> ## Documentation Index
> Fetch the complete documentation index at: https://conductorone-docs-ad-account-provisioning-setup.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Process Now

> Invokes the c1.api.task.v1.TaskActionsService.ProcessNow method.



## OpenAPI

````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/tasks/{task_id}/action/process
openapi: 3.1.0
info:
  description: The ConductorOne API is a HTTP API for managing ConductorOne resources.
  title: ConductorOne API
  version: 0.1.0-alpha
servers:
  - description: The ConductorOne API server for the current tenant.
    url: https://{tenantDomain}.conductor.one
    variables:
      tenantDomain:
        default: example
        description: The domain of the tenant to use for this request.
security:
  - bearerAuth: []
    oauth: []
paths:
  /api/v1/tasks/{task_id}/action/process:
    post:
      tags:
        - Task
      summary: Process Now
      description: Invokes the c1.api.task.v1.TaskActionsService.ProcessNow method.
      operationId: c1.api.task.v1.TaskActionsService.ProcessNow
      parameters:
        - in: path
          name: task_id
          required: true
          schema:
            description: The ID of the task to process now.
            readOnly: false
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/c1.api.task.v1.TaskActionsServiceProcessNowRequestInput
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/c1.api.task.v1.TaskActionsServiceProcessNowResponse
          description: Successful response
      x-codeSamples:
        - lang: go
          label: ProcessNow
          source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/operations\"\n\t\"log\"\n)\n\nfunc main() {\n    ctx := context.Background()\n\n    s := conductoronesdkgo.New(\n        conductoronesdkgo.WithSecurity(shared.Security{\n            BearerAuth: \"<YOUR_BEARER_TOKEN_HERE>\",\n            Oauth: \"<YOUR_OAUTH_HERE>\",\n        }),\n    )\n\n    res, err := s.TaskActions.ProcessNow(ctx, operations.C1APITaskV1TaskActionsServiceProcessNowRequest{\n        TaskID: \"<id>\",\n    })\n    if err != nil {\n        log.Fatal(err)\n    }\n    if res.TaskActionsServiceProcessNowResponse != nil {\n        // handle response\n    }\n}"
        - lang: typescript
          label: Typescript (SDK)
          source: >-
            import { ConductoroneSDKTypescript } from
            "conductorone-sdk-typescript";


            const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
              security: {
                bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
                oauth: "<YOUR_OAUTH_HERE>",
              },
            });


            async function run() {
              const result = await conductoroneSDKTypescript.taskActions.processNow({
                taskId: "<id>",
              });

              console.log(result);
            }


            run();
components:
  schemas:
    c1.api.task.v1.TaskActionsServiceProcessNowRequestInput:
      description: >-
        The TaskActionsServiceProcessNowRequest object lets you trigger
        processing of a task immediately.
      properties:
        expandMask:
          $ref: '#/components/schemas/c1.api.task.v1.TaskExpandMask'
      title: Task Actions Service Process Now Request
      type: object
      x-speakeasy-name-override: TaskActionsServiceProcessNowRequest
    c1.api.task.v1.TaskActionsServiceProcessNowResponse:
      description: The TaskActionsServiceProcessNowResponse message.
      properties:
        expanded:
          description: The expanded field.
          items:
            additionalProperties: true
            description: >-
              Contains an arbitrary serialized message along with a @type that
              describes the type of the serialized message.
            properties:
              '@type':
                description: The type of the serialized message.
                type: string
            readOnly: false
            type: object
          nullable: true
          readOnly: false
          type: array
        taskView:
          $ref: '#/components/schemas/c1.api.task.v1.TaskView'
      title: Task Actions Service Process Now Response
      type: object
      x-speakeasy-name-override: TaskActionsServiceProcessNowResponse
    c1.api.task.v1.TaskExpandMask:
      description: >-
        The task expand mask is an array of strings that specifes the related
        objects the requester wishes to have returned when making a request
        where the expand mask is part of the input. Use '*' to view all possible
        responses.
      properties:
        paths:
          description: >-
            A list of paths to expand in the response. May be any combination of
            "*", "access_review_id", "user_id", "created_by_user_id", "app_id",
            "app_user_id", "app_entitlement_ids", "step_approver_ids",
            "identity_user_id", "insight_ids", and "app_user_last_usage".
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
      title: Task Expand Mask
      type: object
      x-speakeasy-name-override: TaskExpandMask
    c1.api.task.v1.TaskView:
      description: >-
        Contains a task and JSONPATH expressions that describe where in the
        expanded array related objects are located. This view can be used to
        display a fully-detailed dashboard of task information.
      properties:
        accessReviewPath:
          description: >-
            JSONPATH expression indicating the location of the AccessReview
            object in the expanded array
          readOnly: true
          type: string
        appPath:
          description: >-
            JSONPATH expression indicating the location of the App object in the
            expanded array
          readOnly: true
          type: string
        appUserLastUsagePath:
          description: >-
            JSONPATH expression indicating the location of the AppUser last
            usage timestamp in the expanded array
          readOnly: true
          type: string
        appUserPath:
          description: >-
            JSONPATH expression indicating the location of the AppUser object in
            the expanded array
          readOnly: true
          type: string
        createdByUserPath:
          description: >-
            JSONPATH expression indicating the location of the object of the
            User that created the ticket in the expanded array
          readOnly: true
          type: string
        entitlementsPath:
          description: >-
            JSONPATH expression indicating the location of the Entitlements
            objects in the expanded array
          readOnly: true
          type: string
        identityUserPath:
          description: >-
            JSONPATH expression indicating the location of the User object of
            the User that this task is targeting in the expanded array. This is
            the user that is the identity when the target of a task is an app
            user.
          readOnly: true
          type: string
        insightsPath:
          description: >-
            JSONPATH expression indicating the location of the Insights objects
            in the expanded array
          readOnly: true
          type: string
        stepApproversPath:
          description: >-
            JSONPATH expression indicating the location of the StepApproverUsers
            objects in the expanded array
          readOnly: true
          type: string
        task:
          $ref: '#/components/schemas/c1.api.task.v1.Task'
        userPath:
          description: >-
            JSONPATH expression indicating the location of the User object in
            the expanded array. This is the user that is a direct target of the
            ticket without a specific relationship to a potentially non-existent
            app user.
          readOnly: true
          type: string
      title: Task View
      type: object
      x-speakeasy-name-override: TaskView
    c1.api.task.v1.Task:
      description: >-
        A fully-fleged task object. Includes its policy, references to external
        apps, its type, its processing history, and more.
      properties:
        actions:
          description: The actions that can be performed on the task by the current user.
          items:
            enum:
              - TASK_ACTION_TYPE_UNSPECIFIED
              - TASK_ACTION_TYPE_CLOSE
              - TASK_ACTION_TYPE_APPROVE
              - TASK_ACTION_TYPE_DENY
              - TASK_ACTION_TYPE_COMMENT
              - TASK_ACTION_TYPE_DELETE
              - TASK_ACTION_TYPE_REASSIGN
              - TASK_ACTION_TYPE_RESTART
              - TASK_ACTION_TYPE_SEND_REMINDER
              - TASK_ACTION_TYPE_PROVISION_COMPLETE
              - TASK_ACTION_TYPE_PROVISION_CANCELLED
              - TASK_ACTION_TYPE_PROVISION_ERRORED
              - TASK_ACTION_TYPE_ROLLBACK_SKIPPED
              - TASK_ACTION_TYPE_PROVISION_APP_USER_TARGET_CREATED
              - TASK_ACTION_TYPE_HARD_RESET
              - TASK_ACTION_TYPE_ESCALATE_TO_EMERGENCY_ACCESS
              - TASK_ACTION_TYPE_CHANGE_POLICY
              - TASK_ACTION_TYPE_RECALCULATE_DENIAL_FROM_BASE_POLICY_DECISIONS
              - TASK_ACTION_TYPE_SET_INSIGHTS_AND_RECOMMENDATION
              - TASK_ACTION_TYPE_SET_ANALYSIS_ID
              - TASK_ACTION_TYPE_RECALCULATE_APPROVERS_LIST
              - TASK_ACTION_TYPE_PROCESS_NOW
              - TASK_ACTION_TYPE_APPROVE_WITH_STEP_UP
              - TASK_ACTION_TYPE_SKIP_STEP
              - TASK_ACTION_TYPE_ROLLBACK_CANCELLED
              - TASK_ACTION_TYPE_UPDATE_REQUEST_DATA
              - TASK_ACTION_TYPE_UPDATE_GRANT_DURATION
            type: string
            x-speakeasy-unknown-values: allow
          nullable: true
          readOnly: true
          type: array
        analysisId:
          description: >-
            The ID of the analysis object associated with this task created by
            an analysis workflow if the analysis feature is enabled for your
            tenant.
