diff --git a/.release-please-manifest.json b/.release-please-manifest.json
index 7aa3d56709..fd087344cc 100644
--- a/.release-please-manifest.json
+++ b/.release-please-manifest.json
@@ -1,3 +1,3 @@
 {
-  ".": "4.5.0"
+  ".": "4.6.0"
 }
diff --git a/.stats.yml b/.stats.yml
index 8839c77cc5..42f3fa44ce 100644
--- a/.stats.yml
+++ b/.stats.yml
@@ -1,4 +1,4 @@
-configured_endpoints: 1769
-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-5e53659eea1b4f1fb11addaddb82880c177d8fa3e7a93f0d664a65e43ac526f4.yml
-openapi_spec_hash: 3e0f59ac2722028954566a4c850e8849
-config_hash: bafeb7666d2b7868c9d4ab8f0cc686e1
+configured_endpoints: 1793
+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-4bbd402a61e0b42bf213df8e1360ca06dcf9c21d3a71471727023442b4402ad7.yml
+openapi_spec_hash: fde4742eecb70a0ef6fb8896f7a4c2d2
+config_hash: de4c81cee29cd7dd907279e8916b334f
diff --git a/CHANGELOG.md b/CHANGELOG.md
index cc9fa1398c..3e6c7a743d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,103 @@
 # Changelog
 
+## 4.6.0 (2025-08-11)
+
+Full Changelog: [v4.5.0...v4.6.0](https://github.com/cloudflare/cloudflare-typescript/compare/v4.5.0...v4.6.0)
+
+### Features
+
+* **api:** api update ([707c8e8](https://github.com/cloudflare/cloudflare-typescript/commit/707c8e8281b14ba1453d4995184f25835c1e7b48))
+* **api:** api update ([f1abb27](https://github.com/cloudflare/cloudflare-typescript/commit/f1abb2726ee7aa37f10dbf477f6251019d2f5a8f))
+* **api:** api update ([5128329](https://github.com/cloudflare/cloudflare-typescript/commit/5128329b279ee0936fbb18da8fe0177dcabeeb70))
+* **api:** api update ([4203673](https://github.com/cloudflare/cloudflare-typescript/commit/42036736b0a7326015f3eb37073afda70d3b278c))
+* **api:** api update ([8339d1b](https://github.com/cloudflare/cloudflare-typescript/commit/8339d1bf24de714a26fe110b2cd254f15bf43d5a))
+* **api:** api update ([56ec6a4](https://github.com/cloudflare/cloudflare-typescript/commit/56ec6a4da564399857e86ee89dfa3616425cb684))
+* **api:** api update ([455b40f](https://github.com/cloudflare/cloudflare-typescript/commit/455b40fbda3008fe61cfa605b6fb5fbfee50f9e1))
+* **api:** api update ([faca212](https://github.com/cloudflare/cloudflare-typescript/commit/faca212882af72073b7e5ff9dd474d6ed181013e))
+* **api:** api update ([7d842ba](https://github.com/cloudflare/cloudflare-typescript/commit/7d842babdf5ef180edf499fcb9691dc0f871b55c))
+* **api:** api update ([fef43ec](https://github.com/cloudflare/cloudflare-typescript/commit/fef43ec41c8edad0bd394a1d63a6bf974f9b1426))
+* **api:** api update ([0239b4f](https://github.com/cloudflare/cloudflare-typescript/commit/0239b4f5af23bc80f13cfab247250ea834e81de5))
+* **api:** api update ([b08950b](https://github.com/cloudflare/cloudflare-typescript/commit/b08950b360c0d5f62b2b464fefc779046e2fd95e))
+* **api:** api update ([7b8e864](https://github.com/cloudflare/cloudflare-typescript/commit/7b8e864ccd6a5113f0dc19c795c745e4276839dd))
+* **api:** api update ([67d59b8](https://github.com/cloudflare/cloudflare-typescript/commit/67d59b8e48eb61a8a6e8fc7a6d7865e435087605))
+* **api:** api update ([e75721c](https://github.com/cloudflare/cloudflare-typescript/commit/e75721c672a7f4a4ac6061f09c5896f3459537b7))
+* **api:** api update ([adb8ef5](https://github.com/cloudflare/cloudflare-typescript/commit/adb8ef593d8b62a2cd74c6aae39ce2760eb67a19))
+* **api:** api update ([b6ae6c8](https://github.com/cloudflare/cloudflare-typescript/commit/b6ae6c868b6a9f73bfed54f68187bf5c1a0a458e))
+* **api:** api update ([4e126f6](https://github.com/cloudflare/cloudflare-typescript/commit/4e126f6d036c9f4e581889de924aa48ed40b062d))
+* **api:** api update ([cf5423b](https://github.com/cloudflare/cloudflare-typescript/commit/cf5423bd6bc4eda20d8be971fe6f91b079759829))
+* **api:** api update ([2cf7645](https://github.com/cloudflare/cloudflare-typescript/commit/2cf76458a7900f98a6ff5ebf738a853e77cde10c))
+* **api:** api update ([db79b6e](https://github.com/cloudflare/cloudflare-typescript/commit/db79b6eff163e6d45de81ea5b6a7a74f5879db96))
+* **api:** api update ([1efe99b](https://github.com/cloudflare/cloudflare-typescript/commit/1efe99b7cc816478cfe2bcf8b8b029ee3cf0a8e0))
+* **api:** api update ([298d367](https://github.com/cloudflare/cloudflare-typescript/commit/298d367ca7b84e8e647554ee6143e7fd87aba4ff))
+* **api:** api update ([c7a6dfe](https://github.com/cloudflare/cloudflare-typescript/commit/c7a6dfeaf7c4c3d083d297d4fec22a6f52edbb2c))
+* **api:** api update ([278b0fc](https://github.com/cloudflare/cloudflare-typescript/commit/278b0fcab7ab5dcca86a8960dd05bb46d97634b5))
+* **api:** api update ([29a5177](https://github.com/cloudflare/cloudflare-typescript/commit/29a5177759404566a8c01c46988f57e7ec8f850f))
+* **api:** api update ([9d769e8](https://github.com/cloudflare/cloudflare-typescript/commit/9d769e8821e8b9c2c9ac56f432458c03d1789958))
+* **api:** api update ([2d545a0](https://github.com/cloudflare/cloudflare-typescript/commit/2d545a0f5ec14b641755888edd5526958f494161))
+* **api:** api update ([9e95597](https://github.com/cloudflare/cloudflare-typescript/commit/9e955973d0599b4d1eb3b11e01090dd40e7c3c14))
+* **api:** api update ([5f69e48](https://github.com/cloudflare/cloudflare-typescript/commit/5f69e4827a734597369cb9695a38529e7067f7f9))
+* **api:** api update ([686d461](https://github.com/cloudflare/cloudflare-typescript/commit/686d46139316ca172a934668d6043eb608f60ae7))
+* **api:** api update ([8069564](https://github.com/cloudflare/cloudflare-typescript/commit/8069564ea4cdd6094f0eb5c03b0e7ba9906ba4b0))
+* **api:** api update ([6760fad](https://github.com/cloudflare/cloudflare-typescript/commit/6760fad45f77594720e245eb14c02292273858ab))
+* **api:** api update ([b612a6b](https://github.com/cloudflare/cloudflare-typescript/commit/b612a6b3a9956b190cfa73263bcd8d7fcadd9e1f))
+* **api:** api update ([2a6608c](https://github.com/cloudflare/cloudflare-typescript/commit/2a6608c675a84da9791457ed12cf43fcb8c73d22))
+* **api:** api update ([0672db1](https://github.com/cloudflare/cloudflare-typescript/commit/0672db1eaaa43679f36b0b772b79ca6679783889))
+* **api:** api update ([0af28fa](https://github.com/cloudflare/cloudflare-typescript/commit/0af28fa5f637984c8e15df6b0f0a07b3329e8a7d))
+* **api:** api update ([f137333](https://github.com/cloudflare/cloudflare-typescript/commit/f137333345c22547290d25df05786a1c3b42f212))
+* **api:** api update ([650101c](https://github.com/cloudflare/cloudflare-typescript/commit/650101c9e51fa0ac85e4ed2d6bae56df1b9a602e))
+* **api:** api update ([b7e31b0](https://github.com/cloudflare/cloudflare-typescript/commit/b7e31b03815ae55e92fe394714d8e48d521520b4))
+* **client:** support file upload requests ([0a4e404](https://github.com/cloudflare/cloudflare-typescript/commit/0a4e4049bcf2d6ea77fd3e3776f297e95f8bd555))
+
+
+### Bug Fixes
+
+* **methods:** define methods with parameters and binary body correctly ([9e42614](https://github.com/cloudflare/cloudflare-typescript/commit/9e426141f704602afe31da83f5dad6a1babfcc44))
+
+
+### Chores
+
+* **api:** update composite API spec ([a1301f0](https://github.com/cloudflare/cloudflare-typescript/commit/a1301f033bec4e53d382744bc2ef5c22c2139595))
+* **api:** upload OpenAPI schema from api-schemas ([f30e927](https://github.com/cloudflare/cloudflare-typescript/commit/f30e927cf6d89e3580bdd77e0a8e2ae91bd9da56))
+* **api:** upload stainless config from cloudflare-config ([5f2237b](https://github.com/cloudflare/cloudflare-typescript/commit/5f2237bc35fb24a7c300d50f1fde80e019427934))
+* **api:** upload stainless config from cloudflare-config ([e6f0bcc](https://github.com/cloudflare/cloudflare-typescript/commit/e6f0bcc64c514667b751b85501bf17719be200c9))
+* **api:** upload stainless config from cloudflare-config ([6750686](https://github.com/cloudflare/cloudflare-typescript/commit/6750686b8c3d19bb3f486d741ad9550039dbad02))
+* **api:** upload stainless config from cloudflare-config ([e154418](https://github.com/cloudflare/cloudflare-typescript/commit/e1544186b24a6abcf13d974bcc58f0f2b6885de0))
+* **api:** upload stainless config from cloudflare-config ([b4e0415](https://github.com/cloudflare/cloudflare-typescript/commit/b4e04158da1bb348cfb08f692cfd64a10708c23f))
+* **api:** upload stainless config from cloudflare-config ([ccf8a40](https://github.com/cloudflare/cloudflare-typescript/commit/ccf8a40a0fa8ecff2b38dc6902a793313ed29e42))
+* **api:** upload stainless config from cloudflare-config ([26e5829](https://github.com/cloudflare/cloudflare-typescript/commit/26e58297407804597161880791d7ca8c541e88a8))
+* **api:** upload stainless config from cloudflare-config ([57c2584](https://github.com/cloudflare/cloudflare-typescript/commit/57c2584c49bca7da6c1475f6b8192e567434300f))
+* **api:** upload stainless config from cloudflare-config ([b80775e](https://github.com/cloudflare/cloudflare-typescript/commit/b80775eb66d13ac543c11645f34186cd00988852))
+* **api:** upload stainless config from cloudflare-config ([5a4fa8e](https://github.com/cloudflare/cloudflare-typescript/commit/5a4fa8e74a6043b5948c28a08e0d885ad5e94c55))
+* **api:** upload stainless config from cloudflare-config ([c79965d](https://github.com/cloudflare/cloudflare-typescript/commit/c79965da601db233f93527a350ea9eb6478b1595))
+* **api:** upload stainless config from cloudflare-config ([b97353d](https://github.com/cloudflare/cloudflare-typescript/commit/b97353dff144dc1c88de4a54ec8584fd322d43e3))
+* **api:** upload stainless config from cloudflare-config ([7c24b14](https://github.com/cloudflare/cloudflare-typescript/commit/7c24b14521f92d9c80bb1a5f039c43bb33c62c1b))
+* **api:** upload stainless config from cloudflare-config ([03790cc](https://github.com/cloudflare/cloudflare-typescript/commit/03790cc32ca9e8930a770468349f346d4fb0de26))
+* **api:** upload stainless config from cloudflare-config ([72c4336](https://github.com/cloudflare/cloudflare-typescript/commit/72c433647949e8c4aa7f2323fc1b0ebb94cacf64))
+* **api:** upload stainless config from cloudflare-config ([b816588](https://github.com/cloudflare/cloudflare-typescript/commit/b8165887056f71717deaf9f15083c4266c426267))
+* **api:** upload stainless config from cloudflare-config ([afaabaa](https://github.com/cloudflare/cloudflare-typescript/commit/afaabaad39785cfa99294a320dafbee54f1ca2e6))
+* **api:** upload stainless config from cloudflare-config ([651f179](https://github.com/cloudflare/cloudflare-typescript/commit/651f179a698a0da0d25376c538187e53697ec3c9))
+* **api:** upload stainless config from cloudflare-config ([2fa76d8](https://github.com/cloudflare/cloudflare-typescript/commit/2fa76d8a3dc756f1e8e4a8e7b83cee859dfc5251))
+* **api:** upload stainless config from cloudflare-config ([579fa30](https://github.com/cloudflare/cloudflare-typescript/commit/579fa30b2ef17be56ce87cf99f6ced0eea6943b4))
+* **api:** upload stainless config from cloudflare-config ([d409ced](https://github.com/cloudflare/cloudflare-typescript/commit/d409ced1739b16275d6a426023c1bf1a6a3f3efd))
+* **api:** upload stainless config from cloudflare-config ([e0100f9](https://github.com/cloudflare/cloudflare-typescript/commit/e0100f9ca4c50847707f96b8b34d9019592f7b11))
+* **api:** upload stainless config from cloudflare-config ([4b59fc5](https://github.com/cloudflare/cloudflare-typescript/commit/4b59fc5c37537eda888f981982cd89bca48bdbb8))
+* **api:** upload stainless config from cloudflare-config ([6f512ce](https://github.com/cloudflare/cloudflare-typescript/commit/6f512ce9a09acf86f8d99b11d497e9530d58cbef))
+* **api:** upload stainless config from cloudflare-config ([acdb02e](https://github.com/cloudflare/cloudflare-typescript/commit/acdb02eda7bf53c05fdda0d636beb2d132e54fec))
+* **api:** upload stainless config from cloudflare-config ([c2327a1](https://github.com/cloudflare/cloudflare-typescript/commit/c2327a1c83aa7deecce08a5eb1a9a966a4d22b5b))
+* **api:** upload stainless config from cloudflare-config ([5dc4f71](https://github.com/cloudflare/cloudflare-typescript/commit/5dc4f7124e95ab46f1ca4e00b418bef6e1586f55))
+* **api:** upload stainless config from cloudflare-config ([7b381d8](https://github.com/cloudflare/cloudflare-typescript/commit/7b381d8d1f15579e860390de3ca13a02f590d539))
+* **api:** upload stainless config from cloudflare-config ([4da7b68](https://github.com/cloudflare/cloudflare-typescript/commit/4da7b68f759ec954c163f8304be01a0253d8095f))
+* **api:** upload stainless config from cloudflare-config ([aab4c1f](https://github.com/cloudflare/cloudflare-typescript/commit/aab4c1fe6ba01d801376bba35279352495210fcb))
+* **api:** upload stainless config from cloudflare-config ([452be6b](https://github.com/cloudflare/cloudflare-typescript/commit/452be6b9b9a6d45894b3cee30c8931ced7fd2e86))
+* **api:** upload stainless config from cloudflare-config ([3b2317c](https://github.com/cloudflare/cloudflare-typescript/commit/3b2317c217af3f35c7352148dc41a0893885855f))
+* **api:** upload stainless config from cloudflare-config ([ecd1b0f](https://github.com/cloudflare/cloudflare-typescript/commit/ecd1b0f9beb71debc60adec2f1e833079b55e0f4))
+* **api:** upload stainless config from cloudflare-config ([602dffc](https://github.com/cloudflare/cloudflare-typescript/commit/602dffcf3740c0dfb8dfb190e15c3a76174d3760))
+* **api:** upload stainless config from cloudflare-config ([afdba32](https://github.com/cloudflare/cloudflare-typescript/commit/afdba327d64702324a88c179d15bdd9ebe0eddbc))
+* **internal:** move publish config ([2bfc1d9](https://github.com/cloudflare/cloudflare-typescript/commit/2bfc1d96b7e4b3ef0a5aaf786f60e91d46bbf4cd))
+* **internal:** remove redundant imports config ([07e9e91](https://github.com/cloudflare/cloudflare-typescript/commit/07e9e91b07d9774b8d150c6109aeeb6027bbfee3))
+* **internal:** update comment in script ([6114cd0](https://github.com/cloudflare/cloudflare-typescript/commit/6114cd05308867542a61d94158c70ad28deb7ae6))
+* update @stainless-api/prism-cli to v5.15.0 ([8e313d6](https://github.com/cloudflare/cloudflare-typescript/commit/8e313d66854ac6c476b20abd364d0b3a8308ed49))
+
 ## 4.5.0 (2025-07-16)
 
 Full Changelog: [v4.4.1...v4.5.0](https://github.com/cloudflare/cloudflare-typescript/compare/v4.4.1...v4.5.0)
diff --git a/api.md b/api.md
index c9384414c2..af8555c139 100644
--- a/api.md
+++ b/api.md
@@ -1420,15 +1420,17 @@ Methods:
 Types:
 
 - <code><a href="./src/resources/filters.ts">FirewallFilter</a></code>
+- <code><a href="./src/resources/filters.ts">FilterDeleteResponse</a></code>
+- <code><a href="./src/resources/filters.ts">FilterBulkDeleteResponse</a></code>
 
 Methods:
 
-- <code title="post /zones/{zone_id}/filters">client.filters.<a href="./src/resources/filters.ts">create</a>({ ...params }) -> FirewallFiltersSinglePage</code>
+- <code title="post /zones/{zone_id}/filters">client.filters.<a href="./src/resources/filters.ts">create</a>([ ...body ]) -> FirewallFiltersSinglePage</code>
 - <code title="put /zones/{zone_id}/filters/{filter_id}">client.filters.<a href="./src/resources/filters.ts">update</a>(filterId, { ...params }) -> FirewallFilter</code>
 - <code title="get /zones/{zone_id}/filters">client.filters.<a href="./src/resources/filters.ts">list</a>({ ...params }) -> FirewallFiltersV4PagePaginationArray</code>
-- <code title="delete /zones/{zone_id}/filters/{filter_id}">client.filters.<a href="./src/resources/filters.ts">delete</a>(filterId, { ...params }) -> FirewallFilter</code>
-- <code title="delete /zones/{zone_id}/filters">client.filters.<a href="./src/resources/filters.ts">bulkDelete</a>({ ...params }) -> FirewallFiltersSinglePage</code>
-- <code title="put /zones/{zone_id}/filters">client.filters.<a href="./src/resources/filters.ts">bulkUpdate</a>({ ...params }) -> FirewallFiltersSinglePage</code>
+- <code title="delete /zones/{zone_id}/filters/{filter_id}">client.filters.<a href="./src/resources/filters.ts">delete</a>(filterId, { ...params }) -> FilterDeleteResponse</code>
+- <code title="delete /zones/{zone_id}/filters">client.filters.<a href="./src/resources/filters.ts">bulkDelete</a>({ ...params }) -> FilterBulkDeleteResponse | null</code>
+- <code title="put /zones/{zone_id}/filters">client.filters.<a href="./src/resources/filters.ts">bulkUpdate</a>([ ...body ]) -> FirewallFiltersSinglePage</code>
 - <code title="get /zones/{zone_id}/filters/{filter_id}">client.filters.<a href="./src/resources/filters.ts">get</a>(filterId, { ...params }) -> FirewallFilter</code>
 
 # Firewall
@@ -2119,13 +2121,15 @@ Methods:
 Types:
 
 - <code><a href="./src/resources/workers/scripts/deployments.ts">Deployment</a></code>
-- <code><a href="./src/resources/workers/scripts/deployments.ts">DeploymentCreateResponse</a></code>
-- <code><a href="./src/resources/workers/scripts/deployments.ts">DeploymentGetResponse</a></code>
+- <code><a href="./src/resources/workers/scripts/deployments.ts">DeploymentListResponse</a></code>
+- <code><a href="./src/resources/workers/scripts/deployments.ts">DeploymentDeleteResponse</a></code>
 
 Methods:
 
-- <code title="post /accounts/{account_id}/workers/scripts/{script_name}/deployments">client.workers.scripts.deployments.<a href="./src/resources/workers/scripts/deployments.ts">create</a>(scriptName, { ...params }) -> DeploymentCreateResponse</code>
-- <code title="get /accounts/{account_id}/workers/scripts/{script_name}/deployments">client.workers.scripts.deployments.<a href="./src/resources/workers/scripts/deployments.ts">get</a>(scriptName, { ...params }) -> DeploymentGetResponse</code>
+- <code title="post /accounts/{account_id}/workers/scripts/{script_name}/deployments">client.workers.scripts.deployments.<a href="./src/resources/workers/scripts/deployments.ts">create</a>(scriptName, { ...params }) -> Deployment</code>
+- <code title="get /accounts/{account_id}/workers/scripts/{script_name}/deployments">client.workers.scripts.deployments.<a href="./src/resources/workers/scripts/deployments.ts">list</a>(scriptName, { ...params }) -> DeploymentListResponse</code>
+- <code title="delete /accounts/{account_id}/workers/scripts/{script_name}/deployments/{deployment_id}">client.workers.scripts.deployments.<a href="./src/resources/workers/scripts/deployments.ts">delete</a>(scriptName, deploymentId, { ...params }) -> DeploymentDeleteResponse</code>
+- <code title="get /accounts/{account_id}/workers/scripts/{script_name}/deployments/{deployment_id}">client.workers.scripts.deployments.<a href="./src/resources/workers/scripts/deployments.ts">get</a>(scriptName, deploymentId, { ...params }) -> Deployment</code>
 
 ### Versions
 
@@ -2294,7 +2298,7 @@ Types:
 
 Methods:
 
-- <code title="get /accounts/{account_id}/workers/durable_objects/namespaces">client.durableObjects.namespaces.<a href="./src/resources/durable-objects/namespaces/namespaces.ts">list</a>({ ...params }) -> NamespacesSinglePage</code>
+- <code title="get /accounts/{account_id}/workers/durable_objects/namespaces">client.durableObjects.namespaces.<a href="./src/resources/durable-objects/namespaces/namespaces.ts">list</a>({ ...params }) -> NamespacesV4PagePaginationArray</code>
 
 ### Objects
 
@@ -2333,8 +2337,9 @@ Methods:
 
 - <code title="post /accounts/{account_id}/queues/{queue_id}/consumers">client.queues.consumers.<a href="./src/resources/queues/consumers.ts">create</a>(queueId, { ...params }) -> Consumer</code>
 - <code title="put /accounts/{account_id}/queues/{queue_id}/consumers/{consumer_id}">client.queues.consumers.<a href="./src/resources/queues/consumers.ts">update</a>(queueId, consumerId, { ...params }) -> Consumer</code>
+- <code title="get /accounts/{account_id}/queues/{queue_id}/consumers">client.queues.consumers.<a href="./src/resources/queues/consumers.ts">list</a>(queueId, { ...params }) -> ConsumersSinglePage</code>
 - <code title="delete /accounts/{account_id}/queues/{queue_id}/consumers/{consumer_id}">client.queues.consumers.<a href="./src/resources/queues/consumers.ts">delete</a>(queueId, consumerId, { ...params }) -> ConsumerDeleteResponse</code>
-- <code title="get /accounts/{account_id}/queues/{queue_id}/consumers">client.queues.consumers.<a href="./src/resources/queues/consumers.ts">get</a>(queueId, { ...params }) -> ConsumersSinglePage</code>
+- <code title="get /accounts/{account_id}/queues/{queue_id}/consumers/{consumer_id}">client.queues.consumers.<a href="./src/resources/queues/consumers.ts">get</a>(queueId, consumerId, { ...params }) -> Consumer</code>
 
 ## Messages
 
@@ -2952,24 +2957,57 @@ Methods:
 Types:
 
 - <code><a href="./src/resources/brand-protection/brand-protection.ts">Info</a></code>
-- <code><a href="./src/resources/brand-protection/brand-protection.ts">RuleMatch</a></code>
-- <code><a href="./src/resources/brand-protection/brand-protection.ts">ScanStatus</a></code>
 - <code><a href="./src/resources/brand-protection/brand-protection.ts">Submit</a></code>
-- <code><a href="./src/resources/brand-protection/brand-protection.ts">URLInfoModelResults</a></code>
+- <code><a href="./src/resources/brand-protection/brand-protection.ts">BrandProtectionSubmitResponse</a></code>
+- <code><a href="./src/resources/brand-protection/brand-protection.ts">BrandProtectionURLInfoResponse</a></code>
 
 Methods:
 
-- <code title="post /accounts/{account_id}/brand-protection/submit">client.brandProtection.<a href="./src/resources/brand-protection/brand-protection.ts">submit</a>({ ...params }) -> Submit</code>
-- <code title="get /accounts/{account_id}/brand-protection/url-info">client.brandProtection.<a href="./src/resources/brand-protection/brand-protection.ts">urlInfo</a>({ ...params }) -> Info</code>
+- <code title="post /accounts/{account_id}/brand-protection/submit">client.brandProtection.<a href="./src/resources/brand-protection/brand-protection.ts">submit</a>({ ...params }) -> BrandProtectionSubmitResponse</code>
+- <code title="get /accounts/{account_id}/brand-protection/url-info">client.brandProtection.<a href="./src/resources/brand-protection/brand-protection.ts">urlInfo</a>({ ...params }) -> BrandProtectionURLInfoResponsesSinglePage</code>
 
 ## Queries
 
+Methods:
+
+- <code title="post /accounts/{account_id}/brand-protection/queries">client.brandProtection.queries.<a href="./src/resources/brand-protection/queries.ts">create</a>({ ...params }) -> void</code>
+- <code title="delete /accounts/{account_id}/brand-protection/queries">client.brandProtection.queries.<a href="./src/resources/brand-protection/queries.ts">delete</a>({ ...params }) -> void</code>
+
 ## Matches
 
+Types:
+
+- <code><a href="./src/resources/brand-protection/matches.ts">MatchDownloadResponse</a></code>
+- <code><a href="./src/resources/brand-protection/matches.ts">MatchGetResponse</a></code>
+
+Methods:
+
+- <code title="get /accounts/{account_id}/brand-protection/matches/download">client.brandProtection.matches.<a href="./src/resources/brand-protection/matches.ts">download</a>({ ...params }) -> MatchDownloadResponse</code>
+- <code title="get /accounts/{account_id}/brand-protection/matches">client.brandProtection.matches.<a href="./src/resources/brand-protection/matches.ts">get</a>({ ...params }) -> MatchGetResponse</code>
+
 ## Logos
 
+Types:
+
+- <code><a href="./src/resources/brand-protection/logos.ts">LogoCreateResponse</a></code>
+
+Methods:
+
+- <code title="post /accounts/{account_id}/brand-protection/logos">client.brandProtection.logos.<a href="./src/resources/brand-protection/logos.ts">create</a>({ ...params }) -> LogoCreateResponse</code>
+- <code title="delete /accounts/{account_id}/brand-protection/logos/{logo_id}">client.brandProtection.logos.<a href="./src/resources/brand-protection/logos.ts">delete</a>(logoId, { ...params }) -> void</code>
+
 ## LogoMatches
 
+Types:
+
+- <code><a href="./src/resources/brand-protection/logo-matches.ts">LogoMatchDownloadResponse</a></code>
+- <code><a href="./src/resources/brand-protection/logo-matches.ts">LogoMatchGetResponse</a></code>
+
+Methods:
+
+- <code title="get /accounts/{account_id}/brand-protection/logo-matches/download">client.brandProtection.logoMatches.<a href="./src/resources/brand-protection/logo-matches.ts">download</a>({ ...params }) -> LogoMatchDownloadResponse</code>
+- <code title="get /accounts/{account_id}/brand-protection/logo-matches">client.brandProtection.logoMatches.<a href="./src/resources/brand-protection/logo-matches.ts">get</a>({ ...params }) -> LogoMatchGetResponse</code>
+
 # Diagnostics
 
 ## Traceroutes
@@ -2982,6 +3020,25 @@ Methods:
 
 - <code title="post /accounts/{account_id}/diagnostics/traceroute">client.diagnostics.traceroutes.<a href="./src/resources/diagnostics/traceroutes.ts">create</a>({ ...params }) -> TraceroutesSinglePage</code>
 
+## EndpointHealthchecks
+
+Types:
+
+- <code><a href="./src/resources/diagnostics/endpoint-healthchecks.ts">EndpointHealthcheck</a></code>
+- <code><a href="./src/resources/diagnostics/endpoint-healthchecks.ts">EndpointHealthcheckCreateResponse</a></code>
+- <code><a href="./src/resources/diagnostics/endpoint-healthchecks.ts">EndpointHealthcheckUpdateResponse</a></code>
+- <code><a href="./src/resources/diagnostics/endpoint-healthchecks.ts">EndpointHealthcheckListResponse</a></code>
+- <code><a href="./src/resources/diagnostics/endpoint-healthchecks.ts">EndpointHealthcheckDeleteResponse</a></code>
+- <code><a href="./src/resources/diagnostics/endpoint-healthchecks.ts">EndpointHealthcheckGetResponse</a></code>
+
+Methods:
+
+- <code title="post /accounts/{account_id}/diagnostics/endpoint-healthchecks">client.diagnostics.endpointHealthchecks.<a href="./src/resources/diagnostics/endpoint-healthchecks.ts">create</a>({ ...params }) -> EndpointHealthcheckCreateResponse</code>
+- <code title="put /accounts/{account_id}/diagnostics/endpoint-healthchecks/{id}">client.diagnostics.endpointHealthchecks.<a href="./src/resources/diagnostics/endpoint-healthchecks.ts">update</a>(id, { ...params }) -> EndpointHealthcheckUpdateResponse</code>
+- <code title="get /accounts/{account_id}/diagnostics/endpoint-healthchecks">client.diagnostics.endpointHealthchecks.<a href="./src/resources/diagnostics/endpoint-healthchecks.ts">list</a>({ ...params }) -> EndpointHealthcheckListResponse</code>
+- <code title="delete /accounts/{account_id}/diagnostics/endpoint-healthchecks/{id}">client.diagnostics.endpointHealthchecks.<a href="./src/resources/diagnostics/endpoint-healthchecks.ts">delete</a>(id, { ...params }) -> EndpointHealthcheckDeleteResponse</code>
+- <code title="get /accounts/{account_id}/diagnostics/endpoint-healthchecks/{id}">client.diagnostics.endpointHealthchecks.<a href="./src/resources/diagnostics/endpoint-healthchecks.ts">get</a>(id, { ...params }) -> EndpointHealthcheckGetResponse</code>
+
 # Images
 
 ## V1
@@ -4854,7 +4911,7 @@ Methods:
 
 - <code title="post /{accounts_or_zones}/{account_or_zone_id}/access/identity_providers">client.zeroTrust.identityProviders.<a href="./src/resources/zero-trust/identity-providers/identity-providers.ts">create</a>({ ...params }) -> IdentityProvider</code>
 - <code title="put /{accounts_or_zones}/{account_or_zone_id}/access/identity_providers/{identity_provider_id}">client.zeroTrust.identityProviders.<a href="./src/resources/zero-trust/identity-providers/identity-providers.ts">update</a>(identityProviderId, { ...params }) -> IdentityProvider</code>
-- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/identity_providers">client.zeroTrust.identityProviders.<a href="./src/resources/zero-trust/identity-providers/identity-providers.ts">list</a>({ ...params }) -> IdentityProviderListResponsesSinglePage</code>
+- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/identity_providers">client.zeroTrust.identityProviders.<a href="./src/resources/zero-trust/identity-providers/identity-providers.ts">list</a>({ ...params }) -> IdentityProviderListResponsesV4PagePaginationArray</code>
 - <code title="delete /{accounts_or_zones}/{account_or_zone_id}/access/identity_providers/{identity_provider_id}">client.zeroTrust.identityProviders.<a href="./src/resources/zero-trust/identity-providers/identity-providers.ts">delete</a>(identityProviderId, { ...params }) -> IdentityProviderDeleteResponse</code>
 - <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/identity_providers/{identity_provider_id}">client.zeroTrust.identityProviders.<a href="./src/resources/zero-trust/identity-providers/identity-providers.ts">get</a>(identityProviderId, { ...params }) -> IdentityProvider</code>
 
@@ -4864,13 +4921,13 @@ Methods:
 
 Methods:
 
-- <code title="get /accounts/{account_id}/access/identity_providers/{identity_provider_id}/scim/groups">client.zeroTrust.identityProviders.scim.groups.<a href="./src/resources/zero-trust/identity-providers/scim/groups.ts">list</a>(identityProviderId, { ...params }) -> ZeroTrustGroupsSinglePage</code>
+- <code title="get /accounts/{account_id}/access/identity_providers/{identity_provider_id}/scim/groups">client.zeroTrust.identityProviders.scim.groups.<a href="./src/resources/zero-trust/identity-providers/scim/groups.ts">list</a>(identityProviderId, { ...params }) -> ZeroTrustGroupsV4PagePaginationArray</code>
 
 #### Users
 
 Methods:
 
-- <code title="get /accounts/{account_id}/access/identity_providers/{identity_provider_id}/scim/users">client.zeroTrust.identityProviders.scim.users.<a href="./src/resources/zero-trust/identity-providers/scim/users.ts">list</a>(identityProviderId, { ...params }) -> AccessUsersSinglePage</code>
+- <code title="get /accounts/{account_id}/access/identity_providers/{identity_provider_id}/scim/users">client.zeroTrust.identityProviders.scim.users.<a href="./src/resources/zero-trust/identity-providers/scim/users.ts">list</a>(identityProviderId, { ...params }) -> AccessUsersV4PagePaginationArray</code>
 
 ## Organizations
 
@@ -4982,7 +5039,7 @@ Methods:
 
 - <code title="post /{accounts_or_zones}/{account_or_zone_id}/access/apps">client.zeroTrust.access.applications.<a href="./src/resources/zero-trust/access/applications/applications.ts">create</a>({ ...params }) -> ApplicationCreateResponse</code>
 - <code title="put /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}">client.zeroTrust.access.applications.<a href="./src/resources/zero-trust/access/applications/applications.ts">update</a>(appId, { ...params }) -> ApplicationUpdateResponse</code>
-- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps">client.zeroTrust.access.applications.<a href="./src/resources/zero-trust/access/applications/applications.ts">list</a>({ ...params }) -> ApplicationListResponsesSinglePage</code>
+- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps">client.zeroTrust.access.applications.<a href="./src/resources/zero-trust/access/applications/applications.ts">list</a>({ ...params }) -> ApplicationListResponsesV4PagePaginationArray</code>
 - <code title="delete /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}">client.zeroTrust.access.applications.<a href="./src/resources/zero-trust/access/applications/applications.ts">delete</a>(appId, { ...params }) -> ApplicationDeleteResponse</code>
 - <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}">client.zeroTrust.access.applications.<a href="./src/resources/zero-trust/access/applications/applications.ts">get</a>(appId, { ...params }) -> ApplicationGetResponse</code>
 - <code title="post /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/revoke_tokens">client.zeroTrust.access.applications.<a href="./src/resources/zero-trust/access/applications/applications.ts">revokeTokens</a>(appId, { ...params }) -> ApplicationRevokeTokensResponse | null</code>
@@ -4997,7 +5054,7 @@ Types:
 Methods:
 
 - <code title="post /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/ca">client.zeroTrust.access.applications.cas.<a href="./src/resources/zero-trust/access/applications/cas.ts">create</a>(appId, { ...params }) -> CA</code>
-- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps/ca">client.zeroTrust.access.applications.cas.<a href="./src/resources/zero-trust/access/applications/cas.ts">list</a>({ ...params }) -> CAsSinglePage</code>
+- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps/ca">client.zeroTrust.access.applications.cas.<a href="./src/resources/zero-trust/access/applications/cas.ts">list</a>({ ...params }) -> CAsV4PagePaginationArray</code>
 - <code title="delete /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/ca">client.zeroTrust.access.applications.cas.<a href="./src/resources/zero-trust/access/applications/cas.ts">delete</a>(appId, { ...params }) -> CADeleteResponse</code>
 - <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/ca">client.zeroTrust.access.applications.cas.<a href="./src/resources/zero-trust/access/applications/cas.ts">get</a>(appId, { ...params }) -> CA</code>
 
@@ -5046,7 +5103,7 @@ Methods:
 
 - <code title="post /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/policies">client.zeroTrust.access.applications.policies.<a href="./src/resources/zero-trust/access/applications/policies.ts">create</a>(appId, { ...params }) -> PolicyCreateResponse</code>
 - <code title="put /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/policies/{policy_id}">client.zeroTrust.access.applications.policies.<a href="./src/resources/zero-trust/access/applications/policies.ts">update</a>(appId, policyId, { ...params }) -> PolicyUpdateResponse</code>
-- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/policies">client.zeroTrust.access.applications.policies.<a href="./src/resources/zero-trust/access/applications/policies.ts">list</a>(appId, { ...params }) -> PolicyListResponsesSinglePage</code>
+- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/policies">client.zeroTrust.access.applications.policies.<a href="./src/resources/zero-trust/access/applications/policies.ts">list</a>(appId, { ...params }) -> PolicyListResponsesV4PagePaginationArray</code>
 - <code title="delete /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/policies/{policy_id}">client.zeroTrust.access.applications.policies.<a href="./src/resources/zero-trust/access/applications/policies.ts">delete</a>(appId, policyId, { ...params }) -> PolicyDeleteResponse</code>
 - <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/apps/{app_id}/policies/{policy_id}">client.zeroTrust.access.applications.policies.<a href="./src/resources/zero-trust/access/applications/policies.ts">get</a>(appId, policyId, { ...params }) -> PolicyGetResponse</code>
 
@@ -5096,7 +5153,7 @@ Methods:
 
 - <code title="post /{accounts_or_zones}/{account_or_zone_id}/access/certificates">client.zeroTrust.access.certificates.<a href="./src/resources/zero-trust/access/certificates/certificates.ts">create</a>({ ...params }) -> Certificate</code>
 - <code title="put /{accounts_or_zones}/{account_or_zone_id}/access/certificates/{certificate_id}">client.zeroTrust.access.certificates.<a href="./src/resources/zero-trust/access/certificates/certificates.ts">update</a>(certificateId, { ...params }) -> Certificate</code>
-- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/certificates">client.zeroTrust.access.certificates.<a href="./src/resources/zero-trust/access/certificates/certificates.ts">list</a>({ ...params }) -> CertificatesSinglePage</code>
+- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/certificates">client.zeroTrust.access.certificates.<a href="./src/resources/zero-trust/access/certificates/certificates.ts">list</a>({ ...params }) -> CertificatesV4PagePaginationArray</code>
 - <code title="delete /{accounts_or_zones}/{account_or_zone_id}/access/certificates/{certificate_id}">client.zeroTrust.access.certificates.<a href="./src/resources/zero-trust/access/certificates/certificates.ts">delete</a>(certificateId, { ...params }) -> CertificateDeleteResponse</code>
 - <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/certificates/{certificate_id}">client.zeroTrust.access.certificates.<a href="./src/resources/zero-trust/access/certificates/certificates.ts">get</a>(certificateId, { ...params }) -> Certificate</code>
 
@@ -5126,7 +5183,7 @@ Methods:
 
 - <code title="post /{accounts_or_zones}/{account_or_zone_id}/access/groups">client.zeroTrust.access.groups.<a href="./src/resources/zero-trust/access/groups.ts">create</a>({ ...params }) -> GroupCreateResponse</code>
 - <code title="put /{accounts_or_zones}/{account_or_zone_id}/access/groups/{group_id}">client.zeroTrust.access.groups.<a href="./src/resources/zero-trust/access/groups.ts">update</a>(groupId, { ...params }) -> GroupUpdateResponse</code>
-- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/groups">client.zeroTrust.access.groups.<a href="./src/resources/zero-trust/access/groups.ts">list</a>({ ...params }) -> GroupListResponsesSinglePage</code>
+- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/groups">client.zeroTrust.access.groups.<a href="./src/resources/zero-trust/access/groups.ts">list</a>({ ...params }) -> GroupListResponsesV4PagePaginationArray</code>
 - <code title="delete /{accounts_or_zones}/{account_or_zone_id}/access/groups/{group_id}">client.zeroTrust.access.groups.<a href="./src/resources/zero-trust/access/groups.ts">delete</a>(groupId, { ...params }) -> GroupDeleteResponse</code>
 - <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/groups/{group_id}">client.zeroTrust.access.groups.<a href="./src/resources/zero-trust/access/groups.ts">get</a>(groupId, { ...params }) -> GroupGetResponse</code>
 
@@ -5142,7 +5199,7 @@ Methods:
 
 - <code title="post /{accounts_or_zones}/{account_or_zone_id}/access/service_tokens">client.zeroTrust.access.serviceTokens.<a href="./src/resources/zero-trust/access/service-tokens.ts">create</a>({ ...params }) -> ServiceTokenCreateResponse</code>
 - <code title="put /{accounts_or_zones}/{account_or_zone_id}/access/service_tokens/{service_token_id}">client.zeroTrust.access.serviceTokens.<a href="./src/resources/zero-trust/access/service-tokens.ts">update</a>(serviceTokenId, { ...params }) -> ServiceToken</code>
-- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/service_tokens">client.zeroTrust.access.serviceTokens.<a href="./src/resources/zero-trust/access/service-tokens.ts">list</a>({ ...params }) -> ServiceTokensSinglePage</code>
+- <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/service_tokens">client.zeroTrust.access.serviceTokens.<a href="./src/resources/zero-trust/access/service-tokens.ts">list</a>({ ...params }) -> ServiceTokensV4PagePaginationArray</code>
 - <code title="delete /{accounts_or_zones}/{account_or_zone_id}/access/service_tokens/{service_token_id}">client.zeroTrust.access.serviceTokens.<a href="./src/resources/zero-trust/access/service-tokens.ts">delete</a>(serviceTokenId, { ...params }) -> ServiceToken</code>
 - <code title="get /{accounts_or_zones}/{account_or_zone_id}/access/service_tokens/{service_token_id}">client.zeroTrust.access.serviceTokens.<a href="./src/resources/zero-trust/access/service-tokens.ts">get</a>(serviceTokenId, { ...params }) -> ServiceToken</code>
 - <code title="post /accounts/{account_id}/access/service_tokens/{service_token_id}/refresh">client.zeroTrust.access.serviceTokens.<a href="./src/resources/zero-trust/access/service-tokens.ts">refresh</a>(serviceTokenId, { ...params }) -> ServiceToken</code>
@@ -5203,7 +5260,7 @@ Types:
 
 Methods:
 
-- <code title="get /accounts/{account_id}/access/logs/scim/updates">client.zeroTrust.access.logs.scim.updates.<a href="./src/resources/zero-trust/access/logs/scim/updates.ts">list</a>({ ...params }) -> UpdateListResponsesSinglePage</code>
+- <code title="get /accounts/{account_id}/access/logs/scim/updates">client.zeroTrust.access.logs.scim.updates.<a href="./src/resources/zero-trust/access/logs/scim/updates.ts">list</a>({ ...params }) -> UpdateListResponsesV4PagePaginationArray</code>
 
 ### Users
 
@@ -5214,7 +5271,7 @@ Types:
 
 Methods:
 
-- <code title="get /accounts/{account_id}/access/users">client.zeroTrust.access.users.<a href="./src/resources/zero-trust/access/users/users.ts">list</a>({ ...params }) -> UserListResponsesSinglePage</code>
+- <code title="get /accounts/{account_id}/access/users">client.zeroTrust.access.users.<a href="./src/resources/zero-trust/access/users/users.ts">list</a>({ ...params }) -> UserListResponsesV4PagePaginationArray</code>
 
 #### ActiveSessions
 
@@ -5260,7 +5317,7 @@ Methods:
 
 - <code title="post /accounts/{account_id}/access/custom_pages">client.zeroTrust.access.customPages.<a href="./src/resources/zero-trust/access/custom-pages.ts">create</a>({ ...params }) -> CustomPageWithoutHTML</code>
 - <code title="put /accounts/{account_id}/access/custom_pages/{custom_page_id}">client.zeroTrust.access.customPages.<a href="./src/resources/zero-trust/access/custom-pages.ts">update</a>(customPageId, { ...params }) -> CustomPageWithoutHTML</code>
-- <code title="get /accounts/{account_id}/access/custom_pages">client.zeroTrust.access.customPages.<a href="./src/resources/zero-trust/access/custom-pages.ts">list</a>({ ...params }) -> CustomPageWithoutHTMLsSinglePage</code>
+- <code title="get /accounts/{account_id}/access/custom_pages">client.zeroTrust.access.customPages.<a href="./src/resources/zero-trust/access/custom-pages.ts">list</a>({ ...params }) -> CustomPageWithoutHTMLsV4PagePaginationArray</code>
 - <code title="delete /accounts/{account_id}/access/custom_pages/{custom_page_id}">client.zeroTrust.access.customPages.<a href="./src/resources/zero-trust/access/custom-pages.ts">delete</a>(customPageId, { ...params }) -> CustomPageDeleteResponse</code>
 - <code title="get /accounts/{account_id}/access/custom_pages/{custom_page_id}">client.zeroTrust.access.customPages.<a href="./src/resources/zero-trust/access/custom-pages.ts">get</a>(customPageId, { ...params }) -> CustomPage</code>
 
@@ -5275,7 +5332,7 @@ Methods:
 
 - <code title="post /accounts/{account_id}/access/tags">client.zeroTrust.access.tags.<a href="./src/resources/zero-trust/access/tags.ts">create</a>({ ...params }) -> Tag</code>
 - <code title="put /accounts/{account_id}/access/tags/{tag_name}">client.zeroTrust.access.tags.<a href="./src/resources/zero-trust/access/tags.ts">update</a>(tagName, { ...params }) -> Tag</code>
-- <code title="get /accounts/{account_id}/access/tags">client.zeroTrust.access.tags.<a href="./src/resources/zero-trust/access/tags.ts">list</a>({ ...params }) -> TagsSinglePage</code>
+- <code title="get /accounts/{account_id}/access/tags">client.zeroTrust.access.tags.<a href="./src/resources/zero-trust/access/tags.ts">list</a>({ ...params }) -> TagsV4PagePaginationArray</code>
 - <code title="delete /accounts/{account_id}/access/tags/{tag_name}">client.zeroTrust.access.tags.<a href="./src/resources/zero-trust/access/tags.ts">delete</a>(tagName, { ...params }) -> TagDeleteResponse</code>
 - <code title="get /accounts/{account_id}/access/tags/{tag_name}">client.zeroTrust.access.tags.<a href="./src/resources/zero-trust/access/tags.ts">get</a>(tagName, { ...params }) -> Tag</code>
 
@@ -5295,7 +5352,7 @@ Methods:
 
 - <code title="post /accounts/{account_id}/access/policies">client.zeroTrust.access.policies.<a href="./src/resources/zero-trust/access/policies.ts">create</a>({ ...params }) -> PolicyCreateResponse</code>
 - <code title="put /accounts/{account_id}/access/policies/{policy_id}">client.zeroTrust.access.policies.<a href="./src/resources/zero-trust/access/policies.ts">update</a>(policyId, { ...params }) -> PolicyUpdateResponse</code>
-- <code title="get /accounts/{account_id}/access/policies">client.zeroTrust.access.policies.<a href="./src/resources/zero-trust/access/policies.ts">list</a>({ ...params }) -> PolicyListResponsesSinglePage</code>
+- <code title="get /accounts/{account_id}/access/policies">client.zeroTrust.access.policies.<a href="./src/resources/zero-trust/access/policies.ts">list</a>({ ...params }) -> PolicyListResponsesV4PagePaginationArray</code>
 - <code title="delete /accounts/{account_id}/access/policies/{policy_id}">client.zeroTrust.access.policies.<a href="./src/resources/zero-trust/access/policies.ts">delete</a>(policyId, { ...params }) -> PolicyDeleteResponse</code>
 - <code title="get /accounts/{account_id}/access/policies/{policy_id}">client.zeroTrust.access.policies.<a href="./src/resources/zero-trust/access/policies.ts">get</a>(policyId, { ...params }) -> PolicyGetResponse</code>
 
@@ -5601,7 +5658,7 @@ Types:
 Methods:
 
 - <code title="post /accounts/{account_id}/dlp/datasets/{dataset_id}/upload">client.zeroTrust.dlp.datasets.upload.<a href="./src/resources/zero-trust/dlp/datasets/upload.ts">create</a>(datasetId, { ...params }) -> NewVersion</code>
-- <code title="post /accounts/{account_id}/dlp/datasets/{dataset_id}/upload/{version}">client.zeroTrust.dlp.datasets.upload.<a href="./src/resources/zero-trust/dlp/datasets/upload.ts">edit</a>(datasetId, version, { ...params }) -> Dataset</code>
+- <code title="post /accounts/{account_id}/dlp/datasets/{dataset_id}/upload/{version}">client.zeroTrust.dlp.datasets.upload.<a href="./src/resources/zero-trust/dlp/datasets/upload.ts">edit</a>(datasetId, version, dataset, { ...params }) -> Dataset</code>
 
 #### Versions
 
@@ -5621,7 +5678,7 @@ Types:
 
 Methods:
 
-- <code title="post /accounts/{account_id}/dlp/datasets/{dataset_id}/versions/{version}/entries/{entry_id}">client.zeroTrust.dlp.datasets.versions.entries.<a href="./src/resources/zero-trust/dlp/datasets/versions/entries.ts">create</a>(datasetId, version, entryId, { ...params }) -> EntryCreateResponse</code>
+- <code title="post /accounts/{account_id}/dlp/datasets/{dataset_id}/versions/{version}/entries/{entry_id}">client.zeroTrust.dlp.datasets.versions.entries.<a href="./src/resources/zero-trust/dlp/datasets/versions/entries.ts">create</a>(datasetId, version, entryId, datasetVersionEntry, { ...params }) -> EntryCreateResponse</code>
 
 ### Patterns
 
@@ -6285,7 +6342,7 @@ Types:
 
 Methods:
 
-- <code title="post /accounts/{account_id}/ai/tomarkdown">client.radar.ai.toMarkdown.<a href="./src/resources/radar/ai/to-markdown.ts">create</a>({ ...params }) -> ToMarkdownCreateResponsesSinglePage</code>
+- <code title="post /accounts/{account_id}/ai/tomarkdown">client.radar.ai.toMarkdown.<a href="./src/resources/radar/ai/to-markdown.ts">create</a>(body, { ...params }) -> ToMarkdownCreateResponsesSinglePage</code>
 
 ### Inference
 
@@ -6331,12 +6388,56 @@ Methods:
 
 Types:
 
+- <code><a href="./src/resources/radar/ai/timeseries-groups.ts">TimeseriesGroupSummaryResponse</a></code>
+- <code><a href="./src/resources/radar/ai/timeseries-groups.ts">TimeseriesGroupTimeseriesResponse</a></code>
+- <code><a href="./src/resources/radar/ai/timeseries-groups.ts">TimeseriesGroupTimeseriesGroupsResponse</a></code>
 - <code><a href="./src/resources/radar/ai/timeseries-groups.ts">TimeseriesGroupUserAgentResponse</a></code>
 
 Methods:
 
+- <code title="get /radar/ai/bots/summary/{dimension}">client.radar.ai.timeseriesGroups.<a href="./src/resources/radar/ai/timeseries-groups.ts">summary</a>(dimension, { ...params }) -> TimeseriesGroupSummaryResponse</code>
+- <code title="get /radar/ai/bots/timeseries">client.radar.ai.timeseriesGroups.<a href="./src/resources/radar/ai/timeseries-groups.ts">timeseries</a>({ ...params }) -> TimeseriesGroupTimeseriesResponse</code>
+- <code title="get /radar/ai/bots/timeseries_groups/{dimension}">client.radar.ai.timeseriesGroups.<a href="./src/resources/radar/ai/timeseries-groups.ts">timeseriesGroups</a>(dimension, { ...params }) -> TimeseriesGroupTimeseriesGroupsResponse</code>
 - <code title="get /radar/ai/bots/timeseries_groups/user_agent">client.radar.ai.timeseriesGroups.<a href="./src/resources/radar/ai/timeseries-groups.ts">userAgent</a>({ ...params }) -> TimeseriesGroupUserAgentResponse</code>
 
+## Ct
+
+Types:
+
+- <code><a href="./src/resources/radar/ct/ct.ts">CtSummaryResponse</a></code>
+- <code><a href="./src/resources/radar/ct/ct.ts">CtTimeseriesResponse</a></code>
+- <code><a href="./src/resources/radar/ct/ct.ts">CtTimeseriesGroupsResponse</a></code>
+
+Methods:
+
+- <code title="get /radar/ct/summary/{dimension}">client.radar.ct.<a href="./src/resources/radar/ct/ct.ts">summary</a>(dimension, { ...params }) -> CtSummaryResponse</code>
+- <code title="get /radar/ct/timeseries">client.radar.ct.<a href="./src/resources/radar/ct/ct.ts">timeseries</a>({ ...params }) -> CtTimeseriesResponse</code>
+- <code title="get /radar/ct/timeseries_groups/{dimension}">client.radar.ct.<a href="./src/resources/radar/ct/ct.ts">timeseriesGroups</a>(dimension, { ...params }) -> CtTimeseriesGroupsResponse</code>
+
+### Authorities
+
+Types:
+
+- <code><a href="./src/resources/radar/ct/authorities.ts">AuthorityListResponse</a></code>
+- <code><a href="./src/resources/radar/ct/authorities.ts">AuthorityGetResponse</a></code>
+
+Methods:
+
+- <code title="get /radar/ct/authorities">client.radar.ct.authorities.<a href="./src/resources/radar/ct/authorities.ts">list</a>({ ...params }) -> AuthorityListResponse</code>
+- <code title="get /radar/ct/authorities/{ca_slug}">client.radar.ct.authorities.<a href="./src/resources/radar/ct/authorities.ts">get</a>(caSlug, { ...params }) -> AuthorityGetResponse</code>
+
+### Logs
+
+Types:
+
+- <code><a href="./src/resources/radar/ct/logs.ts">LogListResponse</a></code>
+- <code><a href="./src/resources/radar/ct/logs.ts">LogGetResponse</a></code>
+
+Methods:
+
+- <code title="get /radar/ct/logs">client.radar.ct.logs.<a href="./src/resources/radar/ct/logs.ts">list</a>({ ...params }) -> LogListResponse</code>
+- <code title="get /radar/ct/logs/{log_slug}">client.radar.ct.logs.<a href="./src/resources/radar/ct/logs.ts">get</a>(logSlug, { ...params }) -> LogGetResponse</code>
+
 ## Annotations
 
 Types:
@@ -7635,15 +7736,17 @@ Methods:
 
 Types:
 
-- <code><a href="./src/resources/snippets/snippets.ts">Snippet</a></code>
+- <code><a href="./src/resources/snippets/snippets.ts">SnippetUpdateResponse</a></code>
+- <code><a href="./src/resources/snippets/snippets.ts">SnippetListResponse</a></code>
 - <code><a href="./src/resources/snippets/snippets.ts">SnippetDeleteResponse</a></code>
+- <code><a href="./src/resources/snippets/snippets.ts">SnippetGetResponse</a></code>
 
 Methods:
 
-- <code title="put /zones/{zone_id}/snippets/{snippet_name}">client.snippets.<a href="./src/resources/snippets/snippets.ts">update</a>(snippetName, { ...params }) -> Snippet</code>
-- <code title="get /zones/{zone_id}/snippets">client.snippets.<a href="./src/resources/snippets/snippets.ts">list</a>({ ...params }) -> SnippetsSinglePage</code>
-- <code title="delete /zones/{zone_id}/snippets/{snippet_name}">client.snippets.<a href="./src/resources/snippets/snippets.ts">delete</a>(snippetName, { ...params }) -> SnippetDeleteResponse</code>
-- <code title="get /zones/{zone_id}/snippets/{snippet_name}">client.snippets.<a href="./src/resources/snippets/snippets.ts">get</a>(snippetName, { ...params }) -> Snippet</code>
+- <code title="put /zones/{zone_id}/snippets/{snippet_name}">client.snippets.<a href="./src/resources/snippets/snippets.ts">update</a>(snippetName, { ...params }) -> SnippetUpdateResponse</code>
+- <code title="get /zones/{zone_id}/snippets">client.snippets.<a href="./src/resources/snippets/snippets.ts">list</a>({ ...params }) -> SnippetListResponsesV4PagePaginationArray</code>
+- <code title="delete /zones/{zone_id}/snippets/{snippet_name}">client.snippets.<a href="./src/resources/snippets/snippets.ts">delete</a>(snippetName, { ...params }) -> SnippetDeleteResponse | null</code>
+- <code title="get /zones/{zone_id}/snippets/{snippet_name}">client.snippets.<a href="./src/resources/snippets/snippets.ts">get</a>(snippetName, { ...params }) -> SnippetGetResponse</code>
 
 ## Content
 
@@ -7663,7 +7766,7 @@ Methods:
 
 - <code title="put /zones/{zone_id}/snippets/snippet_rules">client.snippets.rules.<a href="./src/resources/snippets/rules.ts">update</a>({ ...params }) -> RuleUpdateResponsesSinglePage</code>
 - <code title="get /zones/{zone_id}/snippets/snippet_rules">client.snippets.rules.<a href="./src/resources/snippets/rules.ts">list</a>({ ...params }) -> RuleListResponsesSinglePage</code>
-- <code title="delete /zones/{zone_id}/snippets/snippet_rules">client.snippets.rules.<a href="./src/resources/snippets/rules.ts">delete</a>({ ...params }) -> RuleDeleteResponse</code>
+- <code title="delete /zones/{zone_id}/snippets/snippet_rules">client.snippets.rules.<a href="./src/resources/snippets/rules.ts">delete</a>({ ...params }) -> RuleDeleteResponsesSinglePage</code>
 
 # Calls
 
@@ -7734,6 +7837,17 @@ Methods:
 - <code title="delete /accounts/{account_id}/cloudforce-one/scans/config/{config_id}">client.cloudforceOne.scans.config.<a href="./src/resources/cloudforce-one/scans/config.ts">delete</a>(configId, { ...params }) -> ConfigDeleteResponse</code>
 - <code title="patch /accounts/{account_id}/cloudforce-one/scans/config/{config_id}">client.cloudforceOne.scans.config.<a href="./src/resources/cloudforce-one/scans/config.ts">edit</a>(configId, { ...params }) -> ConfigEditResponse</code>
 
+## BinaryStorage
+
+Types:
+
+- <code><a href="./src/resources/cloudforce-one/binary-storage.ts">BinaryStorageCreateResponse</a></code>
+
+Methods:
+
+- <code title="post /accounts/{account_id}/cloudforce-one/binary">client.cloudforceOne.binaryStorage.<a href="./src/resources/cloudforce-one/binary-storage.ts">create</a>({ ...params }) -> BinaryStorageCreateResponse</code>
+- <code title="get /accounts/{account_id}/cloudforce-one/binary/{hash}">client.cloudforceOne.binaryStorage.<a href="./src/resources/cloudforce-one/binary-storage.ts">get</a>(hash, { ...params }) -> void</code>
+
 ## Requests
 
 Types:
@@ -7968,20 +8082,6 @@ Methods:
 
 ### Insights
 
-Types:
-
-- <code><a href="./src/resources/cloudforce-one/threat-events/insights.ts">InsightCreateResponse</a></code>
-- <code><a href="./src/resources/cloudforce-one/threat-events/insights.ts">InsightDeleteResponse</a></code>
-- <code><a href="./src/resources/cloudforce-one/threat-events/insights.ts">InsightEditResponse</a></code>
-- <code><a href="./src/resources/cloudforce-one/threat-events/insights.ts">InsightGetResponse</a></code>
-
-Methods:
-
-- <code title="post /accounts/{account_id}/cloudforce-one/events/{event_id}/insight/create">client.cloudforceOne.threatEvents.insights.<a href="./src/resources/cloudforce-one/threat-events/insights.ts">create</a>(eventId, { ...params }) -> InsightCreateResponse</code>
-- <code title="delete /accounts/{account_id}/cloudforce-one/events/{event_id}/insight/{insight_id}">client.cloudforceOne.threatEvents.insights.<a href="./src/resources/cloudforce-one/threat-events/insights.ts">delete</a>(eventId, insightId, { ...params }) -> InsightDeleteResponse</code>
-- <code title="patch /accounts/{account_id}/cloudforce-one/events/{event_id}/insight/{insight_id}">client.cloudforceOne.threatEvents.insights.<a href="./src/resources/cloudforce-one/threat-events/insights.ts">edit</a>(eventId, insightId, { ...params }) -> InsightEditResponse</code>
-- <code title="get /accounts/{account_id}/cloudforce-one/events/{event_id}/insight/{insight_id}">client.cloudforceOne.threatEvents.insights.<a href="./src/resources/cloudforce-one/threat-events/insights.ts">get</a>(eventId, insightId, { ...params }) -> InsightGetResponse</code>
-
 # AIGateway
 
 Types:
@@ -8600,9 +8700,9 @@ Types:
 
 Methods:
 
-- <code title="put /{accounts_or_zones}/{account_or_zone_id}/custom_pages/{identifier}">client.customPages.<a href="./src/resources/custom-pages.ts">update</a>(identifier, { ...params }) -> CustomPageUpdateResponse | null</code>
+- <code title="put /{accounts_or_zones}/{account_or_zone_id}/custom_pages/{identifier}">client.customPages.<a href="./src/resources/custom-pages.ts">update</a>(identifier, { ...params }) -> CustomPageUpdateResponse</code>
 - <code title="get /{accounts_or_zones}/{account_or_zone_id}/custom_pages">client.customPages.<a href="./src/resources/custom-pages.ts">list</a>({ ...params }) -> CustomPageListResponsesSinglePage</code>
-- <code title="get /{accounts_or_zones}/{account_or_zone_id}/custom_pages/{identifier}">client.customPages.<a href="./src/resources/custom-pages.ts">get</a>(identifier, { ...params }) -> CustomPageGetResponse | null</code>
+- <code title="get /{accounts_or_zones}/{account_or_zone_id}/custom_pages/{identifier}">client.customPages.<a href="./src/resources/custom-pages.ts">get</a>(identifier, { ...params }) -> CustomPageGetResponse</code>
 
 # SecretsStore
 
diff --git a/bin/publish-npm b/bin/publish-npm
index fa2243d248..45e8aa8088 100644
--- a/bin/publish-npm
+++ b/bin/publish-npm
@@ -58,4 +58,4 @@ else
 fi
 
 # Publish with the appropriate tag
-yarn publish --access public --tag "$TAG"
+yarn publish --tag "$TAG"
diff --git a/package.json b/package.json
index ae9cd435d7..b237c80293 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "cloudflare",
-  "version": "4.5.0",
+  "version": "4.6.0",
   "description": "The official TypeScript library for the Cloudflare API",
   "author": "Cloudflare <api@cloudflare.com>",
   "types": "dist/index.d.ts",
@@ -13,6 +13,9 @@
     "**/*"
   ],
   "private": false,
+  "publishConfig": {
+    "access": "public"
+  },
   "scripts": {
     "test": "./scripts/test",
     "build": "./scripts/build",
@@ -58,10 +61,6 @@
     "./shims/web.js",
     "./shims/web.mjs"
   ],
-  "imports": {
-    "cloudflare": ".",
-    "cloudflare/*": "./src/*"
-  },
   "exports": {
     "./_shims/auto/*": {
       "deno": {
diff --git a/scripts/detect-breaking-changes b/scripts/detect-breaking-changes
index 051507977d..27e8a8086e 100755
--- a/scripts/detect-breaking-changes
+++ b/scripts/detect-breaking-changes
@@ -253,8 +253,13 @@ TEST_PATHS=(
 	tests/api-resources/billing/billing.test.ts
 	tests/api-resources/billing/profiles.test.ts
 	tests/api-resources/brand-protection/brand-protection.test.ts
+	tests/api-resources/brand-protection/queries.test.ts
+	tests/api-resources/brand-protection/matches.test.ts
+	tests/api-resources/brand-protection/logos.test.ts
+	tests/api-resources/brand-protection/logo-matches.test.ts
 	tests/api-resources/diagnostics/diagnostics.test.ts
 	tests/api-resources/diagnostics/traceroutes.test.ts
+	tests/api-resources/diagnostics/endpoint-healthchecks.test.ts
 	tests/api-resources/images/images.test.ts
 	tests/api-resources/images/v1/v1.test.ts
 	tests/api-resources/images/v1/keys.test.ts
@@ -540,6 +545,9 @@ TEST_PATHS=(
 	tests/api-resources/radar/ai/bots/bots.test.ts
 	tests/api-resources/radar/ai/bots/summary.test.ts
 	tests/api-resources/radar/ai/timeseries-groups.test.ts
+	tests/api-resources/radar/ct/ct.test.ts
+	tests/api-resources/radar/ct/authorities.test.ts
+	tests/api-resources/radar/ct/logs.test.ts
 	tests/api-resources/radar/annotations/annotations.test.ts
 	tests/api-resources/radar/annotations/outages.test.ts
 	tests/api-resources/radar/bgp/bgp.test.ts
@@ -661,6 +669,7 @@ TEST_PATHS=(
 	tests/api-resources/cloudforce-one/scans/scans.test.ts
 	tests/api-resources/cloudforce-one/scans/results.test.ts
 	tests/api-resources/cloudforce-one/scans/config.test.ts
+	tests/api-resources/cloudforce-one/binary-storage.test.ts
 	tests/api-resources/cloudforce-one/requests/requests.test.ts
 	tests/api-resources/cloudforce-one/requests/message.test.ts
 	tests/api-resources/cloudforce-one/requests/priority.test.ts
@@ -678,7 +687,6 @@ TEST_PATHS=(
 	tests/api-resources/cloudforce-one/threat-events/tags.test.ts
 	tests/api-resources/cloudforce-one/threat-events/event-tags.test.ts
 	tests/api-resources/cloudforce-one/threat-events/target-industries.test.ts
-	tests/api-resources/cloudforce-one/threat-events/insights.test.ts
 	tests/api-resources/ai-gateway/ai-gateway.test.ts
 	tests/api-resources/ai-gateway/evaluation-types.test.ts
 	tests/api-resources/ai-gateway/logs.test.ts
diff --git a/scripts/mock b/scripts/mock
index d2814ae6a0..0b28f6ea23 100755
--- a/scripts/mock
+++ b/scripts/mock
@@ -21,7 +21,7 @@ echo "==> Starting mock server with URL ${URL}"
 
 # Run prism mock on the given spec
 if [ "$1" == "--daemon" ]; then
-  npm exec --package=@stainless-api/prism-cli@5.8.5 -- prism mock "$URL" &> .prism.log &
+  npm exec --package=@stainless-api/prism-cli@5.15.0 -- prism mock "$URL" &> .prism.log &
 
   # Wait for server to come online
   echo -n "Waiting for server"
@@ -37,5 +37,5 @@ if [ "$1" == "--daemon" ]; then
 
   echo
 else
-  npm exec --package=@stainless-api/prism-cli@5.8.5 -- prism mock "$URL"
+  npm exec --package=@stainless-api/prism-cli@5.15.0 -- prism mock "$URL"
 fi
diff --git a/scripts/test b/scripts/test
index 2049e31b03..7bce0516b5 100755
--- a/scripts/test
+++ b/scripts/test
@@ -43,7 +43,7 @@ elif ! prism_is_running ; then
   echo -e "To run the server, pass in the path or url of your OpenAPI"
   echo -e "spec to the prism command:"
   echo
-  echo -e "  \$ ${YELLOW}npm exec --package=@stoplight/prism-cli@~5.3.2 -- prism mock path/to/your.openapi.yml${NC}"
+  echo -e "  \$ ${YELLOW}npm exec --package=@stainless-api/prism-cli@5.15.0 -- prism mock path/to/your.openapi.yml${NC}"
   echo
 
   exit 1
diff --git a/src/resources/abuse-reports.ts b/src/resources/abuse-reports.ts
index 9f4c7eb9bf..451e42c504 100644
--- a/src/resources/abuse-reports.ts
+++ b/src/resources/abuse-reports.ts
@@ -6,32 +6,9 @@ import * as Core from '../core';
 export class AbuseReports extends APIResource {
   /**
    * Submit the Abuse Report of a particular type
-   *
-   * @example
-   * ```ts
-   * const abuseReport = await client.abuseReports.create(
-   *   'abuse_general',
-   *   {
-   *     account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-   *     act: 'abuse_general',
-   *     email: 'email',
-   *     email2: 'email2',
-   *     name: 'x',
-   *     urls: 'urls',
-   *   },
-   * );
-   * ```
    */
   create(
-    reportType:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei',
+    reportType: string,
     params: AbuseReportCreateParams,
     options?: Core.RequestOptions,
   ): Core.APIPromise<AbuseReportCreateResponse> {
@@ -55,7 +32,7 @@ export type AbuseReportCreateParams =
   | AbuseReportCreateParams.AbuseReportsTrademarkReport
   | AbuseReportCreateParams.AbuseReportsGeneralReport
   | AbuseReportCreateParams.AbuseReportsPhishingReport
-  | AbuseReportCreateParams.AbuseReportsChildrenAbuseReport
+  | AbuseReportCreateParams.AbuseReportsCsamReport
   | AbuseReportCreateParams.AbuseReportsThreatReport
   | AbuseReportCreateParams.AbuseReportsRegistrarWhoisReport
   | AbuseReportCreateParams.AbuseReportsNcseiReport;
@@ -68,144 +45,116 @@ export declare namespace AbuseReportCreateParams {
     account_id: string;
 
     /**
-     * Body param: The abuse report type
+     * Body param: The abuse report type.
      */
-    act:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei';
-
-    /**
-     * Body param: A valid email of the abuse reporter. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    email: string;
-
-    /**
-     * Body param: Should match the value provided in `email`
-     */
-    email2: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    name: string;
-
-    /**
-     * Body param: A list of valid URLs separated by ‘ ’ (new line character). The list
-     * of the URLs should not exceed 250 URLs. All URLs should have the same hostname.
-     * Each URL should be unique. This field may be released by Cloudflare to third
-     * parties such as the Lumen Database (https://lumendatabase.org/).
-     */
-    urls: string;
+    act: 'abuse_dmca';
 
     /**
      * Body param: Text not exceeding 100 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    address1?: string;
+    address1: string;
 
     /**
      * Body param: The name of the copyright holder. Text not exceeding 60 characters.
      * This field may be released by Cloudflare to third parties such as the Lumen
      * Database (https://lumendatabase.org/).
      */
-    agent_name?: string;
+    agent_name: string;
 
     /**
      * Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA
      * reports
      */
-    agree?: 0 | 1;
+    agree: 1;
 
     /**
      * Body param: Text not exceeding 255 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    city?: string;
-
-    /**
-     * Body param: Any additional comments about the infringement not exceeding 2000
-     * characters
-     */
-    comments?: string;
+    city: string;
 
     /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
+     * Body param: Text not exceeding 255 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    company?: string;
+    country: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Body param: A valid email of the abuse reporter. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    country?: string;
+    email: string;
 
     /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
+     * Body param: Should match the value provided in `email`
      */
-    destination_ips?: string;
+    email2: string;
 
     /**
      * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
      * and Trademark reports cannot be anonymous.
      */
-    host_notification?: 'send' | 'send-anon' | 'none';
+    host_notification: 'send';
 
     /**
-     * Body param: A detailed description of the infringement, including any necessary
-     * access details and the exact steps needed to view the content, not exceeding
-     * 5000 characters
+     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
+     */
+    name: string;
+
+    /**
+     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
      */
-    justification?: string;
+    original_work: string;
 
     /**
      * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
      * and Trademark reports cannot be anonymous.
      */
-    ncmec_notification?: 'send' | 'send-anon' | 'none';
+    owner_notification: 'send';
 
     /**
-     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
-     * report.
+     * Body param: Required for DMCA reports, should be same as Name. An affirmation
+     * that all information in the report is true and accurate while agreeing to the
+     * policies of Cloudflare's abuse reports
      */
-    ncsei_subject_representation?: boolean;
+    signature: string;
 
     /**
      * Body param: Text not exceeding 255 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    original_work?: string;
+    state: string;
 
     /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
+     * Body param: A list of valid URLs separated by ‘\n’ (new line character). The
+     * list of the URLs should not exceed 250 URLs. All URLs should have the same
+     * hostname. Each URL should be unique. This field may be released by Cloudflare to
+     * third parties such as the Lumen Database (https://lumendatabase.org/).
      */
-    owner_notification?: 'send' | 'send-anon' | 'none';
+    urls: string;
 
     /**
-     * Body param: A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP.
-     * The total size of the field should not exceed 2000 characters. Each individual
-     * port/protocol should not exceed 100 characters. The list should not have more
-     * than 30 unique ports and protocols.
+     * Body param: Any additional comments about the infringement not exceeding 2000
+     * characters
      */
-    ports_protocols?: string;
+    comments?: string;
+
+    /**
+     * Body param: Text not exceeding 100 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
+     */
+    company?: string;
 
     /**
      * Body param: Text containing 2 characters
@@ -217,27 +166,6 @@ export declare namespace AbuseReportCreateParams {
      */
     reported_user_agent?: string;
 
-    /**
-     * Body param: Required for DMCA reports, should be same as Name. An affirmation
-     * that all information in the report is true and accurate while agreeing to the
-     * policies of Cloudflare's abuse reports
-     */
-    signature?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of source IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
-     */
-    source_ips?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    state?: string;
-
     /**
      * Body param: Text not exceeding 20 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
@@ -249,21 +177,6 @@ export declare namespace AbuseReportCreateParams {
      * Body param: Text not exceeding 255 characters
      */
     title?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_number?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_office?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_symbol?: string;
   }
 
   export interface AbuseReportsTrademarkReport {
@@ -273,17 +186,9 @@ export declare namespace AbuseReportCreateParams {
     account_id: string;
 
     /**
-     * Body param: The abuse report type
+     * Body param: The abuse report type.
      */
-    act:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei';
+    act: 'abuse_trademark';
 
     /**
      * Body param: A valid email of the abuse reporter. This field may be released by
@@ -297,6 +202,19 @@ export declare namespace AbuseReportCreateParams {
      */
     email2: string;
 
+    /**
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
+     */
+    host_notification: 'send';
+
+    /**
+     * Body param: A detailed description of the infringement, including any necessary
+     * access details and the exact steps needed to view the content, not exceeding
+     * 5000 characters.
+     */
+    justification: string;
+
     /**
      * Body param: Text not exceeding 255 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
@@ -305,39 +223,33 @@ export declare namespace AbuseReportCreateParams {
     name: string;
 
     /**
-     * Body param: A list of valid URLs separated by ‘ ’ (new line character). The list
-     * of the URLs should not exceed 250 URLs. All URLs should have the same hostname.
-     * Each URL should be unique. This field may be released by Cloudflare to third
-     * parties such as the Lumen Database (https://lumendatabase.org/).
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    urls: string;
+    owner_notification: 'send';
 
     /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: Text not exceeding 1000 characters
      */
-    address1?: string;
+    trademark_number: string;
 
     /**
-     * Body param: The name of the copyright holder. Text not exceeding 60 characters.
-     * This field may be released by Cloudflare to third parties such as the Lumen
-     * Database (https://lumendatabase.org/).
+     * Body param: Text not exceeding 1000 characters
      */
-    agent_name?: string;
+    trademark_office: string;
 
     /**
-     * Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA
-     * reports
+     * Body param: Text not exceeding 1000 characters
      */
-    agree?: 0 | 1;
+    trademark_symbol: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: A list of valid URLs separated by ‘\n’ (new line character). The
+     * list of the URLs should not exceed 250 URLs. All URLs should have the same
+     * hostname. Each URL should be unique. This field may be released by Cloudflare to
+     * third parties such as the Lumen Database (https://lumendatabase.org/).
      */
-    city?: string;
+    urls: string;
 
     /**
      * Body param: Any additional comments about the infringement not exceeding 2000
@@ -353,56 +265,104 @@ export declare namespace AbuseReportCreateParams {
     company?: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Body param: Text containing 2 characters
+     */
+    reported_country?: string;
+
+    /**
+     * Body param: Text not exceeding 255 characters
+     */
+    reported_user_agent?: string;
+
+    /**
+     * Body param: Text not exceeding 20 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    country?: string;
+    tele?: string;
 
     /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
+     * Body param: Text not exceeding 255 characters
      */
-    destination_ips?: string;
+    title?: string;
+  }
+
+  export interface AbuseReportsGeneralReport {
+    /**
+     * Path param: The account ID of the submitter.
+     */
+    account_id: string;
+
+    /**
+     * Body param: The abuse report type.
+     */
+    act: 'abuse_general';
+
+    /**
+     * Body param: A valid email of the abuse reporter. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
+     */
+    email: string;
+
+    /**
+     * Body param: Should match the value provided in `email`
+     */
+    email2: string;
 
     /**
      * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
      * and Trademark reports cannot be anonymous.
      */
-    host_notification?: 'send' | 'send-anon' | 'none';
+    host_notification: 'send' | 'send-anon';
 
     /**
      * Body param: A detailed description of the infringement, including any necessary
      * access details and the exact steps needed to view the content, not exceeding
-     * 5000 characters
+     * 5000 characters.
+     */
+    justification: string;
+
+    /**
+     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
      */
-    justification?: string;
+    name: string;
 
     /**
      * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
      * and Trademark reports cannot be anonymous.
      */
-    ncmec_notification?: 'send' | 'send-anon' | 'none';
+    owner_notification: 'send' | 'send-anon' | 'none';
 
     /**
-     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
-     * report.
+     * Body param: A list of valid URLs separated by ‘\n’ (new line character). The
+     * list of the URLs should not exceed 250 URLs. All URLs should have the same
+     * hostname. Each URL should be unique. This field may be released by Cloudflare to
+     * third parties such as the Lumen Database (https://lumendatabase.org/).
      */
-    ncsei_subject_representation?: boolean;
+    urls: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Body param: Any additional comments about the infringement not exceeding 2000
+     * characters
+     */
+    comments?: string;
+
+    /**
+     * Body param: Text not exceeding 100 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    original_work?: string;
+    company?: string;
 
     /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
+     * Body param: A list of IP addresses separated by ‘\n’ (new line character). The
+     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
+     * addresses ought to be unique.
      */
-    owner_notification?: 'send' | 'send-anon' | 'none';
+    destination_ips?: string;
 
     /**
      * Body param: A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP.
@@ -423,26 +383,12 @@ export declare namespace AbuseReportCreateParams {
     reported_user_agent?: string;
 
     /**
-     * Body param: Required for DMCA reports, should be same as Name. An affirmation
-     * that all information in the report is true and accurate while agreeing to the
-     * policies of Cloudflare's abuse reports
-     */
-    signature?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
+     * Body param: A list of IP addresses separated by ‘\n’ (new line character). The
      * list of source IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
+     * addresses ought to be unique.
      */
     source_ips?: string;
 
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    state?: string;
-
     /**
      * Body param: Text not exceeding 20 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
@@ -454,41 +400,18 @@ export declare namespace AbuseReportCreateParams {
      * Body param: Text not exceeding 255 characters
      */
     title?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_number?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_office?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_symbol?: string;
   }
 
-  export interface AbuseReportsGeneralReport {
+  export interface AbuseReportsPhishingReport {
     /**
      * Path param: The account ID of the submitter.
      */
     account_id: string;
 
     /**
-     * Body param: The abuse report type
+     * Body param: The abuse report type.
      */
-    act:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei';
+    act: 'abuse_phishing';
 
     /**
      * Body param: A valid email of the abuse reporter. This field may be released by
@@ -503,46 +426,38 @@ export declare namespace AbuseReportCreateParams {
     email2: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    name: string;
+    host_notification: 'send' | 'send-anon';
 
     /**
-     * Body param: A list of valid URLs separated by ‘ ’ (new line character). The list
-     * of the URLs should not exceed 250 URLs. All URLs should have the same hostname.
-     * Each URL should be unique. This field may be released by Cloudflare to third
-     * parties such as the Lumen Database (https://lumendatabase.org/).
+     * Body param: A detailed description of the infringement, including any necessary
+     * access details and the exact steps needed to view the content, not exceeding
+     * 5000 characters.
      */
-    urls: string;
+    justification: string;
 
     /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
+     * Body param: Text not exceeding 255 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    address1?: string;
-
-    /**
-     * Body param: The name of the copyright holder. Text not exceeding 60 characters.
-     * This field may be released by Cloudflare to third parties such as the Lumen
-     * Database (https://lumendatabase.org/).
-     */
-    agent_name?: string;
+    name: string;
 
     /**
-     * Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA
-     * reports
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    agree?: 0 | 1;
+    owner_notification: 'send' | 'send-anon';
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: A list of valid URLs separated by ‘\n’ (new line character). The
+     * list of the URLs should not exceed 250 URLs. All URLs should have the same
+     * hostname. Each URL should be unique. This field may be released by Cloudflare to
+     * third parties such as the Lumen Database (https://lumendatabase.org/).
      */
-    city?: string;
+    urls: string;
 
     /**
      * Body param: Any additional comments about the infringement not exceeding 2000
@@ -562,707 +477,18 @@ export declare namespace AbuseReportCreateParams {
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    country?: string;
+    original_work?: string;
 
     /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
+     * Body param: Text containing 2 characters
      */
-    destination_ips?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    host_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: A detailed description of the infringement, including any necessary
-     * access details and the exact steps needed to view the content, not exceeding
-     * 5000 characters
-     */
-    justification?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    ncmec_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
-     * report.
-     */
-    ncsei_subject_representation?: boolean;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    original_work?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    owner_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP.
-     * The total size of the field should not exceed 2000 characters. Each individual
-     * port/protocol should not exceed 100 characters. The list should not have more
-     * than 30 unique ports and protocols.
-     */
-    ports_protocols?: string;
-
-    /**
-     * Body param: Text containing 2 characters
-     */
-    reported_country?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters
-     */
-    reported_user_agent?: string;
-
-    /**
-     * Body param: Required for DMCA reports, should be same as Name. An affirmation
-     * that all information in the report is true and accurate while agreeing to the
-     * policies of Cloudflare's abuse reports
-     */
-    signature?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of source IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
-     */
-    source_ips?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    state?: string;
-
-    /**
-     * Body param: Text not exceeding 20 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    tele?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters
-     */
-    title?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_number?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_office?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_symbol?: string;
-  }
-
-  export interface AbuseReportsPhishingReport {
-    /**
-     * Path param: The account ID of the submitter.
-     */
-    account_id: string;
-
-    /**
-     * Body param: The abuse report type
-     */
-    act:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei';
-
-    /**
-     * Body param: A valid email of the abuse reporter. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    email: string;
-
-    /**
-     * Body param: Should match the value provided in `email`
-     */
-    email2: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    name: string;
-
-    /**
-     * Body param: A list of valid URLs separated by ‘ ’ (new line character). The list
-     * of the URLs should not exceed 250 URLs. All URLs should have the same hostname.
-     * Each URL should be unique. This field may be released by Cloudflare to third
-     * parties such as the Lumen Database (https://lumendatabase.org/).
-     */
-    urls: string;
-
-    /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    address1?: string;
-
-    /**
-     * Body param: The name of the copyright holder. Text not exceeding 60 characters.
-     * This field may be released by Cloudflare to third parties such as the Lumen
-     * Database (https://lumendatabase.org/).
-     */
-    agent_name?: string;
-
-    /**
-     * Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA
-     * reports
-     */
-    agree?: 0 | 1;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    city?: string;
-
-    /**
-     * Body param: Any additional comments about the infringement not exceeding 2000
-     * characters
-     */
-    comments?: string;
-
-    /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    company?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    country?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
-     */
-    destination_ips?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    host_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: A detailed description of the infringement, including any necessary
-     * access details and the exact steps needed to view the content, not exceeding
-     * 5000 characters
-     */
-    justification?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    ncmec_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
-     * report.
-     */
-    ncsei_subject_representation?: boolean;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    original_work?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    owner_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP.
-     * The total size of the field should not exceed 2000 characters. Each individual
-     * port/protocol should not exceed 100 characters. The list should not have more
-     * than 30 unique ports and protocols.
-     */
-    ports_protocols?: string;
-
-    /**
-     * Body param: Text containing 2 characters
-     */
-    reported_country?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters
-     */
-    reported_user_agent?: string;
-
-    /**
-     * Body param: Required for DMCA reports, should be same as Name. An affirmation
-     * that all information in the report is true and accurate while agreeing to the
-     * policies of Cloudflare's abuse reports
-     */
-    signature?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of source IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
-     */
-    source_ips?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    state?: string;
-
-    /**
-     * Body param: Text not exceeding 20 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    tele?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters
-     */
-    title?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_number?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_office?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_symbol?: string;
-  }
-
-  export interface AbuseReportsChildrenAbuseReport {
-    /**
-     * Path param: The account ID of the submitter.
-     */
-    account_id: string;
-
-    /**
-     * Body param: The abuse report type
-     */
-    act:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei';
-
-    /**
-     * Body param: A valid email of the abuse reporter. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    email: string;
-
-    /**
-     * Body param: Should match the value provided in `email`
-     */
-    email2: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    name: string;
-
-    /**
-     * Body param: A list of valid URLs separated by ‘ ’ (new line character). The list
-     * of the URLs should not exceed 250 URLs. All URLs should have the same hostname.
-     * Each URL should be unique. This field may be released by Cloudflare to third
-     * parties such as the Lumen Database (https://lumendatabase.org/).
-     */
-    urls: string;
-
-    /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    address1?: string;
-
-    /**
-     * Body param: The name of the copyright holder. Text not exceeding 60 characters.
-     * This field may be released by Cloudflare to third parties such as the Lumen
-     * Database (https://lumendatabase.org/).
-     */
-    agent_name?: string;
-
-    /**
-     * Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA
-     * reports
-     */
-    agree?: 0 | 1;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    city?: string;
-
-    /**
-     * Body param: Any additional comments about the infringement not exceeding 2000
-     * characters
-     */
-    comments?: string;
-
-    /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    company?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    country?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
-     */
-    destination_ips?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    host_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: A detailed description of the infringement, including any necessary
-     * access details and the exact steps needed to view the content, not exceeding
-     * 5000 characters
-     */
-    justification?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    ncmec_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
-     * report.
-     */
-    ncsei_subject_representation?: boolean;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    original_work?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    owner_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP.
-     * The total size of the field should not exceed 2000 characters. Each individual
-     * port/protocol should not exceed 100 characters. The list should not have more
-     * than 30 unique ports and protocols.
-     */
-    ports_protocols?: string;
-
-    /**
-     * Body param: Text containing 2 characters
-     */
-    reported_country?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters
-     */
-    reported_user_agent?: string;
-
-    /**
-     * Body param: Required for DMCA reports, should be same as Name. An affirmation
-     * that all information in the report is true and accurate while agreeing to the
-     * policies of Cloudflare's abuse reports
-     */
-    signature?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of source IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
-     */
-    source_ips?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    state?: string;
-
-    /**
-     * Body param: Text not exceeding 20 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    tele?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters
-     */
-    title?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_number?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_office?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_symbol?: string;
-  }
-
-  export interface AbuseReportsThreatReport {
-    /**
-     * Path param: The account ID of the submitter.
-     */
-    account_id: string;
-
-    /**
-     * Body param: The abuse report type
-     */
-    act:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei';
-
-    /**
-     * Body param: A valid email of the abuse reporter. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    email: string;
-
-    /**
-     * Body param: Should match the value provided in `email`
-     */
-    email2: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    name: string;
-
-    /**
-     * Body param: A list of valid URLs separated by ‘ ’ (new line character). The list
-     * of the URLs should not exceed 250 URLs. All URLs should have the same hostname.
-     * Each URL should be unique. This field may be released by Cloudflare to third
-     * parties such as the Lumen Database (https://lumendatabase.org/).
-     */
-    urls: string;
-
-    /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    address1?: string;
-
-    /**
-     * Body param: The name of the copyright holder. Text not exceeding 60 characters.
-     * This field may be released by Cloudflare to third parties such as the Lumen
-     * Database (https://lumendatabase.org/).
-     */
-    agent_name?: string;
-
-    /**
-     * Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA
-     * reports
-     */
-    agree?: 0 | 1;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    city?: string;
-
-    /**
-     * Body param: Any additional comments about the infringement not exceeding 2000
-     * characters
-     */
-    comments?: string;
-
-    /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    company?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    country?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
-     */
-    destination_ips?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    host_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: A detailed description of the infringement, including any necessary
-     * access details and the exact steps needed to view the content, not exceeding
-     * 5000 characters
-     */
-    justification?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    ncmec_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
-     * report.
-     */
-    ncsei_subject_representation?: boolean;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    original_work?: string;
-
-    /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
-     */
-    owner_notification?: 'send' | 'send-anon' | 'none';
-
-    /**
-     * Body param: A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP.
-     * The total size of the field should not exceed 2000 characters. Each individual
-     * port/protocol should not exceed 100 characters. The list should not have more
-     * than 30 unique ports and protocols.
-     */
-    ports_protocols?: string;
-
-    /**
-     * Body param: Text containing 2 characters
-     */
-    reported_country?: string;
+    reported_country?: string;
 
     /**
      * Body param: Text not exceeding 255 characters
      */
     reported_user_agent?: string;
 
-    /**
-     * Body param: Required for DMCA reports, should be same as Name. An affirmation
-     * that all information in the report is true and accurate while agreeing to the
-     * policies of Cloudflare's abuse reports
-     */
-    signature?: string;
-
-    /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of source IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
-     */
-    source_ips?: string;
-
-    /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    state?: string;
-
     /**
      * Body param: Text not exceeding 20 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
@@ -1274,41 +500,18 @@ export declare namespace AbuseReportCreateParams {
      * Body param: Text not exceeding 255 characters
      */
     title?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_number?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_office?: string;
-
-    /**
-     * Body param: Text not exceeding 1000 characters
-     */
-    trademark_symbol?: string;
   }
 
-  export interface AbuseReportsRegistrarWhoisReport {
+  export interface AbuseReportsCsamReport {
     /**
      * Path param: The account ID of the submitter.
      */
     account_id: string;
 
     /**
-     * Body param: The abuse report type
+     * Body param: The abuse report type.
      */
-    act:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei';
+    act: 'abuse_children';
 
     /**
      * Body param: A valid email of the abuse reporter. This field may be released by
@@ -1323,46 +526,44 @@ export declare namespace AbuseReportCreateParams {
     email2: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    name: string;
+    host_notification: 'send' | 'send-anon';
 
     /**
-     * Body param: A list of valid URLs separated by ‘ ’ (new line character). The list
-     * of the URLs should not exceed 250 URLs. All URLs should have the same hostname.
-     * Each URL should be unique. This field may be released by Cloudflare to third
-     * parties such as the Lumen Database (https://lumendatabase.org/).
+     * Body param: A detailed description of the infringement, including any necessary
+     * access details and the exact steps needed to view the content, not exceeding
+     * 5000 characters.
      */
-    urls: string;
+    justification: string;
 
     /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
+     * Body param: Text not exceeding 255 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    address1?: string;
+    name: string;
 
     /**
-     * Body param: The name of the copyright holder. Text not exceeding 60 characters.
-     * This field may be released by Cloudflare to third parties such as the Lumen
-     * Database (https://lumendatabase.org/).
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    agent_name?: string;
+    ncmec_notification: 'send' | 'send-anon';
 
     /**
-     * Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA
-     * reports
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    agree?: 0 | 1;
+    owner_notification: 'send' | 'send-anon' | 'none';
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: A list of valid URLs separated by ‘\n’ (new line character). The
+     * list of the URLs should not exceed 250 URLs. All URLs should have the same
+     * hostname. Each URL should be unique. This field may be released by Cloudflare to
+     * third parties such as the Lumen Database (https://lumendatabase.org/).
      */
-    city?: string;
+    urls: string;
 
     /**
      * Body param: Any additional comments about the infringement not exceeding 2000
@@ -1385,135 +586,131 @@ export declare namespace AbuseReportCreateParams {
     country?: string;
 
     /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
+     * Body param: Text containing 2 characters
      */
-    destination_ips?: string;
+    reported_country?: string;
 
     /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
+     * Body param: Text not exceeding 255 characters
      */
-    host_notification?: 'send' | 'send-anon' | 'none';
+    reported_user_agent?: string;
 
     /**
-     * Body param: A detailed description of the infringement, including any necessary
-     * access details and the exact steps needed to view the content, not exceeding
-     * 5000 characters
+     * Body param: Text not exceeding 20 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
      */
-    justification?: string;
+    tele?: string;
 
     /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
+     * Body param: Text not exceeding 255 characters
+     */
+    title?: string;
+  }
+
+  export interface AbuseReportsThreatReport {
+    /**
+     * Path param: The account ID of the submitter.
      */
-    ncmec_notification?: 'send' | 'send-anon' | 'none';
+    account_id: string;
 
     /**
-     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
-     * report.
+     * Body param: The abuse report type.
      */
-    ncsei_subject_representation?: boolean;
+    act: 'abuse_threat';
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Body param: A valid email of the abuse reporter. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    original_work?: string;
+    email: string;
 
     /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
+     * Body param: Should match the value provided in `email`
      */
-    owner_notification?: 'send' | 'send-anon' | 'none';
+    email2: string;
 
     /**
-     * Body param: A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP.
-     * The total size of the field should not exceed 2000 characters. Each individual
-     * port/protocol should not exceed 100 characters. The list should not have more
-     * than 30 unique ports and protocols.
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    ports_protocols?: string;
+    host_notification: 'send' | 'send-anon';
 
     /**
-     * Body param: Text containing 2 characters
+     * Body param: A detailed description of the infringement, including any necessary
+     * access details and the exact steps needed to view the content, not exceeding
+     * 5000 characters.
      */
-    reported_country?: string;
+    justification: string;
 
     /**
-     * Body param: Text not exceeding 255 characters
+     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
      */
-    reported_user_agent?: string;
+    name: string;
 
     /**
-     * Body param: Required for DMCA reports, should be same as Name. An affirmation
-     * that all information in the report is true and accurate while agreeing to the
-     * policies of Cloudflare's abuse reports
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    signature?: string;
+    owner_notification: 'send' | 'send-anon';
 
     /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of source IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
+     * Body param: A list of valid URLs separated by ‘\n’ (new line character). The
+     * list of the URLs should not exceed 250 URLs. All URLs should have the same
+     * hostname. Each URL should be unique. This field may be released by Cloudflare to
+     * third parties such as the Lumen Database (https://lumendatabase.org/).
      */
-    source_ips?: string;
+    urls: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: Any additional comments about the infringement not exceeding 2000
+     * characters
      */
-    state?: string;
+    comments?: string;
 
     /**
-     * Body param: Text not exceeding 20 characters. This field may be released by
+     * Body param: Text not exceeding 100 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    tele?: string;
+    company?: string;
 
     /**
-     * Body param: Text not exceeding 255 characters
+     * Body param: Text containing 2 characters
      */
-    title?: string;
+    reported_country?: string;
 
