
+
 // Defines values for PeerNetworkRangeCheckAction.
 const (
 	PeerNetworkRangeCheckActionAllow PeerNetworkRangeCheckAction = "allow"
@@ -1276,6 +1313,21 @@ func (e PutApiIntegrationsMspTenantsIdInviteJSONBodyValue) Valid() bool {
 	}
 }

+// AccessRestrictions Connection-level access restrictions based on IP address or geography. Applies to both HTTP and L4 services.
+type AccessRestrictions struct {
+	// AllowedCidrs CIDR allowlist. If non-empty, only IPs matching these CIDRs are allowed.
+	AllowedCidrs *[]string `json:"allowed_cidrs,omitempty"`
+
+	// AllowedCountries ISO 3166-1 alpha-2 country codes to allow. If non-empty, only these countries are permitted.
+	AllowedCountries *[]string `json:"allowed_countries,omitempty"`
+
+	// BlockedCidrs CIDR blocklist. Connections from these CIDRs are rejected. Evaluated after allowed_cidrs.
+	BlockedCidrs *[]string `json:"blocked_cidrs,omitempty"`
+
+	// BlockedCountries ISO 3166-1 alpha-2 country codes to block.
+	BlockedCountries *[]string `json:"blocked_countries,omitempty"`
+}
+
 // AccessiblePeer defines model for AccessiblePeer.
 type AccessiblePeer struct {
 	// CityName Commonly used English name of the city
@@ -1435,6 +1487,36 @@ type AvailablePorts struct {
 	Udp int `json:"udp"`
 }

+// AzureIntegration defines model for AzureIntegration.
+type AzureIntegration struct {
+	// ClientId Azure AD application (client) ID
+	ClientId string `json:"client_id"`
+
+	// Enabled Whether the integration is enabled
+	Enabled bool `json:"enabled"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes []string `json:"group_prefixes"`
+
+	// Host Azure host domain for the Graph API
+	Host string `json:"host"`
+
+	// Id The unique identifier for the integration
+	Id int64 `json:"id"`
+
+	// LastSyncedAt Timestamp of the last synchronization
+	LastSyncedAt time.Time `json:"last_synced_at"`
+
+	// SyncInterval Sync interval in seconds
+	SyncInterval int `json:"sync_interval"`
+
+	// TenantId Azure AD tenant ID
+	TenantId string `json:"tenant_id"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes []string `json:"user_group_prefixes"`
+}
+
 // BearerAuthConfig defines model for BearerAuthConfig.
 type BearerAuthConfig struct {
 	// DistributionGroups List of group IDs that can use bearer auth
@@ -1542,6 +1624,51 @@ type Country struct {
 // CountryCode 2-letter ISO 3166-1 alpha-2 code that represents the country
 type CountryCode = string