          readOnly: true
          type: string
        annotations:
          description: >-
            An array of `google.protobuf.Any` annotations with various
            base64-encoded data.
          items:
            additionalProperties: true
            description: >-
              Contains an arbitrary serialized message along with a @type that
              describes the type of the serialized message.
            properties:
              '@type':
                description: The type of the serialized message.
                type: string
            readOnly: true
            type: object
          nullable: true
          readOnly: true
          type: array
        commentCount:
          description: The count of comments.
          format: int32
          readOnly: true
          type: integer
        createdAt:
          format: date-time
          readOnly: true
          type: string
        createdByUserId:
          description: >-
            The ID of the user that is the creator of this task. This may not
            always match the userId field.
          readOnly: true
          type: string
        data:
          additionalProperties: true
          readOnly: true
          type: object
        deletedAt:
          format: date-time
          readOnly: true
          type: string
        description:
          description: The description of the task. This is also known as justification.
          readOnly: true
          type: string
        displayName:
          description: The display name of the task.
          readOnly: true
          type: string
        emergencyAccess:
          description: >-
            A field indicating whether this task was created using an emergency
            access flow, or escalated to emergency access. On task creation, it
            will also use the app entitlement's emergency policy when possible.
          readOnly: true
          type: boolean
        externalRefs:
          description: >-
            An array of external references to the task. Historically that has
            been items like Jira task IDs. This is currently unused, but may
            come back in the future for integrations.
          items:
            $ref: '#/components/schemas/c1.api.task.v1.ExternalRef'
          nullable: true
          readOnly: true
          type: array
        form:
          $ref: '#/components/schemas/c1.api.form.v1.Form'
        id:
          description: The ID of the task.
          readOnly: true
          type: string
        insightIds:
          description: The insightIds field.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        numericId:
          description: >-
            A human-usable numeric ID of a task which can be included in place
            of the fully qualified task id in path parmeters (but not search
            queries).
          format: int64
          readOnly: true
          type: string
        origin:
          description: The origin field.
          enum:
            - TASK_ORIGIN_UNSPECIFIED
            - TASK_ORIGIN_PROFILE_MEMBERSHIP_AUTOMATION
            - TASK_ORIGIN_SLACK
            - TASK_ORIGIN_API
            - TASK_ORIGIN_JIRA
            - TASK_ORIGIN_COPILOT
            - TASK_ORIGIN_WEBAPP
            - TASK_ORIGIN_TIME_REVOKE
            - TASK_ORIGIN_NON_USAGE_REVOKE
            - TASK_ORIGIN_PROFILE_MEMBERSHIP_MANUAL
            - TASK_ORIGIN_PROFILE_MEMBERSHIP
            - TASK_ORIGIN_AUTOMATION
            - TASK_ORIGIN_ACCESS_REVIEW
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
        policy:
          $ref: '#/components/schemas/c1.api.policy.v1.PolicyInstance'
        policyGenerationId:
          description: >-
            The policy generation id refers to the current policy's generation
            ID. This is changed when the policy is changed on a task.
          readOnly: true
          type: string
        processing:
          description: The processing state of a task as defined by the `processing_enum`
          enum:
            - TASK_PROCESSING_TYPE_UNSPECIFIED
            - TASK_PROCESSING_TYPE_PROCESSING
            - TASK_PROCESSING_TYPE_WAITING
            - TASK_PROCESSING_TYPE_DONE
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        recommendation:
          description: The recommendation field.
          enum:
            - INSIGHT_RECOMMENDATION_UNSPECIFIED
            - INSIGHT_RECOMMENDATION_APPROVE
            - INSIGHT_RECOMMENDATION_DENY
            - INSIGHT_RECOMMENDATION_REVIEW
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
        state:
          description: The current state of the task as defined by the `state_enum`
          enum:
            - TASK_STATE_UNSPECIFIED
            - TASK_STATE_OPEN
            - TASK_STATE_CLOSED
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        stepApproverIds:
          description: >-
            An array of IDs belonging to Identity Users that are allowed to
            review this step in a task.
          items:
            type: string
          nullable: true
          readOnly: true
          type: array
        type:
          $ref: '#/components/schemas/c1.api.task.v1.TaskType'
        updatedAt:
          format: date-time
          readOnly: true
          type: string
        userId:
          description: >-
            The ID of the user that is the target of this task. This may be
            empty if we're targeting a specific app user that has no known
            identity user.
          readOnly: true
          type: string
      title: Task
      type: object
      x-speakeasy-name-override: Task
    c1.api.task.v1.ExternalRef:
      description: >-
        A reference to an external source. This value is unused currently, but
        may be brought back.
      properties:
        externalRefSource:
          description: The source of the external reference.
          enum:
            - UNSPECIFIED
            - JIRA
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        name:
          description: The name of the external reference.
          readOnly: true
          type: string
        url:
          description: The URL to the external reference.
          readOnly: true
          type: string
      title: External Ref
      type: object
      x-speakeasy-name-override: ExternalRef
    c1.api.form.v1.Form:
      description: A form is a collection of fields to be filled out by a user
      properties:
        description:
          description: The description field.
          readOnly: false
          type: string
        displayName:
          description: The displayName field.
          readOnly: false
          type: string
        fieldGroups:
          description: The fieldGroups field.
          items:
            $ref: '#/components/schemas/c1.api.form.v1.FieldGroup'
          nullable: true
          readOnly: false
          type: array
        fieldRelationships:
          description: The fieldRelationships field.
          items:
            $ref: '#/components/schemas/c1.api.form.v1.FieldRelationship'
          nullable: true
          readOnly: false
          type: array
        fields:
          description: The fields field.
          items:
            $ref: '#/components/schemas/c1.api.form.v1.Field'
          nullable: true
          readOnly: false
          type: array
        id:
          description: The id field.
          readOnly: false
          type: string
      title: Form
      type: object
      x-speakeasy-entity: Request_Schema
      x-speakeasy-name-override: Form
    c1.api.policy.v1.PolicyInstance:
      description: >-
        A policy instance is an object that contains a reference to the policy
        it was created from, the currently executing step, the next steps, and
        the history of previously completed steps.
      properties:
        current:
          $ref: '#/components/schemas/c1.api.policy.v1.PolicyStepInstance'
        history:
          description: >-
            An array of steps that were previously processed by the ticket with
            their outcomes set, in order.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.PolicyStepInstance'
          nullable: true
          readOnly: true
          type: array
        next:
          description: An array of steps that will be processed by the ticket, in order.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.PolicyStep'
          nullable: true
          readOnly: true
          type: array
        policy:
          $ref: '#/components/schemas/c1.api.policy.v1.Policy'
      title: Policy Instance
      type: object
      x-speakeasy-name-override: PolicyInstance
    c1.api.task.v1.TaskType:
      description: >
        Task Type provides configuration for the type of task: certify, grant,
        or revoke


        This message contains a oneof named task_type. Only a single field of
        the following list may be set at a time:
          - grant
          - revoke
          - certify
          - offboarding
          - action
      properties:
        action:
          $ref: '#/components/schemas/c1.api.task.v1.TaskTypeAction'
        certify:
          $ref: '#/components/schemas/c1.api.task.v1.TaskTypeCertify'
        grant:
          $ref: '#/components/schemas/c1.api.task.v1.TaskTypeGrant'
        offboarding:
          $ref: '#/components/schemas/c1.api.task.v1.TaskTypeOffboarding'
        revoke:
          $ref: '#/components/schemas/c1.api.task.v1.TaskTypeRevoke'
      title: Task Type
      type: object
      x-speakeasy-name-override: TaskType
    c1.api.form.v1.FieldGroup:
      description: The FieldGroup message.