     /**
-     * Body param: Text not exceeding 1000 characters
+     * Body param: Text not exceeding 255 characters
      */
-    trademark_number?: string;
+    reported_user_agent?: string;
 
     /**
-     * Body param: Text not exceeding 1000 characters
+     * Body param: Text not exceeding 20 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
      */
-    trademark_office?: string;
+    tele?: string;
 
     /**
-     * Body param: Text not exceeding 1000 characters
+     * Body param: Text not exceeding 255 characters
      */
-    trademark_symbol?: string;
+    title?: string;
   }
 
-  export interface AbuseReportsNcseiReport {
+  export interface AbuseReportsRegistrarWhoisReport {
     /**
      * Path param: The account ID of the submitter.
      */
     account_id: string;
 
     /**
-     * Body param: The abuse report type
+     * Body param: The abuse report type.
      */
-    act:
-      | 'abuse_dmca'
-      | 'abuse_trademark'
-      | 'abuse_general'
-      | 'abuse_phishing'
-      | 'abuse_children'
-      | 'abuse_threat'
-      | 'abuse_registrar_whois'
-      | 'abuse_ncsei';
+    act: 'abuse_registrar_whois';
 
     /**
      * Body param: A valid email of the abuse reporter. This field may be released by
@@ -1535,39 +732,18 @@ export declare namespace AbuseReportCreateParams {
     name: string;
 
     /**
-     * Body param: A list of valid URLs separated by ‘ ’ (new line character). The list
-     * of the URLs should not exceed 250 URLs. All URLs should have the same hostname.
-     * Each URL should be unique. This field may be released by Cloudflare to third
-     * parties such as the Lumen Database (https://lumendatabase.org/).
-     */
-    urls: string;
-
-    /**
-     * Body param: Text not exceeding 100 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
-     */
-    address1?: string;
-
-    /**
-     * Body param: The name of the copyright holder. Text not exceeding 60 characters.
-     * This field may be released by Cloudflare to third parties such as the Lumen
-     * Database (https://lumendatabase.org/).
-     */
-    agent_name?: string;
-
-    /**
-     * Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA
-     * reports
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    agree?: 0 | 1;
+    owner_notification: 'send' | 'send-anon' | 'none';
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: A list of valid URLs separated by ‘\n’ (new line character). The
+     * list of the URLs should not exceed 250 URLs. All URLs should have the same
+     * hostname. Each URL should be unique. This field may be released by Cloudflare to
+     * third parties such as the Lumen Database (https://lumendatabase.org/).
      */
-    city?: string;
+    urls: string;
 
     /**
      * Body param: Any additional comments about the infringement not exceeding 2000
@@ -1583,122 +759,125 @@ export declare namespace AbuseReportCreateParams {
     company?: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
-     * Cloudflare to third parties such as the Lumen Database
-     * (https://lumendatabase.org/).
+     * Body param: Text containing 2 characters
      */
-    country?: string;
+    reported_country?: string;
 
     /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of destination IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
+     * Body param: Text not exceeding 255 characters
      */
-    destination_ips?: string;
+    reported_user_agent?: string;
 
     /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
+     * Body param: Text not exceeding 20 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
      */
-    host_notification?: 'send' | 'send-anon' | 'none';
+    tele?: string;
 
     /**
-     * Body param: A detailed description of the infringement, including any necessary
-     * access details and the exact steps needed to view the content, not exceeding
-     * 5000 characters
+     * Body param: Text not exceeding 255 characters
      */
-    justification?: string;
+    title?: string;
+  }
 
+  export interface AbuseReportsNcseiReport {
     /**
-     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
-     * and Trademark reports cannot be anonymous.
+     * Path param: The account ID of the submitter.
      */
-    ncmec_notification?: 'send' | 'send-anon' | 'none';
+    account_id: string;
 
     /**
-     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
-     * report.
+     * Body param: The abuse report type.
      */
-    ncsei_subject_representation?: boolean;
+    act: 'abuse_ncsei';
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Body param: A valid email of the abuse reporter. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    original_work?: string;
+    email: string;
+
+    /**
+     * Body param: Should match the value provided in `email`
+     */
+    email2: string;
 
     /**
      * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
      * and Trademark reports cannot be anonymous.
      */
-    owner_notification?: 'send' | 'send-anon' | 'none';
+    host_notification: 'send' | 'send-anon';
 
     /**
-     * Body param: A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP.
-     * The total size of the field should not exceed 2000 characters. Each individual
-     * port/protocol should not exceed 100 characters. The list should not have more
-     * than 30 unique ports and protocols.
+     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
      */
-    ports_protocols?: string;
+    name: string;
 
     /**
-     * Body param: Text containing 2 characters
+     * Body param: If the submitter is the target of NCSEI in the URLs of the abuse
+     * report.
      */
-    reported_country?: string;
+    ncsei_subject_representation: boolean;
 
     /**
-     * Body param: Text not exceeding 255 characters
+     * Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA)
+     * and Trademark reports cannot be anonymous.
      */
-    reported_user_agent?: string;
+    owner_notification: 'send' | 'send-anon' | 'none';
 
     /**
-     * Body param: Required for DMCA reports, should be same as Name. An affirmation
-     * that all information in the report is true and accurate while agreeing to the
-     * policies of Cloudflare's abuse reports
+     * Body param: A list of valid URLs separated by ‘\n’ (new line character). The
+     * list of the URLs should not exceed 250 URLs. All URLs should have the same
+     * hostname. Each URL should be unique. This field may be released by Cloudflare to
+     * third parties such as the Lumen Database (https://lumendatabase.org/).
      */
-    signature?: string;
+    urls: string;
 
     /**
-     * Body param: A list of IP addresses separated by ‘ ’ (new line character). The
-     * list of source IPs should not exceed 30 IP addresses. Each one of the IP
-     * addresses ought to be unique
+     * Body param: Any additional comments about the infringement not exceeding 2000
+     * characters
      */
-    source_ips?: string;
+    comments?: string;
 
     /**
-     * Body param: Text not exceeding 255 characters. This field may be released by
+     * Body param: Text not exceeding 100 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    state?: string;
+    company?: string;
 
     /**
-     * Body param: Text not exceeding 20 characters. This field may be released by
+     * Body param: Text not exceeding 255 characters. This field may be released by
      * Cloudflare to third parties such as the Lumen Database
      * (https://lumendatabase.org/).
      */
-    tele?: string;
+    country?: string;
 
     /**
-     * Body param: Text not exceeding 255 characters
+     * Body param: Text containing 2 characters
      */
-    title?: string;
+    reported_country?: string;
 
     /**
-     * Body param: Text not exceeding 1000 characters
+     * Body param: Text not exceeding 255 characters
      */
-    trademark_number?: string;
+    reported_user_agent?: string;
 
     /**
-     * Body param: Text not exceeding 1000 characters
+     * Body param: Text not exceeding 20 characters. This field may be released by
+     * Cloudflare to third parties such as the Lumen Database
+     * (https://lumendatabase.org/).
      */
-    trademark_office?: string;
+    tele?: string;
 
     /**
-     * Body param: Text not exceeding 1000 characters
+     * Body param: Text not exceeding 255 characters
      */
-    trademark_symbol?: string;
+    title?: string;
   }
 }
 
diff --git a/src/resources/addressing/prefixes/bgp-prefixes.ts b/src/resources/addressing/prefixes/bgp-prefixes.ts
index 519a372d99..1945d1a5b1 100644
--- a/src/resources/addressing/prefixes/bgp-prefixes.ts
+++ b/src/resources/addressing/prefixes/bgp-prefixes.ts
@@ -139,6 +139,14 @@ export interface BGPPrefix {
    */
   asn_prepend_count?: number;
 
+  /**
+   * Determines if Cloudflare advertises a BYOIP BGP prefix even when there is no
+   * matching BGP prefix in the Magic routing table. When true, Cloudflare will
+   * automatically withdraw the BGP prefix when there are no matching BGP routes, and
+   * will resume advertising when there is at least one matching BGP route.
+   */
+  auto_advertise_withdraw?: boolean;
+
   bgp_signal_opts?: BGPPrefix.BGPSignalOpts;
 
   /**
@@ -151,13 +159,6 @@ export interface BGPPrefix {
   modified_at?: string;
 
   on_demand?: BGPPrefix.OnDemand;
-
-  /**
-   * Controls whether the BGP prefix is automatically withdrawn when prefix is
-   * withdrawn from Magic routing table (for Magic Transit customers using Direct
-   * CNI)
-   */
-  withdraw_if_no_route?: boolean;
 }
 
 export namespace BGPPrefix {
@@ -234,16 +235,18 @@ export interface BGPPrefixEditParams {
   asn_prepend_count?: number;
 
   /**
-   * Body param:
+   * Body param: Determines if Cloudflare advertises a BYOIP BGP prefix even when
+   * there is no matching BGP prefix in the Magic routing table. When true,
+   * Cloudflare will automatically withdraw the BGP prefix when there are no matching
+   * BGP routes, and will resume advertising when there is at least one matching BGP
+   * route.
    */
-  on_demand?: BGPPrefixEditParams.OnDemand;
+  auto_advertise_withdraw?: boolean;
 
   /**
-   * Body param: Controls whether the BGP prefix is automatically withdrawn when
-   * prefix is withdrawn from Magic routing table (for Magic Transit customers using
-   * Direct CNI)
+   * Body param:
    */
-  withdraw_if_no_route?: boolean;
+  on_demand?: BGPPrefixEditParams.OnDemand;
 }
 
 export namespace BGPPrefixEditParams {
diff --git a/src/resources/ai-gateway/ai-gateway.ts b/src/resources/ai-gateway/ai-gateway.ts
index ca019da35e..c619ead6b7 100644
--- a/src/resources/ai-gateway/ai-gateway.ts
+++ b/src/resources/ai-gateway/ai-gateway.ts
@@ -240,6 +240,8 @@ export interface AIGatewayCreateResponse {
   logpush?: boolean;
 
   logpush_public_key?: string | null;
+
+  store_id?: string | null;
 }
 
 export interface AIGatewayUpdateResponse {
@@ -279,6 +281,8 @@ export interface AIGatewayUpdateResponse {
   logpush?: boolean;
 
   logpush_public_key?: string | null;
+
+  store_id?: string | null;
 }
 
 export interface AIGatewayListResponse {
@@ -318,6 +322,8 @@ export interface AIGatewayListResponse {
   logpush?: boolean;
 
   logpush_public_key?: string | null;
+
+  store_id?: string | null;
 }
 
 export interface AIGatewayDeleteResponse {
@@ -357,6 +363,8 @@ export interface AIGatewayDeleteResponse {
   logpush?: boolean;
 
   logpush_public_key?: string | null;
+
+  store_id?: string | null;
 }
 
 export interface AIGatewayGetResponse {
@@ -396,6 +404,8 @@ export interface AIGatewayGetResponse {
   logpush?: boolean;
 
   logpush_public_key?: string | null;
+
+  store_id?: string | null;
 }
 
 export interface AIGatewayCreateParams {
@@ -525,6 +535,11 @@ export interface AIGatewayUpdateParams {
    * Body param:
    */
   logpush_public_key?: string | null;
+
+  /**
+   * Body param:
+   */
+  store_id?: string | null;
 }
 
 export interface AIGatewayListParams extends V4PagePaginationArrayParams {
diff --git a/src/resources/ai-gateway/logs.ts b/src/resources/ai-gateway/logs.ts
index 4142a8ce6e..f2df3ca255 100644
--- a/src/resources/ai-gateway/logs.ts
+++ b/src/resources/ai-gateway/logs.ts
@@ -408,6 +408,7 @@ export namespace LogListParams {
       | 'created_at'
       | 'request_content_type'
       | 'response_content_type'
+      | 'request_type'
       | 'success'
       | 'cached'
       | 'provider'
@@ -420,11 +421,13 @@ export namespace LogListParams {
       | 'duration'
       | 'feedback'
       | 'event_id'
-      | 'request_type'
       | 'metadata.key'
       | 'metadata.value'
       | 'prompts.prompt_id'
-      | 'prompts.version_id';
+      | 'prompts.version_id'
+      | 'authentication'
+      | 'wholesale'
+      | 'compatibilityMode';
 
     operator: 'eq' | 'neq' | 'contains' | 'lt' | 'gt';
 
@@ -477,6 +480,7 @@ export namespace LogDeleteParams {
       | 'created_at'
       | 'request_content_type'
       | 'response_content_type'
+      | 'request_type'
       | 'success'
       | 'cached'
       | 'provider'
@@ -489,11 +493,13 @@ export namespace LogDeleteParams {
       | 'duration'
       | 'feedback'
       | 'event_id'
-      | 'request_type'
       | 'metadata.key'
       | 'metadata.value'
       | 'prompts.prompt_id'
-      | 'prompts.version_id';
+      | 'prompts.version_id'
+      | 'authentication'
+      | 'wholesale'
+      | 'compatibilityMode';
 
     operator: 'eq' | 'neq' | 'contains' | 'lt' | 'gt';
 
diff --git a/src/resources/ai/ai.ts b/src/resources/ai/ai.ts
index f2c856be09..a728fa6bf6 100644
--- a/src/resources/ai/ai.ts
+++ b/src/resources/ai/ai.ts
@@ -65,7 +65,8 @@ export type AIRunResponse =
   | AIRunResponse.Translation
   | AIRunResponse.Summarization
   | AIRunResponse.ImageToText
-  | AIRunResponse.ImageTextToText;
+  | AIRunResponse.ImageTextToText
+  | AIRunResponse.MultimodalEmbeddings;
 
 export namespace AIRunResponse {
   export interface TextClassification {
@@ -255,6 +256,12 @@ export namespace AIRunResponse {
   export interface ImageTextToText {
     description?: string;
   }
+
+  export interface MultimodalEmbeddings {
+    data?: Array<Array<number>>;
+
+    shape?: Array<number>;
+  }
 }
 
 export type AIRunParams =
@@ -271,7 +278,8 @@ export type AIRunParams =
   | AIRunParams.Summarization
   | AIRunParams.ImageToText
   | AIRunParams.Variant12
-  | AIRunParams.Variant13;
+  | AIRunParams.Variant13
+  | AIRunParams.MultimodalEmbeddings;
 
 export declare namespace AIRunParams {
   export interface TextClassification {
@@ -1020,6 +1028,23 @@ export declare namespace AIRunParams {
       role: string;
     }
   }
+
+  export interface MultimodalEmbeddings {
+    /**
+     * Path param:
+     */
+    account_id: string;
+
+    /**
+     * Body param: Image in base64 encoded format.
+     */
+    image?: string;
+
+    /**
+     * Body param:
+     */
+    text?: Array<string>;
+  }
 }
 
 AI.Finetunes = Finetunes;
diff --git a/src/resources/ai/finetunes/assets.ts b/src/resources/ai/finetunes/assets.ts
index ec1feaaefd..bd45121e1a 100644
--- a/src/resources/ai/finetunes/assets.ts
+++ b/src/resources/ai/finetunes/assets.ts
@@ -13,27 +13,15 @@ export class Assets extends APIResource {
     options?: Core.RequestOptions,
   ): Core.APIPromise<AssetCreateResponse> {
     const { account_id, ...body } = params;
-    return (
-      this._client.post(
-        `/accounts/${account_id}/ai/finetunes/${finetuneId}/finetune-assets`,
-        Core.multipartFormRequestOptions({ body, ...options }),
-      ) as Core.APIPromise<{ result: AssetCreateResponse }>
-    )._thenUnwrap((obj) => obj.result);
+    return this._client.post(
+      `/accounts/${account_id}/ai/finetunes/${finetuneId}/finetune-assets`,
+      Core.multipartFormRequestOptions({ body, ...options }),
+    );
   }
 }
 
 export interface AssetCreateResponse {
-  id: string;
-
-  bucket_name: string;
-
-  created_at: string;
-
-  file_name: string;
-
-  finetune_id: string;
-
-  modified_at: string;
+  success: boolean;
 }
 
 export interface AssetCreateParams {
diff --git a/src/resources/argo/smart-routing.ts b/src/resources/argo/smart-routing.ts
index fa9e2068e2..79790b6aa6 100644
--- a/src/resources/argo/smart-routing.ts
+++ b/src/resources/argo/smart-routing.ts
@@ -5,7 +5,7 @@ import * as Core from '../../core';
 
 export class SmartRouting extends APIResource {
   /**
-   * Updates enablement of Argo Smart Routing.
+   * Configures the value of the Argo Smart Routing enablement setting.
    *
    * @example
    * ```ts
@@ -28,7 +28,7 @@ export class SmartRouting extends APIResource {
   }
 
   /**
-   * Get Argo Smart Routing setting
+   * Retrieves the value of Argo Smart Routing enablement setting.
    *
    * @example
    * ```ts
@@ -50,25 +50,65 @@ export class SmartRouting extends APIResource {
   }
 }
 
-export type SmartRoutingEditResponse = unknown | string | null;
+export interface SmartRoutingEditResponse {
+  /**
+   * Specifies the identifier of the Argo Smart Routing setting.
+   */
+  id: string;
+
+  /**
+   * Specifies if the setting is editable.
+   */
+  editable: boolean;
+
+  /**
+   * Specifies the enablement value of Argo Smart Routing.
+   */
+  value: 'on' | 'off';
+
+  /**
+   * Specifies the time when the setting was last modified.
+   */
+  modified_on?: string;
+}
 
-export type SmartRoutingGetResponse = unknown | string | null;
+export interface SmartRoutingGetResponse {
+  /**
+   * Specifies the identifier of the Argo Smart Routing setting.
+   */
+  id: string;
+
+  /**
+   * Specifies if the setting is editable.
+   */
+  editable: boolean;
+
+  /**
+   * Specifies the enablement value of Argo Smart Routing.
+   */
+  value: 'on' | 'off';
+
+  /**
+   * Specifies the time when the setting was last modified.
+   */
+  modified_on?: string;
+}
 
 export interface SmartRoutingEditParams {
   /**
-   * Path param: Identifier
+   * Path param: Specifies the zone associated with the API call.
    */
   zone_id: string;
 
   /**
-   * Body param: Enables Argo Smart Routing.
+   * Body param: Specifies the enablement value of Argo Smart Routing.
    */
   value: 'on' | 'off';
 }
 
 export interface SmartRoutingGetParams {
   /**
-   * Identifier
+   * Specifies the zone associated with the API call.
    */
   zone_id: string;
 }
diff --git a/src/resources/bot-management.ts b/src/resources/bot-management.ts
index 5200d8a7d5..e7ad4ba777 100644
--- a/src/resources/bot-management.ts
+++ b/src/resources/bot-management.ts
@@ -136,6 +136,12 @@ export interface BotFightModeConfiguration {
    */
   fight_mode?: boolean;
 
+  /**
+   * Enable cloudflare managed robots.txt. If an existing robots.txt is detected,
+   * then managed robots.txt will be prepended to the existing robots.txt.
+   */
+  is_robots_txt_managed?: boolean;
+
   /**
    * A read-only field that shows which unauthorized settings are currently active on
    * the zone. These settings typically result from upgrades or downgrades.
@@ -211,6 +217,12 @@ export interface BotFightModeConfigurationParam {
    * Whether to enable Bot Fight Mode.
    */
   fight_mode?: boolean;
+
+  /**
+   * Enable cloudflare managed robots.txt. If an existing robots.txt is detected,
+   * then managed robots.txt will be prepended to the existing robots.txt.
+   */
+  is_robots_txt_managed?: boolean;
 }
 
 export interface SubscriptionConfiguration {
@@ -238,6 +250,12 @@ export interface SubscriptionConfiguration {
    */
   enable_js?: boolean;
 
+  /**
+   * Enable cloudflare managed robots.txt. If an existing robots.txt is detected,
+   * then managed robots.txt will be prepended to the existing robots.txt.
+   */
+  is_robots_txt_managed?: boolean;
+
   /**
    * A read-only field that shows which unauthorized settings are currently active on
    * the zone. These settings typically result from upgrades or downgrades.
@@ -322,6 +340,12 @@ export interface SubscriptionConfigurationParam {
    */
   enable_js?: boolean;
 
+  /**
+   * Enable cloudflare managed robots.txt. If an existing robots.txt is detected,
+   * then managed robots.txt will be prepended to the existing robots.txt.
+   */
+  is_robots_txt_managed?: boolean;
+
   /**
    * Whether to disable tracking the highest bot score for a session in the Bot
    * Management cookie.
@@ -347,6 +371,12 @@ export interface SuperBotFightModeDefinitelyConfiguration {
    */
   enable_js?: boolean;
 
+  /**
+   * Enable cloudflare managed robots.txt. If an existing robots.txt is detected,
+   * then managed robots.txt will be prepended to the existing robots.txt.
+   */
+  is_robots_txt_managed?: boolean;
+
   /**
    * Whether to optimize Super Bot Fight Mode protections for Wordpress.
    */
@@ -419,6 +449,12 @@ export interface SuperBotFightModeDefinitelyConfigurationParam {
    */
   enable_js?: boolean;
 
+  /**
+   * Enable cloudflare managed robots.txt. If an existing robots.txt is detected,
+   * then managed robots.txt will be prepended to the existing robots.txt.
+   */
+  is_robots_txt_managed?: boolean;
+
   /**
    * Whether to optimize Super Bot Fight Mode protections for Wordpress.
    */
@@ -460,6 +496,12 @@ export interface SuperBotFightModeLikelyConfiguration {
    */
   enable_js?: boolean;
 
+  /**
+   * Enable cloudflare managed robots.txt. If an existing robots.txt is detected,
+   * then managed robots.txt will be prepended to the existing robots.txt.
+   */
+  is_robots_txt_managed?: boolean;
+
   /**
    * Whether to optimize Super Bot Fight Mode protections for Wordpress.
    */
@@ -531,6 +573,12 @@ export interface SuperBotFightModeLikelyConfigurationParam {
    */
   enable_js?: boolean;
 
+  /**
+   * Enable cloudflare managed robots.txt. If an existing robots.txt is detected,
+   * then managed robots.txt will be prepended to the existing robots.txt.
+   */
+  is_robots_txt_managed?: boolean;
+
   /**
    * Whether to optimize Super Bot Fight Mode protections for Wordpress.
    */
@@ -606,6 +654,12 @@ export declare namespace BotManagementUpdateParams {
      * Body param: Whether to enable Bot Fight Mode.
      */
     fight_mode?: boolean;
+
+    /**
+     * Body param: Enable cloudflare managed robots.txt. If an existing robots.txt is
+     * detected, then managed robots.txt will be prepended to the existing robots.txt.
+     */
+    is_robots_txt_managed?: boolean;
   }
 
   export interface SuperBotFightModeDefinitelyConfiguration {
@@ -632,6 +686,12 @@ export declare namespace BotManagementUpdateParams {
      */
     enable_js?: boolean;
 
+    /**
+     * Body param: Enable cloudflare managed robots.txt. If an existing robots.txt is
+     * detected, then managed robots.txt will be prepended to the existing robots.txt.
+     */
+    is_robots_txt_managed?: boolean;
+
     /**
      * Body param: Whether to optimize Super Bot Fight Mode protections for Wordpress.
      */
@@ -681,6 +741,12 @@ export declare namespace BotManagementUpdateParams {
      */
     enable_js?: boolean;
 
+    /**
+     * Body param: Enable cloudflare managed robots.txt. If an existing robots.txt is
+     * detected, then managed robots.txt will be prepended to the existing robots.txt.
+     */
+    is_robots_txt_managed?: boolean;
+
     /**
      * Body param: Whether to optimize Super Bot Fight Mode protections for Wordpress.
      */
@@ -743,6 +809,12 @@ export declare namespace BotManagementUpdateParams {
      */
     enable_js?: boolean;
 
+    /**
+     * Body param: Enable cloudflare managed robots.txt. If an existing robots.txt is
+     * detected, then managed robots.txt will be prepended to the existing robots.txt.
+     */
+    is_robots_txt_managed?: boolean;
+
     /**
      * Body param: Whether to disable tracking the highest bot score for a session in
      * the Bot Management cookie.
diff --git a/src/resources/brand-protection/brand-protection.ts b/src/resources/brand-protection/brand-protection.ts
index 35614d25f6..97b08f3cad 100644
--- a/src/resources/brand-protection/brand-protection.ts
+++ b/src/resources/brand-protection/brand-protection.ts
@@ -3,13 +3,26 @@
 import { APIResource } from '../../resource';
 import * as Core from '../../core';
 import * as LogoMatchesAPI from './logo-matches';
-import { LogoMatches } from './logo-matches';
+import {
+  LogoMatchDownloadParams,
+  LogoMatchDownloadResponse,
+  LogoMatchGetParams,
+  LogoMatchGetResponse,
+  LogoMatches,
+} from './logo-matches';
 import * as LogosAPI from './logos';
-import { Logos } from './logos';
+import { LogoCreateParams, LogoCreateResponse, LogoDeleteParams, Logos } from './logos';
 import * as MatchesAPI from './matches';
-import { Matches } from './matches';
+import {
+  MatchDownloadParams,
+  MatchDownloadResponse,
+  MatchGetParams,
+  MatchGetResponse,
+  Matches,
+} from './matches';
 import * as QueriesAPI from './queries';
-import { Queries } from './queries';
+import { Queries, QueryCreateParams, QueryDeleteParams } from './queries';
+import { SinglePage } from '../../pagination';
 
 export class BrandProtection extends APIResource {
   queries: QueriesAPI.Queries = new QueriesAPI.Queries(this._client);
@@ -18,46 +31,34 @@ export class BrandProtection extends APIResource {
   logoMatches: LogoMatchesAPI.LogoMatches = new LogoMatchesAPI.LogoMatches(this._client);
 
   /**
-   * Submit suspicious URL for scanning.
-   *
-   * @example
-   * ```ts
-   * const submit = await client.brandProtection.submit({
-   *   account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-   * });
-   * ```
+   * Return new URL submissions
    */
-  submit(params: BrandProtectionSubmitParams, options?: Core.RequestOptions): Core.APIPromise<Submit> {
-    const { account_id, ...body } = params;
-    return (
-      this._client.post(`/accounts/${account_id}/brand-protection/submit`, {
-        body,
-        ...options,
-      }) as Core.APIPromise<{ result: Submit }>
-    )._thenUnwrap((obj) => obj.result);
+  submit(
+    params: BrandProtectionSubmitParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<BrandProtectionSubmitResponse> {
+    const { account_id } = params;
+    return this._client.post(`/accounts/${account_id}/brand-protection/submit`, options);
   }
 
   /**
-   * Gets phishing details about a URL.
-   *
-   * @example
-   * ```ts
-   * const info = await client.brandProtection.urlInfo({
-   *   account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-   * });
-   * ```
+   * Return submitted URLs based on ID
    */
-  urlInfo(params: BrandProtectionURLInfoParams, options?: Core.RequestOptions): Core.APIPromise<Info> {
-    const { account_id, ...query } = params;
-    return (
-      this._client.get(`/accounts/${account_id}/brand-protection/url-info`, {
-        query,
-        ...options,
-      }) as Core.APIPromise<{ result: Info }>
-    )._thenUnwrap((obj) => obj.result);
+  urlInfo(
+    params: BrandProtectionURLInfoParams,
+    options?: Core.RequestOptions,
+  ): Core.PagePromise<BrandProtectionURLInfoResponsesSinglePage, BrandProtectionURLInfoResponse> {
+    const { account_id } = params;
+    return this._client.getAPIList(
+      `/accounts/${account_id}/brand-protection/url-info`,
+      BrandProtectionURLInfoResponsesSinglePage,
+      options,
+    );
   }
 }
 
+export class BrandProtectionURLInfoResponsesSinglePage extends SinglePage<BrandProtectionURLInfoResponse> {}
+
 export interface Info {
   /**
    * List of categorizations applied to this submission.
@@ -67,18 +68,18 @@ export interface Info {
   /**
    * List of model results for completed scans.
    */
-  model_results?: Array<URLInfoModelResults>;
+  model_results?: Array<Info.ModelResult>;
 
   /**
    * List of signatures that matched against site content found when crawling the
    * URL.
    */
-  rule_matches?: Array<RuleMatch>;
+  rule_matches?: Array<Info.RuleMatch>;
 
   /**
    * Status of the most recent scan found.
    */
-  scan_status?: ScanStatus;
+  scan_status?: Info.ScanStatus;
 
   /**
    * For internal use.
@@ -108,53 +109,65 @@ export namespace Info {
      */
     verification_status?: string;
   }
-}
 
-export interface RuleMatch {
-  /**
-   * For internal use.
-   */
-  banning?: boolean;
+  export interface ModelResult {
+    /**
+     * Name of the model.
+     */
+    model_name?: string;
 
-  /**
-   * For internal use.
-   */
-  blocking?: boolean;
+    /**
+     * This is the score that is outputted by the model for this submission.
+     */
+    model_score?: number;
+  }
 
-  /**
-   * Description of the signature that matched.
-   */
-  description?: string;
+  export interface RuleMatch {
+    /**
+     * For internal use.
+     */
+    banning?: boolean;
 
-  /**
-   * Name of the signature that matched.
-   */
-  name?: string;
-}
+    /**
+     * For internal use.
+     */
+    blocking?: boolean;
 
-/**
- * Status of the most recent scan found.
- */
-export interface ScanStatus {
-  /**
-   * Timestamp of when the submission was processed.
-   */
-  last_processed?: string;
+    /**
+     * Description of the signature that matched.
+     */
+    description?: string;
 
-  /**
-   * For internal use.
-   */
-  scan_complete?: boolean;
+    /**
+     * Name of the signature that matched.
+     */
+    name?: string;
+  }
 
   /**
-   * Status code that the crawler received when loading the submitted URL.
+   * Status of the most recent scan found.
    */
-  status_code?: number;
+  export interface ScanStatus {
+    /**
+     * Timestamp of when the submission was processed.
+     */
+    last_processed?: string;
 
-  /**
-   * ID of the most recent submission.
-   */
-  submission_id?: number;
+    /**
+     * For internal use.
+     */
+    scan_complete?: boolean;
+
+    /**
+     * Status code that the crawler received when loading the submitted URL.
+     */
+    status_code?: number;
+
+    /**
+     * ID of the most recent submission.
+     */
+    submission_id?: number;
+  }
 }
 
 export interface Submit {
@@ -208,47 +221,23 @@ export namespace Submit {
   }
 }
 
-export interface URLInfoModelResults {
-  /**
-   * Name of the model.
-   */
-  model_name?: string;
+export interface BrandProtectionSubmitResponse {
+  skipped_urls?: Array<{ [key: string]: unknown }>;
 
-  /**
-   * This is the score that is outputted by the model for this submission.
-   */
-  model_score?: number;
+  submitted_urls?: Array<{ [key: string]: unknown }>;
 }
 
+export type BrandProtectionURLInfoResponse = { [key: string]: unknown };
+
 export interface BrandProtectionSubmitParams {
-  /**
-   * Path param: Identifier.
-   */
   account_id: string;
-
-  /**
-   * Body param: URL(s) to filter submissions results by.
-   */
-  url?: string;
 }
 
 export interface BrandProtectionURLInfoParams {
-  /**
-   * Path param: Identifier.
-   */
   account_id: string;
-
-  /**
-   * Query param: Submission URL(s) to filter submission results by.
-   */
-  url?: Array<string>;
-
-  /**
-   * Query param: Submission ID(s) to filter submission results by.
-   */
-  url_id?: Array<number>;
 }
 
+BrandProtection.BrandProtectionURLInfoResponsesSinglePage = BrandProtectionURLInfoResponsesSinglePage;
 BrandProtection.Queries = Queries;
 BrandProtection.Matches = Matches;
 BrandProtection.Logos = Logos;
@@ -257,19 +246,40 @@ BrandProtection.LogoMatches = LogoMatches;
 export declare namespace BrandProtection {
   export {
     type Info as Info,
-    type RuleMatch as RuleMatch,
-    type ScanStatus as ScanStatus,
     type Submit as Submit,
-    type URLInfoModelResults as URLInfoModelResults,
+    type BrandProtectionSubmitResponse as BrandProtectionSubmitResponse,
+    type BrandProtectionURLInfoResponse as BrandProtectionURLInfoResponse,
+    BrandProtectionURLInfoResponsesSinglePage as BrandProtectionURLInfoResponsesSinglePage,
     type BrandProtectionSubmitParams as BrandProtectionSubmitParams,
     type BrandProtectionURLInfoParams as BrandProtectionURLInfoParams,
   };
 
-  export { Queries as Queries };
+  export {
+    Queries as Queries,
+    type QueryCreateParams as QueryCreateParams,
+    type QueryDeleteParams as QueryDeleteParams,
+  };
 
-  export { Matches as Matches };
+  export {
+    Matches as Matches,
+    type MatchDownloadResponse as MatchDownloadResponse,
+    type MatchGetResponse as MatchGetResponse,
+    type MatchDownloadParams as MatchDownloadParams,
+    type MatchGetParams as MatchGetParams,
+  };
 
-  export { Logos as Logos };
+  export {
+    Logos as Logos,
+    type LogoCreateResponse as LogoCreateResponse,
+    type LogoCreateParams as LogoCreateParams,
+    type LogoDeleteParams as LogoDeleteParams,
+  };
 
-  export { LogoMatches as LogoMatches };
+  export {
+    LogoMatches as LogoMatches,
+    type LogoMatchDownloadResponse as LogoMatchDownloadResponse,
+    type LogoMatchGetResponse as LogoMatchGetResponse,
+    type LogoMatchDownloadParams as LogoMatchDownloadParams,
+    type LogoMatchGetParams as LogoMatchGetParams,
+  };
 }
diff --git a/src/resources/brand-protection/index.ts b/src/resources/brand-protection/index.ts
index 48fb0dbe1e..23abbe5299 100644
--- a/src/resources/brand-protection/index.ts
+++ b/src/resources/brand-protection/index.ts
@@ -1,7 +1,19 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 export { BrandProtection } from './brand-protection';
-export { LogoMatches } from './logo-matches';
-export { Logos } from './logos';
-export { Matches } from './matches';
-export { Queries } from './queries';
+export {
+  LogoMatches,
+  type LogoMatchDownloadResponse,
+  type LogoMatchGetResponse,
+  type LogoMatchDownloadParams,
+  type LogoMatchGetParams,
+} from './logo-matches';
+export { Logos, type LogoCreateResponse, type LogoCreateParams, type LogoDeleteParams } from './logos';
+export {
+  Matches,
+  type MatchDownloadResponse,
+  type MatchGetResponse,
+  type MatchDownloadParams,
+  type MatchGetParams,
+} from './matches';
+export { Queries, type QueryCreateParams, type QueryDeleteParams } from './queries';
diff --git a/src/resources/brand-protection/logo-matches.ts b/src/resources/brand-protection/logo-matches.ts
index 6739017317..bc53041299 100644
--- a/src/resources/brand-protection/logo-matches.ts
+++ b/src/resources/brand-protection/logo-matches.ts
@@ -1,5 +1,93 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 import { APIResource } from '../../resource';
+import * as Core from '../../core';
 
-export class LogoMatches extends APIResource {}
+export class LogoMatches extends APIResource {
+  /**
+   * Return matches as CSV for logo queries based on ID
+   */
+  download(
+    params: LogoMatchDownloadParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<LogoMatchDownloadResponse> {
+    const { account_id, ...query } = params;
+    return this._client.get(`/accounts/${account_id}/brand-protection/logo-matches/download`, {
+      query,
+      ...options,
+    });
+  }
+
+  /**
+   * Return matches for logo queries based on ID
+   */
+  get(params: LogoMatchGetParams, options?: Core.RequestOptions): Core.APIPromise<LogoMatchGetResponse> {
+    const { account_id, ...query } = params;
+    return this._client.get(`/accounts/${account_id}/brand-protection/logo-matches`, { query, ...options });
+  }
+}
+
+export interface LogoMatchDownloadResponse {
+  matches?: Array<{ [key: string]: unknown }>;
+
+  total?: number;
+}
+
+export interface LogoMatchGetResponse {
+  matches?: Array<{ [key: string]: unknown }>;
+
+  total?: number;
+}
+
+export interface LogoMatchDownloadParams {
+  /**
+   * Path param:
+   */
+  account_id: string;
+
+  /**
+   * Query param:
+   */
+  limit?: string;
+
+  /**
+   * Query param:
+   */
+  logo_id?: Array<string>;
+
+  /**
+   * Query param:
+   */
+  offset?: string;
+}
+
+export interface LogoMatchGetParams {
+  /**
+   * Path param:
+   */
+  account_id: string;
+
+  /**
+   * Query param:
+   */
+  limit?: string;
+
+  /**
+   * Query param:
+   */
+  logo_id?: Array<string>;
+
+  /**
+   * Query param:
+   */
+  offset?: string;
+}
+
+export declare namespace LogoMatches {
+  export {
+    type LogoMatchDownloadResponse as LogoMatchDownloadResponse,
+    type LogoMatchGetResponse as LogoMatchGetResponse,
+    type LogoMatchDownloadParams as LogoMatchDownloadParams,
+    type LogoMatchGetParams as LogoMatchGetParams,
+  };
+}
diff --git a/src/resources/brand-protection/logos.ts b/src/resources/brand-protection/logos.ts
index 59e15a9aee..dfc6907049 100644
--- a/src/resources/brand-protection/logos.ts
+++ b/src/resources/brand-protection/logos.ts
@@ -1,5 +1,77 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 import { APIResource } from '../../resource';
+import * as Core from '../../core';
 
-export class Logos extends APIResource {}
+export class Logos extends APIResource {
+  /**
+   * Return new saved logo queries created from image files
+   */
+  create(params: LogoCreateParams, options?: Core.RequestOptions): Core.APIPromise<LogoCreateResponse> {
+    const { account_id, match_type, tag, threshold, ...body } = params;
+    return this._client.post(`/accounts/${account_id}/brand-protection/logos`, {
+      query: { match_type, tag, threshold },
+      body,
+      ...options,
+      headers: { 'Content-Type': 'application/x-www-form-urlencoded', ...options?.headers },
+    });
+  }
+
+  /**
+   * Return a success message after deleting saved logo queries by ID
+   */
+  delete(logoId: string, params: LogoDeleteParams, options?: Core.RequestOptions): Core.APIPromise<void> {
+    const { account_id } = params;
+    return this._client.delete(`/accounts/${account_id}/brand-protection/logos/${logoId}`, {
+      ...options,
+      headers: { Accept: '*/*', ...options?.headers },
+    });
+  }
+}
+
+export interface LogoCreateResponse {
+  id?: number;
+
+  tag?: string;
+
+  upload_path?: string;
+}
+
+export interface LogoCreateParams {
+  /**
+   * Path param:
+   */
+  account_id: string;
+
+  /**
+   * Query param:
+   */
+  match_type?: string;
+
+  /**
+   * Query param:
+   */
+  tag?: string;
+
+  /**
+   * Query param:
+   */
+  threshold?: number;
+
+  /**
+   * Body param:
+   */
+  image?: Core.Uploadable;
+}
+
+export interface LogoDeleteParams {
+  account_id: string;
+}
+
+export declare namespace Logos {
+  export {
+    type LogoCreateResponse as LogoCreateResponse,
+    type LogoCreateParams as LogoCreateParams,
+    type LogoDeleteParams as LogoDeleteParams,
+  };
+}
diff --git a/src/resources/brand-protection/matches.ts b/src/resources/brand-protection/matches.ts
index c158fda89e..5ce299de58 100644
--- a/src/resources/brand-protection/matches.ts
+++ b/src/resources/brand-protection/matches.ts
@@ -1,5 +1,103 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 import { APIResource } from '../../resource';
+import * as Core from '../../core';
 
-export class Matches extends APIResource {}
+export class Matches extends APIResource {
+  /**
+   * Return matches as CSV for string queries based on ID
+   */
+  download(
+    params: MatchDownloadParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<MatchDownloadResponse> {
+    const { account_id, ...query } = params;
+    return this._client.get(`/accounts/${account_id}/brand-protection/matches/download`, {
+      query,
+      ...options,
+    });
+  }
+
+  /**
+   * Return matches for string queries based on ID
+   */
+  get(params: MatchGetParams, options?: Core.RequestOptions): Core.APIPromise<MatchGetResponse> {
+    const { account_id, ...query } = params;
+    return this._client.get(`/accounts/${account_id}/brand-protection/matches`, { query, ...options });
+  }
+}
+
+export interface MatchDownloadResponse {
+  matches?: Array<{ [key: string]: unknown }>;
+
+  total?: number;
+}
+
+export interface MatchGetResponse {
+  matches?: Array<{ [key: string]: unknown }>;
+
+  total?: number;
+}
+
+export interface MatchDownloadParams {
+  /**
+   * Path param:
+   */
+  account_id: string;
+
+  /**
+   * Query param:
+   */
+  id?: string;
+
+  /**
+   * Query param:
+   */
+  include_domain_id?: boolean;
+
+  /**
+   * Query param:
+   */
+  limit?: number;
+
+  /**
+   * Query param:
+   */
+  offset?: number;
+}
+
+export interface MatchGetParams {
+  /**
+   * Path param:
+   */
+  account_id: string;
+
+  /**
+   * Query param:
+   */
+  id?: string;
+
+  /**
+   * Query param:
+   */
+  include_domain_id?: boolean;
+
+  /**
+   * Query param:
+   */
+  limit?: number;
+
+  /**
+   * Query param:
+   */
+  offset?: number;
+}
+
+export declare namespace Matches {
+  export {
+    type MatchDownloadResponse as MatchDownloadResponse,
+    type MatchGetResponse as MatchGetResponse,
+    type MatchDownloadParams as MatchDownloadParams,
+    type MatchGetParams as MatchGetParams,
+  };
+}
diff --git a/src/resources/brand-protection/queries.ts b/src/resources/brand-protection/queries.ts
index 1794cc0174..ec7289f369 100644
--- a/src/resources/brand-protection/queries.ts
+++ b/src/resources/brand-protection/queries.ts
@@ -1,5 +1,104 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 import { APIResource } from '../../resource';
+import * as Core from '../../core';
 
-export class Queries extends APIResource {}
+export class Queries extends APIResource {
+  /**
+   * Return a success message after creating new saved string queries
+   */
+  create(params: QueryCreateParams, options?: Core.RequestOptions): Core.APIPromise<void> {
+    const { account_id, id, query_scan, query_tag, ...body } = params;
+    return this._client.post(`/accounts/${account_id}/brand-protection/queries`, {
+      query: { id, scan: query_scan, tag: query_tag },
+      body,
+      ...options,
+      headers: { Accept: '*/*', ...options?.headers },
+    });
+  }
+
+  /**
+   * Return a success message after deleting saved string queries by ID
+   */
+  delete(params: QueryDeleteParams, options?: Core.RequestOptions): Core.APIPromise<void> {
+    const { account_id, id, scan, tag } = params;
+    return this._client.delete(`/accounts/${account_id}/brand-protection/queries`, {
+      query: { id, scan, tag },
+      ...options,
+      headers: { Accept: '*/*', ...options?.headers },
+    });
+  }
+}
+
+export interface QueryCreateParams {
+  /**
+   * Path param:
+   */
+  account_id: string;
+
+  /**
+   * Query param:
+   */
+  id?: string;
+
+  /**
+   * Query param:
+   */
+  query_scan?: boolean;
+
+  /**
+   * Query param:
+   */
+  query_tag?: string;
+
+  /**
+   * Body param:
+   */
+  max_time?: string | null;
+
+  /**
+   * Body param:
+   */
+  min_time?: string | null;
+
+  /**
+   * Body param:
+   */
+  body_scan?: boolean;
+
+  /**
+   * Body param:
+   */
+  string_matches?: unknown;
+
+  /**
+   * Body param:
+   */
+  body_tag?: string;
+}
+
+export interface QueryDeleteParams {
+  /**
+   * Path param:
+   */
+  account_id: string;
+
+  /**
+   * Query param:
+   */
+  id?: string;
+
+  /**
+   * Query param:
+   */
+  scan?: boolean;
+
+  /**
+   * Query param:
+   */
+  tag?: string;
+}
+
+export declare namespace Queries {
+  export { type QueryCreateParams as QueryCreateParams, type QueryDeleteParams as QueryDeleteParams };
+}
diff --git a/src/resources/browser-rendering/json.ts b/src/resources/browser-rendering/json.ts
index f236ed4200..5afa5cc125 100644
--- a/src/resources/browser-rendering/json.ts
+++ b/src/resources/browser-rendering/json.ts
@@ -98,6 +98,13 @@ export interface JsonCreateParams {
    */
   cookies?: Array<JsonCreateParams.Cookie>;
 
+  /**
+   * Body param: Optional list of custom AI models to use for the request. The models
+   * will be tried in the order provided, and in case a model returns an error, the
+   * next one will be used as fallback.
+   */
+  custom_ai?: Array<JsonCreateParams.CustomAI>;
+
   /**
    * Body param:
    */
@@ -248,6 +255,19 @@ export namespace JsonCreateParams {
     url?: string;
   }
 
+  export interface CustomAI {
+    /**
+     * Authorization token for the AI model: `Bearer <token>`.
+     */
+    authorization: string;
+
+    /**
+     * AI model to use for the request. Must be formed as `<provider>/<model_name>`,
+     * e.g. `workers-ai/@cf/meta/llama-3.3-70b-instruct-fp8-fast`
+     */
+    model: string;
+  }
+
   /**
    * Check [options](https://pptr.dev/api/puppeteer.gotooptions).
    */
diff --git a/src/resources/cache/cache.ts b/src/resources/cache/cache.ts
index e62dd3c823..4b57d9c83f 100644
--- a/src/resources/cache/cache.ts
+++ b/src/resources/cache/cache.ts
@@ -123,7 +123,7 @@ export class Cache extends APIResource {
    * @example
    * ```ts
    * const response = await client.cache.purge({
-   *   zone_id: 'zone_id',
+   *   zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
    * });
    * ```
    */
@@ -138,9 +138,6 @@ export class Cache extends APIResource {
 }
 
 export interface CachePurgeResponse {
-  /**
-   * Identifier.
-   */
   id: string;
 }
 
diff --git a/src/resources/cloudforce-one/binary-storage.ts b/src/resources/cloudforce-one/binary-storage.ts
new file mode 100644
index 0000000000..f5aefc3772
--- /dev/null
+++ b/src/resources/cloudforce-one/binary-storage.ts
@@ -0,0 +1,84 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import { APIResource } from '../../resource';
+import * as Core from '../../core';
+
+export class BinaryStorage extends APIResource {
+  /**
+   * Posts a file to Binary Storage
+   *
+   * @example
+   * ```ts
+   * const binaryStorage =
+   *   await client.cloudforceOne.binaryStorage.create({
+   *     account_id: 'account_id',
+   *     file: fs.createReadStream('path/to/file'),
+   *   });
+   * ```
+   */
+  create(
+    params: BinaryStorageCreateParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<BinaryStorageCreateResponse> {
+    const { account_id, ...body } = params;
+    return this._client.post(
+      `/accounts/${account_id}/cloudforce-one/binary`,
+      Core.multipartFormRequestOptions({ body, ...options }),
+    );
+  }
+
+  /**
+   * Retrieves a file from Binary Storage
+   *
+   * @example
+   * ```ts
+   * await client.cloudforceOne.binaryStorage.get('hash', {
+   *   account_id: 'account_id',
+   * });
+   * ```
+   */
+  get(hash: string, params: BinaryStorageGetParams, options?: Core.RequestOptions): Core.APIPromise<void> {
+    const { account_id } = params;
+    return this._client.get(`/accounts/${account_id}/cloudforce-one/binary/${hash}`, {
+      ...options,
+      headers: { Accept: '*/*', ...options?.headers },
+    });
+  }
+}
+
+export interface BinaryStorageCreateResponse {
+  content_type: string;
+
+  md5: string;
+
+  sha1: string;
+
+  sha256: string;
+}
+
+export interface BinaryStorageCreateParams {
+  /**
+   * Path param: Account ID.
+   */
+  account_id: string;
+
+  /**
+   * Body param: The binary file content to upload.
+   */
+  file: Core.Uploadable;
+}
+
+export interface BinaryStorageGetParams {
+  /**
+   * Account ID.
+   */
+  account_id: string;
+}
+
+export declare namespace BinaryStorage {
+  export {
+    type BinaryStorageCreateResponse as BinaryStorageCreateResponse,
+    type BinaryStorageCreateParams as BinaryStorageCreateParams,
+    type BinaryStorageGetParams as BinaryStorageGetParams,
+  };
+}
diff --git a/src/resources/cloudforce-one/cloudforce-one.ts b/src/resources/cloudforce-one/cloudforce-one.ts
index 758dc12742..aeabfa782e 100644
--- a/src/resources/cloudforce-one/cloudforce-one.ts
+++ b/src/resources/cloudforce-one/cloudforce-one.ts
@@ -1,6 +1,13 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 import { APIResource } from '../../resource';
+import * as BinaryStorageAPI from './binary-storage';
+import {
+  BinaryStorage,
+  BinaryStorageCreateParams,
+  BinaryStorageCreateResponse,
+  BinaryStorageGetParams,
+} from './binary-storage';
 import * as RequestsAPI from './requests/requests';
 import {
   Item,
@@ -43,11 +50,13 @@ import {
 
 export class CloudforceOne extends APIResource {
   scans: ScansAPI.Scans = new ScansAPI.Scans(this._client);
+  binaryStorage: BinaryStorageAPI.BinaryStorage = new BinaryStorageAPI.BinaryStorage(this._client);
   requests: RequestsAPI.Requests = new RequestsAPI.Requests(this._client);
   threatEvents: ThreatEventsAPI.ThreatEvents = new ThreatEventsAPI.ThreatEvents(this._client);
 }
 
 CloudforceOne.Scans = Scans;
+CloudforceOne.BinaryStorage = BinaryStorage;
 CloudforceOne.Requests = Requests;
 CloudforceOne.ListItemsSinglePage = ListItemsSinglePage;
 CloudforceOne.RequestTypesResponsesSinglePage = RequestTypesResponsesSinglePage;
@@ -56,6 +65,13 @@ CloudforceOne.ThreatEvents = ThreatEvents;
 export declare namespace CloudforceOne {
   export { Scans as Scans };
 
+  export {
+    BinaryStorage as BinaryStorage,
+    type BinaryStorageCreateResponse as BinaryStorageCreateResponse,
+    type BinaryStorageCreateParams as BinaryStorageCreateParams,
+    type BinaryStorageGetParams as BinaryStorageGetParams,
+  };
+
   export {
     Requests as Requests,
     type Item as Item,
diff --git a/src/resources/cloudforce-one/index.ts b/src/resources/cloudforce-one/index.ts
index 49d822b613..f69388911d 100644
--- a/src/resources/cloudforce-one/index.ts
+++ b/src/resources/cloudforce-one/index.ts
@@ -1,5 +1,11 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
+export {
+  BinaryStorage,
+  type BinaryStorageCreateResponse,
+  type BinaryStorageCreateParams,
+  type BinaryStorageGetParams,
+} from './binary-storage';
 export { CloudforceOne } from './cloudforce-one';
 export {
   ListItemsSinglePage,
diff --git a/src/resources/cloudforce-one/threat-events/index.ts b/src/resources/cloudforce-one/threat-events/index.ts
index 146beb3bcc..6a36effbdf 100644
--- a/src/resources/cloudforce-one/threat-events/index.ts
+++ b/src/resources/cloudforce-one/threat-events/index.ts
@@ -47,17 +47,7 @@ export {
   type IndicatorTypeListResponse,
   type IndicatorTypeListParams,
 } from './indicator-types';
-export {
-  Insights,
-  type InsightCreateResponse,
-  type InsightDeleteResponse,
-  type InsightEditResponse,
-  type InsightGetResponse,
-  type InsightCreateParams,
-  type InsightDeleteParams,
-  type InsightEditParams,
-  type InsightGetParams,
-} from './insights';
+export { Insights } from './insights';
 export { Raw, type RawEditResponse, type RawGetResponse, type RawEditParams, type RawGetParams } from './raw';
 export { Relate, type RelateDeleteResponse, type RelateDeleteParams } from './relate';
 export { Tags, type TagCreateResponse, type TagCreateParams } from './tags';
diff --git a/src/resources/cloudforce-one/threat-events/insights.ts b/src/resources/cloudforce-one/threat-events/insights.ts
index b20b1bc870..99fabeef7d 100644
--- a/src/resources/cloudforce-one/threat-events/insights.ts
+++ b/src/resources/cloudforce-one/threat-events/insights.ts
@@ -1,197 +1,5 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 import { APIResource } from '../../../resource';
-import * as Core from '../../../core';
 
-export class Insights extends APIResource {
-  /**
-   * Adds an insight to an event
-   *
-   * @example
-   * ```ts
-   * const insight =
-   *   await client.cloudforceOne.threatEvents.insights.create(
-   *     'event_id',
-   *     {
-   *       account_id: 'account_id',
-   *       content:
-   *         'Here is some additional context _in markdown_',
-   *     },
-   *   );
-   * ```
-   */
-  create(
-    eventId: string,
-    params: InsightCreateParams,
-    options?: Core.RequestOptions,
-  ): Core.APIPromise<InsightCreateResponse> {
-    const { account_id, ...body } = params;
-    return (
-      this._client.post(`/accounts/${account_id}/cloudforce-one/events/${eventId}/insight/create`, {
-        body,
-        ...options,
-      }) as Core.APIPromise<{ result: InsightCreateResponse }>
-    )._thenUnwrap((obj) => obj.result);
-  }
-
-  /**
-   * Deletes an event insight
-   *
-   * @example
-   * ```ts
-   * const insight =
-   *   await client.cloudforceOne.threatEvents.insights.delete(
-   *     'event_id',
-   *     'insight_id',
-   *     { account_id: 'account_id' },
-   *   );
-   * ```
-   */
-  delete(
-    eventId: string,
-    insightId: string,
-    params: InsightDeleteParams,
-    options?: Core.RequestOptions,
-  ): Core.APIPromise<InsightDeleteResponse> {
-    const { account_id } = params;
-    return (
-      this._client.delete(
-        `/accounts/${account_id}/cloudforce-one/events/${eventId}/insight/${insightId}`,
-        options,
-      ) as Core.APIPromise<{ result: InsightDeleteResponse }>
-    )._thenUnwrap((obj) => obj.result);
-  }
-
-  /**
-   * Updates an event insight
-   *
-   * @example
-   * ```ts
-   * const response =
-   *   await client.cloudforceOne.threatEvents.insights.edit(
-   *     'event_id',
-   *     'insight_id',
-   *     {
-   *       account_id: 'account_id',
-   *       content:
-   *         'Updated: Here is some additional context _in markdown_',
-   *     },
-   *   );
-   * ```
-   */
-  edit(
-    eventId: string,
-    insightId: string,
-    params: InsightEditParams,
-    options?: Core.RequestOptions,
-  ): Core.APIPromise<InsightEditResponse> {
-    const { account_id, ...body } = params;
-    return (
-      this._client.patch(`/accounts/${account_id}/cloudforce-one/events/${eventId}/insight/${insightId}`, {
-        body,
-        ...options,
-      }) as Core.APIPromise<{ result: InsightEditResponse }>
-    )._thenUnwrap((obj) => obj.result);
-  }
-
-  /**
-   * Reads an event insight
-   *
-   * @example
-   * ```ts
-   * const insight =
-   *   await client.cloudforceOne.threatEvents.insights.get(
-   *     'event_id',
-   *     'insight_id',
-   *     { account_id: 'account_id' },
-   *   );
-   * ```
-   */
-  get(
-    eventId: string,
-    insightId: string,
-    params: InsightGetParams,
-    options?: Core.RequestOptions,
-  ): Core.APIPromise<InsightGetResponse> {
-    const { account_id } = params;
-    return (
-      this._client.get(
-        `/accounts/${account_id}/cloudforce-one/events/${eventId}/insight/${insightId}`,
-        options,
-      ) as Core.APIPromise<{ result: InsightGetResponse }>
-    )._thenUnwrap((obj) => obj.result);
-  }
-}
-
-export interface InsightCreateResponse {
-  content: string;
-
-  uuid: string;
-}
-
-export interface InsightDeleteResponse {
-  success: boolean;
-}
-
-export interface InsightEditResponse {
-  content: string;
-
-  uuid: string;
-}
-
-export interface InsightGetResponse {
-  content: string;
-
-  uuid: string;
-}
-
-export interface InsightCreateParams {
-  /**
-   * Path param: Account ID.
-   */
-  account_id: string;
-
-  /**
-   * Body param:
-   */
-  content: string;
-}
-
-export interface InsightDeleteParams {
-  /**
-   * Account ID.
-   */
-  account_id: string;
-}
-
-export interface InsightEditParams {
-  /**
-   * Path param: Account ID.
-   */
-  account_id: string;
-
-  /**
-   * Body param:
-   */
-  content: string;
-}
-
-export interface InsightGetParams {
-  /**
-   * Account ID.
-   */
-  account_id: string;
-}
-
-export declare namespace Insights {
-  export {
-    type InsightCreateResponse as InsightCreateResponse,
-    type InsightDeleteResponse as InsightDeleteResponse,
-    type InsightEditResponse as InsightEditResponse,
-    type InsightGetResponse as InsightGetResponse,
-    type InsightCreateParams as InsightCreateParams,
-    type InsightDeleteParams as InsightDeleteParams,
-    type InsightEditParams as InsightEditParams,
-    type InsightGetParams as InsightGetParams,
-  };
-}
+export class Insights extends APIResource {}
diff --git a/src/resources/cloudforce-one/threat-events/threat-events.ts b/src/resources/cloudforce-one/threat-events/threat-events.ts
index 967c7e19e4..34a9196da9 100644
--- a/src/resources/cloudforce-one/threat-events/threat-events.ts
+++ b/src/resources/cloudforce-one/threat-events/threat-events.ts
@@ -33,17 +33,7 @@ import {
 import * as IndicatorTypesAPI from './indicator-types';
 import { IndicatorTypeListParams, IndicatorTypeListResponse, IndicatorTypes } from './indicator-types';
 import * as InsightsAPI from './insights';
-import {
-  InsightCreateParams,
-  InsightCreateResponse,
-  InsightDeleteParams,
-  InsightDeleteResponse,
-  InsightEditParams,
-  InsightEditResponse,
-  InsightGetParams,
-  InsightGetResponse,
-  Insights,
-} from './insights';
+import { Insights } from './insights';
 import * as RawAPI from './raw';
 import { Raw as RawAPIRaw, RawEditParams, RawEditResponse, RawGetParams, RawGetResponse } from './raw';
 import * as RelateAPI from './relate';
@@ -84,10 +74,10 @@ export class ThreatEvents extends APIResource {
   insights: InsightsAPI.Insights = new InsightsAPI.Insights(this._client);
 
   /**
-   * Events must be created in a client-specific dataset, which means the `datasetId`
-   * parameter must be defined. To create a dataset, see the
+   * To create a dataset, see the
    * [`Create Dataset`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/create/)
-   * endpoint.
+   * endpoint. When `datasetId` parameter is unspecified, it will be created in a
+   * default dataset named `Cloudforce One Threat Events`.
    *
    * @example
    * ```ts
@@ -112,8 +102,9 @@ export class ThreatEvents extends APIResource {
   }
 
   /**
-   * The `datasetId` must be defined (to list existing datasets (and their IDs), use
-   * the
+   * When `datasetId` is unspecified, events will be listed from the
+   * `Cloudforce One Threat Events` dataset. To list existing datasets (and their
+   * IDs), use the
    * [`List Datasets`](https://developers.cloudflare.com/api/resources/cloudforce_one/subresources/threat_events/subresources/datasets/methods/list/)
    * endpoint). Also, must provide query parameters.
    *
@@ -511,7 +502,7 @@ export interface ThreatEventCreateParams {
   /**
    * Body param:
    */
-  attacker?: string;
+  attacker?: string | null;
 
   /**
    * Body param:
@@ -658,7 +649,7 @@ export namespace ThreatEventBulkCreateParams {
 
     accountId?: number;
 
-    attacker?: string;
+    attacker?: string | null;
 
     attackerCountry?: string;
 
@@ -693,7 +684,7 @@ export interface ThreatEventEditParams {
   /**
    * Body param:
    */
-  attacker?: string;
+  attacker?: string | null;
 
   /**
    * Body param:
@@ -725,6 +716,16 @@ export interface ThreatEventEditParams {
    */
   indicatorType?: string;
 
+  /**
+   * Body param:
+   */
+  insight?: string;
+
+  /**
+   * Body param:
+   */
+  raw?: ThreatEventEditParams.Raw;
+
   /**
    * Body param:
    */
@@ -741,6 +742,16 @@ export interface ThreatEventEditParams {
   tlp?: string;
 }
 
+export namespace ThreatEventEditParams {
+  export interface Raw {
+    data?: { [key: string]: unknown } | null;
+
+    source?: string;
+
+    tlp?: string;
+  }
+}
+
 export interface ThreatEventGetParams {
   /**
    * Account ID.
@@ -865,15 +876,5 @@ export declare namespace ThreatEvents {
     type TargetIndustryListParams as TargetIndustryListParams,
   };
 
-  export {
-    Insights as Insights,
-    type InsightCreateResponse as InsightCreateResponse,
-    type InsightDeleteResponse as InsightDeleteResponse,
-    type InsightEditResponse as InsightEditResponse,
-    type InsightGetResponse as InsightGetResponse,
-    type InsightCreateParams as InsightCreateParams,
-    type InsightDeleteParams as InsightDeleteParams,
-    type InsightEditParams as InsightEditParams,
-    type InsightGetParams as InsightGetParams,
-  };
+  export { Insights as Insights };
 }
diff --git a/src/resources/custom-nameservers.ts b/src/resources/custom-nameservers.ts
index 9e8ba96e78..8542a87c22 100644
--- a/src/resources/custom-nameservers.ts
+++ b/src/resources/custom-nameservers.ts
@@ -102,7 +102,7 @@ export interface CustomNameserver {
   status: 'moved' | 'pending' | 'verified';
 
   /**
-   * Identifier
+   * Identifier.
    */
   zone_tag: string;
 
diff --git a/src/resources/custom-pages.ts b/src/resources/custom-pages.ts
index 38ab076687..6bd1b13cf7 100644
--- a/src/resources/custom-pages.ts
+++ b/src/resources/custom-pages.ts
@@ -13,7 +13,7 @@ export class CustomPages extends APIResource {
    * @example
    * ```ts
    * const customPage = await client.customPages.update(
-   *   '023e105f4ecef8ad9ca31a8372d0c353',
+   *   'ratelimit_block',
    *   {
    *     state: 'default',
    *     url: 'http://www.example.com',
@@ -23,10 +23,17 @@ export class CustomPages extends APIResource {
    * ```
    */
   update(
-    identifier: string,
+    identifier:
+      | 'waf_block'
+      | 'ip_block'
+      | 'country_challenge'
+      | '500_errors'
+      | '1000_errors'
+      | 'managed_challenge'
+      | 'ratelimit_block',
     params: CustomPageUpdateParams,
     options?: Core.RequestOptions,
-  ): Core.APIPromise<CustomPageUpdateResponse | null> {
+  ): Core.APIPromise<CustomPageUpdateResponse> {
     const { account_id, zone_id, ...body } = params;
     if (!account_id && !zone_id) {
       throw new CloudflareError('You must provide either account_id or zone_id.');
@@ -48,7 +55,7 @@ export class CustomPages extends APIResource {
       this._client.put(`/${accountOrZone}/${accountOrZoneId}/custom_pages/${identifier}`, {
         body,
         ...options,
-      }) as Core.APIPromise<{ result: CustomPageUpdateResponse | null }>
+      }) as Core.APIPromise<{ result: CustomPageUpdateResponse }>
     )._thenUnwrap((obj) => obj.result);
   }
 
@@ -109,22 +116,46 @@ export class CustomPages extends APIResource {
    * @example
    * ```ts
    * const customPage = await client.customPages.get(
-   *   '023e105f4ecef8ad9ca31a8372d0c353',
+   *   'ratelimit_block',
    *   { account_id: 'account_id' },
    * );
    * ```
    */
   get(
-    identifier: string,
+    identifier:
+      | 'waf_block'
+      | 'ip_block'
+      | 'country_challenge'
+      | '500_errors'
+      | '1000_errors'
+      | 'managed_challenge'
+      | 'ratelimit_block',
     params?: CustomPageGetParams,
     options?: Core.RequestOptions,
-  ): Core.APIPromise<CustomPageGetResponse | null>;
-  get(identifier: string, options?: Core.RequestOptions): Core.APIPromise<CustomPageGetResponse | null>;
+  ): Core.APIPromise<CustomPageGetResponse>;
   get(
-    identifier: string,
+    identifier:
+      | 'waf_block'
+      | 'ip_block'
+      | 'country_challenge'
+      | '500_errors'
+      | '1000_errors'
+      | 'managed_challenge'
+      | 'ratelimit_block',
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CustomPageGetResponse>;
+  get(
+    identifier:
+      | 'waf_block'
+      | 'ip_block'
+      | 'country_challenge'
+      | '500_errors'
+      | '1000_errors'
+      | 'managed_challenge'
+      | 'ratelimit_block',
     params: CustomPageGetParams | Core.RequestOptions = {},
     options?: Core.RequestOptions,
-  ): Core.APIPromise<CustomPageGetResponse | null> {
+  ): Core.APIPromise<CustomPageGetResponse> {
     if (isRequestOptions(params)) {
       return this.get(identifier, {}, params);
     }
@@ -149,18 +180,84 @@ export class CustomPages extends APIResource {
       this._client.get(
         `/${accountOrZone}/${accountOrZoneId}/custom_pages/${identifier}`,
         options,
-      ) as Core.APIPromise<{ result: CustomPageGetResponse | null }>
+      ) as Core.APIPromise<{ result: CustomPageGetResponse }>
     )._thenUnwrap((obj) => obj.result);
   }
 }
 
 export class CustomPageListResponsesSinglePage extends SinglePage<CustomPageListResponse> {}
 
-export type CustomPageUpdateResponse = unknown | string;
+export interface CustomPageUpdateResponse {
+  id?: string;
+
+  created_on?: string;
+
+  description?: string;
+
+  modified_on?: string;
+
+  preview_target?: string;
+
+  required_tokens?: Array<string>;
+
+  /**
+   * The custom page state.
+   */
+  state?: 'default' | 'customized';
+
+  /**
+   * The URL associated with the custom page.
+   */
+  url?: string;
+}
+
+export interface CustomPageListResponse {
+  id?: string;
+
+  created_on?: string;
+
+  description?: string;
+
+  modified_on?: string;
+
+  preview_target?: string;
 
-export type CustomPageListResponse = unknown;
+  required_tokens?: Array<string>;
 
-export type CustomPageGetResponse = unknown | string;
+  /**
+   * The custom page state.
+   */
+  state?: 'default' | 'customized';
+
+  /**
+   * The URL associated with the custom page.
+   */
+  url?: string;
+}
+
+export interface CustomPageGetResponse {
+  id?: string;
+
+  created_on?: string;
+
+  description?: string;
+
+  modified_on?: string;
+
+  preview_target?: string;
+
+  required_tokens?: Array<string>;
+
+  /**
+   * The custom page state.
+   */
+  state?: 'default' | 'customized';
+
+  /**
+   * The URL associated with the custom page.
+   */
+  url?: string;
+}
 
 export interface CustomPageUpdateParams {
   /**
diff --git a/src/resources/diagnostics/diagnostics.ts b/src/resources/diagnostics/diagnostics.ts
index f8ee339f11..395bc5f6a3 100644
--- a/src/resources/diagnostics/diagnostics.ts
+++ b/src/resources/diagnostics/diagnostics.ts
@@ -1,15 +1,33 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 import { APIResource } from '../../resource';
+import * as EndpointHealthchecksAPI from './endpoint-healthchecks';
+import {
+  EndpointHealthcheck,
+  EndpointHealthcheckCreateParams,
+  EndpointHealthcheckCreateResponse,
+  EndpointHealthcheckDeleteParams,
+  EndpointHealthcheckDeleteResponse,
+  EndpointHealthcheckGetParams,
+  EndpointHealthcheckGetResponse,
+  EndpointHealthcheckListParams,
+  EndpointHealthcheckListResponse,
+  EndpointHealthcheckUpdateParams,
+  EndpointHealthcheckUpdateResponse,
+  EndpointHealthchecks,
+} from './endpoint-healthchecks';
 import * as TraceroutesAPI from './traceroutes';
 import { Traceroute, TracerouteCreateParams, Traceroutes, TraceroutesSinglePage } from './traceroutes';
 
 export class Diagnostics extends APIResource {
   traceroutes: TraceroutesAPI.Traceroutes = new TraceroutesAPI.Traceroutes(this._client);
+  endpointHealthchecks: EndpointHealthchecksAPI.EndpointHealthchecks =
+    new EndpointHealthchecksAPI.EndpointHealthchecks(this._client);
 }
 
 Diagnostics.Traceroutes = Traceroutes;
 Diagnostics.TraceroutesSinglePage = TraceroutesSinglePage;
+Diagnostics.EndpointHealthchecks = EndpointHealthchecks;
 
 export declare namespace Diagnostics {
   export {
@@ -18,4 +36,19 @@ export declare namespace Diagnostics {
     TraceroutesSinglePage as TraceroutesSinglePage,
     type TracerouteCreateParams as TracerouteCreateParams,
   };
+
+  export {
+    EndpointHealthchecks as EndpointHealthchecks,
+    type EndpointHealthcheck as EndpointHealthcheck,
+    type EndpointHealthcheckCreateResponse as EndpointHealthcheckCreateResponse,
+    type EndpointHealthcheckUpdateResponse as EndpointHealthcheckUpdateResponse,
+    type EndpointHealthcheckListResponse as EndpointHealthcheckListResponse,
+    type EndpointHealthcheckDeleteResponse as EndpointHealthcheckDeleteResponse,
+    type EndpointHealthcheckGetResponse as EndpointHealthcheckGetResponse,
+    type EndpointHealthcheckCreateParams as EndpointHealthcheckCreateParams,
+    type EndpointHealthcheckUpdateParams as EndpointHealthcheckUpdateParams,
+    type EndpointHealthcheckListParams as EndpointHealthcheckListParams,
+    type EndpointHealthcheckDeleteParams as EndpointHealthcheckDeleteParams,
+    type EndpointHealthcheckGetParams as EndpointHealthcheckGetParams,
+  };
 }
diff --git a/src/resources/diagnostics/endpoint-healthchecks.ts b/src/resources/diagnostics/endpoint-healthchecks.ts
new file mode 100644
index 0000000000..ed1fbfa81f
--- /dev/null
+++ b/src/resources/diagnostics/endpoint-healthchecks.ts
@@ -0,0 +1,364 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import { APIResource } from '../../resource';
+import * as Core from '../../core';
+
+export class EndpointHealthchecks extends APIResource {
+  /**
+   * Create Endpoint Health Check.
+   *
+   * @example
+   * ```ts
+   * const endpointHealthcheck =
+   *   await client.diagnostics.endpointHealthchecks.create({
+   *     account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+   *     check_type: 'icmp',
+   *     endpoint: '203.0.113.1',
+   *   });
+   * ```
+   */
+  create(
+    params: EndpointHealthcheckCreateParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<EndpointHealthcheckCreateResponse> {
+    const { account_id, ...body } = params;
+    return (
+      this._client.post(`/accounts/${account_id}/diagnostics/endpoint-healthchecks`, {
+        body,
+        ...options,
+      }) as Core.APIPromise<{ result: EndpointHealthcheckCreateResponse }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Update a Endpoint Health Check.
+   *
+   * @example
+   * ```ts
+   * const endpointHealthcheck =
+   *   await client.diagnostics.endpointHealthchecks.update(
+   *     'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+   *     {
+   *       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+   *       check_type: 'icmp',
+   *       endpoint: '203.0.113.1',
+   *     },
+   *   );
+   * ```
+   */
+  update(
+    id: string,
+    params: EndpointHealthcheckUpdateParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<EndpointHealthcheckUpdateResponse> {
+    const { account_id, ...body } = params;
+    return (
+      this._client.put(`/accounts/${account_id}/diagnostics/endpoint-healthchecks/${id}`, {
+        body,
+        ...options,
+      }) as Core.APIPromise<{ result: EndpointHealthcheckUpdateResponse }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * List Endpoint Health Checks.
+   *
+   * @example
+   * ```ts
+   * const endpointHealthchecks =
+   *   await client.diagnostics.endpointHealthchecks.list({
+   *     account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+   *   });
+   * ```
+   */
+  list(
+    params: EndpointHealthcheckListParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<EndpointHealthcheckListResponse> {
+    const { account_id } = params;
+    return (
+      this._client.get(
+        `/accounts/${account_id}/diagnostics/endpoint-healthchecks`,
+        options,
+      ) as Core.APIPromise<{ result: EndpointHealthcheckListResponse }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Delete Endpoint Health Check.
+   *
+   * @example
+   * ```ts
+   * const endpointHealthcheck =
+   *   await client.diagnostics.endpointHealthchecks.delete(
+   *     'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+   *     { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+   *   );
+   * ```
+   */
+  delete(
+    id: string,
+    params: EndpointHealthcheckDeleteParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<EndpointHealthcheckDeleteResponse> {
+    const { account_id } = params;
+    return this._client.delete(`/accounts/${account_id}/diagnostics/endpoint-healthchecks/${id}`, options);
+  }
+
+  /**
+   * Get a single Endpoint Health Check.
+   *
+   * @example
+   * ```ts
+   * const endpointHealthcheck =
+   *   await client.diagnostics.endpointHealthchecks.get(
+   *     'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+   *     { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+   *   );
+   * ```
+   */
+  get(
+    id: string,
+    params: EndpointHealthcheckGetParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<EndpointHealthcheckGetResponse> {
+    const { account_id } = params;
+    return (
+      this._client.get(
+        `/accounts/${account_id}/diagnostics/endpoint-healthchecks/${id}`,
+        options,
+      ) as Core.APIPromise<{ result: EndpointHealthcheckGetResponse }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+}
+
+export interface EndpointHealthcheck {
+  /**
+   * type of check to perform
+   */
+  check_type: 'icmp';
+
+  /**
+   * the IP address of the host to perform checks against
+   */
+  endpoint: string;
+
+  /**
+   * Optional name associated with this check
+   */
+  name?: string;
+}
+
+export interface EndpointHealthcheckCreateResponse {
+  /**
+   * type of check to perform
+   */
+  check_type: 'icmp';
+
+  /**
+   * the IP address of the host to perform checks against
+   */
+  endpoint: string;
+
+  /**
+   * UUID.
+   */
+  id?: string;
+
+  /**
+   * Optional name associated with this check
+   */
+  name?: string;
+}
+
+export interface EndpointHealthcheckUpdateResponse {
+  /**
+   * type of check to perform
+   */
+  check_type: 'icmp';
+
+  /**
+   * the IP address of the host to perform checks against
+   */
+  endpoint: string;
+
+  /**
+   * UUID.
+   */
+  id?: string;
+
+  /**
+   * Optional name associated with this check
+   */
+  name?: string;
+}
+
+export interface EndpointHealthcheckListResponse {
+  /**
+   * type of check to perform
+   */
+  check_type: 'icmp';
+
+  /**
+   * the IP address of the host to perform checks against
+   */
+  endpoint: string;
+
+  /**
+   * UUID.
+   */
+  id?: string;
+
+  /**
+   * Optional name associated with this check
+   */
+  name?: string;
+}
+
+export interface EndpointHealthcheckDeleteResponse {
+  errors: Array<EndpointHealthcheckDeleteResponse.Error>;
+
+  messages: Array<EndpointHealthcheckDeleteResponse.Message>;
+
+  /**
+   * Whether the API call was successful.
+   */
+  success: true;
+}
+
+export namespace EndpointHealthcheckDeleteResponse {
+  export interface Error {
+    code: number;
+
+    message: string;
+
+    documentation_url?: string;
+
+    source?: Error.Source;
+  }
+
+  export namespace Error {
+    export interface Source {
+      pointer?: string;
+    }
+  }
+
+  export interface Message {
+    code: number;
+
+    message: string;
+
+    documentation_url?: string;
+
+    source?: Message.Source;
+  }
+
+  export namespace Message {
+    export interface Source {
+      pointer?: string;
+    }
+  }
+}
+
+export interface EndpointHealthcheckGetResponse {
+  /**
+   * type of check to perform
+   */
+  check_type: 'icmp';
+
+  /**
+   * the IP address of the host to perform checks against
+   */
+  endpoint: string;
+
+  /**
+   * UUID.
+   */
+  id?: string;
+
+  /**
+   * Optional name associated with this check
+   */
+  name?: string;
+}
+
+export interface EndpointHealthcheckCreateParams {
+  /**
+   * Path param: Identifier
+   */
+  account_id: string;
+
+  /**
+   * Body param: type of check to perform
+   */
+  check_type: 'icmp';
+
+  /**
+   * Body param: the IP address of the host to perform checks against
+   */
+  endpoint: string;
+
+  /**
+   * Body param: Optional name associated with this check
+   */
+  name?: string;
+}
+
+export interface EndpointHealthcheckUpdateParams {
+  /**
+   * Path param: Identifier
+   */
+  account_id: string;
+
+  /**
+   * Body param: type of check to perform
+   */
+  check_type: 'icmp';
+
+  /**
+   * Body param: the IP address of the host to perform checks against
+   */
+  endpoint: string;
+
+  /**
+   * Body param: Optional name associated with this check
+   */
+  name?: string;
+}
+
+export interface EndpointHealthcheckListParams {
+  /**
+   * Identifier
+   */
+  account_id: string;
+}
+
+export interface EndpointHealthcheckDeleteParams {
+  /**
+   * Identifier
+   */
+  account_id: string;
+}
+
+export interface EndpointHealthcheckGetParams {
+  /**
+   * Identifier
+   */
+  account_id: string;
+}
+
+export declare namespace EndpointHealthchecks {
+  export {
+    type EndpointHealthcheck as EndpointHealthcheck,
+    type EndpointHealthcheckCreateResponse as EndpointHealthcheckCreateResponse,
+    type EndpointHealthcheckUpdateResponse as EndpointHealthcheckUpdateResponse,
+    type EndpointHealthcheckListResponse as EndpointHealthcheckListResponse,
+    type EndpointHealthcheckDeleteResponse as EndpointHealthcheckDeleteResponse,
+    type EndpointHealthcheckGetResponse as EndpointHealthcheckGetResponse,
+    type EndpointHealthcheckCreateParams as EndpointHealthcheckCreateParams,
+    type EndpointHealthcheckUpdateParams as EndpointHealthcheckUpdateParams,
+    type EndpointHealthcheckListParams as EndpointHealthcheckListParams,
+    type EndpointHealthcheckDeleteParams as EndpointHealthcheckDeleteParams,
+    type EndpointHealthcheckGetParams as EndpointHealthcheckGetParams,
+  };
+}
diff --git a/src/resources/diagnostics/index.ts b/src/resources/diagnostics/index.ts
index 50517481ab..01dfb6f682 100644
--- a/src/resources/diagnostics/index.ts
+++ b/src/resources/diagnostics/index.ts
@@ -1,6 +1,20 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 export { Diagnostics } from './diagnostics';
+export {
+  EndpointHealthchecks,
+  type EndpointHealthcheck,
+  type EndpointHealthcheckCreateResponse,
+  type EndpointHealthcheckUpdateResponse,
+  type EndpointHealthcheckListResponse,
+  type EndpointHealthcheckDeleteResponse,
+  type EndpointHealthcheckGetResponse,
+  type EndpointHealthcheckCreateParams,
+  type EndpointHealthcheckUpdateParams,
+  type EndpointHealthcheckListParams,
+  type EndpointHealthcheckDeleteParams,
+  type EndpointHealthcheckGetParams,
+} from './endpoint-healthchecks';
 export {
   TraceroutesSinglePage,
   Traceroutes,
diff --git a/src/resources/dns/dns.ts b/src/resources/dns/dns.ts
index 49d6d2b48e..14dfa81f31 100644
--- a/src/resources/dns/dns.ts
+++ b/src/resources/dns/dns.ts
@@ -74,7 +74,7 @@ export class DNS extends APIResource {
 /**
  * Nominal metric values, broken down by time interval.
  */
-export type DNSAnalyticsNominalMetric = Array<unknown>;
+export type DNSAnalyticsNominalMetric = Array<number>;
 
 export interface DNSAnalyticsQuery {
   /**
diff --git a/src/resources/dns/records.ts b/src/resources/dns/records.ts
index 557af9dfac..e430b9af32 100644
--- a/src/resources/dns/records.ts
+++ b/src/resources/dns/records.ts
@@ -295,7 +295,7 @@ export class RecordResponsesV4PagePaginationArray extends V4PagePaginationArray<
 
 export interface ARecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -364,7 +364,7 @@ export namespace ARecord {
 
 export interface ARecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -433,7 +433,7 @@ export namespace ARecordParam {
 
 export interface AAAARecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -502,7 +502,7 @@ export namespace AAAARecord {
 
 export interface AAAARecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -635,7 +635,7 @@ export namespace BatchPatch {
     id: string;
 
     /**
-     * DNS record name (or @ for the zone apex) in Punycode.
+     * Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -874,7 +874,7 @@ export namespace BatchPatchParam {
     id: string;
 
     /**
-     * DNS record name (or @ for the zone apex) in Punycode.
+     * Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -1113,7 +1113,7 @@ export namespace BatchPut {
     id: string;
 
     /**
-     * DNS record name (or @ for the zone apex) in Punycode.
+     * Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -1352,7 +1352,7 @@ export namespace BatchPutParam {
     id: string;
 
     /**
-     * DNS record name (or @ for the zone apex) in Punycode.
+     * Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -1527,7 +1527,7 @@ export namespace BatchPutParam {
 
 export interface CAARecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -1621,7 +1621,7 @@ export namespace CAARecord {
 
 export interface CAARecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -1710,7 +1710,7 @@ export namespace CAARecordParam {
 
 export interface CERTRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -1809,7 +1809,7 @@ export namespace CERTRecord {
 
 export interface CERTRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -1903,7 +1903,7 @@ export namespace CERTRecordParam {
 
 export interface CNAMERecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -1980,7 +1980,7 @@ export namespace CNAMERecord {
 
 export interface CNAMERecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2057,7 +2057,7 @@ export namespace CNAMERecordParam {
 
 export interface DNSKEYRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2156,7 +2156,7 @@ export namespace DNSKEYRecord {
 
 export interface DNSKEYRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2250,7 +2250,7 @@ export namespace DNSKEYRecordParam {
 
 export interface DSRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2349,7 +2349,7 @@ export namespace DSRecord {
 
 export interface DSRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2443,7 +2443,7 @@ export namespace DSRecordParam {
 
 export interface HTTPSRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2498,17 +2498,17 @@ export namespace HTTPSRecord {
    */
   export interface Data {
     /**
-     * priority.
+     * Priority.
      */
     priority?: number;
 
     /**
-     * target.
+     * Target.
      */
     target?: string;
 
     /**
-     * value.
+     * Value.
      */
     value?: string;
   }
@@ -2537,7 +2537,7 @@ export namespace HTTPSRecord {
 
 export interface HTTPSRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2587,17 +2587,17 @@ export namespace HTTPSRecordParam {
    */
   export interface Data {
     /**
-     * priority.
+     * Priority.
      */
     priority?: number;
 
     /**
-     * target.
+     * Target.
      */
     target?: string;
 
     /**
-     * value.
+     * Value.
      */
     value?: string;
   }
@@ -2626,7 +2626,7 @@ export namespace HTTPSRecordParam {
 
 export interface LOCRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2765,7 +2765,7 @@ export namespace LOCRecord {
 
 export interface LOCRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2899,7 +2899,7 @@ export namespace LOCRecordParam {
 
 export interface MXRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -2974,7 +2974,7 @@ export namespace MXRecord {
 
 export interface MXRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -3049,7 +3049,7 @@ export namespace MXRecordParam {
 
 export interface NAPTRRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -3158,7 +3158,7 @@ export namespace NAPTRRecord {
 
 export interface NAPTRRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -3262,7 +3262,7 @@ export namespace NAPTRRecordParam {
 
 export interface NSRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -3331,7 +3331,7 @@ export namespace NSRecord {
 
 export interface NSRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -3400,7 +3400,7 @@ export namespace NSRecordParam {
 
 export interface PTRRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -3469,7 +3469,7 @@ export namespace PTRRecord {
 
 export interface PTRRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -3562,7 +3562,7 @@ export type Record =
 export namespace Record {
   export interface Openpgpkey {
     /**
-     * DNS record name (or @ for the zone apex) in Punycode.
+     * Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -3872,7 +3872,7 @@ export namespace RecordResponse {
     modified_on: string;
 
     /**
-     * DNS record name (or @ for the zone apex) in Punycode.
+     * Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -4513,7 +4513,7 @@ export type RecordTagsParam = string;
 
 export interface SMIMEARecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -4612,7 +4612,7 @@ export namespace SMIMEARecord {
 
 export interface SMIMEARecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -4706,7 +4706,7 @@ export namespace SMIMEARecordParam {
 
 export interface SRVRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -4807,7 +4807,7 @@ export namespace SRVRecord {
 
 export interface SRVRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -4902,7 +4902,7 @@ export namespace SRVRecordParam {
 
 export interface SSHFPRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -4957,17 +4957,17 @@ export namespace SSHFPRecord {
    */
   export interface Data {
     /**
-     * algorithm.
+     * Algorithm.
      */
     algorithm?: number;
 
     /**
-     * fingerprint.
+     * Fingerprint.
      */
     fingerprint?: string;
 
     /**
-     * type.
+     * Type.
      */
     type?: number;
   }
@@ -4996,7 +4996,7 @@ export namespace SSHFPRecord {
 
 export interface SSHFPRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5046,17 +5046,17 @@ export namespace SSHFPRecordParam {
    */
   export interface Data {
     /**
-     * algorithm.
+     * Algorithm.
      */
     algorithm?: number;
 
     /**
-     * fingerprint.
+     * Fingerprint.
      */
     fingerprint?: string;
 
     /**
-     * type.
+     * Type.
      */
     type?: number;
   }
@@ -5085,7 +5085,7 @@ export namespace SSHFPRecordParam {
 
 export interface SVCBRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5140,17 +5140,17 @@ export namespace SVCBRecord {
    */
   export interface Data {
     /**
-     * priority.
+     * Priority.
      */
     priority?: number;
 
     /**
-     * target.
+     * Target.
      */
     target?: string;
 
     /**
-     * value.
+     * Value.
      */
     value?: string;
   }
@@ -5179,7 +5179,7 @@ export namespace SVCBRecord {
 
 export interface SVCBRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5229,17 +5229,17 @@ export namespace SVCBRecordParam {
    */
   export interface Data {
     /**
-     * priority.
+     * Priority.
      */
     priority?: number;
 
     /**
-     * target.
+     * Target.
      */
     target?: string;
 
     /**
-     * value.
+     * Value.
      */
     value?: string;
   }
@@ -5268,7 +5268,7 @@ export namespace SVCBRecordParam {
 
 export interface TLSARecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5323,7 +5323,7 @@ export namespace TLSARecord {
    */
   export interface Data {
     /**
-     * certificate.
+     * Certificate.
      */
     certificate?: string;
 
@@ -5367,7 +5367,7 @@ export namespace TLSARecord {
 
 export interface TLSARecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5417,7 +5417,7 @@ export namespace TLSARecordParam {
    */
   export interface Data {
     /**
-     * certificate.
+     * Certificate.
      */
     certificate?: string;
 
@@ -5475,7 +5475,7 @@ export type TTLParam = number | 1;
 
 export interface TXTRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5549,7 +5549,7 @@ export namespace TXTRecord {
 
 export interface TXTRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5623,7 +5623,7 @@ export namespace TXTRecordParam {
 
 export interface URIRecord {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5718,7 +5718,7 @@ export namespace URIRecord {
 
 export interface URIRecordParam {
   /**
-   * DNS record name (or @ for the zone apex) in Punycode.
+   * Complete DNS record name, including the zone name, in Punycode.
    */
   name: string;
 
@@ -5883,7 +5883,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -5958,7 +5958,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6033,7 +6033,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6116,7 +6116,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6197,7 +6197,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6272,7 +6272,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6348,7 +6348,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6423,7 +6423,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6503,7 +6503,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6598,7 +6598,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6698,7 +6698,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6798,7 +6798,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6898,7 +6898,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -6949,17 +6949,17 @@ export declare namespace RecordCreateParams {
      */
     export interface Data {
       /**
-       * priority.
+       * Priority.
        */
       priority?: number;
 
       /**
-       * target.
+       * Target.
        */
       target?: string;
 
       /**
-       * value.
+       * Value.
        */
       value?: string;
     }
@@ -6993,7 +6993,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7133,7 +7133,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7243,7 +7243,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7343,7 +7343,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7444,7 +7444,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7495,17 +7495,17 @@ export declare namespace RecordCreateParams {
      */
     export interface Data {
       /**
-       * algorithm.
+       * Algorithm.
        */
       algorithm?: number;
 
       /**
-       * fingerprint.
+       * Fingerprint.
        */
       fingerprint?: string;
 
       /**
-       * type.
+       * Type.
        */
       type?: number;
     }
@@ -7539,7 +7539,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7590,17 +7590,17 @@ export declare namespace RecordCreateParams {
      */
     export interface Data {
       /**
-       * priority.
+       * Priority.
        */
       priority?: number;
 
       /**
-       * target.
+       * Target.
        */
       target?: string;
 
       /**
-       * value.
+       * Value.
        */
       value?: string;
     }
@@ -7634,7 +7634,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7685,7 +7685,7 @@ export declare namespace RecordCreateParams {
      */
     export interface Data {
       /**
-       * certificate.
+       * Certificate.
        */
       certificate?: string;
 
@@ -7734,7 +7734,7 @@ export declare namespace RecordCreateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7855,7 +7855,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -7930,7 +7930,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8005,7 +8005,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8088,7 +8088,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8169,7 +8169,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8244,7 +8244,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8320,7 +8320,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8395,7 +8395,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8475,7 +8475,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8570,7 +8570,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8670,7 +8670,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8770,7 +8770,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8870,7 +8870,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -8921,17 +8921,17 @@ export declare namespace RecordUpdateParams {
      */
     export interface Data {
       /**
-       * priority.
+       * Priority.
        */
       priority?: number;
 
       /**
-       * target.
+       * Target.
        */
       target?: string;
 
       /**
-       * value.
+       * Value.
        */
       value?: string;
     }
@@ -8965,7 +8965,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -9105,7 +9105,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -9215,7 +9215,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -9315,7 +9315,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -9416,7 +9416,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -9467,17 +9467,17 @@ export declare namespace RecordUpdateParams {
      */
     export interface Data {
       /**
-       * algorithm.
+       * Algorithm.
        */
       algorithm?: number;
 
       /**
-       * fingerprint.
+       * Fingerprint.
        */
       fingerprint?: string;
 
       /**
-       * type.
+       * Type.
        */
       type?: number;
     }
@@ -9511,7 +9511,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -9562,17 +9562,17 @@ export declare namespace RecordUpdateParams {
      */
     export interface Data {
       /**
-       * priority.
+       * Priority.
        */
       priority?: number;
 
       /**
-       * target.
+       * Target.
        */
       target?: string;
 
       /**
-       * value.
+       * Value.
        */
       value?: string;
     }
@@ -9606,7 +9606,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -9657,7 +9657,7 @@ export declare namespace RecordUpdateParams {
      */
     export interface Data {
       /**
-       * certificate.
+       * Certificate.
        */
       certificate?: string;
 
@@ -9706,7 +9706,7 @@ export declare namespace RecordUpdateParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10077,7 +10077,7 @@ export namespace RecordBatchParams {
 
   export interface DNSRecordsOpenpgpkeyRecord {
     /**
-     * DNS record name (or @ for the zone apex) in Punycode.
+     * Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10176,7 +10176,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10251,7 +10251,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10326,7 +10326,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10409,7 +10409,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10490,7 +10490,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10565,7 +10565,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10641,7 +10641,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10716,7 +10716,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10796,7 +10796,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10891,7 +10891,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -10991,7 +10991,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11091,7 +11091,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11191,7 +11191,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11242,17 +11242,17 @@ export declare namespace RecordEditParams {
      */
     export interface Data {
       /**
-       * priority.
+       * Priority.
        */
       priority?: number;
 
       /**
-       * target.
+       * Target.
        */
       target?: string;
 
       /**
-       * value.
+       * Value.
        */
       value?: string;
     }
@@ -11286,7 +11286,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11426,7 +11426,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11536,7 +11536,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11636,7 +11636,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11737,7 +11737,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11788,17 +11788,17 @@ export declare namespace RecordEditParams {
      */
     export interface Data {
       /**
-       * algorithm.
+       * Algorithm.
        */
       algorithm?: number;
 
       /**
-       * fingerprint.
+       * Fingerprint.
        */
       fingerprint?: string;
 
       /**
-       * type.
+       * Type.
        */
       type?: number;
     }
@@ -11832,7 +11832,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11883,17 +11883,17 @@ export declare namespace RecordEditParams {
      */
     export interface Data {
       /**
-       * priority.
+       * Priority.
        */
       priority?: number;
 
       /**
-       * target.
+       * Target.
        */
       target?: string;
 
       /**
-       * value.
+       * Value.
        */
       value?: string;
     }
@@ -11927,7 +11927,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
@@ -11978,7 +11978,7 @@ export declare namespace RecordEditParams {
      */
     export interface Data {
       /**
-       * certificate.
+       * Certificate.
        */
       certificate?: string;
 
@@ -12027,7 +12027,7 @@ export declare namespace RecordEditParams {
     zone_id: string;
 
     /**
-     * Body param: DNS record name (or @ for the zone apex) in Punycode.
+     * Body param: Complete DNS record name, including the zone name, in Punycode.
      */
     name: string;
 
diff --git a/src/resources/dns/zone-transfers/force-axfr.ts b/src/resources/dns/zone-transfers/force-axfr.ts
index bd521a4a0a..32234249f2 100644
--- a/src/resources/dns/zone-transfers/force-axfr.ts
+++ b/src/resources/dns/zone-transfers/force-axfr.ts
@@ -28,7 +28,7 @@ export class ForceAXFRResource extends APIResource {
 }
 
 /**
- * When force_axfr query parameter is set to true, the response is a simple string
+ * When force_axfr query parameter is set to true, the response is a simple string.
  */
 export type ForceAXFR = string;
 
diff --git a/src/resources/dns/zone-transfers/outgoing/outgoing.ts b/src/resources/dns/zone-transfers/outgoing/outgoing.ts
index 1b70efd330..af3129b4d8 100644
--- a/src/resources/dns/zone-transfers/outgoing/outgoing.ts
+++ b/src/resources/dns/zone-transfers/outgoing/outgoing.ts
@@ -179,12 +179,12 @@ export class OutgoingResource extends APIResource {
 }
 
