> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Update > Update a policy by providing a policy object and an update mask. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/policies/{id} openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/policies/{id}: post: tags: - Policy summary: Update description: Update a policy by providing a policy object and an update mask. operationId: c1.api.policy.v1.Policies.Update parameters: - in: path name: id required: true schema: description: The ID of the Policy. readOnly: true type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/c1.api.policy.v1.UpdatePolicyRequestInput' responses: '200': content: application/json: schema: $ref: '#/components/schemas/c1.api.policy.v1.UpdatePolicyResponse' description: The UpdatePolicyResponse message contains the updated policy object. x-codeSamples: - lang: go label: Update source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/operations\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.Policies.Update(ctx, operations.C1APIPolicyV1PoliciesUpdateRequest{\n ID: \"\",\n })\n if err != nil {\n log.Fatal(err)\n }\n if res.UpdatePolicyResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.policies.update({ id: null, }); console.log(result); } run(); components: schemas: c1.api.policy.v1.UpdatePolicyRequestInput: description: >- The UpdatePolicyRequest message contains the policy object to update and a field mask to indicate which fields to update. It uses URL value for input. properties: policy: $ref: '#/components/schemas/c1.api.policy.v1.Policy' updateMask: nullable: true readOnly: false type: string title: Update Policy Request type: object x-speakeasy-name-override: UpdatePolicyRequest c1.api.policy.v1.UpdatePolicyResponse: description: The UpdatePolicyResponse message contains the updated policy object. properties: policy: $ref: '#/components/schemas/c1.api.policy.v1.Policy' title: Update Policy Response type: object x-speakeasy-name-override: UpdatePolicyResponse c1.api.policy.v1.Policy: description: >- A policy defines a workflow (sequence of steps) that runs when processing access requests, reviews, or revocations. Policies support conditional routing: different conditions can trigger different step sequences, with a baseline fallback. properties: createdAt: format: date-time readOnly: true type: string deletedAt: format: date-time readOnly: true type: string description: description: The description of the Policy. readOnly: false type: string displayName: description: The display name of the Policy. readOnly: false type: string id: description: The ID of the Policy. readOnly: true type: string policySteps: additionalProperties: $ref: '#/components/schemas/c1.api.policy.v1.PolicySteps' description: >- A map from string keys to step sequences. One entry is always the baseline, keyed by the lowercased policy_type (e.g., "grant", "revoke", "certify"). Additional entries have opaque keys (UUIDs) and are referenced by the rules array for conditional routing. If no conditional rules are configured, only the baseline entry exists. readOnly: false type: object policyType: description: >- The type of this policy (grant, revoke, or certify). The lowercased type name (e.g., "grant") is also the key for the baseline entry in policy_steps. enum: - POLICY_TYPE_UNSPECIFIED - POLICY_TYPE_GRANT - POLICY_TYPE_REVOKE - POLICY_TYPE_CERTIFY - POLICY_TYPE_ACCESS_REQUEST - POLICY_TYPE_PROVISION readOnly: false type: string x-speakeasy-unknown-values: allow postActions: description: Ordered actions to execute after the policy completes processing. items: $ref: '#/components/schemas/c1.api.policy.v1.PolicyPostActions' nullable: true readOnly: false type: array reassignTasksToDelegates: deprecated: true description: >- This field is no longer used. Configure delegate reassignment in the policy step instead. readOnly: false type: boolean rules: description: >- Ordered conditional routing rules. Evaluated top-to-bottom; the first matching rule selects a step sequence from policy_steps. If no rule matches (or if this array is empty), the baseline entry in policy_steps is used. items: $ref: '#/components/schemas/c1.api.policy.v1.Rule' nullable: true readOnly: false type: array systemBuiltin: description: >- Whether this policy is a builtin system policy. Builtin system policies cannot be edited. readOnly: true type: boolean updatedAt: format: date-time readOnly: true type: string title: Policy type: object x-speakeasy-entity: Policy x-speakeasy-name-override: Policy c1.api.policy.v1.PolicySteps: description: A named sequence of steps that execute in order within a policy. properties: steps: description: >- Ordered array of steps. Each step is a oneof -- exactly one step type is set per entry. Steps execute sequentially. items: $ref: '#/components/schemas/c1.api.policy.v1.PolicyStep' nullable: true readOnly: false type: array title: Policy Steps type: object x-speakeasy-name-override: PolicySteps c1.api.policy.v1.PolicyPostActions: description: > Actions to execute after a policy finishes processing. This message contains a oneof named action. Only a single field of the following list may be set at a time: - certifyRemediateImmediately properties: certifyRemediateImmediately: description: >- Only valid on certify policies. When true, any revocations resulting from the certification are applied immediately when the campaign task closes. This field is part of the `action` oneof. See the documentation for `c1.api.policy.v1.PolicyPostActions` for more details. nullable: true readOnly: false type: boolean title: Policy Post Actions type: object x-speakeasy-name-override: PolicyPostActions c1.api.policy.v1.Rule: description: >- A conditional routing rule that maps a CEL expression to a step sequence. Rules are evaluated top-to-bottom; the first matching rule's policy_key selects the step sequence from the policy's policy_steps map. If no rule matches, the baseline entry is used. properties: condition: description: >- A CEL expression that is evaluated against the request context. If it returns true, the step sequence identified by policy_key is used. readOnly: false type: string policyKey: description: >- A key into the policy's policy_steps map identifying which step sequence to execute when this rule's condition matches. readOnly: false type: string title: Rule type: object x-speakeasy-name-override: Rule c1.api.policy.v1.PolicyStep: description: > A single step in a policy workflow. Exactly one step type is set. This message contains a oneof named step. Only a single field of the following list may be set at a time: - approval - provision - accept - reject - wait - form - action properties: accept: $ref: '#/components/schemas/c1.api.policy.v1.Accept' action: $ref: '#/components/schemas/c1.api.policy.v1.Action' approval: $ref: '#/components/schemas/c1.api.policy.v1.Approval' form: $ref: '#/components/schemas/c1.api.policy.v1.Form' provision: $ref: '#/components/schemas/c1.api.policy.v1.Provision' reject: $ref: '#/components/schemas/c1.api.policy.v1.Reject' wait: $ref: '#/components/schemas/c1.api.policy.v1.Wait' title: Policy Step type: object x-speakeasy-name-override: PolicyStep c1.api.policy.v1.Accept: description: >- This policy step indicates that a ticket should have an approved outcome. This is a terminal approval state and is used to explicitly define the end of approval steps. nullable: true properties: acceptMessage: description: >- An optional message to include in the comments when a task is automatically accepted. readOnly: false type: string title: Accept type: object x-speakeasy-name-override: Accept c1.api.policy.v1.Action: description: > The Action message. This message contains a oneof named target. Only a single field of the following list may be set at a time: - automation - batonResourceAction - clientIdApproval nullable: true properties: automation: $ref: '#/components/schemas/c1.api.policy.v1.ActionTargetAutomation' batonResourceAction: $ref: >- #/components/schemas/c1.api.policy.v1.ActionTargetBatonResourceAction clientIdApproval: $ref: '#/components/schemas/c1.api.policy.v1.ActionTargetClientIdApproval' title: Action type: object x-speakeasy-name-override: Action c1.api.policy.v1.Approval: description: > The Approval message. This message contains a oneof named typ. Only a single field of the following list may be set at a time: - users - manager - appOwners - group - self - entitlementOwners - expression - webhook - resourceOwners - agent nullable: true properties: agent: $ref: '#/components/schemas/c1.api.policy.v1.AgentApproval' allowDelegation: description: Whether ticket delegation is allowed for this step. readOnly: false type: boolean allowReassignment: description: Configuration to allow reassignment by reviewers during this step. readOnly: false type: boolean allowedReassignees: description: List of users for whom this step can be reassigned. items: type: string nullable: true readOnly: false type: array appOwners: $ref: '#/components/schemas/c1.api.policy.v1.AppOwnerApproval' assigned: description: A field indicating whether this step is assigned. readOnly: true type: boolean entitlementOwners: $ref: '#/components/schemas/c1.api.policy.v1.EntitlementOwnerApproval' escalation: $ref: '#/components/schemas/c1.api.policy.v1.Escalation' escalationEnabled: description: Whether escalation is enabled for this step. readOnly: false type: boolean expression: $ref: '#/components/schemas/c1.api.policy.v1.ExpressionApproval' group: $ref: '#/components/schemas/c1.api.policy.v1.AppGroupApproval' manager: $ref: '#/components/schemas/c1.api.policy.v1.ManagerApproval' requireApprovalReason: description: Configuration to require a reason when approving this step. readOnly: false type: boolean requireDenialReason: description: Configuration to require a reason when denying this step. readOnly: false type: boolean requireReassignmentReason: description: Configuration to require a reason when reassigning this step. readOnly: false type: boolean requiresStepUpProviderId: description: >- The ID of a step-up authentication provider that will be required for approvals on this step. If set, approvers must complete the step-up authentication flow before they can approve. readOnly: false type: string resourceOwners: $ref: '#/components/schemas/c1.api.policy.v1.ResourceOwnerApproval' self: $ref: '#/components/schemas/c1.api.policy.v1.SelfApproval' users: $ref: '#/components/schemas/c1.api.policy.v1.UserApproval' webhook: $ref: '#/components/schemas/c1.api.policy.v1.WebhookApproval' title: Approval type: object x-speakeasy-name-override: Approval c1.api.policy.v1.Form: description: The Form message. nullable: true properties: form: $ref: '#/components/schemas/c1.api.form.v1.Form' title: Form type: object x-speakeasy-name-override: Form c1.api.policy.v1.Provision: description: The provision step references a provision policy for this step. nullable: true properties: assigned: description: A field indicating whether this step is assigned. readOnly: false type: boolean provisionPolicy: $ref: '#/components/schemas/c1.api.policy.v1.ProvisionPolicy' provisionTarget: $ref: '#/components/schemas/c1.api.policy.v1.ProvisionTarget' title: Provision type: object x-speakeasy-name-override: Provision c1.api.policy.v1.Reject: description: >- This policy step indicates that a ticket should have a denied outcome. This is a terminal approval state and is used to explicitly define the end of approval steps. nullable: true properties: rejectMessage: description: >- An optional message to include in the comments when a task is automatically rejected. readOnly: false type: string title: Reject type: object x-speakeasy-name-override: Reject c1.api.policy.v1.Wait: description: > Define a Wait step for a policy to wait on a condition to be met. This message contains a oneof named until. Only a single field of the following list may be set at a time: - condition - duration - untilTime nullable: true properties: commentOnFirstWait: description: The comment to post on first failed check. readOnly: false type: string commentOnTimeout: description: The comment to post if we timeout. readOnly: false type: string condition: $ref: '#/components/schemas/c1.api.policy.v1.WaitCondition' duration: $ref: '#/components/schemas/c1.api.policy.v1.WaitDuration' name: description: The name of our condition to show on the task details page readOnly: false type: string timeoutDuration: format: duration readOnly: false type: string untilTime: $ref: '#/components/schemas/c1.api.policy.v1.WaitUntilTime' title: Wait type: object x-speakeasy-name-override: Wait c1.api.policy.v1.ActionTargetAutomation: description: ActionTargetAutomation targets automation templates for policy actions. nullable: true properties: automationTemplateId: description: The automationTemplateId field. readOnly: false type: string title: Action Target Automation type: object x-speakeasy-name-override: ActionTargetAutomation c1.api.policy.v1.ActionTargetBatonResourceAction: description: ActionTargetResource targets resource actions for policy actions. nullable: true properties: batonResourceActionId: description: The batonResourceActionId field. readOnly: false type: string title: Action Target Baton Resource Action type: object x-speakeasy-name-override: ActionTargetBatonResourceAction c1.api.policy.v1.ActionTargetClientIdApproval: description: |- ActionTargetClientIdApproval targets administrator review of an external OAuth client registration (CIMD or DCR) for policy actions. nullable: true title: Action Target Client Id Approval type: object x-speakeasy-name-override: ActionTargetClientIdApproval c1.api.policy.v1.AgentApproval: description: The agent to assign the task to. nullable: true properties: agentFailureAction: description: >- The action to take if the agent fails to approve, deny, or reassign the task. enum: - APPROVAL_AGENT_FAILURE_ACTION_UNSPECIFIED - APPROVAL_AGENT_FAILURE_ACTION_REASSIGN_TO_USERS - APPROVAL_AGENT_FAILURE_ACTION_REASSIGN_TO_SUPER_ADMINS - APPROVAL_AGENT_FAILURE_ACTION_SKIP_POLICY_STEP readOnly: false type: string x-speakeasy-unknown-values: allow agentMode: description: >- The mode of the agent, full control, change policy only, or comment only. enum: - APPROVAL_AGENT_MODE_UNSPECIFIED - APPROVAL_AGENT_MODE_FULL_CONTROL - APPROVAL_AGENT_MODE_CHANGE_POLICY_ONLY - APPROVAL_AGENT_MODE_COMMENT_ONLY readOnly: false type: string x-speakeasy-unknown-values: allow agentUserId: description: The agent user ID to assign the task to. readOnly: false type: string instructions: description: Instructions for the agent. readOnly: false type: string policyIds: description: The allow list of policy IDs to re-route the task to. items: type: string nullable: true readOnly: false type: array reassignToUserIds: description: >- The users to reassign the task to if the agent failure action is reassign to users. items: type: string nullable: true readOnly: false type: array title: Agent Approval type: object x-speakeasy-name-override: AgentApproval c1.api.policy.v1.AppOwnerApproval: description: >- App owner approval provides the configuration for an approval step when the app owner is the target. nullable: true properties: allowSelfApproval: description: >- Configuration that allows a user to self approve if they are an app owner during this approval step. readOnly: false type: boolean requireDistinctApprovers: description: >- Configuration to require distinct approvers across approval steps of a rule. readOnly: false type: boolean title: App Owner Approval type: object x-speakeasy-name-override: AppOwnerApproval c1.api.policy.v1.EntitlementOwnerApproval: description: >- The entitlement owner approval allows configuration of the approval step when the target approvers are the entitlement owners. nullable: true properties: allowSelfApproval: description: >- Configuration to allow self approval if the target user is an entitlement owner during this step. readOnly: false type: boolean fallback: description: >- Configuration to allow a fallback if the entitlement owner cannot be identified. readOnly: false type: boolean fallbackGroupIds: description: >- Configuration to specify which groups to fallback to if fallback is enabled and the entitlement owner cannot be identified. items: $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference' nullable: true readOnly: false type: array fallbackUserIds: description: >- Configuration to specific which users to fallback to if fallback is enabled and the entitlement owner cannot be identified. items: type: string nullable: true readOnly: false type: array isGroupFallbackEnabled: description: Configuration to enable fallback for group fallback. readOnly: false type: boolean requireDistinctApprovers: description: >- Configuration to require distinct approvers across approval steps of a rule. readOnly: false type: boolean title: Entitlement Owner Approval type: object x-speakeasy-name-override: EntitlementOwnerApproval c1.api.policy.v1.Escalation: description: > The Escalation message. This message contains a oneof named escalation_policy. Only a single field of the following list may be set at a time: - replacePolicy - reassignToApprovers - cancelTicket - skipStep properties: cancelTicket: $ref: '#/components/schemas/c1.api.policy.v1.Escalation.CancelTicket' escalationComment: description: The escalationComment field. readOnly: false type: string expiration: description: The expiration field. format: int64 readOnly: false type: string reassignToApprovers: $ref: '#/components/schemas/c1.api.policy.v1.Escalation.ReassignToApprovers' replacePolicy: $ref: '#/components/schemas/c1.api.policy.v1.Escalation.ReplacePolicy' skipStep: $ref: '#/components/schemas/c1.api.policy.v1.Escalation.SkipStep' title: Escalation type: object x-speakeasy-name-override: Escalation c1.api.policy.v1.ExpressionApproval: description: The ExpressionApproval message. nullable: true properties: allowSelfApproval: description: >- Configuration to allow self approval of if the user is specified and also the target of the ticket. readOnly: false type: boolean assignedUserIds: description: The assignedUserIds field. items: type: string nullable: true readOnly: true type: array expressions: description: >- Array of dynamic expressions to determine the approvers. The first expression to return a non-empty list of users will be used. items: type: string nullable: true readOnly: false type: array fallback: description: >- Configuration to allow a fallback if the expression does not return a valid list of users. readOnly: false type: boolean fallbackGroupIds: description: >- Configuration to specify which groups to fallback to if fallback is enabled and the expression does not return a valid list of users. items: $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference' nullable: true readOnly: false type: array fallbackUserIds: description: >- Configuration to specific which users to fallback to if and the expression does not return a valid list of users. items: type: string nullable: true readOnly: false type: array isGroupFallbackEnabled: description: Configuration to enable fallback for group fallback. readOnly: false type: boolean requireDistinctApprovers: description: >- Configuration to require distinct approvers across approval steps of a rule. readOnly: false type: boolean title: Expression Approval type: object x-speakeasy-name-override: ExpressionApproval c1.api.policy.v1.AppGroupApproval: description: >- The AppGroupApproval object provides the configuration for setting a group as the approvers of an approval policy step. nullable: true properties: allowSelfApproval: description: >- Configuration to allow self approval if the target user is a member of the group during this step. readOnly: false type: boolean appGroupId: description: The ID of the group specified for approval. readOnly: false type: string appId: description: The ID of the app that contains the group specified for approval. readOnly: false type: string fallback: description: Configuration to allow a