      properties:
        default:
          description: The default field.
          readOnly: false
          type: boolean
        displayName:
          description: The displayName field.
          readOnly: false
          type: string
        fields:
          description: The fields field.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        helpText:
          description: The helpText field.
          readOnly: false
          type: string
        name:
          description: The name field.
          readOnly: false
          type: string
      title: Field Group
      type: object
      x-speakeasy-name-override: FieldGroup
    c1.api.form.v1.FieldRelationship:
      description: >
        FieldRelationships can be used during form validation, or they can
        represent
         information that is necessary to when it comes to visually rendering the form

        This message contains a oneof named kind. Only a single field of the
        following list may be set at a time:
          - requiredTogether
          - atLeastOne
          - mutuallyExclusive
      properties:
        atLeastOne:
          $ref: '#/components/schemas/c1.api.form.v1.AtLeastOne'
        fieldNames:
          description: The names of the fields that share this relationship
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        mutuallyExclusive:
          $ref: '#/components/schemas/c1.api.form.v1.MutuallyExclusive'
        requiredTogether:
          $ref: '#/components/schemas/c1.api.form.v1.RequiredTogether'
      title: Field Relationship
      type: object
      x-speakeasy-name-override: FieldRelationship
    c1.api.form.v1.Field:
      description: >
        A field is a single input meant to collect a piece of data from a user


        This message contains a oneof named type. Only a single field of the
        following list may be set at a time:
          - stringField
          - boolField
          - stringSliceField
          - int64Field
          - fileField
          - oauth2Field


        This message contains a oneof named provider_config. Only a single field
        of the following list may be set at a time:
          - userConfig
          - adminConfig
          - sharedConfig
      properties:
        adminConfig:
          $ref: '#/components/schemas/c1.api.form.v1.AdminProviderConfig'
        boolField:
          $ref: '#/components/schemas/c1.api.form.v1.BoolField'
        description:
          description: The description field.
          readOnly: false
          type: string
        displayName:
          description: The displayName field.
          readOnly: false
          type: string
        fileField:
          $ref: '#/components/schemas/c1.api.form.v1.FileField'
        int64Field:
          $ref: '#/components/schemas/c1.api.form.v1.Int64Field'
        name:
          description: The name field.
          readOnly: false
          type: string
        oauth2Field:
          $ref: '#/components/schemas/c1.api.form.v1.Oauth2Field'
        sharedConfig:
          $ref: '#/components/schemas/c1.api.form.v1.SharedProviderConfig'
        stringField:
          $ref: '#/components/schemas/c1.api.form.v1.StringField'
        stringSliceField:
          $ref: '#/components/schemas/c1.api.form.v1.StringSliceField'
        userConfig:
          $ref: '#/components/schemas/c1.api.form.v1.UserProviderConfig'
      title: Field
      type: object
      x-speakeasy-name-override: Field
    c1.api.policy.v1.PolicyStepInstance:
      description: >
        The policy step instance includes a reference to an instance of a policy
        step that tracks state and has a unique ID.


        This message contains a oneof named instance. Only a single field of the
        following list may be set at a time:
          - approval
          - provision
          - accept
          - reject
          - wait
          - form
          - action
      properties:
        accept:
          $ref: '#/components/schemas/c1.api.policy.v1.AcceptInstance'
        action:
          $ref: '#/components/schemas/c1.api.policy.v1.ActionInstance'
        approval:
          $ref: '#/components/schemas/c1.api.policy.v1.ApprovalInstance'
        form:
          $ref: '#/components/schemas/c1.api.policy.v1.FormInstance'
        id:
          description: >-
            The ID of the PolicyStepInstance. This is required by many action
            submission endpoints to indicate what step you're approving.
          readOnly: true
          type: string
        policyGenerationId:
          description: >-
            The policy generation id refers to the version of the policy that
            this step was created from.
          readOnly: false
          type: string
        provision:
          $ref: '#/components/schemas/c1.api.policy.v1.ProvisionInstance'
        reject:
          $ref: '#/components/schemas/c1.api.policy.v1.RejectInstance'
        state:
          description: The state of the step, which is either active or done.
          enum:
            - POLICY_STEP_STATE_UNSPECIFIED
            - POLICY_STEP_STATE_ACTIVE
            - POLICY_STEP_STATE_DONE
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        wait:
          $ref: '#/components/schemas/c1.api.policy.v1.WaitInstance'
      title: Policy Step Instance
      type: object
      x-speakeasy-name-override: PolicyStepInstance
    c1.api.policy.v1.PolicyStep:
      description: >
        The PolicyStep message.


        This message contains a oneof named step. Only a single field of the
        following list may be set at a time:
          - approval
          - provision
          - accept
          - reject
          - wait
          - form
          - action
      properties:
        accept:
          $ref: '#/components/schemas/c1.api.policy.v1.Accept'
        action:
          $ref: '#/components/schemas/c1.api.policy.v1.Action'
        approval:
          $ref: '#/components/schemas/c1.api.policy.v1.Approval'
        form:
          $ref: '#/components/schemas/c1.api.policy.v1.Form'
        provision:
          $ref: '#/components/schemas/c1.api.policy.v1.Provision'
        reject:
          $ref: '#/components/schemas/c1.api.policy.v1.Reject'
        wait:
          $ref: '#/components/schemas/c1.api.policy.v1.Wait'
      title: Policy Step
      type: object
      x-speakeasy-name-override: PolicyStep
    c1.api.policy.v1.Policy:
      description: >-
        A policy describes the behavior of the ConductorOne system when
        processing a task. You can describe the type, approvers, fallback
        behavior, and escalation processes.
      properties:
        createdAt:
          format: date-time
          readOnly: true
          type: string
        deletedAt:
          format: date-time
          readOnly: true
          type: string
        description:
          description: The description of the Policy.
          readOnly: false
          type: string
        displayName:
          description: The display name of the Policy.
          readOnly: false
          type: string
        id:
          description: The ID of the Policy.
          readOnly: true
          type: string
        policySteps:
          additionalProperties:
            $ref: '#/components/schemas/c1.api.policy.v1.PolicySteps'
          description: >-
            A map of string(policy type) to steps in a policy. This structure is
            leftover from a previous design, and should only ever have one
            key->value set.
          readOnly: false
          type: object
        policyType:
          description: >-
            Indicates the type of this policy. Can also be used to get the value
            from policySteps.
          enum:
            - POLICY_TYPE_UNSPECIFIED
            - POLICY_TYPE_GRANT
            - POLICY_TYPE_REVOKE
            - POLICY_TYPE_CERTIFY
            - POLICY_TYPE_ACCESS_REQUEST
            - POLICY_TYPE_PROVISION
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
        postActions:
          description: >-
            An array of actions (ordered) to take place after a policy completes
            processing.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.PolicyPostActions'
          nullable: true
          readOnly: false
          type: array
        reassignTasksToDelegates:
          deprecated: true
          description: Deprecated. Use setting in policy step instead
          readOnly: false
          type: boolean
        rules:
          description: The rules field.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.Rule'
          nullable: true
          readOnly: false
          type: array
        systemBuiltin:
          description: >-
            Whether this policy is a builtin system policy. Builtin system
            policies cannot be edited.
          readOnly: true
          type: boolean
        updatedAt:
          format: date-time
          readOnly: true
          type: string
      title: Policy
      type: object
      x-speakeasy-entity: Policy
      x-speakeasy-name-override: Policy
    c1.api.task.v1.TaskTypeAction:
      description: The TaskTypeAction message.
      nullable: true
      properties:
        actionId:
          description: The ID of the action to execute.
          readOnly: true
          type: string
        formValues:
          additionalProperties: true
          readOnly: true
          type: object
        outcome:
          description: The outcome field.