 /**
- * The zone transfer status of a primary zone
+ * The zone transfer status of a primary zone.
  */
 export type DisableTransfer = string;
 
 /**
- * The zone transfer status of a primary zone
+ * The zone transfer status of a primary zone.
  */
 export type EnableTransfer = string;
 
@@ -223,7 +223,7 @@ export interface Outgoing {
 }
 
 /**
- * The zone transfer status of a primary zone
+ * The zone transfer status of a primary zone.
  */
 export type OutgoingStatus = string | null;
 
@@ -301,7 +301,7 @@ export interface OutgoingDeleteResponse {
 
 /**
  * When force_notify query parameter is set to true, the response is a simple
- * string
+ * string.
  */
 export type OutgoingForceNotifyResponse = string;
 
diff --git a/src/resources/durable-objects/durable-objects.ts b/src/resources/durable-objects/durable-objects.ts
index 0fb700ec65..c2a022bafa 100644
--- a/src/resources/durable-objects/durable-objects.ts
+++ b/src/resources/durable-objects/durable-objects.ts
@@ -2,20 +2,25 @@
 
 import { APIResource } from '../../resource';
 import * as NamespacesAPI from './namespaces/namespaces';
-import { Namespace, NamespaceListParams, Namespaces, NamespacesSinglePage } from './namespaces/namespaces';
+import {
+  Namespace,
+  NamespaceListParams,
+  Namespaces,
+  NamespacesV4PagePaginationArray,
+} from './namespaces/namespaces';
 
 export class DurableObjects extends APIResource {
   namespaces: NamespacesAPI.Namespaces = new NamespacesAPI.Namespaces(this._client);
 }
 
 DurableObjects.Namespaces = Namespaces;
-DurableObjects.NamespacesSinglePage = NamespacesSinglePage;
+DurableObjects.NamespacesV4PagePaginationArray = NamespacesV4PagePaginationArray;
 
 export declare namespace DurableObjects {
   export {
     Namespaces as Namespaces,
     type Namespace as Namespace,
-    NamespacesSinglePage as NamespacesSinglePage,
+    NamespacesV4PagePaginationArray as NamespacesV4PagePaginationArray,
     type NamespaceListParams as NamespaceListParams,
   };
 }
diff --git a/src/resources/durable-objects/index.ts b/src/resources/durable-objects/index.ts
index 9ad42425bf..5b1a5df711 100644
--- a/src/resources/durable-objects/index.ts
+++ b/src/resources/durable-objects/index.ts
@@ -2,7 +2,7 @@
 
 export { DurableObjects } from './durable-objects';
 export {
-  NamespacesSinglePage,
+  NamespacesV4PagePaginationArray,
   Namespaces,
   type Namespace,
   type NamespaceListParams,
diff --git a/src/resources/durable-objects/namespaces/index.ts b/src/resources/durable-objects/namespaces/index.ts
index eb373cf46d..caae6d139b 100644
--- a/src/resources/durable-objects/namespaces/index.ts
+++ b/src/resources/durable-objects/namespaces/index.ts
@@ -6,4 +6,9 @@ export {
   type DurableObject,
   type ObjectListParams,
 } from './objects';
-export { NamespacesSinglePage, Namespaces, type Namespace, type NamespaceListParams } from './namespaces';
+export {
+  NamespacesV4PagePaginationArray,
+  Namespaces,
+  type Namespace,
+  type NamespaceListParams,
+} from './namespaces';
diff --git a/src/resources/durable-objects/namespaces/namespaces.ts b/src/resources/durable-objects/namespaces/namespaces.ts
index 5547b0e963..8124a972ac 100644
--- a/src/resources/durable-objects/namespaces/namespaces.ts
+++ b/src/resources/durable-objects/namespaces/namespaces.ts
@@ -4,7 +4,7 @@ import { APIResource } from '../../../resource';
 import * as Core from '../../../core';
 import * as ObjectsAPI from './objects';
 import { DurableObject, DurableObjectsCursorLimitPagination, ObjectListParams, Objects } from './objects';
-import { SinglePage } from '../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../pagination';
 
 export class Namespaces extends APIResource {
   objects: ObjectsAPI.Objects = new ObjectsAPI.Objects(this._client);
@@ -15,17 +15,17 @@ export class Namespaces extends APIResource {
   list(
     params: NamespaceListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<NamespacesSinglePage, Namespace> {
-    const { account_id } = params;
+  ): Core.PagePromise<NamespacesV4PagePaginationArray, Namespace> {
+    const { account_id, ...query } = params;
     return this._client.getAPIList(
       `/accounts/${account_id}/workers/durable_objects/namespaces`,
-      NamespacesSinglePage,
-      options,
+      NamespacesV4PagePaginationArray,
+      { query, ...options },
     );
   }
 }
 
-export class NamespacesSinglePage extends SinglePage<Namespace> {}
+export class NamespacesV4PagePaginationArray extends V4PagePaginationArray<Namespace> {}
 
 export interface Namespace {
   id?: string;
@@ -39,21 +39,21 @@ export interface Namespace {
   use_sqlite?: boolean;
 }
 
-export interface NamespaceListParams {
+export interface NamespaceListParams extends V4PagePaginationArrayParams {
   /**
-   * Identifier.
+   * Path param: Identifier.
    */
   account_id: string;
 }
 
-Namespaces.NamespacesSinglePage = NamespacesSinglePage;
+Namespaces.NamespacesV4PagePaginationArray = NamespacesV4PagePaginationArray;
 Namespaces.Objects = Objects;
 Namespaces.DurableObjectsCursorLimitPagination = DurableObjectsCursorLimitPagination;
 
 export declare namespace Namespaces {
   export {
     type Namespace as Namespace,
-    NamespacesSinglePage as NamespacesSinglePage,
+    NamespacesV4PagePaginationArray as NamespacesV4PagePaginationArray,
     type NamespaceListParams as NamespaceListParams,
   };
 
diff --git a/src/resources/email-security/investigate/investigate.ts b/src/resources/email-security/investigate/investigate.ts
index cdc7e9fe3c..9c881bfe72 100644
--- a/src/resources/email-security/investigate/investigate.ts
+++ b/src/resources/email-security/investigate/investigate.ts
@@ -148,6 +148,8 @@ export interface InvestigateListResponse {
     | 'NONE'
     | null;
 
+  findings?: Array<InvestigateListResponse.Finding> | null;
+
   from?: string | null;
 
   from_name?: string | null;
@@ -169,12 +171,37 @@ export interface InvestigateListResponse {
 
 export namespace InvestigateListResponse {
   export interface Properties {
-    allowlisted_pattern_type?: string;
+    allowlisted_pattern?: string;
+
+    allowlisted_pattern_type?:
+      | 'quarantine_release'
+      | 'acceptable_sender'
+      | 'allowed_sender'
+      | 'allowed_recipient'
+      | 'domain_similarity'
+      | 'domain_recency'
+      | 'managed_acceptable_sender';
+
+    blocklisted_message?: boolean;
+
+    blocklisted_pattern?: string;
+
+    whitelisted_pattern_type?:
+      | 'quarantine_release'
+      | 'acceptable_sender'
+      | 'allowed_sender'
+      | 'allowed_recipient'
+      | 'domain_similarity'
+      | 'domain_recency'
+      | 'managed_acceptable_sender';
+  }
+
+  export interface Finding {
+    detail?: string | null;
 
-    /**
-     * @deprecated
-     */
-    whitelisted_pattern_type?: string;
+    name?: string | null;
+
+    value?: string | null;
   }
 
   export interface Validation {
@@ -241,6 +268,8 @@ export interface InvestigateGetResponse {
     | 'NONE'
     | null;
 
+  findings?: Array<InvestigateGetResponse.Finding> | null;
+
   from?: string | null;
 
   from_name?: string | null;
@@ -262,12 +291,37 @@ export interface InvestigateGetResponse {
 
 export namespace InvestigateGetResponse {
   export interface Properties {
-    allowlisted_pattern_type?: string;
+    allowlisted_pattern?: string;
+
+    allowlisted_pattern_type?:
+      | 'quarantine_release'
+      | 'acceptable_sender'
+      | 'allowed_sender'
+      | 'allowed_recipient'
+      | 'domain_similarity'
+      | 'domain_recency'
+      | 'managed_acceptable_sender';
+
+    blocklisted_message?: boolean;
+
+    blocklisted_pattern?: string;
+
+    whitelisted_pattern_type?:
+      | 'quarantine_release'
+      | 'acceptable_sender'
+      | 'allowed_sender'
+      | 'allowed_recipient'
+      | 'domain_similarity'
+      | 'domain_recency'
+      | 'managed_acceptable_sender';
+  }
 
-    /**
-     * @deprecated
-     */
-    whitelisted_pattern_type?: string;
+  export interface Finding {
+    detail?: string | null;
+
+    name?: string | null;
+
+    value?: string | null;
   }
 
   export interface Validation {
@@ -376,6 +430,11 @@ export interface InvestigateListParams extends V4PagePaginationArrayParams {
    * `now - 30 days`.
    */
   start?: string;
+
+  /**
+   * Query param:
+   */
+  subject?: string;
 }
 
 export interface InvestigateGetParams {
diff --git a/src/resources/email-security/investigate/reclassify.ts b/src/resources/email-security/investigate/reclassify.ts
index 98aaabd7c1..2330f8cf94 100644
--- a/src/resources/email-security/investigate/reclassify.ts
+++ b/src/resources/email-security/investigate/reclassify.ts
@@ -50,7 +50,12 @@ export interface ReclassifyCreateParams {
   /**
    * Body param: Base64 encoded content of the EML file
    */
-  eml_content?: string | null;
+  eml_content?: string;
+
+  /**
+   * Body param:
+   */
+  escalated_submission_id?: string;
 }
 
 export declare namespace Reclassify {
diff --git a/src/resources/email-security/investigate/trace.ts b/src/resources/email-security/investigate/trace.ts
index da42c4050b..f17ad3b195 100644
--- a/src/resources/email-security/investigate/trace.ts
+++ b/src/resources/email-security/investigate/trace.ts
@@ -40,6 +40,8 @@ export interface TraceGetResponse {
 export namespace TraceGetResponse {
   export interface Inbound {
     lines?: Array<Inbound.Line> | null;
+
+    pending?: boolean | null;
   }
 
   export namespace Inbound {
@@ -54,6 +56,8 @@ export namespace TraceGetResponse {
 
   export interface Outbound {
     lines?: Array<Outbound.Line> | null;
+
+    pending?: boolean | null;
   }
 
   export namespace Outbound {
diff --git a/src/resources/email-security/settings/allow-policies.ts b/src/resources/email-security/settings/allow-policies.ts
index eb673be7b3..2cd1553022 100644
--- a/src/resources/email-security/settings/allow-policies.ts
+++ b/src/resources/email-security/settings/allow-policies.ts
@@ -489,6 +489,11 @@ export interface AllowPolicyListParams extends V4PagePaginationArrayParams {
    */
   order?: 'pattern' | 'created_at';
 
+  /**
+   * Query param:
+   */
+  pattern?: string;
+
   /**
    * Query param:
    */
diff --git a/src/resources/email-security/settings/block-senders.ts b/src/resources/email-security/settings/block-senders.ts
index 480423debc..edbc87faf9 100644
--- a/src/resources/email-security/settings/block-senders.ts
+++ b/src/resources/email-security/settings/block-senders.ts
@@ -264,6 +264,11 @@ export interface BlockSenderListParams extends V4PagePaginationArrayParams {
    */
   order?: 'pattern' | 'created_at';
 
+  /**
+   * Query param:
+   */
+  pattern?: string;
+
   /**
    * Query param:
    */
diff --git a/src/resources/email-security/settings/trusted-domains.ts b/src/resources/email-security/settings/trusted-domains.ts
index d015ff7252..5d2b18768c 100644
--- a/src/resources/email-security/settings/trusted-domains.ts
+++ b/src/resources/email-security/settings/trusted-domains.ts
@@ -400,6 +400,11 @@ export interface TrustedDomainListParams extends V4PagePaginationArrayParams {
    */
   order?: 'pattern' | 'created_at';
 
+  /**
+   * Query param:
+   */
+  pattern?: string;
+
   /**
    * Query param: Allows searching in multiple properties of a record simultaneously.
    * This parameter is intended for human users, not automation. Its exact behavior
diff --git a/src/resources/email-security/submissions.ts b/src/resources/email-security/submissions.ts
index 0cfc78492c..f8764b948a 100644
--- a/src/resources/email-security/submissions.ts
+++ b/src/resources/email-security/submissions.ts
@@ -127,6 +127,11 @@ export interface SubmissionListParams extends V4PagePaginationArrayParams {
    */
   start?: string;
 
+  /**
+   * Query param:
+   */
+  status?: string;
+
   /**
    * Query param:
    */
diff --git a/src/resources/filters.ts b/src/resources/filters.ts
index 041be0687d..ce6af0a7d1 100644
--- a/src/resources/filters.ts
+++ b/src/resources/filters.ts
@@ -17,9 +17,9 @@ export class Filters extends APIResource {
     params: FilterCreateParams,
     options?: Core.RequestOptions,
   ): Core.PagePromise<FirewallFiltersSinglePage, FirewallFilter> {
-    const { zone_id, ...body } = params;
+    const { zone_id, body } = params;
     return this._client.getAPIList(`/zones/${zone_id}/filters`, FirewallFiltersSinglePage, {
-      body,
+      body: body,
       method: 'post',
       ...options,
     });
@@ -35,12 +35,11 @@ export class Filters extends APIResource {
     params: FilterUpdateParams,
     options?: Core.RequestOptions,
   ): Core.APIPromise<FirewallFilter> {
-    const { zone_id, body } = params;
+    const { zone_id, ...body } = params;
     return (
-      this._client.put(`/zones/${zone_id}/filters/${filterId}`, {
-        body: body,
-        ...options,
-      }) as Core.APIPromise<{ result: FirewallFilter }>
+      this._client.put(`/zones/${zone_id}/filters/${filterId}`, { body, ...options }) as Core.APIPromise<{
+        result: FirewallFilter;
+      }>
     )._thenUnwrap((obj) => obj.result);
   }
 
@@ -70,11 +69,11 @@ export class Filters extends APIResource {
     filterId: string,
     params: FilterDeleteParams,
     options?: Core.RequestOptions,
-  ): Core.APIPromise<FirewallFilter> {
+  ): Core.APIPromise<FilterDeleteResponse> {
     const { zone_id } = params;
     return (
       this._client.delete(`/zones/${zone_id}/filters/${filterId}`, options) as Core.APIPromise<{
-        result: FirewallFilter;
+        result: FilterDeleteResponse;
       }>
     )._thenUnwrap((obj) => obj.result);
   }
@@ -87,12 +86,13 @@ export class Filters extends APIResource {
   bulkDelete(
     params: FilterBulkDeleteParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<FirewallFiltersSinglePage, FirewallFilter> {
-    const { zone_id } = params;
-    return this._client.getAPIList(`/zones/${zone_id}/filters`, FirewallFiltersSinglePage, {
-      method: 'delete',
-      ...options,
-    });
+  ): Core.APIPromise<FilterBulkDeleteResponse | null> {
+    const { zone_id, id } = params;
+    return (
+      this._client.delete(`/zones/${zone_id}/filters`, { query: { id }, ...options }) as Core.APIPromise<{
+        result: FilterBulkDeleteResponse | null;
+      }>
+    )._thenUnwrap((obj) => obj.result);
   }
 
   /**
@@ -104,9 +104,9 @@ export class Filters extends APIResource {
     params: FilterBulkUpdateParams,
     options?: Core.RequestOptions,
   ): Core.PagePromise<FirewallFiltersSinglePage, FirewallFilter> {
-    const { zone_id, ...body } = params;
+    const { zone_id, body } = params;
     return this._client.getAPIList(`/zones/${zone_id}/filters`, FirewallFiltersSinglePage, {
-      body,
+      body: body,
       method: 'put',
       ...options,
     });
@@ -186,6 +186,24 @@ export interface FirewallFilterParam {
   ref?: string;
 }
 
+export interface FilterDeleteResponse {
+  /**
+   * The unique identifier of the filter.
+   */
+  id: string;
+}
+
+export type FilterBulkDeleteResponse = Array<FilterBulkDeleteResponse.FilterBulkDeleteResponseItem>;
+
+export namespace FilterBulkDeleteResponse {
+  export interface FilterBulkDeleteResponseItem {
+    /**
+     * The unique identifier of the filter.
+     */
+    id?: string;
+  }
+}
+
 export interface FilterCreateParams {
   /**
    * Path param: Defines an identifier.
@@ -193,10 +211,9 @@ export interface FilterCreateParams {
   zone_id: string;
 
   /**
-   * Body param: The filter expression. For more information, refer to
-   * [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/).
+   * Body param:
    */
-  expression: string;
+  body: Array<FirewallFilterParam>;
 }
 
 export interface FilterUpdateParams {
@@ -206,9 +223,25 @@ export interface FilterUpdateParams {
   zone_id: string;
 
   /**
-   * Body param:
+   * Body param: An informative summary of the filter.
+   */
+  description?: string;
+
+  /**
+   * Body param: The filter expression. For more information, refer to
+   * [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/).
+   */
+  expression?: string;
+
+  /**
+   * Body param: When true, indicates that the filter is currently paused.
+   */
+  paused?: boolean;
+
+  /**
+   * Body param: A short reference tag. Allows you to select related filters.
    */
-  body: unknown;
+  ref?: string;
 }
 
 export interface FilterListParams extends V4PagePaginationArrayParams {
@@ -253,16 +286,51 @@ export interface FilterDeleteParams {
 
 export interface FilterBulkDeleteParams {
   /**
-   * Defines an identifier.
+   * Path param: Defines an identifier.
    */
   zone_id: string;
+
+  /**
+   * Query param:
+   */
+  id: Array<string>;
 }
 
 export interface FilterBulkUpdateParams {
   /**
-   * Defines an identifier.
+   * Path param: Defines an identifier.
    */
   zone_id: string;
+
+  /**
+   * Body param:
+   */
+  body: Array<FilterBulkUpdateParams.Body>;
+}
+
+export namespace FilterBulkUpdateParams {
+  export interface Body {
+    /**
+     * An informative summary of the filter.
+     */
+    description?: string;
+
+    /**
+     * The filter expression. For more information, refer to
+     * [Expressions](https://developers.cloudflare.com/ruleset-engine/rules-language/expressions/).
+     */
+    expression?: string;
+
+    /**
+     * When true, indicates that the filter is currently paused.
+     */
+    paused?: boolean;
+
+    /**
+     * A short reference tag. Allows you to select related filters.
+     */
+    ref?: string;
+  }
 }
 
 export interface FilterGetParams {
@@ -278,6 +346,8 @@ Filters.FirewallFiltersV4PagePaginationArray = FirewallFiltersV4PagePaginationAr
 export declare namespace Filters {
   export {
     type FirewallFilter as FirewallFilter,
+    type FilterDeleteResponse as FilterDeleteResponse,
+    type FilterBulkDeleteResponse as FilterBulkDeleteResponse,
     FirewallFiltersSinglePage as FirewallFiltersSinglePage,
     FirewallFiltersV4PagePaginationArray as FirewallFiltersV4PagePaginationArray,
     type FilterCreateParams as FilterCreateParams,
diff --git a/src/resources/images/v1/v1.ts b/src/resources/images/v1/v1.ts
index cb64db9ee9..7ce33e9224 100644
--- a/src/resources/images/v1/v1.ts
+++ b/src/resources/images/v1/v1.ts
@@ -151,6 +151,11 @@ export interface Image {
    */
   id?: string;
 
+  /**
+   * Can set the creator field with an internal user ID.
+   */
+  creator?: string | null;
+
   /**
    * Image file name.
    */
@@ -196,6 +201,11 @@ export interface V1CreateParams {
    */
   id?: string;
 
+  /**
+   * Body param: Can set the creator field with an internal user ID.
+   */
+  creator?: string;
+
   /**
    * Body param: An image binary data. Only needed when type is uploading a file.
    */
@@ -225,6 +235,12 @@ export interface V1ListParams extends V4PagePaginationParams {
    * Path param: Account identifier tag.
    */
   account_id: string;
+
+  /**
+   * Query param: Internal user ID set within the creator field. Setting to empty
+   * string "" will return images where creator field is not set
+   */
+  creator?: string | null;
 }
 
 export interface V1DeleteParams {
@@ -240,6 +256,11 @@ export interface V1EditParams {
    */
   account_id: string;
 
+  /**
+   * Body param: Can set the creator field with an internal user ID.
+   */
+  creator?: string;
+
   /**
    * Body param: User modifiable key-value store. Can be used for keeping references
    * to another system of record for managing images. No change if not specified.
diff --git a/src/resources/images/v2/direct-uploads.ts b/src/resources/images/v2/direct-uploads.ts
index fa7ddfc176..a38db90b45 100644
--- a/src/resources/images/v2/direct-uploads.ts
+++ b/src/resources/images/v2/direct-uploads.ts
@@ -61,6 +61,11 @@ export interface DirectUploadCreateParams {
    */
   id?: string;
 
+  /**
+   * Body param: Can set the creator field with an internal user ID.
+   */
+  creator?: string;
+
   /**
    * Body param: The date after which the upload will not be accepted. Minimum: Now +
    * 2 minutes. Maximum: Now + 6 hours.
diff --git a/src/resources/images/v2/v2.ts b/src/resources/images/v2/v2.ts
index 30f06e231f..63d32823e7 100644
--- a/src/resources/images/v2/v2.ts
+++ b/src/resources/images/v2/v2.ts
@@ -53,6 +53,12 @@ export interface V2ListParams {
    */
   continuation_token?: string | null;
 
+  /**
+   * Query param: Internal user ID set within the creator field. Setting to empty
+   * string "" will return images where creator field is not set
+   */
+  creator?: string | null;
+
   /**
    * Query param: Number of items per page.
    */
diff --git a/src/resources/kv/namespaces/keys.ts b/src/resources/kv/namespaces/keys.ts
index bf958a6d6f..ad094eeddb 100644
--- a/src/resources/kv/namespaces/keys.ts
+++ b/src/resources/kv/namespaces/keys.ts
@@ -117,6 +117,9 @@ export interface Key {
    */
   expiration?: number;
 
+  /**
+   * Arbitrary JSON that is associated with a key.
+   */
   metadata?: unknown;
 }
 
@@ -153,8 +156,14 @@ export namespace KeyBulkGetResponse {
 
   export namespace WorkersKVBulkGetResultWithMetadata {
     export interface Values {
+      /**
+       * The metadata associated with the key.
+       */
       metadata: unknown;
 
+      /**
+       * The value associated with the key.
+       */
       value: unknown;
 
       /**
@@ -268,6 +277,9 @@ export namespace KeyBulkUpdateParams {
      */
     expiration_ttl?: number;
 
+    /**
+     * Arbitrary JSON that is associated with a key.
+     */
     metadata?: unknown;
   }
 }
diff --git a/src/resources/kv/namespaces/metadata.ts b/src/resources/kv/namespaces/metadata.ts
index 53db763063..927ba8a17d 100644
--- a/src/resources/kv/namespaces/metadata.ts
+++ b/src/resources/kv/namespaces/metadata.ts
@@ -34,6 +34,9 @@ export class Metadata extends APIResource {
   }
 }
 
+/**
+ * Arbitrary JSON that is associated with a key.
+ */
 export type MetadataGetResponse = unknown;
 
 export interface MetadataGetParams {
diff --git a/src/resources/kv/namespaces/namespaces.ts b/src/resources/kv/namespaces/namespaces.ts
index 32b1ec889c..3f8f3b7a90 100644
--- a/src/resources/kv/namespaces/namespaces.ts
+++ b/src/resources/kv/namespaces/namespaces.ts
@@ -312,8 +312,14 @@ export namespace NamespaceBulkGetResponse {
 
   export namespace WorkersKVBulkGetResultWithMetadata {
     export interface Values {
+      /**
+       * The metadata associated with the key.
+       */
       metadata: unknown;
 
+      /**
+       * The value associated with the key.
+       */
       value: unknown;
 
       /**
@@ -462,6 +468,9 @@ export namespace NamespaceBulkUpdateParams {
      */
     expiration_ttl?: number;
 
+    /**
+     * Arbitrary JSON that is associated with a key.
+     */
     metadata?: unknown;
   }
 }
diff --git a/src/resources/kv/namespaces/values.ts b/src/resources/kv/namespaces/values.ts
index 03752a92d4..29174df308 100644
--- a/src/resources/kv/namespaces/values.ts
+++ b/src/resources/kv/namespaces/values.ts
@@ -134,7 +134,7 @@ export interface ValueUpdateParams {
   expiration_ttl?: number;
 
   /**
-   * Body param:
+   * Body param: Associates arbitrary JSON data with a key/value pair.
    */
   metadata?: unknown;
 }
diff --git a/src/resources/load-balancers/load-balancers.ts b/src/resources/load-balancers/load-balancers.ts
index b0c4847381..1cd26f3e14 100644
--- a/src/resources/load-balancers/load-balancers.ts
+++ b/src/resources/load-balancers/load-balancers.ts
@@ -430,7 +430,7 @@ export interface LoadBalancer {
   networks?: Array<string>;
 
   /**
-   * (Enterprise only): A mapping of Cloudflare PoP identifiers to a list of pool IDs
+   * Enterprise only: A mapping of Cloudflare PoP identifiers to a list of pool IDs
    * (ordered by their failover priority) for the PoP (datacenter). Any PoPs not
    * explicitly defined will fall back to using the corresponding country_pool, then
    * region_pool mapping if it exists else to default_pools.
@@ -469,28 +469,25 @@ export interface LoadBalancer {
 
   /**
    * Specifies the type of session affinity the load balancer should use unless
-   * specified as `"none"`. The supported types are:
-   *
-   * - `"cookie"`: On the first request to a proxied load balancer, a cookie is
-   *   generated, encoding information of which origin the request will be forwarded
-   *   to. Subsequent requests, by the same client to the same load balancer, will be
-   *   sent to the origin server the cookie encodes, for the duration of the cookie
-   *   and as long as the origin server remains healthy. If the cookie has expired or
-   *   the origin server is unhealthy, then a new origin server is calculated and
-   *   used.
-   * - `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
-   *   selection is stable and based on the client's ip address.
-   * - `"header"`: On the first request to a proxied load balancer, a session key
-   *   based on the configured HTTP headers (see
-   *   `session_affinity_attributes.headers`) is generated, encoding the request
-   *   headers used for storing in the load balancer session state which origin the
-   *   request will be forwarded to. Subsequent requests to the load balancer with
-   *   the same headers will be sent to the same origin server, for the duration of
-   *   the session and as long as the origin server remains healthy. If the session
-   *   has been idle for the duration of `session_affinity_ttl` seconds or the origin
-   *   server is unhealthy, then a new origin server is calculated and used. See
-   *   `headers` in `session_affinity_attributes` for additional required
-   *   configuration.
+   * specified as `"none"`. The supported types are: - `"cookie"`: On the first
+   * request to a proxied load balancer, a cookie is generated, encoding information
+   * of which origin the request will be forwarded to. Subsequent requests, by the
+   * same client to the same load balancer, will be sent to the origin server the
+   * cookie encodes, for the duration of the cookie and as long as the origin server
+   * remains healthy. If the cookie has expired or the origin server is unhealthy,
+   * then a new origin server is calculated and used. - `"ip_cookie"`: Behaves the
+   * same as `"cookie"` except the initial origin selection is stable and based on
+   * the client's ip address. - `"header"`: On the first request to a proxied load
+   * balancer, a session key based on the configured HTTP headers (see
+   * `session_affinity_attributes.headers`) is generated, encoding the request
+   * headers used for storing in the load balancer session state which origin the
+   * request will be forwarded to. Subsequent requests to the load balancer with the
+   * same headers will be sent to the same origin server, for the duration of the
+   * session and as long as the origin server remains healthy. If the session has
+   * been idle for the duration of `session_affinity_ttl` seconds or the origin
+   * server is unhealthy, then a new origin server is calculated and used. See
+   * `headers` in `session_affinity_attributes` for additional required
+   * configuration.
    */
   session_affinity?: SessionAffinity;
 
@@ -502,14 +499,13 @@ export interface LoadBalancer {
   /**
    * Time, in seconds, until a client's session expires after being created. Once the
    * expiry time has been reached, subsequent requests may get sent to a different
-   * origin server. The accepted ranges per `session_affinity` policy are:
-   *
-   * - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
-   *   unless explicitly set. The accepted range of values is between [1800, 604800].
-   * - `"header"`: The current default of 1800 seconds will be used unless explicitly
-   *   set. The accepted range of values is between [30, 3600]. Note: With session
-   *   affinity by header, sessions only expire after they haven't been used for the
-   *   number of seconds specified.
+   * origin server. The accepted ranges per `session_affinity` policy are: -
+   * `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used unless
+   * explicitly set. The accepted range of values is between [1800, 604800]. -
+   * `"header"`: The current default of 1800 seconds will be used unless explicitly
+   * set. The accepted range of values is between [30, 3600]. Note: With session
+   * affinity by header, sessions only expire after they haven't been used for the
+   * number of seconds specified.
    */
   session_affinity_ttl?: number;
 
@@ -1025,7 +1021,7 @@ export namespace Rules {
     location_strategy?: LoadBalancersAPI.LocationStrategy;
 
     /**
-     * (Enterprise only): A mapping of Cloudflare PoP identifiers to a list of pool IDs
+     * Enterprise only: A mapping of Cloudflare PoP identifiers to a list of pool IDs
      * (ordered by their failover priority) for the PoP (datacenter). Any PoPs not
      * explicitly defined will fall back to using the corresponding country_pool, then
      * region_pool mapping if it exists else to default_pools.
@@ -1053,28 +1049,25 @@ export namespace Rules {
 
     /**
      * Specifies the type of session affinity the load balancer should use unless
-     * specified as `"none"`. The supported types are:
-     *
-     * - `"cookie"`: On the first request to a proxied load balancer, a cookie is
-     *   generated, encoding information of which origin the request will be forwarded
-     *   to. Subsequent requests, by the same client to the same load balancer, will be
-     *   sent to the origin server the cookie encodes, for the duration of the cookie
-     *   and as long as the origin server remains healthy. If the cookie has expired or
-     *   the origin server is unhealthy, then a new origin server is calculated and
-     *   used.
-     * - `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
-     *   selection is stable and based on the client's ip address.
-     * - `"header"`: On the first request to a proxied load balancer, a session key
-     *   based on the configured HTTP headers (see
-     *   `session_affinity_attributes.headers`) is generated, encoding the request
-     *   headers used for storing in the load balancer session state which origin the
-     *   request will be forwarded to. Subsequent requests to the load balancer with
-     *   the same headers will be sent to the same origin server, for the duration of
-     *   the session and as long as the origin server remains healthy. If the session
-     *   has been idle for the duration of `session_affinity_ttl` seconds or the origin
-     *   server is unhealthy, then a new origin server is calculated and used. See
-     *   `headers` in `session_affinity_attributes` for additional required
-     *   configuration.
+     * specified as `"none"`. The supported types are: - `"cookie"`: On the first
+     * request to a proxied load balancer, a cookie is generated, encoding information
+     * of which origin the request will be forwarded to. Subsequent requests, by the
+     * same client to the same load balancer, will be sent to the origin server the
+     * cookie encodes, for the duration of the cookie and as long as the origin server
+     * remains healthy. If the cookie has expired or the origin server is unhealthy,
+     * then a new origin server is calculated and used. - `"ip_cookie"`: Behaves the
+     * same as `"cookie"` except the initial origin selection is stable and based on
+     * the client's ip address. - `"header"`: On the first request to a proxied load
+     * balancer, a session key based on the configured HTTP headers (see
+     * `session_affinity_attributes.headers`) is generated, encoding the request
+     * headers used for storing in the load balancer session state which origin the
+     * request will be forwarded to. Subsequent requests to the load balancer with the
+     * same headers will be sent to the same origin server, for the duration of the
+     * session and as long as the origin server remains healthy. If the session has
+     * been idle for the duration of `session_affinity_ttl` seconds or the origin
+     * server is unhealthy, then a new origin server is calculated and used. See
+     * `headers` in `session_affinity_attributes` for additional required
+     * configuration.
      */
     session_affinity?: LoadBalancersAPI.SessionAffinity;
 
@@ -1086,14 +1079,13 @@ export namespace Rules {
     /**
      * Time, in seconds, until a client's session expires after being created. Once the
      * expiry time has been reached, subsequent requests may get sent to a different
-     * origin server. The accepted ranges per `session_affinity` policy are:
-     *
-     * - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
-     *   unless explicitly set. The accepted range of values is between [1800, 604800].
-     * - `"header"`: The current default of 1800 seconds will be used unless explicitly
-     *   set. The accepted range of values is between [30, 3600]. Note: With session
-     *   affinity by header, sessions only expire after they haven't been used for the
-     *   number of seconds specified.
+     * origin server. The accepted ranges per `session_affinity` policy are: -
+     * `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used unless
+     * explicitly set. The accepted range of values is between [1800, 604800]. -
+     * `"header"`: The current default of 1800 seconds will be used unless explicitly
+     * set. The accepted range of values is between [30, 3600]. Note: With session
+     * affinity by header, sessions only expire after they haven't been used for the
+     * number of seconds specified.
      */
     session_affinity_ttl?: number;
 
@@ -1252,7 +1244,7 @@ export namespace RulesParam {
     location_strategy?: LoadBalancersAPI.LocationStrategyParam;
 
     /**
-     * (Enterprise only): A mapping of Cloudflare PoP identifiers to a list of pool IDs
+     * Enterprise only: A mapping of Cloudflare PoP identifiers to a list of pool IDs
      * (ordered by their failover priority) for the PoP (datacenter). Any PoPs not
      * explicitly defined will fall back to using the corresponding country_pool, then
      * region_pool mapping if it exists else to default_pools.
@@ -1280,28 +1272,25 @@ export namespace RulesParam {
 
     /**
      * Specifies the type of session affinity the load balancer should use unless
-     * specified as `"none"`. The supported types are:
-     *
-     * - `"cookie"`: On the first request to a proxied load balancer, a cookie is
-     *   generated, encoding information of which origin the request will be forwarded
-     *   to. Subsequent requests, by the same client to the same load balancer, will be
-     *   sent to the origin server the cookie encodes, for the duration of the cookie
-     *   and as long as the origin server remains healthy. If the cookie has expired or
-     *   the origin server is unhealthy, then a new origin server is calculated and
-     *   used.
-     * - `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
-     *   selection is stable and based on the client's ip address.
-     * - `"header"`: On the first request to a proxied load balancer, a session key
-     *   based on the configured HTTP headers (see
-     *   `session_affinity_attributes.headers`) is generated, encoding the request
-     *   headers used for storing in the load balancer session state which origin the
-     *   request will be forwarded to. Subsequent requests to the load balancer with
-     *   the same headers will be sent to the same origin server, for the duration of
-     *   the session and as long as the origin server remains healthy. If the session
-     *   has been idle for the duration of `session_affinity_ttl` seconds or the origin
-     *   server is unhealthy, then a new origin server is calculated and used. See
-     *   `headers` in `session_affinity_attributes` for additional required
-     *   configuration.
+     * specified as `"none"`. The supported types are: - `"cookie"`: On the first
+     * request to a proxied load balancer, a cookie is generated, encoding information
+     * of which origin the request will be forwarded to. Subsequent requests, by the
+     * same client to the same load balancer, will be sent to the origin server the
+     * cookie encodes, for the duration of the cookie and as long as the origin server
+     * remains healthy. If the cookie has expired or the origin server is unhealthy,
+     * then a new origin server is calculated and used. - `"ip_cookie"`: Behaves the
+     * same as `"cookie"` except the initial origin selection is stable and based on
+     * the client's ip address. - `"header"`: On the first request to a proxied load
+     * balancer, a session key based on the configured HTTP headers (see
+     * `session_affinity_attributes.headers`) is generated, encoding the request
+     * headers used for storing in the load balancer session state which origin the
+     * request will be forwarded to. Subsequent requests to the load balancer with the
+     * same headers will be sent to the same origin server, for the duration of the
+     * session and as long as the origin server remains healthy. If the session has
+     * been idle for the duration of `session_affinity_ttl` seconds or the origin
+     * server is unhealthy, then a new origin server is calculated and used. See
+     * `headers` in `session_affinity_attributes` for additional required
+     * configuration.
      */
     session_affinity?: LoadBalancersAPI.SessionAffinityParam;
 
@@ -1313,14 +1302,13 @@ export namespace RulesParam {
     /**
      * Time, in seconds, until a client's session expires after being created. Once the
      * expiry time has been reached, subsequent requests may get sent to a different
-     * origin server. The accepted ranges per `session_affinity` policy are:
-     *
-     * - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
-     *   unless explicitly set. The accepted range of values is between [1800, 604800].
-     * - `"header"`: The current default of 1800 seconds will be used unless explicitly
-     *   set. The accepted range of values is between [30, 3600]. Note: With session
-     *   affinity by header, sessions only expire after they haven't been used for the
-     *   number of seconds specified.
+     * origin server. The accepted ranges per `session_affinity` policy are: -
+     * `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used unless
+     * explicitly set. The accepted range of values is between [1800, 604800]. -
+     * `"header"`: The current default of 1800 seconds will be used unless explicitly
+     * set. The accepted range of values is between [30, 3600]. Note: With session
+     * affinity by header, sessions only expire after they haven't been used for the
+     * number of seconds specified.
      */
     session_affinity_ttl?: number;
 
@@ -1360,55 +1348,49 @@ export namespace RulesParam {
 
 /**
  * Specifies the type of session affinity the load balancer should use unless
- * specified as `"none"`. The supported types are:
- *
- * - `"cookie"`: On the first request to a proxied load balancer, a cookie is
- *   generated, encoding information of which origin the request will be forwarded
- *   to. Subsequent requests, by the same client to the same load balancer, will be
- *   sent to the origin server the cookie encodes, for the duration of the cookie
- *   and as long as the origin server remains healthy. If the cookie has expired or
- *   the origin server is unhealthy, then a new origin server is calculated and
- *   used.
- * - `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
- *   selection is stable and based on the client's ip address.
- * - `"header"`: On the first request to a proxied load balancer, a session key
- *   based on the configured HTTP headers (see
- *   `session_affinity_attributes.headers`) is generated, encoding the request
- *   headers used for storing in the load balancer session state which origin the
- *   request will be forwarded to. Subsequent requests to the load balancer with
- *   the same headers will be sent to the same origin server, for the duration of
- *   the session and as long as the origin server remains healthy. If the session
- *   has been idle for the duration of `session_affinity_ttl` seconds or the origin
- *   server is unhealthy, then a new origin server is calculated and used. See
- *   `headers` in `session_affinity_attributes` for additional required
- *   configuration.
+ * specified as `"none"`. The supported types are: - `"cookie"`: On the first
+ * request to a proxied load balancer, a cookie is generated, encoding information
+ * of which origin the request will be forwarded to. Subsequent requests, by the
+ * same client to the same load balancer, will be sent to the origin server the
+ * cookie encodes, for the duration of the cookie and as long as the origin server
+ * remains healthy. If the cookie has expired or the origin server is unhealthy,
+ * then a new origin server is calculated and used. - `"ip_cookie"`: Behaves the
+ * same as `"cookie"` except the initial origin selection is stable and based on
+ * the client's ip address. - `"header"`: On the first request to a proxied load
+ * balancer, a session key based on the configured HTTP headers (see
+ * `session_affinity_attributes.headers`) is generated, encoding the request
+ * headers used for storing in the load balancer session state which origin the
+ * request will be forwarded to. Subsequent requests to the load balancer with the
+ * same headers will be sent to the same origin server, for the duration of the
+ * session and as long as the origin server remains healthy. If the session has
+ * been idle for the duration of `session_affinity_ttl` seconds or the origin
+ * server is unhealthy, then a new origin server is calculated and used. See
+ * `headers` in `session_affinity_attributes` for additional required
+ * configuration.
  */
 export type SessionAffinity = 'none' | 'cookie' | 'ip_cookie' | 'header';
 
 /**
  * Specifies the type of session affinity the load balancer should use unless
- * specified as `"none"`. The supported types are:
- *
- * - `"cookie"`: On the first request to a proxied load balancer, a cookie is
- *   generated, encoding information of which origin the request will be forwarded
- *   to. Subsequent requests, by the same client to the same load balancer, will be
- *   sent to the origin server the cookie encodes, for the duration of the cookie
- *   and as long as the origin server remains healthy. If the cookie has expired or
- *   the origin server is unhealthy, then a new origin server is calculated and
- *   used.
- * - `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
- *   selection is stable and based on the client's ip address.
- * - `"header"`: On the first request to a proxied load balancer, a session key
- *   based on the configured HTTP headers (see
- *   `session_affinity_attributes.headers`) is generated, encoding the request
- *   headers used for storing in the load balancer session state which origin the
- *   request will be forwarded to. Subsequent requests to the load balancer with
- *   the same headers will be sent to the same origin server, for the duration of
- *   the session and as long as the origin server remains healthy. If the session
- *   has been idle for the duration of `session_affinity_ttl` seconds or the origin
- *   server is unhealthy, then a new origin server is calculated and used. See
- *   `headers` in `session_affinity_attributes` for additional required
- *   configuration.
+ * specified as `"none"`. The supported types are: - `"cookie"`: On the first
+ * request to a proxied load balancer, a cookie is generated, encoding information
+ * of which origin the request will be forwarded to. Subsequent requests, by the
+ * same client to the same load balancer, will be sent to the origin server the
+ * cookie encodes, for the duration of the cookie and as long as the origin server
+ * remains healthy. If the cookie has expired or the origin server is unhealthy,
+ * then a new origin server is calculated and used. - `"ip_cookie"`: Behaves the
+ * same as `"cookie"` except the initial origin selection is stable and based on
+ * the client's ip address. - `"header"`: On the first request to a proxied load
+ * balancer, a session key based on the configured HTTP headers (see
+ * `session_affinity_attributes.headers`) is generated, encoding the request
+ * headers used for storing in the load balancer session state which origin the
+ * request will be forwarded to. Subsequent requests to the load balancer with the
+ * same headers will be sent to the same origin server, for the duration of the
+ * session and as long as the origin server remains healthy. If the session has
+ * been idle for the duration of `session_affinity_ttl` seconds or the origin
+ * server is unhealthy, then a new origin server is calculated and used. See
+ * `headers` in `session_affinity_attributes` for additional required
+ * configuration.
  */
 export type SessionAffinityParam = 'none' | 'cookie' | 'ip_cookie' | 'header';
 
@@ -1437,14 +1419,11 @@ export interface SessionAffinityAttributes {
   /**
    * When header `session_affinity` is enabled, this option can be used to specify
    * how HTTP headers on load balancing requests will be used. The supported values
-   * are:
-   *
-   * - `"true"`: Load balancing requests must contain _all_ of the HTTP headers
-   *   specified by the `headers` session affinity attribute, otherwise sessions
-   *   aren't created.
-   * - `"false"`: Load balancing requests must contain _at least one_ of the HTTP
-   *   headers specified by the `headers` session affinity attribute, otherwise
-   *   sessions aren't created.
+   * are: - `"true"`: Load balancing requests must contain _all_ of the HTTP headers
+   * specified by the `headers` session affinity attribute, otherwise sessions aren't
+   * created. - `"false"`: Load balancing requests must contain _at least one_ of the
+   * HTTP headers specified by the `headers` session affinity attribute, otherwise
+   * sessions aren't created.
    */
   require_all_headers?: boolean;
 
@@ -1466,15 +1445,13 @@ export interface SessionAffinityAttributes {
   /**
    * Configures the zero-downtime failover between origins within a pool when session
    * affinity is enabled. This feature is currently incompatible with Argo, Tiered
-   * Cache, and Bandwidth Alliance. The supported values are:
-   *
-   * - `"none"`: No failover takes place for sessions pinned to the origin (default).
-   * - `"temporary"`: Traffic will be sent to another other healthy origin until the
-   *   originally pinned origin is available; note that this can potentially result
-   *   in heavy origin flapping.
-   * - `"sticky"`: The session affinity cookie is updated and subsequent requests are
-   *   sent to the new origin. Note: Zero-downtime failover with sticky sessions is
-   *   currently not supported for session affinity by header.
+   * Cache, and Bandwidth Alliance. The supported values are: - `"none"`: No failover
+   * takes place for sessions pinned to the origin (default). - `"temporary"`:
+   * Traffic will be sent to another other healthy origin until the originally pinned
+   * origin is available; note that this can potentially result in heavy origin
+   * flapping. - `"sticky"`: The session affinity cookie is updated and subsequent
+   * requests are sent to the new origin. Note: Zero-downtime failover with sticky
+   * sessions is currently not supported for session affinity by header.
    */
   zero_downtime_failover?: 'none' | 'temporary' | 'sticky';
 }
@@ -1504,14 +1481,11 @@ export interface SessionAffinityAttributesParam {
   /**
    * When header `session_affinity` is enabled, this option can be used to specify
    * how HTTP headers on load balancing requests will be used. The supported values
-   * are:
-   *
-   * - `"true"`: Load balancing requests must contain _all_ of the HTTP headers
-   *   specified by the `headers` session affinity attribute, otherwise sessions
-   *   aren't created.
-   * - `"false"`: Load balancing requests must contain _at least one_ of the HTTP
-   *   headers specified by the `headers` session affinity attribute, otherwise
-   *   sessions aren't created.
+   * are: - `"true"`: Load balancing requests must contain _all_ of the HTTP headers
+   * specified by the `headers` session affinity attribute, otherwise sessions aren't
+   * created. - `"false"`: Load balancing requests must contain _at least one_ of the
+   * HTTP headers specified by the `headers` session affinity attribute, otherwise
+   * sessions aren't created.
    */
   require_all_headers?: boolean;
 
@@ -1533,15 +1507,13 @@ export interface SessionAffinityAttributesParam {
   /**
    * Configures the zero-downtime failover between origins within a pool when session
    * affinity is enabled. This feature is currently incompatible with Argo, Tiered
-   * Cache, and Bandwidth Alliance. The supported values are:
-   *
-   * - `"none"`: No failover takes place for sessions pinned to the origin (default).
-   * - `"temporary"`: Traffic will be sent to another other healthy origin until the
-   *   originally pinned origin is available; note that this can potentially result
-   *   in heavy origin flapping.
-   * - `"sticky"`: The session affinity cookie is updated and subsequent requests are
-   *   sent to the new origin. Note: Zero-downtime failover with sticky sessions is
-   *   currently not supported for session affinity by header.
+   * Cache, and Bandwidth Alliance. The supported values are: - `"none"`: No failover
+   * takes place for sessions pinned to the origin (default). - `"temporary"`:
+   * Traffic will be sent to another other healthy origin until the originally pinned
+   * origin is available; note that this can potentially result in heavy origin
+   * flapping. - `"sticky"`: The session affinity cookie is updated and subsequent
+   * requests are sent to the new origin. Note: Zero-downtime failover with sticky
+   * sessions is currently not supported for session affinity by header.
    */
   zero_downtime_failover?: 'none' | 'temporary' | 'sticky';
 }
@@ -1678,7 +1650,7 @@ export interface LoadBalancerCreateParams {
   networks?: Array<string>;
 
   /**
-   * Body param: (Enterprise only): A mapping of Cloudflare PoP identifiers to a list
+   * Body param: Enterprise only: A mapping of Cloudflare PoP identifiers to a list
    * of pool IDs (ordered by their failover priority) for the PoP (datacenter). Any
    * PoPs not explicitly defined will fall back to using the corresponding
    * country_pool, then region_pool mapping if it exists else to default_pools.
@@ -1718,28 +1690,25 @@ export interface LoadBalancerCreateParams {
 
   /**
    * Body param: Specifies the type of session affinity the load balancer should use
-   * unless specified as `"none"`. The supported types are:
-   *
-   * - `"cookie"`: On the first request to a proxied load balancer, a cookie is
-   *   generated, encoding information of which origin the request will be forwarded
-   *   to. Subsequent requests, by the same client to the same load balancer, will be
-   *   sent to the origin server the cookie encodes, for the duration of the cookie
-   *   and as long as the origin server remains healthy. If the cookie has expired or
-   *   the origin server is unhealthy, then a new origin server is calculated and
-   *   used.
-   * - `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
-   *   selection is stable and based on the client's ip address.
-   * - `"header"`: On the first request to a proxied load balancer, a session key
-   *   based on the configured HTTP headers (see
-   *   `session_affinity_attributes.headers`) is generated, encoding the request
-   *   headers used for storing in the load balancer session state which origin the
-   *   request will be forwarded to. Subsequent requests to the load balancer with
-   *   the same headers will be sent to the same origin server, for the duration of
-   *   the session and as long as the origin server remains healthy. If the session
-   *   has been idle for the duration of `session_affinity_ttl` seconds or the origin
-   *   server is unhealthy, then a new origin server is calculated and used. See
-   *   `headers` in `session_affinity_attributes` for additional required
-   *   configuration.
+   * unless specified as `"none"`. The supported types are: - `"cookie"`: On the
+   * first request to a proxied load balancer, a cookie is generated, encoding
+   * information of which origin the request will be forwarded to. Subsequent
+   * requests, by the same client to the same load balancer, will be sent to the
+   * origin server the cookie encodes, for the duration of the cookie and as long as
+   * the origin server remains healthy. If the cookie has expired or the origin
+   * server is unhealthy, then a new origin server is calculated and used. -
+   * `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
+   * selection is stable and based on the client's ip address. - `"header"`: On the
+   * first request to a proxied load balancer, a session key based on the configured
+   * HTTP headers (see `session_affinity_attributes.headers`) is generated, encoding
+   * the request headers used for storing in the load balancer session state which
+   * origin the request will be forwarded to. Subsequent requests to the load
+   * balancer with the same headers will be sent to the same origin server, for the
+   * duration of the session and as long as the origin server remains healthy. If the
+   * session has been idle for the duration of `session_affinity_ttl` seconds or the
+   * origin server is unhealthy, then a new origin server is calculated and used. See
+   * `headers` in `session_affinity_attributes` for additional required
+   * configuration.
    */
   session_affinity?: SessionAffinityParam;
 
@@ -1752,14 +1721,12 @@ export interface LoadBalancerCreateParams {
    * Body param: Time, in seconds, until a client's session expires after being
    * created. Once the expiry time has been reached, subsequent requests may get sent
    * to a different origin server. The accepted ranges per `session_affinity` policy
-   * are:
-   *
-   * - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
-   *   unless explicitly set. The accepted range of values is between [1800, 604800].
-   * - `"header"`: The current default of 1800 seconds will be used unless explicitly
-   *   set. The accepted range of values is between [30, 3600]. Note: With session
-   *   affinity by header, sessions only expire after they haven't been used for the
-   *   number of seconds specified.
+   * are: - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
+   * unless explicitly set. The accepted range of values is between [1800, 604800]. -
+   * `"header"`: The current default of 1800 seconds will be used unless explicitly
+   * set. The accepted range of values is between [30, 3600]. Note: With session
+   * affinity by header, sessions only expire after they haven't been used for the
+   * number of seconds specified.
    */
   session_affinity_ttl?: number;
 
@@ -1862,7 +1829,7 @@ export interface LoadBalancerUpdateParams {
   networks?: Array<string>;
 
   /**
-   * Body param: (Enterprise only): A mapping of Cloudflare PoP identifiers to a list
+   * Body param: Enterprise only: A mapping of Cloudflare PoP identifiers to a list
    * of pool IDs (ordered by their failover priority) for the PoP (datacenter). Any
    * PoPs not explicitly defined will fall back to using the corresponding
    * country_pool, then region_pool mapping if it exists else to default_pools.
@@ -1902,28 +1869,25 @@ export interface LoadBalancerUpdateParams {
 
   /**
    * Body param: Specifies the type of session affinity the load balancer should use
-   * unless specified as `"none"`. The supported types are:
-   *
-   * - `"cookie"`: On the first request to a proxied load balancer, a cookie is
-   *   generated, encoding information of which origin the request will be forwarded
-   *   to. Subsequent requests, by the same client to the same load balancer, will be
-   *   sent to the origin server the cookie encodes, for the duration of the cookie
-   *   and as long as the origin server remains healthy. If the cookie has expired or
-   *   the origin server is unhealthy, then a new origin server is calculated and
-   *   used.
-   * - `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
-   *   selection is stable and based on the client's ip address.
-   * - `"header"`: On the first request to a proxied load balancer, a session key
-   *   based on the configured HTTP headers (see
-   *   `session_affinity_attributes.headers`) is generated, encoding the request
-   *   headers used for storing in the load balancer session state which origin the
-   *   request will be forwarded to. Subsequent requests to the load balancer with
-   *   the same headers will be sent to the same origin server, for the duration of
-   *   the session and as long as the origin server remains healthy. If the session
-   *   has been idle for the duration of `session_affinity_ttl` seconds or the origin
-   *   server is unhealthy, then a new origin server is calculated and used. See
-   *   `headers` in `session_affinity_attributes` for additional required
-   *   configuration.
+   * unless specified as `"none"`. The supported types are: - `"cookie"`: On the
+   * first request to a proxied load balancer, a cookie is generated, encoding
+   * information of which origin the request will be forwarded to. Subsequent
+   * requests, by the same client to the same load balancer, will be sent to the
+   * origin server the cookie encodes, for the duration of the cookie and as long as
+   * the origin server remains healthy. If the cookie has expired or the origin
+   * server is unhealthy, then a new origin server is calculated and used. -
+   * `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
+   * selection is stable and based on the client's ip address. - `"header"`: On the
+   * first request to a proxied load balancer, a session key based on the configured
+   * HTTP headers (see `session_affinity_attributes.headers`) is generated, encoding
+   * the request headers used for storing in the load balancer session state which
+   * origin the request will be forwarded to. Subsequent requests to the load
+   * balancer with the same headers will be sent to the same origin server, for the
+   * duration of the session and as long as the origin server remains healthy. If the
+   * session has been idle for the duration of `session_affinity_ttl` seconds or the
+   * origin server is unhealthy, then a new origin server is calculated and used. See
+   * `headers` in `session_affinity_attributes` for additional required
+   * configuration.
    */
   session_affinity?: SessionAffinityParam;
 
@@ -1936,14 +1900,12 @@ export interface LoadBalancerUpdateParams {
    * Body param: Time, in seconds, until a client's session expires after being
    * created. Once the expiry time has been reached, subsequent requests may get sent
    * to a different origin server. The accepted ranges per `session_affinity` policy
-   * are:
-   *
-   * - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
-   *   unless explicitly set. The accepted range of values is between [1800, 604800].
-   * - `"header"`: The current default of 1800 seconds will be used unless explicitly
-   *   set. The accepted range of values is between [30, 3600]. Note: With session
-   *   affinity by header, sessions only expire after they haven't been used for the
-   *   number of seconds specified.
+   * are: - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
+   * unless explicitly set. The accepted range of values is between [1800, 604800]. -
+   * `"header"`: The current default of 1800 seconds will be used unless explicitly
+   * set. The accepted range of values is between [30, 3600]. Note: With session
+   * affinity by header, sessions only expire after they haven't been used for the
+   * number of seconds specified.
    */
   session_affinity_ttl?: number;
 
@@ -2049,7 +2011,7 @@ export interface LoadBalancerEditParams {
   name?: string;
 
   /**
-   * Body param: (Enterprise only): A mapping of Cloudflare PoP identifiers to a list
+   * Body param: Enterprise only: A mapping of Cloudflare PoP identifiers to a list
    * of pool IDs (ordered by their failover priority) for the PoP (datacenter). Any
    * PoPs not explicitly defined will fall back to using the corresponding
    * country_pool, then region_pool mapping if it exists else to default_pools.
@@ -2089,28 +2051,25 @@ export interface LoadBalancerEditParams {
 
   /**
    * Body param: Specifies the type of session affinity the load balancer should use
-   * unless specified as `"none"`. The supported types are:
-   *
-   * - `"cookie"`: On the first request to a proxied load balancer, a cookie is
-   *   generated, encoding information of which origin the request will be forwarded
-   *   to. Subsequent requests, by the same client to the same load balancer, will be
-   *   sent to the origin server the cookie encodes, for the duration of the cookie
-   *   and as long as the origin server remains healthy. If the cookie has expired or
-   *   the origin server is unhealthy, then a new origin server is calculated and
-   *   used.
-   * - `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
-   *   selection is stable and based on the client's ip address.
-   * - `"header"`: On the first request to a proxied load balancer, a session key
-   *   based on the configured HTTP headers (see
-   *   `session_affinity_attributes.headers`) is generated, encoding the request
-   *   headers used for storing in the load balancer session state which origin the
-   *   request will be forwarded to. Subsequent requests to the load balancer with
-   *   the same headers will be sent to the same origin server, for the duration of
-   *   the session and as long as the origin server remains healthy. If the session
-   *   has been idle for the duration of `session_affinity_ttl` seconds or the origin
-   *   server is unhealthy, then a new origin server is calculated and used. See
-   *   `headers` in `session_affinity_attributes` for additional required
-   *   configuration.
+   * unless specified as `"none"`. The supported types are: - `"cookie"`: On the
+   * first request to a proxied load balancer, a cookie is generated, encoding
+   * information of which origin the request will be forwarded to. Subsequent
+   * requests, by the same client to the same load balancer, will be sent to the
+   * origin server the cookie encodes, for the duration of the cookie and as long as
+   * the origin server remains healthy. If the cookie has expired or the origin
+   * server is unhealthy, then a new origin server is calculated and used. -
+   * `"ip_cookie"`: Behaves the same as `"cookie"` except the initial origin
+   * selection is stable and based on the client's ip address. - `"header"`: On the
+   * first request to a proxied load balancer, a session key based on the configured
+   * HTTP headers (see `session_affinity_attributes.headers`) is generated, encoding
+   * the request headers used for storing in the load balancer session state which
+   * origin the request will be forwarded to. Subsequent requests to the load
+   * balancer with the same headers will be sent to the same origin server, for the
+   * duration of the session and as long as the origin server remains healthy. If the
+   * session has been idle for the duration of `session_affinity_ttl` seconds or the
+   * origin server is unhealthy, then a new origin server is calculated and used. See
+   * `headers` in `session_affinity_attributes` for additional required
+   * configuration.
    */
   session_affinity?: SessionAffinityParam;
 
@@ -2123,14 +2082,12 @@ export interface LoadBalancerEditParams {
    * Body param: Time, in seconds, until a client's session expires after being
    * created. Once the expiry time has been reached, subsequent requests may get sent
    * to a different origin server. The accepted ranges per `session_affinity` policy
-   * are:
-   *
-   * - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
-   *   unless explicitly set. The accepted range of values is between [1800, 604800].
-   * - `"header"`: The current default of 1800 seconds will be used unless explicitly
-   *   set. The accepted range of values is between [30, 3600]. Note: With session
-   *   affinity by header, sessions only expire after they haven't been used for the
-   *   number of seconds specified.
+   * are: - `"cookie"` / `"ip_cookie"`: The current default of 23 hours will be used
+   * unless explicitly set. The accepted range of values is between [1800, 604800]. -
+   * `"header"`: The current default of 1800 seconds will be used unless explicitly
+   * set. The accepted range of values is between [30, 3600]. Note: With session
+   * affinity by header, sessions only expire after they haven't been used for the
+   * number of seconds specified.
    */
   session_affinity_ttl?: number;
 
diff --git a/src/resources/load-balancers/monitors/monitors.ts b/src/resources/load-balancers/monitors/monitors.ts
index 304af32535..e06f9f7ff9 100644
--- a/src/resources/load-balancers/monitors/monitors.ts
+++ b/src/resources/load-balancers/monitors/monitors.ts
@@ -272,7 +272,7 @@ export interface MonitorDeleteResponse {
 
 export interface MonitorCreateParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -378,7 +378,7 @@ export interface MonitorCreateParams {
 
 export interface MonitorUpdateParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -484,21 +484,21 @@ export interface MonitorUpdateParams {
 
 export interface MonitorListParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
 
 export interface MonitorDeleteParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
 
 export interface MonitorEditParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -604,7 +604,7 @@ export interface MonitorEditParams {
 
 export interface MonitorGetParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
diff --git a/src/resources/load-balancers/monitors/previews.ts b/src/resources/load-balancers/monitors/previews.ts
index 857933228d..677afbce1c 100644
--- a/src/resources/load-balancers/monitors/previews.ts
+++ b/src/resources/load-balancers/monitors/previews.ts
@@ -43,7 +43,7 @@ export interface PreviewCreateResponse {
 
 export interface PreviewCreateParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
diff --git a/src/resources/load-balancers/monitors/references.ts b/src/resources/load-balancers/monitors/references.ts
index 1baab9325b..024ca81ff9 100644
--- a/src/resources/load-balancers/monitors/references.ts
+++ b/src/resources/load-balancers/monitors/references.ts
@@ -47,7 +47,7 @@ export interface ReferenceGetResponse {
 
 export interface ReferenceGetParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
diff --git a/src/resources/load-balancers/pools/health.ts b/src/resources/load-balancers/pools/health.ts
index 1af81d09e1..83f9743c4e 100644
--- a/src/resources/load-balancers/pools/health.ts
+++ b/src/resources/load-balancers/pools/health.ts
@@ -72,7 +72,7 @@ export interface HealthCreateResponse {
  */
 export interface HealthGetResponse {
   /**
-   * Pool ID
+   * Pool ID.
    */
   pool_id?: string;
 
@@ -128,7 +128,7 @@ export namespace HealthGetResponse {
 
 export interface HealthCreateParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -234,7 +234,7 @@ export interface HealthCreateParams {
 
 export interface HealthGetParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
diff --git a/src/resources/load-balancers/pools/pools.ts b/src/resources/load-balancers/pools/pools.ts
index c696ed078b..781cab4774 100644
--- a/src/resources/load-balancers/pools/pools.ts
+++ b/src/resources/load-balancers/pools/pools.ts
@@ -295,7 +295,7 @@ export interface PoolDeleteResponse {
 
 export interface PoolCreateParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -378,7 +378,7 @@ export interface PoolCreateParams {
 
 export interface PoolUpdateParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -467,7 +467,7 @@ export interface PoolUpdateParams {
 
 export interface PoolListParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -480,14 +480,14 @@ export interface PoolListParams {
 
 export interface PoolDeleteParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
 
 export interface PoolBulkEditParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -501,7 +501,7 @@ export interface PoolBulkEditParams {
 
 export interface PoolEditParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -590,7 +590,7 @@ export interface PoolEditParams {
 
 export interface PoolGetParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
diff --git a/src/resources/load-balancers/pools/references.ts b/src/resources/load-balancers/pools/references.ts
index e505f40a28..43a19e2dd9 100644
--- a/src/resources/load-balancers/pools/references.ts
+++ b/src/resources/load-balancers/pools/references.ts
@@ -47,7 +47,7 @@ export interface ReferenceGetResponse {
 
 export interface ReferenceGetParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
diff --git a/src/resources/load-balancers/previews.ts b/src/resources/load-balancers/previews.ts
index b6c786f552..0a68dbc4ee 100644
--- a/src/resources/load-balancers/previews.ts
+++ b/src/resources/load-balancers/previews.ts
@@ -44,7 +44,7 @@ export namespace PreviewGetResponse {
 
   export namespace item {
     /**
-     * The origin ipv4/ipv6 address or domain name mapped to it's health data.
+     * The origin ipv4/ipv6 address or domain name mapped to its health data.
      */
     export interface load_balancing_origin_health_data {
       failure_reason?: string;
@@ -60,7 +60,7 @@ export namespace PreviewGetResponse {
 
 export interface PreviewGetParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
diff --git a/src/resources/load-balancers/regions.ts b/src/resources/load-balancers/regions.ts
index d6e4fad916..4fd6224d9e 100644
--- a/src/resources/load-balancers/regions.ts
+++ b/src/resources/load-balancers/regions.ts
@@ -72,7 +72,7 @@ export type RegionGetResponse = unknown | string | null;
 
 export interface RegionListParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
@@ -94,7 +94,7 @@ export interface RegionListParams {
 
 export interface RegionGetParams {
   /**
-   * Identifier
+   * Identifier.
    */
   account_id: string;
 }
diff --git a/src/resources/load-balancers/searches.ts b/src/resources/load-balancers/searches.ts
index 1ddf9765c4..b829e4d4d7 100644
--- a/src/resources/load-balancers/searches.ts
+++ b/src/resources/load-balancers/searches.ts
@@ -71,7 +71,7 @@ export namespace SearchListResponse {
 
 export interface SearchListParams extends V4PagePaginationParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   account_id: string;
 
diff --git a/src/resources/logpush/datasets/fields.ts b/src/resources/logpush/datasets/fields.ts
index 37067a4577..3ba1f069f7 100644
--- a/src/resources/logpush/datasets/fields.ts
+++ b/src/resources/logpush/datasets/fields.ts
@@ -7,7 +7,7 @@ import { CloudflareError } from '../../../error';
 
 export class Fields extends APIResource {
   /**
-   * Lists all fields available for a dataset. The response result is an object with
+   * Lists all fields available for a dataset. The response result is. an object with
    * key-value pairs, where keys are field names, and values are descriptions.
    *
    * @example
@@ -22,6 +22,7 @@ export class Fields extends APIResource {
     datasetId:
       | 'access_requests'
       | 'audit_logs'
+      | 'audit_logs_v2'
       | 'biso_user_actions'
       | 'casb_findings'
       | 'device_posture_results'
@@ -52,6 +53,7 @@ export class Fields extends APIResource {
     datasetId:
       | 'access_requests'
       | 'audit_logs'
+      | 'audit_logs_v2'
       | 'biso_user_actions'
       | 'casb_findings'
       | 'device_posture_results'
@@ -81,6 +83,7 @@ export class Fields extends APIResource {
     datasetId:
       | 'access_requests'
       | 'audit_logs'
+      | 'audit_logs_v2'
       | 'biso_user_actions'
       | 'casb_findings'
       | 'device_posture_results'
diff --git a/src/resources/logpush/datasets/jobs.ts b/src/resources/logpush/datasets/jobs.ts
index f8ef4ccbb0..90c7438608 100644
--- a/src/resources/logpush/datasets/jobs.ts
+++ b/src/resources/logpush/datasets/jobs.ts
@@ -26,6 +26,7 @@ export class Jobs extends APIResource {
     datasetId:
       | 'access_requests'
       | 'audit_logs'
+      | 'audit_logs_v2'
       | 'biso_user_actions'
       | 'casb_findings'
       | 'device_posture_results'
@@ -56,6 +57,7 @@ export class Jobs extends APIResource {
     datasetId:
       | 'access_requests'
       | 'audit_logs'
+      | 'audit_logs_v2'
       | 'biso_user_actions'
       | 'casb_findings'
       | 'device_posture_results'
@@ -85,6 +87,7 @@ export class Jobs extends APIResource {
     datasetId:
       | 'access_requests'
       | 'audit_logs'
+      | 'audit_logs_v2'
       | 'biso_user_actions'
       | 'casb_findings'
       | 'device_posture_results'
diff --git a/src/resources/logpush/jobs.ts b/src/resources/logpush/jobs.ts
index fa64a74139..4b6fba4fa1 100644
--- a/src/resources/logpush/jobs.ts
+++ b/src/resources/logpush/jobs.ts
@@ -35,6 +35,7 @@ export class Jobs extends APIResource {
    *     sample_rate: 1,
    *     timestamp_format: 'unixnano',
    *   },
+   *   ownership_challenge: '00000000000000000000',
    * });
    * ```
    */
@@ -90,6 +91,7 @@ export class Jobs extends APIResource {
    *     sample_rate: 1,
    *     timestamp_format: 'unixnano',
    *   },
+   *   ownership_challenge: '00000000000000000000',
    * });
    * ```
    */
@@ -286,6 +288,7 @@ export interface LogpushJob {
   dataset?:
     | 'access_requests'
     | 'audit_logs'
+    | 'audit_logs_v2'
     | 'biso_user_actions'
     | 'casb_findings'
     | 'device_posture_results'
@@ -311,8 +314,8 @@ export interface LogpushJob {
     | null;
 
   /**
-   * Uniquely identifies a resource (such as an s3 bucket) where data will be pushed.
-   * Additional configuration parameters supported by the destination may be
+   * Uniquely identifies a resource (such as an s3 bucket) where data. will be
+   * pushed. Additional configuration parameters supported by the destination may be
    * included.
    */
   destination_conf?: string;
@@ -323,7 +326,7 @@ export interface LogpushJob {
   enabled?: boolean;
 
   /**
-   * If not null, the job is currently failing. Failures are usually repetitive
+   * If not null, the job is currently failing. Failures are usually. repetitive
    * (example: no permissions to write to destination bucket). Only the last failure
    * is recorded. On successful execution of a job the error_message and last_error
    * are set to null.
@@ -332,7 +335,7 @@ export interface LogpushJob {
 
   /**
    * @deprecated This field is deprecated. Please use `max_upload_*` parameters
-   * instead. The frequency at which Cloudflare sends batches of logs to your
+   * instead. . The frequency at which Cloudflare sends batches of logs to your
    * destination. Setting frequency to high sends your logs in larger quantities of
    * smaller files. Setting frequency to low sends logs in smaller quantities of
    * larger files.
@@ -354,9 +357,9 @@ export interface LogpushJob {
   last_complete?: string | null;
 
   /**
-   * Records the last time the job failed. If not null, the job is currently failing.
-   * If null, the job has either never failed or has run successfully at least once
-   * since last failure. See also the error_message field.
+   * Records the last time the job failed. If not null, the job is currently.
+   * failing. If null, the job has either never failed or has run successfully at
+   * least once since last failure. See also the error_message field.
    */
   last_error?: string | null;
 
@@ -375,7 +378,7 @@ export interface LogpushJob {
    * minimum file size; this means that log files may be much smaller than this batch
    * size.
    */
-  max_upload_bytes?: 0 | unknown | null;
+  max_upload_bytes?: 0 | number | null;
 
   /**
    * The maximum interval in seconds for log batches. This setting must be between 30
@@ -383,7 +386,7 @@ export interface LogpushJob {
    * a minimum interval for log batches; this means that log files may be sent in
    * shorter intervals than this.
    */
-  max_upload_interval_seconds?: 0 | unknown | null;
+  max_upload_interval_seconds?: 0 | number | null;
 
   /**
    * The maximum number of log lines per batch. This setting must be between 1000 and
@@ -391,10 +394,10 @@ export interface LogpushJob {
    * number of log lines per batch; this means that log files may contain many fewer
    * lines than this.
    */
-  max_upload_records?: 0 | unknown | null;
+  max_upload_records?: 0 | number | null;
 
   /**
-   * Optional human readable job name. Not unique. Cloudflare suggests that you set
+   * Optional human readable job name. Not unique. Cloudflare suggests. that you set
    * this to a meaningful string, like the domain name, to make it easier to identify
    * your job.
    */
@@ -568,7 +571,7 @@ export interface JobDeleteResponse {
 
 export interface JobCreateParams {
   /**
-   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data
+   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data.
    * will be pushed. Additional configuration parameters supported by the destination
    * may be included.
    */
@@ -594,6 +597,7 @@ export interface JobCreateParams {
   dataset?:
     | 'access_requests'
     | 'audit_logs'
+    | 'audit_logs_v2'
     | 'biso_user_actions'
     | 'casb_findings'
     | 'device_posture_results'
@@ -632,7 +636,7 @@ export interface JobCreateParams {
 
   /**
    * @deprecated Body param: This field is deprecated. Please use `max_upload_*`
-   * parameters instead. The frequency at which Cloudflare sends batches of logs to
+   * parameters instead. . The frequency at which Cloudflare sends batches of logs to
    * your destination. Setting frequency to high sends your logs in larger quantities
    * of smaller files. Setting frequency to low sends logs in smaller quantities of
    * larger files.
@@ -660,7 +664,7 @@ export interface JobCreateParams {
    * cannot set a minimum file size; this means that log files may be much smaller
    * than this batch size.
    */
-  max_upload_bytes?: 0 | unknown | null;
+  max_upload_bytes?: 0 | number | null;
 
   /**
    * Body param: The maximum interval in seconds for log batches. This setting must
@@ -668,7 +672,7 @@ export interface JobCreateParams {
    * cannot specify a minimum interval for log batches; this means that log files may
    * be sent in shorter intervals than this.
    */
-  max_upload_interval_seconds?: 0 | unknown | null;
+  max_upload_interval_seconds?: 0 | number | null;
 
   /**
    * Body param: The maximum number of log lines per batch. This setting must be
@@ -676,10 +680,10 @@ export interface JobCreateParams {
    * specify a minimum number of log lines per batch; this means that log files may
    * contain many fewer lines than this.
    */
-  max_upload_records?: 0 | unknown | null;
+  max_upload_records?: 0 | number | null;
 
   /**
-   * Body param: Optional human readable job name. Not unique. Cloudflare suggests
+   * Body param: Optional human readable job name. Not unique. Cloudflare suggests.
    * that you set this to a meaningful string, like the domain name, to make it
    * easier to identify your job.
    */
@@ -711,7 +715,7 @@ export interface JobUpdateParams {
   zone_id?: string;
 
   /**
-   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data
+   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data.
    * will be pushed. Additional configuration parameters supported by the destination
    * may be included.
    */
@@ -731,7 +735,7 @@ export interface JobUpdateParams {
 
   /**
    * @deprecated Body param: This field is deprecated. Please use `max_upload_*`
-   * parameters instead. The frequency at which Cloudflare sends batches of logs to
+   * parameters instead. . The frequency at which Cloudflare sends batches of logs to
    * your destination. Setting frequency to high sends your logs in larger quantities
    * of smaller files. Setting frequency to low sends logs in smaller quantities of
    * larger files.
@@ -759,7 +763,7 @@ export interface JobUpdateParams {
    * cannot set a minimum file size; this means that log files may be much smaller
    * than this batch size.
    */
-  max_upload_bytes?: 0 | unknown | null;
+  max_upload_bytes?: 0 | number | null;
 
   /**
    * Body param: The maximum interval in seconds for log batches. This setting must
@@ -767,7 +771,7 @@ export interface JobUpdateParams {
    * cannot specify a minimum interval for log batches; this means that log files may
    * be sent in shorter intervals than this.
    */
-  max_upload_interval_seconds?: 0 | unknown | null;
+  max_upload_interval_seconds?: 0 | number | null;
 
   /**
    * Body param: The maximum number of log lines per batch. This setting must be
@@ -775,10 +779,10 @@ export interface JobUpdateParams {
    * specify a minimum number of log lines per batch; this means that log files may
    * contain many fewer lines than this.
    */
-  max_upload_records?: 0 | unknown | null;
+  max_upload_records?: 0 | number | null;
 
   /**
-   * Body param: Optional human readable job name. Not unique. Cloudflare suggests
+   * Body param: Optional human readable job name. Not unique. Cloudflare suggests.
    * that you set this to a meaningful string, like the domain name, to make it
    * easier to identify your job.
    */
diff --git a/src/resources/logpush/ownership.ts b/src/resources/logpush/ownership.ts
index b7281f9514..2bff2f6744 100644
--- a/src/resources/logpush/ownership.ts
+++ b/src/resources/logpush/ownership.ts
@@ -102,7 +102,7 @@ export interface OwnershipCreateResponse {
 
 export interface OwnershipCreateParams {
   /**
-   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data
+   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data.
    * will be pushed. Additional configuration parameters supported by the destination
    * may be included.
    */
@@ -123,7 +123,7 @@ export interface OwnershipCreateParams {
 
 export interface OwnershipValidateParams {
   /**
-   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data
+   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data.
    * will be pushed. Additional configuration parameters supported by the destination
    * may be included.
    */
diff --git a/src/resources/logpush/validate.ts b/src/resources/logpush/validate.ts
index f3fa9c7e6d..c96f7480c0 100644
--- a/src/resources/logpush/validate.ts
+++ b/src/resources/logpush/validate.ts
@@ -146,7 +146,7 @@ export interface ValidateOriginResponse {
 
 export interface ValidateDestinationParams {
   /**
-   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data
+   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data.
    * will be pushed. Additional configuration parameters supported by the destination
    * may be included.
    */
@@ -167,7 +167,7 @@ export interface ValidateDestinationParams {
 
 export interface ValidateDestinationExistsParams {
   /**
-   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data
+   * Body param: Uniquely identifies a resource (such as an s3 bucket) where data.
    * will be pushed. Additional configuration parameters supported by the destination
    * may be included.
    */
diff --git a/src/resources/magic-transit/cf-interconnects.ts b/src/resources/magic-transit/cf-interconnects.ts
index 0bed94719d..3d365e8f1e 100644
--- a/src/resources/magic-transit/cf-interconnects.ts
+++ b/src/resources/magic-transit/cf-interconnects.ts
@@ -175,6 +175,14 @@ export namespace CfInterconnectUpdateResponse {
      */
     interface_address?: string;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -246,6 +254,14 @@ export namespace CfInterconnectListResponse {
      */
     interface_address?: string;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -319,6 +335,14 @@ export namespace CfInterconnectBulkUpdateResponse {
      */
     interface_address?: string;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -390,6 +414,14 @@ export namespace CfInterconnectGetResponse {
      */
     interface_address?: string;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -449,6 +481,14 @@ export interface CfInterconnectUpdateParams {
    */
   interface_address?: string;
 
+  /**
+   * Body param: A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space
+   * with the address being the first IP of the subnet and not same as the address of
+   * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+   * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+   */
+  interface_address6?: string;
+
   /**
    * Body param: The Maximum Transmission Unit (MTU) in bytes for the interconnect.
    * The minimum value is 576.
diff --git a/src/resources/magic-transit/connectors/events/events.ts b/src/resources/magic-transit/connectors/events/events.ts
index d3a34e8bb1..6e1b1201dd 100644
--- a/src/resources/magic-transit/connectors/events/events.ts
+++ b/src/resources/magic-transit/connectors/events/events.ts
@@ -274,6 +274,11 @@ export interface EventListParams {
    */
   cursor?: string;
 
+  /**
+   * Query param: Filter by event kind
+   */
+  k?: string;
+
   /**
    * Query param:
    */
diff --git a/src/resources/magic-transit/gre-tunnels.ts b/src/resources/magic-transit/gre-tunnels.ts
index 69212eb74a..b1472863d2 100644
--- a/src/resources/magic-transit/gre-tunnels.ts
+++ b/src/resources/magic-transit/gre-tunnels.ts
@@ -241,6 +241,14 @@ export interface GRETunnelCreateResponse {
 
   health_check?: GRETunnelCreateResponse.HealthCheck;
 
+  /**
+   * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+   * address being the first IP of the subnet and not same as the address of
+   * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+   * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+   */
+  interface_address6?: string;
+
   /**
    * The date and time the tunnel was last modified.
    */
@@ -368,6 +376,14 @@ export namespace GRETunnelUpdateResponse {
 
     health_check?: ModifiedGRETunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -494,6 +510,14 @@ export namespace GRETunnelListResponse {
 
     health_check?: GRETunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -622,6 +646,14 @@ export namespace GRETunnelDeleteResponse {
 
     health_check?: DeletedGRETunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -750,6 +782,14 @@ export namespace GRETunnelBulkUpdateResponse {
 
     health_check?: ModifiedGRETunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -876,6 +916,14 @@ export namespace GRETunnelGetResponse {
 
     health_check?: GRETunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -996,6 +1044,14 @@ export interface GRETunnelCreateParams {
    */
   health_check?: GRETunnelCreateParams.HealthCheck;
 
+  /**
+   * Body param: A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space
+   * with the address being the first IP of the subnet and not same as the address of
+   * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+   * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+   */
+  interface_address6?: string;
+
   /**
    * Body param: Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The
    * minimum value is 576.
@@ -1109,6 +1165,14 @@ export interface GRETunnelUpdateParams {
    */
   health_check?: GRETunnelUpdateParams.HealthCheck;
 
+  /**
+   * Body param: A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space
+   * with the address being the first IP of the subnet and not same as the address of
+   * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+   * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+   */
+  interface_address6?: string;
+
   /**
    * Body param: Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The
    * minimum value is 576.
diff --git a/src/resources/magic-transit/ipsec-tunnels.ts b/src/resources/magic-transit/ipsec-tunnels.ts
index f7a9f4e477..19b172deb7 100644
--- a/src/resources/magic-transit/ipsec-tunnels.ts
+++ b/src/resources/magic-transit/ipsec-tunnels.ts
@@ -297,6 +297,14 @@ export interface IPSECTunnelCreateResponse {
 
   health_check?: IPSECTunnelCreateResponse.HealthCheck;
 
+  /**
+   * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+   * address being the first IP of the subnet and not same as the address of
+   * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+   * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+   */
+  interface_address6?: string;
+
   /**
    * The date and time the tunnel was last modified.
    */
@@ -430,6 +438,14 @@ export namespace IPSECTunnelUpdateResponse {
 
     health_check?: ModifiedIPSECTunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -562,6 +578,14 @@ export namespace IPSECTunnelListResponse {
 
     health_check?: IPSECTunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -696,6 +720,14 @@ export namespace IPSECTunnelDeleteResponse {
 
     health_check?: DeletedIPSECTunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -830,6 +862,14 @@ export namespace IPSECTunnelBulkUpdateResponse {
 
     health_check?: ModifiedIPSECTunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -962,6 +1002,14 @@ export namespace IPSECTunnelGetResponse {
 
     health_check?: IPSECTunnel.HealthCheck;
 
+    /**
+     * A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the
+     * address being the first IP of the subnet and not same as the address of
+     * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+     * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+     */
+    interface_address6?: string;
+
     /**
      * The date and time the tunnel was last modified.
      */
@@ -1099,6 +1147,14 @@ export interface IPSECTunnelCreateParams {
    */
   health_check?: IPSECTunnelCreateParams.HealthCheck;
 
+  /**
+   * Body param: A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space
+   * with the address being the first IP of the subnet and not same as the address of
+   * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+   * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+   */
+  interface_address6?: string;
+
   /**
    * Body param: A randomly generated or provided string for use in the IPsec tunnel.
    */
@@ -1212,6 +1268,14 @@ export interface IPSECTunnelUpdateParams {
    */
   health_check?: IPSECTunnelUpdateParams.HealthCheck;
 
+  /**
+   * Body param: A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space
+   * with the address being the first IP of the subnet and not same as the address of
+   * virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 ,
+   * interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127
+   */
+  interface_address6?: string;
+
   /**
    * Body param: A randomly generated or provided string for use in the IPsec tunnel.
    */
diff --git a/src/resources/network-interconnects/interconnects.ts b/src/resources/network-interconnects/interconnects.ts
index 5a041c2d04..0ba927420e 100644
--- a/src/resources/network-interconnects/interconnects.ts
+++ b/src/resources/network-interconnects/interconnects.ts
@@ -174,6 +174,11 @@ export namespace InterconnectCreateResponse {
     type: string;
 
     owner?: string;
+
+    /**
+     * Bandwidth structure as visible through the customer-facing API.
+     */
+    speed?: '50M' | '100M' | '200M' | '300M' | '400M' | '500M' | '1G' | '2G' | '5G' | '10G' | '20G' | '50G';
   }
 }
 
@@ -226,6 +231,11 @@ export namespace InterconnectListResponse {
     type: string;
 
     owner?: string;
+
+    /**
+     * Bandwidth structure as visible through the customer-facing API.
+     */
+    speed?: '50M' | '100M' | '200M' | '300M' | '400M' | '500M' | '1G' | '2G' | '5G' | '10G' | '20G' | '50G';
   }
 }
 
@@ -273,6 +283,11 @@ export namespace InterconnectGetResponse {
     type: string;
 
     owner?: string;
+
+    /**
+     * Bandwidth structure as visible through the customer-facing API.
+     */
+    speed?: '50M' | '100M' | '200M' | '300M' | '400M' | '500M' | '1G' | '2G' | '5G' | '10G' | '20G' | '50G';
   }
 }
 
diff --git a/src/resources/queues/consumers.ts b/src/resources/queues/consumers.ts
index 8578505f6b..43eae71410 100644
--- a/src/resources/queues/consumers.ts
+++ b/src/resources/queues/consumers.ts
@@ -58,6 +58,33 @@ export class Consumers extends APIResource {
     )._thenUnwrap((obj) => obj.result);
   }
 
+  /**
+   * Returns the consumers for a Queue
+   *
+   * @example
+   * ```ts
+   * // Automatically fetches more pages as needed.
+   * for await (const consumer of client.queues.consumers.list(
+   *   '023e105f4ecef8ad9ca31a8372d0c353',
+   *   { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+   * )) {
+   *   // ...
+   * }
+   * ```
+   */
+  list(
+    queueId: string,
+    params: ConsumerListParams,
+    options?: Core.RequestOptions,
+  ): Core.PagePromise<ConsumersSinglePage, Consumer> {
+    const { account_id } = params;
+    return this._client.getAPIList(
+      `/accounts/${account_id}/queues/${queueId}/consumers`,
+      ConsumersSinglePage,
+      options,
+    );
+  }
+
   /**
    * Deletes the consumer for a queue.
    *
@@ -81,30 +108,30 @@ export class Consumers extends APIResource {
   }
 
   /**
-   * Returns the consumers for a Queue
+   * Fetches the consumer for a queue by consumer id
    *
    * @example
    * ```ts
-   * // Automatically fetches more pages as needed.
-   * for await (const consumer of client.queues.consumers.get(
+   * const consumer = await client.queues.consumers.get(
+   *   '023e105f4ecef8ad9ca31a8372d0c353',
    *   '023e105f4ecef8ad9ca31a8372d0c353',
    *   { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
-   * )) {
-   *   // ...
-   * }
+   * );
    * ```
    */
   get(
     queueId: string,
+    consumerId: string,
     params: ConsumerGetParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<ConsumersSinglePage, Consumer> {
+  ): Core.APIPromise<Consumer> {
     const { account_id } = params;
-    return this._client.getAPIList(
-      `/accounts/${account_id}/queues/${queueId}/consumers`,
-      ConsumersSinglePage,
-      options,
-    );
+    return (
+      this._client.get(
+        `/accounts/${account_id}/queues/${queueId}/consumers/${consumerId}`,
+        options,
+      ) as Core.APIPromise<{ result: Consumer }>
+    )._thenUnwrap((obj) => obj.result);
   }
 }
 
@@ -450,6 +477,13 @@ export declare namespace ConsumerUpdateParams {
   }
 }
 
+export interface ConsumerListParams {
+  /**
+   * A Resource identifier.
+   */
+  account_id: string;
+}
+
 export interface ConsumerDeleteParams {
   /**
    * A Resource identifier.
@@ -473,6 +507,7 @@ export declare namespace Consumers {
     ConsumersSinglePage as ConsumersSinglePage,
     type ConsumerCreateParams as ConsumerCreateParams,
     type ConsumerUpdateParams as ConsumerUpdateParams,
+    type ConsumerListParams as ConsumerListParams,
     type ConsumerDeleteParams as ConsumerDeleteParams,
     type ConsumerGetParams as ConsumerGetParams,
   };
diff --git a/src/resources/queues/index.ts b/src/resources/queues/index.ts
index 4606015396..31ecb56311 100644
--- a/src/resources/queues/index.ts
+++ b/src/resources/queues/index.ts
@@ -7,6 +7,7 @@ export {
   type ConsumerDeleteResponse,
   type ConsumerCreateParams,
   type ConsumerUpdateParams,
+  type ConsumerListParams,
   type ConsumerDeleteParams,
   type ConsumerGetParams,
 } from './consumers';
diff --git a/src/resources/queues/queues.ts b/src/resources/queues/queues.ts
index 240e61d273..ba46cd701d 100644
--- a/src/resources/queues/queues.ts
+++ b/src/resources/queues/queues.ts
@@ -10,6 +10,7 @@ import {
   ConsumerDeleteParams,
   ConsumerDeleteResponse,
   ConsumerGetParams,
+  ConsumerListParams,
   ConsumerUpdateParams,
   Consumers,
   ConsumersSinglePage,
@@ -352,6 +353,7 @@ export declare namespace Queues {
     ConsumersSinglePage as ConsumersSinglePage,
     type ConsumerCreateParams as ConsumerCreateParams,
     type ConsumerUpdateParams as ConsumerUpdateParams,
+    type ConsumerListParams as ConsumerListParams,
     type ConsumerDeleteParams as ConsumerDeleteParams,
     type ConsumerGetParams as ConsumerGetParams,
   };
diff --git a/src/resources/r2/buckets/domains/custom.ts b/src/resources/r2/buckets/domains/custom.ts
index 76dbcea299..791c3fe9d4 100644
--- a/src/resources/r2/buckets/domains/custom.ts
+++ b/src/resources/r2/buckets/domains/custom.ts
@@ -182,6 +182,12 @@ export interface CustomCreateResponse {
    */
   enabled: boolean;
 
+  /**
+   * An allowlist of ciphers for TLS termination. These ciphers must be in the
+   * BoringSSL format.
+   */
+  ciphers?: Array<string>;
+
   /**
    * Minimum TLS Version the custom domain will accept for incoming connections. If
    * not set, defaults to 1.0.
@@ -195,6 +201,12 @@ export interface CustomUpdateResponse {
    */
   domain: string;
 
+  /**
+   * An allowlist of ciphers for TLS termination. These ciphers must be in the
+   * BoringSSL format.
+   */
+  ciphers?: Array<string>;
+
   /**
    * Whether this bucket is publicly accessible at the specified custom domain.
    */
@@ -225,6 +237,12 @@ export namespace CustomListResponse {
 
     status: Domain.Status;
 
+    /**
+     * An allowlist of ciphers for TLS termination. These ciphers must be in the
+     * BoringSSL format.
+     */
+    ciphers?: Array<string>;
+
     /**
      * Minimum TLS Version the custom domain will accept for incoming connections. If
      * not set, defaults to 1.0.
@@ -277,6 +295,12 @@ export interface CustomGetResponse {
 
   status: CustomGetResponse.Status;
 
+  /**
+   * An allowlist of ciphers for TLS termination. These ciphers must be in the
+   * BoringSSL format.
+   */
+  ciphers?: Array<string>;
+
   /**
    * Minimum TLS Version the custom domain will accept for incoming connections. If
    * not set, defaults to 1.0.
@@ -330,6 +354,12 @@ export interface CustomCreateParams {
    */
   zoneId: string;
 
+  /**
+   * Body param: An allowlist of ciphers for TLS termination. These ciphers must be
+   * in the BoringSSL format.
+   */
+  ciphers?: Array<string>;
+
   /**
    * Body param: Minimum TLS Version the custom domain will accept for incoming
    * connections. If not set, defaults to 1.0.
@@ -349,6 +379,12 @@ export interface CustomUpdateParams {
    */
   account_id: string;
 
+  /**
+   * Body param: An allowlist of ciphers for TLS termination. These ciphers must be
+   * in the BoringSSL format.
+   */
+  ciphers?: Array<string>;
+
   /**
    * Body param: Whether to enable public bucket access at the specified custom
    * domain.
diff --git a/src/resources/radar/ai/ai.ts b/src/resources/radar/ai/ai.ts
index 6ba8476430..c4830c1214 100755
--- a/src/resources/radar/ai/ai.ts
+++ b/src/resources/radar/ai/ai.ts
@@ -3,6 +3,12 @@
 import { APIResource } from '../../../resource';
 import * as TimeseriesGroupsAPI from './timeseries-groups';
 import {
+  TimeseriesGroupSummaryParams,
+  TimeseriesGroupSummaryResponse,
+  TimeseriesGroupTimeseriesGroupsParams,
+  TimeseriesGroupTimeseriesGroupsResponse,
+  TimeseriesGroupTimeseriesParams,
+  TimeseriesGroupTimeseriesResponse,
   TimeseriesGroupUserAgentParams,
   TimeseriesGroupUserAgentResponse,
   TimeseriesGroups,
@@ -48,7 +54,13 @@ export declare namespace AI {
 
   export {
     TimeseriesGroups as TimeseriesGroups,
+    type TimeseriesGroupSummaryResponse as TimeseriesGroupSummaryResponse,
+    type TimeseriesGroupTimeseriesResponse as TimeseriesGroupTimeseriesResponse,
+    type TimeseriesGroupTimeseriesGroupsResponse as TimeseriesGroupTimeseriesGroupsResponse,
     type TimeseriesGroupUserAgentResponse as TimeseriesGroupUserAgentResponse,
+    type TimeseriesGroupSummaryParams as TimeseriesGroupSummaryParams,
+    type TimeseriesGroupTimeseriesParams as TimeseriesGroupTimeseriesParams,
+    type TimeseriesGroupTimeseriesGroupsParams as TimeseriesGroupTimeseriesGroupsParams,
     type TimeseriesGroupUserAgentParams as TimeseriesGroupUserAgentParams,
   };
 }
diff --git a/src/resources/radar/ai/bots/summary.ts b/src/resources/radar/ai/bots/summary.ts
index 913238870d..75c99603d5 100644
--- a/src/resources/radar/ai/bots/summary.ts
+++ b/src/resources/radar/ai/bots/summary.ts
@@ -8,11 +8,7 @@ export class Summary extends APIResource {
   /**
    * Retrieves the distribution of traffic by AI user agent.
    *
-   * @example
-   * ```ts
-   * const response =
-   *   await client.radar.ai.bots.summary.userAgent();
-   * ```
+   * @deprecated
    */
   userAgent(
     query?: SummaryUserAgentParams,
@@ -48,7 +44,7 @@ export namespace SummaryUserAgentResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/ai/index.ts b/src/resources/radar/ai/index.ts
index a6a9f99c81..d56384a99a 100755
--- a/src/resources/radar/ai/index.ts
+++ b/src/resources/radar/ai/index.ts
@@ -5,7 +5,13 @@ export { Bots } from './bots/index';
 export { Inference } from './inference/index';
 export {
   TimeseriesGroups,
+  type TimeseriesGroupSummaryResponse,
+  type TimeseriesGroupTimeseriesResponse,
+  type TimeseriesGroupTimeseriesGroupsResponse,
   type TimeseriesGroupUserAgentResponse,
+  type TimeseriesGroupSummaryParams,
+  type TimeseriesGroupTimeseriesParams,
+  type TimeseriesGroupTimeseriesGroupsParams,
   type TimeseriesGroupUserAgentParams,
 } from './timeseries-groups';
 export {
diff --git a/src/resources/radar/ai/inference/summary.ts b/src/resources/radar/ai/inference/summary.ts
index d53516af97..e09e6de091 100644
--- a/src/resources/radar/ai/inference/summary.ts
+++ b/src/resources/radar/ai/inference/summary.ts
@@ -70,7 +70,7 @@ export namespace SummaryModelResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -167,7 +167,7 @@ export namespace SummaryTaskResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/ai/timeseries-groups.ts b/src/resources/radar/ai/timeseries-groups.ts
index 938c8980f2..1dc92a1590 100644
--- a/src/resources/radar/ai/timeseries-groups.ts
+++ b/src/resources/radar/ai/timeseries-groups.ts
@@ -6,14 +6,111 @@ import * as Core from '../../../core';
 
 export class TimeseriesGroups extends APIResource {
   /**
-   * Retrieves the distribution of traffic by AI user agent over time.
+   * Retrieves an aggregated summary of AI bots HTTP requests grouped by the
+   * specified dimension.
+   *
+   * @example
+   * ```ts
+   * const response =
+   *   await client.radar.ai.timeseriesGroups.summary(
+   *     'USER_AGENT',
+   *   );
+   * ```
+   */
+  summary(
+    dimension: 'USER_AGENT' | 'CRAWL_PURPOSE',
+    query?: TimeseriesGroupSummaryParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<TimeseriesGroupSummaryResponse>;
+  summary(
+    dimension: 'USER_AGENT' | 'CRAWL_PURPOSE',
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<TimeseriesGroupSummaryResponse>;
+  summary(
+    dimension: 'USER_AGENT' | 'CRAWL_PURPOSE',
+    query: TimeseriesGroupSummaryParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<TimeseriesGroupSummaryResponse> {
+    if (isRequestOptions(query)) {
+      return this.summary(dimension, {}, query);
+    }
+    return (
+      this._client.get(`/radar/ai/bots/summary/${dimension}`, { query, ...options }) as Core.APIPromise<{
+        result: TimeseriesGroupSummaryResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Retrieves AI bots HTTP request volume over time.
+   *
+   * @example
+   * ```ts
+   * const response =
+   *   await client.radar.ai.timeseriesGroups.timeseries();
+   * ```
+   */
+  timeseries(
+    query?: TimeseriesGroupTimeseriesParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<TimeseriesGroupTimeseriesResponse>;
+  timeseries(options?: Core.RequestOptions): Core.APIPromise<TimeseriesGroupTimeseriesResponse>;
+  timeseries(
+    query: TimeseriesGroupTimeseriesParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<TimeseriesGroupTimeseriesResponse> {
+    if (isRequestOptions(query)) {
+      return this.timeseries({}, query);
+    }
+    return (
+      this._client.get('/radar/ai/bots/timeseries', { query, ...options }) as Core.APIPromise<{
+        result: TimeseriesGroupTimeseriesResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Retrieves the distribution of HTTP requests from AI bots, grouped by chosen the
+   * specified dimension over time.
    *
    * @example
    * ```ts
    * const response =
-   *   await client.radar.ai.timeseriesGroups.userAgent();
+   *   await client.radar.ai.timeseriesGroups.timeseriesGroups(
+   *     'USER_AGENT',
+   *   );
    * ```
    */
+  timeseriesGroups(
+    dimension: 'USER_AGENT' | 'CRAWL_PURPOSE',
+    query?: TimeseriesGroupTimeseriesGroupsParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<TimeseriesGroupTimeseriesGroupsResponse>;
+  timeseriesGroups(
+    dimension: 'USER_AGENT' | 'CRAWL_PURPOSE',
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<TimeseriesGroupTimeseriesGroupsResponse>;
+  timeseriesGroups(
+    dimension: 'USER_AGENT' | 'CRAWL_PURPOSE',
+    query: TimeseriesGroupTimeseriesGroupsParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<TimeseriesGroupTimeseriesGroupsResponse> {
+    if (isRequestOptions(query)) {
+      return this.timeseriesGroups(dimension, {}, query);
+    }
+    return (
+      this._client.get(`/radar/ai/bots/timeseries_groups/${dimension}`, {
+        query,
+        ...options,
+      }) as Core.APIPromise<{ result: TimeseriesGroupTimeseriesGroupsResponse }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Retrieves the distribution of traffic by AI user agent over time.
+   *
+   * @deprecated
+   */
   userAgent(
     query?: TimeseriesGroupUserAgentParams,
     options?: Core.RequestOptions,
@@ -35,16 +132,226 @@ export class TimeseriesGroups extends APIResource {
   }
 }
 