+// CreateAzureIntegrationRequest defines model for CreateAzureIntegrationRequest.
+type CreateAzureIntegrationRequest struct {
+	// ClientId Azure AD application (client) ID
+	ClientId string `json:"client_id"`
+
+	// ClientSecret Base64-encoded Azure AD client secret
+	ClientSecret string `json:"client_secret"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`
+
+	// Host Azure host domain for the Graph API
+	Host CreateAzureIntegrationRequestHost `json:"host"`
+
+	// SyncInterval Sync interval in seconds (minimum 300). Defaults to 300 if not specified.
+	SyncInterval *int `json:"sync_interval,omitempty"`
+
+	// TenantId Azure AD tenant ID
+	TenantId string `json:"tenant_id"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes *[]string `json:"user_group_prefixes,omitempty"`
+}
+
+// CreateAzureIntegrationRequestHost Azure host domain for the Graph API
+type CreateAzureIntegrationRequestHost string
+
+// CreateGoogleIntegrationRequest defines model for CreateGoogleIntegrationRequest.
+type CreateGoogleIntegrationRequest struct {
+	// CustomerId Customer ID from Google Workspace Account Settings
+	CustomerId string `json:"customer_id"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`
+
+	// ServiceAccountKey Base64-encoded Google service account key
+	ServiceAccountKey string `json:"service_account_key"`
+
+	// SyncInterval Sync interval in seconds (minimum 300). Defaults to 300 if not specified.
+	SyncInterval *int `json:"sync_interval,omitempty"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes *[]string `json:"user_group_prefixes,omitempty"`
+}
+
 // CreateIntegrationRequest Request payload for creating a new event streaming integration. Also used as the structure for the PUT request body, but not all fields are applicable for updates (see PUT operation description).
 type CreateIntegrationRequest struct {
 	// Config Platform-specific configuration as key-value pairs. For creation, all necessary credentials and settings must be provided. For updates, provide the fields to change or the entire new configuration.
@@ -1557,7 +1684,19 @@ type CreateIntegrationRequest struct {
 // CreateIntegrationRequestPlatform The event streaming platform to integrate with (e.g., "datadog", "s3", "firehose"). This field is used for creation. For updates (PUT), this field, if sent, is ignored by the backend.
 type CreateIntegrationRequestPlatform string

-// CreateScimIntegrationRequest Request payload for creating an SCIM IDP integration
+// CreateOktaScimIntegrationRequest defines model for CreateOktaScimIntegrationRequest.
+type CreateOktaScimIntegrationRequest struct {
+	// ConnectionName The Okta enterprise connection name on Auth0
+	ConnectionName string `json:"connection_name"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes *[]string `json:"user_group_prefixes,omitempty"`
+}
+
+// CreateScimIntegrationRequest defines model for CreateScimIntegrationRequest.
 type CreateScimIntegrationRequest struct {
 	// GroupPrefixes List of start_with string patterns for groups to sync
 	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`
@@ -1935,6 +2074,12 @@ type EDRSentinelOneResponse struct {
 	UpdatedAt time.Time `json:"updated_at"`
 }

+// EmailTarget Target configuration for email notification channels.
+type EmailTarget struct {
+	// Emails List of email addresses to send notifications to.
+	Emails []openapi_types.Email `json:"emails"`
+}
+
 // ErrorResponse Standard error response. Note: The exact structure of this error response is inferred from `util.WriteErrorResponse` and `util.WriteError` usage in the provided Go code, as a specific Go struct for errors was not provided.
 type ErrorResponse struct {
 	// Message A human-readable error message.
@@ -2007,6 +2152,30 @@ type GeoLocationCheckAction string
 // GetTenantsResponse defines model for GetTenantsResponse.
 type GetTenantsResponse = []TenantResponse

+// GoogleIntegration defines model for GoogleIntegration.
+type GoogleIntegration struct {
+	// CustomerId Customer ID from Google Workspace
+	CustomerId string `json:"customer_id"`
+
+	// Enabled Whether the integration is enabled
+	Enabled bool `json:"enabled"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes []string `json:"group_prefixes"`
+
+	// Id The unique identifier for the integration
+	Id int64 `json:"id"`
+
+	// LastSyncedAt Timestamp of the last synchronization
+	LastSyncedAt time.Time `json:"last_synced_at"`
+
+	// SyncInterval Sync interval in seconds
+	SyncInterval int `json:"sync_interval"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes []string `json:"user_group_prefixes"`
+}
+
 // Group defines model for Group.
 type Group struct {
 	// Id Group ID
@@ -2063,6 +2232,18 @@ type GroupRequest struct {
 	Resources *[]Resource `json:"resources,omitempty"`
 }