          enum:
            - ACTION_OUTCOME_UNSPECIFIED
            - ACTION_OUTCOME_SUCCESS
            - ACTION_OUTCOME_DENIED
            - ACTION_OUTCOME_ERROR
            - ACTION_OUTCOME_CANCELLED
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        outcomeTime:
          format: date-time
          readOnly: true
          type: string
      title: Task Type Action
      type: object
      x-speakeasy-name-override: TaskTypeAction
    c1.api.task.v1.TaskTypeCertify:
      description: >-
        The TaskTypeCertify message indicates that a task is a certify task and
        all related details.
      nullable: true
      properties:
        accessReviewId:
          description: The ID of the access review.
          readOnly: true
          type: string
        accessReviewSelection:
          description: >-
            The ID of the specific access review object that owns this certify
            task. This is also set on a revoke task if the revoke task is
            created from the denied outcome of a certify task.
          readOnly: true
          type: string
        appEntitlementId:
          description: The ID of the app entitlement.
          readOnly: true
          type: string
        appId:
          description: The ID of the app.
          readOnly: true
          type: string
        appUserId:
          description: The ID of the app user.
          readOnly: true
          type: string
        identityUserId:
          description: The ID of the user.
          readOnly: true
          type: string
        outcome:
          description: The outcome of the certification.
          enum:
            - CERTIFY_OUTCOME_UNSPECIFIED
            - CERTIFY_OUTCOME_CERTIFIED
            - CERTIFY_OUTCOME_DECERTIFIED
            - CERTIFY_OUTCOME_ERROR
            - CERTIFY_OUTCOME_CANCELLED
            - CERTIFY_OUTCOME_WAIT_TIMED_OUT
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        outcomeTime:
          format: date-time
          readOnly: true
          type: string
      title: Task Type Certify
      type: object
      x-speakeasy-name-override: TaskTypeCertify
    c1.api.task.v1.TaskTypeGrant:
      description: >-
        The TaskTypeGrant message indicates that a task is a grant task and all
        related details.
      nullable: true
      properties:
        appEntitlementId:
          description: The ID of the app entitlement.
          readOnly: true
          type: string
        appId:
          description: The ID of the app.
          readOnly: true
          type: string
        appUserId:
          description: The ID of the app user.
          readOnly: true
          type: string
        grantDuration:
          format: duration
          readOnly: true
          type: string
        identityUserId:
          description: The ID of the user.
          readOnly: true
          type: string
        outcome:
          description: The outcome of the grant.
          enum:
            - GRANT_OUTCOME_UNSPECIFIED
            - GRANT_OUTCOME_GRANTED
            - GRANT_OUTCOME_DENIED
            - GRANT_OUTCOME_ERROR
            - GRANT_OUTCOME_CANCELLED
            - GRANT_OUTCOME_WAIT_TIMED_OUT
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        outcomeTime:
          format: date-time
          readOnly: true
          type: string
        source:
          $ref: '#/components/schemas/c1.api.task.v1.TaskGrantSource'
      title: Task Type Grant
      type: object
      x-speakeasy-name-override: TaskTypeGrant
    c1.api.task.v1.TaskTypeOffboarding:
      description: The TaskTypeOffboarding message.
      nullable: true
      properties:
        outcome:
          description: The outcome field.
          enum:
            - OFFBOARDING_OUTCOME_UNSPECIFIED
            - OFFBOARDING_OUTCOME_IN_PROGRESS
            - OFFBOARDING_OUTCOME_DONE
            - OFFBOARDING_OUTCOME_ERROR
            - OFFBOARDING_OUTCOME_CANCELLED
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        outcomeTime:
          format: date-time
          readOnly: true
          type: string
        subjectUserId:
          description: The subjectUserId field.
          readOnly: true
          type: string
      title: Task Type Offboarding
      type: object
      x-speakeasy-name-override: TaskTypeOffboarding
    c1.api.task.v1.TaskTypeRevoke:
      description: >-
        The TaskTypeRevoke message indicates that a task is a revoke task and
        all related details.
      nullable: true
      properties:
        appEntitlementId:
          description: The ID of the app entitlement.
          readOnly: true
          type: string
        appId:
          description: The ID of the app.
          readOnly: true
          type: string
        appUserId:
          description: The ID of the app user.
          readOnly: true
          type: string
        identityUserId:
          description: The ID of the user.
          readOnly: true
          type: string
        outcome:
          description: The outcome of the revoke.
          enum:
            - REVOKE_OUTCOME_UNSPECIFIED
            - REVOKE_OUTCOME_REVOKED
            - REVOKE_OUTCOME_DENIED
            - REVOKE_OUTCOME_ERROR
            - REVOKE_OUTCOME_CANCELLED
            - REVOKE_OUTCOME_WAIT_TIMED_OUT
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
        outcomeTime:
          format: date-time
          readOnly: true
          type: string
        source:
          $ref: '#/components/schemas/c1.api.task.v1.TaskRevokeSource'
      title: Task Type Revoke
      type: object
      x-speakeasy-name-override: TaskTypeRevoke
    c1.api.form.v1.AtLeastOne:
      description: The AtLeastOne message.
      nullable: true
      title: At Least One
      type: object
      x-speakeasy-name-override: AtLeastOne
    c1.api.form.v1.MutuallyExclusive:
      description: The MutuallyExclusive message.
      nullable: true
      title: Mutually Exclusive
      type: object
      x-speakeasy-name-override: MutuallyExclusive
    c1.api.form.v1.RequiredTogether:
      description: The RequiredTogether message.
      nullable: true
      title: Required Together
      type: object
      x-speakeasy-name-override: RequiredTogether
    c1.api.form.v1.AdminProviderConfig:
      description: The AdminProviderConfig message.
      nullable: true
      properties:
        defaultValueCel:
          description: The defaultValueCel field.
          readOnly: false
          type: string
        showToUser:
          description: The showToUser field.
          readOnly: false
          type: boolean
      title: Admin Provider Config
      type: object
      x-speakeasy-name-override: AdminProviderConfig
    c1.api.form.v1.BoolField:
      description: >
        The BoolField message.


        This message contains a oneof named view. Only a single field of the
        following list may be set at a time:
          - checkboxField
          - toggleField


        This message contains a oneof named _rules. Only a single field of the
        following list may be set at a time:
          - rules
      nullable: true
      properties:
        checkboxField:
          $ref: '#/components/schemas/c1.api.form.v1.CheckboxField'
        defaultValue:
          description: The defaultValue field.
          readOnly: false
          type: boolean
        rules:
          $ref: '#/components/schemas/validate.BoolRules'
        toggleField:
          $ref: '#/components/schemas/c1.api.form.v1.ToggleField'
      title: Bool Field
      type: object
      x-speakeasy-name-override: BoolField
    c1.api.form.v1.FileField:
      description: >
        The FileField message.


        This message contains a oneof named view. Only a single field of the
        following list may be set at a time:
          - fileInputField


        This message contains a oneof named _max_file_size. Only a single field
        of the following list may be set at a time:
          - maxFileSize
      nullable: true
      properties:
        acceptedFileTypes:
          description: The acceptedFileTypes field.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        fileInputField:
          $ref: '#/components/schemas/c1.api.form.v1.FileInputField'
        maxFileSize:
          description: >-
            The maxFileSize field.

            This field is part of the `_max_file_size` oneof.

            See the documentation for `c1.api.form.v1.FileField` for more
            details.
          format: int64
          nullable: true
          readOnly: false
          type: string
      title: File Field
      type: object
      x-speakeasy-name-override: FileField
    c1.api.form.v1.Int64Field:
      description: >
        The Int64Field message.


        This message contains a oneof named view. Only a single field of the
        following list may be set at a time:
          - numberField


        This message contains a oneof named _default_value. Only a single field
        of the following list may be set at a time:
          - defaultValue


        This message contains a oneof named _rules. Only a single field of the
        following list may be set at a time:
          - rules
      nullable: true
      properties:
        defaultValue:
          description: >-
            The defaultValue field.