-export interface TimeseriesGroupUserAgentResponse {
+export interface TimeseriesGroupSummaryResponse {
   /**
    * Metadata for the results.
    */
-  meta: TimeseriesGroupUserAgentResponse.Meta;
+  meta: TimeseriesGroupSummaryResponse.Meta;
 
-  serie_0: TimeseriesGroupUserAgentResponse.Serie0;
+  summary_0: { [key: string]: string };
 }
 
-export namespace TimeseriesGroupUserAgentResponse {
+export namespace TimeseriesGroupSummaryResponse {
+  /**
+   * Metadata for the results.
+   */
+  export interface Meta {
+    confidenceInfo: Meta.ConfidenceInfo;
+
+    dateRange: Array<Meta.DateRange>;
+
+    /**
+     * Timestamp of the last dataset update.
+     */
+    lastUpdated: string;
+
+    /**
+     * Normalization method applied to the results. Refer to
+     * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+     */
+    normalization:
+      | 'PERCENTAGE'
+      | 'MIN0_MAX'
+      | 'MIN_MAX'
+      | 'RAW_VALUES'
+      | 'PERCENTAGE_CHANGE'
+      | 'ROLLING_AVERAGE'
+      | 'OVERLAPPED_PERCENTAGE'
+      | 'RATIO';
+
+    /**
+     * Measurement units for the results.
+     */
+    units: Array<Meta.Unit>;
+  }
+
+  export namespace Meta {
+    export interface ConfidenceInfo {
+      annotations: Array<ConfidenceInfo.Annotation>;
+
+      /**
+       * Provides an indication of how much confidence Cloudflare has in the data.
+       */
+      level: number;
+    }
+
+    export namespace ConfidenceInfo {
+      /**
+       * Annotation associated with the result (e.g. outage or other type of event).
+       */
+      export interface Annotation {
+        dataSource: string;
+
+        description: string;
+
+        endDate: string;
+
+        eventType: string;
+
+        /**
+         * Whether event is a single point in time or a time range.
+         */
+        isInstantaneous: boolean;
+
+        linkedUrl: string;
+
+        startDate: string;
+      }
+    }
+
+    export interface DateRange {
+      /**
+       * Adjusted end of date range.
+       */
+      endTime: string;
+
+      /**
+       * Adjusted start of date range.
+       */
+      startTime: string;
+    }
+
+    export interface Unit {
+      name: string;
+
+      value: string;
+    }
+  }
+}
+
+export interface TimeseriesGroupTimeseriesResponse {
+  /**
+   * Metadata for the results.
+   */
+  meta: TimeseriesGroupTimeseriesResponse.Meta;
+
+  [k: string]:
+    | TimeseriesGroupTimeseriesResponse.unnamed_schema_ref_75bae70cf28e6bcef364b9840db3bdeb
+    | TimeseriesGroupTimeseriesResponse.Meta
+    | undefined;
+}
+
+export namespace TimeseriesGroupTimeseriesResponse {
+  /**
+   * Metadata for the results.
+   */
+  export interface Meta {
+    /**
+     * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
+     * Refer to
+     * [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/).
+     */
+    aggInterval: 'FIFTEEN_MINUTES' | 'ONE_HOUR' | 'ONE_DAY' | 'ONE_WEEK' | 'ONE_MONTH';
+
+    confidenceInfo: Meta.ConfidenceInfo;
+
+    dateRange: Array<Meta.DateRange>;
+
+    /**
+     * Timestamp of the last dataset update.
+     */
+    lastUpdated: string;
+
+    /**
+     * Normalization method applied to the results. Refer to
+     * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+     */
+    normalization:
+      | 'PERCENTAGE'
+      | 'MIN0_MAX'
+      | 'MIN_MAX'
+      | 'RAW_VALUES'
+      | 'PERCENTAGE_CHANGE'
+      | 'ROLLING_AVERAGE'
+      | 'OVERLAPPED_PERCENTAGE'
+      | 'RATIO';
+
+    /**
+     * Measurement units for the results.
+     */
+    units: Array<Meta.Unit>;
+  }
+
+  export namespace Meta {
+    export interface ConfidenceInfo {
+      annotations: Array<ConfidenceInfo.Annotation>;
+
+      /**
+       * Provides an indication of how much confidence Cloudflare has in the data.
+       */
+      level: number;
+    }
+
+    export namespace ConfidenceInfo {
+      /**
+       * Annotation associated with the result (e.g. outage or other type of event).
+       */
+      export interface Annotation {
+        dataSource: string;
+
+        description: string;
+
+        endDate: string;
+
+        eventType: string;
+
+        /**
+         * Whether event is a single point in time or a time range.
+         */
+        isInstantaneous: boolean;
+
+        linkedUrl: string;
+
+        startDate: string;
+      }
+    }
+
+    export interface DateRange {
+      /**
+       * Adjusted end of date range.
+       */
+      endTime: string;
+
+      /**
+       * Adjusted start of date range.
+       */
+      startTime: string;
+    }
+
+    export interface Unit {
+      name: string;
+
+      value: string;
+    }
+  }
+
+  export interface unnamed_schema_ref_75bae70cf28e6bcef364b9840db3bdeb {
+    timestamps: Array<string>;
+
+    values: Array<string>;
+  }
+}
+
+export interface TimeseriesGroupTimeseriesGroupsResponse {
+  /**
+   * Metadata for the results.
+   */
+  meta: TimeseriesGroupTimeseriesGroupsResponse.Meta;
+
+  serie_0: TimeseriesGroupTimeseriesGroupsResponse.Serie0;
+}
+
+export namespace TimeseriesGroupTimeseriesGroupsResponse {
   /**
    * Metadata for the results.
    */
@@ -145,6 +452,330 @@ export namespace TimeseriesGroupUserAgentResponse {
   }
 }
 
+export interface TimeseriesGroupUserAgentResponse {
+  /**
+   * Metadata for the results.
+   */
+  meta: TimeseriesGroupUserAgentResponse.Meta;
+
+  serie_0: TimeseriesGroupUserAgentResponse.Serie0;
+}
+
+export namespace TimeseriesGroupUserAgentResponse {
+  /**
+   * Metadata for the results.
+   */
+  export interface Meta {
+    /**
+     * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
+     * Refer to
+     * [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/).
+     */
+    aggInterval: 'FIFTEEN_MINUTES' | 'ONE_HOUR' | 'ONE_DAY' | 'ONE_WEEK' | 'ONE_MONTH';
+
+    confidenceInfo: Meta.ConfidenceInfo;
+
+    dateRange: Array<Meta.DateRange>;
+
+    /**
+     * Timestamp of the last dataset update.
+     */
+    lastUpdated: string;
+
+    /**
+     * Normalization method applied to the results. Refer to
+     * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+     */
+    normalization:
+      | 'PERCENTAGE'
+      | 'MIN0_MAX'
+      | 'MIN_MAX'
+      | 'RAW_VALUES'
+      | 'PERCENTAGE_CHANGE'
+      | 'ROLLING_AVERAGE'
+      | 'OVERLAPPED_PERCENTAGE'
+      | 'RATIO';
+
+    /**
+     * Measurement units for the results.
+     */
+    units: Array<Meta.Unit>;
+  }
+
+  export namespace Meta {
+    export interface ConfidenceInfo {
+      annotations: Array<ConfidenceInfo.Annotation>;
+
+      /**
+       * Provides an indication of how much confidence Cloudflare has in the data.
+       */
+      level: number;
+    }
+
+    export namespace ConfidenceInfo {
+      /**
+       * Annotation associated with the result (e.g. outage or other type of event).
+       */
+      export interface Annotation {
+        dataSource: string;
+
+        description: string;
+
+        endDate: string;
+
+        eventType: string;
+
+        /**
+         * Whether event is a single point in time or a time range.
+         */
+        isInstantaneous: boolean;
+
+        linkedUrl: string;
+
+        startDate: string;
+      }
+    }
+
+    export interface DateRange {
+      /**
+       * Adjusted end of date range.
+       */
+      endTime: string;
+
+      /**
+       * Adjusted start of date range.
+       */
+      startTime: string;
+    }
+
+    export interface Unit {
+      name: string;
+
+      value: string;
+    }
+  }
+
+  export interface Serie0 {
+    timestamps: Array<string>;
+
+    [k: string]: Array<string> | Array<string> | undefined;
+  }
+}
+
+export interface TimeseriesGroupSummaryParams {
+  /**
+   * Filters results by Autonomous System. Specify one or more Autonomous System
+   * Numbers (ASNs) as a comma-separated list. Prefix with `-` to exclude ASNs from
+   * results. For example, `-174, 3356` excludes results from AS174, but includes
+   * results from AS3356.
+   */
+  asn?: Array<string>;
+
+  /**
+   * Filters results by continent. Specify a comma-separated list of alpha-2 codes.
+   * Prefix with `-` to exclude continents from results. For example, `-EU,NA`
+   * excludes results from EU, but includes results from NA.
+   */
+  continent?: Array<string>;
+
+  /**
+   * Filters results by bot crawl purpose.
+   */
+  crawlPurpose?: Array<string>;
+
+  /**
+   * End of the date range (inclusive).
+   */
+  dateEnd?: Array<string>;
+
+  /**
+   * Filters results by date range. For example, use `7d` and `7dcontrol` to compare
+   * this week with the previous week. Use this parameter or set specific start and
+   * end dates (`dateStart` and `dateEnd` parameters).
+   */
+  dateRange?: Array<string>;
+
+  /**
+   * Start of the date range.
+   */
+  dateStart?: Array<string>;
+
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+
+  /**
+   * Limits the number of objects per group to the top items within the specified
+   * time range. When item count exceeds the limit, extra items appear grouped under
+   * an "other" category.
+   */
+  limitPerGroup?: number;
+
+  /**
+   * Filters results by location. Specify a comma-separated list of alpha-2 codes.
+   * Prefix with `-` to exclude locations from results. For example, `-US,PT`
+   * excludes results from the US, but includes results from PT.
+   */
+  location?: Array<string>;
+
+  /**
+   * Array of names used to label the series in the response.
+   */
+  name?: Array<string>;
+}
+
+export interface TimeseriesGroupTimeseriesParams {
+  /**
+   * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
+   * Refer to
+   * [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/).
+   */
+  aggInterval?: '15m' | '1h' | '1d' | '1w';
+
+  /**
+   * Filters results by Autonomous System. Specify one or more Autonomous System
+   * Numbers (ASNs) as a comma-separated list. Prefix with `-` to exclude ASNs from
+   * results. For example, `-174, 3356` excludes results from AS174, but includes
+   * results from AS3356.
+   */
+  asn?: Array<string>;
+
+  /**
+   * Filters results by continent. Specify a comma-separated list of alpha-2 codes.
+   * Prefix with `-` to exclude continents from results. For example, `-EU,NA`
+   * excludes results from EU, but includes results from NA.
+   */
+  continent?: Array<string>;
+
+  /**
+   * Filters results by bot crawl purpose.
+   */
+  crawlPurpose?: Array<string>;
+
+  /**
+   * End of the date range (inclusive).
+   */
+  dateEnd?: Array<string>;
+
+  /**
+   * Filters results by date range. For example, use `7d` and `7dcontrol` to compare
+   * this week with the previous week. Use this parameter or set specific start and
+   * end dates (`dateStart` and `dateEnd` parameters).
+   */
+  dateRange?: Array<string>;
+
+  /**
+   * Start of the date range.
+   */
+  dateStart?: Array<string>;
+
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+
+  /**
+   * Limits the number of objects per group to the top items within the specified
+   * time range. When item count exceeds the limit, extra items appear grouped under
+   * an "other" category.
+   */
+  limitPerGroup?: number;
+
+  /**
+   * Filters results by location. Specify a comma-separated list of alpha-2 codes.
+   * Prefix with `-` to exclude locations from results. For example, `-US,PT`
+   * excludes results from the US, but includes results from PT.
+   */
+  location?: Array<string>;
+
+  /**
+   * Array of names used to label the series in the response.
+   */
+  name?: Array<string>;
+
+  /**
+   * Filters results by user agent.
+   */
+  userAgent?: Array<string>;
+}
+
+export interface TimeseriesGroupTimeseriesGroupsParams {
+  /**
+   * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
+   * Refer to
+   * [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/).
+   */
+  aggInterval?: '15m' | '1h' | '1d' | '1w';
+
+  /**
+   * Filters results by Autonomous System. Specify one or more Autonomous System
+   * Numbers (ASNs) as a comma-separated list. Prefix with `-` to exclude ASNs from
+   * results. For example, `-174, 3356` excludes results from AS174, but includes
+   * results from AS3356.
+   */
+  asn?: Array<string>;
+
+  /**
+   * Filters results by continent. Specify a comma-separated list of alpha-2 codes.
+   * Prefix with `-` to exclude continents from results. For example, `-EU,NA`
+   * excludes results from EU, but includes results from NA.
+   */
+  continent?: Array<string>;
+
+  /**
+   * Filters results by bot crawl purpose.
+   */
+  crawlPurpose?: Array<string>;
+
+  /**
+   * End of the date range (inclusive).
+   */
+  dateEnd?: Array<string>;
+
+  /**
+   * Filters results by date range. For example, use `7d` and `7dcontrol` to compare
+   * this week with the previous week. Use this parameter or set specific start and
+   * end dates (`dateStart` and `dateEnd` parameters).
+   */
+  dateRange?: Array<string>;
+
+  /**
+   * Start of the date range.
+   */
+  dateStart?: Array<string>;
+
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+
+  /**
+   * Limits the number of objects per group to the top items within the specified
+   * time range. When item count exceeds the limit, extra items appear grouped under
+   * an "other" category.
+   */
+  limitPerGroup?: number;
+
+  /**
+   * Filters results by location. Specify a comma-separated list of alpha-2 codes.
+   * Prefix with `-` to exclude locations from results. For example, `-US,PT`
+   * excludes results from the US, but includes results from PT.
+   */
+  location?: Array<string>;
+
+  /**
+   * Array of names used to label the series in the response.
+   */
+  name?: Array<string>;
+
+  /**
+   * Normalization method applied to the results. Refer to
+   * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+   */
+  normalization?: 'PERCENTAGE_CHANGE' | 'MIN0_MAX';
+}
+
 export interface TimeseriesGroupUserAgentParams {
   /**
    * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
@@ -212,7 +843,13 @@ export interface TimeseriesGroupUserAgentParams {
 
 export declare namespace TimeseriesGroups {
   export {
+    type TimeseriesGroupSummaryResponse as TimeseriesGroupSummaryResponse,
+    type TimeseriesGroupTimeseriesResponse as TimeseriesGroupTimeseriesResponse,
+    type TimeseriesGroupTimeseriesGroupsResponse as TimeseriesGroupTimeseriesGroupsResponse,
     type TimeseriesGroupUserAgentResponse as TimeseriesGroupUserAgentResponse,
+    type TimeseriesGroupSummaryParams as TimeseriesGroupSummaryParams,
+    type TimeseriesGroupTimeseriesParams as TimeseriesGroupTimeseriesParams,
+    type TimeseriesGroupTimeseriesGroupsParams as TimeseriesGroupTimeseriesGroupsParams,
     type TimeseriesGroupUserAgentParams as TimeseriesGroupUserAgentParams,
   };
 }
diff --git a/src/resources/radar/ai/to-markdown.ts b/src/resources/radar/ai/to-markdown.ts
index 045a3212b9..1da4decd3e 100644
--- a/src/resources/radar/ai/to-markdown.ts
+++ b/src/resources/radar/ai/to-markdown.ts
@@ -13,22 +13,24 @@ export class ToMarkdown extends APIResource {
    * ```ts
    * // Automatically fetches more pages as needed.
    * for await (const toMarkdownCreateResponse of client.radar.ai.toMarkdown.create(
-   *   { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+   *   fs.createReadStream('path/to/file'),
+   *   fs.createReadStream('path/to/file'),
    * )) {
    *   // ...
    * }
    * ```
    */
   create(
+    body: string | ArrayBufferView | ArrayBuffer | BlobLike,
     params: ToMarkdownCreateParams,
     options?: Core.RequestOptions,
   ): Core.PagePromise<ToMarkdownCreateResponsesSinglePage, ToMarkdownCreateResponse> {
-    const { account_id, body } = params ?? {};
+    const { account_id } = params ?? {};
     return this._client.getAPIList(
       `/accounts/${account_id}/ai/tomarkdown`,
       ToMarkdownCreateResponsesSinglePage,
       {
-        body: body,
+        body,
         method: 'post',
         ...options,
         headers: { 'Content-Type': 'application/octet-stream', ...options?.headers },
@@ -52,17 +54,7 @@ export interface ToMarkdownCreateResponse {
   tokens: string;
 }
 
-export interface ToMarkdownCreateParams {
-  /**
-   * Path param:
-   */
-  account_id: string;
-
-  /**
-   * Body param:
-   */
-  body?: string | ArrayBufferView | ArrayBuffer | BlobLike;
-}
+export type ToMarkdownCreateParams = string | ArrayBufferView | ArrayBuffer | BlobLike;
 
 ToMarkdown.ToMarkdownCreateResponsesSinglePage = ToMarkdownCreateResponsesSinglePage;
 
diff --git a/src/resources/radar/as112/summary.ts b/src/resources/radar/as112/summary.ts
index 5898de7862..c59fdaeb5a 100644
--- a/src/resources/radar/as112/summary.ts
+++ b/src/resources/radar/as112/summary.ts
@@ -182,7 +182,7 @@ export namespace SummaryDNSSECResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -291,7 +291,7 @@ export namespace SummaryEdnsResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -400,7 +400,7 @@ export namespace SummaryIPVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -509,7 +509,7 @@ export namespace SummaryProtocolResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -628,7 +628,7 @@ export namespace SummaryQueryTypeResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -725,7 +725,7 @@ export namespace SummaryResponseCodesResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/attacks/layer3/summary.ts b/src/resources/radar/attacks/layer3/summary.ts
index 707a682c97..73ed7d7c70 100644
--- a/src/resources/radar/attacks/layer3/summary.ts
+++ b/src/resources/radar/attacks/layer3/summary.ts
@@ -213,7 +213,7 @@ export namespace SummaryBitrateResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -337,7 +337,7 @@ export namespace SummaryDurationResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -466,7 +466,7 @@ export namespace SummaryIndustryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -563,7 +563,7 @@ export namespace SummaryIPVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -672,7 +672,7 @@ export namespace SummaryProtocolResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -791,7 +791,7 @@ export namespace SummaryVectorResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -888,7 +888,7 @@ export namespace SummaryVerticalResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/attacks/layer7/summary.ts b/src/resources/radar/attacks/layer7/summary.ts
index 20c20213b3..4afa3d68d0 100644
--- a/src/resources/radar/attacks/layer7/summary.ts
+++ b/src/resources/radar/attacks/layer7/summary.ts
@@ -220,7 +220,7 @@ export namespace SummaryHTTPMethodResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -317,7 +317,7 @@ export namespace SummaryHTTPVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -422,7 +422,7 @@ export namespace SummaryIndustryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -519,7 +519,7 @@ export namespace SummaryIPVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -622,7 +622,7 @@ export namespace SummaryManagedRulesResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -719,7 +719,7 @@ export namespace SummaryMitigationProductResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -816,7 +816,7 @@ export namespace SummaryVerticalResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/attacks/layer7/top/top.ts b/src/resources/radar/attacks/layer7/top/top.ts
index b51891f4c7..74086112c2 100644
--- a/src/resources/radar/attacks/layer7/top/top.ts
+++ b/src/resources/radar/attacks/layer7/top/top.ts
@@ -469,12 +469,6 @@ export interface TopAttacksParams {
    */
   location?: Array<string>;
 
-  /**
-   * Deprecated parameter. Future support includes only attack magnitude defined by
-   * total mitigated requests (MITIGATED_REQUESTS).
-   */
-  magnitude?: 'AFFECTED_ZONES' | 'MITIGATED_REQUESTS';
-
   /**
    * Filters the results by layer 7 mitigation product.
    */
diff --git a/src/resources/radar/bots/bots.ts b/src/resources/radar/bots/bots.ts
index 140ad5b529..e57861cb13 100644
--- a/src/resources/radar/bots/bots.ts
+++ b/src/resources/radar/bots/bots.ts
@@ -189,6 +189,8 @@ export namespace BotListResponse {
      * A kebab-case identifier derived from the bot name.
      */
     slug: string;
+
+    userAgentPatterns: Array<string>;
   }
 }
 
@@ -248,7 +250,7 @@ export namespace BotSummaryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/bots/web-crawlers.ts b/src/resources/radar/bots/web-crawlers.ts
index d7c9f610a3..d55ac693b1 100644
--- a/src/resources/radar/bots/web-crawlers.ts
+++ b/src/resources/radar/bots/web-crawlers.ts
@@ -92,7 +92,7 @@ export namespace WebCrawlerSummaryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/ct.ts b/src/resources/radar/ct.ts
new file mode 100644
index 0000000000..a1db06bc41
--- /dev/null
+++ b/src/resources/radar/ct.ts
@@ -0,0 +1,3 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+export * from './ct/index';
diff --git a/src/resources/radar/ct/authorities.ts b/src/resources/radar/ct/authorities.ts
new file mode 100644
index 0000000000..1737426fe1
--- /dev/null
+++ b/src/resources/radar/ct/authorities.ts
@@ -0,0 +1,301 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import { APIResource } from '../../../resource';
+import { isRequestOptions } from '../../../core';
+import * as Core from '../../../core';
+
+export class Authorities extends APIResource {
+  /**
+   * Retrieves a list of certificate authorities.
+   *
+   * @example
+   * ```ts
+   * const authorities =
+   *   await client.radar.ct.authorities.list();
+   * ```
+   */
+  list(query?: AuthorityListParams, options?: Core.RequestOptions): Core.APIPromise<AuthorityListResponse>;
+  list(options?: Core.RequestOptions): Core.APIPromise<AuthorityListResponse>;
+  list(
+    query: AuthorityListParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<AuthorityListResponse> {
+    if (isRequestOptions(query)) {
+      return this.list({}, query);
+    }
+    return (
+      this._client.get('/radar/ct/authorities', { query, ...options }) as Core.APIPromise<{
+        result: AuthorityListResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Retrieves the requested CA information.
+   *
+   * @example
+   * ```ts
+   * const authority = await client.radar.ct.authorities.get(
+   *   '24EDD4E503A8D3FDB5FFB4AF66C887359901CBE687A5A0760D10A08EED99A7C3',
+   * );
+   * ```
+   */
+  get(
+    caSlug: string,
+    query?: AuthorityGetParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<AuthorityGetResponse>;
+  get(caSlug: string, options?: Core.RequestOptions): Core.APIPromise<AuthorityGetResponse>;
+  get(
+    caSlug: string,
+    query: AuthorityGetParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<AuthorityGetResponse> {
+    if (isRequestOptions(query)) {
+      return this.get(caSlug, {}, query);
+    }
+    return (
+      this._client.get(`/radar/ct/authorities/${caSlug}`, { query, ...options }) as Core.APIPromise<{
+        result: AuthorityGetResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+}
+
+export interface AuthorityListResponse {
+  certificateAuthorities: Array<AuthorityListResponse.CertificateAuthority>;
+}
+
+export namespace AuthorityListResponse {
+  export interface CertificateAuthority {
+    /**
+     * Specifies the type of certificate in the trust chain.
+     */
+    certificateRecordType: 'ROOT_CERTIFICATE' | 'INTERMEDIATE_CERTIFICATE';
+
+    /**
+     * The two-letter ISO country code where the CA organization is based.
+     */
+    country: string;
+
+    /**
+     * The full country name corresponding to the country code.
+     */
+    countryName: string;
+
+    /**
+     * The full name of the certificate authority (CA).
+     */
+    name: string;
+
+    /**
+     * The organization that owns and operates the CA.
+     */
+    owner: string;
+
+    /**
+     * The name of the parent/root certificate authority that issued this intermediate
+     * certificate.
+     */
+    parentName: string;
+
+    /**
+     * The SHA-256 fingerprint of the parent certificate.
+     */
+    parentSha256Fingerprint: string;
+
+    /**
+     * The current revocation status of a Certificate Authority (CA) certificate.
+     */
+    revocationStatus: 'NOT_REVOKED' | 'REVOKED' | 'PARENT_CERT_REVOKED';
+
+    /**
+     * The SHA-256 fingerprint of the intermediate certificate.
+     */
+    sha256Fingerprint: string;
+  }
+}
+
+export interface AuthorityGetResponse {
+  certificateAuthority: AuthorityGetResponse.CertificateAuthority;
+}
+
+export namespace AuthorityGetResponse {
+  export interface CertificateAuthority {
+    /**
+     * The inclusion status of a Certificate Authority (CA) in the trust store.
+     */
+    appleStatus:
+      | 'INCLUDED'
+      | 'NOT_YET_INCLUDED'
+      | 'NOT_INCLUDED'
+      | 'NOT_BEFORE'
+      | 'REMOVED'
+      | 'DISABLED'
+      | 'BLOCKED';
+
+    /**
+     * The authorityKeyIdentifier value extracted from the certificate PEM.
+     */
+    authorityKeyIdentifier: string;
+
+    /**
+     * Specifies the type of certificate in the trust chain.
+     */
+    certificateRecordType: 'ROOT_CERTIFICATE' | 'INTERMEDIATE_CERTIFICATE';
+
+    /**
+     * The inclusion status of a Certificate Authority (CA) in the trust store.
+     */
+    chromeStatus:
+      | 'INCLUDED'
+      | 'NOT_YET_INCLUDED'
+      | 'NOT_INCLUDED'
+      | 'NOT_BEFORE'
+      | 'REMOVED'
+      | 'DISABLED'
+      | 'BLOCKED';
+
+    /**
+     * The two-letter ISO country code where the CA organization is based.
+     */
+    country: string;
+
+    /**
+     * The full country name corresponding to the country code.
+     */
+    countryName: string;
+
+    /**
+     * The inclusion status of a Certificate Authority (CA) in the trust store.
+     */
+    microsoftStatus:
+      | 'INCLUDED'
+      | 'NOT_YET_INCLUDED'
+      | 'NOT_INCLUDED'
+      | 'NOT_BEFORE'
+      | 'REMOVED'
+      | 'DISABLED'
+      | 'BLOCKED';
+
+    /**
+     * The inclusion status of a Certificate Authority (CA) in the trust store.
+     */
+    mozillaStatus:
+      | 'INCLUDED'
+      | 'NOT_YET_INCLUDED'
+      | 'NOT_INCLUDED'
+      | 'NOT_BEFORE'
+      | 'REMOVED'
+      | 'DISABLED'
+      | 'BLOCKED';
+
+    /**
+     * The full name of the certificate authority (CA).
+     */
+    name: string;
+
+    /**
+     * The organization that owns and operates the CA.
+     */
+    owner: string;
+
+    /**
+     * The name of the parent/root certificate authority that issued this intermediate
+     * certificate.
+     */
+    parentName: string;
+
+    /**
+     * The SHA-256 fingerprint of the parent certificate.
+     */
+    parentSha256Fingerprint: string;
+
+    /**
+     * CAs from the same owner.
+     */
+    related: Array<CertificateAuthority.Related>;
+
+    /**
+     * The current revocation status of a Certificate Authority (CA) certificate.
+     */
+    revocationStatus: 'NOT_REVOKED' | 'REVOKED' | 'PARENT_CERT_REVOKED';
+
+    /**
+     * The SHA-256 fingerprint of the intermediate certificate.
+     */
+    sha256Fingerprint: string;
+
+    /**
+     * The subjectKeyIdentifier value extracted from the certificate PEM.
+     */
+    subjectKeyIdentifier: string;
+
+    /**
+     * The start date of the certificate’s validity period (ISO format).
+     */
+    validFrom: string;
+
+    /**
+     * The end date of the certificate’s validity period (ISO format).
+     */
+    validTo: string;
+  }
+
+  export namespace CertificateAuthority {
+    export interface Related {
+      /**
+       * Specifies the type of certificate in the trust chain.
+       */
+      certificateRecordType: 'ROOT_CERTIFICATE' | 'INTERMEDIATE_CERTIFICATE';
+
+      /**
+       * The full name of the certificate authority (CA).
+       */
+      name: string;
+
+      /**
+       * The current revocation status of a Certificate Authority (CA) certificate.
+       */
+      revocationStatus: 'NOT_REVOKED' | 'REVOKED' | 'PARENT_CERT_REVOKED';
+
+      /**
+       * The SHA-256 fingerprint of the intermediate certificate.
+       */
+      sha256Fingerprint: string;
+    }
+  }
+}
+
+export interface AuthorityListParams {
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+
+  /**
+   * Limits the number of objects returned in the response.
+   */
+  limit?: number;
+
+  /**
+   * Skips the specified number of objects before fetching the results.
+   */
+  offset?: number;
+}
+
+export interface AuthorityGetParams {
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+}
+
+export declare namespace Authorities {
+  export {
+    type AuthorityListResponse as AuthorityListResponse,
+    type AuthorityGetResponse as AuthorityGetResponse,
+    type AuthorityListParams as AuthorityListParams,
+    type AuthorityGetParams as AuthorityGetParams,
+  };
+}
diff --git a/src/resources/radar/ct/ct.ts b/src/resources/radar/ct/ct.ts
new file mode 100644
index 0000000000..9f5873a4d2
--- /dev/null
+++ b/src/resources/radar/ct/ct.ts
@@ -0,0 +1,1107 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import { APIResource } from '../../../resource';
+import { isRequestOptions } from '../../../core';
+import * as Core from '../../../core';
+import * as AuthoritiesAPI from './authorities';
+import {
+  Authorities,
+  AuthorityGetParams,
+  AuthorityGetResponse,
+  AuthorityListParams,
+  AuthorityListResponse,
+} from './authorities';
+import * as LogsAPI from './logs';
+import { LogGetParams, LogGetResponse, LogListParams, LogListResponse, Logs } from './logs';
+
+export class Ct extends APIResource {
+  authorities: AuthoritiesAPI.Authorities = new AuthoritiesAPI.Authorities(this._client);
+  logs: LogsAPI.Logs = new LogsAPI.Logs(this._client);
+
+  /**
+   * Retrieves an aggregated summary of certificates grouped by the specified
+   * dimension.
+   *
+   * @example
+   * ```ts
+   * const response = await client.radar.ct.summary('CA');
+   * ```
+   */
+  summary(
+    dimension:
+      | 'CA'
+      | 'CA_OWNER'
+      | 'DURATION'
+      | 'ENTRY_TYPE'
+      | 'EXPIRATION_STATUS'
+      | 'HAS_IPS'
+      | 'HAS_WILDCARDS'
+      | 'LOG'
+      | 'LOG_API'
+      | 'LOG_OPERATOR'
+      | 'PUBLIC_KEY_ALGORITHM'
+      | 'SIGNATURE_ALGORITHM'
+      | 'TLD'
+      | 'VALIDATION_LEVEL',
+    query?: CtSummaryParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CtSummaryResponse>;
+  summary(
+    dimension:
+      | 'CA'
+      | 'CA_OWNER'
+      | 'DURATION'
+      | 'ENTRY_TYPE'
+      | 'EXPIRATION_STATUS'
+      | 'HAS_IPS'
+      | 'HAS_WILDCARDS'
+      | 'LOG'
+      | 'LOG_API'
+      | 'LOG_OPERATOR'
+      | 'PUBLIC_KEY_ALGORITHM'
+      | 'SIGNATURE_ALGORITHM'
+      | 'TLD'
+      | 'VALIDATION_LEVEL',
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CtSummaryResponse>;
+  summary(
+    dimension:
+      | 'CA'
+      | 'CA_OWNER'
+      | 'DURATION'
+      | 'ENTRY_TYPE'
+      | 'EXPIRATION_STATUS'
+      | 'HAS_IPS'
+      | 'HAS_WILDCARDS'
+      | 'LOG'
+      | 'LOG_API'
+      | 'LOG_OPERATOR'
+      | 'PUBLIC_KEY_ALGORITHM'
+      | 'SIGNATURE_ALGORITHM'
+      | 'TLD'
+      | 'VALIDATION_LEVEL',
+    query: CtSummaryParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CtSummaryResponse> {
+    if (isRequestOptions(query)) {
+      return this.summary(dimension, {}, query);
+    }
+    return (
+      this._client.get(`/radar/ct/summary/${dimension}`, { query, ...options }) as Core.APIPromise<{
+        result: CtSummaryResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Retrieves certificate volume over time.
+   *
+   * @example
+   * ```ts
+   * const response = await client.radar.ct.timeseries();
+   * ```
+   */
+  timeseries(
+    query?: CtTimeseriesParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CtTimeseriesResponse>;
+  timeseries(options?: Core.RequestOptions): Core.APIPromise<CtTimeseriesResponse>;
+  timeseries(
+    query: CtTimeseriesParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CtTimeseriesResponse> {
+    if (isRequestOptions(query)) {
+      return this.timeseries({}, query);
+    }
+    return (
+      this._client.get('/radar/ct/timeseries', { query, ...options }) as Core.APIPromise<{
+        result: CtTimeseriesResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Retrieves the distribution of certificates grouped by chosen the specified
+   * dimension over time.
+   *
+   * @example
+   * ```ts
+   * const response = await client.radar.ct.timeseriesGroups(
+   *   'CA',
+   * );
+   * ```
+   */
+  timeseriesGroups(
+    dimension:
+      | 'CA'
+      | 'CA_OWNER'
+      | 'DURATION'
+      | 'ENTRY_TYPE'
+      | 'EXPIRATION_STATUS'
+      | 'HAS_IPS'
+      | 'HAS_WILDCARDS'
+      | 'LOG'
+      | 'LOG_API'
+      | 'LOG_OPERATOR'
+      | 'PUBLIC_KEY_ALGORITHM'
+      | 'SIGNATURE_ALGORITHM'
+      | 'TLD'
+      | 'VALIDATION_LEVEL',
+    query?: CtTimeseriesGroupsParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CtTimeseriesGroupsResponse>;
+  timeseriesGroups(
+    dimension:
+      | 'CA'
+      | 'CA_OWNER'
+      | 'DURATION'
+      | 'ENTRY_TYPE'
+      | 'EXPIRATION_STATUS'
+      | 'HAS_IPS'
+      | 'HAS_WILDCARDS'
+      | 'LOG'
+      | 'LOG_API'
+      | 'LOG_OPERATOR'
+      | 'PUBLIC_KEY_ALGORITHM'
+      | 'SIGNATURE_ALGORITHM'
+      | 'TLD'
+      | 'VALIDATION_LEVEL',
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CtTimeseriesGroupsResponse>;
+  timeseriesGroups(
+    dimension:
+      | 'CA'
+      | 'CA_OWNER'
+      | 'DURATION'
+      | 'ENTRY_TYPE'
+      | 'EXPIRATION_STATUS'
+      | 'HAS_IPS'
+      | 'HAS_WILDCARDS'
+      | 'LOG'
+      | 'LOG_API'
+      | 'LOG_OPERATOR'
+      | 'PUBLIC_KEY_ALGORITHM'
+      | 'SIGNATURE_ALGORITHM'
+      | 'TLD'
+      | 'VALIDATION_LEVEL',
+    query: CtTimeseriesGroupsParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<CtTimeseriesGroupsResponse> {
+    if (isRequestOptions(query)) {
+      return this.timeseriesGroups(dimension, {}, query);
+    }
+    return (
+      this._client.get(`/radar/ct/timeseries_groups/${dimension}`, { query, ...options }) as Core.APIPromise<{
+        result: CtTimeseriesGroupsResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+}
+
+export interface CtSummaryResponse {
+  /**
+   * Metadata for the results.
+   */
+  meta: CtSummaryResponse.Meta;
+
+  summary_0:
+    | { [key: string]: string }
+    | CtSummaryResponse.UnionMember1
+    | CtSummaryResponse.UnionMember2
+    | CtSummaryResponse.UnionMember3
+    | CtSummaryResponse.UnionMember4
+    | CtSummaryResponse.UnionMember5
+    | CtSummaryResponse.UnionMember6
+    | CtSummaryResponse.UnionMember7;
+}
+
+export namespace CtSummaryResponse {
+  /**
+   * Metadata for the results.
+   */
+  export interface Meta {
+    confidenceInfo: Meta.ConfidenceInfo;
+
+    dateRange: Array<Meta.DateRange>;
+
+    /**
+     * Timestamp of the last dataset update.
+     */
+    lastUpdated: string;
+
+    /**
+     * Normalization method applied to the results. Refer to
+     * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+     */
+    normalization:
+      | 'PERCENTAGE'
+      | 'MIN0_MAX'
+      | 'MIN_MAX'
+      | 'RAW_VALUES'
+      | 'PERCENTAGE_CHANGE'
+      | 'ROLLING_AVERAGE'
+      | 'OVERLAPPED_PERCENTAGE'
+      | 'RATIO';
+
+    /**
+     * Measurement units for the results.
+     */
+    units: Array<Meta.Unit>;
+  }
+
+  export namespace Meta {
+    export interface ConfidenceInfo {
+      annotations: Array<ConfidenceInfo.Annotation>;
+
+      /**
+       * Provides an indication of how much confidence Cloudflare has in the data.
+       */
+      level: number;
+    }
+
+    export namespace ConfidenceInfo {
+      /**
+       * Annotation associated with the result (e.g. outage or other type of event).
+       */
+      export interface Annotation {
+        dataSource: string;
+
+        description: string;
+
+        endDate: string;
+
+        eventType: string;
+
+        /**
+         * Whether event is a single point in time or a time range.
+         */
+        isInstantaneous: boolean;
+
+        linkedUrl: string;
+
+        startDate: string;
+      }
+    }
+
+    export interface DateRange {
+      /**
+       * Adjusted end of date range.
+       */
+      endTime: string;
+
+      /**
+       * Adjusted start of date range.
+       */
+      startTime: string;
+    }
+
+    export interface Unit {
+      name: string;
+
+      value: string;
+    }
+  }
+
+  export interface UnionMember1 {
+    rfc6962: string;
+
+    static: string;
+  }
+
+  export interface UnionMember2 {
+    gt_121d: string;
+
+    gt_16d_lte_31d: string;
+
+    gt_31d_lte_91d: string;
+
+    gt_3d_lte_16d: string;
+
+    gt_91d_lte_121d: string;
+
+    lte_3d: string;
+  }
+
+  export interface UnionMember3 {
+    CERTIFICATE: string;
+
+    PRECERTIFICATE: string;
+  }
+
+  export interface UnionMember4 {
+    EXPIRED: string;
+
+    VALID: string;
+  }
+
+  export interface UnionMember5 {
+    NEGATIVE: string;
+
+    POSITIVE: string;
+  }
+
+  export interface UnionMember6 {
+    DSA: string;
+
+    ECDSA: string;
+
+    RSA: string;
+  }
+
+  export interface UnionMember7 {
+    domain: string;
+
+    extended: string;
+
+    organization: string;
+
+    unknown: string;
+  }
+}
+
+export interface CtTimeseriesResponse {
+  /**
+   * Metadata for the results.
+   */
+  meta: CtTimeseriesResponse.Meta;
+
+  [k: string]:
+    | CtTimeseriesResponse.unnamed_schema_ref_75bae70cf28e6bcef364b9840db3bdeb
+    | CtTimeseriesResponse.Meta
+    | undefined;
+}
+
+export namespace CtTimeseriesResponse {
+  /**
+   * Metadata for the results.
+   */
+  export interface Meta {
+    /**
+     * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
+     * Refer to
+     * [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/).
+     */
+    aggInterval: 'FIFTEEN_MINUTES' | 'ONE_HOUR' | 'ONE_DAY' | 'ONE_WEEK' | 'ONE_MONTH';
+
+    confidenceInfo: Meta.ConfidenceInfo;
+
+    dateRange: Array<Meta.DateRange>;
+
+    /**
+     * Timestamp of the last dataset update.
+     */
+    lastUpdated: string;
+
+    /**
+     * Normalization method applied to the results. Refer to
+     * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+     */
+    normalization:
+      | 'PERCENTAGE'
+      | 'MIN0_MAX'
+      | 'MIN_MAX'
+      | 'RAW_VALUES'
+      | 'PERCENTAGE_CHANGE'
+      | 'ROLLING_AVERAGE'
+      | 'OVERLAPPED_PERCENTAGE'
+      | 'RATIO';
+
+    /**
+     * Measurement units for the results.
+     */
+    units: Array<Meta.Unit>;
+  }
+
+  export namespace Meta {
+    export interface ConfidenceInfo {
+      annotations: Array<ConfidenceInfo.Annotation>;
+
+      /**
+       * Provides an indication of how much confidence Cloudflare has in the data.
+       */
+      level: number;
+    }
+
+    export namespace ConfidenceInfo {
+      /**
+       * Annotation associated with the result (e.g. outage or other type of event).
+       */
+      export interface Annotation {
+        dataSource: string;
+
+        description: string;
+
+        endDate: string;
+
+        eventType: string;
+
+        /**
+         * Whether event is a single point in time or a time range.
+         */
+        isInstantaneous: boolean;
+
+        linkedUrl: string;
+
+        startDate: string;
+      }
+    }
+
+    export interface DateRange {
+      /**
+       * Adjusted end of date range.
+       */
+      endTime: string;
+
+      /**
+       * Adjusted start of date range.
+       */
+      startTime: string;
+    }
+
+    export interface Unit {
+      name: string;
+
+      value: string;
+    }
+  }
+
+  export interface unnamed_schema_ref_75bae70cf28e6bcef364b9840db3bdeb {
+    timestamps: Array<string>;
+
+    values: Array<string>;
+  }
+}
+
+export interface CtTimeseriesGroupsResponse {
+  /**
+   * Metadata for the results.
+   */
+  meta: CtTimeseriesGroupsResponse.Meta;
+
+  serie_0:
+    | CtTimeseriesGroupsResponse.UnnamedSchemaRef7826220e105d84352ba1108d9ed88e55
+    | CtTimeseriesGroupsResponse.UnionMember1
+    | CtTimeseriesGroupsResponse.UnionMember2
+    | CtTimeseriesGroupsResponse.UnionMember3
+    | CtTimeseriesGroupsResponse.UnionMember4
+    | CtTimeseriesGroupsResponse.UnionMember5
+    | CtTimeseriesGroupsResponse.UnionMember6
+    | CtTimeseriesGroupsResponse.UnionMember7;
+}
+
+export namespace CtTimeseriesGroupsResponse {
+  /**
+   * Metadata for the results.
+   */
+  export interface Meta {
+    /**
+     * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
+     * Refer to
+     * [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/).
+     */
+    aggInterval: 'FIFTEEN_MINUTES' | 'ONE_HOUR' | 'ONE_DAY' | 'ONE_WEEK' | 'ONE_MONTH';
+
+    confidenceInfo: Meta.ConfidenceInfo;
+
+    dateRange: Array<Meta.DateRange>;
+
+    /**
+     * Timestamp of the last dataset update.
+     */
+    lastUpdated: string;
+
+    /**
+     * Normalization method applied to the results. Refer to
+     * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+     */
+    normalization:
+      | 'PERCENTAGE'
+      | 'MIN0_MAX'
+      | 'MIN_MAX'
+      | 'RAW_VALUES'
+      | 'PERCENTAGE_CHANGE'
+      | 'ROLLING_AVERAGE'
+      | 'OVERLAPPED_PERCENTAGE'
+      | 'RATIO';
+
+    /**
+     * Measurement units for the results.
+     */
+    units: Array<Meta.Unit>;
+  }
+
+  export namespace Meta {
+    export interface ConfidenceInfo {
+      annotations: Array<ConfidenceInfo.Annotation>;
+
+      /**
+       * Provides an indication of how much confidence Cloudflare has in the data.
+       */
+      level: number;
+    }
+
+    export namespace ConfidenceInfo {
+      /**
+       * Annotation associated with the result (e.g. outage or other type of event).
+       */
+      export interface Annotation {
+        dataSource: string;
+
+        description: string;
+
+        endDate: string;
+
+        eventType: string;
+
+        /**
+         * Whether event is a single point in time or a time range.
+         */
+        isInstantaneous: boolean;
+
+        linkedUrl: string;
+
+        startDate: string;
+      }
+    }
+
+    export interface DateRange {
+      /**
+       * Adjusted end of date range.
+       */
+      endTime: string;
+
+      /**
+       * Adjusted start of date range.
+       */
+      startTime: string;
+    }
+
+    export interface Unit {
+      name: string;
+
+      value: string;
+    }
+  }
+
+  export interface UnnamedSchemaRef7826220e105d84352ba1108d9ed88e55 {
+    timestamps: Array<string>;
+
+    [k: string]: Array<string> | Array<string> | undefined;
+  }
+
+  export interface UnionMember1 {
+    rfc6962: Array<string>;
+
+    static: Array<string>;
+  }
+
+  export interface UnionMember2 {
+    gt_121d: Array<string>;
+
+    gt_16d_lte_31d: Array<string>;
+
+    gt_31d_lte_91d: Array<string>;
+
+    gt_3d_lte_16d: Array<string>;
+
+    gt_91d_lte_121d: Array<string>;
+
+    lte_3d: Array<string>;
+  }
+
+  export interface UnionMember3 {
+    CERTIFICATE: Array<string>;
+
+    PRECERTIFICATE: Array<string>;
+  }
+
+  export interface UnionMember4 {
+    EXPIRED: Array<string>;
+
+    VALID: Array<string>;
+  }
+
+  export interface UnionMember5 {
+    NEGATIVE: Array<string>;
+
+    POSITIVE: Array<string>;
+  }
+
+  export interface UnionMember6 {
+    DSA: Array<string>;
+
+    ECDSA: Array<string>;
+
+    RSA: Array<string>;
+  }
+
+  export interface UnionMember7 {
+    domain: Array<string>;
+
+    extended: Array<string>;
+
+    organization: Array<string>;
+
+    unknown: Array<string>;
+  }
+}
+
+export interface CtSummaryParams {
+  /**
+   * Filters results by certificate authority.
+   */
+  ca?: Array<string>;
+
+  /**
+   * Filters results by certificate authority owner.
+   */
+  caOwner?: Array<string>;
+
+  /**
+   * End of the date range (inclusive).
+   */
+  dateEnd?: Array<string>;
+
+  /**
+   * Filters results by date range. For example, use `7d` and `7dcontrol` to compare
+   * this week with the previous week. Use this parameter or set specific start and
+   * end dates (`dateStart` and `dateEnd` parameters).
+   */
+  dateRange?: Array<string>;
+
+  /**
+   * Start of the date range.
+   */
+  dateStart?: Array<string>;
+
+  /**
+   * Filters results by certificate duration.
+   */
+  duration?: Array<
+    | 'LTE_3D'
+    | 'GT_3D_LTE_7D'
+    | 'GT_7D_LTE_10D'
+    | 'GT_10D_LTE_47D'
+    | 'GT_47D_LTE_100D'
+    | 'GT_100D_LTE_200D'
+    | 'GT_200D'
+  >;
+
+  /**
+   * Filters results by entry type (certificate vs. pre-certificate).
+   */
+  entryType?: Array<'PRECERTIFICATE' | 'CERTIFICATE'>;
+
+  /**
+   * Filters results by expiration status (expired vs. valid).
+   */
+  expirationStatus?: Array<'EXPIRED' | 'VALID'>;
+
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+
+  /**
+   * Filters results based on whether the certificates are bound to specific IP
+   * addresses.
+   */
+  hasIps?: Array<boolean>;
+
+  /**
+   * Filters results based on whether the certificates contain wildcard domains.
+   */
+  hasWildcards?: Array<boolean>;
+
+  /**
+   * Limits the number of objects per group to the top items within the specified
+   * time range. When item count exceeds the limit, extra items appear grouped under
+   * an "other" category.
+   */
+  limitPerGroup?: number;
+
+  /**
+   * Filters results by certificate log.
+   */
+  log?: Array<string>;
+
+  /**
+   * Filters results by certificate log API (RFC6962 vs. static).
+   */
+  logApi?: Array<'RFC6962' | 'STATIC'>;
+
+  /**
+   * Filters results by certificate log operator.
+   */
+  logOperator?: Array<string>;
+
+  /**
+   * Array of names used to label the series in the response.
+   */
+  name?: Array<string>;
+
+  /**
+   * Normalization method applied to the results. Refer to
+   * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+   */
+  normalization?: 'RAW_VALUES' | 'PERCENTAGE';
+
+  /**
+   * Filters results by public key algorithm.
+   */
+  publicKeyAlgorithm?: Array<'DSA' | 'ECDSA' | 'RSA'>;
+
+  /**
+   * Filters results by signature algorithm.
+   */
+  signatureAlgorithm?: Array<
+    | 'DSA_SHA_1'
+    | 'DSA_SHA_256'
+    | 'ECDSA_SHA_1'
+    | 'ECDSA_SHA_256'
+    | 'ECDSA_SHA_384'
+    | 'ECDSA_SHA_512'
+    | 'PSS_SHA_256'
+    | 'PSS_SHA_384'
+    | 'PSS_SHA_512'
+    | 'RSA_MD2'
+    | 'RSA_MD5'
+    | 'RSA_SHA_1'
+    | 'RSA_SHA_256'
+    | 'RSA_SHA_384'
+    | 'RSA_SHA_512'
+  >;
+
+  /**
+   * Filters results by top-level domain.
+   */
+  tld?: Array<string>;
+
+  /**
+   * Specifies whether to filter out duplicate certificates and pre-certificates. Set
+   * to true for unique entries only.
+   */
+  uniqueEntries?: Array<'true' | 'false'>;
+
+  /**
+   * Filters results by validation level.
+   */
+  validationLevel?: Array<'DOMAIN' | 'ORGANIZATION' | 'EXTENDED'>;
+}
+
+export interface CtTimeseriesParams {
+  /**
+   * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
+   * Refer to
+   * [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/).
+   */
+  aggInterval?: '15m' | '1h' | '1d' | '1w';
+
+  /**
+   * Filters results by certificate authority.
+   */
+  ca?: Array<string>;
+
+  /**
+   * Filters results by certificate authority owner.
+   */
+  caOwner?: Array<string>;
+
+  /**
+   * End of the date range (inclusive).
+   */
+  dateEnd?: Array<string>;
+
+  /**
+   * Filters results by date range. For example, use `7d` and `7dcontrol` to compare
+   * this week with the previous week. Use this parameter or set specific start and
+   * end dates (`dateStart` and `dateEnd` parameters).
+   */
+  dateRange?: Array<string>;
+
+  /**
+   * Start of the date range.
+   */
+  dateStart?: Array<string>;
+
+  /**
+   * Filters results by certificate duration.
+   */
+  duration?: Array<
+    | 'LTE_3D'
+    | 'GT_3D_LTE_7D'
+    | 'GT_7D_LTE_10D'
+    | 'GT_10D_LTE_47D'
+    | 'GT_47D_LTE_100D'
+    | 'GT_100D_LTE_200D'
+    | 'GT_200D'
+  >;
+
+  /**
+   * Filters results by entry type (certificate vs. pre-certificate).
+   */
+  entryType?: Array<'PRECERTIFICATE' | 'CERTIFICATE'>;
+
+  /**
+   * Filters results by expiration status (expired vs. valid).
+   */
+  expirationStatus?: Array<'EXPIRED' | 'VALID'>;
+
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+
+  /**
+   * Filters results based on whether the certificates are bound to specific IP
+   * addresses.
+   */
+  hasIps?: Array<boolean>;
+
+  /**
+   * Filters results based on whether the certificates contain wildcard domains.
+   */
+  hasWildcards?: Array<boolean>;
+
+  /**
+   * Filters results by certificate log.
+   */
+  log?: Array<string>;
+
+  /**
+   * Filters results by certificate log API (RFC6962 vs. static).
+   */
+  logApi?: Array<'RFC6962' | 'STATIC'>;
+
+  /**
+   * Filters results by certificate log operator.
+   */
+  logOperator?: Array<string>;
+
+  /**
+   * Array of names used to label the series in the response.
+   */
+  name?: Array<string>;
+
+  /**
+   * Filters results by public key algorithm.
+   */
+  publicKeyAlgorithm?: Array<'DSA' | 'ECDSA' | 'RSA'>;
+
+  /**
+   * Filters results by signature algorithm.
+   */
+  signatureAlgorithm?: Array<
+    | 'DSA_SHA_1'
+    | 'DSA_SHA_256'
+    | 'ECDSA_SHA_1'
+    | 'ECDSA_SHA_256'
+    | 'ECDSA_SHA_384'
+    | 'ECDSA_SHA_512'
+    | 'PSS_SHA_256'
+    | 'PSS_SHA_384'
+    | 'PSS_SHA_512'
+    | 'RSA_MD2'
+    | 'RSA_MD5'
+    | 'RSA_SHA_1'
+    | 'RSA_SHA_256'
+    | 'RSA_SHA_384'
+    | 'RSA_SHA_512'
+  >;
+
+  /**
+   * Filters results by top-level domain.
+   */
+  tld?: Array<string>;
+
+  /**
+   * Specifies whether to filter out duplicate certificates and pre-certificates. Set
+   * to true for unique entries only.
+   */
+  uniqueEntries?: Array<'true' | 'false'>;
+
+  /**
+   * Filters results by validation level.
+   */
+  validationLevel?: Array<'DOMAIN' | 'ORGANIZATION' | 'EXTENDED'>;
+}
+
+export interface CtTimeseriesGroupsParams {
+  /**
+   * Aggregation interval of the results (e.g., in 15 minutes or 1 hour intervals).
+   * Refer to
+   * [Aggregation intervals](https://developers.cloudflare.com/radar/concepts/aggregation-intervals/).
+   */
+  aggInterval?: '15m' | '1h' | '1d' | '1w';
+
+  /**
+   * Filters results by certificate authority.
+   */
+  ca?: Array<string>;
+
+  /**
+   * Filters results by certificate authority owner.
+   */
+  caOwner?: Array<string>;
+
+  /**
+   * End of the date range (inclusive).
+   */
+  dateEnd?: Array<string>;
+
+  /**
+   * Filters results by date range. For example, use `7d` and `7dcontrol` to compare
+   * this week with the previous week. Use this parameter or set specific start and
+   * end dates (`dateStart` and `dateEnd` parameters).
+   */
+  dateRange?: Array<string>;
+
+  /**
+   * Start of the date range.
+   */
+  dateStart?: Array<string>;
+
+  /**
+   * Filters results by certificate duration.
+   */
+  duration?: Array<
+    | 'LTE_3D'
+    | 'GT_3D_LTE_7D'
+    | 'GT_7D_LTE_10D'
+    | 'GT_10D_LTE_47D'
+    | 'GT_47D_LTE_100D'
+    | 'GT_100D_LTE_200D'
+    | 'GT_200D'
+  >;
+
+  /**
+   * Filters results by entry type (certificate vs. pre-certificate).
+   */
+  entryType?: Array<'PRECERTIFICATE' | 'CERTIFICATE'>;
+
+  /**
+   * Filters results by expiration status (expired vs. valid).
+   */
+  expirationStatus?: Array<'EXPIRED' | 'VALID'>;
+
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+
+  /**
+   * Filters results based on whether the certificates are bound to specific IP
+   * addresses.
+   */
+  hasIps?: Array<boolean>;
+
+  /**
+   * Filters results based on whether the certificates contain wildcard domains.
+   */
+  hasWildcards?: Array<boolean>;
+
+  /**
+   * Limits the number of objects per group to the top items within the specified
+   * time range. When item count exceeds the limit, extra items appear grouped under
+   * an "other" category.
+   */
+  limitPerGroup?: number;
+
+  /**
+   * Filters results by certificate log.
+   */
+  log?: Array<string>;
+
+  /**
+   * Filters results by certificate log API (RFC6962 vs. static).
+   */
+  logApi?: Array<'RFC6962' | 'STATIC'>;
+
+  /**
+   * Filters results by certificate log operator.
+   */
+  logOperator?: Array<string>;
+
+  /**
+   * Array of names used to label the series in the response.
+   */
+  name?: Array<string>;
+
+  /**
+   * Normalization method applied to the results. Refer to
+   * [Normalization methods](https://developers.cloudflare.com/radar/concepts/normalization/).
+   */
+  normalization?: 'RAW_VALUES' | 'PERCENTAGE';
+
+  /**
+   * Filters results by public key algorithm.
+   */
+  publicKeyAlgorithm?: Array<'DSA' | 'ECDSA' | 'RSA'>;
+
+  /**
+   * Filters results by signature algorithm.
+   */
+  signatureAlgorithm?: Array<
+    | 'DSA_SHA_1'
+    | 'DSA_SHA_256'
+    | 'ECDSA_SHA_1'
+    | 'ECDSA_SHA_256'
+    | 'ECDSA_SHA_384'
+    | 'ECDSA_SHA_512'
+    | 'PSS_SHA_256'
+    | 'PSS_SHA_384'
+    | 'PSS_SHA_512'
+    | 'RSA_MD2'
+    | 'RSA_MD5'
+    | 'RSA_SHA_1'
+    | 'RSA_SHA_256'
+    | 'RSA_SHA_384'
+    | 'RSA_SHA_512'
+  >;
+
+  /**
+   * Filters results by top-level domain.
+   */
+  tld?: Array<string>;
+
+  /**
+   * Specifies whether to filter out duplicate certificates and pre-certificates. Set
+   * to true for unique entries only.
+   */
+  uniqueEntries?: Array<'true' | 'false'>;
+
+  /**
+   * Filters results by validation level.
+   */
+  validationLevel?: Array<'DOMAIN' | 'ORGANIZATION' | 'EXTENDED'>;
+}
+
+Ct.Authorities = Authorities;
+Ct.Logs = Logs;
+
+export declare namespace Ct {
+  export {
+    type CtSummaryResponse as CtSummaryResponse,
+    type CtTimeseriesResponse as CtTimeseriesResponse,
+    type CtTimeseriesGroupsResponse as CtTimeseriesGroupsResponse,
+    type CtSummaryParams as CtSummaryParams,
+    type CtTimeseriesParams as CtTimeseriesParams,
+    type CtTimeseriesGroupsParams as CtTimeseriesGroupsParams,
+  };
+
+  export {
+    Authorities as Authorities,
+    type AuthorityListResponse as AuthorityListResponse,
+    type AuthorityGetResponse as AuthorityGetResponse,
+    type AuthorityListParams as AuthorityListParams,
+    type AuthorityGetParams as AuthorityGetParams,
+  };
+
+  export {
+    Logs as Logs,
+    type LogListResponse as LogListResponse,
+    type LogGetResponse as LogGetResponse,
+    type LogListParams as LogListParams,
+    type LogGetParams as LogGetParams,
+  };
+}
diff --git a/src/resources/radar/ct/index.ts b/src/resources/radar/ct/index.ts
new file mode 100644
index 0000000000..20a5137e83
--- /dev/null
+++ b/src/resources/radar/ct/index.ts
@@ -0,0 +1,25 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+export {
+  Authorities,
+  type AuthorityListResponse,
+  type AuthorityGetResponse,
+  type AuthorityListParams,
+  type AuthorityGetParams,
+} from './authorities';
+export {
+  Ct,
+  type CtSummaryResponse,
+  type CtTimeseriesResponse,
+  type CtTimeseriesGroupsResponse,
+  type CtSummaryParams,
+  type CtTimeseriesParams,
+  type CtTimeseriesGroupsParams,
+} from './ct';
+export {
+  Logs,
+  type LogListResponse,
+  type LogGetResponse,
+  type LogListParams,
+  type LogGetParams,
+} from './logs';
diff --git a/src/resources/radar/ct/logs.ts b/src/resources/radar/ct/logs.ts
new file mode 100644
index 0000000000..4ba71c4acf
--- /dev/null
+++ b/src/resources/radar/ct/logs.ts
@@ -0,0 +1,271 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import { APIResource } from '../../../resource';
+import { isRequestOptions } from '../../../core';
+import * as Core from '../../../core';
+
+export class Logs extends APIResource {
+  /**
+   * Retrieves a list of certificate logs.
+   *
+   * @example
+   * ```ts
+   * const logs = await client.radar.ct.logs.list();
+   * ```
+   */
+  list(query?: LogListParams, options?: Core.RequestOptions): Core.APIPromise<LogListResponse>;
+  list(options?: Core.RequestOptions): Core.APIPromise<LogListResponse>;
+  list(
+    query: LogListParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<LogListResponse> {
+    if (isRequestOptions(query)) {
+      return this.list({}, query);
+    }
+    return (
+      this._client.get('/radar/ct/logs', { query, ...options }) as Core.APIPromise<{
+        result: LogListResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+
+  /**
+   * Retrieves the requested certificate log information.
+   *
+   * @example
+   * ```ts
+   * const log = await client.radar.ct.logs.get('argon2024');
+   * ```
+   */
+  get(logSlug: string, query?: LogGetParams, options?: Core.RequestOptions): Core.APIPromise<LogGetResponse>;
+  get(logSlug: string, options?: Core.RequestOptions): Core.APIPromise<LogGetResponse>;
+  get(
+    logSlug: string,
+    query: LogGetParams | Core.RequestOptions = {},
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<LogGetResponse> {
+    if (isRequestOptions(query)) {
+      return this.get(logSlug, {}, query);
+    }
+    return (
+      this._client.get(`/radar/ct/logs/${logSlug}`, { query, ...options }) as Core.APIPromise<{
+        result: LogGetResponse;
+      }>
+    )._thenUnwrap((obj) => obj.result);
+  }
+}
+
+export interface LogListResponse {
+  certificateLogs: Array<LogListResponse.CertificateLog>;
+}
+
+export namespace LogListResponse {
+  export interface CertificateLog {
+    /**
+     * The API standard that the certificate log follows.
+     */
+    api: 'RFC6962' | 'STATIC';
+
+    /**
+     * A brief description of the certificate log.
+     */
+    description: string;
+
+    /**
+     * The end date and time for when the log will stop accepting certificates.
+     */
+    endExclusive: string;
+
+    /**
+     * The organization responsible for operating the certificate log.
+     */
+    operator: string;
+
+    /**
+     * A URL-friendly, kebab-case identifier for the certificate log.
+     */
+    slug: string;
+
+    /**
+     * The start date and time for when the log starts accepting certificates.
+     */
+    startInclusive: string;
+
+    /**
+     * The current state of the certificate log. More details about log states can be
+     * found here:
+     * https://googlechrome.github.io/CertificateTransparency/log_states.html
+     */
+    state: 'USABLE' | 'PENDING' | 'QUALIFIED' | 'READ_ONLY' | 'RETIRED' | 'REJECTED';
+
+    /**
+     * Timestamp of when the log state was last updated.
+     */
+    stateTimestamp: string;
+
+    /**
+     * The URL for the certificate log.
+     */
+    url: string;
+  }
+}
+
+export interface LogGetResponse {
+  certificateLog: LogGetResponse.CertificateLog;
+}
+
+export namespace LogGetResponse {
+  export interface CertificateLog {
+    /**
+     * The API standard that the certificate log follows.
+     */
+    api: 'RFC6962' | 'STATIC';
+
+    /**
+     * A brief description of the certificate log.
+     */
+    description: string;
+
+    /**
+     * The end date and time for when the log will stop accepting certificates.
+     */
+    endExclusive: string;
+
+    /**
+     * The organization responsible for operating the certificate log.
+     */
+    operator: string;
+
+    /**
+     * Log performance metrics, including averages and per-endpoint details.
+     */
+    performance: CertificateLog.Performance | null;
+
+    /**
+     * Logs from the same operator.
+     */
+    related: Array<CertificateLog.Related>;
+
+    /**
+     * A URL-friendly, kebab-case identifier for the certificate log.
+     */
+    slug: string;
+
+    /**
+     * The start date and time for when the log starts accepting certificates.
+     */
+    startInclusive: string;
+
+    /**
+     * The current state of the certificate log. More details about log states can be
+     * found here:
+     * https://googlechrome.github.io/CertificateTransparency/log_states.html
+     */
+    state: 'USABLE' | 'PENDING' | 'QUALIFIED' | 'READ_ONLY' | 'RETIRED' | 'REJECTED';
+
+    /**
+     * Timestamp of when the log state was last updated.
+     */
+    stateTimestamp: string;
+
+    /**
+     * The URL for the certificate log.
+     */
+    url: string;
+  }
+
+  export namespace CertificateLog {
+    /**
+     * Log performance metrics, including averages and per-endpoint details.
+     */
+    export interface Performance {
+      endpoints: Array<Performance.Endpoint>;
+
+      responseTime: number;
+
+      uptime: number;
+    }
+
+    export namespace Performance {
+      export interface Endpoint {
+        /**
+         * The certificate log endpoint names used in performance metrics.
+         */
+        endpoint:
+          | 'add-chain (new)'
+          | 'add-chain (old)'
+          | 'add-pre-chain (new)'
+          | 'add-pre-chain (old)'
+          | 'get-entries'
+          | 'get-roots'
+          | 'get-sth';
+
+        responseTime: number;
+
+        uptime: number;
+      }
+    }
+
+    export interface Related {
+      /**
+       * A brief description of the certificate log.
+       */
+      description: string;
+
+      /**
+       * The end date and time for when the log will stop accepting certificates.
+       */
+      endExclusive: string;
+
+      /**
+       * A URL-friendly, kebab-case identifier for the certificate log.
+       */
+      slug: string;
+
+      /**
+       * The start date and time for when the log starts accepting certificates.
+       */
+      startInclusive: string;
+
+      /**
+       * The current state of the certificate log. More details about log states can be
+       * found here:
+       * https://googlechrome.github.io/CertificateTransparency/log_states.html
+       */
+      state: 'USABLE' | 'PENDING' | 'QUALIFIED' | 'READ_ONLY' | 'RETIRED' | 'REJECTED';
+    }
+  }
+}
+
+export interface LogListParams {
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+
+  /**
+   * Limits the number of objects returned in the response.
+   */
+  limit?: number;
+
+  /**
+   * Skips the specified number of objects before fetching the results.
+   */
+  offset?: number;
+}
+
+export interface LogGetParams {
+  /**
+   * Format in which results will be returned.
+   */
+  format?: 'JSON' | 'CSV';
+}
+
+export declare namespace Logs {
+  export {
+    type LogListResponse as LogListResponse,
+    type LogGetResponse as LogGetResponse,
+    type LogListParams as LogListParams,
+    type LogGetParams as LogGetParams,
+  };
+}
diff --git a/src/resources/radar/dns/summary.ts b/src/resources/radar/dns/summary.ts
index 414edd9bf8..9bc87aa1f9 100644
--- a/src/resources/radar/dns/summary.ts
+++ b/src/resources/radar/dns/summary.ts
@@ -294,7 +294,7 @@ export namespace SummaryCacheHitResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -403,7 +403,7 @@ export namespace SummaryDNSSECResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -522,7 +522,7 @@ export namespace SummaryDNSSECAwareResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -631,7 +631,7 @@ export namespace SummaryDNSSECE2EResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -740,7 +740,7 @@ export namespace SummaryIPVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -849,7 +849,7 @@ export namespace SummaryMatchingAnswerResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -958,7 +958,7 @@ export namespace SummaryProtocolResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -1077,7 +1077,7 @@ export namespace SummaryQueryTypeResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -1174,7 +1174,7 @@ export namespace SummaryResponseCodeResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -1271,7 +1271,7 @@ export namespace SummaryResponseTTLResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/email/routing/summary.ts b/src/resources/radar/email/routing/summary.ts
index 90e6565c5f..4085dc05e9 100644
--- a/src/resources/radar/email/routing/summary.ts
+++ b/src/resources/radar/email/routing/summary.ts
@@ -182,7 +182,7 @@ export namespace SummaryARCResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -279,7 +279,7 @@ export namespace SummaryDKIMResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -376,7 +376,7 @@ export namespace SummaryDMARCResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -473,7 +473,7 @@ export namespace SummaryEncryptedResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -582,7 +582,7 @@ export namespace SummaryIPVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -691,7 +691,7 @@ export namespace SummarySPFResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/email/security/summary.ts b/src/resources/radar/email/security/summary.ts
index 8b24cb05b7..3a984c2f4f 100644
--- a/src/resources/radar/email/security/summary.ts
+++ b/src/resources/radar/email/security/summary.ts
@@ -262,7 +262,7 @@ export namespace SummaryARCResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -359,7 +359,7 @@ export namespace SummaryDKIMResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -456,7 +456,7 @@ export namespace SummaryDMARCResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -553,7 +553,7 @@ export namespace SummaryMaliciousResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -662,7 +662,7 @@ export namespace SummarySpamResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -771,7 +771,7 @@ export namespace SummarySPFResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -868,7 +868,7 @@ export namespace SummarySpoofResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -977,7 +977,7 @@ export namespace SummaryThreatCategoryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -1096,7 +1096,7 @@ export namespace SummaryTLSVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/http/summary.ts b/src/resources/radar/http/summary.ts
index 65f3ac2037..95ce04817e 100644
--- a/src/resources/radar/http/summary.ts
+++ b/src/resources/radar/http/summary.ts
@@ -244,7 +244,7 @@ export namespace SummaryBotClassResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -353,7 +353,7 @@ export namespace SummaryDeviceTypeResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -467,7 +467,7 @@ export namespace SummaryHTTPProtocolResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -576,7 +576,7 @@ export namespace SummaryHTTPVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -690,7 +690,7 @@ export namespace SummaryIPVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -799,7 +799,7 @@ export namespace SummaryOSResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -908,7 +908,7 @@ export namespace SummaryPostQuantumResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -1017,7 +1017,7 @@ export namespace SummaryTLSVersionResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/index.ts b/src/resources/radar/index.ts
index 5aadae8272..9b9bba8ee0 100644
--- a/src/resources/radar/index.ts
+++ b/src/resources/radar/index.ts
@@ -18,6 +18,15 @@ export {
   type BotTimeseriesParams,
   type BotTimeseriesGroupsParams,
 } from './bots/index';
+export {
+  Ct,
+  type CtSummaryResponse,
+  type CtTimeseriesResponse,
+  type CtTimeseriesGroupsResponse,
+  type CtSummaryParams,
+  type CtTimeseriesParams,
+  type CtTimeseriesGroupsParams,
+} from './ct/index';
 export { DNS, type DNSTimeseriesResponse, type DNSTimeseriesParams } from './dns/index';
 export {
   Datasets,
diff --git a/src/resources/radar/leaked-credentials/summary.ts b/src/resources/radar/leaked-credentials/summary.ts
index 59234a6375..c1c6b5efee 100644
--- a/src/resources/radar/leaked-credentials/summary.ts
+++ b/src/resources/radar/leaked-credentials/summary.ts
@@ -79,7 +79,7 @@ export namespace SummaryBotClassResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -188,7 +188,7 @@ export namespace SummaryCompromisedResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/netflows/netflows.ts b/src/resources/radar/netflows/netflows.ts
index bdce8f7a70..b46440c98d 100644
--- a/src/resources/radar/netflows/netflows.ts
+++ b/src/resources/radar/netflows/netflows.ts
@@ -79,7 +79,7 @@ export namespace NetflowSummaryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/quality/iqi.ts b/src/resources/radar/quality/iqi.ts
index 085918eae3..4c3f288361 100644
--- a/src/resources/radar/quality/iqi.ts
+++ b/src/resources/radar/quality/iqi.ts
@@ -61,7 +61,7 @@ export namespace IQISummaryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/quality/speed/speed.ts b/src/resources/radar/quality/speed/speed.ts
index 4a5486d2e3..f3023aa4a7 100644
--- a/src/resources/radar/quality/speed/speed.ts
+++ b/src/resources/radar/quality/speed/speed.ts
@@ -91,7 +91,7 @@ export namespace SpeedHistogramResponse {
      */
     bucketSize: number;
 
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
@@ -190,7 +190,7 @@ export namespace SpeedSummaryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/radar/radar.ts b/src/resources/radar/radar.ts
index 7a3971e2c9..0ed666d88a 100644
--- a/src/resources/radar/radar.ts
+++ b/src/resources/radar/radar.ts
@@ -44,6 +44,16 @@ import {
   BotTimeseriesResponse,
   Bots,
 } from './bots/bots';
+import * as CtAPI from './ct/ct';
+import {
+  Ct,
+  CtSummaryParams,
+  CtSummaryResponse,
+  CtTimeseriesGroupsParams,
+  CtTimeseriesGroupsResponse,
+  CtTimeseriesParams,
+  CtTimeseriesResponse,
+} from './ct/ct';
 import * as DNSAPI from './dns/dns';
 import { DNS, DNSTimeseriesParams, DNSTimeseriesResponse } from './dns/dns';
 import * as EmailAPI from './email/email';
@@ -85,6 +95,7 @@ import { VerifiedBots } from './verified-bots/verified-bots';
 
 export class Radar extends APIResource {
   ai: AIAPI.AI = new AIAPI.AI(this._client);
+  ct: CtAPI.Ct = new CtAPI.Ct(this._client);
   annotations: AnnotationsAPI.Annotations = new AnnotationsAPI.Annotations(this._client);
   bgp: BGPAPI.BGP = new BGPAPI.BGP(this._client);
   bots: BotsAPI.Bots = new BotsAPI.Bots(this._client);
@@ -113,6 +124,7 @@ export class Radar extends APIResource {
 }
 
 Radar.AI = AI;
+Radar.Ct = Ct;
 Radar.Annotations = Annotations;
 Radar.BGP = BGP;
 Radar.Bots = Bots;
@@ -136,6 +148,16 @@ Radar.LeakedCredentials = LeakedCredentials;
 export declare namespace Radar {
   export { AI as AI };
 
+  export {
+    Ct as Ct,
+    type CtSummaryResponse as CtSummaryResponse,
+    type CtTimeseriesResponse as CtTimeseriesResponse,
+    type CtTimeseriesGroupsResponse as CtTimeseriesGroupsResponse,
+    type CtSummaryParams as CtSummaryParams,
+    type CtTimeseriesParams as CtTimeseriesParams,
+    type CtTimeseriesGroupsParams as CtTimeseriesGroupsParams,
+  };
+
   export {
     Annotations as Annotations,
     type AnnotationListResponse as AnnotationListResponse,
diff --git a/src/resources/radar/search.ts b/src/resources/radar/search.ts
index cab2690c3d..ead601f62b 100644
--- a/src/resources/radar/search.ts
+++ b/src/resources/radar/search.ts
@@ -5,7 +5,8 @@ import * as Core from '../../core';
 
 export class Search extends APIResource {
   /**
-   * Searches for locations, autonomous systems, reports, and bots.
+   * Searches for locations, autonomous systems, reports, bots, certificate logs, and
+   * certificate authorities.
    *
    * @example
    * ```ts
@@ -39,14 +40,16 @@ export namespace SearchGlobalResponse {
 
 export interface SearchGlobalParams {
   /**
-   * Search for locations, autonomous systems and reports.
+   * String used to perform the search operation.
    */
   query: string;
 
   /**
    * Search types excluded from results.
    */
-  exclude?: Array<'ASNS' | 'BOTS' | 'LOCATIONS' | 'NOTEBOOKS' | 'SPECIAL_EVENTS'>;
+  exclude?: Array<
+    'ASNS' | 'BOTS' | 'CERTIFICATE_AUTHORITIES' | 'CERTIFICATE_LOGS' | 'LOCATIONS' | 'NOTEBOOKS'
+  >;
 
   /**
    * Format in which results will be returned.
@@ -56,7 +59,9 @@ export interface SearchGlobalParams {
   /**
    * Search types included in results.
    */
-  include?: Array<'ASNS' | 'BOTS' | 'LOCATIONS' | 'NOTEBOOKS' | 'SPECIAL_EVENTS'>;
+  include?: Array<
+    'ASNS' | 'BOTS' | 'CERTIFICATE_AUTHORITIES' | 'CERTIFICATE_LOGS' | 'LOCATIONS' | 'NOTEBOOKS'
+  >;
 
   /**
    * Limits the number of objects returned in the response.
diff --git a/src/resources/radar/tcp-resets-timeouts.ts b/src/resources/radar/tcp-resets-timeouts.ts
index e7ef792cab..01cdb209f2 100644
--- a/src/resources/radar/tcp-resets-timeouts.ts
+++ b/src/resources/radar/tcp-resets-timeouts.ts
@@ -79,7 +79,7 @@ export namespace TCPResetsTimeoutSummaryResponse {
    * Metadata for the results.
    */
   export interface Meta {
-    confidenceInfo: Meta.ConfidenceInfo | null;
+    confidenceInfo: Meta.ConfidenceInfo;
 
     dateRange: Array<Meta.DateRange>;
 
diff --git a/src/resources/rules/lists/bulk-operations.ts b/src/resources/rules/lists/bulk-operations.ts
index c70c6e049d..2a9186839b 100644
--- a/src/resources/rules/lists/bulk-operations.ts
+++ b/src/resources/rules/lists/bulk-operations.ts
@@ -35,31 +35,67 @@ export class BulkOperations extends APIResource {
   }
 }
 
-export interface BulkOperationGetResponse {
-  /**
-   * The unique operation ID of the asynchronous action.
-   */
-  id: string;
+export type BulkOperationGetResponse =
+  | BulkOperationGetResponse.ListsBulkOperationPendingOrRunning
+  | BulkOperationGetResponse.ListsBulkOperationCompleted
+  | BulkOperationGetResponse.ListsBulkOperationFailed;
 
-  /**
-   * The current status of the asynchronous operation.
-   */
-  status: 'pending' | 'running' | 'completed' | 'failed';
+export namespace BulkOperationGetResponse {
+  export interface ListsBulkOperationPendingOrRunning {
+    /**
+     * The unique operation ID of the asynchronous action.
+     */
+    id: string;
 
-  /**
-   * The RFC 3339 timestamp of when the operation was completed.
-   */
-  completed?: string;
+    /**
+     * The current status of the asynchronous operation.
+     */
+    status: 'pending' | 'running';
+  }
 
-  /**
-   * A message describing the error when the status is `failed`.
-   */
-  error?: string;
+  export interface ListsBulkOperationCompleted {
+    /**
+     * The unique operation ID of the asynchronous action.
+     */
+    id: string;
+
+    /**
+     * The RFC 3339 timestamp of when the operation was completed.
+     */
+    completed: string;
+
+    /**
+     * The current status of the asynchronous operation.
+     */
+    status: 'completed';
+  }
+
+  export interface ListsBulkOperationFailed {
+    /**
+     * The unique operation ID of the asynchronous action.
+     */
+    id: string;
+
+    /**
+     * The RFC 3339 timestamp of when the operation was completed.
+     */
+    completed: string;
+
+    /**
+     * A message describing the error when the status is `failed`.
+     */
+    error: string;
+
+    /**
+     * The current status of the asynchronous operation.
+     */
+    status: 'failed';
+  }
 }
 
 export interface BulkOperationGetParams {
   /**
-   * Defines an identifier.
+   * The Account ID for this resource.
    */
   account_id: string;
 }
diff --git a/src/resources/rules/lists/items.ts b/src/resources/rules/lists/items.ts
index 6cd68b12a7..8f7000a7b2 100644
--- a/src/resources/rules/lists/items.ts
+++ b/src/resources/rules/lists/items.ts
@@ -18,7 +18,7 @@ export class Items extends APIResource {
    *   '2c0fc9fa937b11eaa1b71c4d701ab86e',
    *   {
    *     account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-   *     body: [{}],
+   *     body: [{ ip: '10.0.0.1' }],
    *   },
    * );
    * ```
@@ -50,7 +50,7 @@ export class Items extends APIResource {
    *   '2c0fc9fa937b11eaa1b71c4d701ab86e',
    *   {
    *     account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-   *     body: [{}],
+   *     body: [{ ip: '10.0.0.1' }],
    *   },
    * );
    * ```
@@ -164,203 +164,403 @@ export interface ListItem {
   /**
    * The unique operation ID of the asynchronous action.
    */
-  operation_id?: string;
+  operation_id: string;
 }
 
 export interface ItemCreateResponse {
   /**
    * The unique operation ID of the asynchronous action.
    */
-  operation_id?: string;
+  operation_id: string;
 }
 
 export interface ItemUpdateResponse {
   /**
    * The unique operation ID of the asynchronous action.
    */
-  operation_id?: string;
+  operation_id: string;
 }
 
-export interface ItemListResponse {
-  /**
-   * The unique ID of the list.
-   */
-  id?: string;
+export type ItemListResponse =
+  | ItemListResponse.ListsListItemIPFull
+  | ItemListResponse.ListsListItemHostnameFull
+  | ItemListResponse.ListsListItemRedirectFull
+  | ItemListResponse.ListsListItemASNFull;
 
-  /**
-   * Defines a non-negative 32 bit integer.
-   */
-  asn?: number;
+export namespace ItemListResponse {
+  export interface ListsListItemIPFull {
+    /**
+     * Defines the unique ID of the item in the List.
+     */
+    id: string;
 
-  /**
-   * Defines an informative summary of the list item.
-   */
-  comment?: string;
+    /**
+     * The RFC 3339 timestamp of when the list was created.
+     */
+    created_on: string;
 
-  /**
-   * The RFC 3339 timestamp of when the item was created.
-   */
-  created_on?: string;
+    /**
+     * An IPv4 address, an IPv4 CIDR, an IPv6 address, or an IPv6 CIDR.
+     */
+    ip: string;
 
-  /**
-   * Valid characters for hostnames are ASCII(7) letters from a to z, the digits from
-   * 0 to 9, wildcards (\*), and the hyphen (-).
-   */
-  hostname?: ListsAPI.Hostname;
+    /**
+     * The RFC 3339 timestamp of when the list was last modified.
+     */
+    modified_on: string;
 
-  /**
-   * An IPv4 address, an IPv4 CIDR, an IPv6 address, or an IPv6 CIDR.
-   */
-  ip?: string;
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
 
-  /**
-   * The RFC 3339 timestamp of when the item was last modified.
-   */
-  modified_on?: string;
+  export interface ListsListItemHostnameFull {
+    /**
+     * Defines the unique ID of the item in the List.
+     */
+    id: string;
 
-  /**
-   * The definition of the redirect.
-   */
-  redirect?: ListsAPI.Redirect;
+    /**
+     * The RFC 3339 timestamp of when the list was created.
+     */
+    created_on: string;
+
+    /**
+     * Valid characters for hostnames are ASCII(7) letters from a to z, the digits from
+     * 0 to 9, wildcards (\*), and the hyphen (-).
+     */
+    hostname: ListsAPI.Hostname;
+
+    /**
+     * The RFC 3339 timestamp of when the list was last modified.
+     */
+    modified_on: string;
+
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
+
+  export interface ListsListItemRedirectFull {
+    /**
+     * Defines the unique ID of the item in the List.
+     */
+    id: string;
+
+    /**
+     * The RFC 3339 timestamp of when the list was created.
+     */
+    created_on: string;
+
+    /**
+     * The RFC 3339 timestamp of when the list was last modified.
+     */
+    modified_on: string;
+
+    /**
+     * The definition of the redirect.
+     */
+    redirect: ListsAPI.Redirect;
+
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
+
+  export interface ListsListItemASNFull {
+    /**
+     * Defines the unique ID of the item in the List.
+     */
+    id: string;
+
+    /**
+     * Defines a non-negative 32 bit integer.
+     */
+    asn: number;
+
+    /**
+     * The RFC 3339 timestamp of when the list was created.
+     */
+    created_on: string;
+
+    /**
+     * The RFC 3339 timestamp of when the list was last modified.
+     */
+    modified_on: string;
+
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
 }
 
 export interface ItemDeleteResponse {
   /**
    * The unique operation ID of the asynchronous action.
    */
-  operation_id?: string;
+  operation_id: string;
 }
 
-export interface ItemGetResponse {
-  /**
-   * The unique ID of the list.
-   */
-  id?: string;
+export type ItemGetResponse =
+  | ItemGetResponse.ListsListItemIPFull
+  | ItemGetResponse.ListsListItemHostnameFull
+  | ItemGetResponse.ListsListItemRedirectFull
+  | ItemGetResponse.ListsListItemASNFull;
 
-  /**
-   * Defines a non-negative 32 bit integer.
-   */
-  asn?: number;
+export namespace ItemGetResponse {
+  export interface ListsListItemIPFull {
+    /**
+     * Defines the unique ID of the item in the List.
+     */
+    id: string;
 
-  /**
-   * Defines an informative summary of the list item.
-   */
-  comment?: string;
+    /**
+     * The RFC 3339 timestamp of when the list was created.
+     */
+    created_on: string;
 
-  /**
-   * The RFC 3339 timestamp of when the item was created.
-   */
-  created_on?: string;
+    /**
+     * An IPv4 address, an IPv4 CIDR, an IPv6 address, or an IPv6 CIDR.
+     */
+    ip: string;
 
-  /**
-   * Valid characters for hostnames are ASCII(7) letters from a to z, the digits from
-   * 0 to 9, wildcards (\*), and the hyphen (-).
-   */
-  hostname?: ListsAPI.Hostname;
+    /**
+     * The RFC 3339 timestamp of when the list was last modified.
+     */
+    modified_on: string;
 
-  /**
-   * An IPv4 address, an IPv4 CIDR, an IPv6 address, or an IPv6 CIDR.
-   */
-  ip?: string;
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
 
-  /**
-   * The RFC 3339 timestamp of when the item was last modified.
-   */
-  modified_on?: string;
+  export interface ListsListItemHostnameFull {
+    /**
+     * Defines the unique ID of the item in the List.
+     */
+    id: string;
 
-  /**
-   * The definition of the redirect.
-   */
-  redirect?: ListsAPI.Redirect;
+    /**
+     * The RFC 3339 timestamp of when the list was created.
+     */
+    created_on: string;
+
+    /**
+     * Valid characters for hostnames are ASCII(7) letters from a to z, the digits from
+     * 0 to 9, wildcards (\*), and the hyphen (-).
+     */
+    hostname: ListsAPI.Hostname;
+
+    /**
+     * The RFC 3339 timestamp of when the list was last modified.
+     */
+    modified_on: string;
+
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
+
+  export interface ListsListItemRedirectFull {
+    /**
+     * Defines the unique ID of the item in the List.
+     */
+    id: string;
+
+    /**
+     * The RFC 3339 timestamp of when the list was created.
+     */
+    created_on: string;
+
+    /**
+     * The RFC 3339 timestamp of when the list was last modified.
+     */
+    modified_on: string;
+
+    /**
+     * The definition of the redirect.
+     */
+    redirect: ListsAPI.Redirect;
+
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
+
+  export interface ListsListItemASNFull {
+    /**
+     * Defines the unique ID of the item in the List.
+     */
+    id: string;
+
+    /**
+     * Defines a non-negative 32 bit integer.
+     */
+    asn: number;
+
+    /**
+     * The RFC 3339 timestamp of when the list was created.
+     */
+    created_on: string;
+
+    /**
+     * The RFC 3339 timestamp of when the list was last modified.
+     */
+    modified_on: string;
+
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
 }
 
 export interface ItemCreateParams {
   /**
-   * Path param: Defines an identifier.
+   * Path param: The Account ID for this resource.
    */
   account_id: string;
 
   /**
    * Body param:
    */
-  body: Array<ItemCreateParams.Body>;
+  body: Array<
+    | ItemCreateParams.ListsListItemIPComment
+    | ItemCreateParams.ListsListItemRedirectComment
+    | ItemCreateParams.ListsListItemHostnameComment
+    | ItemCreateParams.ListsListItemASNComment
+  >;
 }
 
 export namespace ItemCreateParams {
-  export interface Body {
+  export interface ListsListItemIPComment {
     /**
-     * Defines a non-negative 32 bit integer.
+     * An IPv4 address, an IPv4 CIDR, an IPv6 address, or an IPv6 CIDR.
+     */
+    ip: string;
+
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
+
+  export interface ListsListItemRedirectComment {
+    /**
+     * The definition of the redirect.
      */
-    asn?: number;
+    redirect: ListsAPI.RedirectParam;
 
     /**
      * Defines an informative summary of the list item.
      */
     comment?: string;
+  }
 
+  export interface ListsListItemHostnameComment {
     /**
      * Valid characters for hostnames are ASCII(7) letters from a to z, the digits from
      * 0 to 9, wildcards (\*), and the hyphen (-).
      */
-    hostname?: ListsAPI.HostnameParam;
+    hostname: ListsAPI.HostnameParam;
 
     /**
-     * An IPv4 address, an IPv4 CIDR, an IPv6 address, or an IPv6 CIDR.
+     * Defines an informative summary of the list item.
      */
-    ip?: string;
+    comment?: string;
+  }
 
+  export interface ListsListItemASNComment {
     /**
-     * The definition of the redirect.
+     * Defines a non-negative 32 bit integer.
      */
-    redirect?: ListsAPI.RedirectParam;
+    asn: number;
+
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
   }
 }
 
 export interface ItemUpdateParams {
   /**
-   * Path param: Defines an identifier.
+   * Path param: The Account ID for this resource.
    */
   account_id: string;
 
   /**
    * Body param:
    */
-  body: Array<ItemUpdateParams.Body>;
+  body: Array<
+    | ItemUpdateParams.ListsListItemIPComment
+    | ItemUpdateParams.ListsListItemRedirectComment
+    | ItemUpdateParams.ListsListItemHostnameComment
+    | ItemUpdateParams.ListsListItemASNComment
+  >;
 }
 
 export namespace ItemUpdateParams {
-  export interface Body {
+  export interface ListsListItemIPComment {
     /**
-     * Defines a non-negative 32 bit integer.
+     * An IPv4 address, an IPv4 CIDR, an IPv6 address, or an IPv6 CIDR.
      */
-    asn?: number;
+    ip: string;
 
     /**
      * Defines an informative summary of the list item.
      */
     comment?: string;
+  }
+
+  export interface ListsListItemRedirectComment {
+    /**
+     * The definition of the redirect.
+     */
+    redirect: ListsAPI.RedirectParam;
 
+    /**
+     * Defines an informative summary of the list item.
+     */
+    comment?: string;
+  }
+
+  export interface ListsListItemHostnameComment {
     /**
      * Valid characters for hostnames are ASCII(7) letters from a to z, the digits from
      * 0 to 9, wildcards (\*), and the hyphen (-).
      */
-    hostname?: ListsAPI.HostnameParam;
+    hostname: ListsAPI.HostnameParam;
 
     /**
-     * An IPv4 address, an IPv4 CIDR, an IPv6 address, or an IPv6 CIDR.
+     * Defines an informative summary of the list item.
      */
-    ip?: string;
+    comment?: string;
+  }
 
+  export interface ListsListItemASNComment {
     /**
-     * The definition of the redirect.
+     * Defines a non-negative 32 bit integer.
+     */
+    asn: number;
+
+    /**
+     * Defines an informative summary of the list item.
      */
-    redirect?: ListsAPI.RedirectParam;
+    comment?: string;
   }
 }
 
 export interface ItemListParams extends CursorPaginationParams {
   /**
-   * Path param: Defines an identifier.
+   * Path param: The Account ID for this resource.
    */
   account_id: string;
 