fallback if the group is empty. readOnly: false type: boolean fallbackGroupIds: description: >- Configuration to specify which groups to fallback to if fallback is enabled and the group is empty. items: $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference' nullable: true readOnly: false type: array fallbackUserIds: description: >- Configuration to specific which users to fallback to if fallback is enabled and the group is empty. items: type: string nullable: true readOnly: false type: array isGroupFallbackEnabled: description: Configuration to enable fallback for group fallback. readOnly: false type: boolean requireDistinctApprovers: description: >- Configuration to require distinct approvers across approval steps of a rule. readOnly: false type: boolean title: App Group Approval type: object x-speakeasy-name-override: AppGroupApproval c1.api.policy.v1.ManagerApproval: description: >- The manager approval object provides configuration options for approval when the target of the approval is the manager of the user in the task. nullable: true properties: allowSelfApproval: description: >- Configuration to allow self approval if the target user is their own manager. This may occur if a service account has an identity user and manager specified as the same person. readOnly: false type: boolean assignedUserIds: description: >- The array of users determined to be the manager during processing time. items: type: string nullable: true readOnly: true type: array fallback: description: Configuration to allow a fallback if no manager is found. readOnly: false type: boolean fallbackGroupIds: description: >- Configuration to specify which groups to fallback to if fallback is enabled and no manager is found. items: $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference' nullable: true readOnly: false type: array fallbackUserIds: description: >- Configuration to specific which users to fallback to if fallback is enabled and no manager is found. items: type: string nullable: true readOnly: false type: array isGroupFallbackEnabled: description: Configuration to enable fallback for group fallback. readOnly: false type: boolean requireDistinctApprovers: description: >- Configuration to require distinct approvers across approval steps of a rule. readOnly: false type: boolean title: Manager Approval type: object x-speakeasy-name-override: ManagerApproval c1.api.policy.v1.ResourceOwnerApproval: description: >- The resource owner approval allows configuration of the approval step when the target approvers are the resource owners. nullable: true properties: allowSelfApproval: description: >- Configuration to allow self approval if the target user is an resource owner during this step. readOnly: false type: boolean fallback: description: >- Configuration to allow a fallback if the resource owner cannot be identified. readOnly: false type: boolean fallbackGroupIds: description: >- Configuration to specify which groups to fallback to if fallback is enabled and the resource owner cannot be identified. items: $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference' nullable: true readOnly: false type: array fallbackUserIds: description: >- Configuration to specific which users to fallback to if fallback is enabled and the resource owner cannot be identified. items: type: string nullable: true readOnly: false type: array isGroupFallbackEnabled: description: Configuration to enable fallback for group fallback. readOnly: false type: boolean requireDistinctApprovers: description: >- Configuration to require distinct approvers across approval steps of a rule. readOnly: false type: boolean title: Resource Owner Approval type: object x-speakeasy-name-override: ResourceOwnerApproval c1.api.policy.v1.SelfApproval: description: >- The self approval object describes the configuration of a policy step that needs to be approved by the target of the request. nullable: true properties: assignedUserIds: description: >- The array of users determined to be themselves during approval. This should only ever be one person, but is saved because it may change if the owner of an app user changes while the ticket is open. items: type: string nullable: true readOnly: true type: array fallback: description: >- Configuration to allow a fallback if the identity user of the target app user cannot be determined. readOnly: false type: boolean fallbackGroupIds: description: >- Configuration to specify which groups to fallback to if fallback is enabled and the identity user of the target app user cannot be determined. items: $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference' nullable: true readOnly: false type: array fallbackUserIds: description: >- Configuration to specific which users to fallback to if fallback is enabled and the identity user of the target app user cannot be determined. items: type: string nullable: true readOnly: false type: array isGroupFallbackEnabled: description: Configuration to enable fallback for group fallback. readOnly: false type: boolean title: Self Approval type: object x-speakeasy-name-override: SelfApproval c1.api.policy.v1.UserApproval: description: >- The user approval object describes the approval configuration of a policy step that needs to be approved by a specific list of users. nullable: true properties: allowSelfApproval: description: >- Configuration to allow self approval of if the user is specified and also the target of the ticket. readOnly: false type: boolean requireDistinctApprovers: description: >- Configuration to require distinct approvers across approval steps of a rule. readOnly: false type: boolean userIds: description: Array of users configured for approval. items: type: string nullable: true readOnly: false type: array title: User Approval type: object x-speakeasy-name-override: UserApproval c1.api.policy.v1.WebhookApproval: description: The WebhookApproval message. nullable: true properties: webhookId: description: The ID of the webhook to call for approval. readOnly: false type: string title: Webhook Approval type: object x-speakeasy-name-override: WebhookApproval c1.api.form.v1.Form: description: A form is a collection of fields to be filled out by a user properties: description: description: The description field. readOnly: false type: string displayName: description: The displayName field. readOnly: false type: string fieldGroups: description: The fieldGroups field. items: $ref: '#/components/schemas/c1.api.form.v1.FieldGroup' nullable: true readOnly: false type: array fieldRelationships: description: The fieldRelationships field. items: $ref: '#/components/schemas/c1.api.form.v1.FieldRelationship' nullable: true readOnly: false type: array fields: description: The fields field. items: $ref: '#/components/schemas/c1.api.form.v1.Field' nullable: true readOnly: false type: array id: description: The id field. readOnly: false type: string title: Form type: object x-speakeasy-entity: Request_Schema x-speakeasy-name-override: RequestSchemaForm c1.api.policy.v1.ProvisionPolicy: description: > ProvisionPolicy is a oneOf that indicates how a provision step should be processed. This message contains a oneof named typ. Only a single field of the following list may be set at a time: - connector - manual - delegated - webhook - multiStep - externalTicket - unconfigured - action properties: action: $ref: '#/components/schemas/c1.api.policy.v1.ActionProvision' connector: $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision' delegated: $ref: '#/components/schemas/c1.api.policy.v1.DelegatedProvision' externalTicket: $ref: '#/components/schemas/c1.api.policy.v1.ExternalTicketProvision' manual: $ref: '#/components/schemas/c1.api.policy.v1.ManualProvision' multiStep: $ref: '#/components/schemas/c1.api.policy.v1.MultiStep' unconfigured: $ref: '#/components/schemas/c1.api.policy.v1.UnconfiguredProvision' webhook: $ref: '#/components/schemas/c1.api.policy.v1.WebhookProvision' title: Provision Policy type: object x-speakeasy-name-override: ProvisionPolicy c1.api.policy.v1.ProvisionTarget: description: >- ProvisionTarget indicates the specific app, app entitlement, and if known, the app user and grant duration of this provision step properties: appEntitlementId: description: The app entitlement that should be provisioned. readOnly: false type: string appId: description: The app in which the entitlement should be provisioned readOnly: false type: string appUserId: description: >- The app user that should be provisioned. May be unset if the app user is unknown readOnly: false type: string grantDuration: format: duration readOnly: false type: string title: Provision Target type: object x-speakeasy-name-override: ProvisionTarget c1.api.policy.v1.WaitCondition: description: The WaitCondition message. nullable: true properties: condition: description: >- The condition that has to be true for this wait condition to continue. readOnly: false type: string title: Wait Condition type: object x-speakeasy-name-override: WaitCondition c1.api.policy.v1.WaitDuration: description: The WaitDuration message. nullable: true properties: duration: format: duration readOnly: false type: string title: Wait Duration type: object x-speakeasy-name-override: WaitDuration c1.api.policy.v1.WaitUntilTime: description: Waits until a specific time of the day (UTC) nullable: true properties: hours: description: The hours field. format: uint32 readOnly: false type: integer minutes: description: The minutes field. format: uint32 readOnly: false type: integer timezone: description: The timezone field. readOnly: false type: string title: Wait Until Time type: object x-speakeasy-name-override: WaitUntilTime c1.api.policy.v1.AppEntitlementReference: description: This object references an app entitlement's ID and AppID. properties: appEntitlementId: description: The ID of the Entitlement. readOnly: false type: string appId: description: The ID of the App this entitlement belongs to. readOnly: false type: string title: App Entitlement Reference type: object x-speakeasy-name-override: AppEntitlementReference c1.api.policy.v1.Escalation.CancelTicket: description: The CancelTicket message. nullable: true title: Cancel Ticket type: object x-speakeasy-name-override: CancelTicket c1.api.policy.v1.Escalation.ReassignToApprovers: description: The ReassignToApprovers message. nullable: true properties: approverIds: description: The approverIds field. items: type: string nullable: true readOnly: false type: array title: Reassign To Approvers type: object x-speakeasy-name-override: ReassignToApprovers c1.api.policy.v1.Escalation.ReplacePolicy: description: The ReplacePolicy message. nullable: true properties: policyId: description: The policyId field. readOnly: false type: string title: Replace Policy type: object x-speakeasy-name-override: ReplacePolicy c1.api.policy.v1.Escalation.SkipStep: description: The SkipStep message. nullable: true title: Skip Step type: object x-speakeasy-name-override: SkipStep c1.api.form.v1.FieldGroup: description: The FieldGroup message. properties: default: description: The default field. readOnly: false type: boolean displayName: description: The displayName field. readOnly: false type: string fields: description: The fields field. items: type: string nullable: true readOnly: false type: array helpText: description: The helpText field. readOnly: false type: string name: description: The name field. readOnly: false type: string title: Field Group type: object x-speakeasy-name-override: FormFieldGroup c1.api.form.v1.FieldRelationship: description: > FieldRelationships can be used during form validation, or they can represent information that is necessary to when it comes to visually rendering the form This message contains a oneof named kind. Only a single field of the following list may be set at a time: - requiredTogether - atLeastOne - mutuallyExclusive - dependentOn properties: atLeastOne: $ref: '#/components/schemas/c1.api.form.v1.AtLeastOne' dependentOn: $ref: '#/components/schemas/c1.api.form.v1.DependentOn' fieldNames: description: The names of the fields that share this relationship items: type: string nullable: true readOnly: false type: array mutuallyExclusive: $ref: '#/components/schemas/c1.api.form.v1.MutuallyExclusive' requiredTogether: $ref: '#/components/schemas/c1.api.form.v1.RequiredTogether' title: Field Relationship type: object x-speakeasy-name-override: FieldRelationship c1.api.form.v1.Field: description: > A field is a single input meant to collect a piece of data from a user This message contains a oneof named type. Only a single field of the following list may be set at a time: - stringField - boolField - stringSliceField - int64Field - fileField - oauth2Field - stringMapField This message contains a oneof named provider_config. Only a single field of the following list may be set at a time: - userConfig - adminConfig - sharedConfig properties: adminConfig: $ref: '#/components/schemas/c1.api.form.v1.AdminProviderConfig' boolField: $ref: '#/components/schemas/c1.api.form.v1.BoolField' description: description: The description field. readOnly: false type: string displayName: description: The displayName field. readOnly: false type: string fileField: $ref: '#/components/schemas/c1.api.form.v1.FileField' int64Field: $ref: '#/components/schemas/c1.api.form.v1.Int64Field' name: description: The name field. readOnly: false type: string oauth2Field: $ref: '#/components/schemas/c1.api.form.v1.Oauth2Field' required: description: The required field. readOnly: false type: boolean sharedConfig: $ref: '#/components/schemas/c1.api.form.v1.SharedProviderConfig' stringField: $ref: '#/components/schemas/c1.api.form.v1.StringField' stringMapField: $ref: '#/components/schemas/c1.api.form.v1.StringMapField' stringSliceField: $ref: '#/components/schemas/c1.api.form.v1.StringSliceField' userConfig: $ref: '#/components/schemas/c1.api.form.v1.UserProviderConfig' title: Field type: object x-speakeasy-name-override: FormField c1.api.policy.v1.ActionProvision: description: >- This provision step indicates that account lifecycle action should be called to provision this entitlement. nullable: true properties: actionName: description: The actionName field. readOnly: false type: string appId: description: The appId field. readOnly: false type: string connectorId: description: The connectorId field. readOnly: false type: string displayName: description: The displayName field. readOnly: false type: string title: Action Provision type: object x-speakeasy-name-override: ActionProvision c1.api.policy.v1.ConnectorProvision: description: > Indicates that a connector should perform the provisioning. This object has no fields. This message contains a oneof named provision_type. Only a single field of the following list may be set at a time: - defaultBehavior - account - deleteAccount nullable: true properties: account: $ref: >- #/components/schemas/c1.api.policy.v1.ConnectorProvision.AccountProvision defaultBehavior: $ref: >- #/components/schemas/c1.api.policy.v1.ConnectorProvision.DefaultBehavior deleteAccount: $ref: >- #/components/schemas/c1.api.policy.v1.ConnectorProvision.DeleteAccount title: Connector Provision type: object x-speakeasy-name-override: ConnectorProvision c1.api.policy.v1.DelegatedProvision: description: >- This provision step indicates that we should delegate provisioning to the configuration of another app entitlement. This app entitlement does not have to be one from the same app, but MUST be configured as a proxy binding leading into this entitlement. nullable: true properties: appId: description: The AppID of the entitlement to delegate provisioning to. readOnly: false type: string entitlementId: description: The ID of the entitlement we are delegating provisioning to. readOnly: false type: string implicit: description: >- If true, a binding will be automatically created from the entitlement of the parent app. readOnly: false type: boolean title: Delegated Provision type: object x-speakeasy-name-override: DelegatedProvision c1.api.policy.v1.ExternalTicketProvision: description: >- This provision step indicates that we should check an external ticket to provision this entitlement nullable: true properties: appId: description: The appId field. readOnly: false type: string connectorId: description: The connectorId field. readOnly: false type: string externalTicketProvisionerConfigId: description: The externalTicketProvisionerConfigId field. readOnly: false type: string instructions: description: >- This field indicates a text body of instructions for the provisioner to indicate. readOnly: false type: string title: External Ticket Provision type: object x-speakeasy-name-override: ExternalTicketProvision c1.api.policy.v1.ManualProvision: description: >- Manual provisioning indicates that a human must intervene for the provisioning of this step. nullable: true properties: assignee: $ref: '#/components/schemas/c1.api.policy.v1.ProvisionerAssignment' instructions: description: >- This field indicates a text body of instructions for the provisioner to indicate. readOnly: false type: string userIds: description: |- An array of users that are required to provision during this step. Deprecated: Use assignee field instead for dynamic provisioner assignment. items: type: string nullable: true readOnly: false type: array title: Manual Provision type: object x-speakeasy-name-override: ManualProvision c1.api.policy.v1.MultiStep: description: >- MultiStep indicates that this provision step has multiple steps to process. nullable: true properties: provisionSteps: description: The array of provision steps to process. items: $ref: '#/components/schemas/c1.api.policy.v1.ProvisionPolicy' nullable: true readOnly: false type: array title: Multi Step type: object x-speakeasy-name-override: MultiStep c1.api.policy.v1.UnconfiguredProvision: description: The UnconfiguredProvision message. nullable: true title: Unconfigured Provision type: object x-speakeasy-name-override: UnconfiguredProvision c1.api.policy.v1.WebhookProvision: description: >- This provision step indicates that a webhook should be called to provision this entitlement. nullable: true properties: webhookId: description: The ID of the webhook to call for provisioning. readOnly: false type: string title: Webhook Provision type: object x-speakeasy-name-override: WebhookProvision c1.api.form.v1.AtLeastOne: description: The AtLeastOne message. nullable: true title: At Least One type: object x-speakeasy-name-override: AtLeastOne c1.api.form.v1.DependentOn: description: |- DependentOn means the fields in field_names are only valid if all fields in dependency_field_names are also present nullable: true properties: dependencyFieldNames: description: >- The fields that must be present for the primary field_names to be valid items: type: string nullable: true readOnly: false type: array title: Dependent On type: object x-speakeasy-name-override: DependentOn c1.api.form.v1.MutuallyExclusive: description: The MutuallyExclusive message. nullable: true title: Mutually Exclusive type: object x-speakeasy-name-override: MutuallyExclusive c1.api.form.v1.RequiredTogether: description: The RequiredTogether message. nullable: true title: Required Together type: object x-speakeasy-name-override: RequiredTogether c1.api.form.v1.AdminProviderConfig: description: The AdminProviderConfig message. nullable: true properties: defaultValueCel: description: The defaultValueCel field. readOnly: false type: string showToUser: description: The showToUser field. readOnly: false type: boolean title: Admin Provider Config type: object x-speakeasy-name-override: AdminProviderConfig c1.api.form.v1.BoolField: description: > The BoolField message. This message contains a oneof named view. Only a single field of the following list may be set at a time: - checkboxField - toggleField nullable: true properties: checkboxField: $ref: '#/components/schemas/c1.api.form.v1.CheckboxField' defaultValue: description: The defaultValue field. readOnly: false type: boolean rules: $ref: '#/components/schemas/validate.BoolRules' toggleField: $ref: '#/components/schemas/c1.api.form.v1.ToggleField' title: Bool Field type: object x-speakeasy-name-override: BoolField c1.api.form.v1.FileField: description: > The FileField message. This message contains a oneof named view. Only a single field of the following list may be set at a time: - fileInputField nullable: true properties: acceptedFileTypes: description: The acceptedFileTypes field. items: type: string nullable: true readOnly: false type: array fileInputField: $ref: '#/components/schemas/c1.api.form.v1.FileInputField' maxFileSize: description: The maxFileSize field. format: int64 nullable: true readOnly: false type: string title: File Field type: object x-speakeasy-name-override: FileField c1.api.form.v1.Int64Field: description: > The Int64Field message. This message contains a oneof named view. Only a single field of the following list may be set at a time: - numberField nullable: true properties: defaultValue: description: The defaultValue field. format: int64 nullable: true readOnly: false type: string numberField: $ref: '#/components/schemas/c1.api.form.v1.NumberField' placeholder: description: The placeholder field. readOnly: false type: string rules: $ref: '#/components/schemas/validate.Int64Rules' title: Int 64 Field type: object x-speakeasy-name-override: Int64Field c1.api.form.v1.Oauth2Field: description: > The Oauth2Field message. This message contains a oneof named view. Only a single field of the following list may be set at a time: - oauth2FieldView nullable: true properties: oauth2FieldView: $ref: '#/components/schemas/c1.api.form.v1.Oauth2FieldView' title: Oauth 2 Field type: object x-speakeasy-name-override: Oauth2Field c1.api.form.v1.SharedProviderConfig: description: The SharedProviderConfig message. nullable: true properties: defaultValueCel: description: The defaultValueCel field. readOnly: false type: string inputTransformationCel: description: The inputTransformationCel field. readOnly: false type: string lockDefaultValues: description: The lockDefaultValues field. readOnly: false type: boolean title: Shared Provider Config type: object x-speakeasy-name-override: SharedProviderConfig c1.api.form.v1.StringField: description: > The StringField message. This message contains a oneof named view. Only a single field of the following list may be set at a time: - textField - passwordField - selectField - pickerField nullable: true properties: defaultValue: description: The defaultValue field. readOnly: false type: string passwordField: $ref: '#/components/schemas/c1.api.form.v1.PasswordField' pickerField: $ref: '#/components/schemas/c1.api.form.v1.PickerField' placeholder: description: The placeholder field. readOnly: false type: string rules: $ref: '#/components/schemas/validate.StringRules' selectField: $ref: '#/components/schemas/c1.api.form.v1.SelectField' textField: $ref: '#/components/schemas/c1.api.form.v1.TextField' title: String Field type: object x-speakeasy-name-override: FormStringField c1.api.form.v1.StringMapField: description: The StringMapField message. nullable: true properties: defaultValue: additionalProperties: type: string description: The defaultValue field. readOnly: false type: object rules: $ref: '#/components/schemas/c1.api.form.v1.StringMapRules' title: String Map Field type: object x-speakeasy-name-override: FormStringMapField c1.api.form.v1.StringSliceField: description: > The StringSliceField message. This message contains a oneof named view. Only a single field of the following list may be set at a time: - chipsField - pickerField nullable: true properties: chipsField: $ref: '#/components/schemas/c1.api.form.v1.ChipsField' defaultValues: description: The defaultValues field. items: type: string nullable: true readOnly: false type: array pickerField: $ref: '#/components/schemas/c1.api.form.v1.PickerField' placeholder: description: The placeholder field. readOnly: false type: string rules: $ref: '#/components/schemas/validate.RepeatedRules' title: String Slice Field type: object x-speakeasy-name-override: StringSliceField c1.api.form.v1.UserProviderConfig: description: The UserProviderConfig message. nullable: true properties: inputTransformationCel: description: The inputTransformationCel field. readOnly: false type: string title: User Provider Config type: object x-speakeasy-name-override: UserProviderConfig c1.api.policy.v1.ConnectorProvision.AccountProvision: description: > The AccountProvision message. This message contains a oneof named storage_type. Only a single field of the following list may be set at a time: - saveToVault - doNotSave nullable: true properties: config: additionalProperties: true readOnly: false type: object connectorId: description: The connectorId field. readOnly: false type: string doNotSave: $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision.DoNotSave' saveToVault: $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision.SaveToVault' schemaId: description: The schemaId field. readOnly: false type: string title: Account Provision type: object x-speakeasy-name-override: AccountProvision c1.api.policy.v1.ConnectorProvision.DefaultBehavior: description: The DefaultBehavior message. nullable: true properties: connectorId: description: >- this checks if the entitlement is enabled by provisioning in a specific connector this can happen automatically and doesn't need any extra info readOnly: false type: string title: Default Behavior type: object x-speakeasy-name-override: DefaultBehavior c1.api.policy.v1.ConnectorProvision.DeleteAccount: description: The DeleteAccount message. nullable: true properties: connectorId: description: The connectorId field. readOnly: false type: string title: Delete Account type: object x-speakeasy-name-override: DeleteAccount c1.api.policy.v1.ProvisionerAssignment: description: > ProvisionerAssignment defines how a provisioner is dynamically assigned. This message contains a oneof named typ. Only a single field of the following list may be set at a time: - users - appOwners - group - manager - expression - entitlementOwners properties: appOwners: $ref: '#/components/schemas/c1.api.policy.v1.AppOwnerProvisioner' entitlementOwners: $ref: '#/components/schemas/c1.api.policy.v1.EntitlementOwnerProvisioner' expression: $ref: '#/components/schemas/c1.api.policy.v1.ExpressionProvisioner' group: $ref: '#/components/schemas/c1.api.policy.v1.GroupProvisioner' manager: $ref: '#/components/schemas/c1.api.policy.v1.ManagerProvisioner' users: $ref: '#/components/schemas/c1.api.policy.v1.UserProvisioner' title: Provisioner Assignment type: object x-speakeasy-name-override: ProvisionerAssignment c1.api.form.v1.CheckboxField: description: The CheckboxField message. nullable: true title: Checkbox Field type: object x-speakeasy-name-override: CheckboxField validate.BoolRules: description: BoolRules describes the constraints applied to `bool` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value readOnly: false type: boolean title: Bool Rules type: object x-speakeasy-name-override: BoolRules c1.api.form.v1.ToggleField: description: The ToggleField message. nullable: true title: Toggle Field type: object x-speakeasy-name-override: ToggleField c1.api.form.v1.FileInputField: description: The FileInputField message. nullable: true title: File Input Field type: object x-speakeasy-name-override: FileInputField c1.api.form.v1.NumberField: description: The NumberField message. nullable: true properties: maxValue: description: The maxValue field. format: int64 readOnly: false type: string minValue: description: The minValue field. format: int64 readOnly: false type: string step: description: The step field. format: int64 readOnly: false type: string title: Number Field type: object x-speakeasy-name-override: NumberField validate.Int64Rules: description: Int64Rules describes the constraints applied to `int64` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: int64 readOnly: false type: string gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: int64 readOnly: false type: string gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: int64 readOnly: false type: string ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: int64 type: string nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: int64 readOnly: false type: string lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: int64 readOnly: false type: string notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: int64 type: string nullable: true readOnly: false type: array title: Int 64 Rules type: object x-speakeasy-name-override: Int64Rules c1.api.form.v1.Oauth2FieldView: description: The Oauth2FieldView message. nullable: true title: Oauth 2 Field View type: object x-speakeasy-name-override: Oauth2FieldView c1.api.form.v1.PasswordField: description: The PasswordField message. nullable: true title: Password Field type: object x-speakeasy-name-override: PasswordField c1.api.form.v1.PickerField: description: > The PickerField message. This message contains a oneof named type. Only a single field of the following list may be set at a time: - appUserPicker - resourcePicker - c1UserPicker nullable: true properties: appUserPicker: $ref: '#/components/schemas/c1.api.form.v1.AppUserFilter' c1UserPicker: $ref: '#/components/schemas/c1.api.form.v1.C1UserFilter' resourcePicker: $ref: '#/components/schemas/c1.api.form.v1.AppResourceFilter' title: Picker Field type: object x-speakeasy-name-override: PickerField validate.StringRules: description: > StringRules describe the constraints applied to `string` values This message contains a oneof named well_known. Only a single field of the following list may be set at a time: - email - hostname - ip - ipv4 - ipv6 - uri - uriRef - address - uuid - wellKnownRegex nullable: true properties: address: description: |- Address specifies that the field must be either a valid hostname as defined by RFC 1034 (which does not support internationalized domain names or IDNs), or it can be a valid IP (v4 or