            This field is part of the `_default_value` oneof.

            See the documentation for `c1.api.form.v1.Int64Field` for more
            details.
          format: int64
          nullable: true
          readOnly: false
          type: string
        numberField:
          $ref: '#/components/schemas/c1.api.form.v1.NumberField'
        placeholder:
          description: The placeholder field.
          readOnly: false
          type: string
        rules:
          $ref: '#/components/schemas/validate.Int64Rules'
      title: Int 64 Field
      type: object
      x-speakeasy-name-override: Int64Field
    c1.api.form.v1.Oauth2Field:
      description: >
        The Oauth2Field message.


        This message contains a oneof named view. Only a single field of the
        following list may be set at a time:
          - oauth2FieldView
      nullable: true
      properties:
        oauth2FieldView:
          $ref: '#/components/schemas/c1.api.form.v1.Oauth2FieldView'
      title: Oauth 2 Field
      type: object
      x-speakeasy-name-override: Oauth2Field
    c1.api.form.v1.SharedProviderConfig:
      description: The SharedProviderConfig message.
      nullable: true
      properties:
        defaultValueCel:
          description: The defaultValueCel field.
          readOnly: false
          type: string
        inputTransformationCel:
          description: The inputTransformationCel field.
          readOnly: false
          type: string
        lockDefaultValues:
          description: The lockDefaultValues field.
          readOnly: false
          type: boolean
      title: Shared Provider Config
      type: object
      x-speakeasy-name-override: SharedProviderConfig
    c1.api.form.v1.StringField:
      description: >
        The StringField message.


        This message contains a oneof named view. Only a single field of the
        following list may be set at a time:
          - textField
          - passwordField
          - selectField
          - pickerField


        This message contains a oneof named _rules. Only a single field of the
        following list may be set at a time:
          - rules
      nullable: true
      properties:
        defaultValue:
          description: The defaultValue field.
          readOnly: false
          type: string
        passwordField:
          $ref: '#/components/schemas/c1.api.form.v1.PasswordField'
        pickerField:
          $ref: '#/components/schemas/c1.api.form.v1.PickerField'
        placeholder:
          description: The placeholder field.
          readOnly: false
          type: string
        rules:
          $ref: '#/components/schemas/validate.StringRules'
        selectField:
          $ref: '#/components/schemas/c1.api.form.v1.SelectField'
        textField:
          $ref: '#/components/schemas/c1.api.form.v1.TextField'
      title: String Field
      type: object
      x-speakeasy-name-override: StringField
    c1.api.form.v1.StringSliceField:
      description: >
        The StringSliceField message.


        This message contains a oneof named view. Only a single field of the
        following list may be set at a time:
          - chipsField
          - pickerField


        This message contains a oneof named _rules. Only a single field of the
        following list may be set at a time:
          - rules
      nullable: true
      properties:
        chipsField:
          $ref: '#/components/schemas/c1.api.form.v1.ChipsField'
        defaultValues:
          description: The defaultValues field.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        pickerField:
          $ref: '#/components/schemas/c1.api.form.v1.PickerField'
        placeholder:
          description: The placeholder field.
          readOnly: false
          type: string
        rules:
          $ref: '#/components/schemas/validate.RepeatedRules'
      title: String Slice Field
      type: object
      x-speakeasy-name-override: StringSliceField
    c1.api.form.v1.UserProviderConfig:
      description: The UserProviderConfig message.
      nullable: true
      properties:
        inputTransformationCel:
          description: The inputTransformationCel field.
          readOnly: false
          type: string
      title: User Provider Config
      type: object
      x-speakeasy-name-override: UserProviderConfig
    c1.api.policy.v1.AcceptInstance:
      description: >-
        This policy step indicates that a ticket should have an approved
        outcome. This is a terminal approval state and is used to explicitly
        define the end of approval steps.
         The instance is just a marker for it being copied into an active policy.
      nullable: true
      properties:
        acceptMessage:
          description: >-
            An optional message to include in the comments when a task is
            automatically accepted.
          readOnly: false
          type: string
      title: Accept Instance
      type: object
      x-speakeasy-name-override: AcceptInstance
    c1.api.policy.v1.ActionInstance:
      description: >
        The ActionInstance message.


        This message contains a oneof named target_instance. Only a single field
        of the following list may be set at a time:
          - automation


        This message contains a oneof named outcome. Only a single field of the
        following list may be set at a time:
          - success
          - denied
          - error
          - cancelled
      nullable: true
      properties:
        action:
          $ref: '#/components/schemas/c1.api.policy.v1.Action'
        automation:
          $ref: '#/components/schemas/c1.api.policy.v1.ActionTargetAutomationInstance'
        cancelled:
          $ref: '#/components/schemas/c1.api.policy.v1.ActionOutcomeCancelled'
        denied:
          $ref: '#/components/schemas/c1.api.policy.v1.ActionOutcomeDenied'
        error:
          $ref: '#/components/schemas/c1.api.policy.v1.ActionOutcomeError'
        state:
          description: The current state of the action execution.
          enum:
            - ACTION_INSTANCE_STATE_UNSPECIFIED
            - ACTION_INSTANCE_STATE_INIT
            - ACTION_INSTANCE_STATE_RUNNING
            - ACTION_INSTANCE_STATE_DONE
            - ACTION_INSTANCE_STATE_ERROR
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
        success:
          $ref: '#/components/schemas/c1.api.policy.v1.ActionOutcomeSuccess'
      title: Action Instance
      type: object
      x-speakeasy-name-override: ActionInstance
    c1.api.policy.v1.ApprovalInstance:
      description: >
        The approval instance object describes the way a policy step should be
        approved as well as its outcomes and state.


        This message contains a oneof named outcome. Only a single field of the
        following list may be set at a time:
          - approved
          - denied
          - reassigned
          - restarted
          - reassignedByError
          - skipped
      nullable: true
      properties:
        approval:
          $ref: '#/components/schemas/c1.api.policy.v1.Approval'
        approved:
          $ref: '#/components/schemas/c1.api.policy.v1.ApprovedAction'
        assignedAt:
          format: date-time
          readOnly: true
          type: string
        denied:
          $ref: '#/components/schemas/c1.api.policy.v1.DeniedAction'
        escalationInstance:
          $ref: '#/components/schemas/c1.api.policy.v1.EscalationInstance'
        reassigned:
          $ref: '#/components/schemas/c1.api.policy.v1.ReassignedAction'
        reassignedByError:
          $ref: '#/components/schemas/c1.api.policy.v1.ReassignedByErrorAction'
        restarted:
          $ref: '#/components/schemas/c1.api.policy.v1.RestartAction'
        skipped:
          $ref: '#/components/schemas/c1.api.policy.v1.SkippedAction'
        state:
          description: The state of the approval instance
          enum:
            - APPROVAL_INSTANCE_STATE_UNSPECIFIED
            - APPROVAL_INSTANCE_STATE_INIT
            - APPROVAL_INSTANCE_STATE_SENDING_NOTIFICATIONS
            - APPROVAL_INSTANCE_STATE_WAITING
            - APPROVAL_INSTANCE_STATE_DONE
          readOnly: true
          type: string
          x-speakeasy-unknown-values: allow
      title: Approval Instance
      type: object
      x-speakeasy-name-override: ApprovalInstance
    c1.api.policy.v1.FormInstance:
      description: >
        The FormInstance message.


        This message contains a oneof named outcome. Only a single field of the
        following list may be set at a time:
          - completed
          - restarted
          - reassigned
          - skipped
      nullable: true
      properties:
        completed:
          $ref: '#/components/schemas/c1.api.policy.v1.FormCompletedAction'
        data:
          additionalProperties: true
          readOnly: false
          type: object
        form:
          $ref: '#/components/schemas/c1.api.form.v1.Form'
        reassigned:
          $ref: '#/components/schemas/c1.api.policy.v1.ReassignedAction'
        restarted:
          $ref: '#/components/schemas/c1.api.policy.v1.RestartAction'
        skipped:
          $ref: '#/components/schemas/c1.api.policy.v1.SkippedAction'
        state:
          description: The state field.
          enum:
            - FORM_INSTANCE_STATE_UNSPECIFIED
            - FORM_INSTANCE_STATE_WAITING
            - FORM_INSTANCE_STATE_DONE
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
      title: Form Instance
      type: object
      x-speakeasy-name-override: FormInstance
    c1.api.policy.v1.ProvisionInstance:
      description: >
        A provision instance describes the specific configuration of an
        executing provision policy step including actions taken and notification
        id.