@@ -374,7 +574,7 @@ export interface ItemListParams extends CursorPaginationParams {
 
 export interface ItemDeleteParams {
   /**
-   * Path param: Defines an identifier.
+   * Path param: The Account ID for this resource.
    */
   account_id: string;
 
@@ -390,7 +590,7 @@ export namespace ItemDeleteParams {
 
 export interface ItemGetParams {
   /**
-   * Defines an identifier.
+   * The Account ID for this resource.
    */
   account_id: string;
 }
diff --git a/src/resources/rules/lists/lists.ts b/src/resources/rules/lists/lists.ts
index b080b6eae3..0dceb4b847 100644
--- a/src/resources/rules/lists/lists.ts
+++ b/src/resources/rules/lists/lists.ts
@@ -28,7 +28,7 @@ export class Lists extends APIResource {
   items: ItemsAPI.Items = new ItemsAPI.Items(this._client);
 
   /**
-   * Creates a new list of the specified type.
+   * Creates a new list of the specified kind.
    *
    * @example
    * ```ts
@@ -151,6 +151,13 @@ export class ListsListsSinglePage extends SinglePage<ListsList> {}
  */
 export interface Hostname {
   url_hostname: string;
+
+  /**
+   * Only applies to wildcard hostnames (e.g., \*.example.com). When true (default),
+   * only subdomains are blocked. When false, both the root domain and subdomains are
+   * blocked.
+   */
+  exclude_exact_hostname?: boolean;
 }
 
 /**
@@ -159,49 +166,56 @@ export interface Hostname {
  */
 export interface HostnameParam {
   url_hostname: string;
+
+  /**
+   * Only applies to wildcard hostnames (e.g., \*.example.com). When true (default),
+   * only subdomains are blocked. When false, both the root domain and subdomains are
+   * blocked.
+   */
+  exclude_exact_hostname?: boolean;
 }
 
 export interface ListsList {
   /**
    * The unique ID of the list.
    */
-  id?: string;
+  id: string;
 
   /**
    * The RFC 3339 timestamp of when the list was created.
    */
-  created_on?: string;
-
-  /**
-   * An informative summary of the list.
-   */
-  description?: string;
+  created_on: string;
 
   /**
    * The type of the list. Each type supports specific list items (IP addresses,
    * ASNs, hostnames or redirects).
    */
-  kind?: 'ip' | 'redirect' | 'hostname' | 'asn';
+  kind: 'ip' | 'redirect' | 'hostname' | 'asn';
 
   /**
    * The RFC 3339 timestamp of when the list was last modified.
    */
-  modified_on?: string;
+  modified_on: string;
 
   /**
    * An informative name for the list. Use this name in filter and rule expressions.
    */
-  name?: string;
+  name: string;
 
   /**
    * The number of items in the list.
    */
-  num_items?: number;
+  num_items: number;
+
+  /**
+   * The number of [filters](/api/resources/filters/) referencing the list.
+   */
+  num_referencing_filters: number;
 
   /**
-   * The number of [filters](/operations/filters-list-filters) referencing the list.
+   * An informative summary of the list.
    */
-  num_referencing_filters?: number;
+  description?: string;
 }
 
 /**
@@ -246,141 +260,141 @@ export interface ListCreateResponse {
   /**
    * The unique ID of the list.
    */
-  id?: string;
+  id: string;
 
   /**
    * The RFC 3339 timestamp of when the list was created.
    */
-  created_on?: string;
-
-  /**
-   * An informative summary of the list.
-   */
-  description?: string;
+  created_on: string;
 
   /**
    * The type of the list. Each type supports specific list items (IP addresses,
    * ASNs, hostnames or redirects).
    */
-  kind?: 'ip' | 'redirect' | 'hostname' | 'asn';
+  kind: 'ip' | 'redirect' | 'hostname' | 'asn';
 
   /**
    * The RFC 3339 timestamp of when the list was last modified.
    */
-  modified_on?: string;
+  modified_on: string;
 
   /**
    * An informative name for the list. Use this name in filter and rule expressions.
    */
-  name?: string;
+  name: string;
 
   /**
    * The number of items in the list.
    */
-  num_items?: number;
+  num_items: number;
 
   /**
-   * The number of [filters](/operations/filters-list-filters) referencing the list.
+   * The number of [filters](/api/resources/filters/) referencing the list.
    */
-  num_referencing_filters?: number;
+  num_referencing_filters: number;
+
+  /**
+   * An informative summary of the list.
+   */
+  description?: string;
 }
 
 export interface ListUpdateResponse {
   /**
    * The unique ID of the list.
    */
-  id?: string;
+  id: string;
 
   /**
    * The RFC 3339 timestamp of when the list was created.
    */
-  created_on?: string;
-
-  /**
-   * An informative summary of the list.
-   */
-  description?: string;
+  created_on: string;
 
   /**
    * The type of the list. Each type supports specific list items (IP addresses,
    * ASNs, hostnames or redirects).
    */
-  kind?: 'ip' | 'redirect' | 'hostname' | 'asn';
+  kind: 'ip' | 'redirect' | 'hostname' | 'asn';
 
   /**
    * The RFC 3339 timestamp of when the list was last modified.
    */
-  modified_on?: string;
+  modified_on: string;
 
   /**
    * An informative name for the list. Use this name in filter and rule expressions.
    */
-  name?: string;
+  name: string;
 
   /**
    * The number of items in the list.
    */
-  num_items?: number;
+  num_items: number;
 
   /**
-   * The number of [filters](/operations/filters-list-filters) referencing the list.
+   * The number of [filters](/api/resources/filters/) referencing the list.
    */
-  num_referencing_filters?: number;
+  num_referencing_filters: number;
+
+  /**
+   * An informative summary of the list.
+   */
+  description?: string;
 }
 
 export interface ListDeleteResponse {
   /**
-   * Defines the unique ID of the item in the List.
+   * The unique ID of the list.
    */
-  id?: string;
+  id: string;
 }
 
 export interface ListGetResponse {
   /**
    * The unique ID of the list.
    */
-  id?: string;
+  id: string;
 
   /**
    * The RFC 3339 timestamp of when the list was created.
    */
-  created_on?: string;
-
-  /**
-   * An informative summary of the list.
-   */
-  description?: string;
+  created_on: string;
 
   /**
    * The type of the list. Each type supports specific list items (IP addresses,
    * ASNs, hostnames or redirects).
    */
-  kind?: 'ip' | 'redirect' | 'hostname' | 'asn';
+  kind: 'ip' | 'redirect' | 'hostname' | 'asn';
 
   /**
    * The RFC 3339 timestamp of when the list was last modified.
    */
-  modified_on?: string;
+  modified_on: string;
 
   /**
    * An informative name for the list. Use this name in filter and rule expressions.
    */
-  name?: string;
+  name: string;
 
   /**
    * The number of items in the list.
    */
-  num_items?: number;
+  num_items: number;
+
+  /**
+   * The number of [filters](/api/resources/filters/) referencing the list.
+   */
+  num_referencing_filters: number;
 
   /**
-   * The number of [filters](/operations/filters-list-filters) referencing the list.
+   * An informative summary of the list.
    */
-  num_referencing_filters?: number;
+  description?: string;
 }
 
 export interface ListCreateParams {
   /**
-   * Path param: Defines an identifier.
+   * Path param: The Account ID for this resource.
    */
   account_id: string;
 
@@ -404,7 +418,7 @@ export interface ListCreateParams {
 
 export interface ListUpdateParams {
   /**
-   * Path param: Defines an identifier.
+   * Path param: The Account ID for this resource.
    */
   account_id: string;
 
@@ -416,21 +430,21 @@ export interface ListUpdateParams {
 
 export interface ListListParams {
   /**
-   * Defines an identifier.
+   * The Account ID for this resource.
    */
   account_id: string;
 }
 
 export interface ListDeleteParams {
   /**
-   * Defines an identifier.
+   * The Account ID for this resource.
    */
   account_id: string;
 }
 
 export interface ListGetParams {
   /**
-   * Defines an identifier.
+   * The Account ID for this resource.
    */
   account_id: string;
 }
diff --git a/src/resources/rulesets/rules.ts b/src/resources/rulesets/rules.ts
index 1bb54af0c9..7fa53d2d14 100644
--- a/src/resources/rulesets/rules.ts
+++ b/src/resources/rulesets/rules.ts
@@ -4828,7 +4828,7 @@ export namespace SetCacheSettingsRule {
       /**
        * Determines which browser ttl mode to use.
        */
-      mode: 'respect_origin' | 'bypass_by_default' | 'override_origin';
+      mode: 'respect_origin' | 'bypass_by_default' | 'override_origin' | 'bypass';
 
       /**
        * The TTL (in seconds) if you choose override_origin mode.
@@ -5344,7 +5344,7 @@ export namespace SetCacheSettingsRuleParam {
       /**
        * Determines which browser ttl mode to use.
        */
-      mode: 'respect_origin' | 'bypass_by_default' | 'override_origin';
+      mode: 'respect_origin' | 'bypass_by_default' | 'override_origin' | 'bypass';
 
       /**
        * The TTL (in seconds) if you choose override_origin mode.
@@ -6273,6 +6273,12 @@ export namespace SkipRule {
    * The parameters configuring the rule's action.
    */
   export interface ActionParameters {
+    /**
+     * A phase to skip the execution of. This property is only compatible with
+     * products.
+     */
+    phase?: 'current';
+
     /**
      * A list of phases to skip the execution of. This option is incompatible with the
      * rulesets option.
@@ -6427,6 +6433,12 @@ export namespace SkipRuleParam {
    * The parameters configuring the rule's action.
    */
   export interface ActionParameters {
+    /**
+     * A phase to skip the execution of. This property is only compatible with
+     * products.
+     */
+    phase?: 'current';
+
     /**
      * A list of phases to skip the execution of. This option is incompatible with the
      * rulesets option.
@@ -10359,6 +10371,12 @@ export declare namespace RuleCreateParams {
      * The parameters configuring the rule's action.
      */
     export interface ActionParameters {
+      /**
+       * A phase to skip the execution of. This property is only compatible with
+       * products.
+       */
+      phase?: 'current';
+
       /**
        * A list of phases to skip the execution of. This option is incompatible with the
        * rulesets option.
@@ -10646,7 +10664,7 @@ export declare namespace RuleCreateParams {
         /**
          * Determines which browser ttl mode to use.
          */
-        mode: 'respect_origin' | 'bypass_by_default' | 'override_origin';
+        mode: 'respect_origin' | 'bypass_by_default' | 'override_origin' | 'bypass';
 
         /**
          * The TTL (in seconds) if you choose override_origin mode.
@@ -14501,6 +14519,12 @@ export declare namespace RuleEditParams {
      * The parameters configuring the rule's action.
      */
     export interface ActionParameters {
+      /**
+       * A phase to skip the execution of. This property is only compatible with
+       * products.
+       */
+      phase?: 'current';
+
       /**
        * A list of phases to skip the execution of. This option is incompatible with the
        * rulesets option.
@@ -14788,7 +14812,7 @@ export declare namespace RuleEditParams {
         /**
          * Determines which browser ttl mode to use.
          */
-        mode: 'respect_origin' | 'bypass_by_default' | 'override_origin';
+        mode: 'respect_origin' | 'bypass_by_default' | 'override_origin' | 'bypass';
 
         /**
          * The TTL (in seconds) if you choose override_origin mode.
diff --git a/src/resources/secrets-store/stores/secrets.ts b/src/resources/secrets-store/stores/secrets.ts
index 226f6c00d5..1ab72e50dc 100644
--- a/src/resources/secrets-store/stores/secrets.ts
+++ b/src/resources/secrets-store/stores/secrets.ts
@@ -18,7 +18,7 @@ export class Secrets extends APIResource {
    *     body: [
    *       {
    *         name: 'MY_API_KEY',
-   *         scopes: ['workers'],
+   *         scopes: ['workers', 'ai_gateway'],
    *         value: 'api-token-secret-123',
    *       },
    *     ],
@@ -135,6 +135,7 @@ export class Secrets extends APIResource {
    *     {
    *       account_id: '985e105f4ecef8ad9ca31a8372d0c353',
    *       name: 'MY_API_KEY',
+   *       scopes: ['workers', 'ai_gateway'],
    *     },
    *   );
    * ```
@@ -163,10 +164,7 @@ export class Secrets extends APIResource {
    *   await client.secretsStore.stores.secrets.edit(
    *     '023e105f4ecef8ad9ca31a8372d0c353',
    *     '3fd85f74b32742f1bff64a85009dda07',
-   *     {
-   *       account_id: '985e105f4ecef8ad9ca31a8372d0c353',
-   *       name: 'MY_API_KEY',
-   *     },
+   *     { account_id: '985e105f4ecef8ad9ca31a8372d0c353' },
    *   );
    * ```
    */
@@ -486,6 +484,11 @@ export namespace SecretCreateParams {
      * provide this value, it is only used to create/modify secrets.
      */
     value: string;
+
+    /**
+     * Freeform text describing the secret
+     */
+    comment?: string;
   }
 }
 
@@ -505,6 +508,11 @@ export interface SecretListParams extends V4PagePaginationArrayParams {
    */
   order?: 'name' | 'comment' | 'created' | 'modified' | 'status';
 
+  /**
+   * Query param: Only secrets with the given scopes will be returned
+   */
+  scopes?: Array<Array<string>>;
+
   /**
    * Query param: Search secrets using a filter string, filtering across name and
    * comment
@@ -536,6 +544,16 @@ export interface SecretDuplicateParams {
    * Body param: The name of the secret
    */
   name: string;
+
+  /**
+   * Body param: The list of services that can use this secret.
+   */
+  scopes: Array<string>;
+
+  /**
+   * Body param: Freeform text describing the secret
+   */
+  comment?: string;
 }
 
 export interface SecretEditParams {
@@ -545,20 +563,14 @@ export interface SecretEditParams {
   account_id: string;
 
   /**
-   * Body param: The name of the secret
+   * Body param: Freeform text describing the secret
    */
-  name: string;
+  comment?: string;
 
   /**
    * Body param: The list of services that can use this secret.
    */
   scopes?: Array<string>;
-
-  /**
-   * Body param: The value of the secret. Note that this is 'write only' - no API
-   * reponse will provide this value, it is only used to create/modify secrets.
-   */
-  value?: string;
 }
 
 export interface SecretGetParams {
diff --git a/src/resources/shared.ts b/src/resources/shared.ts
index f6bea7bc14..22daf55aff 100644
--- a/src/resources/shared.ts
+++ b/src/resources/shared.ts
@@ -140,6 +140,13 @@ export interface CloudflareTunnel {
    */
   account_tag?: string;
 
+  /**
+   * Indicates if this is a locally or remotely configured tunnel. If `local`, manage
+   * the tunnel using a YAML file on the origin machine. If `cloudflare`, manage the
+   * tunnel on the Zero Trust dashboard.
+   */
+  config_src?: 'local' | 'cloudflare';
+
   /**
    * @deprecated This field will start returning an empty array. To fetch the
    * connections of a given tunnel, please use the dedicated endpoint
@@ -181,8 +188,7 @@ export interface CloudflareTunnel {
   name?: string;
 
   /**
-   * If `true`, the tunnel can be configured remotely from the Zero Trust dashboard.
-   * If `false`, the tunnel must be configured locally on the origin machine.
+   * @deprecated Use the config_src field instead.
    */
   remote_config?: boolean;
 
@@ -890,7 +896,7 @@ export interface TokenPolicy {
   /**
    * A list of resource names that the policy applies to.
    */
-  resources: { [key: string]: string | { [key: string]: string } };
+  resources: { [key: string]: string } | { [key: string]: { [key: string]: string } };
 }
 
 export namespace TokenPolicy {
@@ -941,7 +947,7 @@ export interface TokenPolicyParam {
   /**
    * A list of resource names that the policy applies to.
    */
-  resources: { [key: string]: string | { [key: string]: string } };
+  resources: { [key: string]: string } | { [key: string]: { [key: string]: string } };
 }
 
 export namespace TokenPolicyParam {
diff --git a/src/resources/snippets/content.ts b/src/resources/snippets/content.ts
index 219beeca59..4f651ea537 100644
--- a/src/resources/snippets/content.ts
+++ b/src/resources/snippets/content.ts
@@ -6,18 +6,7 @@ import { type Response } from '../../_shims/index';
 
 export class Content extends APIResource {
   /**
-   * Snippet Content
-   *
-   * @example
-   * ```ts
-   * const content = await client.snippets.content.get(
-   *   'snippet_name_01',
-   *   { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' },
-   * );
-   *
-   * const data = await content.blob();
-   * console.log(data);
-   * ```
+   * Fetches the content of a snippet belonging to the zone.
    */
   get(
     snippetName: string,
@@ -35,7 +24,7 @@ export class Content extends APIResource {
 
 export interface ContentGetParams {
   /**
-   * Identifier
+   * The unique ID of the zone.
    */
   zone_id: string;
 }
diff --git a/src/resources/snippets/index.ts b/src/resources/snippets/index.ts
index 66e9b771d0..0402f0d9f7 100644
--- a/src/resources/snippets/index.ts
+++ b/src/resources/snippets/index.ts
@@ -4,6 +4,7 @@ export { Content, type ContentGetParams } from './content';
 export {
   RuleUpdateResponsesSinglePage,
   RuleListResponsesSinglePage,
+  RuleDeleteResponsesSinglePage,
   Rules,
   type RuleUpdateResponse,
   type RuleListResponse,
diff --git a/src/resources/snippets/rules.ts b/src/resources/snippets/rules.ts
index 69cf9823b9..fa1b544710 100644
--- a/src/resources/snippets/rules.ts
+++ b/src/resources/snippets/rules.ts
@@ -2,22 +2,11 @@
 
 import { APIResource } from '../../resource';
 import * as Core from '../../core';
-import * as Shared from '../shared';
 import { SinglePage } from '../../pagination';
 
 export class Rules extends APIResource {
   /**
-   * Put Rules
-   *
-   * @example
-   * ```ts
-   * // Automatically fetches more pages as needed.
-   * for await (const ruleUpdateResponse of client.snippets.rules.update(
-   *   { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' },
-   * )) {
-   *   // ...
-   * }
-   * ```
+   * Updates all snippet rules belonging to the zone.
    */
   update(
     params: RuleUpdateParams,
@@ -32,17 +21,7 @@ export class Rules extends APIResource {
   }
 
   /**
-   * Rules
-   *
-   * @example
-   * ```ts
-   * // Automatically fetches more pages as needed.
-   * for await (const ruleListResponse of client.snippets.rules.list(
-   *   { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' },
-   * )) {
-   *   // ...
-   * }
-   * ```
+   * Fetches all snippet rules belonging to the zone.
    */
   list(
     params: RuleListParams,
@@ -57,18 +36,18 @@ export class Rules extends APIResource {
   }
 
   /**
-   * Delete All Rules
-   *
-   * @example
-   * ```ts
-   * const rule = await client.snippets.rules.delete({
-   *   zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
-   * });
-   * ```
+   * Deletes all snippet rules belonging to the zone.
    */
-  delete(params: RuleDeleteParams, options?: Core.RequestOptions): Core.APIPromise<RuleDeleteResponse> {
+  delete(
+    params: RuleDeleteParams,
+    options?: Core.RequestOptions,
+  ): Core.PagePromise<RuleDeleteResponsesSinglePage, RuleDeleteResponse> {
     const { zone_id } = params;
-    return this._client.delete(`/zones/${zone_id}/snippets/snippet_rules`, options);
+    return this._client.getAPIList(
+      `/zones/${zone_id}/snippets/snippet_rules`,
+      RuleDeleteResponsesSinglePage,
+      { method: 'delete', ...options },
+    );
   }
 }
 
@@ -76,86 +55,169 @@ export class RuleUpdateResponsesSinglePage extends SinglePage<RuleUpdateResponse
 
 export class RuleListResponsesSinglePage extends SinglePage<RuleListResponse> {}
 
+export class RuleDeleteResponsesSinglePage extends SinglePage<RuleDeleteResponse> {}
+
+/**
+ * A snippet rule.
+ */
 export interface RuleUpdateResponse {
-  description?: string;
+  /**
+   * The unique ID of the rule.
+   */
+  id: string;
 
-  enabled?: boolean;
+  /**
+   * The expression defining which traffic will match the rule.
+   */
+  expression: string;
 
-  expression?: string;
+  /**
+   * The timestamp of when the rule was last modified.
+   */
+  last_updated: string;
 
   /**
-   * Snippet identifying name
+   * The identifying name of the snippet.
    */
-  snippet_name?: string;
-}
+  snippet_name: string;
 
-export interface RuleListResponse {
+  /**
+   * An informative description of the rule.
+   */
   description?: string;
 
+  /**
+   * Whether the rule should be executed.
+   */
   enabled?: boolean;
+}
+
+/**
+ * A snippet rule.
+ */
+export interface RuleListResponse {
+  /**
+   * The unique ID of the rule.
+   */
+  id: string;
+
+  /**
+   * The expression defining which traffic will match the rule.
+   */
+  expression: string;
+
+  /**
+   * The timestamp of when the rule was last modified.
+   */
+  last_updated: string;
+
+  /**
+   * The identifying name of the snippet.
+   */
+  snippet_name: string;
 
-  expression?: string;
+  /**
+   * An informative description of the rule.
+   */
+  description?: string;
 
   /**
-   * Snippet identifying name
+   * Whether the rule should be executed.
    */
-  snippet_name?: string;
+  enabled?: boolean;
 }
 
+/**
+ * A snippet rule.
+ */
 export interface RuleDeleteResponse {
-  errors: Array<Shared.ResponseInfo>;
+  /**
+   * The unique ID of the rule.
+   */
+  id: string;
+
+  /**
+   * The expression defining which traffic will match the rule.
+   */
+  expression: string;
+
+  /**
+   * The timestamp of when the rule was last modified.
+   */
+  last_updated: string;
+
+  /**
+   * The identifying name of the snippet.
+   */
+  snippet_name: string;
 
-  messages: Array<Shared.ResponseInfo>;
+  /**
+   * An informative description of the rule.
+   */
+  description?: string;
 
   /**
-   * Whether the API call was successful
+   * Whether the rule should be executed.
    */
-  success: true;
+  enabled?: boolean;
 }
 
 export interface RuleUpdateParams {
   /**
-   * Path param: Identifier
+   * Path param: The unique ID of the zone.
    */
   zone_id: string;
 
   /**
-   * Body param: List of snippet rules
+   * Body param: A list of snippet rules.
    */
-  rules?: Array<RuleUpdateParams.Rule>;
+  rules: Array<RuleUpdateParams.Rule>;
 }
 
 export namespace RuleUpdateParams {
+  /**
+   * A snippet rule.
+   */
   export interface Rule {
-    description?: string;
+    /**
+     * The expression defining which traffic will match the rule.
+     */
+    expression: string;
 
-    enabled?: boolean;
+    /**
+     * The identifying name of the snippet.
+     */
+    snippet_name: string;
 
-    expression?: string;
+    /**
+     * An informative description of the rule.
+     */
+    description?: string;
 
     /**
-     * Snippet identifying name
+     * Whether the rule should be executed.
      */
-    snippet_name?: string;
+    enabled?: boolean;
   }
 }
 
 export interface RuleListParams {
   /**
-   * Identifier
+   * The unique ID of the zone.
    */
   zone_id: string;
 }
 
 export interface RuleDeleteParams {
   /**
-   * Identifier
+   * The unique ID of the zone.
    */
   zone_id: string;
 }
 
 Rules.RuleUpdateResponsesSinglePage = RuleUpdateResponsesSinglePage;
 Rules.RuleListResponsesSinglePage = RuleListResponsesSinglePage;
+Rules.RuleDeleteResponsesSinglePage = RuleDeleteResponsesSinglePage;
 
 export declare namespace Rules {
   export {
@@ -164,6 +226,7 @@ export declare namespace Rules {
     type RuleDeleteResponse as RuleDeleteResponse,
     RuleUpdateResponsesSinglePage as RuleUpdateResponsesSinglePage,
     RuleListResponsesSinglePage as RuleListResponsesSinglePage,
+    RuleDeleteResponsesSinglePage as RuleDeleteResponsesSinglePage,
     type RuleUpdateParams as RuleUpdateParams,
     type RuleListParams as RuleListParams,
     type RuleDeleteParams as RuleDeleteParams,
diff --git a/src/resources/snippets/snippets.ts b/src/resources/snippets/snippets.ts
index 8eb0182537..41075b61da 100644
--- a/src/resources/snippets/snippets.ts
+++ b/src/resources/snippets/snippets.ts
@@ -2,13 +2,13 @@
 
 import { APIResource } from '../../resource';
 import * as Core from '../../core';
-import * as Shared from '../shared';
 import * as ContentAPI from './content';
 import { Content, ContentGetParams } from './content';
 import * as RulesAPI from './rules';
 import {
   RuleDeleteParams,
   RuleDeleteResponse,
+  RuleDeleteResponsesSinglePage,
   RuleListParams,
   RuleListResponse,
   RuleListResponsesSinglePage,
@@ -17,194 +17,207 @@ import {
   RuleUpdateResponsesSinglePage,
   Rules,
 } from './rules';
-import { SinglePage } from '../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../pagination';
 
 export class Snippets extends APIResource {
   content: ContentAPI.Content = new ContentAPI.Content(this._client);
   rules: RulesAPI.Rules = new RulesAPI.Rules(this._client);
 
   /**
-   * Put Snippet
-   *
-   * @example
-   * ```ts
-   * const snippet = await client.snippets.update(
-   *   'snippet_name_01',
-   *   { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' },
-   * );
-   * ```
+   * Creates or updates a snippet belonging to the zone.
    */
   update(
     snippetName: string,
     params: SnippetUpdateParams,
     options?: Core.RequestOptions,
-  ): Core.APIPromise<Snippet> {
+  ): Core.APIPromise<SnippetUpdateResponse> {
     const { zone_id, ...body } = params;
     return (
       this._client.put(
         `/zones/${zone_id}/snippets/${snippetName}`,
         Core.multipartFormRequestOptions({ body, ...options }),
-      ) as Core.APIPromise<{ result: Snippet }>
+      ) as Core.APIPromise<{ result: SnippetUpdateResponse }>
     )._thenUnwrap((obj) => obj.result);
   }
 
   /**
-   * All Snippets
-   *
-   * @example
-   * ```ts
-   * // Automatically fetches more pages as needed.
-   * for await (const snippet of client.snippets.list({
-   *   zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
-   * })) {
-   *   // ...
-   * }
-   * ```
+   * Fetches all snippets belonging to the zone.
    */
   list(
     params: SnippetListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<SnippetsSinglePage, Snippet> {
-    const { zone_id } = params;
-    return this._client.getAPIList(`/zones/${zone_id}/snippets`, SnippetsSinglePage, options);
+  ): Core.PagePromise<SnippetListResponsesV4PagePaginationArray, SnippetListResponse> {
+    const { zone_id, ...query } = params;
+    return this._client.getAPIList(`/zones/${zone_id}/snippets`, SnippetListResponsesV4PagePaginationArray, {
+      query,
+      ...options,
+    });
   }
 
   /**
-   * Delete Snippet
-   *
-   * @example
-   * ```ts
-   * const snippet = await client.snippets.delete(
-   *   'snippet_name_01',
-   *   { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' },
-   * );
-   * ```
+   * Deletes a snippet belonging to the zone.
    */
   delete(
     snippetName: string,
     params: SnippetDeleteParams,
     options?: Core.RequestOptions,
-  ): Core.APIPromise<SnippetDeleteResponse> {
+  ): Core.APIPromise<SnippetDeleteResponse | null> {
     const { zone_id } = params;
-    return this._client.delete(`/zones/${zone_id}/snippets/${snippetName}`, options);
+    return (
+      this._client.delete(`/zones/${zone_id}/snippets/${snippetName}`, options) as Core.APIPromise<{
+        result: SnippetDeleteResponse | null;
+      }>
+    )._thenUnwrap((obj) => obj.result);
   }
 
   /**
-   * Snippet
-   *
-   * @example
-   * ```ts
-   * const snippet = await client.snippets.get(
-   *   'snippet_name_01',
-   *   { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' },
-   * );
-   * ```
+   * Fetches a snippet belonging to the zone.
    */
   get(
     snippetName: string,
     params: SnippetGetParams,
     options?: Core.RequestOptions,
-  ): Core.APIPromise<Snippet> {
+  ): Core.APIPromise<SnippetGetResponse> {
     const { zone_id } = params;
     return (
       this._client.get(`/zones/${zone_id}/snippets/${snippetName}`, options) as Core.APIPromise<{
-        result: Snippet;
+        result: SnippetGetResponse;
       }>
     )._thenUnwrap((obj) => obj.result);
   }
 }
 
-export class SnippetsSinglePage extends SinglePage<Snippet> {}
+export class SnippetListResponsesV4PagePaginationArray extends V4PagePaginationArray<SnippetListResponse> {}
 
 /**
- * Snippet Information
+ * A result.
  */
-export interface Snippet {
+export interface SnippetUpdateResponse {
   /**
-   * Creation time of the snippet
+   * The timestamp of when the snippet was created.
    */
-  created_on?: string;
+  created_on: string;
 
   /**
-   * Modification time of the snippet
+   * The identifying name of the snippet.
+   */
+  snippet_name: string;
+
+  /**
+   * The timestamp of when the snippet was last modified.
    */
   modified_on?: string;
+}
 
+/**
+ * A snippet object.
+ */
+export interface SnippetListResponse {
   /**
-   * Snippet identifying name
+   * The timestamp of when the snippet was created.
    */
-  snippet_name?: string;
+  created_on: string;
+
+  /**
+   * The identifying name of the snippet.
+   */
+  snippet_name: string;
+
+  /**
+   * The timestamp of when the snippet was last modified.
+   */
+  modified_on?: string;
 }
 
-export interface SnippetDeleteResponse {
-  errors: Array<Shared.ResponseInfo>;
+/**
+ * A result.
+ */
+export type SnippetDeleteResponse = string | null;
+
+/**
+ * A result.
+ */
+export interface SnippetGetResponse {
+  /**
+   * The timestamp of when the snippet was created.
+   */
+  created_on: string;
 
-  messages: Array<Shared.ResponseInfo>;
+  /**
+   * The identifying name of the snippet.
+   */
+  snippet_name: string;
 
   /**
-   * Whether the API call was successful
+   * The timestamp of when the snippet was last modified.
    */
-  success: true;
+  modified_on?: string;
 }
 
 export interface SnippetUpdateParams {
   /**
-   * Path param: Identifier
+   * Path param: The unique ID of the zone.
    */
   zone_id: string;
 
   /**
-   * Body param: Content files of uploaded snippet
+   * Body param: The list of files belonging to the snippet.
    */
-  files?: string;
+  files: Array<Core.Uploadable>;
 
   /**
-   * Body param:
+   * Body param: Metadata about the snippet.
    */
-  metadata?: SnippetUpdateParams.Metadata;
+  metadata: SnippetUpdateParams.Metadata;
 }
 
 export namespace SnippetUpdateParams {
+  /**
+   * Metadata about the snippet.
+   */
   export interface Metadata {
     /**
-     * Main module name of uploaded snippet
+     * Name of the file that contains the main module of the snippet.
      */
-    main_module?: string;
+    main_module: string;
   }
 }
 
-export interface SnippetListParams {
+export interface SnippetListParams extends V4PagePaginationArrayParams {
   /**
-   * Identifier
+   * Path param: The unique ID of the zone.
    */
   zone_id: string;
 }
 
 export interface SnippetDeleteParams {
   /**
-   * Identifier
+   * The unique ID of the zone.
    */
   zone_id: string;
 }
 
 export interface SnippetGetParams {
   /**
-   * Identifier
+   * The unique ID of the zone.
    */
   zone_id: string;
 }
 
-Snippets.SnippetsSinglePage = SnippetsSinglePage;
+Snippets.SnippetListResponsesV4PagePaginationArray = SnippetListResponsesV4PagePaginationArray;
 Snippets.Content = Content;
 Snippets.Rules = Rules;
 Snippets.RuleUpdateResponsesSinglePage = RuleUpdateResponsesSinglePage;
 Snippets.RuleListResponsesSinglePage = RuleListResponsesSinglePage;
+Snippets.RuleDeleteResponsesSinglePage = RuleDeleteResponsesSinglePage;
 
 export declare namespace Snippets {
   export {
-    type Snippet as Snippet,
+    type SnippetUpdateResponse as SnippetUpdateResponse,
+    type SnippetListResponse as SnippetListResponse,
     type SnippetDeleteResponse as SnippetDeleteResponse,
-    SnippetsSinglePage as SnippetsSinglePage,
+    type SnippetGetResponse as SnippetGetResponse,
+    SnippetListResponsesV4PagePaginationArray as SnippetListResponsesV4PagePaginationArray,
     type SnippetUpdateParams as SnippetUpdateParams,
     type SnippetListParams as SnippetListParams,
     type SnippetDeleteParams as SnippetDeleteParams,
@@ -220,6 +233,7 @@ export declare namespace Snippets {
     type RuleDeleteResponse as RuleDeleteResponse,
     RuleUpdateResponsesSinglePage as RuleUpdateResponsesSinglePage,
     RuleListResponsesSinglePage as RuleListResponsesSinglePage,
+    RuleDeleteResponsesSinglePage as RuleDeleteResponsesSinglePage,
     type RuleUpdateParams as RuleUpdateParams,
     type RuleListParams as RuleListParams,
     type RuleDeleteParams as RuleDeleteParams,
diff --git a/src/resources/ssl/certificate-packs/certificate-packs.ts b/src/resources/ssl/certificate-packs/certificate-packs.ts
index 8ce7a97e6b..9ec84ff8a9 100644
--- a/src/resources/ssl/certificate-packs/certificate-packs.ts
+++ b/src/resources/ssl/certificate-packs/certificate-packs.ts
@@ -227,19 +227,82 @@ export interface CertificatePackCreateResponse {
   /**
    * Type of certificate pack.
    */
-  type?: 'advanced';
+  type?:
+    | 'mh_custom'
+    | 'managed_hostname'
+    | 'sni_custom'
+    | 'universal'
+    | 'advanced'
+    | 'total_tls'
+    | 'keyless'
+    | 'legacy_custom';
+
+  /**
+   * Domain validation errors that have been received by the certificate authority
+   * (CA).
+   */
+  validation_errors?: Array<CertificatePackCreateResponse.ValidationError>;
 
   /**
    * Validation Method selected for the order.
    */
   validation_method?: 'txt' | 'http' | 'email';
 
+  /**
+   * Certificates' validation records. Only present when certificate pack is in
+   * "pending_validation" status
+   */
+  validation_records?: Array<CertificatePackCreateResponse.ValidationRecord>;
+
   /**
    * Validity Days selected for the order.
    */
   validity_days?: 14 | 30 | 90 | 365;
 }
 
+export namespace CertificatePackCreateResponse {
+  export interface ValidationError {
+    /**
+     * A domain validation error.
+     */
+    message?: string;
+  }
+
+  /**
+   * Certificate's required validation record.
+   */
+  export interface ValidationRecord {
+    /**
+     * The set of email addresses that the certificate authority (CA) will use to
+     * complete domain validation.
+     */
+    emails?: Array<string>;
+
+    /**
+     * The content that the certificate authority (CA) will expect to find at the
+     * http_url during the domain validation.
+     */
+    http_body?: string;
+
+    /**
+     * The url that will be checked during domain validation.
+     */
+    http_url?: string;
+
+    /**
+     * The hostname that the certificate authority (CA) will check for a TXT record
+     * during domain validation .
+     */
+    txt_name?: string;
+
+    /**
+     * The TXT record that the certificate authority (CA) will check during domain
+     * validation.
+     */
+    txt_value?: string;
+  }
+}
+
 export type CertificatePackListResponse = unknown;
 
 export interface CertificatePackDeleteResponse {
@@ -282,19 +345,82 @@ export interface CertificatePackEditResponse {
   /**
    * Type of certificate pack.
    */
-  type?: 'advanced';
+  type?:
+    | 'mh_custom'
+    | 'managed_hostname'
+    | 'sni_custom'
+    | 'universal'
+    | 'advanced'
+    | 'total_tls'
+    | 'keyless'
+    | 'legacy_custom';
+
+  /**
+   * Domain validation errors that have been received by the certificate authority
+   * (CA).
+   */
+  validation_errors?: Array<CertificatePackEditResponse.ValidationError>;
 
   /**
    * Validation Method selected for the order.
    */
   validation_method?: 'txt' | 'http' | 'email';
 
+  /**
+   * Certificates' validation records. Only present when certificate pack is in
+   * "pending_validation" status
+   */
+  validation_records?: Array<CertificatePackEditResponse.ValidationRecord>;
+
   /**
    * Validity Days selected for the order.
    */
   validity_days?: 14 | 30 | 90 | 365;
 }
 
+export namespace CertificatePackEditResponse {
+  export interface ValidationError {
+    /**
+     * A domain validation error.
+     */
+    message?: string;
+  }
+
+  /**
+   * Certificate's required validation record.
+   */
+  export interface ValidationRecord {
+    /**
+     * The set of email addresses that the certificate authority (CA) will use to
+     * complete domain validation.
+     */
+    emails?: Array<string>;
+
+    /**
+     * The content that the certificate authority (CA) will expect to find at the
+     * http_url during the domain validation.
+     */
+    http_body?: string;
+
+    /**
+     * The url that will be checked during domain validation.
+     */
+    http_url?: string;
+
+    /**
+     * The hostname that the certificate authority (CA) will check for a TXT record
+     * during domain validation .
+     */
+    txt_name?: string;
+
+    /**
+     * The TXT record that the certificate authority (CA) will check during domain
+     * validation.
+     */
+    txt_value?: string;
+  }
+}
+
 export type CertificatePackGetResponse = unknown;
 
 export interface CertificatePackCreateParams {
diff --git a/src/resources/ssl/recommendations.ts b/src/resources/ssl/recommendations.ts
index dcc7ff0ae0..184192cc6e 100644
--- a/src/resources/ssl/recommendations.ts
+++ b/src/resources/ssl/recommendations.ts
@@ -7,12 +7,7 @@ export class Recommendations extends APIResource {
   /**
    * Retrieve the SSL/TLS Recommender's recommendation for a zone.
    *
-   * @example
-   * ```ts
-   * const recommendation = await client.ssl.recommendations.get(
-   *   { zone_id: '023e105f4ecef8ad9ca31a8372d0c353' },
-   * );
-   * ```
+   * @deprecated SSL/TLS Recommender has been decommissioned in favor of Automatic SSL/TLS
    */
   get(
     params: RecommendationGetParams,
@@ -28,20 +23,30 @@ export class Recommendations extends APIResource {
 }
 
 export interface RecommendationGetResponse {
+  id: string;
+
   /**
-   * Identifier of a recommendation result.
+   * Whether this setting can be updated or not.
    */
-  id?: string;
+  editable: boolean;
 
-  modified_on?: string;
+  /**
+   * Last time this setting was modified.
+   */
+  modified_on: string;
 
-  value?: 'flexible' | 'full' | 'strict';
-}
+  /**
+   * Current setting of the automatic SSL/TLS.
+   */
+  value: 'auto' | 'custom';
 
-export interface RecommendationGetParams {
   /**
-   * Identifier.
+   * Next time this zone will be scanned by the Automatic SSL/TLS.
    */
+  next_scheduled_scan?: string | null;
+}
+
+export interface RecommendationGetParams {
   zone_id: string;
 }
 
diff --git a/src/resources/stream/clip.ts b/src/resources/stream/clip.ts
index d4d5658868..36283ca91a 100644
--- a/src/resources/stream/clip.ts
+++ b/src/resources/stream/clip.ts
@@ -96,7 +96,7 @@ export interface Clip {
   /**
    * Specifies the processing status for all quality levels for a video.
    */
-  status?: 'pendingupload' | 'downloading' | 'queued' | 'inprogress' | 'ready' | 'error';
+  status?: 'pendingupload' | 'downloading' | 'queued' | 'inprogress' | 'ready' | 'error' | 'live-inprogress';
 
   /**
    * The timestamp for a thumbnail image calculated as a percentage value of the
diff --git a/src/resources/stream/stream.ts b/src/resources/stream/stream.ts
index c175396511..a684d439d8 100644
--- a/src/resources/stream/stream.ts
+++ b/src/resources/stream/stream.ts
@@ -413,7 +413,7 @@ export namespace Video {
     /**
      * Specifies the processing status for all quality levels for a video.
      */
-    state?: 'pendingupload' | 'downloading' | 'queued' | 'inprogress' | 'ready' | 'error';
+    state?: 'pendingupload' | 'downloading' | 'queued' | 'inprogress' | 'ready' | 'error' | 'live-inprogress';
   }
 }
 
@@ -489,8 +489,9 @@ export interface StreamListParams {
   include_counts?: boolean;
 
   /**
-   * Query param: Searches over the `name` key in the `meta` field. This field can be
-   * set with or after the upload request.
+   * Query param: Provides a partial word match of the `name` key in the `meta`
+   * field. Slow for medium to large video libraries. May be unavailable for very
+   * large libraries.
    */
   search?: string;
 
@@ -502,12 +503,18 @@ export interface StreamListParams {
   /**
    * Query param: Specifies the processing status for all quality levels for a video.
    */
-  status?: 'pendingupload' | 'downloading' | 'queued' | 'inprogress' | 'ready' | 'error';
+  status?: 'pendingupload' | 'downloading' | 'queued' | 'inprogress' | 'ready' | 'error' | 'live-inprogress';
 
   /**
    * Query param: Specifies whether the video is `vod` or `live`.
    */
   type?: string;
+
+  /**
+   * Query param: Provides a fast, exact string match on the `name` key in the `meta`
+   * field.
+   */
+  video_name?: string;
 }
 
 export interface StreamDeleteParams {
diff --git a/src/resources/url-normalization.ts b/src/resources/url-normalization.ts
index 8da515294a..2392e79dd1 100644
--- a/src/resources/url-normalization.ts
+++ b/src/resources/url-normalization.ts
@@ -77,7 +77,7 @@ export interface URLNormalizationUpdateResponse {
   /**
    * The scope of the URL normalization.
    */
-  scope: 'incoming' | 'both';
+  scope: 'incoming' | 'both' | 'none';
 
   /**
    * The type of URL normalization performed by Cloudflare.
@@ -92,7 +92,7 @@ export interface URLNormalizationGetResponse {
   /**
    * The scope of the URL normalization.
    */
-  scope: 'incoming' | 'both';
+  scope: 'incoming' | 'both' | 'none';
 
   /**
    * The type of URL normalization performed by Cloudflare.
@@ -109,7 +109,7 @@ export interface URLNormalizationUpdateParams {
   /**
    * Body param: The scope of the URL normalization.
    */
-  scope: 'incoming' | 'both';
+  scope: 'incoming' | 'both' | 'none';
 
   /**
    * Body param: The type of URL normalization performed by Cloudflare.
diff --git a/src/resources/workers-for-platforms/dispatch/namespaces/namespaces.ts b/src/resources/workers-for-platforms/dispatch/namespaces/namespaces.ts
index a44e6f918f..f33487efe6 100644
--- a/src/resources/workers-for-platforms/dispatch/namespaces/namespaces.ts
+++ b/src/resources/workers-for-platforms/dispatch/namespaces/namespaces.ts
@@ -156,6 +156,15 @@ export interface NamespaceCreateResponse {
    * The current number of scripts in this Dispatch Namespace.
    */
   script_count?: number;
+
+  /**
+   * Whether the Workers in the namespace are executed in a "trusted" manner. When a
+   * Worker is trusted, it has access to the shared caches for the zone in the Cache
+   * API, and has access to the `request.cf` object on incoming Requests. When a
+   * Worker is untrusted, caches are not shared across the zone, and `request.cf` is
+   * undefined. By default, Workers in a namespace are "untrusted".
+   */
+  trusted_workers?: boolean;
 }
 
 export interface NamespaceListResponse {
@@ -193,6 +202,15 @@ export interface NamespaceListResponse {
    * The current number of scripts in this Dispatch Namespace.
    */
   script_count?: number;
+
+  /**
+   * Whether the Workers in the namespace are executed in a "trusted" manner. When a
+   * Worker is trusted, it has access to the shared caches for the zone in the Cache
+   * API, and has access to the `request.cf` object on incoming Requests. When a
+   * Worker is untrusted, caches are not shared across the zone, and `request.cf` is
+   * undefined. By default, Workers in a namespace are "untrusted".
+   */
+  trusted_workers?: boolean;
 }
 
 export type NamespaceDeleteResponse = unknown;
@@ -232,6 +250,15 @@ export interface NamespaceGetResponse {
    * The current number of scripts in this Dispatch Namespace.
    */
   script_count?: number;
+
+  /**
+   * Whether the Workers in the namespace are executed in a "trusted" manner. When a
+   * Worker is trusted, it has access to the shared caches for the zone in the Cache
+   * API, and has access to the `request.cf` object on incoming Requests. When a
+   * Worker is untrusted, caches are not shared across the zone, and `request.cf` is
+   * undefined. By default, Workers in a namespace are "untrusted".
+   */
+  trusted_workers?: boolean;
 }
 
 export interface NamespaceCreateParams {
diff --git a/src/resources/workers-for-platforms/dispatch/namespaces/scripts/content.ts b/src/resources/workers-for-platforms/dispatch/namespaces/scripts/content.ts
index 6fe6d05afa..26364d14d4 100644
--- a/src/resources/workers-for-platforms/dispatch/namespaces/scripts/content.ts
+++ b/src/resources/workers-for-platforms/dispatch/namespaces/scripts/content.ts
@@ -91,11 +91,22 @@ export interface ContentUpdateParams {
   account_id: string;
 
   /**
-   * Body param: JSON encoded metadata about the uploaded parts and Worker
+   * Body param: JSON-encoded metadata about the uploaded parts and Worker
    * configuration.
    */
   metadata: WorkersAPI.WorkerMetadataParam;
 
+  /**
+   * Body param: An array of modules (often JavaScript files) comprising a Worker
+   * script. At least one module must be present and referenced in the metadata as
+   * `main_module` or `body_part` by filename.<br/>Possible Content-Type(s) are:
+   * `application/javascript+module`, `text/javascript+module`,
+   * `application/javascript`, `text/javascript`, `text/x-python`,
+   * `text/x-python-requirement`, `application/wasm`, `text/plain`,
+   * `application/octet-stream`, `application/source-map`.
+   */
+  files?: Array<Core.Uploadable>;
+
   /**
    * Header param: The multipart name of a script upload part containing script
    * content in service worker format. Alternative to including in a metadata part.
@@ -107,8 +118,6 @@ export interface ContentUpdateParams {
    * content in es module format. Alternative to including in a metadata part.
    */
   'CF-WORKER-MAIN-MODULE-PART'?: string;
-
-  [k: string]: Array<Core.Uploadable> | string | WorkersAPI.WorkerMetadataParam | undefined;
 }
 
 export interface ContentGetParams {
diff --git a/src/resources/workers-for-platforms/dispatch/namespaces/scripts/scripts.ts b/src/resources/workers-for-platforms/dispatch/namespaces/scripts/scripts.ts
index 5d38a78b6c..40c73ef770 100644
--- a/src/resources/workers-for-platforms/dispatch/namespaces/scripts/scripts.ts
+++ b/src/resources/workers-for-platforms/dispatch/namespaces/scripts/scripts.ts
@@ -77,12 +77,12 @@ export class Scripts extends APIResource {
     params: ScriptUpdateParams,
     options?: Core.RequestOptions,
   ): Core.APIPromise<ScriptUpdateResponse> {
-    const { account_id, files, ...body } = params;
+    const { account_id, ...body } = params;
     return (
       this._client.put(
         `/accounts/${account_id}/workers/dispatch/namespaces/${dispatchNamespace}/scripts/${scriptName}`,
         Core.maybeMultipartFormRequestOptions({
-          body: { ...body, ...files },
+          body,
           ...options,
           __multipartSyntax: 'json',
           headers: { 'Content-Type': 'application/javascript', ...options?.headers },
@@ -271,17 +271,26 @@ export interface ScriptUpdateParams {
   account_id: string;
 
   /**
-   * Body param: JSON encoded metadata about the uploaded parts and Worker
+   * Body param: JSON-encoded metadata about the uploaded parts and Worker
    * configuration.
    */
   metadata: ScriptUpdateParams.Metadata;
 
-  files?: { [key: string]: Core.Uploadable };
+  /**
+   * Body param: An array of modules (often JavaScript files) comprising a Worker
+   * script. At least one module must be present and referenced in the metadata as
+   * `main_module` or `body_part` by filename.<br/>Possible Content-Type(s) are:
+   * `application/javascript+module`, `text/javascript+module`,
+   * `application/javascript`, `text/javascript`, `text/x-python`,
+   * `text/x-python-requirement`, `application/wasm`, `text/plain`,
+   * `application/octet-stream`, `application/source-map`.
+   */
+  files?: Array<Core.Uploadable>;
 }
 
 export namespace ScriptUpdateParams {
   /**
-   * JSON encoded metadata about the uploaded parts and Worker configuration.
+   * JSON-encoded metadata about the uploaded parts and Worker configuration.
    */
   export interface Metadata {
     /**
diff --git a/src/resources/workers-for-platforms/dispatch/namespaces/scripts/settings.ts b/src/resources/workers-for-platforms/dispatch/namespaces/scripts/settings.ts
index 7bfd4eecba..effe0197c6 100644
--- a/src/resources/workers-for-platforms/dispatch/namespaces/scripts/settings.ts
+++ b/src/resources/workers-for-platforms/dispatch/namespaces/scripts/settings.ts
@@ -118,11 +118,6 @@ export interface SettingEditResponse {
    */
   logpush?: boolean;
 
-  /**
-   * Migrations to apply for Durable Objects associated with this Worker.
-   */
-  migrations?: WorkersAPI.SingleStepMigration | SettingEditResponse.WorkersMultipleStepMigrations;
-
   /**
    * Observability settings for the Worker.
    */
@@ -620,24 +615,6 @@ export namespace SettingEditResponse {
     cpu_ms?: number;
   }
 
-  export interface WorkersMultipleStepMigrations {
-    /**
-     * Tag to set as the latest migration tag.
-     */
-    new_tag?: string;
-
-    /**
-     * Tag used to verify against the latest migration tag for this Worker. If they
-     * don't match, the upload is rejected.
-     */
-    old_tag?: string;
-
-    /**
-     * Migrations to apply in order.
-     */
-    steps?: Array<WorkersAPI.MigrationStep>;
-  }
-
   /**
    * Observability settings for the Worker.
    */
@@ -751,11 +728,6 @@ export interface SettingGetResponse {
    */
   logpush?: boolean;
 
-  /**
-   * Migrations to apply for Durable Objects associated with this Worker.
-   */
-  migrations?: WorkersAPI.SingleStepMigration | SettingGetResponse.WorkersMultipleStepMigrations;
-
   /**
    * Observability settings for the Worker.
    */
@@ -1253,24 +1225,6 @@ export namespace SettingGetResponse {
     cpu_ms?: number;
   }
 
-  export interface WorkersMultipleStepMigrations {
-    /**
-     * Tag to set as the latest migration tag.
-     */
-    new_tag?: string;
-
-    /**
-     * Tag used to verify against the latest migration tag for this Worker. If they
-     * don't match, the upload is rejected.
-     */
-    old_tag?: string;
-
-    /**
-     * Migrations to apply in order.
-     */
-    steps?: Array<WorkersAPI.MigrationStep>;
-  }
-
   /**
    * Observability settings for the Worker.
    */
diff --git a/src/resources/workers/scripts/content.ts b/src/resources/workers/scripts/content.ts
index 8aa1715764..797ecb5dd4 100644
--- a/src/resources/workers/scripts/content.ts
+++ b/src/resources/workers/scripts/content.ts
@@ -2,7 +2,6 @@
 
 import { APIResource } from '../../../resource';
 import * as Core from '../../../core';
-import * as WorkersAPI from '../workers';
 import * as ScriptsAPI from './scripts';
 import { type Response } from '../../../_shims/index';
 
@@ -85,10 +84,21 @@ export interface ContentUpdateParams {
   account_id: string;
 
   /**
-   * Body param: JSON encoded metadata about the uploaded parts and Worker
+   * Body param: JSON-encoded metadata about the uploaded parts and Worker
    * configuration.
    */
-  metadata: WorkersAPI.WorkerMetadataParam;
+  metadata: ContentUpdateParams.Metadata;
+
+  /**
+   * Body param: An array of modules (often JavaScript files) comprising a Worker
+   * script. At least one module must be present and referenced in the metadata as
+   * `main_module` or `body_part` by filename.<br/>Possible Content-Type(s) are:
+   * `application/javascript+module`, `text/javascript+module`,
+   * `application/javascript`, `text/javascript`, `text/x-python`,
+   * `text/x-python-requirement`, `application/wasm`, `text/plain`,
+   * `application/octet-stream`, `application/source-map`.
+   */
+  files?: Array<Core.Uploadable>;
 
   /**
    * Header param: The multipart name of a script upload part containing script
@@ -101,8 +111,25 @@ export interface ContentUpdateParams {
    * content in es module format. Alternative to including in a metadata part.
    */
   'CF-WORKER-MAIN-MODULE-PART'?: string;
+}
 
-  [k: string]: Array<Core.Uploadable> | string | WorkersAPI.WorkerMetadataParam | undefined;
+export namespace ContentUpdateParams {
+  /**
+   * JSON-encoded metadata about the uploaded parts and Worker configuration.
+   */
+  export interface Metadata {
+    /**
+     * Name of the uploaded file that contains the Worker script (e.g. the file adding
+     * a listener to the `fetch` event). Indicates a `service worker syntax` Worker.
+     */
+    body_part?: string;
+
+    /**
+     * Name of the uploaded file that contains the main module (e.g. the file exporting
+     * a `fetch` handler). Indicates a `module syntax` Worker.
+     */
+    main_module?: string;
+  }
 }
 
 export interface ContentGetParams {
diff --git a/src/resources/workers/scripts/deployments.ts b/src/resources/workers/scripts/deployments.ts
index 061a0ef777..1283130f6b 100644
--- a/src/resources/workers/scripts/deployments.ts
+++ b/src/resources/workers/scripts/deployments.ts
@@ -2,7 +2,6 @@
 
 import { APIResource } from '../../../resource';
 import * as Core from '../../../core';
-import * as DeploymentsAPI from './deployments';
 
 export class Deployments extends APIResource {
   /**
@@ -23,7 +22,7 @@ export class Deployments extends APIResource {
    *         {
    *           percentage: 100,
    *           version_id:
-   *             'bcf48806-b317-4351-9ee7-36e7d557d4de',
+   *             '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
    *         },
    *       ],
    *     },
@@ -34,14 +33,14 @@ export class Deployments extends APIResource {
     scriptName: string,
     params: DeploymentCreateParams,
     options?: Core.RequestOptions,
-  ): Core.APIPromise<DeploymentCreateResponse> {
+  ): Core.APIPromise<Deployment> {
     const { account_id, force, ...body } = params;
     return (
       this._client.post(`/accounts/${account_id}/workers/scripts/${scriptName}/deployments`, {
         query: { force },
         body,
         ...options,
-      }) as Core.APIPromise<{ result: DeploymentCreateResponse }>
+      }) as Core.APIPromise<{ result: Deployment }>
     )._thenUnwrap((obj) => obj.result);
   }
 
@@ -51,92 +50,164 @@ export class Deployments extends APIResource {
    *
    * @example
    * ```ts
-   * const deployment =
-   *   await client.workers.scripts.deployments.get(
+   * const deployments =
+   *   await client.workers.scripts.deployments.list(
    *     'this-is_my_script-01',
    *     { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
    *   );
    * ```
    */
-  get(
+  list(
     scriptName: string,
-    params: DeploymentGetParams,
+    params: DeploymentListParams,
     options?: Core.RequestOptions,
-  ): Core.APIPromise<DeploymentGetResponse> {
+  ): Core.APIPromise<DeploymentListResponse> {
     const { account_id } = params;
     return (
       this._client.get(
         `/accounts/${account_id}/workers/scripts/${scriptName}/deployments`,
         options,
-      ) as Core.APIPromise<{ result: DeploymentGetResponse }>
+      ) as Core.APIPromise<{ result: DeploymentListResponse }>
     )._thenUnwrap((obj) => obj.result);
   }
-}
 
-export interface Deployment {
   /**
-   * Human-readable message about the deployment. Truncated to 100 bytes.
+   * Delete a Worker Deployment. The latest deployment, which is actively serving
+   * traffic, cannot be deleted. All other deployments can be deleted.
+   *
+   * @example
+   * ```ts
+   * const deployment =
+   *   await client.workers.scripts.deployments.delete(
+   *     'this-is_my_script-01',
+   *     '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
+   *     { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+   *   );
+   * ```
    */
-  'workers/message'?: string;
-}
+  delete(
+    scriptName: string,
+    deploymentId: string,
+    params: DeploymentDeleteParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<DeploymentDeleteResponse> {
+    const { account_id } = params;
+    return this._client.delete(
+      `/accounts/${account_id}/workers/scripts/${scriptName}/deployments/${deploymentId}`,
+      options,
+    );
+  }
 
-export interface DeploymentParam {
   /**
-   * Human-readable message about the deployment. Truncated to 100 bytes.
+   * Get information about a Worker Deployment.
+   *
+   * @example
+   * ```ts
+   * const deployment =
+   *   await client.workers.scripts.deployments.get(
+   *     'this-is_my_script-01',
+   *     '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
+   *     { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+   *   );
+   * ```
    */
-  'workers/message'?: string;
+  get(
+    scriptName: string,
+    deploymentId: string,
+    params: DeploymentGetParams,
+    options?: Core.RequestOptions,
+  ): Core.APIPromise<Deployment> {
+    const { account_id } = params;
+    return (
+      this._client.get(
+        `/accounts/${account_id}/workers/scripts/${scriptName}/deployments/${deploymentId}`,
+        options,
+      ) as Core.APIPromise<{ result: Deployment }>
+    )._thenUnwrap((obj) => obj.result);
+  }
 }
 
-export interface DeploymentCreateResponse {
-  strategy: 'percentage';
+export interface Deployment {
+  id: string;
 
-  versions: Array<DeploymentCreateResponse.Version>;
+  created_on: string;
 
-  id?: string;
+  source: string;
 
-  annotations?: Deployment;
+  strategy: 'percentage';
 
-  author_email?: string;
+  versions: Array<Deployment.Version>;
 
-  created_on?: string;
+  annotations?: Deployment.Annotations;
 
-  source?: string;
+  author_email?: string;
 }
 
-export namespace DeploymentCreateResponse {
+export namespace Deployment {
   export interface Version {
     percentage: number;
 
     version_id: string;
   }
+
+  export interface Annotations {
+    /**
+     * Human-readable message about the deployment. Truncated to 100 bytes.
+     */
+    'workers/message'?: string;
+
+    /**
+     * Operation that triggered the creation of the deployment.
+     */
+    'workers/triggered_by'?: string;
+  }
 }
 
-export interface DeploymentGetResponse {
-  deployments?: Array<DeploymentGetResponse.Deployment>;
+export interface DeploymentListResponse {
+  deployments: Array<Deployment>;
 }
 
-export namespace DeploymentGetResponse {
-  export interface Deployment {
-    strategy: 'percentage';
+export interface DeploymentDeleteResponse {
+  errors: Array<DeploymentDeleteResponse.Error>;
 
-    versions: Array<Deployment.Version>;
+  messages: Array<DeploymentDeleteResponse.Message>;
 
-    id?: string;
+  /**
+   * Whether the API call was successful.
+   */
+  success: true;
+}
 
-    annotations?: DeploymentsAPI.Deployment;
+export namespace DeploymentDeleteResponse {
+  export interface Error {
+    code: number;
 
-    author_email?: string;
+    message: string;
 
-    created_on?: string;
+    documentation_url?: string;
 
-    source?: string;
+    source?: Error.Source;
   }
 
-  export namespace Deployment {
-    export interface Version {
-      percentage: number;
+  export namespace Error {
+    export interface Source {
+      pointer?: string;
+    }
+  }
+
+  export interface Message {
+    code: number;
+
+    message: string;
 
-      version_id: string;
+    documentation_url?: string;
+
+    source?: Message.Source;
+  }
+
+  export namespace Message {
+    export interface Source {
+      pointer?: string;
     }
   }
 }
@@ -167,7 +238,7 @@ export interface DeploymentCreateParams {
   /**
    * Body param:
    */
-  annotations?: DeploymentParam;
+  annotations?: DeploymentCreateParams.Annotations;
 }
 
 export namespace DeploymentCreateParams {
@@ -176,6 +247,27 @@ export namespace DeploymentCreateParams {
 
     version_id: string;
   }
+
+  export interface Annotations {
+    /**
+     * Human-readable message about the deployment. Truncated to 100 bytes.
+     */
+    'workers/message'?: string;
+  }
+}
+
+export interface DeploymentListParams {
+  /**
+   * Identifier.
+   */
+  account_id: string;
+}
+
+export interface DeploymentDeleteParams {
+  /**
+   * Identifier.
+   */
+  account_id: string;
 }
 
 export interface DeploymentGetParams {
@@ -188,9 +280,11 @@ export interface DeploymentGetParams {
 export declare namespace Deployments {
   export {
     type Deployment as Deployment,
-    type DeploymentCreateResponse as DeploymentCreateResponse,
-    type DeploymentGetResponse as DeploymentGetResponse,
+    type DeploymentListResponse as DeploymentListResponse,
+    type DeploymentDeleteResponse as DeploymentDeleteResponse,
     type DeploymentCreateParams as DeploymentCreateParams,
+    type DeploymentListParams as DeploymentListParams,
+    type DeploymentDeleteParams as DeploymentDeleteParams,
     type DeploymentGetParams as DeploymentGetParams,
   };
 }
diff --git a/src/resources/workers/scripts/index.ts b/src/resources/workers/scripts/index.ts
index 938605d972..73bd09f1ac 100644
--- a/src/resources/workers/scripts/index.ts
+++ b/src/resources/workers/scripts/index.ts
@@ -5,9 +5,11 @@ export { Content, type ContentUpdateParams, type ContentGetParams } from './cont
 export {
   Deployments,
   type Deployment,
-  type DeploymentCreateResponse,
-  type DeploymentGetResponse,
+  type DeploymentListResponse,
+  type DeploymentDeleteResponse,
   type DeploymentCreateParams,
+  type DeploymentListParams,
+  type DeploymentDeleteParams,
   type DeploymentGetParams,
 } from './deployments';
 export {
diff --git a/src/resources/workers/scripts/script-and-version-settings.ts b/src/resources/workers/scripts/script-and-version-settings.ts
index 407d9c43e5..3472e778f1 100644
--- a/src/resources/workers/scripts/script-and-version-settings.ts
+++ b/src/resources/workers/scripts/script-and-version-settings.ts
@@ -114,13 +114,6 @@ export interface ScriptAndVersionSettingEditResponse {
    */
   logpush?: boolean;
 
-  /**
-   * Migrations to apply for Durable Objects associated with this Worker.
-   */
-  migrations?:
-    | WorkersAPI.SingleStepMigration
-    | ScriptAndVersionSettingEditResponse.WorkersMultipleStepMigrations;
-
   /**
    * Observability settings for the Worker.
    */
@@ -618,24 +611,6 @@ export namespace ScriptAndVersionSettingEditResponse {
     cpu_ms?: number;
   }
 
-  export interface WorkersMultipleStepMigrations {
-    /**
-     * Tag to set as the latest migration tag.
-     */
-    new_tag?: string;
-
-    /**
-     * Tag used to verify against the latest migration tag for this Worker. If they
-     * don't match, the upload is rejected.
-     */
-    old_tag?: string;
-
-    /**
-     * Migrations to apply in order.
-     */
-    steps?: Array<WorkersAPI.MigrationStep>;
-  }
-
   /**
    * Observability settings for the Worker.
    */
@@ -749,13 +724,6 @@ export interface ScriptAndVersionSettingGetResponse {
    */
   logpush?: boolean;
 
-  /**
-   * Migrations to apply for Durable Objects associated with this Worker.
-   */
-  migrations?:
-    | WorkersAPI.SingleStepMigration
-    | ScriptAndVersionSettingGetResponse.WorkersMultipleStepMigrations;
-
   /**
    * Observability settings for the Worker.
    */
@@ -1253,24 +1221,6 @@ export namespace ScriptAndVersionSettingGetResponse {
     cpu_ms?: number;
   }
 
-  export interface WorkersMultipleStepMigrations {
-    /**
-     * Tag to set as the latest migration tag.
-     */
-    new_tag?: string;
-
-    /**
-     * Tag used to verify against the latest migration tag for this Worker. If they
-     * don't match, the upload is rejected.
-     */
-    old_tag?: string;
-
-    /**
-     * Migrations to apply in order.
-     */
-    steps?: Array<WorkersAPI.MigrationStep>;
-  }
-
   /**
    * Observability settings for the Worker.
    */
diff --git a/src/resources/workers/scripts/scripts.ts b/src/resources/workers/scripts/scripts.ts
index 684ea4d3f0..2f5b74a81c 100644
--- a/src/resources/workers/scripts/scripts.ts
+++ b/src/resources/workers/scripts/scripts.ts
@@ -9,9 +9,11 @@ import * as DeploymentsAPI from './deployments';
 import {
   Deployment,
   DeploymentCreateParams,
-  DeploymentCreateResponse,
+  DeploymentDeleteParams,
+  DeploymentDeleteResponse,
   DeploymentGetParams,
-  DeploymentGetResponse,
+  DeploymentListParams,
+  DeploymentListResponse,
   Deployments,
 } from './deployments';
 import * as SchedulesAPI from './schedules';
@@ -115,12 +117,12 @@ export class Scripts extends APIResource {
     params: ScriptUpdateParams,
     options?: Core.RequestOptions,
   ): Core.APIPromise<ScriptUpdateResponse> {
-    const { account_id, files, ...body } = params;
+    const { account_id, ...body } = params;
     return (
       this._client.put(
         `/accounts/${account_id}/workers/scripts/${scriptName}`,
         Core.maybeMultipartFormRequestOptions({
-          body: { ...body, ...files },
+          body,
           ...options,
           __multipartSyntax: 'json',
           headers: { 'Content-Type': 'application/javascript', ...options?.headers },
@@ -143,8 +145,11 @@ export class Scripts extends APIResource {
    * ```
    */
   list(params: ScriptListParams, options?: Core.RequestOptions): Core.PagePromise<ScriptsSinglePage, Script> {
-    const { account_id } = params;
-    return this._client.getAPIList(`/accounts/${account_id}/workers/scripts`, ScriptsSinglePage, options);
+    const { account_id, ...query } = params;
+    return this._client.getAPIList(`/accounts/${account_id}/workers/scripts`, ScriptsSinglePage, {
+      query,
+      ...options,
+    });
   }
 
   /**
@@ -452,17 +457,26 @@ export interface ScriptUpdateParams {
   account_id: string;
 
   /**
-   * Body param: JSON encoded metadata about the uploaded parts and Worker
+   * Body param: JSON-encoded metadata about the uploaded parts and Worker
    * configuration.
    */
   metadata: ScriptUpdateParams.Metadata;
 
-  files?: { [key: string]: Core.Uploadable };
+  /**
+   * Body param: An array of modules (often JavaScript files) comprising a Worker
+   * script. At least one module must be present and referenced in the metadata as
+   * `main_module` or `body_part` by filename.<br/>Possible Content-Type(s) are:
+   * `application/javascript+module`, `text/javascript+module`,
+   * `application/javascript`, `text/javascript`, `text/x-python`,
+   * `text/x-python-requirement`, `application/wasm`, `text/plain`,
+   * `application/octet-stream`, `application/source-map`.
+   */
+  files?: Array<Core.Uploadable>;
 }
 
 export namespace ScriptUpdateParams {
   /**
-   * JSON encoded metadata about the uploaded parts and Worker configuration.
+   * JSON-encoded metadata about the uploaded parts and Worker configuration.
    */
   export interface Metadata {
     /**
@@ -1191,9 +1205,15 @@ export namespace ScriptUpdateParams {
 
 export interface ScriptListParams {
   /**
-   * Identifier.
+   * Path param: Identifier.
    */
   account_id: string;
+
+  /**
+   * Query param: Filter scripts by tags. Format: comma-separated list of tag:allowed
+   * pairs where allowed is 'yes' or 'no'.
+   */
+  tags?: string;
 }
 
 export interface ScriptDeleteParams {
@@ -1291,9 +1311,11 @@ export declare namespace Scripts {
   export {
     Deployments as Deployments,
     type Deployment as Deployment,
-    type DeploymentCreateResponse as DeploymentCreateResponse,
-    type DeploymentGetResponse as DeploymentGetResponse,
+    type DeploymentListResponse as DeploymentListResponse,
+    type DeploymentDeleteResponse as DeploymentDeleteResponse,
     type DeploymentCreateParams as DeploymentCreateParams,
+    type DeploymentListParams as DeploymentListParams,
+    type DeploymentDeleteParams as DeploymentDeleteParams,
     type DeploymentGetParams as DeploymentGetParams,
   };
 
diff --git a/src/resources/workers/scripts/versions.ts b/src/resources/workers/scripts/versions.ts
index c6269a0421..1417fc3542 100644
--- a/src/resources/workers/scripts/versions.ts
+++ b/src/resources/workers/scripts/versions.ts
@@ -107,7 +107,36 @@ export interface VersionCreateResponse {
 
 export namespace VersionCreateResponse {
   export interface Resources {
-    bindings?: Resources.Bindings;
+    /**
+     * List of bindings attached to a Worker. You can find more about bindings on our
+     * docs:
+     * https://developers.cloudflare.com/workers/configuration/multipart-upload-metadata/#bindings.
+     */
+    bindings?: Array<
+      | Resources.WorkersBindingKindAI
+      | Resources.WorkersBindingKindAnalyticsEngine
+      | Resources.WorkersBindingKindAssets
+      | Resources.WorkersBindingKindBrowser
+      | Resources.WorkersBindingKindD1
+      | Resources.WorkersBindingKindDispatchNamespace
+      | Resources.WorkersBindingKindDurableObjectNamespace
+      | Resources.WorkersBindingKindHyperdrive
+      | Resources.WorkersBindingKindJson
+      | Resources.WorkersBindingKindKVNamespace
+      | Resources.WorkersBindingKindMTLSCertificate
+      | Resources.WorkersBindingKindPlainText
+      | Resources.WorkersBindingKindPipelines
+      | Resources.WorkersBindingKindQueue
+      | Resources.WorkersBindingKindR2Bucket
+      | Resources.WorkersBindingKindSecretText
+      | Resources.WorkersBindingKindService
+      | Resources.WorkersBindingKindTailConsumer
+      | Resources.WorkersBindingKindVectorize
+      | Resources.WorkersBindingKindVersionMetadata
+      | Resources.WorkersBindingKindSecretsStoreSecret
+      | Resources.WorkersBindingKindSecretKey
+      | Resources.WorkersBindingKindWorkflow
+    >;
 
     script?: Resources.Script;
 
@@ -115,498 +144,463 @@ export namespace VersionCreateResponse {
   }
 
   export namespace Resources {
-    export interface Bindings {
-      /**
-       * List of bindings attached to a Worker. You can find more about bindings on our
-       * docs:
-       * https://developers.cloudflare.com/workers/configuration/multipart-upload-metadata/#bindings.
-       */
-      result?: Array<
-        | Bindings.WorkersBindingKindAI
-        | Bindings.WorkersBindingKindAnalyticsEngine
-        | Bindings.WorkersBindingKindAssets
-        | Bindings.WorkersBindingKindBrowser
-        | Bindings.WorkersBindingKindD1
-        | Bindings.WorkersBindingKindDispatchNamespace
-        | Bindings.WorkersBindingKindDurableObjectNamespace
-        | Bindings.WorkersBindingKindHyperdrive
-        | Bindings.WorkersBindingKindJson
-        | Bindings.WorkersBindingKindKVNamespace
-        | Bindings.WorkersBindingKindMTLSCertificate
-        | Bindings.WorkersBindingKindPlainText
-        | Bindings.WorkersBindingKindPipelines
-        | Bindings.WorkersBindingKindQueue
-        | Bindings.WorkersBindingKindR2Bucket
-        | Bindings.WorkersBindingKindSecretText
-        | Bindings.WorkersBindingKindService
-        | Bindings.WorkersBindingKindTailConsumer
-        | Bindings.WorkersBindingKindVectorize
-        | Bindings.WorkersBindingKindVersionMetadata
-        | Bindings.WorkersBindingKindSecretsStoreSecret
-        | Bindings.WorkersBindingKindSecretKey
-        | Bindings.WorkersBindingKindWorkflow
-      >;
+    export interface WorkersBindingKindAI {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
+
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'ai';
     }
 
-    export namespace Bindings {
-      export interface WorkersBindingKindAI {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindAnalyticsEngine {
+      /**
+       * The name of the dataset to bind to.
+       */
+      dataset: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'ai';
-      }
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-      export interface WorkersBindingKindAnalyticsEngine {
-        /**
-         * The name of the dataset to bind to.
-         */
-        dataset: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'analytics_engine';
+    }
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindAssets {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'analytics_engine';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'assets';
+    }
 
-      export interface WorkersBindingKindAssets {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindBrowser {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'assets';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'browser';
+    }
 
-      export interface WorkersBindingKindBrowser {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindD1 {
+      /**
+       * Identifier of the D1 database to bind to.
+       */
+      id: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'browser';
-      }
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-      export interface WorkersBindingKindD1 {
-        /**
-         * Identifier of the D1 database to bind to.
-         */
-        id: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'd1';
+    }
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindDispatchNamespace {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'd1';
-      }
+      /**
+       * Namespace to bind to.
+       */
+      namespace: string;
 
-      export interface WorkersBindingKindDispatchNamespace {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'dispatch_namespace';
 
-        /**
-         * Namespace to bind to.
-         */
-        namespace: string;
+      /**
+       * Outbound worker.
+       */
+      outbound?: WorkersBindingKindDispatchNamespace.Outbound;
+    }
 
+    export namespace WorkersBindingKindDispatchNamespace {
+      /**
+       * Outbound worker.
+       */
+      export interface Outbound {
         /**
-         * The kind of resource that the binding provides.
+         * Pass information from the Dispatch Worker to the Outbound Worker through the
+         * parameters.
          */
-        type: 'dispatch_namespace';
+        params?: Array<string>;
 
         /**
          * Outbound worker.
          */
-        outbound?: WorkersBindingKindDispatchNamespace.Outbound;
+        worker?: Outbound.Worker;
       }
 
-      export namespace WorkersBindingKindDispatchNamespace {
+      export namespace Outbound {
         /**
          * Outbound worker.
          */
-        export interface Outbound {
-          /**
-           * Pass information from the Dispatch Worker to the Outbound Worker through the
-           * parameters.
-           */
-          params?: Array<string>;
-
+        export interface Worker {
           /**
-           * Outbound worker.
+           * Environment of the outbound worker.
            */
-          worker?: Outbound.Worker;
-        }
+          environment?: string;
 
-        export namespace Outbound {
           /**
-           * Outbound worker.
+           * Name of the outbound worker.
            */
-          export interface Worker {
-            /**
-             * Environment of the outbound worker.
-             */
-            environment?: string;
-
-            /**
-             * Name of the outbound worker.
-             */
-            service?: string;
-          }
+          service?: string;
         }
       }
+    }
 
-      export interface WorkersBindingKindDurableObjectNamespace {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindDurableObjectNamespace {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'durable_object_namespace';
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'durable_object_namespace';
 
-        /**
-         * The exported class name of the Durable Object.
-         */
-        class_name?: string;
+      /**
+       * The exported class name of the Durable Object.
+       */
+      class_name?: string;
 
-        /**
-         * The environment of the script_name to bind to.
-         */
-        environment?: string;
+      /**
+       * The environment of the script_name to bind to.
+       */
+      environment?: string;
 
-        /**
-         * Namespace identifier tag.
-         */
-        namespace_id?: string;
+      /**
+       * Namespace identifier tag.
+       */
+      namespace_id?: string;
 
-        /**
-         * The script where the Durable Object is defined, if it is external to this
-         * Worker.
-         */
-        script_name?: string;
-      }
+      /**
+       * The script where the Durable Object is defined, if it is external to this
+       * Worker.
+       */
+      script_name?: string;
+    }
 
-      export interface WorkersBindingKindHyperdrive {
-        /**
-         * Identifier of the Hyperdrive connection to bind to.
-         */
-        id: string;
+    export interface WorkersBindingKindHyperdrive {
+      /**
+       * Identifier of the Hyperdrive connection to bind to.
+       */
+      id: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'hyperdrive';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'hyperdrive';
+    }
 
-      export interface WorkersBindingKindJson {
-        /**
-         * JSON data to use.
-         */
-        json: string;
+    export interface WorkersBindingKindJson {
+      /**
+       * JSON data to use.
+       */
+      json: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'json';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'json';
+    }
 
-      export interface WorkersBindingKindKVNamespace {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindKVNamespace {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Namespace identifier tag.
-         */
-        namespace_id: string;
+      /**
+       * Namespace identifier tag.
+       */
+      namespace_id: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'kv_namespace';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'kv_namespace';
+    }
 
-      export interface WorkersBindingKindMTLSCertificate {
-        /**
-         * Identifier of the certificate to bind to.
-         */
-        certificate_id: string;
+    export interface WorkersBindingKindMTLSCertificate {
+      /**
+       * Identifier of the certificate to bind to.
+       */
+      certificate_id: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'mtls_certificate';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'mtls_certificate';
+    }
 
-      export interface WorkersBindingKindPlainText {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindPlainText {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The text value to use.
-         */
-        text: string;
+      /**
+       * The text value to use.
+       */
+      text: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'plain_text';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'plain_text';
+    }
 
-      export interface WorkersBindingKindPipelines {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindPipelines {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of the Pipeline to bind to.
-         */
-        pipeline: string;
+      /**
+       * Name of the Pipeline to bind to.
+       */
+      pipeline: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'pipelines';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'pipelines';
+    }
 
-      export interface WorkersBindingKindQueue {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindQueue {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of the Queue to bind to.
-         */
-        queue_name: string;
+      /**
+       * Name of the Queue to bind to.
+       */
+      queue_name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'queue';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'queue';
+    }
 
-      export interface WorkersBindingKindR2Bucket {
-        /**
-         * R2 bucket to bind to.
-         */
-        bucket_name: string;
+    export interface WorkersBindingKindR2Bucket {
+      /**
+       * R2 bucket to bind to.
+       */
+      bucket_name: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'r2_bucket';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'r2_bucket';
+    }
 
-      export interface WorkersBindingKindSecretText {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindSecretText {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'secret_text';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'secret_text';
+    }
 
-      export interface WorkersBindingKindService {
-        /**
-         * Optional environment if the Worker utilizes one.
-         */
-        environment: string;
+    export interface WorkersBindingKindService {
+      /**
+       * Optional environment if the Worker utilizes one.
+       */
+      environment: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of Worker to bind to.
-         */
-        service: string;
+      /**
+       * Name of Worker to bind to.
+       */
+      service: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'service';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'service';
+    }
 
-      export interface WorkersBindingKindTailConsumer {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindTailConsumer {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of Tail Worker to bind to.
-         */
-        service: string;
+      /**
+       * Name of Tail Worker to bind to.
+       */
+      service: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'tail_consumer';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'tail_consumer';
+    }
 
-      export interface WorkersBindingKindVectorize {
-        /**
-         * Name of the Vectorize index to bind to.
-         */
-        index_name: string;
+    export interface WorkersBindingKindVectorize {
+      /**
+       * Name of the Vectorize index to bind to.
+       */
+      index_name: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'vectorize';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'vectorize';
+    }
 
-      export interface WorkersBindingKindVersionMetadata {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindVersionMetadata {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'version_metadata';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'version_metadata';
+    }
 
-      export interface WorkersBindingKindSecretsStoreSecret {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindSecretsStoreSecret {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of the secret in the store.
-         */
-        secret_name: string;
+      /**
+       * Name of the secret in the store.
+       */
+      secret_name: string;
 
-        /**
-         * ID of the store containing the secret.
-         */
-        store_id: string;
+      /**
+       * ID of the store containing the secret.
+       */
+      store_id: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'secrets_store_secret';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'secrets_store_secret';
+    }
 
-      export interface WorkersBindingKindSecretKey {
-        /**
-         * Algorithm-specific key parameters.
-         * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#algorithm).
-         */
-        algorithm: unknown;
+    export interface WorkersBindingKindSecretKey {
+      /**
+       * Algorithm-specific key parameters.
+       * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#algorithm).
+       */
+      algorithm: unknown;
 
-        /**
-         * Data format of the key.
-         * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#format).
-         */
-        format: 'raw' | 'pkcs8' | 'spki' | 'jwk';
+      /**
+       * Data format of the key.
+       * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#format).
+       */
+      format: 'raw' | 'pkcs8' | 'spki' | 'jwk';
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'secret_key';
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'secret_key';
 
-        /**
-         * Allowed operations with the key.
-         * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#keyUsages).
-         */
-        usages: Array<
-          'encrypt' | 'decrypt' | 'sign' | 'verify' | 'deriveKey' | 'deriveBits' | 'wrapKey' | 'unwrapKey'
-        >;
-      }
+      /**
+       * Allowed operations with the key.
+       * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#keyUsages).
+       */
+      usages: Array<
+        'encrypt' | 'decrypt' | 'sign' | 'verify' | 'deriveKey' | 'deriveBits' | 'wrapKey' | 'unwrapKey'
+      >;
+    }
 
-      export interface WorkersBindingKindWorkflow {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindWorkflow {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'workflow';
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'workflow';
 
-        /**
-         * Name of the Workflow to bind to.
-         */
-        workflow_name: string;
+      /**
+       * Name of the Workflow to bind to.
+       */
+      workflow_name: string;
 
-        /**
-         * Class name of the Workflow. Should only be provided if the Workflow belongs to
-         * this script.
-         */
-        class_name?: string;
+      /**
+       * Class name of the Workflow. Should only be provided if the Workflow belongs to
+       * this script.
+       */
+      class_name?: string;
 
-        /**
-         * Script name that contains the Workflow. If not provided, defaults to this script
-         * name.
-         */
-        script_name?: string;
-      }
+      /**
+       * Script name that contains the Workflow. If not provided, defaults to this script
+       * name.
+       */
+      script_name?: string;
     }
 
     export interface Script {
@@ -717,7 +711,36 @@ export interface VersionGetResponse {
 
 export namespace VersionGetResponse {
   export interface Resources {
-    bindings?: Resources.Bindings;
+    /**
+     * List of bindings attached to a Worker. You can find more about bindings on our
+     * docs:
+     * https://developers.cloudflare.com/workers/configuration/multipart-upload-metadata/#bindings.
+     */
+    bindings?: Array<
+      | Resources.WorkersBindingKindAI
+      | Resources.WorkersBindingKindAnalyticsEngine
+      | Resources.WorkersBindingKindAssets
+      | Resources.WorkersBindingKindBrowser
+      | Resources.WorkersBindingKindD1
+      | Resources.WorkersBindingKindDispatchNamespace
+      | Resources.WorkersBindingKindDurableObjectNamespace
+      | Resources.WorkersBindingKindHyperdrive
+      | Resources.WorkersBindingKindJson
+      | Resources.WorkersBindingKindKVNamespace
+      | Resources.WorkersBindingKindMTLSCertificate
+      | Resources.WorkersBindingKindPlainText
+      | Resources.WorkersBindingKindPipelines
+      | Resources.WorkersBindingKindQueue
+      | Resources.WorkersBindingKindR2Bucket
+      | Resources.WorkersBindingKindSecretText
+      | Resources.WorkersBindingKindService
+      | Resources.WorkersBindingKindTailConsumer
+      | Resources.WorkersBindingKindVectorize
+      | Resources.WorkersBindingKindVersionMetadata
+      | Resources.WorkersBindingKindSecretsStoreSecret
+      | Resources.WorkersBindingKindSecretKey
+      | Resources.WorkersBindingKindWorkflow
+    >;
 
     script?: Resources.Script;
 
@@ -725,498 +748,463 @@ export namespace VersionGetResponse {
   }
 
   export namespace Resources {
-    export interface Bindings {
-      /**
-       * List of bindings attached to a Worker. You can find more about bindings on our
-       * docs:
-       * https://developers.cloudflare.com/workers/configuration/multipart-upload-metadata/#bindings.
-       */
-      result?: Array<
-        | Bindings.WorkersBindingKindAI
-        | Bindings.WorkersBindingKindAnalyticsEngine
-        | Bindings.WorkersBindingKindAssets
-        | Bindings.WorkersBindingKindBrowser
-        | Bindings.WorkersBindingKindD1
-        | Bindings.WorkersBindingKindDispatchNamespace
-        | Bindings.WorkersBindingKindDurableObjectNamespace
-        | Bindings.WorkersBindingKindHyperdrive
-        | Bindings.WorkersBindingKindJson
-        | Bindings.WorkersBindingKindKVNamespace
-        | Bindings.WorkersBindingKindMTLSCertificate
-        | Bindings.WorkersBindingKindPlainText
-        | Bindings.WorkersBindingKindPipelines
-        | Bindings.WorkersBindingKindQueue
-        | Bindings.WorkersBindingKindR2Bucket
-        | Bindings.WorkersBindingKindSecretText
-        | Bindings.WorkersBindingKindService
-        | Bindings.WorkersBindingKindTailConsumer
-        | Bindings.WorkersBindingKindVectorize
-        | Bindings.WorkersBindingKindVersionMetadata
-        | Bindings.WorkersBindingKindSecretsStoreSecret
-        | Bindings.WorkersBindingKindSecretKey
-        | Bindings.WorkersBindingKindWorkflow
-      >;
-    }
+    export interface WorkersBindingKindAI {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-    export namespace Bindings {
-      export interface WorkersBindingKindAI {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'ai';
+    }
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'ai';
-      }
+    export interface WorkersBindingKindAnalyticsEngine {
+      /**
+       * The name of the dataset to bind to.
+       */
+      dataset: string;
 
-      export interface WorkersBindingKindAnalyticsEngine {
-        /**
-         * The name of the dataset to bind to.
-         */
-        dataset: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'analytics_engine';
+    }
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'analytics_engine';
-      }
+    export interface WorkersBindingKindAssets {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-      export interface WorkersBindingKindAssets {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'assets';
+    }
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'assets';
-      }
+    export interface WorkersBindingKindBrowser {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-      export interface WorkersBindingKindBrowser {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'browser';
+    }
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'browser';
-      }
+    export interface WorkersBindingKindD1 {
+      /**
+       * Identifier of the D1 database to bind to.
+       */
+      id: string;
 
-      export interface WorkersBindingKindD1 {
-        /**
-         * Identifier of the D1 database to bind to.
-         */
-        id: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'd1';
+    }
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'd1';
-      }
+    export interface WorkersBindingKindDispatchNamespace {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-      export interface WorkersBindingKindDispatchNamespace {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * Namespace to bind to.
+       */
+      namespace: string;
 
-        /**
-         * Namespace to bind to.
-         */
-        namespace: string;
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'dispatch_namespace';
+
+      /**
+       * Outbound worker.
+       */
+      outbound?: WorkersBindingKindDispatchNamespace.Outbound;
+    }
 
+    export namespace WorkersBindingKindDispatchNamespace {
+      /**
+       * Outbound worker.
+       */
+      export interface Outbound {
         /**
-         * The kind of resource that the binding provides.
+         * Pass information from the Dispatch Worker to the Outbound Worker through the
+         * parameters.
          */
-        type: 'dispatch_namespace';
+        params?: Array<string>;
 
         /**
          * Outbound worker.
          */
-        outbound?: WorkersBindingKindDispatchNamespace.Outbound;
+        worker?: Outbound.Worker;
       }
 
-      export namespace WorkersBindingKindDispatchNamespace {
+      export namespace Outbound {
         /**
          * Outbound worker.
          */
-        export interface Outbound {
-          /**
-           * Pass information from the Dispatch Worker to the Outbound Worker through the
-           * parameters.
-           */
-          params?: Array<string>;
-
+        export interface Worker {
           /**
-           * Outbound worker.
+           * Environment of the outbound worker.
            */
-          worker?: Outbound.Worker;
-        }
+          environment?: string;
 
-        export namespace Outbound {
           /**
-           * Outbound worker.
+           * Name of the outbound worker.
            */
-          export interface Worker {
-            /**
-             * Environment of the outbound worker.
-             */
-            environment?: string;
-
-            /**
-             * Name of the outbound worker.
-             */
-            service?: string;
-          }
+          service?: string;
         }
       }
+    }
 
-      export interface WorkersBindingKindDurableObjectNamespace {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindDurableObjectNamespace {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'durable_object_namespace';
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'durable_object_namespace';
 
-        /**
-         * The exported class name of the Durable Object.
-         */
-        class_name?: string;
+      /**
+       * The exported class name of the Durable Object.
+       */
+      class_name?: string;
 
-        /**
-         * The environment of the script_name to bind to.
-         */
-        environment?: string;
+      /**
+       * The environment of the script_name to bind to.
+       */
+      environment?: string;
 
-        /**
-         * Namespace identifier tag.
-         */
-        namespace_id?: string;
+      /**
+       * Namespace identifier tag.
+       */
+      namespace_id?: string;
 
-        /**
-         * The script where the Durable Object is defined, if it is external to this
-         * Worker.
-         */
-        script_name?: string;
-      }
+      /**
+       * The script where the Durable Object is defined, if it is external to this
+       * Worker.
+       */
+      script_name?: string;
+    }
 
-      export interface WorkersBindingKindHyperdrive {
-        /**
-         * Identifier of the Hyperdrive connection to bind to.
-         */
-        id: string;
+    export interface WorkersBindingKindHyperdrive {
+      /**
+       * Identifier of the Hyperdrive connection to bind to.
+       */
+      id: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'hyperdrive';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'hyperdrive';
+    }
 
-      export interface WorkersBindingKindJson {
-        /**
-         * JSON data to use.
-         */
-        json: string;
+    export interface WorkersBindingKindJson {
+      /**
+       * JSON data to use.
+       */
+      json: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'json';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'json';
+    }
 
-      export interface WorkersBindingKindKVNamespace {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindKVNamespace {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Namespace identifier tag.
-         */
-        namespace_id: string;
+      /**
+       * Namespace identifier tag.
+       */
+      namespace_id: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'kv_namespace';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'kv_namespace';
+    }
 
-      export interface WorkersBindingKindMTLSCertificate {
-        /**
-         * Identifier of the certificate to bind to.
-         */
-        certificate_id: string;
+    export interface WorkersBindingKindMTLSCertificate {
+      /**
+       * Identifier of the certificate to bind to.
+       */
+      certificate_id: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'mtls_certificate';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'mtls_certificate';
+    }
 
-      export interface WorkersBindingKindPlainText {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindPlainText {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The text value to use.
-         */
-        text: string;
+      /**
+       * The text value to use.
+       */
+      text: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'plain_text';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'plain_text';
+    }
 
-      export interface WorkersBindingKindPipelines {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindPipelines {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of the Pipeline to bind to.
-         */
-        pipeline: string;
+      /**
+       * Name of the Pipeline to bind to.
+       */
+      pipeline: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'pipelines';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'pipelines';
+    }
 
-      export interface WorkersBindingKindQueue {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindQueue {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of the Queue to bind to.
-         */
-        queue_name: string;
+      /**
+       * Name of the Queue to bind to.
+       */
+      queue_name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'queue';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'queue';
+    }
 
-      export interface WorkersBindingKindR2Bucket {
-        /**
-         * R2 bucket to bind to.
-         */
-        bucket_name: string;
+    export interface WorkersBindingKindR2Bucket {
+      /**
+       * R2 bucket to bind to.
+       */
+      bucket_name: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'r2_bucket';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'r2_bucket';
+    }
 
-      export interface WorkersBindingKindSecretText {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindSecretText {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'secret_text';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'secret_text';
+    }
 
-      export interface WorkersBindingKindService {
-        /**
-         * Optional environment if the Worker utilizes one.
-         */
-        environment: string;
+    export interface WorkersBindingKindService {
+      /**
+       * Optional environment if the Worker utilizes one.
+       */
+      environment: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of Worker to bind to.
-         */
-        service: string;
+      /**
+       * Name of Worker to bind to.
+       */
+      service: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'service';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'service';
+    }
 
-      export interface WorkersBindingKindTailConsumer {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindTailConsumer {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of Tail Worker to bind to.
-         */
-        service: string;
+      /**
+       * Name of Tail Worker to bind to.
+       */
+      service: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'tail_consumer';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'tail_consumer';
+    }
 
-      export interface WorkersBindingKindVectorize {
-        /**
-         * Name of the Vectorize index to bind to.
-         */
-        index_name: string;
+    export interface WorkersBindingKindVectorize {
+      /**
+       * Name of the Vectorize index to bind to.
+       */
+      index_name: string;
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'vectorize';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'vectorize';
+    }
 
-      export interface WorkersBindingKindVersionMetadata {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindVersionMetadata {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'version_metadata';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'version_metadata';
+    }
 
-      export interface WorkersBindingKindSecretsStoreSecret {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindSecretsStoreSecret {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * Name of the secret in the store.
-         */
-        secret_name: string;
+      /**
+       * Name of the secret in the store.
+       */
+      secret_name: string;
 
-        /**
-         * ID of the store containing the secret.
-         */
-        store_id: string;
+      /**
+       * ID of the store containing the secret.
+       */
+      store_id: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'secrets_store_secret';
-      }
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'secrets_store_secret';
+    }
 
-      export interface WorkersBindingKindSecretKey {
-        /**
-         * Algorithm-specific key parameters.
-         * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#algorithm).
-         */
-        algorithm: unknown;
+    export interface WorkersBindingKindSecretKey {
+      /**
+       * Algorithm-specific key parameters.
+       * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#algorithm).
+       */
+      algorithm: unknown;
 
-        /**
-         * Data format of the key.
-         * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#format).
-         */
-        format: 'raw' | 'pkcs8' | 'spki' | 'jwk';
+      /**
+       * Data format of the key.
+       * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#format).
+       */
+      format: 'raw' | 'pkcs8' | 'spki' | 'jwk';
 
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'secret_key';
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'secret_key';
 
-        /**
-         * Allowed operations with the key.
-         * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#keyUsages).
-         */
-        usages: Array<
-          'encrypt' | 'decrypt' | 'sign' | 'verify' | 'deriveKey' | 'deriveBits' | 'wrapKey' | 'unwrapKey'
-        >;
-      }
+      /**
+       * Allowed operations with the key.
+       * [Learn more](https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/importKey#keyUsages).
+       */
+      usages: Array<
+        'encrypt' | 'decrypt' | 'sign' | 'verify' | 'deriveKey' | 'deriveBits' | 'wrapKey' | 'unwrapKey'
+      >;
+    }
 