v6). This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean const: description: Const specifies that this field must be exactly the specified value readOnly: false type: string contains: description: |- Contains specifies that this field must have the specified substring anywhere in the string. readOnly: false type: string email: description: |- Email specifies that the field must be a valid email address as defined by RFC 5322 This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean hostname: description: |- Hostname specifies that the field must be a valid hostname as defined by RFC 1034. This constraint does not support internationalized domain names (IDNs). This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: type: string nullable: true readOnly: false type: array ip: description: |- Ip specifies that the field must be a valid IP (v4 or v6) address. Valid IPv6 addresses should not include surrounding square brackets. This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean ipv4: description: |- Ipv4 specifies that the field must be a valid IPv4 address. This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean ipv6: description: |- Ipv6 specifies that the field must be a valid IPv6 address. Valid IPv6 addresses should not include surrounding square brackets. This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean len: description: |- Len specifies that this field must be the specified number of characters (Unicode code points). Note that the number of characters may differ from the number of bytes in the string. format: uint64 readOnly: false type: string lenBytes: description: >- LenBytes specifies that this field must be the specified number of bytes at a minimum format: uint64 readOnly: false type: string maxBytes: description: >- MaxBytes specifies that this field must be the specified number of bytes at a maximum format: uint64 readOnly: false type: string maxLen: description: |- MaxLen specifies that this field must be the specified number of characters (Unicode code points) at a maximum. Note that the number of characters may differ from the number of bytes in the string. format: uint64 readOnly: false type: string minBytes: description: >- MinBytes specifies that this field must be the specified number of bytes at a minimum format: uint64 readOnly: false type: string minLen: description: |- MinLen specifies that this field must be the specified number of characters (Unicode code points) at a minimum. Note that the number of characters may differ from the number of bytes in the string. format: uint64 readOnly: false type: string notContains: description: >- NotContains specifies that this field cannot have the specified substring anywhere in the string. readOnly: false type: string notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: type: string nullable: true readOnly: false type: array pattern: description: |- Pattern specifes that this field must match against the specified regular expression (RE2 syntax). The included expression should elide any delimiters. readOnly: false type: string prefix: description: >- Prefix specifies that this field must have the specified substring at the beginning of the string. readOnly: false type: string strict: description: >- This applies to regexes HTTP_HEADER_NAME and HTTP_HEADER_VALUE to enable strict header validation. By default, this is true, and HTTP header validations are RFC-compliant. Setting to false will enable a looser validations that only disallows \r\n\0 characters, which can be used to bypass header matching rules. readOnly: false type: boolean suffix: description: >- Suffix specifies that this field must have the specified substring at the end of the string. readOnly: false type: string uri: description: >- Uri specifies that the field must be a valid, absolute URI as defined by RFC 3986 This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean uriRef: description: >- UriRef specifies that the field must be a valid URI as defined by RFC 3986 and may be relative or absolute. This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean uuid: description: |- Uuid specifies that the field must be a valid UUID as defined by RFC 4122 This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. nullable: true readOnly: false type: boolean wellKnownRegex: description: >- WellKnownRegex specifies a common well known pattern defined as a regex. This field is part of the `well_known` oneof. See the documentation for `validate.StringRules` for more details. enum: - UNKNOWN - HTTP_HEADER_NAME - HTTP_HEADER_VALUE nullable: true readOnly: false type: string x-speakeasy-unknown-values: allow title: String Rules type: object x-speakeasy-name-override: StringRules c1.api.form.v1.SelectField: description: The SelectField message. nullable: true properties: options: description: The options field. items: $ref: '#/components/schemas/c1.api.form.v1.SelectOption' nullable: true readOnly: false type: array type: description: The type field. enum: - SELECT_TYPE_UNSPECIFIED - SELECT_TYPE_DROPDOWN - SELECT_TYPE_RADIO - SELECT_TYPE_BUTTONS readOnly: false type: string x-speakeasy-unknown-values: allow title: Select Field type: object x-speakeasy-name-override: SelectField c1.api.form.v1.TextField: description: The TextField message. nullable: true properties: multiline: description: The multiline field. readOnly: false type: boolean suffix: description: >- Static text displayed as an end adornment (e.g. ".example.com" for domain fields). nullable: true readOnly: false type: string title: Text Field type: object x-speakeasy-name-override: TextField c1.api.form.v1.StringMapRules: description: The StringMapRules message. nullable: true properties: isRequired: description: The isRequired field. readOnly: false type: boolean validateEmpty: description: The validateEmpty field. readOnly: false type: boolean title: String Map Rules type: object x-speakeasy-name-override: StringMapRules c1.api.form.v1.ChipsField: description: The ChipsField message. nullable: true title: Chips Field type: object x-speakeasy-name-override: ChipsField validate.RepeatedRules: description: RepeatedRules describe the constraints applied to `repeated` values nullable: true properties: ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean items: $ref: '#/components/schemas/validate.FieldRules' maxItems: description: |- MaxItems specifies that this field must have the specified number of items at a maximum format: uint64 readOnly: false type: string minItems: description: |- MinItems specifies that this field must have the specified number of items at a minimum format: uint64 readOnly: false type: string unique: description: >- Unique specifies that all elements in this field must be unique. This contraint is only applicable to scalar and enum types (messages are not supported). readOnly: false type: boolean title: Repeated Rules type: object x-speakeasy-name-override: RepeatedRules c1.api.policy.v1.ConnectorProvision.DoNotSave: description: The DoNotSave message. nullable: true title: Do Not Save type: object x-speakeasy-name-override: DoNotSave c1.api.policy.v1.ConnectorProvision.SaveToVault: description: The SaveToVault message. nullable: true properties: vaultIds: description: The vaultIds field. items: type: string nullable: true readOnly: false type: array title: Save To Vault type: object x-speakeasy-name-override: SaveToVault c1.api.policy.v1.AppOwnerProvisioner: description: AppOwnerProvisioner resolves to app owners. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean fallbackUserIds: description: Fallback user IDs if no app owners are found. items: type: string nullable: true readOnly: false type: array title: App Owner Provisioner type: object x-speakeasy-name-override: AppOwnerProvisioner c1.api.policy.v1.EntitlementOwnerProvisioner: description: EntitlementOwnerProvisioner resolves to entitlement owners. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean fallbackUserIds: description: Fallback user IDs if no entitlement owners are found. items: type: string nullable: true readOnly: false type: array title: Entitlement Owner Provisioner type: object x-speakeasy-name-override: EntitlementOwnerProvisioner c1.api.policy.v1.ExpressionProvisioner: description: >- ExpressionProvisioner evaluates CEL expressions to determine provisioners. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean expressions: description: The CEL expressions to evaluate. items: type: string nullable: true readOnly: false type: array fallbackUserIds: description: Fallback user IDs if expression evaluation yields no users. items: type: string nullable: true readOnly: false type: array title: Expression Provisioner type: object x-speakeasy-name-override: ExpressionProvisioner c1.api.policy.v1.GroupProvisioner: description: GroupProvisioner resolves to members of a specific group. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean appGroupId: description: The app group ID (entitlement ID). readOnly: false type: string appId: description: The app ID containing the group. readOnly: false type: string fallbackUserIds: description: Fallback user IDs if no group members are found. items: type: string nullable: true readOnly: false type: array title: Group Provisioner type: object x-speakeasy-name-override: GroupProvisioner c1.api.policy.v1.ManagerProvisioner: description: ManagerProvisioner resolves to the user's manager. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean fallbackUserIds: description: Fallback user IDs if no manager is found. items: type: string nullable: true readOnly: false type: array title: Manager Provisioner type: object x-speakeasy-name-override: ManagerProvisioner c1.api.policy.v1.UserProvisioner: description: UserProvisioner assigns specific users as provisioners. nullable: true properties: allowReassignment: description: Whether the provisioner can reassign the task. readOnly: false type: boolean userIds: description: The user IDs to assign as provisioners. items: type: string nullable: true readOnly: false type: array title: User Provisioner type: object x-speakeasy-name-override: UserProvisioner c1.api.form.v1.AppUserFilter: description: The AppUserFilter message. nullable: true properties: appId: description: The appId field. readOnly: false type: string title: App User Filter type: object x-speakeasy-name-override: AppUserFilter c1.api.form.v1.C1UserFilter: description: >- C1UserFilter is used to configure a picker for selecting ConductorOne users. This is distinct from AppUserFilter which selects accounts within a connected app. nullable: true title: C 1 User Filter type: object x-speakeasy-name-override: C1UserFilter c1.api.form.v1.AppResourceFilter: description: The AppResourceFilter message. nullable: true properties: appId: description: The appId field. readOnly: false type: string resourceTypeId: description: The resourceTypeId field. readOnly: false type: string title: App Resource Filter type: object x-speakeasy-name-override: AppResourceFilter c1.api.form.v1.SelectOption: description: The SelectOption message. properties: description: description: Used for type BUTTONS readOnly: false type: string displayName: description: The displayName field. readOnly: false type: string value: description: The value field. readOnly: false type: string title: Select Option type: object x-speakeasy-name-override: SelectOption validate.FieldRules: description: > FieldRules encapsulates the rules for each type of field. Depending on the field, the correct set should be used to ensure proper validations. This message contains a oneof named type. Only a single field of the following list may be set at a time: - float - double - int32 - int64 - uint32 - uint64 - sint32 - sint64 - fixed32 - fixed64 - sfixed32 - sfixed64 - bool - string - bytes - enum - repeated - map - any - duration - timestamp properties: any: $ref: '#/components/schemas/validate.AnyRules' bool: $ref: '#/components/schemas/validate.BoolRules' bytes: $ref: '#/components/schemas/validate.BytesRules' double: $ref: '#/components/schemas/validate.DoubleRules' duration: $ref: '#/components/schemas/validate.DurationRules' enum: $ref: '#/components/schemas/validate.EnumRules' fixed32: $ref: '#/components/schemas/validate.Fixed32Rules' fixed64: $ref: '#/components/schemas/validate.Fixed64Rules' float: $ref: '#/components/schemas/validate.FloatRules' int32: $ref: '#/components/schemas/validate.Int32Rules' int64: $ref: '#/components/schemas/validate.Int64Rules' map: $ref: '#/components/schemas/validate.MapRules' message: $ref: '#/components/schemas/validate.MessageRules' repeated: $ref: '#/components/schemas/validate.RepeatedRules' sfixed32: $ref: '#/components/schemas/validate.SFixed32Rules' sfixed64: $ref: '#/components/schemas/validate.SFixed64Rules' sint32: $ref: '#/components/schemas/validate.SInt32Rules' sint64: $ref: '#/components/schemas/validate.SInt64Rules' string: $ref: '#/components/schemas/validate.StringRules' timestamp: $ref: '#/components/schemas/validate.TimestampRules' uint32: $ref: '#/components/schemas/validate.UInt32Rules' uint64: $ref: '#/components/schemas/validate.UInt64Rules' title: Field Rules type: object x-speakeasy-name-override: FieldRules validate.AnyRules: description: |- AnyRules describe constraints applied exclusively to the `google.protobuf.Any` well-known type nullable: true properties: in: description: >- In specifies that this field's `type_url` must be equal to one of the specified values. items: type: string nullable: true readOnly: false type: array notIn: description: >- NotIn specifies that this field's `type_url` must not be equal to any of the specified values. items: type: string nullable: true readOnly: false type: array required: description: Required specifies that this field must be set readOnly: false type: boolean title: Any Rules type: object x-speakeasy-name-override: AnyRules validate.BytesRules: description: > BytesRules describe the constraints applied to `bytes` values This message contains a oneof named well_known. Only a single field of the following list may be set at a time: - ip - ipv4 - ipv6 nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: base64 readOnly: false type: string contains: description: |- Contains specifies that this field must have the specified bytes anywhere in the string. format: base64 readOnly: false type: string ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: base64 type: string nullable: true readOnly: false type: array ip: description: |- Ip specifies that the field must be a valid IP (v4 or v6) address in byte format This field is part of the `well_known` oneof. See the documentation for `validate.BytesRules` for more details. nullable: true readOnly: false type: boolean ipv4: description: |- Ipv4 specifies that the field must be a valid IPv4 address in byte format This field is part of the `well_known` oneof. See the documentation for `validate.BytesRules` for more details. nullable: true readOnly: false type: boolean ipv6: description: |- Ipv6 specifies that the field must be a valid IPv6 address in byte format This field is part of the `well_known` oneof. See the documentation for `validate.BytesRules` for more details. nullable: true readOnly: false type: boolean len: description: Len specifies that this field must be the specified number of bytes format: uint64 readOnly: false type: string maxLen: description: >- MaxLen specifies that this field must be the specified number of bytes at a maximum format: uint64 readOnly: false type: string minLen: description: >- MinLen specifies that this field must be the specified number of bytes at a minimum format: uint64 readOnly: false type: string notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: base64 type: string nullable: true readOnly: false type: array pattern: description: |- Pattern specifes that this field must match against the specified regular expression (RE2 syntax). The included expression should elide any delimiters. readOnly: false type: string prefix: description: >- Prefix specifies that this field must have the specified bytes at the beginning of the string. format: base64 readOnly: false type: string suffix: description: >- Suffix specifies that this field must have the specified bytes at the end of the string. format: base64 readOnly: false type: string title: Bytes Rules type: object x-speakeasy-name-override: BytesRules validate.DoubleRules: description: DoubleRules describes the constraints applied to `double` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value readOnly: false type: number gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. readOnly: false type: number gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. readOnly: false type: number ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: type: number nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive readOnly: false type: number lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive readOnly: false type: number notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: type: number nullable: true readOnly: false type: array title: Double Rules type: object x-speakeasy-name-override: DoubleRules validate.DurationRules: description: |- DurationRules describe the constraints applied exclusively to the `google.protobuf.Duration` well-known type nullable: true properties: const: format: duration readOnly: false type: string gt: format: duration readOnly: false type: string gte: format: duration readOnly: false type: string in: description: |- In specifies that this field must be equal to one of the specified values items: format: duration readOnly: false type: string nullable: true readOnly: false type: array lt: format: duration readOnly: false type: string lte: format: duration readOnly: false type: string notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: duration readOnly: false type: string nullable: true readOnly: false type: array required: description: Required specifies that this field must be set readOnly: false type: boolean title: Duration Rules type: object x-speakeasy-name-override: DurationRules validate.EnumRules: description: EnumRules describe the constraints applied to enum values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: int32 readOnly: false type: integer definedOnly: description: >- DefinedOnly specifies that this field must be only one of the defined values for this enum, failing on any undefined value. readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: int32 type: integer nullable: true readOnly: false type: array notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: int32 type: integer nullable: true readOnly: false type: array title: Enum Rules type: object x-speakeasy-name-override: EnumRules validate.Fixed32Rules: description: Fixed32Rules describes the constraints applied to `fixed32` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: uint32 readOnly: false type: integer gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: uint32 readOnly: false type: integer gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: uint32 readOnly: false type: integer ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: uint32 type: integer nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: uint32 readOnly: false type: integer lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: uint32 readOnly: false type: integer notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: uint32 type: integer nullable: true readOnly: false type: array title: Fixed 32 Rules type: object x-speakeasy-name-override: Fixed32Rules validate.Fixed64Rules: description: Fixed64Rules describes the constraints applied to `fixed64` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: uint64 readOnly: false type: string gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: uint64 readOnly: false type: string gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: uint64 readOnly: false type: string ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: uint64 type: string nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: uint64 readOnly: false type: string lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: uint64 readOnly: false type: string notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: uint64 type: string nullable: true readOnly: false type: array title: Fixed 64 Rules type: object x-speakeasy-name-override: Fixed64Rules validate.FloatRules: description: FloatRules describes the constraints applied to `float` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value readOnly: false type: number gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. readOnly: false type: number gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. readOnly: false type: number ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: type: number nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive readOnly: false type: number lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive readOnly: false type: number notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: type: number nullable: true readOnly: false type: array title: Float Rules type: object x-speakeasy-name-override: FloatRules validate.Int32Rules: description: Int32Rules describes the constraints applied to `int32` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: int32 readOnly: false type: integer gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: int32 readOnly: false type: integer gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: int32 readOnly: false type: integer ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: int32 type: integer nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: int32 readOnly: false type: integer lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: int32 readOnly: false type: integer notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: int32 type: integer nullable: true readOnly: false type: array title: Int 32 Rules type: object x-speakeasy-name-override: Int32Rules validate.MapRules: description: MapRules describe the constraints applied to `map` values nullable: true properties: ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean keys: $ref: '#/components/schemas/validate.FieldRules' maxPairs: description: |- MaxPairs specifies that this field must have the specified number of KVs at a maximum format: uint64 readOnly: false type: string minPairs: description: |- MinPairs specifies that this field must have the specified number of KVs at a minimum format: uint64 readOnly: false type: string noSparse: description: |- NoSparse specifies values in this field cannot be unset. This only applies to map's with message value types. readOnly: false type: boolean values: $ref: '#/components/schemas/validate.FieldRules' title: Map Rules type: object x-speakeasy-name-override: MapRules validate.MessageRules: description: >- MessageRules describe the constraints applied to embedded message values. For message-type fields, validation is performed recursively. properties: required: description: Required specifies that this field must be set readOnly: false type: boolean skip: description: |- Skip specifies that the validation rules of this field should not be evaluated readOnly: false type: boolean title: Message Rules type: object x-speakeasy-name-override: MessageRules validate.SFixed32Rules: description: SFixed32Rules describes the constraints applied to `sfixed32` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: int32 readOnly: false type: integer gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: int32 readOnly: false type: integer gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: int32 readOnly: false type: integer ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: int32 type: integer nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: int32 readOnly: false type: integer lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: int32 readOnly: false type: integer notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: int32 type: integer nullable: true readOnly: false type: array title: S Fixed 32 Rules type: object x-speakeasy-name-override: SFixed32Rules validate.SFixed64Rules: description: SFixed64Rules describes the constraints applied to `sfixed64` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: int64 readOnly: false type: string gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: int64 readOnly: false type: string gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: int64 readOnly: false type: string ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: int64 type: string nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: int64 readOnly: false type: string lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: int64 readOnly: false type: string notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: int64 type: string nullable: true readOnly: false type: array title: S Fixed 64 Rules type: object x-speakeasy-name-override: SFixed64Rules validate.SInt32Rules: description: SInt32Rules describes the constraints applied to `sint32` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: int32 readOnly: false type: integer gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: int32 readOnly: false type: integer gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: int32 readOnly: false type: integer ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: int32 type: integer nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: int32 readOnly: false type: integer lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: int32 readOnly: false type: integer notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: int32 type: integer nullable: true readOnly: false type: array title: S Int 32 Rules type: object x-speakeasy-name-override: SInt32Rules validate.SInt64Rules: description: SInt64Rules describes the constraints applied to `sint64` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: int64 readOnly: false type: string gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: int64 readOnly: false type: string gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: int64 readOnly: false type: string ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: int64 type: string nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: int64 readOnly: false type: string lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: int64 readOnly: false type: string notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: int64 type: string nullable: true readOnly: false type: array title: S Int 64 Rules type: object x-speakeasy-name-override: SInt64Rules validate.TimestampRules: description: |- TimestampRules describe the constraints applied exclusively to the `google.protobuf.Timestamp` well-known type nullable: true properties: const: format: date-time readOnly: false type: string gt: format: date-time readOnly: false type: string gtNow: description: >- GtNow specifies that this must be greater than the current time. GtNow can only be used with the Within rule. readOnly: false type: boolean gte: format: date-time readOnly: false type: string lt: format: date-time readOnly: false type: string ltNow: description: |- LtNow specifies that this must be less than the current time. LtNow can only be used with the Within rule. readOnly: false type: boolean lte: format: date-time readOnly: false type: string required: description: Required specifies that this field must be set readOnly: false type: boolean within: format: duration readOnly: false type: string title: Timestamp Rules type: object x-speakeasy-name-override: TimestampRules validate.UInt32Rules: description: UInt32Rules describes the constraints applied to `uint32` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: uint32 readOnly: false type: integer gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: uint32 readOnly: false type: integer gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: uint32 readOnly: false type: integer ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: uint32 type: integer nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: uint32 readOnly: false type: integer lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: uint32 readOnly: false type: integer notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: uint32 type: integer nullable: true readOnly: false type: array title: U Int 32 Rules type: object x-speakeasy-name-override: UInt32Rules validate.UInt64Rules: description: UInt64Rules describes the constraints applied to `uint64` values nullable: true properties: const: description: Const specifies that this field must be exactly the specified value format: uint64 readOnly: false type: string gt: description: >- Gt specifies that this field must be greater than the specified value, exclusive. If the value of Gt is larger than a specified Lt or Lte, the range is reversed. format: uint64 readOnly: false type: string gte: description: |- Gte specifies that this field must be greater than or equal to the specified value, inclusive. If the value of Gte is larger than a specified Lt or Lte, the range is reversed. format: uint64 readOnly: false type: string ignoreEmpty: description: >- IgnoreEmpty specifies that the validation rules of this field should be evaluated only if the field is not empty readOnly: false type: boolean in: description: |- In specifies that this field must be equal to one of the specified values items: format: uint64 type: string nullable: true readOnly: false type: array lt: description: |- Lt specifies that this field must be less than the specified value, exclusive format: uint64 readOnly: false type: string lte: description: |- Lte specifies that this field must be less than or equal to the specified value, inclusive format: uint64 readOnly: false type: string notIn: description: >- NotIn specifies that this field cannot be equal to one of the specified values items: format: uint64 type: string nullable: true readOnly: false type: array title: U Int 64 Rules type: object x-speakeasy-name-override: UInt64Rules securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````