        This message contains a oneof named outcome. Only a single field of the
        following list may be set at a time:
          - completed
          - cancelled
          - errored
          - reassignedByError
          - skipped
      nullable: true
      properties:
        batonActionInvocationId:
          description: This indicates the account lifecycle action id for this step.
          readOnly: false
          type: string
        cancelled:
          $ref: '#/components/schemas/c1.api.policy.v1.CancelledAction'
        completed:
          $ref: '#/components/schemas/c1.api.policy.v1.CompletedAction'
        errored:
          $ref: '#/components/schemas/c1.api.policy.v1.ErroredAction'
        externalTicketId:
          description: This indicates the external ticket id for this step.
          readOnly: false
          type: string
        externalTicketProvisionerConfigId:
          description: >-
            This indicates the external ticket provisioner config id for this
            step.
          readOnly: false
          type: string
        notificationId:
          description: This indicates the notification id for this step.
          readOnly: false
          type: string
        provision:
          $ref: '#/components/schemas/c1.api.policy.v1.Provision'
        reassignedByError:
          $ref: '#/components/schemas/c1.api.policy.v1.ReassignedByErrorAction'
        skipped:
          $ref: '#/components/schemas/c1.api.policy.v1.SkippedAction'
        state:
          description: This property indicates the current state of this step.
          enum:
            - PROVISION_INSTANCE_STATE_UNSPECIFIED
            - PROVISION_INSTANCE_STATE_INIT
            - PROVISION_INSTANCE_STATE_CREATE_CONNECTOR_ACTIONS_FOR_TARGET
            - PROVISION_INSTANCE_STATE_SENDING_NOTIFICATIONS
            - PROVISION_INSTANCE_STATE_WAITING
            - PROVISION_INSTANCE_STATE_WEBHOOK
            - PROVISION_INSTANCE_STATE_WEBHOOK_WAITING
            - PROVISION_INSTANCE_STATE_EXTERNAL_TICKET
            - PROVISION_INSTANCE_STATE_EXTERNAL_TICKET_WAITING
            - PROVISION_INSTANCE_STATE_ACCOUNT_LIFECYCLE_ACTIONS
            - PROVISION_INSTANCE_STATE_ACCOUNT_LIFECYCLE_ACTIONS_WAITING
            - PROVISION_INSTANCE_STATE_DONE
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
        webhookId:
          description: This indicates the webhook id for this step.
          readOnly: false
          type: string
        webhookInstanceId:
          description: This indicates the webhook instance id for this step.
          readOnly: false
          type: string
      title: Provision Instance
      type: object
      x-speakeasy-name-override: ProvisionInstance
    c1.api.policy.v1.RejectInstance:
      description: >-
        This policy step indicates that a ticket should have a denied outcome.
        This is a terminal approval state and is used to explicitly define the
        end of approval steps.
         The instance is just a marker for it being copied into an active policy.
      nullable: true
      properties:
        rejectMessage:
          description: >-
            An optional message to include in the comments when a task is
            automatically rejected.
          readOnly: false
          type: string
      title: Reject Instance
      type: object
      x-speakeasy-name-override: RejectInstance
    c1.api.policy.v1.WaitInstance:
      description: >
        Used by the policy engine to describe an instantiated wait step.


        This message contains a oneof named until. Only a single field of the
        following list may be set at a time:
          - condition
          - untilTime


        This message contains a oneof named outcome. Only a single field of the
        following list may be set at a time:
          - succeeded
          - timedOut
          - skipped
      nullable: true
      properties:
        commentOnFirstWait:
          description: The comment to post on first failed check.
          readOnly: false
          type: string
        commentOnTimeout:
          description: The comment to post if we timeout.
          readOnly: false
          type: string
        condition:
          $ref: '#/components/schemas/c1.api.policy.v1.WaitConditionInstance'
        name:
          description: The name field.
          readOnly: false
          type: string
        skipped:
          $ref: '#/components/schemas/c1.api.policy.v1.SkippedAction'
        startedWaitingAt:
          format: date-time
          readOnly: false
          type: string
        state:
          description: The state field.
          enum:
            - WAIT_INSTANCE_STATE_UNSPECIFIED
            - WAIT_INSTANCE_STATE_WAITING
            - WAIT_INSTANCE_STATE_COMPLETED
            - WAIT_INSTANCE_STATE_TIMED_OUT
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
        succeeded:
          $ref: >-
            #/components/schemas/c1.api.policy.v1.WaitInstance.ConditionSucceeded
        timedOut:
          $ref: '#/components/schemas/c1.api.policy.v1.WaitInstance.ConditionTimedOut'
        timeout:
          format: date-time
          readOnly: false
          type: string
        timeoutDuration:
          format: duration
          readOnly: false
          type: string
        untilTime:
          $ref: '#/components/schemas/c1.api.policy.v1.WaitUntilTimeInstance'
      title: Wait Instance
      type: object
      x-speakeasy-name-override: WaitInstance
    c1.api.policy.v1.Accept:
      description: >-
        This policy step indicates that a ticket should have an approved
        outcome. This is a terminal approval state and is used to explicitly
        define the end of approval steps.
      nullable: true
      properties:
        acceptMessage:
          description: >-
            An optional message to include in the comments when a task is
            automatically accepted.
          readOnly: false
          type: string
      title: Accept
      type: object
      x-speakeasy-name-override: Accept
    c1.api.policy.v1.Action:
      description: >
        The Action message.


        This message contains a oneof named target. Only a single field of the
        following list may be set at a time:
          - automation
      nullable: true
      properties:
        automation:
          $ref: '#/components/schemas/c1.api.policy.v1.ActionTargetAutomation'
      title: Action
      type: object
      x-speakeasy-name-override: Action
    c1.api.policy.v1.Approval:
      description: >
        The Approval message.


        This message contains a oneof named typ. Only a single field of the
        following list may be set at a time:
          - users
          - manager
          - appOwners
          - group
          - self
          - entitlementOwners
          - expression
          - webhook
          - resourceOwners
          - agent
      nullable: true
      properties:
        agent:
          $ref: '#/components/schemas/c1.api.policy.v1.AgentApproval'
        allowDelegation:
          description: Whether ticket delegation is allowed for this step.
          readOnly: false
          type: boolean
        allowReassignment:
          description: Configuration to allow reassignment by reviewers during this step.
          readOnly: false
          type: boolean
        allowedReassignees:
          description: List of users for whom this step can be reassigned.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        appOwners:
          $ref: '#/components/schemas/c1.api.policy.v1.AppOwnerApproval'
        assigned:
          description: A field indicating whether this step is assigned.
          readOnly: true
          type: boolean
        entitlementOwners:
          $ref: '#/components/schemas/c1.api.policy.v1.EntitlementOwnerApproval'
        escalation:
          $ref: '#/components/schemas/c1.api.policy.v1.Escalation'
        escalationEnabled:
          description: Whether escalation is enabled for this step.
          readOnly: false
          type: boolean
        expression:
          $ref: '#/components/schemas/c1.api.policy.v1.ExpressionApproval'
        group:
          $ref: '#/components/schemas/c1.api.policy.v1.AppGroupApproval'
        manager:
          $ref: '#/components/schemas/c1.api.policy.v1.ManagerApproval'
        requireApprovalReason:
          description: Configuration to require a reason when approving this step.
          readOnly: false
          type: boolean
        requireDenialReason:
          description: Configuration to require a reason when denying this step.
          readOnly: false
          type: boolean
        requireReassignmentReason:
          description: Configuration to require a reason when reassigning this step.
          readOnly: false
          type: boolean
        requiresStepUpProviderId:
          description: >-
            The ID of a step-up authentication provider that will be required
            for approvals on this step.