+// HeaderAuthConfig Static header-value authentication. The proxy checks that the named header matches the configured value.
+type HeaderAuthConfig struct {
+	// Enabled Whether header auth is enabled
+	Enabled bool `json:"enabled"`
+
+	// Header HTTP header name to check (e.g. "Authorization", "X-API-Key")
+	Header string `json:"header"`
+
+	// Value Expected header value. For Basic auth use "Basic base64(user:pass)". For Bearer use "Bearer token". Cleared in responses.
+	Value string `json:"value"`
+}
+
 // HuntressMatchAttributes Attribute conditions to match when approving agents
 type HuntressMatchAttributes struct {
 	// DefenderPolicyStatus Policy status of Defender AV for Managed Antivirus.
@@ -2286,6 +2467,12 @@ type InstanceVersionInfo struct {
 	ManagementUpdateAvailable bool `json:"management_update_available"`
 }

+// IntegrationEnabled defines model for IntegrationEnabled.
+type IntegrationEnabled struct {
+	// Enabled Whether the integration is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+}
+
 // IntegrationResponse Represents an event streaming integration.
 type IntegrationResponse struct {
 	// AccountId The identifier of the account this integration belongs to.
@@ -2313,6 +2500,15 @@ type IntegrationResponse struct {
 // IntegrationResponsePlatform The event streaming platform.
 type IntegrationResponsePlatform string

+// IntegrationSyncFilters defines model for IntegrationSyncFilters.
+type IntegrationSyncFilters struct {
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes *[]string `json:"user_group_prefixes,omitempty"`
+}
+
 // InvoicePDFResponse defines model for InvoicePDFResponse.
 type InvoicePDFResponse struct {
 	// Url URL to redirect the user to invoice.
@@ -2714,6 +2910,67 @@ type NetworkTrafficUser struct {
 	Name string `json:"name"`
 }

+// NotificationChannelRequest Request body for creating or updating a notification channel.
+type NotificationChannelRequest struct {
+	// Enabled Whether this notification channel is active.
+	Enabled bool `json:"enabled"`
+
+	// EventTypes List of activity event type codes this channel subscribes to.
+	EventTypes []NotificationEventType `json:"event_types"`
+
+	// Target Channel-specific target configuration. The shape depends on the `type` field:
+	// - `email`: requires an `EmailTarget` object
+	// - `webhook`: requires a `WebhookTarget` object
+	Target *NotificationChannelRequest_Target `json:"target,omitempty"`
+
+	// Type The type of notification channel.
+	Type NotificationChannelType `json:"type"`
+}
+
+// NotificationChannelRequest_Target Channel-specific target configuration. The shape depends on the `type` field:
+// - `email`: requires an `EmailTarget` object
+// - `webhook`: requires a `WebhookTarget` object
+type NotificationChannelRequest_Target struct {
+	union json.RawMessage
+}
+
+// NotificationChannelResponse A notification channel configuration.
+type NotificationChannelResponse struct {
+	// Enabled Whether this notification channel is active.
+	Enabled bool `json:"enabled"`
+
+	// EventTypes List of activity event type codes this channel subscribes to.
+	EventTypes []NotificationEventType `json:"event_types"`
+
+	// Id Unique identifier of the notification channel.
+	Id *string `json:"id,omitempty"`
+
+	// Target Channel-specific target configuration. The shape depends on the `type` field:
+	// - `email`: an `EmailTarget` object
+	// - `webhook`: a `WebhookTarget` object
+	Target *NotificationChannelResponse_Target `json:"target,omitempty"`
+
+	// Type The type of notification channel.
+	Type NotificationChannelType `json:"type"`
+}
+
+// NotificationChannelResponse_Target Channel-specific target configuration. The shape depends on the `type` field:
+// - `email`: an `EmailTarget` object
+// - `webhook`: a `WebhookTarget` object
+type NotificationChannelResponse_Target struct {
+	union json.RawMessage
+}
+
+// NotificationChannelType The type of notification channel.
+type NotificationChannelType string
+
+// NotificationEventType An activity event type code. See `GET /api/integrations/notifications/types` for the full list
+// of supported event types and their human-readable descriptions.
+type NotificationEventType = string
+
+// NotificationTypeEntry A map of event type codes to their human-readable descriptions.
+type NotificationTypeEntry map[string]string
+
 // OSVersionCheck Posture check for the version of operating system
 type OSVersionCheck struct {
 	// Android Posture check for the version of operating system
@@ -2732,6 +2989,27 @@ type OSVersionCheck struct {
 	Windows *MinKernelVersionCheck `json:"windows,omitempty"`
 }