-      export interface WorkersBindingKindWorkflow {
-        /**
-         * A JavaScript variable name for the binding.
-         */
-        name: string;
+    export interface WorkersBindingKindWorkflow {
+      /**
+       * A JavaScript variable name for the binding.
+       */
+      name: string;
 
-        /**
-         * The kind of resource that the binding provides.
-         */
-        type: 'workflow';
+      /**
+       * The kind of resource that the binding provides.
+       */
+      type: 'workflow';
 
-        /**
-         * Name of the Workflow to bind to.
-         */
-        workflow_name: string;
+      /**
+       * Name of the Workflow to bind to.
+       */
+      workflow_name: string;
 
-        /**
-         * Class name of the Workflow. Should only be provided if the Workflow belongs to
-         * this script.
-         */
-        class_name?: string;
+      /**
+       * Class name of the Workflow. Should only be provided if the Workflow belongs to
+       * this script.
+       */
+      class_name?: string;
 
-        /**
-         * Script name that contains the Workflow. If not provided, defaults to this script
-         * name.
-         */
-        script_name?: string;
-      }
+      /**
+       * Script name that contains the Workflow. If not provided, defaults to this script
+       * name.
+       */
+      script_name?: string;
     }
 
     export interface Script {
@@ -1288,23 +1276,32 @@ export interface VersionCreateParams {
   account_id: string;
 
   /**
-   * Body param: JSON encoded metadata about the uploaded parts and Worker
+   * Body param: JSON-encoded metadata about the uploaded parts and Worker
    * configuration.
    */
   metadata: VersionCreateParams.Metadata;
 
-  [k: string]: Array<Core.Uploadable> | string | VersionCreateParams.Metadata | undefined;
+  /**
+   * Body param: An array of modules (often JavaScript files) comprising a Worker
+   * script. At least one module must be present and referenced in the metadata as
+   * `main_module` or `body_part` by filename.<br/>Possible Content-Type(s) are:
+   * `application/javascript+module`, `text/javascript+module`,
+   * `application/javascript`, `text/javascript`, `text/x-python`,
+   * `text/x-python-requirement`, `application/wasm`, `text/plain`,
+   * `application/octet-stream`, `application/source-map`.
+   */
+  files?: Array<Core.Uploadable>;
 }
 
 export namespace VersionCreateParams {
   /**
-   * JSON encoded metadata about the uploaded parts and Worker configuration.
+   * JSON-encoded metadata about the uploaded parts and Worker configuration.
    */
   export interface Metadata {
     /**
-     * Name of the part in the multipart request that contains the main module (e.g.
-     * the file exporting a `fetch` handler). Indicates a `module syntax` Worker, which
-     * is required for Version Upload.
+     * Name of the uploaded file that contains the main module (e.g. the file exporting
+     * a `fetch` handler). Indicates a `module syntax` Worker, which is required for
+     * Version Upload.
      */
     main_module: string;
 
diff --git a/src/resources/workers/workers.ts b/src/resources/workers/workers.ts
index dbac4cf23f..3db9a31de7 100644
--- a/src/resources/workers/workers.ts
+++ b/src/resources/workers/workers.ts
@@ -71,49 +71,7 @@ export class Workers extends APIResource {
   observability: ObservabilityAPI.Observability = new ObservabilityAPI.Observability(this._client);
 }
 
-export interface MigrationStep {
-  /**
-   * A list of classes to delete Durable Object namespaces from.
-   */
-  deleted_classes?: Array<string>;
-
-  /**
-   * A list of classes to create Durable Object namespaces from.
-   */
-  new_classes?: Array<string>;
-
-  /**
-   * A list of classes to create Durable Object namespaces with SQLite from.
-   */
-  new_sqlite_classes?: Array<string>;
-
-  /**
-   * A list of classes with Durable Object namespaces that were renamed.
-   */
-  renamed_classes?: Array<MigrationStep.RenamedClass>;
-
-  /**
-   * A list of transfers for Durable Object namespaces from a different Worker and
-   * class to a class defined in this Worker.
-   */
-  transferred_classes?: Array<MigrationStep.TransferredClass>;
-}
-
-export namespace MigrationStep {
-  export interface RenamedClass {
-    from?: string;
-
-    to?: string;
-  }
-
-  export interface TransferredClass {
-    from?: string;
-
-    from_script?: string;
-
-    to?: string;
-  }
-}
+export interface MigrationStep {}
 
 export interface MigrationStepParam {
   /**
@@ -162,60 +120,7 @@ export namespace MigrationStepParam {
 /**
  * A single set of migrations to apply.
  */
-export interface SingleStepMigration {
-  /**
-   * A list of classes to delete Durable Object namespaces from.
-   */
-  deleted_classes?: Array<string>;
-
-  /**
-   * A list of classes to create Durable Object namespaces from.
-   */
-  new_classes?: Array<string>;
-
-  /**
-   * A list of classes to create Durable Object namespaces with SQLite from.
-   */
-  new_sqlite_classes?: Array<string>;
-
-  /**
-   * Tag to set as the latest migration tag.
-   */
-  new_tag?: string;
-
-  /**
-   * Tag used to verify against the latest migration tag for this Worker. If they
-   * don't match, the upload is rejected.
-   */
-  old_tag?: string;
-
-  /**
-   * A list of classes with Durable Object namespaces that were renamed.
-   */
-  renamed_classes?: Array<SingleStepMigration.RenamedClass>;
-
-  /**
-   * A list of transfers for Durable Object namespaces from a different Worker and
-   * class to a class defined in this Worker.
-   */
-  transferred_classes?: Array<SingleStepMigration.TransferredClass>;
-}
-
-export namespace SingleStepMigration {
-  export interface RenamedClass {
-    from?: string;
-
-    to?: string;
-  }
-
-  export interface TransferredClass {
-    from?: string;
-
-    from_script?: string;
-
-    to?: string;
-  }
-}
+export interface SingleStepMigration {}
 
 /**
  * A single set of migrations to apply.
@@ -276,7 +181,7 @@ export namespace SingleStepMigrationParam {
 }
 
 /**
- * JSON encoded metadata about the uploaded parts and Worker configuration.
+ * JSON-encoded metadata about the uploaded parts and Worker configuration.
  */
 export interface WorkerMetadata {
   /**
@@ -294,7 +199,7 @@ export interface WorkerMetadata {
 }
 
 /**
- * JSON encoded metadata about the uploaded parts and Worker configuration.
+ * JSON-encoded metadata about the uploaded parts and Worker configuration.
  */
 export interface WorkerMetadataParam {
   /**
diff --git a/src/resources/workflows/instances/instances.ts b/src/resources/workflows/instances/instances.ts
index 117054a689..6fdee7d5a9 100644
--- a/src/resources/workflows/instances/instances.ts
+++ b/src/resources/workflows/instances/instances.ts
@@ -335,6 +335,11 @@ export interface InstanceListParams extends V4PagePaginationArrayParams {
    */
   account_id: string;
 
+  /**
+   * Query param: `page` and `cursor` are mutually exclusive, use one or the other.
+   */
+  cursor?: string;
+
   /**
    * Query param: Accepts ISO 8601 with no timezone offsets and in UTC.
    */
diff --git a/src/resources/zero-trust/access/access.ts b/src/resources/zero-trust/access/access.ts
index c14de3aa26..fea6040f8d 100644
--- a/src/resources/zero-trust/access/access.ts
+++ b/src/resources/zero-trust/access/access.ts
@@ -23,7 +23,7 @@ import {
   CustomPageListParams,
   CustomPageUpdateParams,
   CustomPageWithoutHTML,
-  CustomPageWithoutHTMLsSinglePage,
+  CustomPageWithoutHTMLsV4PagePaginationArray,
   CustomPages,
 } from './custom-pages';
 import * as GatewayCAAPI from './gateway-ca';
@@ -47,7 +47,7 @@ import {
   GroupGetResponse,
   GroupListParams,
   GroupListResponse,
-  GroupListResponsesSinglePage,
+  GroupListResponsesV4PagePaginationArray,
   GroupUpdateParams,
   GroupUpdateResponse,
   Groups,
@@ -76,7 +76,7 @@ import {
   PolicyGetResponse,
   PolicyListParams,
   PolicyListResponse,
-  PolicyListResponsesSinglePage,
+  PolicyListResponsesV4PagePaginationArray,
   PolicyUpdateParams,
   PolicyUpdateResponse,
 } from './policies';
@@ -93,7 +93,7 @@ import {
   ServiceTokenRotateResponse,
   ServiceTokenUpdateParams,
   ServiceTokens,
-  ServiceTokensSinglePage,
+  ServiceTokensV4PagePaginationArray,
 } from './service-tokens';
 import * as TagsAPI from './tags';
 import {
@@ -105,7 +105,7 @@ import {
   TagListParams,
   TagUpdateParams,
   Tags,
-  TagsSinglePage,
+  TagsV4PagePaginationArray,
 } from './tags';
 import * as ApplicationsAPI from './applications/applications';
 import {
@@ -123,7 +123,7 @@ import {
   ApplicationGetResponse,
   ApplicationListParams,
   ApplicationListResponse,
-  ApplicationListResponsesSinglePage,
+  ApplicationListResponsesV4PagePaginationArray,
   ApplicationPolicy,
   ApplicationRevokeTokensParams,
   ApplicationRevokeTokensResponse,
@@ -154,7 +154,7 @@ import {
   CertificateListParams,
   CertificateUpdateParams,
   Certificates,
-  CertificatesSinglePage,
+  CertificatesV4PagePaginationArray,
 } from './certificates/certificates';
 import * as InfrastructureAPI from './infrastructure/infrastructure';
 import { Infrastructure } from './infrastructure/infrastructure';
@@ -165,7 +165,7 @@ import {
   AccessUser,
   UserListParams,
   UserListResponse,
-  UserListResponsesSinglePage,
+  UserListResponsesV4PagePaginationArray,
   Users,
 } from './users/users';
 
@@ -189,25 +189,25 @@ Access.GatewayCA = GatewayCA;
 Access.GatewayCAListResponsesSinglePage = GatewayCAListResponsesSinglePage;
 Access.Infrastructure = Infrastructure;
 Access.Applications = Applications;
-Access.ApplicationListResponsesSinglePage = ApplicationListResponsesSinglePage;
+Access.ApplicationListResponsesV4PagePaginationArray = ApplicationListResponsesV4PagePaginationArray;
 Access.Certificates = Certificates;
-Access.CertificatesSinglePage = CertificatesSinglePage;
+Access.CertificatesV4PagePaginationArray = CertificatesV4PagePaginationArray;
 Access.Groups = Groups;
-Access.GroupListResponsesSinglePage = GroupListResponsesSinglePage;
+Access.GroupListResponsesV4PagePaginationArray = GroupListResponsesV4PagePaginationArray;
 Access.ServiceTokens = ServiceTokens;
-Access.ServiceTokensSinglePage = ServiceTokensSinglePage;
+Access.ServiceTokensV4PagePaginationArray = ServiceTokensV4PagePaginationArray;
 Access.Bookmarks = Bookmarks;
 Access.BookmarksSinglePage = BookmarksSinglePage;
 Access.Keys = Keys;
 Access.Logs = Logs;
 Access.Users = Users;
-Access.UserListResponsesSinglePage = UserListResponsesSinglePage;
+Access.UserListResponsesV4PagePaginationArray = UserListResponsesV4PagePaginationArray;
 Access.CustomPages = CustomPages;
-Access.CustomPageWithoutHTMLsSinglePage = CustomPageWithoutHTMLsSinglePage;
+Access.CustomPageWithoutHTMLsV4PagePaginationArray = CustomPageWithoutHTMLsV4PagePaginationArray;
 Access.Tags = Tags;
-Access.TagsSinglePage = TagsSinglePage;
+Access.TagsV4PagePaginationArray = TagsV4PagePaginationArray;
 Access.Policies = Policies;
-Access.PolicyListResponsesSinglePage = PolicyListResponsesSinglePage;
+Access.PolicyListResponsesV4PagePaginationArray = PolicyListResponsesV4PagePaginationArray;
 
 export declare namespace Access {
   export {
@@ -250,7 +250,7 @@ export declare namespace Access {
     type ApplicationDeleteResponse as ApplicationDeleteResponse,
     type ApplicationGetResponse as ApplicationGetResponse,
     type ApplicationRevokeTokensResponse as ApplicationRevokeTokensResponse,
-    ApplicationListResponsesSinglePage as ApplicationListResponsesSinglePage,
+    ApplicationListResponsesV4PagePaginationArray as ApplicationListResponsesV4PagePaginationArray,
     type ApplicationCreateParams as ApplicationCreateParams,
     type ApplicationUpdateParams as ApplicationUpdateParams,
     type ApplicationListParams as ApplicationListParams,
@@ -264,7 +264,7 @@ export declare namespace Access {
     type AssociatedHostnames as AssociatedHostnames,
     type Certificate as Certificate,
     type CertificateDeleteResponse as CertificateDeleteResponse,
-    CertificatesSinglePage as CertificatesSinglePage,
+    CertificatesV4PagePaginationArray as CertificatesV4PagePaginationArray,
     type CertificateCreateParams as CertificateCreateParams,
     type CertificateUpdateParams as CertificateUpdateParams,
     type CertificateListParams as CertificateListParams,
@@ -280,7 +280,7 @@ export declare namespace Access {
     type GroupListResponse as GroupListResponse,
     type GroupDeleteResponse as GroupDeleteResponse,
     type GroupGetResponse as GroupGetResponse,
-    GroupListResponsesSinglePage as GroupListResponsesSinglePage,
+    GroupListResponsesV4PagePaginationArray as GroupListResponsesV4PagePaginationArray,
     type GroupCreateParams as GroupCreateParams,
     type GroupUpdateParams as GroupUpdateParams,
     type GroupListParams as GroupListParams,
@@ -293,7 +293,7 @@ export declare namespace Access {
     type ServiceToken as ServiceToken,
     type ServiceTokenCreateResponse as ServiceTokenCreateResponse,
     type ServiceTokenRotateResponse as ServiceTokenRotateResponse,
-    ServiceTokensSinglePage as ServiceTokensSinglePage,
+    ServiceTokensV4PagePaginationArray as ServiceTokensV4PagePaginationArray,
     type ServiceTokenCreateParams as ServiceTokenCreateParams,
     type ServiceTokenUpdateParams as ServiceTokenUpdateParams,
     type ServiceTokenListParams as ServiceTokenListParams,
@@ -331,7 +331,7 @@ export declare namespace Access {
     Users as Users,
     type AccessUser as AccessUser,
     type UserListResponse as UserListResponse,
-    UserListResponsesSinglePage as UserListResponsesSinglePage,
+    UserListResponsesV4PagePaginationArray as UserListResponsesV4PagePaginationArray,
     type UserListParams as UserListParams,
   };
 
@@ -340,7 +340,7 @@ export declare namespace Access {
     type CustomPage as CustomPage,
     type CustomPageWithoutHTML as CustomPageWithoutHTML,
     type CustomPageDeleteResponse as CustomPageDeleteResponse,
-    CustomPageWithoutHTMLsSinglePage as CustomPageWithoutHTMLsSinglePage,
+    CustomPageWithoutHTMLsV4PagePaginationArray as CustomPageWithoutHTMLsV4PagePaginationArray,
     type CustomPageCreateParams as CustomPageCreateParams,
     type CustomPageUpdateParams as CustomPageUpdateParams,
     type CustomPageListParams as CustomPageListParams,
@@ -352,7 +352,7 @@ export declare namespace Access {
     Tags as Tags,
     type Tag as Tag,
     type TagDeleteResponse as TagDeleteResponse,
-    TagsSinglePage as TagsSinglePage,
+    TagsV4PagePaginationArray as TagsV4PagePaginationArray,
     type TagCreateParams as TagCreateParams,
     type TagUpdateParams as TagUpdateParams,
     type TagListParams as TagListParams,
@@ -369,7 +369,7 @@ export declare namespace Access {
     type PolicyListResponse as PolicyListResponse,
     type PolicyDeleteResponse as PolicyDeleteResponse,
     type PolicyGetResponse as PolicyGetResponse,
-    PolicyListResponsesSinglePage as PolicyListResponsesSinglePage,
+    PolicyListResponsesV4PagePaginationArray as PolicyListResponsesV4PagePaginationArray,
     type PolicyCreateParams as PolicyCreateParams,
     type PolicyUpdateParams as PolicyUpdateParams,
     type PolicyListParams as PolicyListParams,
diff --git a/src/resources/zero-trust/access/applications/applications.ts b/src/resources/zero-trust/access/applications/applications.ts
index 6fcb92daab..67800f8ac2 100644
--- a/src/resources/zero-trust/access/applications/applications.ts
+++ b/src/resources/zero-trust/access/applications/applications.ts
@@ -14,7 +14,7 @@ import {
   CAGetParams,
   CAListParams,
   CAs,
-  CAsSinglePage,
+  CAsV4PagePaginationArray,
 } from './cas';
 import * as ApplicationsPoliciesAPI from './policies';
 import {
@@ -45,7 +45,7 @@ import {
   PolicyGetResponse,
   PolicyListParams,
   PolicyListResponse,
-  PolicyListResponsesSinglePage,
+  PolicyListResponsesV4PagePaginationArray,
   PolicyUpdateParams,
   PolicyUpdateResponse,
   SAMLGroupRule,
@@ -75,7 +75,7 @@ import {
   PolicyTests,
 } from './policy-tests/policy-tests';
 import { CloudflareError } from '../../../../error';
-import { SinglePage } from '../../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../../pagination';
 
 export class Applications extends APIResource {
   cas: CAsAPI.CAs = new CAsAPI.CAs(this._client);
@@ -190,14 +190,14 @@ export class Applications extends APIResource {
   list(
     params?: ApplicationListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<ApplicationListResponsesSinglePage, ApplicationListResponse>;
+  ): Core.PagePromise<ApplicationListResponsesV4PagePaginationArray, ApplicationListResponse>;
   list(
     options?: Core.RequestOptions,
-  ): Core.PagePromise<ApplicationListResponsesSinglePage, ApplicationListResponse>;
+  ): Core.PagePromise<ApplicationListResponsesV4PagePaginationArray, ApplicationListResponse>;
   list(
     params: ApplicationListParams | Core.RequestOptions = {},
     options?: Core.RequestOptions,
-  ): Core.PagePromise<ApplicationListResponsesSinglePage, ApplicationListResponse> {
+  ): Core.PagePromise<ApplicationListResponsesV4PagePaginationArray, ApplicationListResponse> {
     if (isRequestOptions(params)) {
       return this.list({}, params);
     }
@@ -220,7 +220,7 @@ export class Applications extends APIResource {
         };
     return this._client.getAPIList(
       `/${accountOrZone}/${accountOrZoneId}/access/apps`,
-      ApplicationListResponsesSinglePage,
+      ApplicationListResponsesV4PagePaginationArray,
       { query, ...options },
     );
   }
@@ -382,7 +382,7 @@ export class Applications extends APIResource {
   }
 }
 
-export class ApplicationListResponsesSinglePage extends SinglePage<ApplicationListResponse> {}
+export class ApplicationListResponsesV4PagePaginationArray extends V4PagePaginationArray<ApplicationListResponse> {}
 
 export type AllowedHeaders = string;
 
@@ -4153,6 +4153,23 @@ export namespace ApplicationCreateResponse {
 
     created_at?: string;
 
+    /**
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
+     */
+    custom_deny_url?: string;
+
+    /**
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
+     */
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * The custom pages that will be displayed when applicable for this application
+     */
+    custom_pages?: Array<string>;
+
     /**
      * The primary hostname and path secured by Access. This domain will be displayed
      * if the app is visible in the App Launcher.
@@ -4181,12 +4198,6 @@ export namespace ApplicationCreateResponse {
 
     policies?: Array<AppLauncherApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: AppLauncherApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -4325,105 +4336,6 @@ export namespace ApplicationCreateResponse {
 
       updated_at?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface DeviceEnrollmentPermissionsApplication {
@@ -4443,11 +4355,6 @@ export namespace ApplicationCreateResponse {
      */
     allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
 
-    /**
-     * The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Audience tag.
      */
@@ -4459,33 +4366,30 @@ export namespace ApplicationCreateResponse {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
     created_at?: string;
 
     /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
      */
-    domain?: string;
+    custom_deny_url?: string;
 
     /**
-     * The links in the App Launcher footer.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
      */
-    footer_links?: Array<DeviceEnrollmentPermissionsApplication.FooterLink>;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * The background color of the App Launcher header.
+     * The custom pages that will be displayed when applicable for this application
      */
-    header_bg_color?: string;
+    custom_pages?: Array<string>;
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    landing_page_design?: DeviceEnrollmentPermissionsApplication.LandingPageDesign;
+    domain?: string;
 
     /**
      * The name of the application.
@@ -4494,12 +4398,6 @@ export namespace ApplicationCreateResponse {
 
     policies?: Array<DeviceEnrollmentPermissionsApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: DeviceEnrollmentPermissionsApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -4507,57 +4405,10 @@ export namespace ApplicationCreateResponse {
      */
     session_duration?: string;
 
-    /**
-     * Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
-
     updated_at?: string;
   }
 
   export namespace DeviceEnrollmentPermissionsApplication {
-    export interface FooterLink {
-      /**
-       * The hypertext in the footer link.
-       */
-      name: string;
-
-      /**
-       * the hyperlink in the footer link.
-       */
-      url: string;
-    }
-
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
     export interface Policy {
       /**
        * The UUID of the policy
@@ -4638,133 +4489,29 @@ export namespace ApplicationCreateResponse {
 
       updated_at?: string;
     }
+  }
 
+  export interface BrowserIsolationPermissionsApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * The application type.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    type: ApplicationsAPI.ApplicationType;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
+    /**
+     * UUID.
+     */
+    id?: string;
 
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
+    /**
+     * The identity providers your users can select when connecting to this
+     * application. Defaults to all IdPs configured in your account.
+     */
+    allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
 
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BrowserIsolationPermissionsApplication {
-    /**
-     * The application type.
-     */
-    type: ApplicationsAPI.ApplicationType;
-
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * The identity providers your users can select when connecting to this
-     * application. Defaults to all IdPs configured in your account.
-     */
-    allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
-
-    /**
-     * The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
-    /**
-     * Audience tag.
-     */
-    aud?: string;
+    /**
+     * Audience tag.
+     */
+    aud?: string;
 
     /**
      * When set to `true`, users skip the identity provider selection step during
@@ -4772,33 +4519,30 @@ export namespace ApplicationCreateResponse {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
     created_at?: string;
 
     /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
      */
-    domain?: string;
+    custom_deny_url?: string;
 
     /**
-     * The links in the App Launcher footer.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
      */
-    footer_links?: Array<BrowserIsolationPermissionsApplication.FooterLink>;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * The background color of the App Launcher header.
+     * The custom pages that will be displayed when applicable for this application
      */
-    header_bg_color?: string;
+    custom_pages?: Array<string>;
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    landing_page_design?: BrowserIsolationPermissionsApplication.LandingPageDesign;
+    domain?: string;
 
     /**
      * The name of the application.
@@ -4807,12 +4551,6 @@ export namespace ApplicationCreateResponse {
 
     policies?: Array<BrowserIsolationPermissionsApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: BrowserIsolationPermissionsApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -4820,57 +4558,10 @@ export namespace ApplicationCreateResponse {
      */
     session_duration?: string;
 
-    /**
-     * Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
-
     updated_at?: string;
   }
 
   export namespace BrowserIsolationPermissionsApplication {
-    export interface FooterLink {
-      /**
-       * The hypertext in the footer link.
-       */
-      name: string;
-
-      /**
-       * the hyperlink in the footer link.
-       */
-      url: string;
-    }
-
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
     export interface Policy {
       /**
        * The UUID of the policy
@@ -4951,261 +4642,55 @@ export namespace ApplicationCreateResponse {
 
       updated_at?: string;
     }
+  }
 
+  export interface BookmarkApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * UUID.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
+    id?: string;
 
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    /**
+     * Displays the application in the App Launcher.
+     */
+    app_launcher_visible?: boolean;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
+    /**
+     * Audience tag.
+     */
+    aud?: string;
 
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
+    created_at?: string;
 
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
+    /**
+     * The URL or domain of the bookmark.
+     */
+    domain?: string;
 
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
+    /**
+     * The image URL for the logo shown in the App Launcher dashboard.
+     */
+    logo_url?: string;
 
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
+    /**
+     * The name of the application.
+     */
+    name?: string;
 
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
+    /**
+     * The tags you want assigned to an application. Tags are used to filter
+     * applications in the App Launcher dashboard.
+     */
+    tags?: Array<string>;
 
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BookmarkApplication {
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * Displays the application in the App Launcher.
-     */
-    app_launcher_visible?: boolean;
-
-    /**
-     * Audience tag.
-     */
-    aud?: string;
-
-    created_at?: string;
-
-    /**
-     * The URL or domain of the bookmark.
-     */
-    domain?: string;
-
-    /**
-     * The image URL for the logo shown in the App Launcher dashboard.
-     */
-    logo_url?: string;
-
-    /**
-     * The name of the application.
-     */
-    name?: string;
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: BookmarkApplication.SCIMConfig;
-
-    /**
-     * The tags you want assigned to an application. Tags are used to filter
-     * applications in the App Launcher dashboard.
-     */
-    tags?: Array<string>;
-
-    /**
-     * The application type.
-     */
-    type?: ApplicationsAPI.ApplicationType;
+    /**
+     * The application type.
+     */
+    type?: ApplicationsAPI.ApplicationType;
 
     updated_at?: string;
   }
 
-  export namespace BookmarkApplication {
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
   export interface InfrastructureApplication {
     target_criteria: Array<InfrastructureApplication.TargetCriterion>;
 
@@ -5233,12 +4718,6 @@ export namespace ApplicationCreateResponse {
 
     policies?: Array<InfrastructureApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: InfrastructureApplication.SCIMConfig;
-
     updated_at?: string;
   }
 
@@ -5338,138 +4817,39 @@ export namespace ApplicationCreateResponse {
         }
       }
     }
+  }
 
+  export interface BrowserRdpApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
+    domain: string;
 
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
+    /**
+     * The application type.
+     */
+    type: ApplicationsAPI.ApplicationType;
 
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
+    /**
+     * UUID.
+     */
+    id?: string;
 
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
+    /**
+     * When set to true, users can authenticate to this application using their WARP
+     * session. When set to false this application will always require direct IdP
+     * authentication. This setting always overrides the organization setting for WARP
+     * authentication.
+     */
+    allow_authenticate_via_warp?: boolean;
 
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BrowserRdpApplication {
-    /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
-     */
-    domain: string;
-
-    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
-
-    /**
-     * The application type.
-     */
-    type: ApplicationsAPI.ApplicationType;
-
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * When set to true, users can authenticate to this application using their WARP
-     * session. When set to false this application will always require direct IdP
-     * authentication. This setting always overrides the organization setting for WARP
-     * authentication.
-     */
-    allow_authenticate_via_warp?: boolean;
-
-    /**
-     * Enables loading application content in an iFrame.
-     */
-    allow_iframe?: boolean;
+    /**
+     * Enables loading application content in an iFrame.
+     */
+    allow_iframe?: boolean;
 
     /**
      * The identity providers your users can select when connecting to this
@@ -5631,7 +5011,7 @@ export namespace ApplicationCreateResponse {
       /**
        * The communication protocol your application secures.
        */
-      protocol: 'SSH';
+      protocol: 'RDP';
 
       /**
        * Contains a map of target attribute keys to target attribute values.
@@ -7441,6 +6821,23 @@ export namespace ApplicationUpdateResponse {
 
     created_at?: string;
 
+    /**
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
+     */
+    custom_deny_url?: string;
+
+    /**
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
+     */
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * The custom pages that will be displayed when applicable for this application
+     */
+    custom_pages?: Array<string>;
+
     /**
      * The primary hostname and path secured by Access. This domain will be displayed
      * if the app is visible in the App Launcher.
@@ -7469,12 +6866,6 @@ export namespace ApplicationUpdateResponse {
 
     policies?: Array<AppLauncherApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: AppLauncherApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -7613,105 +7004,6 @@ export namespace ApplicationUpdateResponse {
 
       updated_at?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface DeviceEnrollmentPermissionsApplication {
@@ -7731,11 +7023,6 @@ export namespace ApplicationUpdateResponse {
      */
     allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
 
-    /**
-     * The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Audience tag.
      */
@@ -7747,33 +7034,30 @@ export namespace ApplicationUpdateResponse {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
     created_at?: string;
 
     /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
      */
-    domain?: string;
+    custom_deny_url?: string;
 
     /**
-     * The links in the App Launcher footer.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
      */
-    footer_links?: Array<DeviceEnrollmentPermissionsApplication.FooterLink>;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * The background color of the App Launcher header.
+     * The custom pages that will be displayed when applicable for this application
      */
-    header_bg_color?: string;
+    custom_pages?: Array<string>;
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    landing_page_design?: DeviceEnrollmentPermissionsApplication.LandingPageDesign;
+    domain?: string;
 
     /**
      * The name of the application.
@@ -7782,12 +7066,6 @@ export namespace ApplicationUpdateResponse {
 
     policies?: Array<DeviceEnrollmentPermissionsApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: DeviceEnrollmentPermissionsApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -7795,75 +7073,28 @@ export namespace ApplicationUpdateResponse {
      */
     session_duration?: string;
 
-    /**
-     * Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
-
     updated_at?: string;
   }
 
   export namespace DeviceEnrollmentPermissionsApplication {
-    export interface FooterLink {
+    export interface Policy {
       /**
-       * The hypertext in the footer link.
+       * The UUID of the policy
        */
-      name: string;
+      id?: string;
 
       /**
-       * the hyperlink in the footer link.
+       * Administrators who can approve a temporary authentication request.
        */
-      url: string;
-    }
+      approval_groups?: Array<PoliciesAPI.ApprovalGroup>;
 
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
       /**
-       * The background color of the log in button on the landing page.
+       * Requires the user to request access from an administrator at the start of each
+       * session.
        */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
-    export interface Policy {
-      /**
-       * The UUID of the policy
-       */
-      id?: string;
-
-      /**
-       * Administrators who can approve a temporary authentication request.
-       */
-      approval_groups?: Array<PoliciesAPI.ApprovalGroup>;
-
-      /**
-       * Requires the user to request access from an administrator at the start of each
-       * session.
-       */
-      approval_required?: boolean;
-
-      created_at?: string;
+      approval_required?: boolean;
+
+      created_at?: string;
 
       /**
        * The action Access will take if a user matches this policy. Infrastructure
@@ -7926,105 +7157,6 @@ export namespace ApplicationUpdateResponse {
 
       updated_at?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface BrowserIsolationPermissionsApplication {
@@ -8044,11 +7176,6 @@ export namespace ApplicationUpdateResponse {
      */
     allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
 
-    /**
-     * The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Audience tag.
      */
@@ -8060,33 +7187,30 @@ export namespace ApplicationUpdateResponse {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
     created_at?: string;
 
     /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
      */
-    domain?: string;
+    custom_deny_url?: string;
 
     /**
-     * The links in the App Launcher footer.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
      */
-    footer_links?: Array<BrowserIsolationPermissionsApplication.FooterLink>;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * The background color of the App Launcher header.
+     * The custom pages that will be displayed when applicable for this application
      */
-    header_bg_color?: string;
+    custom_pages?: Array<string>;
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    landing_page_design?: BrowserIsolationPermissionsApplication.LandingPageDesign;
+    domain?: string;
 
     /**
      * The name of the application.
@@ -8095,12 +7219,6 @@ export namespace ApplicationUpdateResponse {
 
     policies?: Array<BrowserIsolationPermissionsApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: BrowserIsolationPermissionsApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -8108,57 +7226,10 @@ export namespace ApplicationUpdateResponse {
      */
     session_duration?: string;
 
-    /**
-     * Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
-
     updated_at?: string;
   }
 
   export namespace BrowserIsolationPermissionsApplication {
-    export interface FooterLink {
-      /**
-       * The hypertext in the footer link.
-       */
-      name: string;
-
-      /**
-       * the hyperlink in the footer link.
-       */
-      url: string;
-    }
-
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
     export interface Policy {
       /**
        * The UUID of the policy
@@ -8239,122 +7310,23 @@ export namespace ApplicationUpdateResponse {
 
       updated_at?: string;
     }
+  }
 
+  export interface BookmarkApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * UUID.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
+    id?: string;
 
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    /**
+     * Displays the application in the App Launcher.
+     */
+    app_launcher_visible?: boolean;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BookmarkApplication {
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * Displays the application in the App Launcher.
-     */
-    app_launcher_visible?: boolean;
-
-    /**
-     * Audience tag.
-     */
-    aud?: string;
+    /**
+     * Audience tag.
+     */
+    aud?: string;
 
     created_at?: string;
 
@@ -8373,12 +7345,6 @@ export namespace ApplicationUpdateResponse {
      */
     name?: string;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: BookmarkApplication.SCIMConfig;
-
     /**
      * The tags you want assigned to an application. Tags are used to filter
      * applications in the App Launcher dashboard.
@@ -8393,107 +7359,6 @@ export namespace ApplicationUpdateResponse {
     updated_at?: string;
   }
 
-  export namespace BookmarkApplication {
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
   export interface InfrastructureApplication {
     target_criteria: Array<InfrastructureApplication.TargetCriterion>;
 
@@ -8521,12 +7386,6 @@ export namespace ApplicationUpdateResponse {
 
     policies?: Array<InfrastructureApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: InfrastructureApplication.SCIMConfig;
-
     updated_at?: string;
   }
 
@@ -8626,133 +7485,34 @@ export namespace ApplicationUpdateResponse {
         }
       }
     }
+  }
 
+  export interface BrowserRdpApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
+    domain: string;
 
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
+    /**
+     * The application type.
+     */
+    type: ApplicationsAPI.ApplicationType;
 
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
+    /**
+     * UUID.
+     */
+    id?: string;
 
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BrowserRdpApplication {
-    /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
-     */
-    domain: string;
-
-    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
-
-    /**
-     * The application type.
-     */
-    type: ApplicationsAPI.ApplicationType;
-
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * When set to true, users can authenticate to this application using their WARP
-     * session. When set to false this application will always require direct IdP
-     * authentication. This setting always overrides the organization setting for WARP
-     * authentication.
-     */
-    allow_authenticate_via_warp?: boolean;
+    /**
+     * When set to true, users can authenticate to this application using their WARP
+     * session. When set to false this application will always require direct IdP
+     * authentication. This setting always overrides the organization setting for WARP
+     * authentication.
+     */
+    allow_authenticate_via_warp?: boolean;
 
     /**
      * Enables loading application content in an iFrame.
@@ -8919,7 +7679,7 @@ export namespace ApplicationUpdateResponse {
       /**
        * The communication protocol your application secures.
        */
-      protocol: 'SSH';
+      protocol: 'RDP';
 
       /**
        * Contains a map of target attribute keys to target attribute values.
@@ -10729,6 +9489,23 @@ export namespace ApplicationListResponse {
 
     created_at?: string;
 
+    /**
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
+     */
+    custom_deny_url?: string;
+
+    /**
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
+     */
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * The custom pages that will be displayed when applicable for this application
+     */
+    custom_pages?: Array<string>;
+
     /**
      * The primary hostname and path secured by Access. This domain will be displayed
      * if the app is visible in the App Launcher.
@@ -10757,12 +9534,6 @@ export namespace ApplicationListResponse {
 
     policies?: Array<AppLauncherApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: AppLauncherApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -10901,105 +9672,6 @@ export namespace ApplicationListResponse {
 
       updated_at?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface DeviceEnrollmentPermissionsApplication {
@@ -11019,11 +9691,6 @@ export namespace ApplicationListResponse {
      */
     allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
 
-    /**
-     * The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Audience tag.
      */
@@ -11035,33 +9702,30 @@ export namespace ApplicationListResponse {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
     created_at?: string;
 
     /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
      */
-    domain?: string;
+    custom_deny_url?: string;
 
     /**
-     * The links in the App Launcher footer.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
      */
-    footer_links?: Array<DeviceEnrollmentPermissionsApplication.FooterLink>;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * The background color of the App Launcher header.
+     * The custom pages that will be displayed when applicable for this application
      */
-    header_bg_color?: string;
+    custom_pages?: Array<string>;
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    landing_page_design?: DeviceEnrollmentPermissionsApplication.LandingPageDesign;
+    domain?: string;
 
     /**
      * The name of the application.
@@ -11070,12 +9734,6 @@ export namespace ApplicationListResponse {
 
     policies?: Array<DeviceEnrollmentPermissionsApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: DeviceEnrollmentPermissionsApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -11083,67 +9741,20 @@ export namespace ApplicationListResponse {
      */
     session_duration?: string;
 
-    /**
-     * Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
-
     updated_at?: string;
   }
 
   export namespace DeviceEnrollmentPermissionsApplication {
-    export interface FooterLink {
+    export interface Policy {
       /**
-       * The hypertext in the footer link.
+       * The UUID of the policy
        */
-      name: string;
+      id?: string;
 
       /**
-       * the hyperlink in the footer link.
+       * Administrators who can approve a temporary authentication request.
        */
-      url: string;
-    }
-
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
-    export interface Policy {
-      /**
-       * The UUID of the policy
-       */
-      id?: string;
-
-      /**
-       * Administrators who can approve a temporary authentication request.
-       */
-      approval_groups?: Array<PoliciesAPI.ApprovalGroup>;
+      approval_groups?: Array<PoliciesAPI.ApprovalGroup>;
 
       /**
        * Requires the user to request access from an administrator at the start of each
@@ -11214,105 +9825,6 @@ export namespace ApplicationListResponse {
 
       updated_at?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface BrowserIsolationPermissionsApplication {
@@ -11332,11 +9844,6 @@ export namespace ApplicationListResponse {
      */
     allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
 
-    /**
-     * The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Audience tag.
      */
@@ -11348,33 +9855,30 @@ export namespace ApplicationListResponse {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
     created_at?: string;
 
     /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
      */
-    domain?: string;
+    custom_deny_url?: string;
 
     /**
-     * The links in the App Launcher footer.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
      */
-    footer_links?: Array<BrowserIsolationPermissionsApplication.FooterLink>;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * The background color of the App Launcher header.
+     * The custom pages that will be displayed when applicable for this application
      */
-    header_bg_color?: string;
+    custom_pages?: Array<string>;
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    landing_page_design?: BrowserIsolationPermissionsApplication.LandingPageDesign;
+    domain?: string;
 
     /**
      * The name of the application.
@@ -11383,12 +9887,6 @@ export namespace ApplicationListResponse {
 
     policies?: Array<BrowserIsolationPermissionsApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: BrowserIsolationPermissionsApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -11396,57 +9894,10 @@ export namespace ApplicationListResponse {
      */
     session_duration?: string;
 
-    /**
-     * Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
-
     updated_at?: string;
   }
 
   export namespace BrowserIsolationPermissionsApplication {
-    export interface FooterLink {
-      /**
-       * The hypertext in the footer link.
-       */
-      name: string;
-
-      /**
-       * the hyperlink in the footer link.
-       */
-      url: string;
-    }
-
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
     export interface Policy {
       /**
        * The UUID of the policy
@@ -11527,122 +9978,23 @@ export namespace ApplicationListResponse {
 
       updated_at?: string;
     }
+  }
 
+  export interface BookmarkApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * UUID.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
+    id?: string;
 
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    /**
+     * Displays the application in the App Launcher.
+     */
+    app_launcher_visible?: boolean;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BookmarkApplication {
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * Displays the application in the App Launcher.
-     */
-    app_launcher_visible?: boolean;
-
-    /**
-     * Audience tag.
-     */
-    aud?: string;
+    /**
+     * Audience tag.
+     */
+    aud?: string;
 
     created_at?: string;
 
@@ -11661,12 +10013,6 @@ export namespace ApplicationListResponse {
      */
     name?: string;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: BookmarkApplication.SCIMConfig;
-
     /**
      * The tags you want assigned to an application. Tags are used to filter
      * applications in the App Launcher dashboard.
@@ -11681,107 +10027,6 @@ export namespace ApplicationListResponse {
     updated_at?: string;
   }
 
-  export namespace BookmarkApplication {
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
   export interface InfrastructureApplication {
     target_criteria: Array<InfrastructureApplication.TargetCriterion>;
 
@@ -11809,12 +10054,6 @@ export namespace ApplicationListResponse {
 
     policies?: Array<InfrastructureApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: InfrastructureApplication.SCIMConfig;
-
     updated_at?: string;
   }
 
@@ -11914,133 +10153,34 @@ export namespace ApplicationListResponse {
         }
       }
     }
+  }
 
+  export interface BrowserRdpApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    domain: string;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
+    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
 
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
+    /**
+     * The application type.
+     */
+    type: ApplicationsAPI.ApplicationType;
 
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
+    /**
+     * UUID.
+     */
+    id?: string;
 
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BrowserRdpApplication {
-    /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
-     */
-    domain: string;
-
-    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
-
-    /**
-     * The application type.
-     */
-    type: ApplicationsAPI.ApplicationType;
-
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * When set to true, users can authenticate to this application using their WARP
-     * session. When set to false this application will always require direct IdP
-     * authentication. This setting always overrides the organization setting for WARP
-     * authentication.
-     */
-    allow_authenticate_via_warp?: boolean;
+    /**
+     * When set to true, users can authenticate to this application using their WARP
+     * session. When set to false this application will always require direct IdP
+     * authentication. This setting always overrides the organization setting for WARP
+     * authentication.
+     */
+    allow_authenticate_via_warp?: boolean;
 
     /**
      * Enables loading application content in an iFrame.
@@ -12207,7 +10347,7 @@ export namespace ApplicationListResponse {
       /**
        * The communication protocol your application secures.
        */
-      protocol: 'SSH';
+      protocol: 'RDP';
 
       /**
        * Contains a map of target attribute keys to target attribute values.
@@ -14024,6 +12164,23 @@ export namespace ApplicationGetResponse {
 
     created_at?: string;
 
+    /**
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
+     */
+    custom_deny_url?: string;
+
+    /**
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
+     */
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * The custom pages that will be displayed when applicable for this application
+     */
+    custom_pages?: Array<string>;
+
     /**
      * The primary hostname and path secured by Access. This domain will be displayed
      * if the app is visible in the App Launcher.
@@ -14052,12 +12209,6 @@ export namespace ApplicationGetResponse {
 
     policies?: Array<AppLauncherApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: AppLauncherApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -14196,105 +12347,6 @@ export namespace ApplicationGetResponse {
 
       updated_at?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface DeviceEnrollmentPermissionsApplication {
@@ -14314,11 +12366,6 @@ export namespace ApplicationGetResponse {
      */
     allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
 
-    /**
-     * The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Audience tag.
      */
@@ -14330,33 +12377,30 @@ export namespace ApplicationGetResponse {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
     created_at?: string;
 
     /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
      */
-    domain?: string;
+    custom_deny_url?: string;
 
     /**
-     * The links in the App Launcher footer.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
      */
-    footer_links?: Array<DeviceEnrollmentPermissionsApplication.FooterLink>;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * The background color of the App Launcher header.
+     * The custom pages that will be displayed when applicable for this application
      */
-    header_bg_color?: string;
+    custom_pages?: Array<string>;
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    landing_page_design?: DeviceEnrollmentPermissionsApplication.LandingPageDesign;
+    domain?: string;
 
     /**
      * The name of the application.
@@ -14365,12 +12409,6 @@ export namespace ApplicationGetResponse {
 
     policies?: Array<DeviceEnrollmentPermissionsApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: DeviceEnrollmentPermissionsApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -14378,73 +12416,26 @@ export namespace ApplicationGetResponse {
      */
     session_duration?: string;
 
-    /**
-     * Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
-
     updated_at?: string;
   }
 
   export namespace DeviceEnrollmentPermissionsApplication {
-    export interface FooterLink {
+    export interface Policy {
       /**
-       * The hypertext in the footer link.
+       * The UUID of the policy
        */
-      name: string;
+      id?: string;
 
       /**
-       * the hyperlink in the footer link.
+       * Administrators who can approve a temporary authentication request.
        */
-      url: string;
-    }
+      approval_groups?: Array<PoliciesAPI.ApprovalGroup>;
 
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
       /**
-       * The background color of the log in button on the landing page.
+       * Requires the user to request access from an administrator at the start of each
+       * session.
        */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
-    export interface Policy {
-      /**
-       * The UUID of the policy
-       */
-      id?: string;
-
-      /**
-       * Administrators who can approve a temporary authentication request.
-       */
-      approval_groups?: Array<PoliciesAPI.ApprovalGroup>;
-
-      /**
-       * Requires the user to request access from an administrator at the start of each
-       * session.
-       */
-      approval_required?: boolean;
+      approval_required?: boolean;
 
       created_at?: string;
 
@@ -14509,105 +12500,6 @@ export namespace ApplicationGetResponse {
 
       updated_at?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface BrowserIsolationPermissionsApplication {
@@ -14627,11 +12519,6 @@ export namespace ApplicationGetResponse {
      */
     allowed_idps?: Array<ApplicationsAPI.AllowedIdPs>;
 
-    /**
-     * The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Audience tag.
      */
@@ -14643,33 +12530,30 @@ export namespace ApplicationGetResponse {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
     created_at?: string;
 
     /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing identity-based rules.
      */
-    domain?: string;
+    custom_deny_url?: string;
 
     /**
-     * The links in the App Launcher footer.
+     * The custom URL a user is redirected to when they are denied access to the
+     * application when failing non-identity rules.
      */
-    footer_links?: Array<BrowserIsolationPermissionsApplication.FooterLink>;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * The background color of the App Launcher header.
+     * The custom pages that will be displayed when applicable for this application
      */
-    header_bg_color?: string;
+    custom_pages?: Array<string>;
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    landing_page_design?: BrowserIsolationPermissionsApplication.LandingPageDesign;
+    domain?: string;
 
     /**
      * The name of the application.
@@ -14678,12 +12562,6 @@ export namespace ApplicationGetResponse {
 
     policies?: Array<BrowserIsolationPermissionsApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: BrowserIsolationPermissionsApplication.SCIMConfig;
-
     /**
      * The amount of time that tokens issued for this application will be valid. Must
      * be in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms,
@@ -14691,57 +12569,10 @@ export namespace ApplicationGetResponse {
      */
     session_duration?: string;
 
-    /**
-     * Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
-
     updated_at?: string;
   }
 
   export namespace BrowserIsolationPermissionsApplication {
-    export interface FooterLink {
-      /**
-       * The hypertext in the footer link.
-       */
-      name: string;
-
-      /**
-       * the hyperlink in the footer link.
-       */
-      url: string;
-    }
-
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
     export interface Policy {
       /**
        * The UUID of the policy
@@ -14822,122 +12653,23 @@ export namespace ApplicationGetResponse {
 
       updated_at?: string;
     }
+  }
 
+  export interface BookmarkApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * UUID.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
+    id?: string;
 
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    /**
+     * Displays the application in the App Launcher.
+     */
+    app_launcher_visible?: boolean;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BookmarkApplication {
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * Displays the application in the App Launcher.
-     */
-    app_launcher_visible?: boolean;
-
-    /**
-     * Audience tag.
-     */
-    aud?: string;
+    /**
+     * Audience tag.
+     */
+    aud?: string;
 
     created_at?: string;
 
@@ -14956,12 +12688,6 @@ export namespace ApplicationGetResponse {
      */
     name?: string;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: BookmarkApplication.SCIMConfig;
-
     /**
      * The tags you want assigned to an application. Tags are used to filter
      * applications in the App Launcher dashboard.
@@ -14976,107 +12702,6 @@ export namespace ApplicationGetResponse {
     updated_at?: string;
   }
 
-  export namespace BookmarkApplication {
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
   export interface InfrastructureApplication {
     target_criteria: Array<InfrastructureApplication.TargetCriterion>;
 
@@ -15104,12 +12729,6 @@ export namespace ApplicationGetResponse {
 
     policies?: Array<InfrastructureApplication.Policy>;
 
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    scim_config?: InfrastructureApplication.SCIMConfig;
-
     updated_at?: string;
   }
 
@@ -15209,133 +12828,34 @@ export namespace ApplicationGetResponse {
         }
       }
     }
+  }
 
+  export interface BrowserRdpApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * The primary hostname and path secured by Access. This domain will be displayed
+     * if the app is visible in the App Launcher.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
+    domain: string;
 
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasic
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerToken
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
+    /**
+     * The application type.
+     */
+    type: ApplicationsAPI.ApplicationType;
 
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
+    /**
+     * UUID.
+     */
+    id?: string;
 
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMapping>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BrowserRdpApplication {
-    /**
-     * The primary hostname and path secured by Access. This domain will be displayed
-     * if the app is visible in the App Launcher.
-     */
-    domain: string;
-
-    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
-
-    /**
-     * The application type.
-     */
-    type: ApplicationsAPI.ApplicationType;
-
-    /**
-     * UUID.
-     */
-    id?: string;
-
-    /**
-     * When set to true, users can authenticate to this application using their WARP
-     * session. When set to false this application will always require direct IdP
-     * authentication. This setting always overrides the organization setting for WARP
-     * authentication.
-     */
-    allow_authenticate_via_warp?: boolean;
+    /**
+     * When set to true, users can authenticate to this application using their WARP
+     * session. When set to false this application will always require direct IdP
+     * authentication. This setting always overrides the organization setting for WARP
+     * authentication.
+     */
+    allow_authenticate_via_warp?: boolean;
 
     /**
      * Enables loading application content in an iFrame.
@@ -15502,7 +13022,7 @@ export namespace ApplicationGetResponse {
       /**
        * The communication protocol your application secures.
        */
-      protocol: 'SSH';
+      protocol: 'RDP';
 
       /**
        * Contains a map of target attribute keys to target attribute values.
@@ -15752,7 +13272,7 @@ export type ApplicationCreateParams =
   | ApplicationCreateParams.AppLauncherApplication
   | ApplicationCreateParams.DeviceEnrollmentPermissionsApplication
   | ApplicationCreateParams.BrowserIsolationPermissionsApplication
-  | ApplicationCreateParams.BookmarkApplication
+  | ApplicationCreateParams.AccessBookmarkProps
   | ApplicationCreateParams.InfrastructureApplication
   | ApplicationCreateParams.BrowserRdpApplication;
 
@@ -17280,6 +14800,24 @@ export declare namespace ApplicationCreateParams {
      */
     bg_color?: string;
 
+    /**
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing identity-based rules.
+     */
+    custom_deny_url?: string;
+
+    /**
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing non-identity rules.
+     */
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * Body param: The custom pages that will be displayed when applicable for this
+     * application
+     */
+    custom_pages?: Array<string>;
+
     /**
      * Body param: The links in the App Launcher footer.
      */
@@ -17305,12 +14843,6 @@ export declare namespace ApplicationCreateParams {
       AppLauncherApplication.AccessAppPolicyLink | string | AppLauncherApplication.UnionMember2
     >;
 
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: AppLauncherApplication.SCIMConfig;
-
     /**
      * Body param: The amount of time that tokens issued for this application will be
      * valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us
@@ -17430,105 +14962,6 @@ export declare namespace ApplicationCreateParams {
        */
       session_duration?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMappingParam>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface DeviceEnrollmentPermissionsApplication {
@@ -17555,11 +14988,6 @@ export declare namespace ApplicationCreateParams {
      */
     allowed_idps?: Array<AllowedIdPsParam>;
 
-    /**
-     * Body param: The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Body param: When set to `true`, users skip the identity provider selection step
      * during login. You must specify only one identity provider in allowed_idps.
@@ -17567,25 +14995,22 @@ export declare namespace ApplicationCreateParams {
     auto_redirect_to_identity?: boolean;
 
     /**
-     * Body param: The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
-    /**
-     * Body param: The links in the App Launcher footer.
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing identity-based rules.
      */
-    footer_links?: Array<DeviceEnrollmentPermissionsApplication.FooterLink>;
+    custom_deny_url?: string;
 
     /**
-     * Body param: The background color of the App Launcher header.
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing non-identity rules.
      */
-    header_bg_color?: string;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * Body param: The design of the App Launcher landing page shown to users when they
-     * log in.
+     * Body param: The custom pages that will be displayed when applicable for this
+     * application
      */
-    landing_page_design?: DeviceEnrollmentPermissionsApplication.LandingPageDesign;
+    custom_pages?: Array<string>;
 
     /**
      * Body param: The policies that Access applies to the application, in ascending
@@ -17598,85 +15023,32 @@ export declare namespace ApplicationCreateParams {
       | DeviceEnrollmentPermissionsApplication.UnionMember2
     >;
 
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: DeviceEnrollmentPermissionsApplication.SCIMConfig;
-
     /**
      * Body param: The amount of time that tokens issued for this application will be
      * valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us
      * (or µs), ms, s, m, h. Note: unsupported for infrastructure type applications.
      */
     session_duration?: string;
-
-    /**
-     * Body param: Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
   }
 
   export namespace DeviceEnrollmentPermissionsApplication {
-    export interface FooterLink {
+    /**
+     * A JSON that links a reusable policy to an application.
+     */
+    export interface AccessAppPolicyLink {
       /**
-       * The hypertext in the footer link.
+       * The UUID of the policy
        */
-      name: string;
+      id?: string;
 
       /**
-       * the hyperlink in the footer link.
+       * The order of execution for this policy. Must be unique for each policy within an
+       * app.
        */
-      url: string;
+      precedence?: number;
     }
 
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
-    /**
-     * A JSON that links a reusable policy to an application.
-     */
-    export interface AccessAppPolicyLink {
-      /**
-       * The UUID of the policy
-       */
-      id?: string;
-
-      /**
-       * The order of execution for this policy. Must be unique for each policy within an
-       * app.
-       */
-      precedence?: number;
-    }
-
-    export interface UnionMember2 {
+    export interface UnionMember2 {
       /**
        * The UUID of the policy
        */
@@ -17723,105 +15095,6 @@ export declare namespace ApplicationCreateParams {
        */
       session_duration?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMappingParam>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
   export interface BrowserIsolationPermissionsApplication {
@@ -17848,11 +15121,6 @@ export declare namespace ApplicationCreateParams {
      */
     allowed_idps?: Array<AllowedIdPsParam>;
 
-    /**
-     * Body param: The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Body param: When set to `true`, users skip the identity provider selection step
      * during login. You must specify only one identity provider in allowed_idps.
@@ -17860,25 +15128,22 @@ export declare namespace ApplicationCreateParams {
     auto_redirect_to_identity?: boolean;
 
     /**
-     * Body param: The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
-    /**
-     * Body param: The links in the App Launcher footer.
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing identity-based rules.
      */
-    footer_links?: Array<BrowserIsolationPermissionsApplication.FooterLink>;
+    custom_deny_url?: string;
 
     /**
-     * Body param: The background color of the App Launcher header.
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing non-identity rules.
      */
-    header_bg_color?: string;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * Body param: The design of the App Launcher landing page shown to users when they
-     * log in.
+     * Body param: The custom pages that will be displayed when applicable for this
+     * application
      */
-    landing_page_design?: BrowserIsolationPermissionsApplication.LandingPageDesign;
+    custom_pages?: Array<string>;
 
     /**
      * Body param: The policies that Access applies to the application, in ascending
@@ -17891,68 +15156,15 @@ export declare namespace ApplicationCreateParams {
       | BrowserIsolationPermissionsApplication.UnionMember2
     >;
 
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: BrowserIsolationPermissionsApplication.SCIMConfig;
-
     /**
      * Body param: The amount of time that tokens issued for this application will be
      * valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us
      * (or µs), ms, s, m, h. Note: unsupported for infrastructure type applications.
      */
     session_duration?: string;
-
-    /**
-     * Body param: Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
   }
 
   export namespace BrowserIsolationPermissionsApplication {
-    export interface FooterLink {
-      /**
-       * The hypertext in the footer link.
-       */
-      name: string;
-
-      /**
-       * the hyperlink in the footer link.
-       */
-      url: string;
-    }
-
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
     /**
      * A JSON that links a reusable policy to an application.
      */
@@ -18016,119 +15228,20 @@ export declare namespace ApplicationCreateParams {
        */
       session_duration?: string;
     }
+  }
 
+  export interface AccessBookmarkProps {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
+     * Zone ID.
      */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
+    account_id?: string;
 
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMappingParam>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
-  export interface BookmarkApplication {
-    /**
-     * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
-     * Zone ID.
-     */
-    account_id?: string;
-
-    /**
-     * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
-     * Account ID.
-     */
-    zone_id?: string;
+    /**
+     * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
+     * Account ID.
+     */
+    zone_id?: string;
 
     /**
      * Body param: Displays the application in the App Launcher.
@@ -18150,12 +15263,6 @@ export declare namespace ApplicationCreateParams {
      */
     name?: string;
 
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: BookmarkApplication.SCIMConfig;
-
     /**
      * Body param: The tags you want assigned to an application. Tags are used to
      * filter applications in the App Launcher dashboard.
@@ -18168,107 +15275,6 @@ export declare namespace ApplicationCreateParams {
     type?: ApplicationTypeParam;
   }
 
-  export namespace BookmarkApplication {
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMappingParam>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
   export interface InfrastructureApplication {
     /**
      * Body param:
@@ -18317,528 +15323,93 @@ export declare namespace ApplicationCreateParams {
       protocol: 'SSH';
 
       /**
-       * Contains a map of target attribute keys to target attribute values.
-       */
-      target_attributes: { [key: string]: Array<string> };
-    }
-
-    export interface Policy {
-      /**
-       * The action Access will take if a user matches this policy. Infrastructure
-       * application policies can only use the Allow action.
-       */
-      decision: ApplicationsAPI.DecisionParam;
-
-      /**
-       * Rules evaluated with an OR logical operator. A user needs to meet only one of
-       * the Include rules.
-       */
-      include: Array<ApplicationsPoliciesAPI.AccessRuleParam>;
-
-      /**
-       * The name of the Access policy.
-       */
-      name: string;
-
-      /**
-       * The rules that define how users may connect to the targets secured by your
-       * application.
-       */
-      connection_rules?: Policy.ConnectionRules;
-
-      /**
-       * Rules evaluated with a NOT logical operator. To match the policy, a user cannot
-       * meet any of the Exclude rules.
-       */
-      exclude?: Array<ApplicationsPoliciesAPI.AccessRuleParam>;
-
-      /**
-       * Rules evaluated with an AND logical operator. To match the policy, a user must
-       * meet all of the Require rules.
-       */
-      require?: Array<ApplicationsPoliciesAPI.AccessRuleParam>;
-    }
-
-    export namespace Policy {
-      /**
-       * The rules that define how users may connect to the targets secured by your
-       * application.
-       */
-      export interface ConnectionRules {
-        /**
-         * The SSH-specific rules that define how users may connect to the targets secured
-         * by your application.
-         */
-        ssh?: ConnectionRules.SSH;
-      }
-
-      export namespace ConnectionRules {
-        /**
-         * The SSH-specific rules that define how users may connect to the targets secured
-         * by your application.
-         */
-        export interface SSH {
-          /**
-           * Contains the Unix usernames that may be used when connecting over SSH.
-           */
-          usernames: Array<string>;
-
-          /**
-           * Enables using Identity Provider email alias as SSH username.
-           */
-          allow_email_alias?: boolean;
-        }
-      }
-    }
-  }
-
-  export interface BrowserRdpApplication {
-    /**
-     * Body param: The primary hostname and path secured by Access. This domain will be
-     * displayed if the app is visible in the App Launcher.
-     */
-    domain: string;
-
-    /**
-     * Body param:
-     */
-    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
-
-    /**
-     * Body param: The application type.
-     */
-    type: ApplicationTypeParam;
-
-    /**
-     * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
-     * Zone ID.
-     */
-    account_id?: string;
-
-    /**
-     * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
-     * Account ID.
-     */
-    zone_id?: string;
-
-    /**
-     * Body param: When set to true, users can authenticate to this application using
-     * their WARP session. When set to false this application will always require
-     * direct IdP authentication. This setting always overrides the organization
-     * setting for WARP authentication.
-     */
-    allow_authenticate_via_warp?: boolean;
-
-    /**
-     * Body param: Enables loading application content in an iFrame.
-     */
-    allow_iframe?: boolean;
-
-    /**
-     * Body param: The identity providers your users can select when connecting to this
-     * application. Defaults to all IdPs configured in your account.
-     */
-    allowed_idps?: Array<AllowedIdPsParam>;
-
-    /**
-     * Body param: Displays the application in the App Launcher.
-     */
-    app_launcher_visible?: boolean;
-
-    /**
-     * Body param: When set to `true`, users skip the identity provider selection step
-     * during login. You must specify only one identity provider in allowed_idps.
-     */
-    auto_redirect_to_identity?: boolean;
-
-    /**
-     * Body param:
-     */
-    cors_headers?: CORSHeadersParam;
-
-    /**
-     * Body param: The custom error message shown to a user when they are denied access
-     * to the application.
-     */
-    custom_deny_message?: string;
-
-    /**
-     * Body param: The custom URL a user is redirected to when they are denied access
-     * to the application when failing identity-based rules.
-     */
-    custom_deny_url?: string;
-
-    /**
-     * Body param: The custom URL a user is redirected to when they are denied access
-     * to the application when failing non-identity rules.
-     */
-    custom_non_identity_deny_url?: string;
-
-    /**
-     * Body param: The custom pages that will be displayed when applicable for this
-     * application
-     */
-    custom_pages?: Array<string>;
-
-    /**
-     * Body param: List of destinations secured by Access. This supersedes
-     * `self_hosted_domains` to allow for more flexibility in defining different types
-     * of domains. If `destinations` are provided, then `self_hosted_domains` will be
-     * ignored.
-     */
-    destinations?: Array<BrowserRdpApplication.PublicDestination | BrowserRdpApplication.PrivateDestination>;
-
-    /**
-     * Body param: Enables the binding cookie, which increases security against
-     * compromised authorization tokens and CSRF attacks.
-     */
-    enable_binding_cookie?: boolean;
-
-    /**
-     * Body param: Enables the HttpOnly cookie attribute, which increases security
-     * against XSS attacks.
-     */
-    http_only_cookie_attribute?: boolean;
-
-    /**
-     * Body param: The image URL for the logo shown in the App Launcher dashboard.
-     */
-    logo_url?: string;
-
-    /**
-     * Body param: The name of the application.
-     */
-    name?: string;
-
-    /**
-     * Body param: Allows options preflight requests to bypass Access authentication
-     * and go directly to the origin. Cannot turn on if cors_headers is set.
-     */
-    options_preflight_bypass?: boolean;
-
-    /**
-     * Body param: Enables cookie paths to scope an application's JWT to the
-     * application path. If disabled, the JWT will scope to the hostname by default
-     */
-    path_cookie_attribute?: boolean;
-
-    /**
-     * Body param: The policies that Access applies to the application, in ascending
-     * order of precedence. Items can reference existing policies or create new
-     * policies exclusive to the application.
-     */
-    policies?: Array<BrowserRdpApplication.AccessAppPolicyLink | string | BrowserRdpApplication.UnionMember2>;
-
-    /**
-     * Body param: Allows matching Access Service Tokens passed HTTP in a single header
-     * with this name. This works as an alternative to the (CF-Access-Client-Id,
-     * CF-Access-Client-Secret) pair of headers. The header value will be interpreted
-     * as a json object similar to: { "cf-access-client-id":
-     * "88bf3b6d86161464f6509f7219099e57.access.example.com",
-     * "cf-access-client-secret":
-     * "bdd31cbc4dec990953e39163fbbb194c93313ca9f0a6e420346af9d326b1d2a5" }
-     */
-    read_service_tokens_from_header?: string;
-
-    /**
-     * Body param: Sets the SameSite cookie setting, which provides increased security
-     * against CSRF attacks.
-     */
-    same_site_cookie_attribute?: string;
-
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: BrowserRdpApplication.SCIMConfig;
-
-    /**
-     * @deprecated Body param: List of public domains that Access will secure. This
-     * field is deprecated in favor of `destinations` and will be supported until
-     * **November 21, 2025.** If `destinations` are provided, then
-     * `self_hosted_domains` will be ignored.
-     */
-    self_hosted_domains?: Array<SelfHostedDomainsParam>;
-
-    /**
-     * Body param: Returns a 401 status code when the request is blocked by a Service
-     * Auth policy.
-     */
-    service_auth_401_redirect?: boolean;
-
-    /**
-     * Body param: The amount of time that tokens issued for this application will be
-     * valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us
-     * (or µs), ms, s, m, h. Note: unsupported for infrastructure type applications.
-     */
-    session_duration?: string;
-
-    /**
-     * Body param: Enables automatic authentication through cloudflared.
-     */
-    skip_interstitial?: boolean;
-
-    /**
-     * Body param: The tags you want assigned to an application. Tags are used to
-     * filter applications in the App Launcher dashboard.
-     */
-    tags?: Array<string>;
-  }
-
-  export namespace BrowserRdpApplication {
-    export interface TargetCriterion {
-      /**
-       * The port that the targets use for the chosen communication protocol. A port
-       * cannot be assigned to multiple protocols.
-       */
-      port: number;
-
-      /**
-       * The communication protocol your application secures.
-       */
-      protocol: 'SSH';
-
-      /**
-       * Contains a map of target attribute keys to target attribute values.
-       */
-      target_attributes: { [key: string]: Array<string> };
-    }
-
-    /**
-     * A public hostname that Access will secure. Public destinations support
-     * sub-domain and path. Wildcard '\*' can be used in the definition.
-     */
-    export interface PublicDestination {
-      type?: 'public';
-
-      /**
-       * The URI of the destination. Public destinations' URIs can include a domain and
-       * path with
-       * [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/).
-       */
-      uri?: string;
-    }
-
-    /**
-     * Private destinations are an early access feature and gated behind a feature
-     * flag.
-     */
-    export interface PrivateDestination {
-      /**
-       * The CIDR range of the destination. Single IPs will be computed as /32.
-       */
-      cidr?: string;
-
-      /**
-       * The hostname of the destination. Matches a valid SNI served by an HTTPS origin.
-       */
-      hostname?: string;
-
-      /**
-       * The L4 protocol of the destination. When omitted, both UDP and TCP traffic will
-       * match.
-       */
-      l4_protocol?: 'tcp' | 'udp';
-
-      /**
-       * The port range of the destination. Can be a single port or a range of ports.
-       * When omitted, all ports will match.
-       */
-      port_range?: string;
-
-      type?: 'private';
-
-      /**
-       * The VNET ID to match the destination. When omitted, all VNETs will match.
-       */
-      vnet_id?: string;
-    }
-
-    /**
-     * A JSON that links a reusable policy to an application.
-     */
-    export interface AccessAppPolicyLink {
-      /**
-       * The UUID of the policy
-       */
-      id?: string;
-
-      /**
-       * The order of execution for this policy. Must be unique for each policy within an
-       * app.
-       */
-      precedence?: number;
-    }
-
-    export interface UnionMember2 {
-      /**
-       * The UUID of the policy
-       */
-      id?: string;
-
-      /**
-       * Administrators who can approve a temporary authentication request.
-       */
-      approval_groups?: Array<PoliciesAPI.ApprovalGroupParam>;
-
-      /**
-       * Requires the user to request access from an administrator at the start of each
-       * session.
-       */
-      approval_required?: boolean;
-
-      /**
-       * Require this application to be served in an isolated browser for users matching
-       * this policy. 'Client Web Isolation' must be on for the account in order to use
-       * this feature.
-       */
-      isolation_required?: boolean;
-
-      /**
-       * The order of execution for this policy. Must be unique for each policy within an
-       * app.
-       */
-      precedence?: number;
-
-      /**
-       * A custom message that will appear on the purpose justification screen.
-       */
-      purpose_justification_prompt?: string;
-
-      /**
-       * Require users to enter a justification when they log in to the application.
-       */
-      purpose_justification_required?: boolean;
-
-      /**
-       * The amount of time that tokens issued for the application will be valid. Must be
-       * in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, s,
-       * m, h.
-       */
-      session_duration?: string;
-    }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
+       * Contains a map of target attribute keys to target attribute values.
+       */
+      target_attributes: { [key: string]: Array<string> };
+    }
 
+    export interface Policy {
       /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
+       * The action Access will take if a user matches this policy. Infrastructure
+       * application policies can only use the Allow action.
        */
-      deactivate_on_delete?: boolean;
+      decision: ApplicationsAPI.DecisionParam;
 
       /**
-       * Whether SCIM provisioning is turned on for this application.
+       * Rules evaluated with an OR logical operator. A user needs to meet only one of
+       * the Include rules.
        */
-      enabled?: boolean;
+      include: Array<ApplicationsPoliciesAPI.AccessRuleParam>;
 
       /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
+       * The name of the Access policy.
        */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMappingParam>;
-    }
+      name: string;
 
-    export namespace SCIMConfig {
       /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
+       * The rules that define how users may connect to the targets secured by your
+       * application.
        */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
+      connection_rules?: Policy.ConnectionRules;
 
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
+      /**
+       * Rules evaluated with a NOT logical operator. To match the policy, a user cannot
+       * meet any of the Exclude rules.
+       */
+      exclude?: Array<ApplicationsPoliciesAPI.AccessRuleParam>;
 
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
+      /**
+       * Rules evaluated with an AND logical operator. To match the policy, a user must
+       * meet all of the Require rules.
+       */
+      require?: Array<ApplicationsPoliciesAPI.AccessRuleParam>;
+    }
 
+    export namespace Policy {
       /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
+       * The rules that define how users may connect to the targets secured by your
+       * application.
        */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
+      export interface ConnectionRules {
         /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
+         * The SSH-specific rules that define how users may connect to the targets secured
+         * by your application.
          */
-        client_id: string;
+        ssh?: ConnectionRules.SSH;
+      }
 
+      export namespace ConnectionRules {
         /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
+         * The SSH-specific rules that define how users may connect to the targets secured
+         * by your application.
          */
-        client_secret: string;
+        export interface SSH {
+          /**
+           * Contains the Unix usernames that may be used when connecting over SSH.
+           */
+          usernames: Array<string>;
 
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
+          /**
+           * Enables using Identity Provider email alias as SSH username.
+           */
+          allow_email_alias?: boolean;
+        }
       }
     }
   }
-}
-
-export type ApplicationUpdateParams =
-  | ApplicationUpdateParams.SelfHostedApplication
-  | ApplicationUpdateParams.SaaSApplication
-  | ApplicationUpdateParams.BrowserSSHApplication
-  | ApplicationUpdateParams.BrowserVNCApplication
-  | ApplicationUpdateParams.AppLauncherApplication
-  | ApplicationUpdateParams.DeviceEnrollmentPermissionsApplication
-  | ApplicationUpdateParams.BrowserIsolationPermissionsApplication
-  | ApplicationUpdateParams.BookmarkApplication
-  | ApplicationUpdateParams.InfrastructureApplication
-  | ApplicationUpdateParams.BrowserRdpApplication;
 
-export declare namespace ApplicationUpdateParams {
-  export interface SelfHostedApplication {
+  export interface BrowserRdpApplication {
     /**
      * Body param: The primary hostname and path secured by Access. This domain will be
      * displayed if the app is visible in the App Launcher.
      */
     domain: string;
 
+    /**
+     * Body param:
+     */
+    target_criteria: Array<BrowserRdpApplication.TargetCriterion>;
+
     /**
      * Body param: The application type.
      */
@@ -18921,7 +15492,7 @@ export declare namespace ApplicationUpdateParams {
      * of domains. If `destinations` are provided, then `self_hosted_domains` will be
      * ignored.
      */
-    destinations?: Array<SelfHostedApplication.PublicDestination | SelfHostedApplication.PrivateDestination>;
+    destinations?: Array<BrowserRdpApplication.PublicDestination | BrowserRdpApplication.PrivateDestination>;
 
     /**
      * Body param: Enables the binding cookie, which increases security against
@@ -18962,7 +15533,7 @@ export declare namespace ApplicationUpdateParams {
      * order of precedence. Items can reference existing policies or create new
      * policies exclusive to the application.
      */
-    policies?: Array<SelfHostedApplication.AccessAppPolicyLink | string | SelfHostedApplication.UnionMember2>;
+    policies?: Array<BrowserRdpApplication.AccessAppPolicyLink | string | BrowserRdpApplication.UnionMember2>;
 
     /**
      * Body param: Allows matching Access Service Tokens passed HTTP in a single header
@@ -18985,7 +15556,7 @@ export declare namespace ApplicationUpdateParams {
      * Body param: Configuration for provisioning to this application via SCIM. This is
      * currently in closed beta.
      */
-    scim_config?: SelfHostedApplication.SCIMConfig;
+    scim_config?: BrowserRdpApplication.SCIMConfig;
 
     /**
      * @deprecated Body param: List of public domains that Access will secure. This
@@ -19020,7 +15591,25 @@ export declare namespace ApplicationUpdateParams {
     tags?: Array<string>;
   }
 
-  export namespace SelfHostedApplication {
+  export namespace BrowserRdpApplication {
+    export interface TargetCriterion {
+      /**
+       * The port that the targets use for the chosen communication protocol. A port
+       * cannot be assigned to multiple protocols.
+       */
+      port: number;
+
+      /**
+       * The communication protocol your application secures.
+       */
+      protocol: 'RDP';
+
+      /**
+       * Contains a map of target attribute keys to target attribute values.
+       */
+      target_attributes: { [key: string]: Array<string> };
+    }
+
     /**
      * A public hostname that Access will secure. Public destinations support
      * sub-domain and path. Wildcard '\*' can be used in the definition.
@@ -19234,84 +15823,260 @@ export declare namespace ApplicationUpdateParams {
       }
     }
   }
+}
+
+export type ApplicationUpdateParams =
+  | ApplicationUpdateParams.SelfHostedApplication
+  | ApplicationUpdateParams.SaaSApplication
+  | ApplicationUpdateParams.BrowserSSHApplication
+  | ApplicationUpdateParams.BrowserVNCApplication
+  | ApplicationUpdateParams.AppLauncherApplication
+  | ApplicationUpdateParams.DeviceEnrollmentPermissionsApplication
+  | ApplicationUpdateParams.BrowserIsolationPermissionsApplication
+  | ApplicationUpdateParams.AccessBookmarkProps
+  | ApplicationUpdateParams.InfrastructureApplication
+  | ApplicationUpdateParams.BrowserRdpApplication;
+
+export declare namespace ApplicationUpdateParams {
+  export interface SelfHostedApplication {
+    /**
+     * Body param: The primary hostname and path secured by Access. This domain will be
+     * displayed if the app is visible in the App Launcher.
+     */
+    domain: string;
+
+    /**
+     * Body param: The application type.
+     */
+    type: ApplicationTypeParam;
 
-  export interface SaaSApplication {
     /**
      * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
      * Zone ID.
      */
-    account_id?: string;
+    account_id?: string;
+
+    /**
+     * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
+     * Account ID.
+     */
+    zone_id?: string;
+
+    /**
+     * Body param: When set to true, users can authenticate to this application using
+     * their WARP session. When set to false this application will always require
+     * direct IdP authentication. This setting always overrides the organization
+     * setting for WARP authentication.
+     */
+    allow_authenticate_via_warp?: boolean;
+
+    /**
+     * Body param: Enables loading application content in an iFrame.
+     */
+    allow_iframe?: boolean;
+
+    /**
+     * Body param: The identity providers your users can select when connecting to this
+     * application. Defaults to all IdPs configured in your account.
+     */
+    allowed_idps?: Array<AllowedIdPsParam>;
+
+    /**
+     * Body param: Displays the application in the App Launcher.
+     */
+    app_launcher_visible?: boolean;
+
+    /**
+     * Body param: When set to `true`, users skip the identity provider selection step
+     * during login. You must specify only one identity provider in allowed_idps.
+     */
+    auto_redirect_to_identity?: boolean;
+
+    /**
+     * Body param:
+     */
+    cors_headers?: CORSHeadersParam;
+
+    /**
+     * Body param: The custom error message shown to a user when they are denied access
+     * to the application.
+     */
+    custom_deny_message?: string;
+
+    /**
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing identity-based rules.
+     */
+    custom_deny_url?: string;
+
+    /**
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing non-identity rules.
+     */
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * Body param: The custom pages that will be displayed when applicable for this
+     * application
+     */
+    custom_pages?: Array<string>;
+
+    /**
+     * Body param: List of destinations secured by Access. This supersedes
+     * `self_hosted_domains` to allow for more flexibility in defining different types
+     * of domains. If `destinations` are provided, then `self_hosted_domains` will be
+     * ignored.
+     */
+    destinations?: Array<SelfHostedApplication.PublicDestination | SelfHostedApplication.PrivateDestination>;
+
+    /**
+     * Body param: Enables the binding cookie, which increases security against
+     * compromised authorization tokens and CSRF attacks.
+     */
+    enable_binding_cookie?: boolean;
+
+    /**
+     * Body param: Enables the HttpOnly cookie attribute, which increases security
+     * against XSS attacks.
+     */
+    http_only_cookie_attribute?: boolean;
+
+    /**
+     * Body param: The image URL for the logo shown in the App Launcher dashboard.
+     */
+    logo_url?: string;
+
+    /**
+     * Body param: The name of the application.
+     */
+    name?: string;
 
     /**
-     * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
-     * Account ID.
+     * Body param: Allows options preflight requests to bypass Access authentication
+     * and go directly to the origin. Cannot turn on if cors_headers is set.
      */
-    zone_id?: string;
+    options_preflight_bypass?: boolean;
 
     /**
-     * Body param: The identity providers your users can select when connecting to this
-     * application. Defaults to all IdPs configured in your account.
+     * Body param: Enables cookie paths to scope an application's JWT to the
+     * application path. If disabled, the JWT will scope to the hostname by default
      */
-    allowed_idps?: Array<AllowedIdPsParam>;
+    path_cookie_attribute?: boolean;
 
     /**
-     * Body param: Displays the application in the App Launcher.
+     * Body param: The policies that Access applies to the application, in ascending
+     * order of precedence. Items can reference existing policies or create new
+     * policies exclusive to the application.
      */
-    app_launcher_visible?: boolean;
+    policies?: Array<SelfHostedApplication.AccessAppPolicyLink | string | SelfHostedApplication.UnionMember2>;
 
     /**
-     * Body param: When set to `true`, users skip the identity provider selection step
-     * during login. You must specify only one identity provider in allowed_idps.
+     * Body param: Allows matching Access Service Tokens passed HTTP in a single header
+     * with this name. This works as an alternative to the (CF-Access-Client-Id,
+     * CF-Access-Client-Secret) pair of headers. The header value will be interpreted
+     * as a json object similar to: { "cf-access-client-id":
+     * "88bf3b6d86161464f6509f7219099e57.access.example.com",
+     * "cf-access-client-secret":
+     * "bdd31cbc4dec990953e39163fbbb194c93313ca9f0a6e420346af9d326b1d2a5" }
      */
-    auto_redirect_to_identity?: boolean;
+    read_service_tokens_from_header?: string;
 
     /**
-     * Body param: The custom pages that will be displayed when applicable for this
-     * application
+     * Body param: Sets the SameSite cookie setting, which provides increased security
+     * against CSRF attacks.
      */
-    custom_pages?: Array<string>;
+    same_site_cookie_attribute?: string;
 
     /**
-     * Body param: The image URL for the logo shown in the App Launcher dashboard.
+     * Body param: Configuration for provisioning to this application via SCIM. This is
+     * currently in closed beta.
      */
-    logo_url?: string;
+    scim_config?: SelfHostedApplication.SCIMConfig;
 
     /**
-     * Body param: The name of the application.
+     * @deprecated Body param: List of public domains that Access will secure. This
+     * field is deprecated in favor of `destinations` and will be supported until
+     * **November 21, 2025.** If `destinations` are provided, then
+     * `self_hosted_domains` will be ignored.
      */
-    name?: string;
+    self_hosted_domains?: Array<SelfHostedDomainsParam>;
 
     /**
-     * Body param: The policies that Access applies to the application, in ascending
-     * order of precedence. Items can reference existing policies or create new
-     * policies exclusive to the application.
+     * Body param: Returns a 401 status code when the request is blocked by a Service
+     * Auth policy.
      */
-    policies?: Array<SaaSApplication.AccessAppPolicyLink | string | SaaSApplication.UnionMember2>;
+    service_auth_401_redirect?: boolean;
 
     /**
-     * Body param:
+     * Body param: The amount of time that tokens issued for this application will be
+     * valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us
+     * (or µs), ms, s, m, h. Note: unsupported for infrastructure type applications.
      */
-    saas_app?: SAMLSaaSAppParam | OIDCSaaSAppParam;
+    session_duration?: string;
 
     /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
+     * Body param: Enables automatic authentication through cloudflared.
      */
-    scim_config?: SaaSApplication.SCIMConfig;
+    skip_interstitial?: boolean;
 
     /**
      * Body param: The tags you want assigned to an application. Tags are used to
      * filter applications in the App Launcher dashboard.
      */
     tags?: Array<string>;
+  }
 
+  export namespace SelfHostedApplication {
     /**
-     * Body param: The application type.
+     * A public hostname that Access will secure. Public destinations support
+     * sub-domain and path. Wildcard '\*' can be used in the definition.
      */
-    type?: ApplicationTypeParam;
-  }
+    export interface PublicDestination {
+      type?: 'public';
+
+      /**
+       * The URI of the destination. Public destinations' URIs can include a domain and
+       * path with
+       * [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/).
+       */
+      uri?: string;
+    }
+
+    /**
+     * Private destinations are an early access feature and gated behind a feature
+     * flag.
+     */
+    export interface PrivateDestination {
+      /**
+       * The CIDR range of the destination. Single IPs will be computed as /32.
+       */
+      cidr?: string;
+
+      /**
+       * The hostname of the destination. Matches a valid SNI served by an HTTPS origin.
+       */
+      hostname?: string;
+
+      /**
+       * The L4 protocol of the destination. When omitted, both UDP and TCP traffic will
+       * match.
+       */
+      l4_protocol?: 'tcp' | 'udp';
+
+      /**
+       * The port range of the destination. Can be a single port or a range of ports.
+       * When omitted, all ports will match.
+       */
+      port_range?: string;
+
+      type?: 'private';
+
+      /**
+       * The VNET ID to match the destination. When omitted, all VNETs will match.
+       */
+      vnet_id?: string;
+    }
 
-  export namespace SaaSApplication {
     /**
      * A JSON that links a reusable policy to an application.
      */
@@ -19476,29 +16241,7 @@ export declare namespace ApplicationUpdateParams {
     }
   }
 
-  export interface BrowserSSHApplication {
-    /**
-     * Body param: The primary hostname and path secured by Access. This domain will be
-     * displayed if the app is visible in the App Launcher.
-     */
-    domain: string;
-
-    /**
-     * Body param: The application type.
-     */
-    type:
-      | 'self_hosted'
-      | 'saas'
-      | 'ssh'
-      | 'vnc'
-      | 'app_launcher'
-      | 'warp'
-      | 'biso'
-      | 'bookmark'
-      | 'dash_sso'
-      | 'infrastructure'
-      | 'rdp';
-
+  export interface SaaSApplication {
     /**
      * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
      * Zone ID.
@@ -19511,19 +16254,6 @@ export declare namespace ApplicationUpdateParams {
      */
     zone_id?: string;
 
-    /**
-     * Body param: When set to true, users can authenticate to this application using
-     * their WARP session. When set to false this application will always require
-     * direct IdP authentication. This setting always overrides the organization
-     * setting for WARP authentication.
-     */
-    allow_authenticate_via_warp?: boolean;
-
-    /**
-     * Body param: Enables loading application content in an iFrame.
-     */
-    allow_iframe?: boolean;
-
     /**
      * Body param: The identity providers your users can select when connecting to this
      * application. Defaults to all IdPs configured in your account.
@@ -19541,55 +16271,12 @@ export declare namespace ApplicationUpdateParams {
      */
     auto_redirect_to_identity?: boolean;
 
-    /**
-     * Body param:
-     */
-    cors_headers?: CORSHeadersParam;
-
-    /**
-     * Body param: The custom error message shown to a user when they are denied access
-     * to the application.
-     */
-    custom_deny_message?: string;
-
-    /**
-     * Body param: The custom URL a user is redirected to when they are denied access
-     * to the application when failing identity-based rules.
-     */
-    custom_deny_url?: string;
-
-    /**
-     * Body param: The custom URL a user is redirected to when they are denied access
-     * to the application when failing non-identity rules.
-     */
-    custom_non_identity_deny_url?: string;
-
     /**
      * Body param: The custom pages that will be displayed when applicable for this
      * application
      */
     custom_pages?: Array<string>;
 
-    /**
-     * Body param: List of destinations secured by Access. This supersedes
-     * `self_hosted_domains` to allow for more flexibility in defining different types
-     * of domains. If `destinations` are provided, then `self_hosted_domains` will be
-     * ignored.
-     */
-    destinations?: Array<BrowserSSHApplication.PublicDestination | BrowserSSHApplication.PrivateDestination>;
-
-    /**
-     * Body param: Enables the binding cookie, which increases security against
-     * compromised authorization tokens and CSRF attacks.
-     */
-    enable_binding_cookie?: boolean;
-
-    /**
-     * Body param: Enables the HttpOnly cookie attribute, which increases security
-     * against XSS attacks.
-     */
-    http_only_cookie_attribute?: boolean;
-
     /**
      * Body param: The image URL for the logo shown in the App Launcher dashboard.
      */
@@ -19600,132 +16287,37 @@ export declare namespace ApplicationUpdateParams {
      */
     name?: string;
 
-    /**
-     * Body param: Allows options preflight requests to bypass Access authentication
-     * and go directly to the origin. Cannot turn on if cors_headers is set.
-     */
-    options_preflight_bypass?: boolean;
-
-    /**
-     * Body param: Enables cookie paths to scope an application's JWT to the
-     * application path. If disabled, the JWT will scope to the hostname by default
-     */
-    path_cookie_attribute?: boolean;
-
     /**
      * Body param: The policies that Access applies to the application, in ascending
      * order of precedence. Items can reference existing policies or create new
      * policies exclusive to the application.
      */
-    policies?: Array<BrowserSSHApplication.AccessAppPolicyLink | string | BrowserSSHApplication.UnionMember2>;
-
-    /**
-     * Body param: Allows matching Access Service Tokens passed HTTP in a single header
-     * with this name. This works as an alternative to the (CF-Access-Client-Id,
-     * CF-Access-Client-Secret) pair of headers. The header value will be interpreted
-     * as a json object similar to: { "cf-access-client-id":
-     * "88bf3b6d86161464f6509f7219099e57.access.example.com",
-     * "cf-access-client-secret":
-     * "bdd31cbc4dec990953e39163fbbb194c93313ca9f0a6e420346af9d326b1d2a5" }
-     */
-    read_service_tokens_from_header?: string;
-
-    /**
-     * Body param: Sets the SameSite cookie setting, which provides increased security
-     * against CSRF attacks.
-     */
-    same_site_cookie_attribute?: string;
-
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: BrowserSSHApplication.SCIMConfig;
-
-    /**
-     * @deprecated Body param: List of public domains that Access will secure. This
-     * field is deprecated in favor of `destinations` and will be supported until
-     * **November 21, 2025.** If `destinations` are provided, then
-     * `self_hosted_domains` will be ignored.
-     */
-    self_hosted_domains?: Array<SelfHostedDomainsParam>;
-
-    /**
-     * Body param: Returns a 401 status code when the request is blocked by a Service
-     * Auth policy.
-     */
-    service_auth_401_redirect?: boolean;
-
-    /**
-     * Body param: The amount of time that tokens issued for this application will be
-     * valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us
-     * (or µs), ms, s, m, h. Note: unsupported for infrastructure type applications.
+    policies?: Array<SaaSApplication.AccessAppPolicyLink | string | SaaSApplication.UnionMember2>;
+
+    /**
+     * Body param:
      */
-    session_duration?: string;
+    saas_app?: SAMLSaaSAppParam | OIDCSaaSAppParam;
 
     /**
-     * Body param: Enables automatic authentication through cloudflared.
+     * Body param: Configuration for provisioning to this application via SCIM. This is
+     * currently in closed beta.
      */
-    skip_interstitial?: boolean;
+    scim_config?: SaaSApplication.SCIMConfig;
 
     /**
      * Body param: The tags you want assigned to an application. Tags are used to
      * filter applications in the App Launcher dashboard.
      */
     tags?: Array<string>;
-  }
-
-  export namespace BrowserSSHApplication {
-    /**
-     * A public hostname that Access will secure. Public destinations support
-     * sub-domain and path. Wildcard '\*' can be used in the definition.
-     */
-    export interface PublicDestination {
-      type?: 'public';
-
-      /**
-       * The URI of the destination. Public destinations' URIs can include a domain and
-       * path with
-       * [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/).
-       */
-      uri?: string;
-    }
 
     /**
-     * Private destinations are an early access feature and gated behind a feature
-     * flag.
+     * Body param: The application type.
      */
-    export interface PrivateDestination {
-      /**
-       * The CIDR range of the destination. Single IPs will be computed as /32.
-       */
-      cidr?: string;
-
-      /**
-       * The hostname of the destination. Matches a valid SNI served by an HTTPS origin.
-       */
-      hostname?: string;
-
-      /**
-       * The L4 protocol of the destination. When omitted, both UDP and TCP traffic will
-       * match.
-       */
-      l4_protocol?: 'tcp' | 'udp';
-
-      /**
-       * The port range of the destination. Can be a single port or a range of ports.
-       * When omitted, all ports will match.
-       */
-      port_range?: string;
-
-      type?: 'private';
-
-      /**
-       * The VNET ID to match the destination. When omitted, all VNETs will match.
-       */
-      vnet_id?: string;
-    }
+    type?: ApplicationTypeParam;
+  }
 
+  export namespace SaaSApplication {
     /**
      * A JSON that links a reusable policy to an application.
      */
@@ -19890,7 +16482,7 @@ export declare namespace ApplicationUpdateParams {
     }
   }
 
-  export interface BrowserVNCApplication {
+  export interface BrowserSSHApplication {
     /**
      * Body param: The primary hostname and path secured by Access. This domain will be
      * displayed if the app is visible in the App Launcher.
@@ -19990,7 +16582,7 @@ export declare namespace ApplicationUpdateParams {
      * of domains. If `destinations` are provided, then `self_hosted_domains` will be
      * ignored.
      */
-    destinations?: Array<BrowserVNCApplication.PublicDestination | BrowserVNCApplication.PrivateDestination>;
+    destinations?: Array<BrowserSSHApplication.PublicDestination | BrowserSSHApplication.PrivateDestination>;
 
     /**
      * Body param: Enables the binding cookie, which increases security against
@@ -20031,7 +16623,7 @@ export declare namespace ApplicationUpdateParams {
      * order of precedence. Items can reference existing policies or create new
      * policies exclusive to the application.
      */
-    policies?: Array<BrowserVNCApplication.AccessAppPolicyLink | string | BrowserVNCApplication.UnionMember2>;
+    policies?: Array<BrowserSSHApplication.AccessAppPolicyLink | string | BrowserSSHApplication.UnionMember2>;
 
     /**
      * Body param: Allows matching Access Service Tokens passed HTTP in a single header
@@ -20054,7 +16646,7 @@ export declare namespace ApplicationUpdateParams {
      * Body param: Configuration for provisioning to this application via SCIM. This is
      * currently in closed beta.
      */
-    scim_config?: BrowserVNCApplication.SCIMConfig;
+    scim_config?: BrowserSSHApplication.SCIMConfig;
 
     /**
      * @deprecated Body param: List of public domains that Access will secure. This
@@ -20089,7 +16681,7 @@ export declare namespace ApplicationUpdateParams {
     tags?: Array<string>;
   }
 
-  export namespace BrowserVNCApplication {
+  export namespace BrowserSSHApplication {
     /**
      * A public hostname that Access will secure. Public destinations support
      * sub-domain and path. Wildcard '\*' can be used in the definition.
@@ -20304,7 +16896,13 @@ export declare namespace ApplicationUpdateParams {
     }
   }
 
-  export interface AppLauncherApplication {
+  export interface BrowserVNCApplication {
+    /**
+     * Body param: The primary hostname and path secured by Access. This domain will be
+     * displayed if the app is visible in the App Launcher.
+     */
+    domain: string;
+
     /**
      * Body param: The application type.
      */
@@ -20333,6 +16931,19 @@ export declare namespace ApplicationUpdateParams {
      */
     zone_id?: string;
 
+    /**
+     * Body param: When set to true, users can authenticate to this application using
+     * their WARP session. When set to false this application will always require
+     * direct IdP authentication. This setting always overrides the organization
+     * setting for WARP authentication.
+     */
+    allow_authenticate_via_warp?: boolean;
+
+    /**
+     * Body param: Enables loading application content in an iFrame.
+     */
+    allow_iframe?: boolean;
+
     /**
      * Body param: The identity providers your users can select when connecting to this
      * application. Defaults to all IdPs configured in your account.
@@ -20340,9 +16951,9 @@ export declare namespace ApplicationUpdateParams {
     allowed_idps?: Array<AllowedIdPsParam>;
 
     /**
-     * Body param: The image URL of the logo shown in the App Launcher header.
+     * Body param: Displays the application in the App Launcher.
      */
-    app_launcher_logo_url?: string;
+    app_launcher_visible?: boolean;
 
     /**
      * Body param: When set to `true`, users skip the identity provider selection step
@@ -20351,40 +16962,119 @@ export declare namespace ApplicationUpdateParams {
     auto_redirect_to_identity?: boolean;
 
     /**
-     * Body param: The background color of the App Launcher page.
+     * Body param:
      */
-    bg_color?: string;
+    cors_headers?: CORSHeadersParam;
 
     /**
-     * Body param: The links in the App Launcher footer.
+     * Body param: The custom error message shown to a user when they are denied access
+     * to the application.
      */
-    footer_links?: Array<AppLauncherApplication.FooterLink>;
+    custom_deny_message?: string;
 
     /**
-     * Body param: The background color of the App Launcher header.
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing identity-based rules.
      */
-    header_bg_color?: string;
+    custom_deny_url?: string;
 
     /**
-     * Body param: The design of the App Launcher landing page shown to users when they
-     * log in.
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing non-identity rules.
      */
-    landing_page_design?: AppLauncherApplication.LandingPageDesign;
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * Body param: The custom pages that will be displayed when applicable for this
+     * application
+     */
+    custom_pages?: Array<string>;
+
+    /**
+     * Body param: List of destinations secured by Access. This supersedes
+     * `self_hosted_domains` to allow for more flexibility in defining different types
+     * of domains. If `destinations` are provided, then `self_hosted_domains` will be
+     * ignored.
+     */
+    destinations?: Array<BrowserVNCApplication.PublicDestination | BrowserVNCApplication.PrivateDestination>;
+
+    /**
+     * Body param: Enables the binding cookie, which increases security against
+     * compromised authorization tokens and CSRF attacks.
+     */
+    enable_binding_cookie?: boolean;
+
+    /**
+     * Body param: Enables the HttpOnly cookie attribute, which increases security
+     * against XSS attacks.
+     */
+    http_only_cookie_attribute?: boolean;
+
+    /**
+     * Body param: The image URL for the logo shown in the App Launcher dashboard.
+     */
+    logo_url?: string;
+
+    /**
+     * Body param: The name of the application.
+     */
+    name?: string;
+
+    /**
+     * Body param: Allows options preflight requests to bypass Access authentication
+     * and go directly to the origin. Cannot turn on if cors_headers is set.
+     */
+    options_preflight_bypass?: boolean;
+
+    /**
+     * Body param: Enables cookie paths to scope an application's JWT to the
+     * application path. If disabled, the JWT will scope to the hostname by default
+     */
+    path_cookie_attribute?: boolean;
 