             If set, approvers must complete the step-up authentication flow before they can approve.
          readOnly: false
          type: string
        resourceOwners:
          $ref: '#/components/schemas/c1.api.policy.v1.ResourceOwnerApproval'
        self:
          $ref: '#/components/schemas/c1.api.policy.v1.SelfApproval'
        users:
          $ref: '#/components/schemas/c1.api.policy.v1.UserApproval'
        webhook:
          $ref: '#/components/schemas/c1.api.policy.v1.WebhookApproval'
      title: Approval
      type: object
      x-speakeasy-name-override: Approval
    c1.api.policy.v1.Form:
      description: The Form message.
      nullable: true
      properties:
        form:
          $ref: '#/components/schemas/c1.api.form.v1.Form'
      title: Form
      type: object
      x-speakeasy-name-override: Form
    c1.api.policy.v1.Provision:
      description: The provision step references a provision policy for this step.
      nullable: true
      properties:
        assigned:
          description: A field indicating whether this step is assigned.
          readOnly: false
          type: boolean
        provisionPolicy:
          $ref: '#/components/schemas/c1.api.policy.v1.ProvisionPolicy'
        provisionTarget:
          $ref: '#/components/schemas/c1.api.policy.v1.ProvisionTarget'
      title: Provision
      type: object
      x-speakeasy-name-override: Provision
    c1.api.policy.v1.Reject:
      description: >-
        This policy step indicates that a ticket should have a denied outcome.
        This is a terminal approval state and is used to explicitly define the
        end of approval steps.
      nullable: true
      properties:
        rejectMessage:
          description: >-
            An optional message to include in the comments when a task is
            automatically rejected.
          readOnly: false
          type: string
      title: Reject
      type: object
      x-speakeasy-name-override: Reject
    c1.api.policy.v1.Wait:
      description: >
        Define a Wait step for a policy to wait on a condition to be met.


        This message contains a oneof named until. Only a single field of the
        following list may be set at a time:
          - condition
          - duration
          - untilTime
      nullable: true
      properties:
        commentOnFirstWait:
          description: The comment to post on first failed check.
          readOnly: false
          type: string
        commentOnTimeout:
          description: The comment to post if we timeout.
          readOnly: false
          type: string
        condition:
          $ref: '#/components/schemas/c1.api.policy.v1.WaitCondition'
        duration:
          $ref: '#/components/schemas/c1.api.policy.v1.WaitDuration'
        name:
          description: The name of our condition to show on the task details page
          readOnly: false
          type: string
        timeoutDuration:
          format: duration
          readOnly: false
          type: string
        untilTime:
          $ref: '#/components/schemas/c1.api.policy.v1.WaitUntilTime'
      title: Wait
      type: object
      x-speakeasy-name-override: Wait
    c1.api.policy.v1.PolicySteps:
      description: The PolicySteps message.
      properties:
        steps:
          description: >-
            An array of policy steps indicating the processing flow of a policy.
            These steps are oneOfs, and only one property may be set for each
            array index at a time.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.PolicyStep'
          nullable: true
          readOnly: false
          type: array
      title: Policy Steps
      type: object
      x-speakeasy-name-override: PolicySteps
    c1.api.policy.v1.PolicyPostActions:
      description: >
        These are actions to happen after a policy is complete.


        This message contains a oneof named action. Only a single field of the
        following list may be set at a time:
          - certifyRemediateImmediately
      properties:
        certifyRemediateImmediately:
          description: >-
            ONLY valid when used in a CERTIFY Ticket Type:
             Causes any deprovision or change in a grant to be applied when Certify Ticket is closed.
            This field is part of the `action` oneof.

            See the documentation for `c1.api.policy.v1.PolicyPostActions` for
            more details.
          nullable: true
          readOnly: false
          type: boolean
      title: Policy Post Actions
      type: object
      x-speakeasy-name-override: PolicyPostActions
    c1.api.policy.v1.Rule:
      description: The Rule message.
      properties:
        condition:
          description: The condition field.
          readOnly: false
          type: string
        policyKey:
          description: This is a reference to a list of policy steps from `policy_steps`
          readOnly: false
          type: string
      title: Rule
      type: object
      x-speakeasy-name-override: Rule
    c1.api.task.v1.TaskGrantSource:
      description: >-
        The TaskGrantSource message tracks which external URL was the source of
        the specificed grant ticket.
      properties:
        conversationId:
          description: The ID of the conversation that created this ticket
          readOnly: false
          type: string
        externalUrl:
          description: The external url source of the grant ticket.
          readOnly: false
          type: string
        integrationId:
          description: The integration id for the source of tickets.
          readOnly: false
          type: string
        requestId:
          description: the request id for the grant ticket if the source is external
          readOnly: false
          type: string
      title: Task Grant Source
      type: object
      x-speakeasy-name-override: TaskGrantSource
    c1.api.task.v1.TaskRevokeSource:
      description: >
        The TaskRevokeSource message indicates the source of the revoke task is
        one of expired, nonUsage, request, or review.


        This message contains a oneof named origin. Only a single field of the
        following list may be set at a time:
          - review
          - request
          - expired
          - nonUsage
      properties:
        expired:
          $ref: '#/components/schemas/c1.api.task.v1.TaskRevokeSourceExpired'
        nonUsage:
          $ref: '#/components/schemas/c1.api.task.v1.TaskRevokeSourceNonUsage'
        request:
          $ref: '#/components/schemas/c1.api.task.v1.TaskRevokeSourceRequest'
        review:
          $ref: '#/components/schemas/c1.api.task.v1.TaskRevokeSourceReview'
      title: Task Revoke Source
      type: object
      x-speakeasy-name-override: TaskRevokeSource
    c1.api.form.v1.CheckboxField:
      description: The CheckboxField message.
      nullable: true
      title: Checkbox Field
      type: object
      x-speakeasy-name-override: CheckboxField
    validate.BoolRules:
      description: BoolRules describes the constraints applied to `bool` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          readOnly: false
          type: boolean
      title: Bool Rules
      type: object
      x-speakeasy-name-override: BoolRules
    c1.api.form.v1.ToggleField:
      description: The ToggleField message.
      nullable: true
      title: Toggle Field
      type: object
      x-speakeasy-name-override: ToggleField
    c1.api.form.v1.FileInputField:
      description: The FileInputField message.
      nullable: true
      title: File Input Field
      type: object
      x-speakeasy-name-override: FileInputField
    c1.api.form.v1.NumberField:
      description: The NumberField message.
      nullable: true
      properties:
        maxValue:
          description: The maxValue field.
          format: int64
          readOnly: false
          type: string
        minValue:
          description: The minValue field.
          format: int64
          readOnly: false
          type: string
        step:
          description: The step field.
          format: int64
          readOnly: false
          type: string
      title: Number Field
      type: object
      x-speakeasy-name-override: NumberField
    validate.Int64Rules:
      description: Int64Rules describes the constraints applied to `int64` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: int64
          readOnly: false
          type: string
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: int64
          readOnly: false
          type: string
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: int64
          readOnly: false
          type: string
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: int64
            type: string
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: int64
          readOnly: false
          type: string
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: int64
          readOnly: false
          type: string
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: int64
            type: string
          nullable: true
          readOnly: false
          type: array
      title: Int 64 Rules
      type: object
      x-speakeasy-name-override: Int64Rules
    c1.api.form.v1.Oauth2FieldView:
      description: The Oauth2FieldView message.
      nullable: true
      title: Oauth 2 Field View
      type: object
      x-speakeasy-name-override: Oauth2FieldView
    c1.api.form.v1.PasswordField:
      description: The PasswordField message.
      nullable: true
      title: Password Field
      type: object
      x-speakeasy-name-override: PasswordField
    c1.api.form.v1.PickerField:
      description: >
        The PickerField message.