+// OktaScimIntegration defines model for OktaScimIntegration.
+type OktaScimIntegration struct {
+	// AuthToken SCIM API token (full on creation/regeneration, masked on retrieval)
+	AuthToken string `json:"auth_token"`
+
+	// Enabled Whether the integration is enabled
+	Enabled bool `json:"enabled"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes []string `json:"group_prefixes"`
+
+	// Id The unique identifier for the integration
+	Id int64 `json:"id"`
+
+	// LastSyncedAt Timestamp of the last synchronization
+	LastSyncedAt time.Time `json:"last_synced_at"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes []string `json:"user_group_prefixes"`
+}
+
 // PINAuthConfig defines model for PINAuthConfig.
 type PINAuthConfig struct {
 	// Enabled Whether PIN auth is enabled
@@ -3399,6 +3677,9 @@ type ProxyAccessLog struct {
 	// StatusCode HTTP status code returned
 	StatusCode int `json:"status_code"`

+	// SubdivisionCode First-level administrative subdivision ISO code (e.g. state/province)
+	SubdivisionCode *string `json:"subdivision_code,omitempty"`
+
 	// Timestamp Timestamp when the request was made
 	Timestamp time.Time `json:"timestamp"`

@@ -3451,6 +3732,9 @@ type ReverseProxyDomain struct {
 	// Id Domain ID
 	Id string `json:"id"`

+	// RequireSubdomain Whether a subdomain label is required in front of this domain. When true, the domain cannot be used bare.
+	RequireSubdomain *bool `json:"require_subdomain,omitempty"`
+
 	// SupportsCustomPorts Whether the cluster supports binding arbitrary TCP/UDP ports
 	SupportsCustomPorts *bool `json:"supports_custom_ports,omitempty"`

@@ -3575,12 +3859,12 @@ type RulePortRange struct {
 	Start int `json:"start"`
 }

-// ScimIntegration Represents a SCIM IDP integration
+// ScimIntegration defines model for ScimIntegration.
 type ScimIntegration struct {
 	// AuthToken SCIM API token (full on creation, masked otherwise)
 	AuthToken string `json:"auth_token"`

-	// Enabled Indicates whether the integration is enabled
+	// Enabled Whether the integration is enabled
 	Enabled bool `json:"enabled"`

 	// GroupPrefixes List of start_with string patterns for groups to sync
@@ -3592,6 +3876,9 @@ type ScimIntegration struct {
 	// LastSyncedAt Timestamp of when the integration was last synced
 	LastSyncedAt time.Time `json:"last_synced_at"`

+	// Prefix The connection prefix used for the SCIM provider
+	Prefix string `json:"prefix"`
+
 	// Provider Name of the SCIM identity provider
 	Provider string `json:"provider"`

@@ -3637,7 +3924,9 @@ type SentinelOneMatchAttributesNetworkStatus string

 // Service defines model for Service.
 type Service struct {
-	Auth ServiceAuthConfig `json:"auth"`
+	// AccessRestrictions Connection-level access restrictions based on IP address or geography. Applies to both HTTP and L4 services.
+	AccessRestrictions *AccessRestrictions `json:"access_restrictions,omitempty"`
+	Auth               ServiceAuthConfig   `json:"auth"`

 	// Domain Domain for the service
 	Domain string `json:"domain"`
@@ -3672,6 +3961,9 @@ type Service struct {