     /**
      * Body param: The policies that Access applies to the application, in ascending
      * order of precedence. Items can reference existing policies or create new
      * policies exclusive to the application.
      */
-    policies?: Array<
-      AppLauncherApplication.AccessAppPolicyLink | string | AppLauncherApplication.UnionMember2
-    >;
+    policies?: Array<BrowserVNCApplication.AccessAppPolicyLink | string | BrowserVNCApplication.UnionMember2>;
+
+    /**
+     * Body param: Allows matching Access Service Tokens passed HTTP in a single header
+     * with this name. This works as an alternative to the (CF-Access-Client-Id,
+     * CF-Access-Client-Secret) pair of headers. The header value will be interpreted
+     * as a json object similar to: { "cf-access-client-id":
+     * "88bf3b6d86161464f6509f7219099e57.access.example.com",
+     * "cf-access-client-secret":
+     * "bdd31cbc4dec990953e39163fbbb194c93313ca9f0a6e420346af9d326b1d2a5" }
+     */
+    read_service_tokens_from_header?: string;
+
+    /**
+     * Body param: Sets the SameSite cookie setting, which provides increased security
+     * against CSRF attacks.
+     */
+    same_site_cookie_attribute?: string;
 
     /**
      * Body param: Configuration for provisioning to this application via SCIM. This is
      * currently in closed beta.
      */
-    scim_config?: AppLauncherApplication.SCIMConfig;
+    scim_config?: BrowserVNCApplication.SCIMConfig;
+
+    /**
+     * @deprecated Body param: List of public domains that Access will secure. This
+     * field is deprecated in favor of `destinations` and will be supported until
+     * **November 21, 2025.** If `destinations` are provided, then
+     * `self_hosted_domains` will be ignored.
+     */
+    self_hosted_domains?: Array<SelfHostedDomainsParam>;
+
+    /**
+     * Body param: Returns a 401 status code when the request is blocked by a Service
+     * Auth policy.
+     */
+    service_auth_401_redirect?: boolean;
 
     /**
      * Body param: The amount of time that tokens issued for this application will be
@@ -20394,52 +17084,66 @@ export declare namespace ApplicationUpdateParams {
     session_duration?: string;
 
     /**
-     * Body param: Determines when to skip the App Launcher landing page.
+     * Body param: Enables automatic authentication through cloudflared.
      */
-    skip_app_launcher_login_page?: boolean;
+    skip_interstitial?: boolean;
+
+    /**
+     * Body param: The tags you want assigned to an application. Tags are used to
+     * filter applications in the App Launcher dashboard.
+     */
+    tags?: Array<string>;
   }
 
-  export namespace AppLauncherApplication {
-    export interface FooterLink {
-      /**
-       * The hypertext in the footer link.
-       */
-      name: string;
+  export namespace BrowserVNCApplication {
+    /**
+     * A public hostname that Access will secure. Public destinations support
+     * sub-domain and path. Wildcard '\*' can be used in the definition.
+     */
+    export interface PublicDestination {
+      type?: 'public';
 
       /**
-       * the hyperlink in the footer link.
+       * The URI of the destination. Public destinations' URIs can include a domain and
+       * path with
+       * [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/).
        */
-      url: string;
+      uri?: string;
     }
 
     /**
-     * The design of the App Launcher landing page shown to users when they log in.
+     * Private destinations are an early access feature and gated behind a feature
+     * flag.
      */
-    export interface LandingPageDesign {
+    export interface PrivateDestination {
       /**
-       * The background color of the log in button on the landing page.
+       * The CIDR range of the destination. Single IPs will be computed as /32.
        */
-      button_color?: string;
+      cidr?: string;
 
       /**
-       * The color of the text in the log in button on the landing page.
+       * The hostname of the destination. Matches a valid SNI served by an HTTPS origin.
        */
-      button_text_color?: string;
+      hostname?: string;
 
       /**
-       * The URL of the image shown on the landing page.
+       * The L4 protocol of the destination. When omitted, both UDP and TCP traffic will
+       * match.
        */
-      image_url?: string;
+      l4_protocol?: 'tcp' | 'udp';
 
       /**
-       * The message shown on the landing page.
+       * The port range of the destination. Can be a single port or a range of ports.
+       * When omitted, all ports will match.
        */
-      message?: string;
+      port_range?: string;
+
+      type?: 'private';
 
       /**
-       * The title shown on the landing page.
+       * The VNET ID to match the destination. When omitted, all VNETs will match.
        */
-      title?: string;
+      vnet_id?: string;
     }
 
     /**
@@ -20606,11 +17310,22 @@ export declare namespace ApplicationUpdateParams {
     }
   }
 
-  export interface DeviceEnrollmentPermissionsApplication {
+  export interface AppLauncherApplication {
     /**
      * Body param: The application type.
      */
-    type: ApplicationTypeParam;
+    type:
+      | 'self_hosted'
+      | 'saas'
+      | 'ssh'
+      | 'vnc'
+      | 'app_launcher'
+      | 'warp'
+      | 'biso'
+      | 'bookmark'
+      | 'dash_sso'
+      | 'infrastructure'
+      | 'rdp';
 
     /**
      * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
@@ -20646,10 +17361,28 @@ export declare namespace ApplicationUpdateParams {
      */
     bg_color?: string;
 
+    /**
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing identity-based rules.
+     */
+    custom_deny_url?: string;
+
+    /**
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing non-identity rules.
+     */
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * Body param: The custom pages that will be displayed when applicable for this
+     * application
+     */
+    custom_pages?: Array<string>;
+
     /**
      * Body param: The links in the App Launcher footer.
      */
-    footer_links?: Array<DeviceEnrollmentPermissionsApplication.FooterLink>;
+    footer_links?: Array<AppLauncherApplication.FooterLink>;
 
     /**
      * Body param: The background color of the App Launcher header.
@@ -20660,7 +17393,7 @@ export declare namespace ApplicationUpdateParams {
      * Body param: The design of the App Launcher landing page shown to users when they
      * log in.
      */
-    landing_page_design?: DeviceEnrollmentPermissionsApplication.LandingPageDesign;
+    landing_page_design?: AppLauncherApplication.LandingPageDesign;
 
     /**
      * Body param: The policies that Access applies to the application, in ascending
@@ -20668,17 +17401,9 @@ export declare namespace ApplicationUpdateParams {
      * policies exclusive to the application.
      */
     policies?: Array<
-      | DeviceEnrollmentPermissionsApplication.AccessAppPolicyLink
-      | string
-      | DeviceEnrollmentPermissionsApplication.UnionMember2
+      AppLauncherApplication.AccessAppPolicyLink | string | AppLauncherApplication.UnionMember2
     >;
 
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: DeviceEnrollmentPermissionsApplication.SCIMConfig;
-
     /**
      * Body param: The amount of time that tokens issued for this application will be
      * valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us
@@ -20692,7 +17417,7 @@ export declare namespace ApplicationUpdateParams {
     skip_app_launcher_login_page?: boolean;
   }
 
-  export namespace DeviceEnrollmentPermissionsApplication {
+  export namespace AppLauncherApplication {
     export interface FooterLink {
       /**
        * The hypertext in the footer link.
@@ -20798,104 +17523,138 @@ export declare namespace ApplicationUpdateParams {
        */
       session_duration?: string;
     }
+  }
 
+  export interface DeviceEnrollmentPermissionsApplication {
     /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
+     * Body param: The application type.
      */
-    export interface SCIMConfig {
+    type: ApplicationTypeParam;
+
+    /**
+     * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
+     * Zone ID.
+     */
+    account_id?: string;
+
+    /**
+     * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
+     * Account ID.
+     */
+    zone_id?: string;
+
+    /**
+     * Body param: The identity providers your users can select when connecting to this
+     * application. Defaults to all IdPs configured in your account.
+     */
+    allowed_idps?: Array<AllowedIdPsParam>;
+
+    /**
+     * Body param: When set to `true`, users skip the identity provider selection step
+     * during login. You must specify only one identity provider in allowed_idps.
+     */
+    auto_redirect_to_identity?: boolean;
+
+    /**
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing identity-based rules.
+     */
+    custom_deny_url?: string;
+
+    /**
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing non-identity rules.
+     */
+    custom_non_identity_deny_url?: string;
+
+    /**
+     * Body param: The custom pages that will be displayed when applicable for this
+     * application
+     */
+    custom_pages?: Array<string>;
+
+    /**
+     * Body param: The policies that Access applies to the application, in ascending
+     * order of precedence. Items can reference existing policies or create new
+     * policies exclusive to the application.
+     */
+    policies?: Array<
+      | DeviceEnrollmentPermissionsApplication.AccessAppPolicyLink
+      | string
+      | DeviceEnrollmentPermissionsApplication.UnionMember2
+    >;
+
+    /**
+     * Body param: The amount of time that tokens issued for this application will be
+     * valid. Must be in the format `300ms` or `2h45m`. Valid time units are: ns, us
+     * (or µs), ms, s, m, h. Note: unsupported for infrastructure type applications.
+     */
+    session_duration?: string;
+  }
+
+  export namespace DeviceEnrollmentPermissionsApplication {
+    /**
+     * A JSON that links a reusable policy to an application.
+     */
+    export interface AccessAppPolicyLink {
       /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
+       * The UUID of the policy
        */
-      idp_uid: string;
+      id?: string;
 
       /**
-       * The base URI for the application's SCIM-compatible API.
+       * The order of execution for this policy. Must be unique for each policy within an
+       * app.
        */
-      remote_uri: string;
+      precedence?: number;
+    }
 
+    export interface UnionMember2 {
       /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
+       * The UUID of the policy
        */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
+      id?: string;
 
       /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
+       * Administrators who can approve a temporary authentication request.
        */
-      deactivate_on_delete?: boolean;
+      approval_groups?: Array<PoliciesAPI.ApprovalGroupParam>;
 
       /**
-       * Whether SCIM provisioning is turned on for this application.
+       * Requires the user to request access from an administrator at the start of each
+       * session.
        */
-      enabled?: boolean;
+      approval_required?: boolean;
 
       /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
+       * Require this application to be served in an isolated browser for users matching
+       * this policy. 'Client Web Isolation' must be on for the account in order to use
+       * this feature.
        */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMappingParam>;
-    }
+      isolation_required?: boolean;
 
-    export namespace SCIMConfig {
       /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
+       * The order of execution for this policy. Must be unique for each policy within an
+       * app.
        */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
+      precedence?: number;
 
       /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
+       * A custom message that will appear on the purpose justification screen.
        */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
+      purpose_justification_prompt?: string;
 
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
+      /**
+       * Require users to enter a justification when they log in to the application.
+       */
+      purpose_justification_required?: boolean;
 
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
+      /**
+       * The amount of time that tokens issued for the application will be valid. Must be
+       * in the format `300ms` or `2h45m`. Valid time units are: ns, us (or µs), ms, s,
+       * m, h.
+       */
+      session_duration?: string;
     }
   }
 
@@ -20923,11 +17682,6 @@ export declare namespace ApplicationUpdateParams {
      */
     allowed_idps?: Array<AllowedIdPsParam>;
 
-    /**
-     * Body param: The image URL of the logo shown in the App Launcher header.
-     */
-    app_launcher_logo_url?: string;
-
     /**
      * Body param: When set to `true`, users skip the identity provider selection step
      * during login. You must specify only one identity provider in allowed_idps.
@@ -20935,25 +17689,22 @@ export declare namespace ApplicationUpdateParams {
     auto_redirect_to_identity?: boolean;
 
     /**
-     * Body param: The background color of the App Launcher page.
-     */
-    bg_color?: string;
-
-    /**
-     * Body param: The links in the App Launcher footer.
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing identity-based rules.
      */
-    footer_links?: Array<BrowserIsolationPermissionsApplication.FooterLink>;
+    custom_deny_url?: string;
 
     /**
-     * Body param: The background color of the App Launcher header.
+     * Body param: The custom URL a user is redirected to when they are denied access
+     * to the application when failing non-identity rules.
      */
-    header_bg_color?: string;
+    custom_non_identity_deny_url?: string;
 
     /**
-     * Body param: The design of the App Launcher landing page shown to users when they
-     * log in.
+     * Body param: The custom pages that will be displayed when applicable for this
+     * application
      */
-    landing_page_design?: BrowserIsolationPermissionsApplication.LandingPageDesign;
+    custom_pages?: Array<string>;
 
     /**
      * Body param: The policies that Access applies to the application, in ascending
@@ -20962,15 +17713,9 @@ export declare namespace ApplicationUpdateParams {
      */
     policies?: Array<
       | BrowserIsolationPermissionsApplication.AccessAppPolicyLink
-      | string
-      | BrowserIsolationPermissionsApplication.UnionMember2
-    >;
-
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: BrowserIsolationPermissionsApplication.SCIMConfig;
+      | string
+      | BrowserIsolationPermissionsApplication.UnionMember2
+    >;
 
     /**
      * Body param: The amount of time that tokens issued for this application will be
@@ -20978,56 +17723,9 @@ export declare namespace ApplicationUpdateParams {
      * (or µs), ms, s, m, h. Note: unsupported for infrastructure type applications.
      */
     session_duration?: string;
-
-    /**
-     * Body param: Determines when to skip the App Launcher landing page.
-     */
-    skip_app_launcher_login_page?: boolean;
   }
 
   export namespace BrowserIsolationPermissionsApplication {
-    export interface FooterLink {
-      /**
-       * The hypertext in the footer link.
-       */
-      name: string;
-
-      /**
-       * the hyperlink in the footer link.
-       */
-      url: string;
-    }
-
-    /**
-     * The design of the App Launcher landing page shown to users when they log in.
-     */
-    export interface LandingPageDesign {
-      /**
-       * The background color of the log in button on the landing page.
-       */
-      button_color?: string;
-
-      /**
-       * The color of the text in the log in button on the landing page.
-       */
-      button_text_color?: string;
-
-      /**
-       * The URL of the image shown on the landing page.
-       */
-      image_url?: string;
-
-      /**
-       * The message shown on the landing page.
-       */
-      message?: string;
-
-      /**
-       * The title shown on the landing page.
-       */
-      title?: string;
-    }
-
     /**
      * A JSON that links a reusable policy to an application.
      */
@@ -21091,108 +17789,9 @@ export declare namespace ApplicationUpdateParams {
        */
       session_duration?: string;
     }
-
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMappingParam>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
   }
 
-  export interface BookmarkApplication {
+  export interface AccessBookmarkProps {
     /**
      * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
      * Zone ID.
@@ -21225,12 +17824,6 @@ export declare namespace ApplicationUpdateParams {
      */
     name?: string;
 
-    /**
-     * Body param: Configuration for provisioning to this application via SCIM. This is
-     * currently in closed beta.
-     */
-    scim_config?: BookmarkApplication.SCIMConfig;
-
     /**
      * Body param: The tags you want assigned to an application. Tags are used to
      * filter applications in the App Launcher dashboard.
@@ -21243,107 +17836,6 @@ export declare namespace ApplicationUpdateParams {
     type?: ApplicationTypeParam;
   }
 
-  export namespace BookmarkApplication {
-    /**
-     * Configuration for provisioning to this application via SCIM. This is currently
-     * in closed beta.
-     */
-    export interface SCIMConfig {
-      /**
-       * The UID of the IdP to use as the source for SCIM resources to provision to this
-       * application.
-       */
-      idp_uid: string;
-
-      /**
-       * The base URI for the application's SCIM-compatible API.
-       */
-      remote_uri: string;
-
-      /**
-       * Attributes for configuring HTTP Basic authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      authentication?:
-        | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-        | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-        | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-        | Array<
-            | ApplicationsAPI.SCIMConfigAuthenticationHTTPBasicParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOAuthBearerTokenParam
-            | ApplicationsAPI.SCIMConfigAuthenticationOauth2Param
-            | SCIMConfig.AccessSCIMConfigAuthenticationAccessServiceToken
-          >;
-
-      /**
-       * If false, propagates DELETE requests to the target application for SCIM
-       * resources. If true, sets 'active' to false on the SCIM resource. Note: Some
-       * targets do not support DELETE operations.
-       */
-      deactivate_on_delete?: boolean;
-
-      /**
-       * Whether SCIM provisioning is turned on for this application.
-       */
-      enabled?: boolean;
-
-      /**
-       * A list of mappings to apply to SCIM resources before provisioning them in this
-       * application. These can transform or filter the resources to be provisioned.
-       */
-      mappings?: Array<ApplicationsAPI.SCIMConfigMappingParam>;
-    }
-
-    export namespace SCIMConfig {
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-
-      /**
-       * Attributes for configuring Access Service Token authentication scheme for SCIM
-       * provisioning to an application.
-       */
-      export interface AccessSCIMConfigAuthenticationAccessServiceToken {
-        /**
-         * Client ID of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_id: string;
-
-        /**
-         * Client secret of the Access service token used to authenticate with the remote
-         * service.
-         */
-        client_secret: string;
-
-        /**
-         * The authentication scheme to use when making SCIM requests to this application.
-         */
-        scheme: 'access_service_token';
-      }
-    }
-  }
-
   export interface InfrastructureApplication {
     /**
      * Body param:
@@ -21671,7 +18163,7 @@ export declare namespace ApplicationUpdateParams {
       /**
        * The communication protocol your application secures.
        */
-      protocol: 'SSH';
+      protocol: 'RDP';
 
       /**
        * Contains a map of target attribute keys to target attribute values.
@@ -21894,7 +18386,7 @@ export declare namespace ApplicationUpdateParams {
   }
 }
 
-export interface ApplicationListParams {
+export interface ApplicationListParams extends V4PagePaginationArrayParams {
   /**
    * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
    * Zone ID.
@@ -21970,12 +18462,12 @@ export interface ApplicationRevokeTokensParams {
   zone_id?: string;
 }
 
-Applications.ApplicationListResponsesSinglePage = ApplicationListResponsesSinglePage;
+Applications.ApplicationListResponsesV4PagePaginationArray = ApplicationListResponsesV4PagePaginationArray;
 Applications.CAs = CAs;
-Applications.CAsSinglePage = CAsSinglePage;
+Applications.CAsV4PagePaginationArray = CAsV4PagePaginationArray;
 Applications.UserPolicyChecks = UserPolicyChecks;
 Applications.Policies = Policies;
-Applications.PolicyListResponsesSinglePage = PolicyListResponsesSinglePage;
+Applications.PolicyListResponsesV4PagePaginationArray = PolicyListResponsesV4PagePaginationArray;
 Applications.PolicyTests = PolicyTests;
 Applications.Settings = Settings;
 
@@ -22006,7 +18498,7 @@ export declare namespace Applications {
     type ApplicationDeleteResponse as ApplicationDeleteResponse,
     type ApplicationGetResponse as ApplicationGetResponse,
     type ApplicationRevokeTokensResponse as ApplicationRevokeTokensResponse,
-    ApplicationListResponsesSinglePage as ApplicationListResponsesSinglePage,
+    ApplicationListResponsesV4PagePaginationArray as ApplicationListResponsesV4PagePaginationArray,
     type ApplicationCreateParams as ApplicationCreateParams,
     type ApplicationUpdateParams as ApplicationUpdateParams,
     type ApplicationListParams as ApplicationListParams,
@@ -22019,7 +18511,7 @@ export declare namespace Applications {
     CAs as CAs,
     type CA as CA,
     type CADeleteResponse as CADeleteResponse,
-    CAsSinglePage as CAsSinglePage,
+    CAsV4PagePaginationArray as CAsV4PagePaginationArray,
     type CACreateParams as CACreateParams,
     type CAListParams as CAListParams,
     type CADeleteParams as CADeleteParams,
@@ -22060,7 +18552,7 @@ export declare namespace Applications {
     type PolicyListResponse as PolicyListResponse,
     type PolicyDeleteResponse as PolicyDeleteResponse,
     type PolicyGetResponse as PolicyGetResponse,
-    PolicyListResponsesSinglePage as PolicyListResponsesSinglePage,
+    PolicyListResponsesV4PagePaginationArray as PolicyListResponsesV4PagePaginationArray,
     type PolicyCreateParams as PolicyCreateParams,
     type PolicyUpdateParams as PolicyUpdateParams,
     type PolicyListParams as PolicyListParams,
diff --git a/src/resources/zero-trust/access/applications/cas.ts b/src/resources/zero-trust/access/applications/cas.ts
index d326cdc71c..dd19ef7854 100644
--- a/src/resources/zero-trust/access/applications/cas.ts
+++ b/src/resources/zero-trust/access/applications/cas.ts
@@ -4,7 +4,7 @@ import { APIResource } from '../../../../resource';
 import { isRequestOptions } from '../../../../core';
 import * as Core from '../../../../core';
 import { CloudflareError } from '../../../../error';
-import { SinglePage } from '../../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../../pagination';
 
 export class CAs extends APIResource {
   /**
@@ -67,16 +67,16 @@ export class CAs extends APIResource {
    * }
    * ```
    */
-  list(params?: CAListParams, options?: Core.RequestOptions): Core.PagePromise<CAsSinglePage, CA>;
-  list(options?: Core.RequestOptions): Core.PagePromise<CAsSinglePage, CA>;
+  list(params?: CAListParams, options?: Core.RequestOptions): Core.PagePromise<CAsV4PagePaginationArray, CA>;
+  list(options?: Core.RequestOptions): Core.PagePromise<CAsV4PagePaginationArray, CA>;
   list(
     params: CAListParams | Core.RequestOptions = {},
     options?: Core.RequestOptions,
-  ): Core.PagePromise<CAsSinglePage, CA> {
+  ): Core.PagePromise<CAsV4PagePaginationArray, CA> {
     if (isRequestOptions(params)) {
       return this.list({}, params);
     }
-    const { account_id, zone_id } = params;
+    const { account_id, zone_id, ...query } = params;
     if (!account_id && !zone_id) {
       throw new CloudflareError('You must provide either account_id or zone_id.');
     }
@@ -95,8 +95,8 @@ export class CAs extends APIResource {
         };
     return this._client.getAPIList(
       `/${accountOrZone}/${accountOrZoneId}/access/apps/ca`,
-      CAsSinglePage,
-      options,
+      CAsV4PagePaginationArray,
+      { query, ...options },
     );
   }
 
@@ -199,7 +199,7 @@ export class CAs extends APIResource {
   }
 }
 
-export class CAsSinglePage extends SinglePage<CA> {}
+export class CAsV4PagePaginationArray extends V4PagePaginationArray<CA> {}
 
 export interface CA {
   /**
@@ -238,14 +238,16 @@ export interface CACreateParams {
   zone_id?: string;
 }
 
-export interface CAListParams {
+export interface CAListParams extends V4PagePaginationArrayParams {
   /**
-   * The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.
+   * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
+   * Zone ID.
    */
   account_id?: string;
 
   /**
-   * The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
+   * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
+   * Account ID.
    */
   zone_id?: string;
 }
@@ -274,13 +276,13 @@ export interface CAGetParams {
   zone_id?: string;
 }
 
-CAs.CAsSinglePage = CAsSinglePage;
+CAs.CAsV4PagePaginationArray = CAsV4PagePaginationArray;
 
 export declare namespace CAs {
   export {
     type CA as CA,
     type CADeleteResponse as CADeleteResponse,
-    CAsSinglePage as CAsSinglePage,
+    CAsV4PagePaginationArray as CAsV4PagePaginationArray,
     type CACreateParams as CACreateParams,
     type CAListParams as CAListParams,
     type CADeleteParams as CADeleteParams,
diff --git a/src/resources/zero-trust/access/applications/index.ts b/src/resources/zero-trust/access/applications/index.ts
index b6f845d14a..e88bd2c2e5 100644
--- a/src/resources/zero-trust/access/applications/index.ts
+++ b/src/resources/zero-trust/access/applications/index.ts
@@ -1,7 +1,7 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 export {
-  ApplicationListResponsesSinglePage,
+  ApplicationListResponsesV4PagePaginationArray,
   Applications,
   type AllowedHeaders,
   type AllowedIdPs,
@@ -36,7 +36,7 @@ export {
   type ApplicationRevokeTokensParams,
 } from './applications';
 export {
-  CAsSinglePage,
+  CAsV4PagePaginationArray,
   CAs,
   type CA,
   type CADeleteResponse,
@@ -46,7 +46,7 @@ export {
   type CAGetParams,
 } from './cas';
 export {
-  PolicyListResponsesSinglePage,
+  PolicyListResponsesV4PagePaginationArray,
   Policies,
   type AccessDevicePostureRule,
   type AccessRule,
diff --git a/src/resources/zero-trust/access/applications/policies.ts b/src/resources/zero-trust/access/applications/policies.ts
index cf5717f666..679bbbb4b2 100644
--- a/src/resources/zero-trust/access/applications/policies.ts
+++ b/src/resources/zero-trust/access/applications/policies.ts
@@ -6,7 +6,7 @@ import * as Core from '../../../../core';
 import * as PoliciesAPI from '../policies';
 import * as ApplicationsAPI from './applications';
 import { CloudflareError } from '../../../../error';
-import { SinglePage } from '../../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../../pagination';
 
 export class Policies extends APIResource {
   /**
@@ -118,20 +118,20 @@ export class Policies extends APIResource {
     appId: string,
     params?: PolicyListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<PolicyListResponsesSinglePage, PolicyListResponse>;
+  ): Core.PagePromise<PolicyListResponsesV4PagePaginationArray, PolicyListResponse>;
   list(
     appId: string,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<PolicyListResponsesSinglePage, PolicyListResponse>;
+  ): Core.PagePromise<PolicyListResponsesV4PagePaginationArray, PolicyListResponse>;
   list(
     appId: string,
     params: PolicyListParams | Core.RequestOptions = {},
     options?: Core.RequestOptions,
-  ): Core.PagePromise<PolicyListResponsesSinglePage, PolicyListResponse> {
+  ): Core.PagePromise<PolicyListResponsesV4PagePaginationArray, PolicyListResponse> {
     if (isRequestOptions(params)) {
       return this.list(appId, {}, params);
     }
-    const { account_id, zone_id } = params;
+    const { account_id, zone_id, ...query } = params;
     if (!account_id && !zone_id) {
       throw new CloudflareError('You must provide either account_id or zone_id.');
     }
@@ -150,8 +150,8 @@ export class Policies extends APIResource {
         };
     return this._client.getAPIList(
       `/${accountOrZone}/${accountOrZoneId}/access/apps/${appId}/policies`,
-      PolicyListResponsesSinglePage,
-      options,
+      PolicyListResponsesV4PagePaginationArray,
+      { query, ...options },
     );
   }
 
@@ -270,7 +270,7 @@ export class Policies extends APIResource {
   }
 }
 
-export class PolicyListResponsesSinglePage extends SinglePage<PolicyListResponse> {}
+export class PolicyListResponsesV4PagePaginationArray extends V4PagePaginationArray<PolicyListResponse> {}
 
 /**
  * Enforces a device posture rule has run successfully
@@ -330,7 +330,8 @@ export type AccessRule =
   | OktaGroupRule
   | SAMLGroupRule
   | AccessRule.AccessOIDCClaimRule
-  | ServiceTokenRule;
+  | ServiceTokenRule
+  | AccessRule.AccessLinkedAppTokenRule;
 
 export namespace AccessRule {
   /**
@@ -416,6 +417,23 @@ export namespace AccessRule {
       identity_provider_id: string;
     }
   }
+
+  /**
+   * Matches OAuth 2.0 access tokens issued by the specified Access OIDC SaaS
+   * application. Only compatible with non_identity and bypass decisions.
+   */
+  export interface AccessLinkedAppTokenRule {
+    linked_app_token: AccessLinkedAppTokenRule.LinkedAppToken;
+  }
+
+  export namespace AccessLinkedAppTokenRule {
+    export interface LinkedAppToken {
+      /**
+       * The ID of an Access OIDC SaaS application
+       */
+      app_uid: string;
+    }
+  }
 }
 
 /**
@@ -444,7 +462,8 @@ export type AccessRuleParam =
   | OktaGroupRuleParam
   | SAMLGroupRuleParam
   | AccessRuleParam.AccessOIDCClaimRule
-  | ServiceTokenRuleParam;
+  | ServiceTokenRuleParam
+  | AccessRuleParam.AccessLinkedAppTokenRule;
 
 export namespace AccessRuleParam {
   /**
@@ -530,6 +549,23 @@ export namespace AccessRuleParam {
       identity_provider_id: string;
     }
   }
+
+  /**
+   * Matches OAuth 2.0 access tokens issued by the specified Access OIDC SaaS
+   * application. Only compatible with non_identity and bypass decisions.
+   */
+  export interface AccessLinkedAppTokenRule {
+    linked_app_token: AccessLinkedAppTokenRule.LinkedAppToken;
+  }
+
+  export namespace AccessLinkedAppTokenRule {
+    export interface LinkedAppToken {
+      /**
+       * The ID of an Access OIDC SaaS application
+       */
+      app_uid: string;
+    }
+  }
 }
 
 /**
@@ -1633,14 +1669,16 @@ export interface PolicyUpdateParams {
   session_duration?: string;
 }
 
-export interface PolicyListParams {
+export interface PolicyListParams extends V4PagePaginationArrayParams {
   /**
-   * The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.
+   * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
+   * Zone ID.
    */
   account_id?: string;
 
   /**
-   * The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
+   * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
+   * Account ID.
    */
   zone_id?: string;
 }
@@ -1669,7 +1707,7 @@ export interface PolicyGetParams {
   zone_id?: string;
 }
 
-Policies.PolicyListResponsesSinglePage = PolicyListResponsesSinglePage;
+Policies.PolicyListResponsesV4PagePaginationArray = PolicyListResponsesV4PagePaginationArray;
 
 export declare namespace Policies {
   export {
@@ -1698,7 +1736,7 @@ export declare namespace Policies {
     type PolicyListResponse as PolicyListResponse,
     type PolicyDeleteResponse as PolicyDeleteResponse,
     type PolicyGetResponse as PolicyGetResponse,
-    PolicyListResponsesSinglePage as PolicyListResponsesSinglePage,
+    PolicyListResponsesV4PagePaginationArray as PolicyListResponsesV4PagePaginationArray,
     type PolicyCreateParams as PolicyCreateParams,
     type PolicyUpdateParams as PolicyUpdateParams,
     type PolicyListParams as PolicyListParams,
diff --git a/src/resources/zero-trust/access/certificates/certificates.ts b/src/resources/zero-trust/access/certificates/certificates.ts
index b48af01936..47e03ff94b 100644
--- a/src/resources/zero-trust/access/certificates/certificates.ts
+++ b/src/resources/zero-trust/access/certificates/certificates.ts
@@ -12,7 +12,7 @@ import {
   Settings,
 } from './settings';
 import { CloudflareError } from '../../../../error';
-import { SinglePage } from '../../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../../pagination';
 
 export class Certificates extends APIResource {
   settings: SettingsAPI.Settings = new SettingsAPI.Settings(this._client);
@@ -118,16 +118,16 @@ export class Certificates extends APIResource {
   list(
     params?: CertificateListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<CertificatesSinglePage, Certificate>;
-  list(options?: Core.RequestOptions): Core.PagePromise<CertificatesSinglePage, Certificate>;
+  ): Core.PagePromise<CertificatesV4PagePaginationArray, Certificate>;
+  list(options?: Core.RequestOptions): Core.PagePromise<CertificatesV4PagePaginationArray, Certificate>;
   list(
     params: CertificateListParams | Core.RequestOptions = {},
     options?: Core.RequestOptions,
-  ): Core.PagePromise<CertificatesSinglePage, Certificate> {
+  ): Core.PagePromise<CertificatesV4PagePaginationArray, Certificate> {
     if (isRequestOptions(params)) {
       return this.list({}, params);
     }
-    const { account_id, zone_id } = params;
+    const { account_id, zone_id, ...query } = params;
     if (!account_id && !zone_id) {
       throw new CloudflareError('You must provide either account_id or zone_id.');
     }
@@ -146,8 +146,8 @@ export class Certificates extends APIResource {
         };
     return this._client.getAPIList(
       `/${accountOrZone}/${accountOrZoneId}/access/certificates`,
-      CertificatesSinglePage,
-      options,
+      CertificatesV4PagePaginationArray,
+      { query, ...options },
     );
   }
 
@@ -254,7 +254,7 @@ export class Certificates extends APIResource {
   }
 }
 
-export class CertificatesSinglePage extends SinglePage<Certificate> {}
+export class CertificatesV4PagePaginationArray extends V4PagePaginationArray<Certificate> {}
 
 /**
  * A fully-qualified domain name (FQDN).
@@ -354,14 +354,16 @@ export interface CertificateUpdateParams {
   name?: string;
 }
 
-export interface CertificateListParams {
+export interface CertificateListParams extends V4PagePaginationArrayParams {
   /**
-   * The Account ID to use for this endpoint. Mutually exclusive with the Zone ID.
+   * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
+   * Zone ID.
    */
   account_id?: string;
 
   /**
-   * The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
+   * Path param: The Zone ID to use for this endpoint. Mutually exclusive with the
+   * Account ID.
    */
   zone_id?: string;
 }
@@ -390,7 +392,7 @@ export interface CertificateGetParams {
   zone_id?: string;
 }
 
-Certificates.CertificatesSinglePage = CertificatesSinglePage;
+Certificates.CertificatesV4PagePaginationArray = CertificatesV4PagePaginationArray;
 Certificates.Settings = Settings;
 Certificates.CertificateSettingsSinglePage = CertificateSettingsSinglePage;
 
@@ -399,7 +401,7 @@ export declare namespace Certificates {
     type AssociatedHostnames as AssociatedHostnames,
     type Certificate as Certificate,
     type CertificateDeleteResponse as CertificateDeleteResponse,
-    CertificatesSinglePage as CertificatesSinglePage,
+    CertificatesV4PagePaginationArray as CertificatesV4PagePaginationArray,
     type CertificateCreateParams as CertificateCreateParams,
     type CertificateUpdateParams as CertificateUpdateParams,
     type CertificateListParams as CertificateListParams,
diff --git a/src/resources/zero-trust/access/certificates/index.ts b/src/resources/zero-trust/access/certificates/index.ts
index 9535a990ee..1eddc4eb6c 100644
--- a/src/resources/zero-trust/access/certificates/index.ts
+++ b/src/resources/zero-trust/access/certificates/index.ts
@@ -8,7 +8,7 @@ export {
   type SettingGetParams,
 } from './settings';
 export {
-  CertificatesSinglePage,
+  CertificatesV4PagePaginationArray,
   Certificates,
   type AssociatedHostnames,
   type Certificate,
diff --git a/src/resources/zero-trust/access/custom-pages.ts b/src/resources/zero-trust/access/custom-pages.ts
index 4535110f34..4f8d2c232f 100644
--- a/src/resources/zero-trust/access/custom-pages.ts
+++ b/src/resources/zero-trust/access/custom-pages.ts
@@ -2,7 +2,7 @@
 
 import { APIResource } from '../../../resource';
 import * as Core from '../../../core';
-import { SinglePage } from '../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../pagination';
 
 export class CustomPages extends APIResource {
   /**
@@ -81,12 +81,12 @@ export class CustomPages extends APIResource {
   list(
     params: CustomPageListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<CustomPageWithoutHTMLsSinglePage, CustomPageWithoutHTML> {
-    const { account_id } = params;
+  ): Core.PagePromise<CustomPageWithoutHTMLsV4PagePaginationArray, CustomPageWithoutHTML> {
+    const { account_id, ...query } = params;
     return this._client.getAPIList(
       `/accounts/${account_id}/access/custom_pages`,
-      CustomPageWithoutHTMLsSinglePage,
-      options,
+      CustomPageWithoutHTMLsV4PagePaginationArray,
+      { query, ...options },
     );
   }
 
@@ -143,7 +143,7 @@ export class CustomPages extends APIResource {
   }
 }
 
-export class CustomPageWithoutHTMLsSinglePage extends SinglePage<CustomPageWithoutHTML> {}
+export class CustomPageWithoutHTMLsV4PagePaginationArray extends V4PagePaginationArray<CustomPageWithoutHTML> {}
 
 export interface CustomPage {
   /**
@@ -263,9 +263,9 @@ export interface CustomPageUpdateParams {
   app_count?: number;
 }
 
-export interface CustomPageListParams {
+export interface CustomPageListParams extends V4PagePaginationArrayParams {
   /**
-   * Identifier.
+   * Path param: Identifier.
    */
   account_id: string;
 }
@@ -284,14 +284,14 @@ export interface CustomPageGetParams {
   account_id: string;
 }
 
-CustomPages.CustomPageWithoutHTMLsSinglePage = CustomPageWithoutHTMLsSinglePage;
+CustomPages.CustomPageWithoutHTMLsV4PagePaginationArray = CustomPageWithoutHTMLsV4PagePaginationArray;
 
 export declare namespace CustomPages {
   export {
     type CustomPage as CustomPage,
     type CustomPageWithoutHTML as CustomPageWithoutHTML,
     type CustomPageDeleteResponse as CustomPageDeleteResponse,
-    CustomPageWithoutHTMLsSinglePage as CustomPageWithoutHTMLsSinglePage,
+    CustomPageWithoutHTMLsV4PagePaginationArray as CustomPageWithoutHTMLsV4PagePaginationArray,
     type CustomPageCreateParams as CustomPageCreateParams,
     type CustomPageUpdateParams as CustomPageUpdateParams,
     type CustomPageListParams as CustomPageListParams,
diff --git a/src/resources/zero-trust/access/groups.ts b/src/resources/zero-trust/access/groups.ts
index fa7ab4bcdd..e224772541 100644
--- a/src/resources/zero-trust/access/groups.ts
+++ b/src/resources/zero-trust/access/groups.ts
@@ -5,7 +5,7 @@ import { isRequestOptions } from '../../../core';
 import * as Core from '../../../core';
 import * as PoliciesAPI from './applications/policies';
 import { CloudflareError } from '../../../error';
-import { SinglePage } from '../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../pagination';
 
 export class Groups extends APIResource {
   /**
@@ -117,12 +117,14 @@ export class Groups extends APIResource {
   list(
     params?: GroupListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<GroupListResponsesSinglePage, GroupListResponse>;
-  list(options?: Core.RequestOptions): Core.PagePromise<GroupListResponsesSinglePage, GroupListResponse>;
+  ): Core.PagePromise<GroupListResponsesV4PagePaginationArray, GroupListResponse>;
+  list(
+    options?: Core.RequestOptions,
+  ): Core.PagePromise<GroupListResponsesV4PagePaginationArray, GroupListResponse>;
   list(
     params: GroupListParams | Core.RequestOptions = {},
     options?: Core.RequestOptions,
-  ): Core.PagePromise<GroupListResponsesSinglePage, GroupListResponse> {
+  ): Core.PagePromise<GroupListResponsesV4PagePaginationArray, GroupListResponse> {
     if (isRequestOptions(params)) {
       return this.list({}, params);
     }
@@ -145,7 +147,7 @@ export class Groups extends APIResource {
         };
     return this._client.getAPIList(
       `/${accountOrZone}/${accountOrZoneId}/access/groups`,
-      GroupListResponsesSinglePage,
+      GroupListResponsesV4PagePaginationArray,
       { query, ...options },
     );
   }
@@ -251,9 +253,9 @@ export class Groups extends APIResource {
   }
 }
 
-export class GroupListResponsesSinglePage extends SinglePage<GroupListResponse> {}
+export class GroupListResponsesV4PagePaginationArray extends V4PagePaginationArray<GroupListResponse> {}
 
-export class ZeroTrustGroupsSinglePage extends SinglePage<ZeroTrustGroup> {}
+export class ZeroTrustGroupsV4PagePaginationArray extends V4PagePaginationArray<ZeroTrustGroup> {}
 
 export interface ZeroTrustGroup {
   /**
@@ -550,7 +552,7 @@ export interface GroupUpdateParams {
   require?: Array<PoliciesAPI.AccessRuleParam>;
 }
 
-export interface GroupListParams {
+export interface GroupListParams extends V4PagePaginationArrayParams {
   /**
    * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
    * Zone ID.
@@ -598,7 +600,7 @@ export interface GroupGetParams {
   zone_id?: string;
 }
 
-Groups.GroupListResponsesSinglePage = GroupListResponsesSinglePage;
+Groups.GroupListResponsesV4PagePaginationArray = GroupListResponsesV4PagePaginationArray;
 
 export declare namespace Groups {
   export {
@@ -608,7 +610,7 @@ export declare namespace Groups {
     type GroupListResponse as GroupListResponse,
     type GroupDeleteResponse as GroupDeleteResponse,
     type GroupGetResponse as GroupGetResponse,
-    GroupListResponsesSinglePage as GroupListResponsesSinglePage,
+    GroupListResponsesV4PagePaginationArray as GroupListResponsesV4PagePaginationArray,
     type GroupCreateParams as GroupCreateParams,
     type GroupUpdateParams as GroupUpdateParams,
     type GroupListParams as GroupListParams,
diff --git a/src/resources/zero-trust/access/index.ts b/src/resources/zero-trust/access/index.ts
index d8a643ef19..52ccef53ba 100644
--- a/src/resources/zero-trust/access/index.ts
+++ b/src/resources/zero-trust/access/index.ts
@@ -2,15 +2,15 @@
 
 export { Access } from './access';
 export {
-  AccessUsersSinglePage,
-  UserListResponsesSinglePage,
+  AccessUsersV4PagePaginationArray,
+  UserListResponsesV4PagePaginationArray,
   Users,
   type AccessUser,
   type UserListResponse,
   type UserListParams,
 } from './users/index';
 export {
-  ApplicationListResponsesSinglePage,
+  ApplicationListResponsesV4PagePaginationArray,
   Applications,
   type AllowedHeaders,
   type AllowedIdPs,
@@ -56,7 +56,7 @@ export {
   type BookmarkGetParams,
 } from './bookmarks';
 export {
-  CertificatesSinglePage,
+  CertificatesV4PagePaginationArray,
   Certificates,
   type AssociatedHostnames,
   type Certificate,
@@ -68,7 +68,7 @@ export {
   type CertificateGetParams,
 } from './certificates/index';
 export {
-  CustomPageWithoutHTMLsSinglePage,
+  CustomPageWithoutHTMLsV4PagePaginationArray,
   CustomPages,
   type CustomPage,
   type CustomPageWithoutHTML,
@@ -101,7 +101,7 @@ export {
 } from './keys';
 export { Logs } from './logs/index';
 export {
-  PolicyListResponsesSinglePage,
+  PolicyListResponsesV4PagePaginationArray,
   Policies,
   type ApprovalGroup,
   type Policy,
@@ -117,7 +117,7 @@ export {
   type PolicyGetParams,
 } from './policies';
 export {
-  ServiceTokensSinglePage,
+  ServiceTokensV4PagePaginationArray,
   ServiceTokens,
   type ServiceToken,
   type ServiceTokenCreateResponse,
@@ -131,7 +131,7 @@ export {
   type ServiceTokenRotateParams,
 } from './service-tokens';
 export {
-  TagsSinglePage,
+  TagsV4PagePaginationArray,
   Tags,
   type Tag,
   type TagDeleteResponse,
@@ -142,8 +142,8 @@ export {
   type TagGetParams,
 } from './tags';
 export {
-  ZeroTrustGroupsSinglePage,
-  GroupListResponsesSinglePage,
+  ZeroTrustGroupsV4PagePaginationArray,
+  GroupListResponsesV4PagePaginationArray,
   Groups,
   type ZeroTrustGroup,
   type GroupCreateResponse,
diff --git a/src/resources/zero-trust/access/logs/access-requests.ts b/src/resources/zero-trust/access/logs/access-requests.ts
index df4320c80c..eb75000b09 100644
--- a/src/resources/zero-trust/access/logs/access-requests.ts
+++ b/src/resources/zero-trust/access/logs/access-requests.ts
@@ -48,6 +48,16 @@ export interface AccessRequestListParams {
    */
   limit?: number;
 
+  /**
+   * Query param: Page number of results.
+   */
+  page?: number;
+
+  /**
+   * Query param: Number of results per page.
+   */
+  per_page?: number;
+
   /**
    * Query param: The earliest event timestamp to query.
    */
diff --git a/src/resources/zero-trust/access/logs/scim/index.ts b/src/resources/zero-trust/access/logs/scim/index.ts
index 5655374211..877d415771 100644
--- a/src/resources/zero-trust/access/logs/scim/index.ts
+++ b/src/resources/zero-trust/access/logs/scim/index.ts
@@ -2,7 +2,7 @@
 
 export { SCIM, type AccessRequest } from './scim';
 export {
-  UpdateListResponsesSinglePage,
+  UpdateListResponsesV4PagePaginationArray,
   Updates,
   type UpdateListResponse,
   type UpdateListParams,
diff --git a/src/resources/zero-trust/access/logs/scim/scim.ts b/src/resources/zero-trust/access/logs/scim/scim.ts
index 68650a8fcd..cb7f3f88b6 100644
--- a/src/resources/zero-trust/access/logs/scim/scim.ts
+++ b/src/resources/zero-trust/access/logs/scim/scim.ts
@@ -2,7 +2,12 @@
 
 import { APIResource } from '../../../../../resource';
 import * as UpdatesAPI from './updates';
-import { UpdateListParams, UpdateListResponse, UpdateListResponsesSinglePage, Updates } from './updates';
+import {
+  UpdateListParams,
+  UpdateListResponse,
+  UpdateListResponsesV4PagePaginationArray,
+  Updates,
+} from './updates';
 
 export class SCIM extends APIResource {
   updates: UpdatesAPI.Updates = new UpdatesAPI.Updates(this._client);
@@ -53,7 +58,7 @@ export interface AccessRequest {
 }
 
 SCIM.Updates = Updates;
-SCIM.UpdateListResponsesSinglePage = UpdateListResponsesSinglePage;
+SCIM.UpdateListResponsesV4PagePaginationArray = UpdateListResponsesV4PagePaginationArray;
 
 export declare namespace SCIM {
   export { type AccessRequest as AccessRequest };
@@ -61,7 +66,7 @@ export declare namespace SCIM {
   export {
     Updates as Updates,
     type UpdateListResponse as UpdateListResponse,
-    UpdateListResponsesSinglePage as UpdateListResponsesSinglePage,
+    UpdateListResponsesV4PagePaginationArray as UpdateListResponsesV4PagePaginationArray,
     type UpdateListParams as UpdateListParams,
   };
 }
diff --git a/src/resources/zero-trust/access/logs/scim/updates.ts b/src/resources/zero-trust/access/logs/scim/updates.ts
index b65b7d4d40..1f81ddc56e 100644
--- a/src/resources/zero-trust/access/logs/scim/updates.ts
+++ b/src/resources/zero-trust/access/logs/scim/updates.ts
@@ -2,7 +2,7 @@
 
 import { APIResource } from '../../../../../resource';
 import * as Core from '../../../../../core';
-import { SinglePage } from '../../../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../../../pagination';
 
 export class Updates extends APIResource {
   /**
@@ -29,17 +29,17 @@ export class Updates extends APIResource {
   list(
     params: UpdateListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<UpdateListResponsesSinglePage, UpdateListResponse> {
+  ): Core.PagePromise<UpdateListResponsesV4PagePaginationArray, UpdateListResponse> {
     const { account_id, ...query } = params;
     return this._client.getAPIList(
       `/accounts/${account_id}/access/logs/scim/updates`,
-      UpdateListResponsesSinglePage,
+      UpdateListResponsesV4PagePaginationArray,
       { query, ...options },
     );
   }
 }
 
-export class UpdateListResponsesSinglePage extends SinglePage<UpdateListResponse> {}
+export class UpdateListResponsesV4PagePaginationArray extends V4PagePaginationArray<UpdateListResponse> {}
 
 export interface UpdateListResponse {
   /**
@@ -96,7 +96,7 @@ export interface UpdateListResponse {
   status?: string;
 }
 
-export interface UpdateListParams {
+export interface UpdateListParams extends V4PagePaginationArrayParams {
   /**
    * Path param: Identifier.
    */
@@ -163,12 +163,12 @@ export interface UpdateListParams {
   until?: string;
 }
 
-Updates.UpdateListResponsesSinglePage = UpdateListResponsesSinglePage;
+Updates.UpdateListResponsesV4PagePaginationArray = UpdateListResponsesV4PagePaginationArray;
 
 export declare namespace Updates {
   export {
     type UpdateListResponse as UpdateListResponse,
-    UpdateListResponsesSinglePage as UpdateListResponsesSinglePage,
+    UpdateListResponsesV4PagePaginationArray as UpdateListResponsesV4PagePaginationArray,
     type UpdateListParams as UpdateListParams,
   };
 }
diff --git a/src/resources/zero-trust/access/policies.ts b/src/resources/zero-trust/access/policies.ts
index 75f383f75a..2f2bdc7e5e 100644
--- a/src/resources/zero-trust/access/policies.ts
+++ b/src/resources/zero-trust/access/policies.ts
@@ -4,7 +4,7 @@ import { APIResource } from '../../../resource';
 import * as Core from '../../../core';
 import * as ApplicationsAPI from './applications/applications';
 import * as ApplicationsPoliciesAPI from './applications/policies';
-import { SinglePage } from '../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../pagination';
 
 export class Policies extends APIResource {
   /**
@@ -89,12 +89,12 @@ export class Policies extends APIResource {
   list(
     params: PolicyListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<PolicyListResponsesSinglePage, PolicyListResponse> {
-    const { account_id } = params;
+  ): Core.PagePromise<PolicyListResponsesV4PagePaginationArray, PolicyListResponse> {
+    const { account_id, ...query } = params;
     return this._client.getAPIList(
       `/accounts/${account_id}/access/policies`,
-      PolicyListResponsesSinglePage,
-      options,
+      PolicyListResponsesV4PagePaginationArray,
+      { query, ...options },
     );
   }
 
@@ -148,7 +148,7 @@ export class Policies extends APIResource {
   }
 }
 
-export class PolicyListResponsesSinglePage extends SinglePage<PolicyListResponse> {}
+export class PolicyListResponsesV4PagePaginationArray extends V4PagePaginationArray<PolicyListResponse> {}
 
 /**
  * A group of email addresses that can approve a temporary authentication request.
@@ -764,9 +764,9 @@ export interface PolicyUpdateParams {
   session_duration?: string;
 }
 
-export interface PolicyListParams {
+export interface PolicyListParams extends V4PagePaginationArrayParams {
   /**
-   * Identifier.
+   * Path param: Identifier.
    */
   account_id: string;
 }
@@ -785,7 +785,7 @@ export interface PolicyGetParams {
   account_id: string;
 }
 
-Policies.PolicyListResponsesSinglePage = PolicyListResponsesSinglePage;
+Policies.PolicyListResponsesV4PagePaginationArray = PolicyListResponsesV4PagePaginationArray;
 
 export declare namespace Policies {
   export {
@@ -796,7 +796,7 @@ export declare namespace Policies {
     type PolicyListResponse as PolicyListResponse,
     type PolicyDeleteResponse as PolicyDeleteResponse,
     type PolicyGetResponse as PolicyGetResponse,
-    PolicyListResponsesSinglePage as PolicyListResponsesSinglePage,
+    PolicyListResponsesV4PagePaginationArray as PolicyListResponsesV4PagePaginationArray,
     type PolicyCreateParams as PolicyCreateParams,
     type PolicyUpdateParams as PolicyUpdateParams,
     type PolicyListParams as PolicyListParams,
diff --git a/src/resources/zero-trust/access/service-tokens.ts b/src/resources/zero-trust/access/service-tokens.ts
index 5ec9861f54..85ec54641a 100644
--- a/src/resources/zero-trust/access/service-tokens.ts
+++ b/src/resources/zero-trust/access/service-tokens.ts
@@ -4,7 +4,7 @@ import { APIResource } from '../../../resource';
 import { isRequestOptions } from '../../../core';
 import * as Core from '../../../core';
 import { CloudflareError } from '../../../error';
-import { SinglePage } from '../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../pagination';
 
 export class ServiceTokens extends APIResource {
   /**
@@ -108,12 +108,12 @@ export class ServiceTokens extends APIResource {
   list(
     params?: ServiceTokenListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<ServiceTokensSinglePage, ServiceToken>;
-  list(options?: Core.RequestOptions): Core.PagePromise<ServiceTokensSinglePage, ServiceToken>;
+  ): Core.PagePromise<ServiceTokensV4PagePaginationArray, ServiceToken>;
+  list(options?: Core.RequestOptions): Core.PagePromise<ServiceTokensV4PagePaginationArray, ServiceToken>;
   list(
     params: ServiceTokenListParams | Core.RequestOptions = {},
     options?: Core.RequestOptions,
-  ): Core.PagePromise<ServiceTokensSinglePage, ServiceToken> {
+  ): Core.PagePromise<ServiceTokensV4PagePaginationArray, ServiceToken> {
     if (isRequestOptions(params)) {
       return this.list({}, params);
     }
@@ -136,7 +136,7 @@ export class ServiceTokens extends APIResource {
         };
     return this._client.getAPIList(
       `/${accountOrZone}/${accountOrZoneId}/access/service_tokens`,
-      ServiceTokensSinglePage,
+      ServiceTokensV4PagePaginationArray,
       { query, ...options },
     );
   }
@@ -296,7 +296,7 @@ export class ServiceTokens extends APIResource {
   }
 }
 
-export class ServiceTokensSinglePage extends SinglePage<ServiceToken> {}
+export class ServiceTokensV4PagePaginationArray extends V4PagePaginationArray<ServiceToken> {}
 
 export interface ServiceToken {
   /**
@@ -453,7 +453,7 @@ export interface ServiceTokenUpdateParams {
   name?: string;
 }
 
-export interface ServiceTokenListParams {
+export interface ServiceTokenListParams extends V4PagePaginationArrayParams {
   /**
    * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
    * Zone ID.
@@ -515,14 +515,14 @@ export interface ServiceTokenRotateParams {
   account_id: string;
 }
 
-ServiceTokens.ServiceTokensSinglePage = ServiceTokensSinglePage;
+ServiceTokens.ServiceTokensV4PagePaginationArray = ServiceTokensV4PagePaginationArray;
 
 export declare namespace ServiceTokens {
   export {
     type ServiceToken as ServiceToken,
     type ServiceTokenCreateResponse as ServiceTokenCreateResponse,
     type ServiceTokenRotateResponse as ServiceTokenRotateResponse,
-    ServiceTokensSinglePage as ServiceTokensSinglePage,
+    ServiceTokensV4PagePaginationArray as ServiceTokensV4PagePaginationArray,
     type ServiceTokenCreateParams as ServiceTokenCreateParams,
     type ServiceTokenUpdateParams as ServiceTokenUpdateParams,
     type ServiceTokenListParams as ServiceTokenListParams,
diff --git a/src/resources/zero-trust/access/tags.ts b/src/resources/zero-trust/access/tags.ts
index debbc67f59..87e1ca984b 100644
--- a/src/resources/zero-trust/access/tags.ts
+++ b/src/resources/zero-trust/access/tags.ts
@@ -2,7 +2,7 @@
 
 import { APIResource } from '../../../resource';
 import * as Core from '../../../core';
-import { SinglePage } from '../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../pagination';
 
 export class Tags extends APIResource {
   /**
@@ -61,9 +61,15 @@ export class Tags extends APIResource {
    * }
    * ```
    */
-  list(params: TagListParams, options?: Core.RequestOptions): Core.PagePromise<TagsSinglePage, Tag> {
-    const { account_id } = params;
-    return this._client.getAPIList(`/accounts/${account_id}/access/tags`, TagsSinglePage, options);
+  list(
+    params: TagListParams,
+    options?: Core.RequestOptions,
+  ): Core.PagePromise<TagsV4PagePaginationArray, Tag> {
+    const { account_id, ...query } = params;
+    return this._client.getAPIList(`/accounts/${account_id}/access/tags`, TagsV4PagePaginationArray, {
+      query,
+      ...options,
+    });
   }
 
   /**
@@ -111,7 +117,7 @@ export class Tags extends APIResource {
   }
 }
 
-export class TagsSinglePage extends SinglePage<Tag> {}
+export class TagsV4PagePaginationArray extends V4PagePaginationArray<Tag> {}
 
 /**
  * A tag
@@ -163,9 +169,9 @@ export interface TagUpdateParams {
   name: string;
 }
 
-export interface TagListParams {
+export interface TagListParams extends V4PagePaginationArrayParams {
   /**
-   * Identifier.
+   * Path param: Identifier.
    */
   account_id: string;
 }
@@ -184,13 +190,13 @@ export interface TagGetParams {
   account_id: string;
 }
 
-Tags.TagsSinglePage = TagsSinglePage;
+Tags.TagsV4PagePaginationArray = TagsV4PagePaginationArray;
 
 export declare namespace Tags {
   export {
     type Tag as Tag,
     type TagDeleteResponse as TagDeleteResponse,
-    TagsSinglePage as TagsSinglePage,
+    TagsV4PagePaginationArray as TagsV4PagePaginationArray,
     type TagCreateParams as TagCreateParams,
     type TagUpdateParams as TagUpdateParams,
     type TagListParams as TagListParams,
diff --git a/src/resources/zero-trust/access/users/index.ts b/src/resources/zero-trust/access/users/index.ts
index 4782e06a39..dd9172844b 100644
--- a/src/resources/zero-trust/access/users/index.ts
+++ b/src/resources/zero-trust/access/users/index.ts
@@ -1,8 +1,8 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 export {
-  AccessUsersSinglePage,
-  UserListResponsesSinglePage,
+  AccessUsersV4PagePaginationArray,
+  UserListResponsesV4PagePaginationArray,
   Users,
   type AccessUser,
   type UserListResponse,
diff --git a/src/resources/zero-trust/access/users/users.ts b/src/resources/zero-trust/access/users/users.ts
index 05795ccba4..7117fd26df 100644
--- a/src/resources/zero-trust/access/users/users.ts
+++ b/src/resources/zero-trust/access/users/users.ts
@@ -20,7 +20,7 @@ import {
 } from './failed-logins';
 import * as LastSeenIdentityAPI from './last-seen-identity';
 import { Identity, LastSeenIdentity, LastSeenIdentityGetParams } from './last-seen-identity';
-import { SinglePage } from '../../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../../pagination';
 
 export class Users extends APIResource {
   activeSessions: ActiveSessionsAPI.ActiveSessions = new ActiveSessionsAPI.ActiveSessions(this._client);
@@ -45,18 +45,19 @@ export class Users extends APIResource {
   list(
     params: UserListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<UserListResponsesSinglePage, UserListResponse> {
+  ): Core.PagePromise<UserListResponsesV4PagePaginationArray, UserListResponse> {
     const { account_id, ...query } = params;
-    return this._client.getAPIList(`/accounts/${account_id}/access/users`, UserListResponsesSinglePage, {
-      query,
-      ...options,
-    });
+    return this._client.getAPIList(
+      `/accounts/${account_id}/access/users`,
+      UserListResponsesV4PagePaginationArray,
+      { query, ...options },
+    );
   }
 }
 
-export class UserListResponsesSinglePage extends SinglePage<UserListResponse> {}
+export class UserListResponsesV4PagePaginationArray extends V4PagePaginationArray<UserListResponse> {}
 
-export class AccessUsersSinglePage extends SinglePage<AccessUser> {}
+export class AccessUsersV4PagePaginationArray extends V4PagePaginationArray<AccessUser> {}
 
 export interface AccessUser {
   /**
@@ -178,7 +179,7 @@ export interface UserListResponse {
   updated_at?: string;
 }
 
-export interface UserListParams {
+export interface UserListParams extends V4PagePaginationArrayParams {
   /**
    * Path param: Identifier.
    */
@@ -200,7 +201,7 @@ export interface UserListParams {
   search?: string;
 }
 
-Users.UserListResponsesSinglePage = UserListResponsesSinglePage;
+Users.UserListResponsesV4PagePaginationArray = UserListResponsesV4PagePaginationArray;
 Users.ActiveSessions = ActiveSessions;
 Users.ActiveSessionListResponsesSinglePage = ActiveSessionListResponsesSinglePage;
 Users.LastSeenIdentity = LastSeenIdentity;
@@ -211,7 +212,7 @@ export declare namespace Users {
   export {
     type AccessUser as AccessUser,
     type UserListResponse as UserListResponse,
-    UserListResponsesSinglePage as UserListResponsesSinglePage,
+    UserListResponsesV4PagePaginationArray as UserListResponsesV4PagePaginationArray,
     type UserListParams as UserListParams,
   };
 
diff --git a/src/resources/zero-trust/dlp/datasets/upload.ts b/src/resources/zero-trust/dlp/datasets/upload.ts
index 32b2097543..14247bdef3 100644
--- a/src/resources/zero-trust/dlp/datasets/upload.ts
+++ b/src/resources/zero-trust/dlp/datasets/upload.ts
@@ -44,23 +44,22 @@ export class Upload extends APIResource {
    *   await client.zeroTrust.dlp.datasets.upload.edit(
    *     '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
    *     0,
-   *     {
-   *       account_id: 'account_id',
-   *       body: fs.createReadStream('path/to/file'),
-   *     },
+   *     fs.createReadStream('path/to/file'),
+   *     fs.createReadStream('path/to/file'),
    *   );
    * ```
    */
   edit(
     datasetId: string,
     version: number,
+    dataset: string | ArrayBufferView | ArrayBuffer | BlobLike,
     params: UploadEditParams,
     options?: Core.RequestOptions,
   ): Core.APIPromise<DatasetsAPI.Dataset> {
-    const { account_id, body } = params;
+    const { account_id } = params;
     return (
       this._client.post(`/accounts/${account_id}/dlp/datasets/${datasetId}/upload/${version}`, {
-        body: body,
+        body: dataset,
         ...options,
         headers: { 'Content-Type': 'application/octet-stream', ...options?.headers },
         __binaryRequest: true,
@@ -99,17 +98,7 @@ export interface UploadCreateParams {
   account_id: string;
 }
 
-export interface UploadEditParams {
-  /**
-   * Path param:
-   */
-  account_id: string;
-
-  /**
-   * Body param:
-   */
-  body: string | ArrayBufferView | ArrayBuffer | BlobLike;
-}
+export type UploadEditParams = string | ArrayBufferView | ArrayBuffer | BlobLike;
 
 export declare namespace Upload {
   export {
diff --git a/src/resources/zero-trust/dlp/datasets/versions/entries.ts b/src/resources/zero-trust/dlp/datasets/versions/entries.ts
index 4cbeffadc1..84eaf6ca57 100755
--- a/src/resources/zero-trust/dlp/datasets/versions/entries.ts
+++ b/src/resources/zero-trust/dlp/datasets/versions/entries.ts
@@ -16,10 +16,8 @@ export class Entries extends APIResource {
    *     '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
    *     0,
    *     '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
-   *     {
-   *       account_id: 'account_id',
-   *       body: fs.createReadStream('path/to/file'),
-   *     },
+   *     fs.createReadStream('path/to/file'),
+   *     fs.createReadStream('path/to/file'),
    *   );
    * ```
    */
@@ -27,15 +25,16 @@ export class Entries extends APIResource {
     datasetId: string,
     version: number,
     entryId: string,
+    datasetVersionEntry: string | ArrayBufferView | ArrayBuffer | BlobLike,
     params: EntryCreateParams,
     options?: Core.RequestOptions,
   ): Core.APIPromise<EntryCreateResponse> {
-    const { account_id, body } = params;
+    const { account_id } = params;
     return (
       this._client.post(
         `/accounts/${account_id}/dlp/datasets/${datasetId}/versions/${version}/entries/${entryId}`,
         {
-          body: body,
+          body: datasetVersionEntry,
           ...options,
           headers: { 'Content-Type': 'application/octet-stream', ...options?.headers },
           __binaryRequest: true,
@@ -55,17 +54,7 @@ export interface EntryCreateResponse {
   upload_status: 'empty' | 'uploading' | 'pending' | 'processing' | 'failed' | 'complete';
 }
 
-export interface EntryCreateParams {
-  /**
-   * Path param:
-   */
-  account_id: string;
-
-  /**
-   * Body param:
-   */
-  body: string | ArrayBufferView | ArrayBuffer | BlobLike;
-}
+export type EntryCreateParams = string | ArrayBufferView | ArrayBuffer | BlobLike;
 
 export declare namespace Entries {
   export { type EntryCreateResponse as EntryCreateResponse, type EntryCreateParams as EntryCreateParams };
diff --git a/src/resources/zero-trust/dlp/entries/integration.ts b/src/resources/zero-trust/dlp/entries/integration.ts
index bf8fedef54..dea046096c 100644
--- a/src/resources/zero-trust/dlp/entries/integration.ts
+++ b/src/resources/zero-trust/dlp/entries/integration.ts
@@ -5,7 +5,8 @@ import * as Core from '../../../../core';
 
 export class Integration extends APIResource {
   /**
-   * This will update an existing integration entry
+   * Integration entries can't be created, this will update an existing integration
+   * entry This is needed for our generated terraform API
    *
    * @example
    * ```ts
diff --git a/src/resources/zero-trust/dlp/entries/predefined.ts b/src/resources/zero-trust/dlp/entries/predefined.ts
index e1749f4cf5..33e9fc2670 100644
--- a/src/resources/zero-trust/dlp/entries/predefined.ts
+++ b/src/resources/zero-trust/dlp/entries/predefined.ts
@@ -5,7 +5,8 @@ import * as Core from '../../../../core';
 
 export class Predefined extends APIResource {
   /**
-   * This will update an existing predefined entry
+   * Predefined entries can't be created, this will update an existing predefined
+   * entry This is needed for our generated terraform API
    *
    * @example
    * ```ts
diff --git a/src/resources/zero-trust/dlp/profiles/custom.ts b/src/resources/zero-trust/dlp/profiles/custom.ts
index b4f412471b..49b7b93d93 100644
--- a/src/resources/zero-trust/dlp/profiles/custom.ts
+++ b/src/resources/zero-trust/dlp/profiles/custom.ts
@@ -125,12 +125,6 @@ export interface CustomProfile {
    */
   allowed_match_count: number;
 
-  /**
-   * Scan the context of predefined entries to only return matches surrounded by
-   * keywords.
-   */
-  context_awareness: ProfilesAPI.ContextAwareness;
-
   /**
    * When the profile was created.
    */
@@ -161,6 +155,12 @@ export interface CustomProfile {
 
   confidence_threshold?: 'low' | 'medium' | 'high' | 'very_high';
 
+  /**
+   * @deprecated Scan the context of predefined entries to only return matches
+   * surrounded by keywords.
+   */
+  context_awareness?: ProfilesAPI.ContextAwareness;
+
   /**
    * The description of the profile.
    */
@@ -339,8 +339,8 @@ export interface CustomCreateParams {
   confidence_threshold?: string | null;
 
   /**
-   * Body param: Scan the context of predefined entries to only return matches
-   * surrounded by keywords.
+   * @deprecated Body param: Scan the context of predefined entries to only return
+   * matches surrounded by keywords.
    */
   context_awareness?: ProfilesAPI.ContextAwarenessParam;
 
@@ -452,8 +452,8 @@ export interface CustomUpdateParams {
   confidence_threshold?: string | null;
 
   /**
-   * Body param: Scan the context of predefined entries to only return matches
-   * surrounded by keywords.
+   * @deprecated Body param: Scan the context of predefined entries to only return
+   * matches surrounded by keywords.
    */
   context_awareness?: ProfilesAPI.ContextAwarenessParam;
 
diff --git a/src/resources/zero-trust/dlp/profiles/predefined.ts b/src/resources/zero-trust/dlp/profiles/predefined.ts
index 1d2ddde8fa..debdd0349f 100644
--- a/src/resources/zero-trust/dlp/profiles/predefined.ts
+++ b/src/resources/zero-trust/dlp/profiles/predefined.ts
@@ -138,8 +138,8 @@ export interface PredefinedProfile {
   confidence_threshold?: 'low' | 'medium' | 'high' | 'very_high';
 
   /**
-   * Scan the context of predefined entries to only return matches surrounded by
-   * keywords.
+   * @deprecated Scan the context of predefined entries to only return matches
+   * surrounded by keywords.
    */
   context_awareness?: ProfilesAPI.ContextAwareness;
 
@@ -299,8 +299,8 @@ export interface PredefinedCreateParams {
   confidence_threshold?: string | null;
 
   /**
-   * Body param: Scan the context of predefined entries to only return matches
-   * surrounded by keywords.
+   * @deprecated Body param: Scan the context of predefined entries to only return
+   * matches surrounded by keywords.
    */
   context_awareness?: ProfilesAPI.ContextAwarenessParam;
 
@@ -345,8 +345,8 @@ export interface PredefinedUpdateParams {
   confidence_threshold?: string | null;
 
   /**
-   * Body param: Scan the context of predefined entries to only return matches
-   * surrounded by keywords.
+   * @deprecated Body param: Scan the context of predefined entries to only return
+   * matches surrounded by keywords.
    */
   context_awareness?: ProfilesAPI.ContextAwarenessParam;
 
diff --git a/src/resources/zero-trust/dlp/profiles/profiles.ts b/src/resources/zero-trust/dlp/profiles/profiles.ts
index 4f2ddcea1e..a2b3dcd0ba 100644
--- a/src/resources/zero-trust/dlp/profiles/profiles.ts
+++ b/src/resources/zero-trust/dlp/profiles/profiles.ts
@@ -78,8 +78,8 @@ export class Profiles extends APIResource {
 export class ProfilesSinglePage extends SinglePage<Profile> {}
 
 /**
- * Scan the context of predefined entries to only return matches surrounded by
- * keywords.
+ * @deprecated Scan the context of predefined entries to only return matches
+ * surrounded by keywords.
  */
 export interface ContextAwareness {
   /**
@@ -95,8 +95,8 @@ export interface ContextAwareness {
 }
 
 /**
- * Scan the context of predefined entries to only return matches surrounded by
- * keywords.
+ * @deprecated Scan the context of predefined entries to only return matches
+ * surrounded by keywords.
  */
 export interface ContextAwarenessParam {
   /**
@@ -125,12 +125,6 @@ export namespace Profile {
      */
     allowed_match_count: number;
 
-    /**
-     * Scan the context of predefined entries to only return matches surrounded by
-     * keywords.
-     */
-    context_awareness: ProfilesAPI.ContextAwareness;
-
     /**
      * When the profile was created.
      */
@@ -163,6 +157,12 @@ export namespace Profile {
 
     confidence_threshold?: 'low' | 'medium' | 'high' | 'very_high';
 
+    /**
+     * @deprecated Scan the context of predefined entries to only return matches
+     * surrounded by keywords.
+     */
+    context_awareness?: ProfilesAPI.ContextAwareness;
+
     /**
      * The description of the profile.
      */
@@ -317,8 +317,8 @@ export namespace Profile {
     confidence_threshold?: 'low' | 'medium' | 'high' | 'very_high';
 
     /**
-     * Scan the context of predefined entries to only return matches surrounded by
-     * keywords.
+     * @deprecated Scan the context of predefined entries to only return matches
+     * surrounded by keywords.
      */
     context_awareness?: ProfilesAPI.ContextAwareness;
 
diff --git a/src/resources/zero-trust/gateway/configurations/configurations.ts b/src/resources/zero-trust/gateway/configurations/configurations.ts
index 2261c3d520..9a3f07a900 100755
--- a/src/resources/zero-trust/gateway/configurations/configurations.ts
+++ b/src/resources/zero-trust/gateway/configurations/configurations.ts
@@ -93,7 +93,7 @@ export interface ActivityLogSettings {
   /**
    * Enable activity logging.
    */
-  enabled?: boolean;
+  enabled?: boolean | null;
 }
 
 /**
@@ -103,7 +103,7 @@ export interface ActivityLogSettingsParam {
   /**
    * Enable activity logging.
    */
-  enabled?: boolean;
+  enabled?: boolean | null;
 }
 
 /**
@@ -113,17 +113,17 @@ export interface AntiVirusSettings {
   /**
    * Enable anti-virus scanning on downloads.
    */
-  enabled_download_phase?: boolean;
+  enabled_download_phase?: boolean | null;
 
   /**
    * Enable anti-virus scanning on uploads.
    */
-  enabled_upload_phase?: boolean;
+  enabled_upload_phase?: boolean | null;
 
   /**
    * Block requests for files that cannot be scanned.
    */
-  fail_closed?: boolean;
+  fail_closed?: boolean | null;
 
   /**
    * Configure a message to display on the user's device when an antivirus search is
@@ -139,17 +139,17 @@ export interface AntiVirusSettingsParam {
   /**
    * Enable anti-virus scanning on downloads.
    */
-  enabled_download_phase?: boolean;
+  enabled_download_phase?: boolean | null;
 
   /**
    * Enable anti-virus scanning on uploads.
    */
-  enabled_upload_phase?: boolean;
+  enabled_upload_phase?: boolean | null;
 
   /**
    * Block requests for files that cannot be scanned.
    */
-  fail_closed?: boolean;
+  fail_closed?: boolean | null;
 
   /**
    * Configure a message to display on the user's device when an antivirus search is
@@ -170,7 +170,7 @@ export interface BlockPageSettings {
   /**
    * Enable only cipher suites and TLS versions compliant with FIPS 140-2.
    */
-  enabled?: boolean;
+  enabled?: boolean | null;
 
   /**
    * If mode is customized_block_page: block page footer text.
@@ -208,7 +208,7 @@ export interface BlockPageSettings {
    * Controls whether the user is redirected to a Cloudflare-hosted block page or to
    * a customer-provided URI.
    */
-  mode?: 'customized_block_page' | 'redirect_uri';
+  mode?: '' | 'customized_block_page' | 'redirect_uri';
 
   /**
    * If mode is customized_block_page: block page title.
@@ -219,12 +219,12 @@ export interface BlockPageSettings {
    * This setting was shared via the Orgs API and cannot be edited by the current
    * account
    */
-  read_only?: boolean;
+  read_only?: boolean | null;
 
   /**
    * Account tag of account that shared this setting
    */
-  source_account?: string;
+  source_account?: string | null;
 
   /**
    * If mode is customized_block_page: suppress detailed info at the bottom of the
@@ -236,6 +236,11 @@ export interface BlockPageSettings {
    * If mode is redirect_uri: URI to which the user should be redirected.
    */
   target_uri?: string;
+
+  /**
+   * Version number of the setting
+   */
+  version?: number | null;
 }
 
 /**
@@ -250,7 +255,7 @@ export interface BlockPageSettingsParam {
   /**
    * Enable only cipher suites and TLS versions compliant with FIPS 140-2.
    */
-  enabled?: boolean;
+  enabled?: boolean | null;
 
   /**
    * If mode is customized_block_page: block page footer text.
@@ -288,7 +293,7 @@ export interface BlockPageSettingsParam {
    * Controls whether the user is redirected to a Cloudflare-hosted block page or to
    * a customer-provided URI.
    */
-  mode?: 'customized_block_page' | 'redirect_uri';
+  mode?: '' | 'customized_block_page' | 'redirect_uri';
 
   /**
    * If mode is customized_block_page: block page title.
@@ -314,7 +319,7 @@ export interface BodyScanningSettings {
   /**
    * Set the inspection mode to either `deep` or `shallow`.
    */
-  inspection_mode?: string;
+  inspection_mode?: 'deep' | 'shallow';
 }
 
 /**
@@ -324,7 +329,7 @@ export interface BodyScanningSettingsParam {
   /**
    * Set the inspection mode to either `deep` or `shallow`.
    */
-  inspection_mode?: string;
+  inspection_mode?: 'deep' | 'shallow';
 }
 
 /**
@@ -365,7 +370,7 @@ export interface CustomCertificateSettings {
   /**
    * Enable use of custom certificate authority for signing Gateway traffic.
    */
-  enabled: boolean;
+  enabled: boolean | null;
 
   /**
    * UUID of certificate (ID from MTLS certificate store).
@@ -388,7 +393,7 @@ export interface CustomCertificateSettingsParam {
   /**
    * Enable use of custom certificate authority for signing Gateway traffic.
    */
-  enabled: boolean;
+  enabled: boolean | null;
 
   /**
    * UUID of certificate (ID from MTLS certificate store).
@@ -404,7 +409,7 @@ export interface ExtendedEmailMatching {
    * Enable matching all variants of user emails (with + or . modifiers) used as
    * criteria in Firewall policies.
    */
-  enabled?: boolean;
+  enabled?: boolean | null;
 
   /**
    * This setting was shared via the Orgs API and cannot be edited by the current
@@ -416,6 +421,11 @@ export interface ExtendedEmailMatching {
    * Account tag of account that shared this setting
    */
   source_account?: string;
+
+  /**
+   * Version number of the setting
+   */
+  version?: number;
 }
 
 /**
@@ -426,7 +436,7 @@ export interface ExtendedEmailMatchingParam {
    * Enable matching all variants of user emails (with + or . modifiers) used as
    * criteria in Firewall policies.
    */
-  enabled?: boolean;
+  enabled?: boolean | null;
 }
 
 /**
@@ -505,6 +515,11 @@ export interface GatewayConfigurationSettings {
    */
   host_selector?: GatewayConfigurationSettings.HostSelector | null;
 
+  /**
+   * Setting to define inspection settings
+   */
+  inspection?: GatewayConfigurationSettings.Inspection | null;
+
   /**
    * Protocol Detection settings.
    */
@@ -542,7 +557,22 @@ export namespace GatewayConfigurationSettings {
     /**
      * Enable filtering via hosts for egress policies.
      */
-    enabled?: boolean;
+    enabled?: boolean | null;
+  }
+
+  /**
+   * Setting to define inspection settings
+   */
+  export interface Inspection {
+    /**
+     * Defines the mode of inspection the proxy will use.
+     *
+     * - static: Gateway will use static inspection to inspect HTTP on TCP(80). If TLS
+     *   decryption is on, Gateway will inspect HTTPS traffic on TCP(443) & UDP(443).
+     * - dynamic: Gateway will use protocol detection to dynamically inspect HTTP and
+     *   HTTPS traffic on any port. TLS decryption must be on to inspect HTTPS traffic.
+     */
+    mode?: 'static' | 'dynamic';
   }
 
   /**
@@ -552,7 +582,7 @@ export namespace GatewayConfigurationSettings {
     /**
      * Enable sandbox.
      */
-    enabled?: boolean;
+    enabled?: boolean | null;
 
     /**
      * Action to take when the file cannot be scanned.
@@ -617,6 +647,11 @@ export interface GatewayConfigurationSettingsParam {
    */
   host_selector?: GatewayConfigurationSettingsParam.HostSelector | null;
 
+  /**
+   * Setting to define inspection settings
+   */
+  inspection?: GatewayConfigurationSettingsParam.Inspection | null;
+
   /**
    * Protocol Detection settings.
    */
@@ -654,7 +689,22 @@ export namespace GatewayConfigurationSettingsParam {
     /**
      * Enable filtering via hosts for egress policies.
      */
-    enabled?: boolean;
+    enabled?: boolean | null;
+  }
+
+  /**
+   * Setting to define inspection settings
+   */
+  export interface Inspection {
+    /**
+     * Defines the mode of inspection the proxy will use.
+     *
+     * - static: Gateway will use static inspection to inspect HTTP on TCP(80). If TLS
+     *   decryption is on, Gateway will inspect HTTPS traffic on TCP(443) & UDP(443).
+     * - dynamic: Gateway will use protocol detection to dynamically inspect HTTP and
+     *   HTTPS traffic on any port. TLS decryption must be on to inspect HTTPS traffic.
+     */
+    mode?: 'static' | 'dynamic';
   }
 
   /**
@@ -664,7 +714,7 @@ export namespace GatewayConfigurationSettingsParam {
     /**
      * Enable sandbox.
      */
-    enabled?: boolean;
+    enabled?: boolean | null;
 
     /**
      * Action to take when the file cannot be scanned.
@@ -734,7 +784,7 @@ export interface ProtocolDetection {
   /**
    * Enable detecting protocol on initial bytes of client traffic.
    */
-  enabled?: boolean;
+  enabled?: boolean | null;
 }
 
 /**
@@ -744,7 +794,7 @@ export interface ProtocolDetectionParam {
   /**
    * Enable detecting protocol on initial bytes of client traffic.
    */
-  enabled?: boolean;
+  enabled?: boolean | null;
 }
 
 /**
diff --git a/src/resources/zero-trust/gateway/locations.ts b/src/resources/zero-trust/gateway/locations.ts
index ba5328529e..4b7f6da058 100644
--- a/src/resources/zero-trust/gateway/locations.ts
+++ b/src/resources/zero-trust/gateway/locations.ts
@@ -143,7 +143,7 @@ export interface DOHEndpoint {
    * source IPs are allowed. A non-empty list is only effective if the endpoint is
    * enabled for this location.
    */
-  networks?: Array<IPNetwork>;
+  networks?: Array<IPNetwork> | null;
 
   /**
    * True if the endpoint requires
@@ -164,7 +164,7 @@ export interface DOHEndpointParam {
    * source IPs are allowed. A non-empty list is only effective if the endpoint is
    * enabled for this location.
    */
-  networks?: Array<IPNetworkParam>;
+  networks?: Array<IPNetworkParam> | null;
 
   /**
    * True if the endpoint requires
@@ -185,7 +185,7 @@ export interface DOTEndpoint {
    * source IPs are allowed. A non-empty list is only effective if the endpoint is
    * enabled for this location.
    */
-  networks?: Array<IPNetwork>;
+  networks?: Array<IPNetwork> | null;
 }
 
 export interface DOTEndpointParam {
@@ -199,7 +199,7 @@ export interface DOTEndpointParam {
    * source IPs are allowed. A non-empty list is only effective if the endpoint is
    * enabled for this location.
    */
-  networks?: Array<IPNetworkParam>;
+  networks?: Array<IPNetworkParam> | null;
 }
 
 /**
@@ -208,13 +208,13 @@ export interface DOTEndpointParam {
  * remains unchanged.
  */
 export interface Endpoint {
-  doh?: DOHEndpoint;
+  doh: DOHEndpoint;
 
-  dot?: DOTEndpoint;
+  dot: DOTEndpoint;
 
-  ipv4?: IPV4Endpoint;
+  ipv4: IPV4Endpoint;
 
-  ipv6?: IPV6Endpoint;
+  ipv6: IPV6Endpoint;
 }
 
 /**
@@ -223,13 +223,13 @@ export interface Endpoint {
  * remains unchanged.
  */
 export interface EndpointParam {
-  doh?: DOHEndpointParam;
+  doh: DOHEndpointParam;
 
-  dot?: DOTEndpointParam;
+  dot: DOTEndpointParam;
 
-  ipv4?: IPV4EndpointParam;
+  ipv4: IPV4EndpointParam;
 
-  ipv6?: IPV6EndpointParam;
+  ipv6: IPV6EndpointParam;
 }
 
 export interface IPNetwork {
@@ -271,7 +271,7 @@ export interface IPV6Endpoint {
    * source IPs are allowed. A non-empty list is only effective if the endpoint is
    * enabled for this location.
    */
-  networks?: Array<IPV6Network>;
+  networks?: Array<IPV6Network> | null;
 }
 
 export interface IPV6EndpointParam {
@@ -285,7 +285,7 @@ export interface IPV6EndpointParam {
    * source IPs are allowed. A non-empty list is only effective if the endpoint is
    * enabled for this location.
    */
-  networks?: Array<IPV6NetworkParam>;
+  networks?: Array<IPV6NetworkParam> | null;
 }
 
 export interface IPV6Network {
@@ -320,7 +320,7 @@ export interface Location {
   /**
    * The uuid identifier of the IPv6 block brought to the gateway, so that this
    * location's IPv6 address is allocated from the Bring Your Own Ipv6(BYOIPv6) block
-   * and not from the standard CloudFlare IPv6 block.
+   * and not from the standard Cloudflare IPv6 block.
    */
   dns_destination_ipv6_block_id?: string | null;
 
@@ -340,7 +340,7 @@ export interface Location {
    * location, if this field is absent or set with null, the endpoints configuration
    * remains unchanged.
    */
-  endpoints?: Endpoint;
+  endpoints?: Endpoint | null;
 
   /**
    * IPV6 destination ip assigned to this location. DNS requests sent to this IP will
@@ -371,7 +371,7 @@ export interface Location {
    * A non-empty list is only effective if the ipv4 endpoint is enabled for this
    * location.
    */
-  networks?: Array<Location.Network>;
+  networks?: Array<Location.Network> | null;
 
   updated_at?: string;
 }
@@ -422,14 +422,14 @@ export interface LocationCreateParams {
    * updating a location, if this field is absent or set with null, the endpoints
    * configuration remains unchanged.
    */
-  endpoints?: EndpointParam;
+  endpoints?: EndpointParam | null;
 
   /**
    * Body param: A list of network ranges that requests from this location would
    * originate from. A non-empty list is only effective if the ipv4 endpoint is
    * enabled for this location.
    */
-  networks?: Array<LocationCreateParams.Network>;
+  networks?: Array<LocationCreateParams.Network> | null;
 }
 
 export namespace LocationCreateParams {
@@ -476,14 +476,14 @@ export interface LocationUpdateParams {
    * updating a location, if this field is absent or set with null, the endpoints
    * configuration remains unchanged.
    */
-  endpoints?: EndpointParam;
+  endpoints?: EndpointParam | null;
 
   /**
    * Body param: A list of network ranges that requests from this location would
    * originate from. A non-empty list is only effective if the ipv4 endpoint is
    * enabled for this location.
    */
-  networks?: Array<LocationUpdateParams.Network>;
+  networks?: Array<LocationUpdateParams.Network> | null;
 }
 
 export namespace LocationUpdateParams {
diff --git a/src/resources/zero-trust/gateway/rules.ts b/src/resources/zero-trust/gateway/rules.ts
index ad8e339400..dc3539720c 100644
--- a/src/resources/zero-trust/gateway/rules.ts
+++ b/src/resources/zero-trust/gateway/rules.ts
@@ -265,15 +265,10 @@ export type GatewayFilterParam = 'http' | 'dns' | 'l4' | 'egress' | 'dns_resolve
 
 export interface GatewayRule {
   /**
-   * The API resource UUID.
-   */
-  id?: string;
-
-  /**
-   * The action to preform when the associated traffic, identity, and device posture
+   * The action to perform when the associated traffic, identity, and device posture
    * expressions are either absent or evaluate to `true`.
    */
-  action?:
+  action:
     | 'on'
     | 'off'
     | 'allow'
@@ -291,6 +286,41 @@ export interface GatewayRule {
     | 'quarantine'
     | 'redirect';
 
+  /**
+   * True if the rule is enabled.
+   */
+  enabled: boolean;
+
+  /**
+   * The protocol or layer to evaluate the traffic, identity, and device posture
+   * expressions.
+   */
+  filters: Array<GatewayFilter>;
+
+  /**
+   * The name of the rule.
+   */
+  name: string;
+
+  /**
+   * Precedence sets the order of your rules. Lower values indicate higher
+   * precedence. At each processing phase, applicable rules are evaluated in
+   * ascending order of this value. Refer to
+   * [Order of enforcement](http://developers.cloudflare.com/learning-paths/secure-internet-traffic/understand-policies/order-of-enforcement/#manage-precedence-with-terraform)
+   * docs on how to manage precedence via Terraform.
+   */
+  precedence: number;
+
+  /**
+   * The wirefilter expression used for traffic matching.
+   */
+  traffic: string;
+
+  /**
+   * The API resource UUID.
+   */
+  id?: string;
+
   created_at?: string;
 
   /**
@@ -308,11 +338,6 @@ export interface GatewayRule {
    */
   device_posture?: string;
 
-  /**
-   * True if the rule is enabled.
-   */
-  enabled?: boolean;
-
   /**
    * The expiration time stamp and default duration of a DNS policy. Takes precedence
    * over the policy's `schedule` configuration, if any.
@@ -321,30 +346,20 @@ export interface GatewayRule {
    */
   expiration?: GatewayRule.Expiration | null;
 
-  /**
-   * The protocol or layer to evaluate the traffic, identity, and device posture
-   * expressions.
-   */
-  filters?: Array<GatewayFilter>;
-
   /**
    * The wirefilter expression used for identity matching.
    */
   identity?: string;
 
   /**
-   * The name of the rule.
+   * The rule cannot be shared via the Orgs API
    */
-  name?: string;
+  not_sharable?: boolean;
 
   /**
-   * Precedence sets the order of your rules. Lower values indicate higher
-   * precedence. At each processing phase, applicable rules are evaluated in
-   * ascending order of this value. Refer to
-   * [Order of enforcement](http://developers.cloudflare.com/learning-paths/secure-internet-traffic/understand-policies/order-of-enforcement/#manage-precedence-with-terraform)
-   * docs on how to manage precedence via Terraform.
+   * The rule was shared via the Orgs API and cannot be edited by the current account
    */
-  precedence?: number;
+  read_only?: boolean;
 
   /**
    * Additional settings that modify the rule's action.
@@ -358,9 +373,9 @@ export interface GatewayRule {
   schedule?: Schedule | null;
 
   /**
-   * The wirefilter expression used for traffic matching.
+   * account tag of account that created the rule
    */
-  traffic?: string;
+  source_account?: string;
 
   updated_at?: string;
 
@@ -417,7 +432,7 @@ export interface RuleSetting {
    * Add custom headers to allowed requests, in the form of key-value pairs. Keys are
    * header names, pointing to an array with its header value(s).
    */
-  add_headers?: { [key: string]: string } | null;
+  add_headers?: { [key: string]: Array<string> } | null;
 
   /**
    * Set by parent MSP accounts to enable their children to bypass this rule.
@@ -432,7 +447,7 @@ export interface RuleSetting {
   /**
    * Configure how browser isolation behaves.
    */
-  biso_admin_controls?: RuleSetting.BISOAdminControls | null;
+  biso_admin_controls?: RuleSetting.BISOAdminControls;
 
   /**
    * Custom block page settings. If missing/null, blocking will use the the account
@@ -449,7 +464,7 @@ export interface RuleSetting {
    * The text describing why this block occurred, displayed on the custom block page
    * (if enabled).
    */
-  block_reason?: string;
+  block_reason?: string | null;
 
   /**
    * Set by children MSP accounts to bypass their parent's rules.
@@ -846,7 +861,7 @@ export interface RuleSettingParam {
    * Add custom headers to allowed requests, in the form of key-value pairs. Keys are
    * header names, pointing to an array with its header value(s).
    */
-  add_headers?: { [key: string]: string } | null;
+  add_headers?: { [key: string]: Array<string> } | null;
 
   /**
    * Set by parent MSP accounts to enable their children to bypass this rule.
@@ -861,7 +876,7 @@ export interface RuleSettingParam {
   /**
    * Configure how browser isolation behaves.
    */
-  biso_admin_controls?: RuleSettingParam.BISOAdminControls | null;
+  biso_admin_controls?: RuleSettingParam.BISOAdminControls;
 
   /**
    * Custom block page settings. If missing/null, blocking will use the the account
@@ -878,7 +893,7 @@ export interface RuleSettingParam {
    * The text describing why this block occurred, displayed on the custom block page
    * (if enabled).
    */
-  block_reason?: string;
+  block_reason?: string | null;
 
   /**
    * Set by children MSP accounts to bypass their parent's rules.
@@ -1408,7 +1423,7 @@ export interface RuleCreateParams {
   account_id: string;
 
   /**
-   * Body param: The action to preform when the associated traffic, identity, and
+   * Body param: The action to perform when the associated traffic, identity, and
    * device posture expressions are either absent or evaluate to `true`.
    */
   action:
@@ -1530,7 +1545,7 @@ export interface RuleUpdateParams {
   account_id: string;
 
   /**
-   * Body param: The action to preform when the associated traffic, identity, and
+   * Body param: The action to perform when the associated traffic, identity, and
    * device posture expressions are either absent or evaluate to `true`.
    */
   action:
diff --git a/src/resources/zero-trust/identity-providers/identity-providers.ts b/src/resources/zero-trust/identity-providers/identity-providers.ts
index 40539cd025..b2ee02a43d 100644
--- a/src/resources/zero-trust/identity-providers/identity-providers.ts
+++ b/src/resources/zero-trust/identity-providers/identity-providers.ts
@@ -7,7 +7,7 @@ import * as IdentityProvidersAPI from './identity-providers';
 import * as SCIMAPI from './scim/scim';
 import { SCIM } from './scim/scim';
 import { CloudflareError } from '../../../error';
-import { SinglePage } from '../../../pagination';
+import { V4PagePaginationArray, type V4PagePaginationArrayParams } from '../../../pagination';
 
 export class IdentityProviders extends APIResource {
   scim: SCIMAPI.SCIM = new SCIMAPI.SCIM(this._client);
@@ -118,14 +118,14 @@ export class IdentityProviders extends APIResource {
   list(
     params?: IdentityProviderListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<IdentityProviderListResponsesSinglePage, IdentityProviderListResponse>;
+  ): Core.PagePromise<IdentityProviderListResponsesV4PagePaginationArray, IdentityProviderListResponse>;
   list(
     options?: Core.RequestOptions,
-  ): Core.PagePromise<IdentityProviderListResponsesSinglePage, IdentityProviderListResponse>;
+  ): Core.PagePromise<IdentityProviderListResponsesV4PagePaginationArray, IdentityProviderListResponse>;
   list(
     params: IdentityProviderListParams | Core.RequestOptions = {},
     options?: Core.RequestOptions,
-  ): Core.PagePromise<IdentityProviderListResponsesSinglePage, IdentityProviderListResponse> {
+  ): Core.PagePromise<IdentityProviderListResponsesV4PagePaginationArray, IdentityProviderListResponse> {
     if (isRequestOptions(params)) {
       return this.list({}, params);
     }
@@ -148,7 +148,7 @@ export class IdentityProviders extends APIResource {
         };
     return this._client.getAPIList(
       `/${accountOrZone}/${accountOrZoneId}/access/identity_providers`,
-      IdentityProviderListResponsesSinglePage,
+      IdentityProviderListResponsesV4PagePaginationArray,
       { query, ...options },
     );
   }
@@ -259,7 +259,7 @@ export class IdentityProviders extends APIResource {
   }
 }
 
-export class IdentityProviderListResponsesSinglePage extends SinglePage<IdentityProviderListResponse> {}
+export class IdentityProviderListResponsesV4PagePaginationArray extends V4PagePaginationArray<IdentityProviderListResponse> {}
 
 export interface AzureAD {
   /**
@@ -4689,7 +4689,7 @@ export declare namespace IdentityProviderUpdateParams {
   }
 }
 