 	// Targets List of target backends for this service
 	Targets []ServiceTarget `json:"targets"`
+
+	// Terminated Whether the service has been terminated. Terminated services cannot be updated. Services that violate the Terms of Service will be terminated.
+	Terminated *bool `json:"terminated,omitempty"`
 }

 // ServiceMode Service mode. "http" for L7 reverse proxy, "tcp"/"udp"/"tls" for L4 passthrough.
@@ -3680,6 +3972,7 @@ type ServiceMode string
 // ServiceAuthConfig defines model for ServiceAuthConfig.
 type ServiceAuthConfig struct {
 	BearerAuth   *BearerAuthConfig   `json:"bearer_auth,omitempty"`
+	HeaderAuths  *[]HeaderAuthConfig `json:"header_auths,omitempty"`
 	LinkAuth     *LinkAuthConfig     `json:"link_auth,omitempty"`
 	PasswordAuth *PasswordAuthConfig `json:"password_auth,omitempty"`
 	PinAuth      *PINAuthConfig      `json:"pin_auth,omitempty"`
@@ -3702,7 +3995,9 @@ type ServiceMetaStatus string

 // ServiceRequest defines model for ServiceRequest.
 type ServiceRequest struct {
-	Auth *ServiceAuthConfig `json:"auth,omitempty"`
+	// AccessRestrictions Connection-level access restrictions based on IP address or geography. Applies to both HTTP and L4 services.
+	AccessRestrictions *AccessRestrictions `json:"access_restrictions,omitempty"`
+	Auth               *ServiceAuthConfig  `json:"auth,omitempty"`

 	// Domain Domain for the service
 	Domain string `json:"domain"`
@@ -3777,7 +4072,7 @@ type ServiceTargetOptions struct {
 	// RequestTimeout Per-target response timeout as a Go duration string (e.g. "30s", "2m")
 	RequestTimeout *string `json:"request_timeout,omitempty"`

-	// SessionIdleTimeout Idle timeout before a UDP session is reaped, as a Go duration string (e.g. "30s", "2m"). Maximum 10m.
+	// SessionIdleTimeout Idle timeout before a UDP session is reaped, as a Go duration string (e.g. "30s", "2m").
 	SessionIdleTimeout *string `json:"session_idle_timeout,omitempty"`

 	// SkipTlsVerify Skip TLS certificate verification for this backend
@@ -3988,6 +4283,11 @@ type Subscription struct {
 	UpdatedAt time.Time `json:"updated_at"`
 }

+// SyncResult Response for a manual sync trigger
+type SyncResult struct {
+	Result *string `json:"result,omitempty"`
+}
+
 // TenantGroupResponse defines model for TenantGroupResponse.
 type TenantGroupResponse struct {
 	// Id The Group ID
@@ -4033,14 +4333,74 @@ type TenantResponse struct {
 // TenantResponseStatus The status of the tenant
 type TenantResponseStatus string

-// UpdateScimIntegrationRequest Request payload for updating an SCIM IDP integration
-type UpdateScimIntegrationRequest struct {
-	// Enabled Indicates whether the integration is enabled
+// UpdateAzureIntegrationRequest defines model for UpdateAzureIntegrationRequest.
+type UpdateAzureIntegrationRequest struct {
+	// ClientId Azure AD application (client) ID
+	ClientId *string `json:"client_id,omitempty"`
+
+	// ClientSecret Base64-encoded Azure AD client secret
+	ClientSecret *string `json:"client_secret,omitempty"`
+
+	// Enabled Whether the integration is enabled
 	Enabled *bool `json:"enabled,omitempty"`

 	// GroupPrefixes List of start_with string patterns for groups to sync
 	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`

+	// SyncInterval Sync interval in seconds (minimum 300)
+	SyncInterval *int `json:"sync_interval,omitempty"`
+
+	// TenantId Azure AD tenant ID
+	TenantId *string `json:"tenant_id,omitempty"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes *[]string `json:"user_group_prefixes,omitempty"`
+}
+
+// UpdateGoogleIntegrationRequest defines model for UpdateGoogleIntegrationRequest.
+type UpdateGoogleIntegrationRequest struct {
+	// CustomerId Customer ID from Google Workspace Account Settings
+	CustomerId *string `json:"customer_id,omitempty"`
+
+	// Enabled Whether the integration is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`
+
+	// ServiceAccountKey Base64-encoded Google service account key
+	ServiceAccountKey *string `json:"service_account_key,omitempty"`
+
+	// SyncInterval Sync interval in seconds (minimum 300)
+	SyncInterval *int `json:"sync_interval,omitempty"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes *[]string `json:"user_group_prefixes,omitempty"`
+}
+
+// UpdateOktaScimIntegrationRequest defines model for UpdateOktaScimIntegrationRequest.
+type UpdateOktaScimIntegrationRequest struct {
+	// Enabled Whether the integration is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`
+
+	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
+	UserGroupPrefixes *[]string `json:"user_group_prefixes,omitempty"`
+}
+
+// UpdateScimIntegrationRequest defines model for UpdateScimIntegrationRequest.
+type UpdateScimIntegrationRequest struct {
+	// Enabled Whether the integration is enabled
+	Enabled *bool `json:"enabled,omitempty"`
+
+	// GroupPrefixes List of start_with string patterns for groups to sync
+	GroupPrefixes *[]string `json:"group_prefixes,omitempty"`
+
+	// Prefix The connection prefix used for the SCIM provider
+	Prefix *string `json:"prefix,omitempty"`
+
 	// UserGroupPrefixes List of start_with string patterns for groups which users to sync
 	UserGroupPrefixes *[]string `json:"user_group_prefixes,omitempty"`
 }
@@ -4248,6 +4608,16 @@ type UserRequest struct {
 	Role string `json:"role"`
 }

+// WebhookTarget Target configuration for webhook notification channels.
+type WebhookTarget struct {
+	// Headers Custom HTTP headers sent with each webhook request.
+	// Values are write-only; in GET responses all values are masked.
+	Headers *map[string]string `json:"headers,omitempty"`
+
+	// Url The webhook endpoint URL to send notifications to.
+	Url string `json:"url"`
+}
+
 // WorkloadRequest defines model for WorkloadRequest.
 type WorkloadRequest struct {
 	union json.RawMessage
@@ -4550,6 +4920,12 @@ type PostApiIngressPeersJSONRequestBody = IngressPeerCreateRequest
 // PutApiIngressPeersIngressPeerIdJSONRequestBody defines body for PutApiIngressPeersIngressPeerId for application/json ContentType.
 type PutApiIngressPeersIngressPeerIdJSONRequestBody = IngressPeerUpdateRequest

+// CreateAzureIntegrationJSONRequestBody defines body for CreateAzureIntegration for application/json ContentType.
+type CreateAzureIntegrationJSONRequestBody = CreateAzureIntegrationRequest
+
+// UpdateAzureIntegrationJSONRequestBody defines body for UpdateAzureIntegration for application/json ContentType.
+type UpdateAzureIntegrationJSONRequestBody = UpdateAzureIntegrationRequest
+
 // PostApiIntegrationsBillingAwsMarketplaceActivateJSONRequestBody defines body for PostApiIntegrationsBillingAwsMarketplaceActivate for application/json ContentType.
 type PostApiIntegrationsBillingAwsMarketplaceActivateJSONRequestBody PostApiIntegrationsBillingAwsMarketplaceActivateJSONBody

@@ -4592,6 +4968,12 @@ type CreateSentinelOneEDRIntegrationJSONRequestBody = EDRSentinelOneRequest
 // UpdateSentinelOneEDRIntegrationJSONRequestBody defines body for UpdateSentinelOneEDRIntegration for application/json ContentType.
 type UpdateSentinelOneEDRIntegrationJSONRequestBody = EDRSentinelOneRequest