-export interface IdentityProviderListParams {
+export interface IdentityProviderListParams extends V4PagePaginationArrayParams {
   /**
    * Path param: The Account ID to use for this endpoint. Mutually exclusive with the
    * Zone ID.
@@ -4733,7 +4733,8 @@ export interface IdentityProviderGetParams {
   zone_id?: string;
 }
 
-IdentityProviders.IdentityProviderListResponsesSinglePage = IdentityProviderListResponsesSinglePage;
+IdentityProviders.IdentityProviderListResponsesV4PagePaginationArray =
+  IdentityProviderListResponsesV4PagePaginationArray;
 IdentityProviders.SCIM = SCIM;
 
 export declare namespace IdentityProviders {
@@ -4745,7 +4746,7 @@ export declare namespace IdentityProviders {
     type IdentityProviderType as IdentityProviderType,
     type IdentityProviderListResponse as IdentityProviderListResponse,
     type IdentityProviderDeleteResponse as IdentityProviderDeleteResponse,
-    IdentityProviderListResponsesSinglePage as IdentityProviderListResponsesSinglePage,
+    IdentityProviderListResponsesV4PagePaginationArray as IdentityProviderListResponsesV4PagePaginationArray,
     type IdentityProviderCreateParams as IdentityProviderCreateParams,
     type IdentityProviderUpdateParams as IdentityProviderUpdateParams,
     type IdentityProviderListParams as IdentityProviderListParams,
diff --git a/src/resources/zero-trust/identity-providers/index.ts b/src/resources/zero-trust/identity-providers/index.ts
index 21b7d4eafa..a254a5fb78 100644
--- a/src/resources/zero-trust/identity-providers/index.ts
+++ b/src/resources/zero-trust/identity-providers/index.ts
@@ -1,7 +1,7 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
 export {
-  IdentityProviderListResponsesSinglePage,
+  IdentityProviderListResponsesV4PagePaginationArray,
   IdentityProviders,
   type AzureAD,
   type GenericOAuthConfig,
diff --git a/src/resources/zero-trust/identity-providers/scim/groups.ts b/src/resources/zero-trust/identity-providers/scim/groups.ts
index c861306ce9..0f16eab6f7 100644
--- a/src/resources/zero-trust/identity-providers/scim/groups.ts
+++ b/src/resources/zero-trust/identity-providers/scim/groups.ts
@@ -3,7 +3,8 @@
 import { APIResource } from '../../../../resource';
 import * as Core from '../../../../core';
 import * as GroupsAPI from '../../access/groups';
-import { ZeroTrustGroupsSinglePage } from '../../access/groups';
+import { ZeroTrustGroupsV4PagePaginationArray } from '../../access/groups';
+import { type V4PagePaginationArrayParams } from '../../../../pagination';
 
 export class Groups extends APIResource {
   /**
@@ -25,17 +26,17 @@ export class Groups extends APIResource {
     identityProviderId: string,
     params: GroupListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<ZeroTrustGroupsSinglePage, GroupsAPI.ZeroTrustGroup> {
+  ): Core.PagePromise<ZeroTrustGroupsV4PagePaginationArray, GroupsAPI.ZeroTrustGroup> {
     const { account_id, ...query } = params;
     return this._client.getAPIList(
       `/accounts/${account_id}/access/identity_providers/${identityProviderId}/scim/groups`,
-      ZeroTrustGroupsSinglePage,
+      ZeroTrustGroupsV4PagePaginationArray,
       { query, ...options },
     );
   }
 }
 
-export interface GroupListParams {
+export interface GroupListParams extends V4PagePaginationArrayParams {
   /**
    * Path param: Identifier.
    */
@@ -63,4 +64,4 @@ export declare namespace Groups {
   export { type GroupListParams as GroupListParams };
 }
 
-export { ZeroTrustGroupsSinglePage };
+export { ZeroTrustGroupsV4PagePaginationArray };
diff --git a/src/resources/zero-trust/identity-providers/scim/users.ts b/src/resources/zero-trust/identity-providers/scim/users.ts
index d707d24bf3..76823e4d45 100644
--- a/src/resources/zero-trust/identity-providers/scim/users.ts
+++ b/src/resources/zero-trust/identity-providers/scim/users.ts
@@ -3,7 +3,8 @@
 import { APIResource } from '../../../../resource';
 import * as Core from '../../../../core';
 import * as UsersAPI from '../../access/users/users';
-import { AccessUsersSinglePage } from '../../access/users/users';
+import { AccessUsersV4PagePaginationArray } from '../../access/users/users';
+import { type V4PagePaginationArrayParams } from '../../../../pagination';
 
 export class Users extends APIResource {
   /**
@@ -25,17 +26,17 @@ export class Users extends APIResource {
     identityProviderId: string,
     params: UserListParams,
     options?: Core.RequestOptions,
-  ): Core.PagePromise<AccessUsersSinglePage, UsersAPI.AccessUser> {
+  ): Core.PagePromise<AccessUsersV4PagePaginationArray, UsersAPI.AccessUser> {
     const { account_id, ...query } = params;
     return this._client.getAPIList(
       `/accounts/${account_id}/access/identity_providers/${identityProviderId}/scim/users`,
-      AccessUsersSinglePage,
+      AccessUsersV4PagePaginationArray,
       { query, ...options },
     );
   }
 }
 
-export interface UserListParams {
+export interface UserListParams extends V4PagePaginationArrayParams {
   /**
    * Path param: Identifier.
    */
@@ -73,4 +74,4 @@ export declare namespace Users {
   export { type UserListParams as UserListParams };
 }
 
-export { AccessUsersSinglePage };
+export { AccessUsersV4PagePaginationArray };
diff --git a/src/resources/zero-trust/index.ts b/src/resources/zero-trust/index.ts
index 44ddba5326..4c4c69ca79 100644
--- a/src/resources/zero-trust/index.ts
+++ b/src/resources/zero-trust/index.ts
@@ -32,7 +32,7 @@ export {
   type GatewayListParams,
 } from './gateway/index';
 export {
-  IdentityProviderListResponsesSinglePage,
+  IdentityProviderListResponsesV4PagePaginationArray,
   IdentityProviders,
   type AzureAD,
   type GenericOAuthConfig,
diff --git a/src/resources/zero-trust/zero-trust.ts b/src/resources/zero-trust/zero-trust.ts
index 8f9551aee7..fd2a007279 100644
--- a/src/resources/zero-trust/zero-trust.ts
+++ b/src/resources/zero-trust/zero-trust.ts
@@ -45,7 +45,7 @@ import {
   IdentityProviderGetParams,
   IdentityProviderListParams,
   IdentityProviderListResponse,
-  IdentityProviderListResponsesSinglePage,
+  IdentityProviderListResponsesV4PagePaginationArray,
   IdentityProviderSCIMConfig,
   IdentityProviderType,
   IdentityProviderUpdateParams,
@@ -102,7 +102,8 @@ export class ZeroTrust extends APIResource {
 ZeroTrust.Devices = Devices;
 ZeroTrust.DevicesSinglePage = DevicesSinglePage;
 ZeroTrust.IdentityProviders = IdentityProviders;
-ZeroTrust.IdentityProviderListResponsesSinglePage = IdentityProviderListResponsesSinglePage;
+ZeroTrust.IdentityProviderListResponsesV4PagePaginationArray =
+  IdentityProviderListResponsesV4PagePaginationArray;
 ZeroTrust.Organizations = Organizations;
 ZeroTrust.Seats = Seats;
 ZeroTrust.SeatsSinglePage = SeatsSinglePage;
@@ -135,7 +136,7 @@ export declare namespace ZeroTrust {
     type IdentityProviderType as IdentityProviderType,
     type IdentityProviderListResponse as IdentityProviderListResponse,
     type IdentityProviderDeleteResponse as IdentityProviderDeleteResponse,
-    IdentityProviderListResponsesSinglePage as IdentityProviderListResponsesSinglePage,
+    IdentityProviderListResponsesV4PagePaginationArray as IdentityProviderListResponsesV4PagePaginationArray,
     type IdentityProviderCreateParams as IdentityProviderCreateParams,
     type IdentityProviderUpdateParams as IdentityProviderUpdateParams,
     type IdentityProviderListParams as IdentityProviderListParams,
diff --git a/src/resources/zones/custom-nameservers.ts b/src/resources/zones/custom-nameservers.ts
index a24f5a3e4a..d5374a1553 100644
--- a/src/resources/zones/custom-nameservers.ts
+++ b/src/resources/zones/custom-nameservers.ts
@@ -2,7 +2,6 @@
 
 import { APIResource } from '../../resource';
 import * as Core from '../../core';
-import * as Shared from '../shared';
 import { SinglePage } from '../../pagination';
 
 /**
@@ -58,12 +57,12 @@ export class CustomNameserverUpdateResponsesSinglePage extends SinglePage<Custom
 export type CustomNameserverUpdateResponse = string;
 
 export interface CustomNameserverGetResponse {
-  errors: Array<Shared.ResponseInfo>;
+  errors: Array<CustomNameserverGetResponse.Error>;
 
-  messages: Array<Shared.ResponseInfo>;
+  messages: Array<CustomNameserverGetResponse.Message>;
 
   /**
-   * Whether the API call was successful
+   * Whether the API call was successful.
    */
   success: true;
 
@@ -81,24 +80,56 @@ export interface CustomNameserverGetResponse {
 }
 
 export namespace CustomNameserverGetResponse {
+  export interface Error {
+    code: number;
+
+    message: string;
+
+    documentation_url?: string;
+
+    source?: Error.Source;
+  }
+
+  export namespace Error {
+    export interface Source {
+      pointer?: string;
+    }
+  }
+
+  export interface Message {
+    code: number;
+
+    message: string;
+
+    documentation_url?: string;
+
+    source?: Message.Source;
+  }
+
+  export namespace Message {
+    export interface Source {
+      pointer?: string;
+    }
+  }
+
   export interface ResultInfo {
     /**
-     * Total number of results for the requested service
+     * Total number of results for the requested service.
      */
     count?: number;
 
     /**
-     * Current page within paginated list of results
+     * Current page within paginated list of results.
      */
     page?: number;
 
     /**
-     * Number of results per page of results
+     * Number of results per page of results.
      */
     per_page?: number;
 
     /**
-     * Total results available without any search parameters
+     * Total results available without any search parameters.
      */
     total_count?: number;
   }
@@ -106,7 +137,7 @@ export namespace CustomNameserverGetResponse {
 
 export interface CustomNameserverUpdateParams {
   /**
-   * Path param: Identifier
+   * Path param: Identifier.
    */
   zone_id: string;
 
@@ -123,7 +154,7 @@ export interface CustomNameserverUpdateParams {
 
 export interface CustomNameserverGetParams {
   /**
-   * Identifier
+   * Identifier.
    */
   zone_id: string;
 }
diff --git a/src/version.ts b/src/version.ts
index dc414ab9ea..b04b2bd0c8 100644
--- a/src/version.ts
+++ b/src/version.ts
@@ -1 +1 @@
-export const VERSION = '4.5.0'; // x-release-please-version
+export const VERSION = '4.6.0'; // x-release-please-version
diff --git a/tests/api-resources/abuse-reports.test.ts b/tests/api-resources/abuse-reports.test.ts
index dba90c7f42..77af5bcdfb 100644
--- a/tests/api-resources/abuse-reports.test.ts
+++ b/tests/api-resources/abuse-reports.test.ts
@@ -12,12 +12,22 @@ const client = new Cloudflare({
 describe('resource abuseReports', () => {
   // TODO: investigate unauthorized HTTP response
   test.skip('create: only required params', async () => {
-    const responsePromise = client.abuseReports.create('abuse_general', {
+    const responsePromise = client.abuseReports.create('report_type', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      act: 'abuse_general',
+      act: 'abuse_dmca',
+      address1: 'x',
+      agent_name: 'x',
+      agree: 1,
+      city: 'x',
+      country: 'x',
       email: 'email',
       email2: 'email2',
+      host_notification: 'send',
       name: 'x',
+      original_work: 'x',
+      owner_notification: 'send',
+      signature: 'signature',
+      state: 'x',
       urls: 'urls',
     });
     const rawResponse = await responsePromise.asResponse();
@@ -31,38 +41,29 @@ describe('resource abuseReports', () => {
 
   // TODO: investigate unauthorized HTTP response
   test.skip('create: required and optional params', async () => {
-    const response = await client.abuseReports.create('abuse_general', {
+    const response = await client.abuseReports.create('report_type', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      act: 'abuse_general',
-      email: 'email',
-      email2: 'email2',
-      name: 'x',
-      urls: 'urls',
+      act: 'abuse_dmca',
       address1: 'x',
       agent_name: 'x',
-      agree: 0,
+      agree: 1,
       city: 'x',
-      comments: 'x',
-      company: 'x',
       country: 'x',
-      destination_ips: 'destination_ips',
+      email: 'email',
+      email2: 'email2',
       host_notification: 'send',
-      justification: 'x',
-      ncmec_notification: 'send',
-      ncsei_subject_representation: true,
+      name: 'x',
       original_work: 'x',
       owner_notification: 'send',
-      ports_protocols: 'ports_protocols',
-      reported_country: 'xx',
-      reported_user_agent: 'x',
       signature: 'signature',
-      source_ips: 'source_ips',
       state: 'x',
+      urls: 'urls',
+      comments: 'x',
+      company: 'x',
+      reported_country: 'xx',
+      reported_user_agent: 'x',
       tele: 'x',
       title: 'x',
-      trademark_number: 'x',
-      trademark_office: 'x',
-      trademark_symbol: 'x',
     });
   });
 });
diff --git a/tests/api-resources/addressing/prefixes/bgp-prefixes.test.ts b/tests/api-resources/addressing/prefixes/bgp-prefixes.test.ts
index f9e50f1d0b..3dad394acf 100644
--- a/tests/api-resources/addressing/prefixes/bgp-prefixes.test.ts
+++ b/tests/api-resources/addressing/prefixes/bgp-prefixes.test.ts
@@ -72,8 +72,8 @@ describe('resource bgpPrefixes', () => {
       {
         account_id: '258def64c72dae45f3e4c8516e2111f2',
         asn_prepend_count: 2,
+        auto_advertise_withdraw: true,
         on_demand: { advertised: true },
-        withdraw_if_no_route: true,
       },
     );
   });
diff --git a/tests/api-resources/addressing/regional-hostnames/regional-hostnames.test.ts b/tests/api-resources/addressing/regional-hostnames/regional-hostnames.test.ts
index 02207fae28..0652d2bfad 100644
--- a/tests/api-resources/addressing/regional-hostnames/regional-hostnames.test.ts
+++ b/tests/api-resources/addressing/regional-hostnames/regional-hostnames.test.ts
@@ -30,7 +30,7 @@ describe('resource regionalHostnames', () => {
       zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
       hostname: 'foo.example.com',
       region_key: 'ca',
-      routing: 'routing',
+      routing: 'dns',
     });
   });
 
diff --git a/tests/api-resources/ai-gateway/ai-gateway.test.ts b/tests/api-resources/ai-gateway/ai-gateway.test.ts
index fdb863542c..2b8f9cbe5c 100644
--- a/tests/api-resources/ai-gateway/ai-gateway.test.ts
+++ b/tests/api-resources/ai-gateway/ai-gateway.test.ts
@@ -81,6 +81,7 @@ describe('resource aiGateway', () => {
       log_management_strategy: 'STOP_INSERTING',
       logpush: true,
       logpush_public_key: 'xxxxxxxxxxxxxxxx',
+      store_id: 'store_id',
     });
   });
 
diff --git a/tests/api-resources/bot-management.test.ts b/tests/api-resources/bot-management.test.ts
index 28d4e1ca3a..1d2e90cbde 100644
--- a/tests/api-resources/bot-management.test.ts
+++ b/tests/api-resources/bot-management.test.ts
@@ -28,6 +28,7 @@ describe('resource botManagement', () => {
       crawler_protection: 'enabled',
       enable_js: true,
       fight_mode: true,
+      is_robots_txt_managed: true,
     });
   });
 
diff --git a/tests/api-resources/brand-protection/brand-protection.test.ts b/tests/api-resources/brand-protection/brand-protection.test.ts
index e971478004..fe88039f53 100644
--- a/tests/api-resources/brand-protection/brand-protection.test.ts
+++ b/tests/api-resources/brand-protection/brand-protection.test.ts
@@ -10,8 +10,9 @@ const client = new Cloudflare({
 });
 
 describe('resource brandProtection', () => {
-  test('submit: only required params', async () => {
-    const responsePromise = client.brandProtection.submit({ account_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+  // TODO: investigate broken test
+  test.skip('submit: only required params', async () => {
+    const responsePromise = client.brandProtection.submit({ account_id: 'x' });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -21,17 +22,14 @@ describe('resource brandProtection', () => {
     expect(dataAndResponse.response).toBe(rawResponse);
   });
 
-  test('submit: required and optional params', async () => {
-    const response = await client.brandProtection.submit({
-      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      url: 'https://www.cloudflare.com',
-    });
+  // TODO: investigate broken test
+  test.skip('submit: required and optional params', async () => {
+    const response = await client.brandProtection.submit({ account_id: 'x' });
   });
 
-  test('urlInfo: only required params', async () => {
-    const responsePromise = client.brandProtection.urlInfo({
-      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-    });
+  // TODO: investigate broken test
+  test.skip('urlInfo: only required params', async () => {
+    const responsePromise = client.brandProtection.urlInfo({ account_id: 'x' });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -41,11 +39,8 @@ describe('resource brandProtection', () => {
     expect(dataAndResponse.response).toBe(rawResponse);
   });
 
-  test('urlInfo: required and optional params', async () => {
-    const response = await client.brandProtection.urlInfo({
-      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      url: ['string'],
-      url_id: [0],
-    });
+  // TODO: investigate broken test
+  test.skip('urlInfo: required and optional params', async () => {
+    const response = await client.brandProtection.urlInfo({ account_id: 'x' });
   });
 });
diff --git a/tests/api-resources/brand-protection/logo-matches.test.ts b/tests/api-resources/brand-protection/logo-matches.test.ts
new file mode 100644
index 0000000000..dde68dc984
--- /dev/null
+++ b/tests/api-resources/brand-protection/logo-matches.test.ts
@@ -0,0 +1,56 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource logoMatches', () => {
+  // TODO: investigate broken test, 401 Unauthorized error
+  test.skip('download: only required params', async () => {
+    const responsePromise = client.brandProtection.logoMatches.download({ account_id: 'x' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized error
+  test.skip('download: required and optional params', async () => {
+    const response = await client.brandProtection.logoMatches.download({
+      account_id: 'x',
+      limit: 'limit',
+      logo_id: ['string'],
+      offset: 'offset',
+    });
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized error
+  test.skip('get: only required params', async () => {
+    const responsePromise = client.brandProtection.logoMatches.get({ account_id: 'x' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized error
+  test.skip('get: required and optional params', async () => {
+    const response = await client.brandProtection.logoMatches.get({
+      account_id: 'x',
+      limit: 'limit',
+      logo_id: ['string'],
+      offset: 'offset',
+    });
+  });
+});
diff --git a/tests/api-resources/brand-protection/logos.test.ts b/tests/api-resources/brand-protection/logos.test.ts
new file mode 100644
index 0000000000..a8c6d50b64
--- /dev/null
+++ b/tests/api-resources/brand-protection/logos.test.ts
@@ -0,0 +1,52 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare, { toFile } from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource logos', () => {
+  // TODO: investigate broken test, 422 Unprocessable Entity
+  test.skip('create: only required params', async () => {
+    const responsePromise = client.brandProtection.logos.create({ account_id: 'x' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: investigate broken test, 422 Unprocessable Entity
+  test.skip('create: required and optional params', async () => {
+    const response = await client.brandProtection.logos.create({
+      account_id: 'x',
+      match_type: 'match_type',
+      tag: 'tag',
+      threshold: 0,
+      image: await toFile(Buffer.from('# my file contents'), 'README.md'),
+    });
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized error
+  test.skip('delete: only required params', async () => {
+    const responsePromise = client.brandProtection.logos.delete('x', { account_id: 'x' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized error
+  test.skip('delete: required and optional params', async () => {
+    const response = await client.brandProtection.logos.delete('x', { account_id: 'x' });
+  });
+});
diff --git a/tests/api-resources/brand-protection/matches.test.ts b/tests/api-resources/brand-protection/matches.test.ts
new file mode 100644
index 0000000000..d042fed02a
--- /dev/null
+++ b/tests/api-resources/brand-protection/matches.test.ts
@@ -0,0 +1,58 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource matches', () => {
+  // TODO: investigate broken test, 401 Unauthorized
+  test.skip('download: only required params', async () => {
+    const responsePromise = client.brandProtection.matches.download({ account_id: 'x' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized
+  test.skip('download: required and optional params', async () => {
+    const response = await client.brandProtection.matches.download({
+      account_id: 'x',
+      id: 'id',
+      include_domain_id: true,
+      limit: 0,
+      offset: 0,
+    });
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized
+  test.skip('get: only required params', async () => {
+    const responsePromise = client.brandProtection.matches.get({ account_id: 'x' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized
+  test.skip('get: required and optional params', async () => {
+    const response = await client.brandProtection.matches.get({
+      account_id: 'x',
+      id: 'id',
+      include_domain_id: true,
+      limit: 0,
+      offset: 0,
+    });
+  });
+});
diff --git a/tests/api-resources/brand-protection/queries.test.ts b/tests/api-resources/brand-protection/queries.test.ts
new file mode 100644
index 0000000000..eebdec0918
--- /dev/null
+++ b/tests/api-resources/brand-protection/queries.test.ts
@@ -0,0 +1,61 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource queries', () => {
+  // TODO: investigate broken test, 401 Unauthorized
+  test.skip('create: only required params', async () => {
+    const responsePromise = client.brandProtection.queries.create({ account_id: 'x' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized
+  test.skip('create: required and optional params', async () => {
+    const response = await client.brandProtection.queries.create({
+      account_id: 'x',
+      id: 'id',
+      query_scan: true,
+      query_tag: 'tag',
+      max_time: '2019-12-27T18:11:19.117Z',
+      min_time: '2019-12-27T18:11:19.117Z',
+      body_scan: true,
+      string_matches: {},
+      body_tag: 'tag',
+    });
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized
+  test.skip('delete: only required params', async () => {
+    const responsePromise = client.brandProtection.queries.delete({ account_id: 'x' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: investigate broken test, 401 Unauthorized
+  test.skip('delete: required and optional params', async () => {
+    const response = await client.brandProtection.queries.delete({
+      account_id: 'x',
+      id: 'id',
+      scan: true,
+      tag: 'tag',
+    });
+  });
+});
diff --git a/tests/api-resources/browser-rendering/json.test.ts b/tests/api-resources/browser-rendering/json.test.ts
index 9443f79ae3..d7317f73a1 100644
--- a/tests/api-resources/browser-rendering/json.test.ts
+++ b/tests/api-resources/browser-rendering/json.test.ts
@@ -50,6 +50,7 @@ describe('resource json', () => {
           url: 'url',
         },
       ],
+      custom_ai: [{ authorization: 'authorization', model: 'model' }],
       emulateMediaType: 'emulateMediaType',
       gotoOptions: {
         referer: 'referer',
diff --git a/tests/api-resources/cache/cache.test.ts b/tests/api-resources/cache/cache.test.ts
index c46b109ff9..5604143ce9 100644
--- a/tests/api-resources/cache/cache.test.ts
+++ b/tests/api-resources/cache/cache.test.ts
@@ -11,7 +11,7 @@ const client = new Cloudflare({
 
 describe('resource cache', () => {
   test('purge: only required params', async () => {
-    const responsePromise = client.cache.purge({ zone_id: 'zone_id' });
+    const responsePromise = client.cache.purge({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -23,7 +23,7 @@ describe('resource cache', () => {
 
   test('purge: required and optional params', async () => {
     const response = await client.cache.purge({
-      zone_id: 'zone_id',
+      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
       tags: ['a-cache-tag', 'another-cache-tag'],
     });
   });
diff --git a/tests/api-resources/cloudforce-one/binary-storage.test.ts b/tests/api-resources/cloudforce-one/binary-storage.test.ts
new file mode 100644
index 0000000000..4b65a1fe8a
--- /dev/null
+++ b/tests/api-resources/cloudforce-one/binary-storage.test.ts
@@ -0,0 +1,52 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare, { toFile } from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource binaryStorage', () => {
+  // TODO: HTTP 401 from prism
+  test.skip('create: only required params', async () => {
+    const responsePromise = client.cloudforceOne.binaryStorage.create({
+      account_id: 'account_id',
+      file: await toFile(Buffer.from('# my file contents'), 'README.md'),
+    });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: HTTP 401 from prism
+  test.skip('create: required and optional params', async () => {
+    const response = await client.cloudforceOne.binaryStorage.create({
+      account_id: 'account_id',
+      file: await toFile(Buffer.from('# my file contents'), 'README.md'),
+    });
+  });
+
+  // TODO: HTTP 401 from prism
+  test.skip('get: only required params', async () => {
+    const responsePromise = client.cloudforceOne.binaryStorage.get('hash', { account_id: 'account_id' });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  // TODO: HTTP 401 from prism
+  test.skip('get: required and optional params', async () => {
+    const response = await client.cloudforceOne.binaryStorage.get('hash', { account_id: 'account_id' });
+  });
+});
diff --git a/tests/api-resources/cloudforce-one/threat-events/insights.test.ts b/tests/api-resources/cloudforce-one/threat-events/insights.test.ts
deleted file mode 100644
index 1b503085e8..0000000000
--- a/tests/api-resources/cloudforce-one/threat-events/insights.test.ts
+++ /dev/null
@@ -1,100 +0,0 @@
-// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
-
-import Cloudflare from 'cloudflare';
-import { Response } from 'node-fetch';
-
-const client = new Cloudflare({
-  apiKey: '144c9defac04969c7bfad8efaa8ea194',
-  apiEmail: 'user@example.com',
-  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
-});
-
-describe('resource insights', () => {
-  // TODO: HTTP 401 from prism
-  test.skip('create: only required params', async () => {
-    const responsePromise = client.cloudforceOne.threatEvents.insights.create('event_id', {
-      account_id: 'account_id',
-      content: 'Here is some additional context _in markdown_',
-    });
-    const rawResponse = await responsePromise.asResponse();
-    expect(rawResponse).toBeInstanceOf(Response);
-    const response = await responsePromise;
-    expect(response).not.toBeInstanceOf(Response);
-    const dataAndResponse = await responsePromise.withResponse();
-    expect(dataAndResponse.data).toBe(response);
-    expect(dataAndResponse.response).toBe(rawResponse);
-  });
-
-  // TODO: HTTP 401 from prism
-  test.skip('create: required and optional params', async () => {
-    const response = await client.cloudforceOne.threatEvents.insights.create('event_id', {
-      account_id: 'account_id',
-      content: 'Here is some additional context _in markdown_',
-    });
-  });
-
-  // TODO: HTTP 401 from prism
-  test.skip('delete: only required params', async () => {
-    const responsePromise = client.cloudforceOne.threatEvents.insights.delete('event_id', 'insight_id', {
-      account_id: 'account_id',
-    });
-    const rawResponse = await responsePromise.asResponse();
-    expect(rawResponse).toBeInstanceOf(Response);
-    const response = await responsePromise;
-    expect(response).not.toBeInstanceOf(Response);
-    const dataAndResponse = await responsePromise.withResponse();
-    expect(dataAndResponse.data).toBe(response);
-    expect(dataAndResponse.response).toBe(rawResponse);
-  });
-
-  // TODO: HTTP 401 from prism
-  test.skip('delete: required and optional params', async () => {
-    const response = await client.cloudforceOne.threatEvents.insights.delete('event_id', 'insight_id', {
-      account_id: 'account_id',
-    });
-  });
-
-  // TODO: HTTP 401 from prism
-  test.skip('edit: only required params', async () => {
-    const responsePromise = client.cloudforceOne.threatEvents.insights.edit('event_id', 'insight_id', {
-      account_id: 'account_id',
-      content: 'Updated: Here is some additional context _in markdown_',
-    });
-    const rawResponse = await responsePromise.asResponse();
-    expect(rawResponse).toBeInstanceOf(Response);
-    const response = await responsePromise;
-    expect(response).not.toBeInstanceOf(Response);
-    const dataAndResponse = await responsePromise.withResponse();
-    expect(dataAndResponse.data).toBe(response);
-    expect(dataAndResponse.response).toBe(rawResponse);
-  });
-
-  // TODO: HTTP 401 from prism
-  test.skip('edit: required and optional params', async () => {
-    const response = await client.cloudforceOne.threatEvents.insights.edit('event_id', 'insight_id', {
-      account_id: 'account_id',
-      content: 'Updated: Here is some additional context _in markdown_',
-    });
-  });
-
-  // TODO: HTTP 401 from prism
-  test.skip('get: only required params', async () => {
-    const responsePromise = client.cloudforceOne.threatEvents.insights.get('event_id', 'insight_id', {
-      account_id: 'account_id',
-    });
-    const rawResponse = await responsePromise.asResponse();
-    expect(rawResponse).toBeInstanceOf(Response);
-    const response = await responsePromise;
-    expect(response).not.toBeInstanceOf(Response);
-    const dataAndResponse = await responsePromise.withResponse();
-    expect(dataAndResponse.data).toBe(response);
-    expect(dataAndResponse.response).toBe(rawResponse);
-  });
-
-  // TODO: HTTP 401 from prism
-  test.skip('get: required and optional params', async () => {
-    const response = await client.cloudforceOne.threatEvents.insights.get('event_id', 'insight_id', {
-      account_id: 'account_id',
-    });
-  });
-});
diff --git a/tests/api-resources/cloudforce-one/threat-events/threat-events.test.ts b/tests/api-resources/cloudforce-one/threat-events/threat-events.test.ts
index 6e9fdf6100..83816e42ed 100644
--- a/tests/api-resources/cloudforce-one/threat-events/threat-events.test.ts
+++ b/tests/api-resources/cloudforce-one/threat-events/threat-events.test.ts
@@ -170,6 +170,8 @@ describe('resource threatEvents', () => {
       event: 'An attacker registered the domain domain.com',
       indicator: 'domain2.com',
       indicatorType: 'sha256',
+      insight: 'new insight',
+      raw: { data: { foo: 'bar' }, source: 'example.com', tlp: 'amber' },
       targetCountry: 'US',
       targetIndustry: 'Insurance',
       tlp: 'amber',
diff --git a/tests/api-resources/custom-pages.test.ts b/tests/api-resources/custom-pages.test.ts
index 515f099bbb..d0d2db4f44 100644
--- a/tests/api-resources/custom-pages.test.ts
+++ b/tests/api-resources/custom-pages.test.ts
@@ -11,7 +11,7 @@ const client = new Cloudflare({
 
 describe('resource customPages', () => {
   test('update: only required params', async () => {
-    const responsePromise = client.customPages.update('023e105f4ecef8ad9ca31a8372d0c353', {
+    const responsePromise = client.customPages.update('ratelimit_block', {
       state: 'default',
       url: 'http://www.example.com',
       account_id: 'account_id',
@@ -26,7 +26,7 @@ describe('resource customPages', () => {
   });
 
   test('update: required and optional params', async () => {
-    const response = await client.customPages.update('023e105f4ecef8ad9ca31a8372d0c353', {
+    const response = await client.customPages.update('ratelimit_block', {
       state: 'default',
       url: 'http://www.example.com',
       account_id: 'account_id',
@@ -45,9 +45,7 @@ describe('resource customPages', () => {
   });
 
   test('get', async () => {
-    const responsePromise = client.customPages.get('023e105f4ecef8ad9ca31a8372d0c353', {
-      account_id: 'account_id',
-    });
+    const responsePromise = client.customPages.get('ratelimit_block', { account_id: 'account_id' });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
diff --git a/tests/api-resources/diagnostics/endpoint-healthchecks.test.ts b/tests/api-resources/diagnostics/endpoint-healthchecks.test.ts
new file mode 100644
index 0000000000..0f501fea66
--- /dev/null
+++ b/tests/api-resources/diagnostics/endpoint-healthchecks.test.ts
@@ -0,0 +1,123 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource endpointHealthchecks', () => {
+  test('create: only required params', async () => {
+    const responsePromise = client.diagnostics.endpointHealthchecks.create({
+      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      check_type: 'icmp',
+      endpoint: '203.0.113.1',
+    });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('create: required and optional params', async () => {
+    const response = await client.diagnostics.endpointHealthchecks.create({
+      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      check_type: 'icmp',
+      endpoint: '203.0.113.1',
+      name: 'My Endpoint',
+    });
+  });
+
+  test('update: only required params', async () => {
+    const responsePromise = client.diagnostics.endpointHealthchecks.update(
+      'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353', check_type: 'icmp', endpoint: '203.0.113.1' },
+    );
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('update: required and optional params', async () => {
+    const response = await client.diagnostics.endpointHealthchecks.update(
+      'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+      {
+        account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+        check_type: 'icmp',
+        endpoint: '203.0.113.1',
+        name: 'My Endpoint',
+      },
+    );
+  });
+
+  test('list: only required params', async () => {
+    const responsePromise = client.diagnostics.endpointHealthchecks.list({
+      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('list: required and optional params', async () => {
+    const response = await client.diagnostics.endpointHealthchecks.list({
+      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    });
+  });
+
+  test('delete: only required params', async () => {
+    const responsePromise = client.diagnostics.endpointHealthchecks.delete(
+      'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('delete: required and optional params', async () => {
+    const response = await client.diagnostics.endpointHealthchecks.delete(
+      'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
+  });
+
+  test('get: only required params', async () => {
+    const responsePromise = client.diagnostics.endpointHealthchecks.get(
+      'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('get: required and optional params', async () => {
+    const response = await client.diagnostics.endpointHealthchecks.get(
+      'f174e90a-fafe-4643-bbbc-4a0ed4fc8415',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
+  });
+});
diff --git a/tests/api-resources/durable-objects/namespaces/namespaces.test.ts b/tests/api-resources/durable-objects/namespaces/namespaces.test.ts
index 42e52d5807..ebb748d3f9 100644
--- a/tests/api-resources/durable-objects/namespaces/namespaces.test.ts
+++ b/tests/api-resources/durable-objects/namespaces/namespaces.test.ts
@@ -26,6 +26,8 @@ describe('resource namespaces', () => {
   test('list: required and optional params', async () => {
     const response = await client.durableObjects.namespaces.list({
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      page: 1,
+      per_page: 1,
     });
   });
 });
diff --git a/tests/api-resources/email-security/investigate/investigate.test.ts b/tests/api-resources/email-security/investigate/investigate.test.ts
index d1be643f53..241f4a3656 100644
--- a/tests/api-resources/email-security/investigate/investigate.test.ts
+++ b/tests/api-resources/email-security/investigate/investigate.test.ts
@@ -41,6 +41,7 @@ describe('resource investigate', () => {
       recipient: 'recipient',
       sender: 'sender',
       start: '2019-12-27T18:11:19.117Z',
+      subject: 'subject',
     });
   });
 
diff --git a/tests/api-resources/email-security/investigate/reclassify.test.ts b/tests/api-resources/email-security/investigate/reclassify.test.ts
index bb721e52bb..cce8ae36ef 100644
--- a/tests/api-resources/email-security/investigate/reclassify.test.ts
+++ b/tests/api-resources/email-security/investigate/reclassify.test.ts
@@ -29,6 +29,7 @@ describe('resource reclassify', () => {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       expected_disposition: 'NONE',
       eml_content: 'eml_content',
+      escalated_submission_id: 'escalated_submission_id',
     });
   });
 });
diff --git a/tests/api-resources/email-security/settings/allow-policies.test.ts b/tests/api-resources/email-security/settings/allow-policies.test.ts
index a9b6aa9da2..2f75c20ef6 100644
--- a/tests/api-resources/email-security/settings/allow-policies.test.ts
+++ b/tests/api-resources/email-security/settings/allow-policies.test.ts
@@ -72,6 +72,7 @@ describe('resource allowPolicies', () => {
       is_trusted_sender: true,
       order: 'pattern',
       page: 1,
+      pattern: 'pattern',
       pattern_type: 'EMAIL',
       per_page: 1,
       search: 'search',
diff --git a/tests/api-resources/email-security/settings/block-senders.test.ts b/tests/api-resources/email-security/settings/block-senders.test.ts
index 9188c89aca..a96b78ba94 100644
--- a/tests/api-resources/email-security/settings/block-senders.test.ts
+++ b/tests/api-resources/email-security/settings/block-senders.test.ts
@@ -55,6 +55,7 @@ describe('resource blockSenders', () => {
       direction: 'asc',
       order: 'pattern',
       page: 1,
+      pattern: 'pattern',
       pattern_type: 'EMAIL',
       per_page: 1,
       search: 'search',
diff --git a/tests/api-resources/email-security/settings/trusted-domains.test.ts b/tests/api-resources/email-security/settings/trusted-domains.test.ts
index b0012161f3..177f8168a2 100644
--- a/tests/api-resources/email-security/settings/trusted-domains.test.ts
+++ b/tests/api-resources/email-security/settings/trusted-domains.test.ts
@@ -61,6 +61,7 @@ describe('resource trustedDomains', () => {
       is_similarity: true,
       order: 'pattern',
       page: 1,
+      pattern: 'pattern',
       per_page: 1,
       search: 'search',
     });
diff --git a/tests/api-resources/email-security/submissions.test.ts b/tests/api-resources/email-security/submissions.test.ts
index 99bea4b4d5..8175013af4 100644
--- a/tests/api-resources/email-security/submissions.test.ts
+++ b/tests/api-resources/email-security/submissions.test.ts
@@ -34,6 +34,7 @@ describe('resource submissions', () => {
       query: 'query',
       requested_disposition: 'MALICIOUS',
       start: '2019-12-27T18:11:19.117Z',
+      status: 'status',
       submission_id: 'submission_id',
       type: 'TEAM',
     });
diff --git a/tests/api-resources/filters.test.ts b/tests/api-resources/filters.test.ts
index 4378b9ee73..7bcf42a6e9 100644
--- a/tests/api-resources/filters.test.ts
+++ b/tests/api-resources/filters.test.ts
@@ -14,8 +14,7 @@ describe('resource filters', () => {
   test.skip('create: only required params', async () => {
     const responsePromise = client.filters.create({
       zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      expression:
-        '(http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path ~ ".*xmlrpc.php") and ip.addr ne 172.16.22.155',
+      body: [{}],
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -30,8 +29,15 @@ describe('resource filters', () => {
   test.skip('create: required and optional params', async () => {
     const response = await client.filters.create({
       zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      expression:
-        '(http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path ~ ".*xmlrpc.php") and ip.addr ne 172.16.22.155',
+      body: [
+        {
+          description: 'Restrict access from these browsers on this address range.',
+          expression:
+            '(http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path ~ ".*xmlrpc.php") and ip.addr ne 172.16.22.155',
+          paused: false,
+          ref: 'FIL-100',
+        },
+      ],
     });
   });
 
@@ -39,7 +45,6 @@ describe('resource filters', () => {
   test.skip('update: only required params', async () => {
     const responsePromise = client.filters.update('372e67954025e0ba6aaa6d586b9e0b61', {
       zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      body: {},
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -54,7 +59,11 @@ describe('resource filters', () => {
   test.skip('update: required and optional params', async () => {
     const response = await client.filters.update('372e67954025e0ba6aaa6d586b9e0b61', {
       zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      body: {},
+      description: 'Restrict access from these browsers on this address range.',
+      expression:
+        '(http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path ~ ".*xmlrpc.php") and ip.addr ne 172.16.22.155',
+      paused: false,
+      ref: 'FIL-100',
     });
   });
 
@@ -102,7 +111,10 @@ describe('resource filters', () => {
   });
 
   test('bulkDelete: only required params', async () => {
-    const responsePromise = client.filters.bulkDelete({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const responsePromise = client.filters.bulkDelete({
+      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      id: ['372e67954025e0ba6aaa6d586b9e0b61'],
+    });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -113,12 +125,18 @@ describe('resource filters', () => {
   });
 
   test('bulkDelete: required and optional params', async () => {
-    const response = await client.filters.bulkDelete({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const response = await client.filters.bulkDelete({
+      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      id: ['372e67954025e0ba6aaa6d586b9e0b61'],
+    });
   });
 
   // TODO: investigate broken test
   test.skip('bulkUpdate: only required params', async () => {
-    const responsePromise = client.filters.bulkUpdate({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const responsePromise = client.filters.bulkUpdate({
+      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      body: [{}],
+    });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -130,7 +148,18 @@ describe('resource filters', () => {
 
   // TODO: investigate broken test
   test.skip('bulkUpdate: required and optional params', async () => {
-    const response = await client.filters.bulkUpdate({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const response = await client.filters.bulkUpdate({
+      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      body: [
+        {
+          description: 'Restrict access from these browsers on this address range.',
+          expression:
+            '(http.request.uri.path ~ ".*wp-login.php" or http.request.uri.path ~ ".*xmlrpc.php") and ip.addr ne 172.16.22.155',
+          paused: false,
+          ref: 'FIL-100',
+        },
+      ],
+    });
   });
 
   test('get: only required params', async () => {
diff --git a/tests/api-resources/images/v1/v1.test.ts b/tests/api-resources/images/v1/v1.test.ts
index ba9a063400..870ee3171d 100644
--- a/tests/api-resources/images/v1/v1.test.ts
+++ b/tests/api-resources/images/v1/v1.test.ts
@@ -27,6 +27,7 @@ describe('resource v1', () => {
     const response = await client.images.v1.create({
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       id: 'id',
+      creator: 'creator',
       file: await toFile(Buffer.from('# my file contents'), 'README.md'),
       metadata: {},
       requireSignedURLs: true,
@@ -48,6 +49,7 @@ describe('resource v1', () => {
   test('list: required and optional params', async () => {
     const response = await client.images.v1.list({
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      creator: 'creator',
       page: 1,
       per_page: 10,
     });
@@ -88,6 +90,7 @@ describe('resource v1', () => {
   test('edit: required and optional params', async () => {
     const response = await client.images.v1.edit('image_id', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      creator: 'creator',
       metadata: {},
       requireSignedURLs: true,
     });
diff --git a/tests/api-resources/images/v2/direct-uploads.test.ts b/tests/api-resources/images/v2/direct-uploads.test.ts
index 7322e2c265..5496076bff 100644
--- a/tests/api-resources/images/v2/direct-uploads.test.ts
+++ b/tests/api-resources/images/v2/direct-uploads.test.ts
@@ -29,6 +29,7 @@ describe('resource directUploads', () => {
     const response = await client.images.v2.directUploads.create({
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       id: 'this/is/my-customid',
+      creator: 'creator',
       expiry: '2021-01-02T02:20:00Z',
       metadata: {},
       requireSignedURLs: true,
diff --git a/tests/api-resources/images/v2/v2.test.ts b/tests/api-resources/images/v2/v2.test.ts
index 4ab436dde7..f024297c79 100644
--- a/tests/api-resources/images/v2/v2.test.ts
+++ b/tests/api-resources/images/v2/v2.test.ts
@@ -25,6 +25,7 @@ describe('resource v2', () => {
     const response = await client.images.v2.list({
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       continuation_token: 'continuation_token',
+      creator: 'creator',
       per_page: 10,
       sort_order: 'asc',
     });
diff --git a/tests/api-resources/kv/namespaces/values.test.ts b/tests/api-resources/kv/namespaces/values.test.ts
index 6ae2915c03..03fbaa4b52 100644
--- a/tests/api-resources/kv/namespaces/values.test.ts
+++ b/tests/api-resources/kv/namespaces/values.test.ts
@@ -32,7 +32,7 @@ describe('resource values', () => {
       value: 'Some Value',
       expiration: 1578435000,
       expiration_ttl: 300,
-      metadata: { someMetadataKey: 'someMetadataValue' },
+      metadata: {},
     });
   });
 
diff --git a/tests/api-resources/magic-transit/cf-interconnects.test.ts b/tests/api-resources/magic-transit/cf-interconnects.test.ts
index 7bd0b7f7be..44b23fa547 100644
--- a/tests/api-resources/magic-transit/cf-interconnects.test.ts
+++ b/tests/api-resources/magic-transit/cf-interconnects.test.ts
@@ -32,6 +32,7 @@ describe('resource cfInterconnects', () => {
       gre: { cloudflare_endpoint: '203.0.113.1' },
       health_check: { enabled: true, rate: 'low', target: { saved: '203.0.113.1' }, type: 'request' },
       interface_address: '192.0.2.0/31',
+      interface_address6: '2606:54c1:7:0:a9fe:12d2:1:200/127',
       mtu: 0,
       'x-magic-new-hc-target': true,
     });
diff --git a/tests/api-resources/magic-transit/connectors/events/events.test.ts b/tests/api-resources/magic-transit/connectors/events/events.test.ts
index fa75c7d5a8..7d5d5f1d32 100644
--- a/tests/api-resources/magic-transit/connectors/events/events.test.ts
+++ b/tests/api-resources/magic-transit/connectors/events/events.test.ts
@@ -31,6 +31,7 @@ describe('resource events', () => {
       from: 0,
       to: 0,
       cursor: 'cursor',
+      k: 'k',
       limit: 0,
     });
   });
diff --git a/tests/api-resources/magic-transit/gre-tunnels.test.ts b/tests/api-resources/magic-transit/gre-tunnels.test.ts
index e9ca33b39a..5568d31620 100644
--- a/tests/api-resources/magic-transit/gre-tunnels.test.ts
+++ b/tests/api-resources/magic-transit/gre-tunnels.test.ts
@@ -44,6 +44,7 @@ describe('resource greTunnels', () => {
         target: { saved: '203.0.113.1' },
         type: 'request',
       },
+      interface_address6: '2606:54c1:7:0:a9fe:12d2:1:200/127',
       mtu: 0,
       ttl: 0,
       'x-magic-new-hc-target': true,
@@ -84,6 +85,7 @@ describe('resource greTunnels', () => {
         target: { saved: '203.0.113.1' },
         type: 'request',
       },
+      interface_address6: '2606:54c1:7:0:a9fe:12d2:1:200/127',
       mtu: 0,
       ttl: 0,
       'x-magic-new-hc-target': true,
diff --git a/tests/api-resources/magic-transit/ipsec-tunnels.test.ts b/tests/api-resources/magic-transit/ipsec-tunnels.test.ts
index ec8bd888c7..805b70cd2b 100644
--- a/tests/api-resources/magic-transit/ipsec-tunnels.test.ts
+++ b/tests/api-resources/magic-transit/ipsec-tunnels.test.ts
@@ -41,6 +41,7 @@ describe('resource ipsecTunnels', () => {
         target: { saved: '203.0.113.1' },
         type: 'request',
       },
+      interface_address6: '2606:54c1:7:0:a9fe:12d2:1:200/127',
       psk: 'O3bwKSjnaoCxDoUxjcq4Rk8ZKkezQUiy',
       replay_protection: false,
       'x-magic-new-hc-target': true,
@@ -80,6 +81,7 @@ describe('resource ipsecTunnels', () => {
         target: { saved: '203.0.113.1' },
         type: 'request',
       },
+      interface_address6: '2606:54c1:7:0:a9fe:12d2:1:200/127',
       psk: 'O3bwKSjnaoCxDoUxjcq4Rk8ZKkezQUiy',
       replay_protection: false,
       'x-magic-new-hc-target': true,
diff --git a/tests/api-resources/queues/consumers.test.ts b/tests/api-resources/queues/consumers.test.ts
index 8bc8cf6a3a..e4275cc8e0 100644
--- a/tests/api-resources/queues/consumers.test.ts
+++ b/tests/api-resources/queues/consumers.test.ts
@@ -74,6 +74,25 @@ describe('resource consumers', () => {
     );
   });
 
+  test('list: only required params', async () => {
+    const responsePromise = client.queues.consumers.list('023e105f4ecef8ad9ca31a8372d0c353', {
+      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    });
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('list: required and optional params', async () => {
+    const response = await client.queues.consumers.list('023e105f4ecef8ad9ca31a8372d0c353', {
+      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    });
+  });
+
   test('delete: only required params', async () => {
     const responsePromise = client.queues.consumers.delete(
       '023e105f4ecef8ad9ca31a8372d0c353',
@@ -98,9 +117,11 @@ describe('resource consumers', () => {
   });
 
   test('get: only required params', async () => {
-    const responsePromise = client.queues.consumers.get('023e105f4ecef8ad9ca31a8372d0c353', {
-      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-    });
+    const responsePromise = client.queues.consumers.get(
+      '023e105f4ecef8ad9ca31a8372d0c353',
+      '023e105f4ecef8ad9ca31a8372d0c353',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -111,8 +132,10 @@ describe('resource consumers', () => {
   });
 
   test('get: required and optional params', async () => {
-    const response = await client.queues.consumers.get('023e105f4ecef8ad9ca31a8372d0c353', {
-      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-    });
+    const response = await client.queues.consumers.get(
+      '023e105f4ecef8ad9ca31a8372d0c353',
+      '023e105f4ecef8ad9ca31a8372d0c353',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
   });
 });
diff --git a/tests/api-resources/r2/buckets/domains/custom.test.ts b/tests/api-resources/r2/buckets/domains/custom.test.ts
index 414dbbd1dc..0912f1f272 100644
--- a/tests/api-resources/r2/buckets/domains/custom.test.ts
+++ b/tests/api-resources/r2/buckets/domains/custom.test.ts
@@ -34,6 +34,7 @@ describe('resource custom', () => {
       domain: 'prefix.example-domain.com',
       enabled: true,
       zoneId: '36ca64a6d92827b8a6b90be344bb1bfd',
+      ciphers: ['string'],
       minTLS: '1.0',
       jurisdiction: 'default',
     });
@@ -62,6 +63,7 @@ describe('resource custom', () => {
       'example-domain/custom-domain.com',
       {
         account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+        ciphers: ['string'],
         enabled: true,
         minTLS: '1.2',
         jurisdiction: 'default',
diff --git a/tests/api-resources/radar/ai/timeseries-groups.test.ts b/tests/api-resources/radar/ai/timeseries-groups.test.ts
index 386515626c..10134f56bd 100644
--- a/tests/api-resources/radar/ai/timeseries-groups.test.ts
+++ b/tests/api-resources/radar/ai/timeseries-groups.test.ts
@@ -10,6 +10,129 @@ const client = new Cloudflare({
 });
 
 describe('resource timeseriesGroups', () => {
+  test('summary', async () => {
+    const responsePromise = client.radar.ai.timeseriesGroups.summary('USER_AGENT');
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('summary: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ai.timeseriesGroups.summary('USER_AGENT', { path: '/_stainless_unknown_path' }),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('summary: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ai.timeseriesGroups.summary(
+        'USER_AGENT',
+        {
+          asn: ['string'],
+          continent: ['string'],
+          crawlPurpose: ['string'],
+          dateEnd: ['2019-12-27T18:11:19.117Z'],
+          dateRange: ['7d'],
+          dateStart: ['2019-12-27T18:11:19.117Z'],
+          format: 'JSON',
+          limitPerGroup: 10,
+          location: ['string'],
+          name: ['main_series'],
+        },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('timeseries', async () => {
+    const responsePromise = client.radar.ai.timeseriesGroups.timeseries();
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('timeseries: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ai.timeseriesGroups.timeseries({ path: '/_stainless_unknown_path' }),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('timeseries: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ai.timeseriesGroups.timeseries(
+        {
+          aggInterval: '1h',
+          asn: ['string'],
+          continent: ['string'],
+          crawlPurpose: ['string'],
+          dateEnd: ['2019-12-27T18:11:19.117Z'],
+          dateRange: ['7d'],
+          dateStart: ['2019-12-27T18:11:19.117Z'],
+          format: 'JSON',
+          limitPerGroup: 10,
+          location: ['string'],
+          name: ['main_series'],
+          userAgent: ['string'],
+        },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('timeseriesGroups', async () => {
+    const responsePromise = client.radar.ai.timeseriesGroups.timeseriesGroups('USER_AGENT');
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('timeseriesGroups: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ai.timeseriesGroups.timeseriesGroups('USER_AGENT', { path: '/_stainless_unknown_path' }),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('timeseriesGroups: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ai.timeseriesGroups.timeseriesGroups(
+        'USER_AGENT',
+        {
+          aggInterval: '1h',
+          asn: ['string'],
+          continent: ['string'],
+          crawlPurpose: ['string'],
+          dateEnd: ['2019-12-27T18:11:19.117Z'],
+          dateRange: ['7d'],
+          dateStart: ['2019-12-27T18:11:19.117Z'],
+          format: 'JSON',
+          limitPerGroup: 10,
+          location: ['string'],
+          name: ['main_series'],
+          normalization: 'MIN0_MAX',
+        },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
   test('userAgent', async () => {
     const responsePromise = client.radar.ai.timeseriesGroups.userAgent();
     const rawResponse = await responsePromise.asResponse();
diff --git a/tests/api-resources/radar/ai/to-markdown.test.ts b/tests/api-resources/radar/ai/to-markdown.test.ts
index 8bfd2374c3..d7636b03fb 100644
--- a/tests/api-resources/radar/ai/to-markdown.test.ts
+++ b/tests/api-resources/radar/ai/to-markdown.test.ts
@@ -12,9 +12,10 @@ const client = new Cloudflare({
 describe('resource toMarkdown', () => {
   // TODO: investigate prism error for invalid security scheme used
   test.skip('create: only required params', async () => {
-    const responsePromise = client.radar.ai.toMarkdown.create({
-      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-    });
+    const responsePromise = client.radar.ai.toMarkdown.create(
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
+    );
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -26,9 +27,9 @@ describe('resource toMarkdown', () => {
 
   // TODO: investigate prism error for invalid security scheme used
   test.skip('create: required and optional params', async () => {
-    const response = await client.radar.ai.toMarkdown.create({
-      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      body: await toFile(Buffer.from('# my file contents'), 'README.md'),
-    });
+    const response = await client.radar.ai.toMarkdown.create(
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
+    );
   });
 });
diff --git a/tests/api-resources/radar/attacks/layer7/top/top.test.ts b/tests/api-resources/radar/attacks/layer7/top/top.test.ts
index 459439ed87..24fcffeef9 100644
--- a/tests/api-resources/radar/attacks/layer7/top/top.test.ts
+++ b/tests/api-resources/radar/attacks/layer7/top/top.test.ts
@@ -43,7 +43,6 @@ describe('resource top', () => {
           limitDirection: 'ORIGIN',
           limitPerLocation: 10,
           location: ['string'],
-          magnitude: 'MITIGATED_REQUESTS',
           mitigationProduct: ['DDOS'],
           name: ['main_series'],
           normalization: 'PERCENTAGE',
diff --git a/tests/api-resources/radar/ct/authorities.test.ts b/tests/api-resources/radar/ct/authorities.test.ts
new file mode 100644
index 0000000000..667531af94
--- /dev/null
+++ b/tests/api-resources/radar/ct/authorities.test.ts
@@ -0,0 +1,73 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource authorities', () => {
+  test('list', async () => {
+    const responsePromise = client.radar.ct.authorities.list();
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('list: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(client.radar.ct.authorities.list({ path: '/_stainless_unknown_path' })).rejects.toThrow(
+      Cloudflare.NotFoundError,
+    );
+  });
+
+  test('list: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.authorities.list(
+        { format: 'JSON', limit: 5, offset: 0 },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('get', async () => {
+    const responsePromise = client.radar.ct.authorities.get(
+      '24EDD4E503A8D3FDB5FFB4AF66C887359901CBE687A5A0760D10A08EED99A7C3',
+    );
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('get: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.authorities.get('24EDD4E503A8D3FDB5FFB4AF66C887359901CBE687A5A0760D10A08EED99A7C3', {
+        path: '/_stainless_unknown_path',
+      }),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('get: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.authorities.get(
+        '24EDD4E503A8D3FDB5FFB4AF66C887359901CBE687A5A0760D10A08EED99A7C3',
+        { format: 'JSON' },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+});
diff --git a/tests/api-resources/radar/ct/ct.test.ts b/tests/api-resources/radar/ct/ct.test.ts
new file mode 100644
index 0000000000..b57cd5b1b0
--- /dev/null
+++ b/tests/api-resources/radar/ct/ct.test.ts
@@ -0,0 +1,167 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource ct', () => {
+  test('summary', async () => {
+    const responsePromise = client.radar.ct.summary('CA');
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('summary: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(client.radar.ct.summary('CA', { path: '/_stainless_unknown_path' })).rejects.toThrow(
+      Cloudflare.NotFoundError,
+    );
+  });
+
+  test('summary: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.summary(
+        'CA',
+        {
+          ca: ['string'],
+          caOwner: ['string'],
+          dateEnd: ['2019-12-27T18:11:19.117Z'],
+          dateRange: ['7d'],
+          dateStart: ['2019-12-27T18:11:19.117Z'],
+          duration: ['LTE_3D'],
+          entryType: ['PRECERTIFICATE'],
+          expirationStatus: ['EXPIRED'],
+          format: 'JSON',
+          hasIps: [true],
+          hasWildcards: [true],
+          limitPerGroup: 10,
+          log: ['string'],
+          logApi: ['RFC6962'],
+          logOperator: ['string'],
+          name: ['main_series'],
+          normalization: 'RAW_VALUES',
+          publicKeyAlgorithm: ['DSA'],
+          signatureAlgorithm: ['DSA_SHA_1'],
+          tld: ['string'],
+          uniqueEntries: ['true'],
+          validationLevel: ['DOMAIN'],
+        },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('timeseries', async () => {
+    const responsePromise = client.radar.ct.timeseries();
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('timeseries: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(client.radar.ct.timeseries({ path: '/_stainless_unknown_path' })).rejects.toThrow(
+      Cloudflare.NotFoundError,
+    );
+  });
+
+  test('timeseries: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.timeseries(
+        {
+          aggInterval: '1h',
+          ca: ['string'],
+          caOwner: ['string'],
+          dateEnd: ['2019-12-27T18:11:19.117Z'],
+          dateRange: ['7d'],
+          dateStart: ['2019-12-27T18:11:19.117Z'],
+          duration: ['LTE_3D'],
+          entryType: ['PRECERTIFICATE'],
+          expirationStatus: ['EXPIRED'],
+          format: 'JSON',
+          hasIps: [true],
+          hasWildcards: [true],
+          log: ['string'],
+          logApi: ['RFC6962'],
+          logOperator: ['string'],
+          name: ['main_series'],
+          publicKeyAlgorithm: ['DSA'],
+          signatureAlgorithm: ['DSA_SHA_1'],
+          tld: ['string'],
+          uniqueEntries: ['true'],
+          validationLevel: ['DOMAIN'],
+        },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('timeseriesGroups', async () => {
+    const responsePromise = client.radar.ct.timeseriesGroups('CA');
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('timeseriesGroups: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.timeseriesGroups('CA', { path: '/_stainless_unknown_path' }),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('timeseriesGroups: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.timeseriesGroups(
+        'CA',
+        {
+          aggInterval: '1h',
+          ca: ['string'],
+          caOwner: ['string'],
+          dateEnd: ['2019-12-27T18:11:19.117Z'],
+          dateRange: ['7d'],
+          dateStart: ['2019-12-27T18:11:19.117Z'],
+          duration: ['LTE_3D'],
+          entryType: ['PRECERTIFICATE'],
+          expirationStatus: ['EXPIRED'],
+          format: 'JSON',
+          hasIps: [true],
+          hasWildcards: [true],
+          limitPerGroup: 10,
+          log: ['string'],
+          logApi: ['RFC6962'],
+          logOperator: ['string'],
+          name: ['main_series'],
+          normalization: 'RAW_VALUES',
+          publicKeyAlgorithm: ['DSA'],
+          signatureAlgorithm: ['DSA_SHA_1'],
+          tld: ['string'],
+          uniqueEntries: ['true'],
+          validationLevel: ['DOMAIN'],
+        },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+});
diff --git a/tests/api-resources/radar/ct/logs.test.ts b/tests/api-resources/radar/ct/logs.test.ts
new file mode 100644
index 0000000000..0654ffffe1
--- /dev/null
+++ b/tests/api-resources/radar/ct/logs.test.ts
@@ -0,0 +1,65 @@
+// File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
+
+import Cloudflare from 'cloudflare';
+import { Response } from 'node-fetch';
+
+const client = new Cloudflare({
+  apiKey: '144c9defac04969c7bfad8efaa8ea194',
+  apiEmail: 'user@example.com',
+  baseURL: process.env['TEST_API_BASE_URL'] ?? 'http://127.0.0.1:4010',
+});
+
+describe('resource logs', () => {
+  test('list', async () => {
+    const responsePromise = client.radar.ct.logs.list();
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('list: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(client.radar.ct.logs.list({ path: '/_stainless_unknown_path' })).rejects.toThrow(
+      Cloudflare.NotFoundError,
+    );
+  });
+
+  test('list: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.logs.list(
+        { format: 'JSON', limit: 5, offset: 0 },
+        { path: '/_stainless_unknown_path' },
+      ),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+
+  test('get', async () => {
+    const responsePromise = client.radar.ct.logs.get('argon2024');
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('get: request options instead of params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(client.radar.ct.logs.get('argon2024', { path: '/_stainless_unknown_path' })).rejects.toThrow(
+      Cloudflare.NotFoundError,
+    );
+  });
+
+  test('get: request options and params are passed correctly', async () => {
+    // ensure the request options are being passed correctly by passing an invalid HTTP method in order to cause an error
+    await expect(
+      client.radar.ct.logs.get('argon2024', { format: 'JSON' }, { path: '/_stainless_unknown_path' }),
+    ).rejects.toThrow(Cloudflare.NotFoundError);
+  });
+});
diff --git a/tests/api-resources/rules/lists/items.test.ts b/tests/api-resources/rules/lists/items.test.ts
index 4121cd4137..d93f6908eb 100644
--- a/tests/api-resources/rules/lists/items.test.ts
+++ b/tests/api-resources/rules/lists/items.test.ts
@@ -13,7 +13,7 @@ describe('resource items', () => {
   test('create: only required params', async () => {
     const responsePromise = client.rules.lists.items.create('2c0fc9fa937b11eaa1b71c4d701ab86e', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      body: [{}],
+      body: [{ ip: '10.0.0.1' }],
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -27,30 +27,14 @@ describe('resource items', () => {
   test('create: required and optional params', async () => {
     const response = await client.rules.lists.items.create('2c0fc9fa937b11eaa1b71c4d701ab86e', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      body: [
-        {
-          asn: 5567,
-          comment: 'Private IP address',
-          hostname: { url_hostname: 'example.com' },
-          ip: '10.0.0.1',
-          redirect: {
-            source_url: 'example.com/arch',
-            target_url: 'https://archlinux.org/',
-            include_subdomains: true,
-            preserve_path_suffix: true,
-            preserve_query_string: true,
-            status_code: 301,
-            subpath_matching: true,
-          },
-        },
-      ],
+      body: [{ ip: '10.0.0.1', comment: 'Private IP address' }],
     });
   });
 
   test('update: only required params', async () => {
     const responsePromise = client.rules.lists.items.update('2c0fc9fa937b11eaa1b71c4d701ab86e', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      body: [{}],
+      body: [{ ip: '10.0.0.1' }],
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -64,23 +48,7 @@ describe('resource items', () => {
   test('update: required and optional params', async () => {
     const response = await client.rules.lists.items.update('2c0fc9fa937b11eaa1b71c4d701ab86e', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      body: [
-        {
-          asn: 5567,
-          comment: 'Private IP address',
-          hostname: { url_hostname: 'example.com' },
-          ip: '10.0.0.1',
-          redirect: {
-            source_url: 'example.com/arch',
-            target_url: 'https://archlinux.org/',
-            include_subdomains: true,
-            preserve_path_suffix: true,
-            preserve_query_string: true,
-            status_code: 301,
-            subpath_matching: true,
-          },
-        },
-      ],
+      body: [{ ip: '10.0.0.1', comment: 'Private IP address' }],
     });
   });
 
diff --git a/tests/api-resources/secrets-store/stores/secrets.test.ts b/tests/api-resources/secrets-store/stores/secrets.test.ts
index 7841545a31..afb8337e61 100644
--- a/tests/api-resources/secrets-store/stores/secrets.test.ts
+++ b/tests/api-resources/secrets-store/stores/secrets.test.ts
@@ -13,7 +13,7 @@ describe('resource secrets', () => {
   test('create: only required params', async () => {
     const responsePromise = client.secretsStore.stores.secrets.create('023e105f4ecef8ad9ca31a8372d0c353', {
       account_id: '985e105f4ecef8ad9ca31a8372d0c353',
-      body: [{ name: 'MY_API_KEY', scopes: ['workers'], value: 'api-token-secret-123' }],
+      body: [{ name: 'MY_API_KEY', scopes: ['workers', 'ai_gateway'], value: 'api-token-secret-123' }],
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -27,11 +27,19 @@ describe('resource secrets', () => {
   test('create: required and optional params', async () => {
     const response = await client.secretsStore.stores.secrets.create('023e105f4ecef8ad9ca31a8372d0c353', {
       account_id: '985e105f4ecef8ad9ca31a8372d0c353',
-      body: [{ name: 'MY_API_KEY', scopes: ['workers'], value: 'api-token-secret-123' }],
+      body: [
+        {
+          name: 'MY_API_KEY',
+          scopes: ['workers', 'ai_gateway'],
+          value: 'api-token-secret-123',
+          comment: 'info about my secret',
+        },
+      ],
     });
   });
 
-  test('list: only required params', async () => {
+  // TODO: investigate prism error for 422 Unprocessable Entity
+  test.skip('list: only required params', async () => {
     const responsePromise = client.secretsStore.stores.secrets.list('023e105f4ecef8ad9ca31a8372d0c353', {
       account_id: '985e105f4ecef8ad9ca31a8372d0c353',
     });
@@ -44,13 +52,15 @@ describe('resource secrets', () => {
     expect(dataAndResponse.response).toBe(rawResponse);
   });
 
-  test('list: required and optional params', async () => {
+  // TODO: investigate prism error for 422 Unprocessable Entity
+  test.skip('list: required and optional params', async () => {
     const response = await client.secretsStore.stores.secrets.list('023e105f4ecef8ad9ca31a8372d0c353', {
       account_id: '985e105f4ecef8ad9ca31a8372d0c353',
       direction: 'asc',
       order: 'name',
       page: 2,
       per_page: 20,
+      scopes: [['workers', 'ai_gateway']],
       search: 'search',
     });
   });
@@ -103,7 +113,11 @@ describe('resource secrets', () => {
     const responsePromise = client.secretsStore.stores.secrets.duplicate(
       '023e105f4ecef8ad9ca31a8372d0c353',
       '3fd85f74b32742f1bff64a85009dda07',
-      { account_id: '985e105f4ecef8ad9ca31a8372d0c353', name: 'MY_API_KEY' },
+      {
+        account_id: '985e105f4ecef8ad9ca31a8372d0c353',
+        name: 'MY_API_KEY',
+        scopes: ['workers', 'ai_gateway'],
+      },
     );
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -119,15 +133,21 @@ describe('resource secrets', () => {
     const response = await client.secretsStore.stores.secrets.duplicate(
       '023e105f4ecef8ad9ca31a8372d0c353',
       '3fd85f74b32742f1bff64a85009dda07',
-      { account_id: '985e105f4ecef8ad9ca31a8372d0c353', name: 'MY_API_KEY' },
+      {
+        account_id: '985e105f4ecef8ad9ca31a8372d0c353',
+        name: 'MY_API_KEY',
+        scopes: ['workers', 'ai_gateway'],
+        comment: 'info about my secret',
+      },
     );
   });
 
-  test('edit: only required params', async () => {
+  // TODO: investigate prism error for 422 Unprocessable Entity
+  test.skip('edit: only required params', async () => {
     const responsePromise = client.secretsStore.stores.secrets.edit(
       '023e105f4ecef8ad9ca31a8372d0c353',
       '3fd85f74b32742f1bff64a85009dda07',
-      { account_id: '985e105f4ecef8ad9ca31a8372d0c353', name: 'MY_API_KEY' },
+      { account_id: '985e105f4ecef8ad9ca31a8372d0c353' },
     );
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -138,15 +158,15 @@ describe('resource secrets', () => {
     expect(dataAndResponse.response).toBe(rawResponse);
   });
 
-  test('edit: required and optional params', async () => {
+  // TODO: investigate prism error for 422 Unprocessable Entity
+  test.skip('edit: required and optional params', async () => {
     const response = await client.secretsStore.stores.secrets.edit(
       '023e105f4ecef8ad9ca31a8372d0c353',
       '3fd85f74b32742f1bff64a85009dda07',
       {
         account_id: '985e105f4ecef8ad9ca31a8372d0c353',
-        name: 'MY_API_KEY',
-        scopes: ['workers'],
-        value: 'api-token-secret-123',
+        comment: 'info about my secret',
+        scopes: ['workers', 'ai_gateway'],
       },
     );
   });
diff --git a/tests/api-resources/snippets/content.test.ts b/tests/api-resources/snippets/content.test.ts
index 7342ace674..81c65cbd3e 100644
--- a/tests/api-resources/snippets/content.test.ts
+++ b/tests/api-resources/snippets/content.test.ts
@@ -11,8 +11,8 @@ const client = new Cloudflare({
 describe('resource content', () => {
   // throwing HTTP 415
   test.skip('get: required and optional params', async () => {
-    const response = await client.snippets.content.get('snippet_name_01', {
-      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    const response = await client.snippets.content.get('my_snippet', {
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
     });
   });
 });
diff --git a/tests/api-resources/snippets/rules.test.ts b/tests/api-resources/snippets/rules.test.ts
index e36c30e5f4..5f329ac748 100644
--- a/tests/api-resources/snippets/rules.test.ts
+++ b/tests/api-resources/snippets/rules.test.ts
@@ -11,7 +11,10 @@ const client = new Cloudflare({
 
 describe('resource rules', () => {
   test('update: only required params', async () => {
-    const responsePromise = client.snippets.rules.update({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const responsePromise = client.snippets.rules.update({
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
+      rules: [{ expression: 'ip.src eq 1.1.1.1', snippet_name: 'my_snippet' }],
+    });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -23,20 +26,20 @@ describe('resource rules', () => {
 
   test('update: required and optional params', async () => {
     const response = await client.snippets.rules.update({
-      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
       rules: [
         {
-          description: 'Rule description',
+          expression: 'ip.src eq 1.1.1.1',
+          snippet_name: 'my_snippet',
+          description: 'Execute my_snippet when IP address is 1.1.1.1.',
           enabled: true,
-          expression: 'http.cookie eq "a=b"',
-          snippet_name: 'snippet_name_01',
         },
       ],
     });
   });
 
   test('list: only required params', async () => {
-    const responsePromise = client.snippets.rules.list({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const responsePromise = client.snippets.rules.list({ zone_id: '9f1839b6152d298aca64c4e906b6d074' });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -47,11 +50,11 @@ describe('resource rules', () => {
   });
 
   test('list: required and optional params', async () => {
-    const response = await client.snippets.rules.list({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const response = await client.snippets.rules.list({ zone_id: '9f1839b6152d298aca64c4e906b6d074' });
   });
 
   test('delete: only required params', async () => {
-    const responsePromise = client.snippets.rules.delete({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const responsePromise = client.snippets.rules.delete({ zone_id: '9f1839b6152d298aca64c4e906b6d074' });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -62,6 +65,6 @@ describe('resource rules', () => {
   });
 
   test('delete: required and optional params', async () => {
-    const response = await client.snippets.rules.delete({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const response = await client.snippets.rules.delete({ zone_id: '9f1839b6152d298aca64c4e906b6d074' });
   });
 });
diff --git a/tests/api-resources/snippets/snippets.test.ts b/tests/api-resources/snippets/snippets.test.ts
index 4973e797db..9f116ac439 100644
--- a/tests/api-resources/snippets/snippets.test.ts
+++ b/tests/api-resources/snippets/snippets.test.ts
@@ -1,6 +1,6 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
-import Cloudflare from 'cloudflare';
+import Cloudflare, { toFile } from 'cloudflare';
 import { Response } from 'node-fetch';
 
 const client = new Cloudflare({
@@ -12,8 +12,10 @@ const client = new Cloudflare({
 describe('resource snippets', () => {
   // throwing HTTP 415
   test.skip('update: only required params', async () => {
-    const responsePromise = client.snippets.update('snippet_name_01', {
-      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    const responsePromise = client.snippets.update('my_snippet', {
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
+      files: [await toFile(Buffer.from('# my file contents'), 'README.md')],
+      metadata: { main_module: 'main.js' },
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -26,15 +28,15 @@ describe('resource snippets', () => {
 
   // throwing HTTP 415
   test.skip('update: required and optional params', async () => {
-    const response = await client.snippets.update('snippet_name_01', {
-      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
-      files: "export { async function fetch(request, env) {return new Response('some_response') } }",
+    const response = await client.snippets.update('my_snippet', {
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
+      files: [await toFile(Buffer.from('# my file contents'), 'README.md')],
       metadata: { main_module: 'main.js' },
     });
   });
 
   test('list: only required params', async () => {
-    const responsePromise = client.snippets.list({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const responsePromise = client.snippets.list({ zone_id: '9f1839b6152d298aca64c4e906b6d074' });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
     const response = await responsePromise;
@@ -45,12 +47,16 @@ describe('resource snippets', () => {
   });
 
   test('list: required and optional params', async () => {
-    const response = await client.snippets.list({ zone_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const response = await client.snippets.list({
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
+      page: 1,
+      per_page: 25,
+    });
   });
 
   test('delete: only required params', async () => {
-    const responsePromise = client.snippets.delete('snippet_name_01', {
-      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    const responsePromise = client.snippets.delete('my_snippet', {
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -62,14 +68,14 @@ describe('resource snippets', () => {
   });
 
   test('delete: required and optional params', async () => {
-    const response = await client.snippets.delete('snippet_name_01', {
-      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    const response = await client.snippets.delete('my_snippet', {
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
     });
   });
 
   test('get: only required params', async () => {
-    const responsePromise = client.snippets.get('snippet_name_01', {
-      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
+    const responsePromise = client.snippets.get('my_snippet', {
+      zone_id: '9f1839b6152d298aca64c4e906b6d074',
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -81,8 +87,6 @@ describe('resource snippets', () => {
   });
 
   test('get: required and optional params', async () => {
-    const response = await client.snippets.get('snippet_name_01', {
-      zone_id: '023e105f4ecef8ad9ca31a8372d0c353',
-    });
+    const response = await client.snippets.get('my_snippet', { zone_id: '9f1839b6152d298aca64c4e906b6d074' });
   });
 });
diff --git a/tests/api-resources/stream/stream.test.ts b/tests/api-resources/stream/stream.test.ts
index 1559b01649..7de51c804b 100644
--- a/tests/api-resources/stream/stream.test.ts
+++ b/tests/api-resources/stream/stream.test.ts
@@ -63,6 +63,7 @@ describe('resource stream', () => {
       start: '2014-01-02T02:20:00Z',
       status: 'inprogress',
       type: 'live',
+      video_name: 'puppy.mp4',
     });
   });
 
diff --git a/tests/api-resources/workers-for-platforms/dispatch/namespaces/scripts/content.test.ts b/tests/api-resources/workers-for-platforms/dispatch/namespaces/scripts/content.test.ts
index 9f46ab7ef2..054fcff10a 100644
--- a/tests/api-resources/workers-for-platforms/dispatch/namespaces/scripts/content.test.ts
+++ b/tests/api-resources/workers-for-platforms/dispatch/namespaces/scripts/content.test.ts
@@ -1,6 +1,6 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
-import Cloudflare from 'cloudflare';
+import Cloudflare, { toFile } from 'cloudflare';
 import { Response } from 'node-fetch';
 
 const client = new Cloudflare({
@@ -34,6 +34,7 @@ describe('resource content', () => {
       {
         account_id: '023e105f4ecef8ad9ca31a8372d0c353',
         metadata: { body_part: 'worker.js', main_module: 'worker.js' },
+        files: [await toFile(Buffer.from('# my file contents'), 'README.md')],
         'CF-WORKER-BODY-PART': 'CF-WORKER-BODY-PART',
         'CF-WORKER-MAIN-MODULE-PART': 'CF-WORKER-MAIN-MODULE-PART',
       },
diff --git a/tests/api-resources/workers-for-platforms/dispatch/namespaces/scripts/scripts.test.ts b/tests/api-resources/workers-for-platforms/dispatch/namespaces/scripts/scripts.test.ts
index 802be1989e..e331c0e1b3 100644
--- a/tests/api-resources/workers-for-platforms/dispatch/namespaces/scripts/scripts.test.ts
+++ b/tests/api-resources/workers-for-platforms/dispatch/namespaces/scripts/scripts.test.ts
@@ -1,6 +1,6 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
-import Cloudflare from 'cloudflare';
+import Cloudflare, { toFile } from 'cloudflare';
 import { Response } from 'node-fetch';
 
 const client = new Cloudflare({
@@ -74,6 +74,7 @@ describe('resource scripts', () => {
           ],
           usage_model: 'standard',
         },
+        files: [await toFile(Buffer.from('# my file contents'), 'README.md')],
       },
     );
   });
diff --git a/tests/api-resources/workers/scripts/content.test.ts b/tests/api-resources/workers/scripts/content.test.ts
index 1567728d10..9549b11cd0 100644
--- a/tests/api-resources/workers/scripts/content.test.ts
+++ b/tests/api-resources/workers/scripts/content.test.ts
@@ -1,6 +1,6 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
-import Cloudflare from 'cloudflare';
+import Cloudflare, { toFile } from 'cloudflare';
 import { Response } from 'node-fetch';
 
 const client = new Cloudflare({
@@ -30,6 +30,7 @@ describe('resource content', () => {
     const response = await client.workers.scripts.content.update('this-is_my_script-01', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       metadata: { body_part: 'worker.js', main_module: 'worker.js' },
+      files: [await toFile(Buffer.from('# my file contents'), 'README.md')],
       'CF-WORKER-BODY-PART': 'CF-WORKER-BODY-PART',
       'CF-WORKER-MAIN-MODULE-PART': 'CF-WORKER-MAIN-MODULE-PART',
     });
diff --git a/tests/api-resources/workers/scripts/deployments.test.ts b/tests/api-resources/workers/scripts/deployments.test.ts
index 08559beefc..ed72e63d33 100644
--- a/tests/api-resources/workers/scripts/deployments.test.ts
+++ b/tests/api-resources/workers/scripts/deployments.test.ts
@@ -14,7 +14,7 @@ describe('resource deployments', () => {
     const responsePromise = client.workers.scripts.deployments.create('this-is_my_script-01', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       strategy: 'percentage',
-      versions: [{ percentage: 100, version_id: 'bcf48806-b317-4351-9ee7-36e7d557d4de' }],
+      versions: [{ percentage: 100, version_id: '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e' }],
     });
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -29,14 +29,14 @@ describe('resource deployments', () => {
     const response = await client.workers.scripts.deployments.create('this-is_my_script-01', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       strategy: 'percentage',
-      versions: [{ percentage: 100, version_id: 'bcf48806-b317-4351-9ee7-36e7d557d4de' }],
+      versions: [{ percentage: 100, version_id: '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e' }],
       force: true,
       annotations: { 'workers/message': 'Deploy bug fix.' },
     });
   });
 
-  test('get: only required params', async () => {
-    const responsePromise = client.workers.scripts.deployments.get('this-is_my_script-01', {
+  test('list: only required params', async () => {
+    const responsePromise = client.workers.scripts.deployments.list('this-is_my_script-01', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
     });
     const rawResponse = await responsePromise.asResponse();
@@ -48,9 +48,55 @@ describe('resource deployments', () => {
     expect(dataAndResponse.response).toBe(rawResponse);
   });
 
-  test('get: required and optional params', async () => {
-    const response = await client.workers.scripts.deployments.get('this-is_my_script-01', {
+  test('list: required and optional params', async () => {
+    const response = await client.workers.scripts.deployments.list('this-is_my_script-01', {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
     });
   });
+
+  test('delete: only required params', async () => {
+    const responsePromise = client.workers.scripts.deployments.delete(
+      'this-is_my_script-01',
+      '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('delete: required and optional params', async () => {
+    const response = await client.workers.scripts.deployments.delete(
+      'this-is_my_script-01',
+      '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
+  });
+
+  test('get: only required params', async () => {
+    const responsePromise = client.workers.scripts.deployments.get(
+      'this-is_my_script-01',
+      '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
+    const rawResponse = await responsePromise.asResponse();
+    expect(rawResponse).toBeInstanceOf(Response);
+    const response = await responsePromise;
+    expect(response).not.toBeInstanceOf(Response);
+    const dataAndResponse = await responsePromise.withResponse();
+    expect(dataAndResponse.data).toBe(response);
+    expect(dataAndResponse.response).toBe(rawResponse);
+  });
+
+  test('get: required and optional params', async () => {
+    const response = await client.workers.scripts.deployments.get(
+      'this-is_my_script-01',
+      '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
+      { account_id: '023e105f4ecef8ad9ca31a8372d0c353' },
+    );
+  });
 });
diff --git a/tests/api-resources/workers/scripts/scripts.test.ts b/tests/api-resources/workers/scripts/scripts.test.ts
index 9cd76c3500..30c2f60090 100644
--- a/tests/api-resources/workers/scripts/scripts.test.ts
+++ b/tests/api-resources/workers/scripts/scripts.test.ts
@@ -1,6 +1,6 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
-import Cloudflare from 'cloudflare';
+import Cloudflare, { toFile } from 'cloudflare';
 import { Response } from 'node-fetch';
 
 const client = new Cloudflare({
@@ -70,6 +70,7 @@ describe('resource scripts', () => {
         ],
         usage_model: 'standard',
       },
+      files: [await toFile(Buffer.from('# my file contents'), 'README.md')],
     });
   });
 
@@ -85,7 +86,10 @@ describe('resource scripts', () => {
   });
 
   test('list: required and optional params', async () => {
-    const response = await client.workers.scripts.list({ account_id: '023e105f4ecef8ad9ca31a8372d0c353' });
+    const response = await client.workers.scripts.list({
+      account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      tags: 'production:yes,staging:no',
+    });
   });
 
   test('delete: only required params', async () => {
diff --git a/tests/api-resources/workers/scripts/versions.test.ts b/tests/api-resources/workers/scripts/versions.test.ts
index 074504bed1..82c89f8328 100644
--- a/tests/api-resources/workers/scripts/versions.test.ts
+++ b/tests/api-resources/workers/scripts/versions.test.ts
@@ -1,6 +1,6 @@
 // File generated from our OpenAPI spec by Stainless. See CONTRIBUTING.md for details.
 
-import Cloudflare from 'cloudflare';
+import Cloudflare, { toFile } from 'cloudflare';
 import { Response } from 'node-fetch';
 
 const client = new Cloudflare({
@@ -38,6 +38,7 @@ describe('resource versions', () => {
         keep_bindings: ['string'],
         usage_model: 'standard',
       },
+      files: [await toFile(Buffer.from('# my file contents'), 'README.md')],
     });
   });
 
diff --git a/tests/api-resources/workflows/instances/instances.test.ts b/tests/api-resources/workflows/instances/instances.test.ts
index a33eac54ad..17d0fa0426 100644
--- a/tests/api-resources/workflows/instances/instances.test.ts
+++ b/tests/api-resources/workflows/instances/instances.test.ts
@@ -44,6 +44,7 @@ describe('resource instances', () => {
   test('list: required and optional params', async () => {
     const response = await client.workflows.instances.list('x', {
       account_id: 'account_id',
+      cursor: 'cursor',
       date_end: '2019-12-27T18:11:19.117Z',
       date_start: '2019-12-27T18:11:19.117Z',
       page: 1,
diff --git a/tests/api-resources/zero-trust/access/custom-pages.test.ts b/tests/api-resources/zero-trust/access/custom-pages.test.ts
index 96f2d36db4..81cbcc7f80 100644
--- a/tests/api-resources/zero-trust/access/custom-pages.test.ts
+++ b/tests/api-resources/zero-trust/access/custom-pages.test.ts
@@ -84,6 +84,8 @@ describe('resource customPages', () => {
   test('list: required and optional params', async () => {
     const response = await client.zeroTrust.access.customPages.list({
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      page: 0,
+      per_page: 0,
     });
   });
 
diff --git a/tests/api-resources/zero-trust/access/logs/access-requests.test.ts b/tests/api-resources/zero-trust/access/logs/access-requests.test.ts
index e7543bfc33..e939ee60e6 100644
--- a/tests/api-resources/zero-trust/access/logs/access-requests.test.ts
+++ b/tests/api-resources/zero-trust/access/logs/access-requests.test.ts
@@ -28,6 +28,8 @@ describe('resource accessRequests', () => {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       direction: 'desc',
       limit: 0,
+      page: 0,
+      per_page: 0,
       since: '2020-07-01T05:20:00Z',
       until: '2020-10-01T05:20:00Z',
     });
diff --git a/tests/api-resources/zero-trust/access/logs/scim/updates.test.ts b/tests/api-resources/zero-trust/access/logs/scim/updates.test.ts
index 9845417f67..65d7fd22cb 100644
--- a/tests/api-resources/zero-trust/access/logs/scim/updates.test.ts
+++ b/tests/api-resources/zero-trust/access/logs/scim/updates.test.ts
@@ -32,6 +32,8 @@ describe('resource updates', () => {
       direction: 'desc',
       idp_resource_id: 'idp_resource_id',
       limit: 10,
+      page: 0,
+      per_page: 0,
       request_method: ['DELETE', 'PATCH'],
       resource_group_name: 'ALL_EMPLOYEES',
       resource_type: ['USER', 'GROUP'],
diff --git a/tests/api-resources/zero-trust/access/policies.test.ts b/tests/api-resources/zero-trust/access/policies.test.ts
index f6ed1c6ab8..c798dd34ac 100644
--- a/tests/api-resources/zero-trust/access/policies.test.ts
+++ b/tests/api-resources/zero-trust/access/policies.test.ts
@@ -114,6 +114,8 @@ describe('resource policies', () => {
   test('list: required and optional params', async () => {
     const response = await client.zeroTrust.access.policies.list({
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      page: 0,
+      per_page: 0,
     });
   });
 
diff --git a/tests/api-resources/zero-trust/access/tags.test.ts b/tests/api-resources/zero-trust/access/tags.test.ts
index e39c23a0fe..8a05d324e8 100644
--- a/tests/api-resources/zero-trust/access/tags.test.ts
+++ b/tests/api-resources/zero-trust/access/tags.test.ts
@@ -67,6 +67,8 @@ describe('resource tags', () => {
   test('list: required and optional params', async () => {
     const response = await client.zeroTrust.access.tags.list({
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
+      page: 0,
+      per_page: 0,
     });
   });
 
diff --git a/tests/api-resources/zero-trust/access/users/users.test.ts b/tests/api-resources/zero-trust/access/users/users.test.ts
index 994dff9d57..5a4a4c34f7 100644
--- a/tests/api-resources/zero-trust/access/users/users.test.ts
+++ b/tests/api-resources/zero-trust/access/users/users.test.ts
@@ -28,6 +28,8 @@ describe('resource users', () => {
       account_id: '023e105f4ecef8ad9ca31a8372d0c353',
       email: 'email',
       name: 'name',
+      page: 0,
+      per_page: 0,
       search: 'search',
     });
   });
diff --git a/tests/api-resources/zero-trust/dlp/datasets/upload.test.ts b/tests/api-resources/zero-trust/dlp/datasets/upload.test.ts
index 33efd7cd26..b43dc89588 100644
--- a/tests/api-resources/zero-trust/dlp/datasets/upload.test.ts
+++ b/tests/api-resources/zero-trust/dlp/datasets/upload.test.ts
@@ -36,7 +36,8 @@ describe('resource upload', () => {
     const responsePromise = client.zeroTrust.dlp.datasets.upload.edit(
       '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
       0,
-      { account_id: 'account_id', body: await toFile(Buffer.from('# my file contents'), 'README.md') },
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
     );
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -52,7 +53,8 @@ describe('resource upload', () => {
     const response = await client.zeroTrust.dlp.datasets.upload.edit(
       '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
       0,
-      { account_id: 'account_id', body: await toFile(Buffer.from('# my file contents'), 'README.md') },
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
     );
   });
 });
diff --git a/tests/api-resources/zero-trust/dlp/datasets/versions/entries.test.ts b/tests/api-resources/zero-trust/dlp/datasets/versions/entries.test.ts
index d261d8fa56..eeb925dd20 100755
--- a/tests/api-resources/zero-trust/dlp/datasets/versions/entries.test.ts
+++ b/tests/api-resources/zero-trust/dlp/datasets/versions/entries.test.ts
@@ -16,7 +16,8 @@ describe('resource entries', () => {
       '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
       0,
       '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
-      { account_id: 'account_id', body: await toFile(Buffer.from('# my file contents'), 'README.md') },
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
     );
     const rawResponse = await responsePromise.asResponse();
     expect(rawResponse).toBeInstanceOf(Response);
@@ -33,7 +34,8 @@ describe('resource entries', () => {
       '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
       0,
       '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
-      { account_id: 'account_id', body: await toFile(Buffer.from('# my file contents'), 'README.md') },
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
+      await toFile(Buffer.from('# my file contents'), 'README.md'),
     );
   });
 });
diff --git a/tests/api-resources/zero-trust/dlp/profiles/predefined.test.ts b/tests/api-resources/zero-trust/dlp/profiles/predefined.test.ts
index e61f3904fa..ec91a23dc4 100644
--- a/tests/api-resources/zero-trust/dlp/profiles/predefined.test.ts
+++ b/tests/api-resources/zero-trust/dlp/profiles/predefined.test.ts
@@ -29,7 +29,7 @@ describe('resource predefined', () => {
       account_id: 'account_id',
       profile_id: '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e',
       ai_context_enabled: true,
-      allowed_match_count: 0,
+      allowed_match_count: 5,
       confidence_threshold: 'confidence_threshold',
       context_awareness: { enabled: true, skip: { files: true } },
       entries: [{ id: '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', enabled: true }],
@@ -57,7 +57,7 @@ describe('resource predefined', () => {
       {
         account_id: 'account_id',
         ai_context_enabled: true,
-        allowed_match_count: 0,
+        allowed_match_count: 5,
         confidence_threshold: 'confidence_threshold',
         context_awareness: { enabled: true, skip: { files: true } },
         entries: [{ id: '182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e', enabled: true }],
diff --git a/tests/api-resources/zero-trust/gateway/configurations/configurations.test.ts b/tests/api-resources/zero-trust/gateway/configurations/configurations.test.ts
index 7600e505ed..e1e1b78591 100755
--- a/tests/api-resources/zero-trust/gateway/configurations/configurations.test.ts
+++ b/tests/api-resources/zero-trust/gateway/configurations/configurations.test.ts
@@ -48,7 +48,7 @@ describe('resource configurations', () => {
           logo_path: 'https://logos.com/a.png',
           mailto_address: 'admin@example.com',
           mailto_subject: 'Blocked User Inquiry',
-          mode: 'customized_block_page',
+          mode: '',
           name: 'Cloudflare',
           suppress_footer: false,
           target_uri: 'https://example.com',
@@ -60,6 +60,7 @@ describe('resource configurations', () => {
         extended_email_matching: { enabled: true },
         fips: { tls: true },
         host_selector: { enabled: false },
+        inspection: { mode: 'static' },
         protocol_detection: { enabled: true },
         sandbox: { enabled: true, fallback_action: 'allow' },
         tls_decrypt: { enabled: true },
@@ -105,7 +106,7 @@ describe('resource configurations', () => {
           logo_path: 'https://logos.com/a.png',
           mailto_address: 'admin@example.com',
           mailto_subject: 'Blocked User Inquiry',
-          mode: 'customized_block_page',
+          mode: '',
           name: 'Cloudflare',
           suppress_footer: false,
           target_uri: 'https://example.com',
@@ -117,6 +118,7 @@ describe('resource configurations', () => {
         extended_email_matching: { enabled: true },
         fips: { tls: true },
         host_selector: { enabled: false },
+        inspection: { mode: 'static' },
         protocol_detection: { enabled: true },
         sandbox: { enabled: true, fallback_action: 'allow' },
         tls_decrypt: { enabled: true },
diff --git a/tests/api-resources/zero-trust/gateway/rules.test.ts b/tests/api-resources/zero-trust/gateway/rules.test.ts
index 4f73bd9c4c..e9d65365a9 100644
--- a/tests/api-resources/zero-trust/gateway/rules.test.ts
+++ b/tests/api-resources/zero-trust/gateway/rules.test.ts
@@ -38,7 +38,7 @@ describe('resource rules', () => {
       identity: 'any(identity.groups.name[*] in {"finance"})',
       precedence: 0,
       rule_settings: {
-        add_headers: { foo: 'string' },
+        add_headers: { 'My-Next-Header': ['foo', 'bar'], 'X-Custom-Header-Name': ['somecustomvalue'] },
         allow_child_bypass: false,
         audit_ssh: { command_logging: false },
         biso_admin_controls: {
@@ -142,7 +142,7 @@ describe('resource rules', () => {
       identity: 'any(identity.groups.name[*] in {"finance"})',
       precedence: 0,
       rule_settings: {
-        add_headers: { foo: 'string' },
+        add_headers: { 'My-Next-Header': ['foo', 'bar'], 'X-Custom-Header-Name': ['somecustomvalue'] },
         allow_child_bypass: false,
         audit_ssh: { command_logging: false },
         biso_admin_controls: {
diff --git a/tests/api-resources/zero-trust/identity-providers/scim/groups.test.ts b/tests/api-resources/zero-trust/identity-providers/scim/groups.test.ts
index c9379309c4..729ee4f9f7 100644
--- a/tests/api-resources/zero-trust/identity-providers/scim/groups.test.ts
+++ b/tests/api-resources/zero-trust/identity-providers/scim/groups.test.ts
@@ -32,6 +32,8 @@ describe('resource groups', () => {
         cf_resource_id: 'a2abeb50-59c9-4c01-8c5c-963d3bf5700f',
         idp_resource_id: 'all_employees',
         name: 'ALL_EMPLOYEES',
+        page: 0,
+        per_page: 0,
       },
     );
   });
diff --git a/tests/api-resources/zero-trust/identity-providers/scim/users.test.ts b/tests/api-resources/zero-trust/identity-providers/scim/users.test.ts
index f1ee5e2548..8604ee14e8 100644
--- a/tests/api-resources/zero-trust/identity-providers/scim/users.test.ts
+++ b/tests/api-resources/zero-trust/identity-providers/scim/users.test.ts
@@ -33,6 +33,8 @@ describe('resource users', () => {
         email: 'john.smith@example.com',
         idp_resource_id: 'john_smith_01',
         name: 'John Smith',
+        page: 0,
+        per_page: 0,
         username: 'John Smith',
       },
     );