+// CreateGoogleIntegrationJSONRequestBody defines body for CreateGoogleIntegration for application/json ContentType.
+type CreateGoogleIntegrationJSONRequestBody = CreateGoogleIntegrationRequest
+
+// UpdateGoogleIntegrationJSONRequestBody defines body for UpdateGoogleIntegration for application/json ContentType.
+type UpdateGoogleIntegrationJSONRequestBody = UpdateGoogleIntegrationRequest
+
 // PostApiIntegrationsMspTenantsJSONRequestBody defines body for PostApiIntegrationsMspTenants for application/json ContentType.
 type PostApiIntegrationsMspTenantsJSONRequestBody = CreateTenantRequest

@@ -4607,6 +4989,18 @@ type PostApiIntegrationsMspTenantsIdSubscriptionJSONRequestBody PostApiIntegrati
 // PostApiIntegrationsMspTenantsIdUnlinkJSONRequestBody defines body for PostApiIntegrationsMspTenantsIdUnlink for application/json ContentType.
 type PostApiIntegrationsMspTenantsIdUnlinkJSONRequestBody PostApiIntegrationsMspTenantsIdUnlinkJSONBody

+// CreateNotificationChannelJSONRequestBody defines body for CreateNotificationChannel for application/json ContentType.
+type CreateNotificationChannelJSONRequestBody = NotificationChannelRequest
+
+// UpdateNotificationChannelJSONRequestBody defines body for UpdateNotificationChannel for application/json ContentType.
+type UpdateNotificationChannelJSONRequestBody = NotificationChannelRequest
+
+// CreateOktaScimIntegrationJSONRequestBody defines body for CreateOktaScimIntegration for application/json ContentType.
+type CreateOktaScimIntegrationJSONRequestBody = CreateOktaScimIntegrationRequest
+
+// UpdateOktaScimIntegrationJSONRequestBody defines body for UpdateOktaScimIntegration for application/json ContentType.
+type UpdateOktaScimIntegrationJSONRequestBody = UpdateOktaScimIntegrationRequest
+
 // CreateSCIMIntegrationJSONRequestBody defines body for CreateSCIMIntegration for application/json ContentType.
 type CreateSCIMIntegrationJSONRequestBody = CreateScimIntegrationRequest

@@ -4703,6 +5097,130 @@ type PutApiUsersUserIdPasswordJSONRequestBody = PasswordChangeRequest
 // PostApiUsersUserIdTokensJSONRequestBody defines body for PostApiUsersUserIdTokens for application/json ContentType.
 type PostApiUsersUserIdTokensJSONRequestBody = PersonalAccessTokenRequest

+// AsEmailTarget returns the union data inside the NotificationChannelRequest_Target as a EmailTarget
+func (t NotificationChannelRequest_Target) AsEmailTarget() (EmailTarget, error) {
+	var body EmailTarget
+	err := json.Unmarshal(t.union, &body)
+	return body, err
+}
+
+// FromEmailTarget overwrites any union data inside the NotificationChannelRequest_Target as the provided EmailTarget
+func (t *NotificationChannelRequest_Target) FromEmailTarget(v EmailTarget) error {
+	b, err := json.Marshal(v)
+	t.union = b
+	return err
+}
+
+// MergeEmailTarget performs a merge with any union data inside the NotificationChannelRequest_Target, using the provided EmailTarget
+func (t *NotificationChannelRequest_Target) MergeEmailTarget(v EmailTarget) error {
+	b, err := json.Marshal(v)
+	if err != nil {
+		return err
+	}
+
+	merged, err := runtime.JSONMerge(t.union, b)
+	t.union = merged
+	return err
+}
+
+// AsWebhookTarget returns the union data inside the NotificationChannelRequest_Target as a WebhookTarget
+func (t NotificationChannelRequest_Target) AsWebhookTarget() (WebhookTarget, error) {
+	var body WebhookTarget
+	err := json.Unmarshal(t.union, &body)
+	return body, err
+}
+
+// FromWebhookTarget overwrites any union data inside the NotificationChannelRequest_Target as the provided WebhookTarget
+func (t *NotificationChannelRequest_Target) FromWebhookTarget(v WebhookTarget) error {
+	b, err := json.Marshal(v)
+	t.union = b
+	return err
+}
+
+// MergeWebhookTarget performs a merge with any union data inside the NotificationChannelRequest_Target, using the provided WebhookTarget
+func (t *NotificationChannelRequest_Target) MergeWebhookTarget(v WebhookTarget) error {
+	b, err := json.Marshal(v)
+	if err != nil {
+		return err
+	}
+
+	merged, err := runtime.JSONMerge(t.union, b)
+	t.union = merged
+	return err
+}
+
+func (t NotificationChannelRequest_Target) MarshalJSON() ([]byte, error) {
+	b, err := t.union.MarshalJSON()
+	return b, err
+}
+
+func (t *NotificationChannelRequest_Target) UnmarshalJSON(b []byte) error {
+	err := t.union.UnmarshalJSON(b)
+	return err
+}
+
+// AsEmailTarget returns the union data inside the NotificationChannelResponse_Target as a EmailTarget
+func (t NotificationChannelResponse_Target) AsEmailTarget() (EmailTarget, error) {
+	var body EmailTarget
+	err := json.Unmarshal(t.union, &body)
+	return body, err
+}
+
+// FromEmailTarget overwrites any union data inside the NotificationChannelResponse_Target as the provided EmailTarget
+func (t *NotificationChannelResponse_Target) FromEmailTarget(v EmailTarget) error {
+	b, err := json.Marshal(v)
+	t.union = b
+	return err
+}
+
+// MergeEmailTarget performs a merge with any union data inside the NotificationChannelResponse_Target, using the provided EmailTarget
+func (t *NotificationChannelResponse_Target) MergeEmailTarget(v EmailTarget) error {
+	b, err := json.Marshal(v)
+	if err != nil {
+		return err
+	}
+
+	merged, err := runtime.JSONMerge(t.union, b)
+	t.union = merged
+	return err
+}
+
+// AsWebhookTarget returns the union data inside the NotificationChannelResponse_Target as a WebhookTarget
+func (t NotificationChannelResponse_Target) AsWebhookTarget() (WebhookTarget, error) {
+	var body WebhookTarget
+	err := json.Unmarshal(t.union, &body)
+	return body, err
+}
+
+// FromWebhookTarget overwrites any union data inside the NotificationChannelResponse_Target as the provided WebhookTarget
+func (t *NotificationChannelResponse_Target) FromWebhookTarget(v WebhookTarget) error {
+	b, err := json.Marshal(v)
+	t.union = b
+	return err
+}
+
+// MergeWebhookTarget performs a merge with any union data inside the NotificationChannelResponse_Target, using the provided WebhookTarget
+func (t *NotificationChannelResponse_Target) MergeWebhookTarget(v WebhookTarget) error {
+	b, err := json.Marshal(v)
+	if err != nil {
+		return err
+	}
+
+	merged, err := runtime.JSONMerge(t.union, b)
+	t.union = merged
+	return err
+}
+
+func (t NotificationChannelResponse_Target) MarshalJSON() ([]byte, error) {
+	b, err := t.union.MarshalJSON()
+	return b, err
+}
+
+func (t *NotificationChannelResponse_Target) UnmarshalJSON(b []byte) error {
+	err := t.union.UnmarshalJSON(b)
+	return err
+}
+
 // AsBundleWorkloadRequest returns the union data inside the WorkloadRequest as a BundleWorkloadRequest
 func (t WorkloadRequest) AsBundleWorkloadRequest() (BundleWorkloadRequest, error) {
 	var body BundleWorkloadRequest