        This message contains a oneof named type. Only a single field of the
        following list may be set at a time:
          - appUserPicker
          - resourcePicker
      nullable: true
      properties:
        appUserPicker:
          $ref: '#/components/schemas/c1.api.form.v1.AppUserFilter'
        resourcePicker:
          $ref: '#/components/schemas/c1.api.form.v1.AppResourceFilter'
      title: Picker Field
      type: object
      x-speakeasy-name-override: PickerField
    validate.StringRules:
      description: >
        StringRules describe the constraints applied to `string` values


        This message contains a oneof named well_known. Only a single field of
        the following list may be set at a time:
          - email
          - hostname
          - ip
          - ipv4
          - ipv6
          - uri
          - uriRef
          - address
          - uuid
          - wellKnownRegex
      nullable: true
      properties:
        address:
          description: |-
            Address specifies that the field must be either a valid hostname as
             defined by RFC 1034 (which does not support internationalized domain
             names or IDNs), or it can be a valid IP (v4 or v6).
            This field is part of the `well_known` oneof.
            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        const:
          description: Const specifies that this field must be exactly the specified value
          readOnly: false
          type: string
        contains:
          description: |-
            Contains specifies that this field must have the specified substring
             anywhere in the string.
          readOnly: false
          type: string
        email:
          description: |-
            Email specifies that the field must be a valid email address as
             defined by RFC 5322
            This field is part of the `well_known` oneof.
            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        hostname:
          description: |-
            Hostname specifies that the field must be a valid hostname as
             defined by RFC 1034. This constraint does not support
             internationalized domain names (IDNs).
            This field is part of the `well_known` oneof.
            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        ip:
          description: |-
            Ip specifies that the field must be a valid IP (v4 or v6) address.
             Valid IPv6 addresses should not include surrounding square brackets.
            This field is part of the `well_known` oneof.
            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        ipv4:
          description: |-
            Ipv4 specifies that the field must be a valid IPv4 address.
            This field is part of the `well_known` oneof.
            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        ipv6:
          description: |-
            Ipv6 specifies that the field must be a valid IPv6 address. Valid
             IPv6 addresses should not include surrounding square brackets.
            This field is part of the `well_known` oneof.
            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        len:
          description: |-
            Len specifies that this field must be the specified number of
             characters (Unicode code points). Note that the number of
             characters may differ from the number of bytes in the string.
          format: uint64
          readOnly: false
          type: string
        lenBytes:
          description: >-
            LenBytes specifies that this field must be the specified number of
            bytes
             at a minimum
          format: uint64
          readOnly: false
          type: string
        maxBytes:
          description: >-
            MaxBytes specifies that this field must be the specified number of
            bytes
             at a maximum
          format: uint64
          readOnly: false
          type: string
        maxLen:
          description: |-
            MaxLen specifies that this field must be the specified number of
             characters (Unicode code points) at a maximum. Note that the number of
             characters may differ from the number of bytes in the string.
          format: uint64
          readOnly: false
          type: string
        minBytes:
          description: >-
            MinBytes specifies that this field must be the specified number of
            bytes
             at a minimum
          format: uint64
          readOnly: false
          type: string
        minLen:
          description: |-
            MinLen specifies that this field must be the specified number of
             characters (Unicode code points) at a minimum. Note that the number of
             characters may differ from the number of bytes in the string.
          format: uint64
          readOnly: false
          type: string
        notContains:
          description: >-
            NotContains specifies that this field cannot have the specified
            substring
             anywhere in the string.
          readOnly: false
          type: string
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        pattern:
          description: |-
            Pattern specifes that this field must match against the specified
             regular expression (RE2 syntax). The included expression should elide
             any delimiters.
          readOnly: false
          type: string
        prefix:
          description: >-
            Prefix specifies that this field must have the specified substring
            at
             the beginning of the string.
          readOnly: false
          type: string
        strict:
          description: >-
            This applies to regexes HTTP_HEADER_NAME and HTTP_HEADER_VALUE to
            enable
             strict header validation.
             By default, this is true, and HTTP header validations are RFC-compliant.
             Setting to false will enable a looser validations that only disallows
             \r\n\0 characters, which can be used to bypass header matching rules.
          readOnly: false
          type: boolean
        suffix:
          description: >-
            Suffix specifies that this field must have the specified substring
            at
             the end of the string.
          readOnly: false
          type: string
        uri:
          description: >-
            Uri specifies that the field must be a valid, absolute URI as
            defined
             by RFC 3986
            This field is part of the `well_known` oneof.

            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        uriRef:
          description: >-
            UriRef specifies that the field must be a valid URI as defined by
            RFC
             3986 and may be relative or absolute.
            This field is part of the `well_known` oneof.

            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        uuid:
          description: |-
            Uuid specifies that the field must be a valid UUID as defined by
             RFC 4122
            This field is part of the `well_known` oneof.
            See the documentation for `validate.StringRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        wellKnownRegex:
          description: >-
            WellKnownRegex specifies a common well known pattern defined as a
            regex.

            This field is part of the `well_known` oneof.

            See the documentation for `validate.StringRules` for more details.
          enum:
            - UNKNOWN
            - HTTP_HEADER_NAME
            - HTTP_HEADER_VALUE
          nullable: true
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
      title: String Rules
      type: object
      x-speakeasy-name-override: StringRules
    c1.api.form.v1.SelectField:
      description: The SelectField message.
      nullable: true
      properties:
        options:
          description: The options field.
          items:
            $ref: '#/components/schemas/c1.api.form.v1.SelectOption'
          nullable: true
          readOnly: false
          type: array
        type:
          description: The type field.
          enum:
            - SELECT_TYPE_UNSPECIFIED
            - SELECT_TYPE_DROPDOWN
            - SELECT_TYPE_RADIO
            - SELECT_TYPE_BUTTONS
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
      title: Select Field
      type: object
      x-speakeasy-name-override: SelectField
    c1.api.form.v1.TextField:
      description: The TextField message.
      nullable: true
      properties:
        multiline:
          description: The multiline field.
          readOnly: false
          type: boolean
      title: Text Field
      type: object
      x-speakeasy-name-override: TextField
    c1.api.form.v1.ChipsField:
      description: The ChipsField message.
      nullable: true
      title: Chips Field
      type: object
      x-speakeasy-name-override: ChipsField
    validate.RepeatedRules:
      description: RepeatedRules describe the constraints applied to `repeated` values
      nullable: true
      properties:
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        items:
          $ref: '#/components/schemas/validate.FieldRules'
        maxItems:
          description: |-
            MaxItems specifies that this field must have the specified number of
             items at a maximum
          format: uint64
          readOnly: false
          type: string
        minItems:
          description: |-
            MinItems specifies that this field must have the specified number of
             items at a minimum
          format: uint64
          readOnly: false
          type: string
        unique:
          description: >-
            Unique specifies that all elements in this field must be unique.
            This
             contraint is only applicable to scalar and enum types (messages are not
             supported).
          readOnly: false
          type: boolean
      title: Repeated Rules
      type: object
      x-speakeasy-name-override: RepeatedRules
    c1.api.policy.v1.ActionTargetAutomationInstance:
      description: The ActionTargetAutomationInstance message.
      nullable: true
      properties:
        automationExecutionId:
          description: The automationExecutionId field.
          readOnly: false
          type: string
      title: Action Target Automation Instance
      type: object
      x-speakeasy-name-override: ActionTargetAutomationInstance
    c1.api.policy.v1.ActionOutcomeCancelled:
      description: The ActionOutcomeCancelled message.
      nullable: true
      properties:
        outcomeTime:
          format: date-time
          readOnly: false
          type: string
      title: Action Outcome Cancelled
      type: object
      x-speakeasy-name-override: ActionOutcomeCancelled
    c1.api.policy.v1.ActionOutcomeDenied:
      description: The ActionOutcomeDenied message.
      nullable: true
      properties:
        outcomeTime:
          format: date-time
          readOnly: false
          type: string
      title: Action Outcome Denied
      type: object
      x-speakeasy-name-override: ActionOutcomeDenied
    c1.api.policy.v1.ActionOutcomeError:
      description: The ActionOutcomeError message.
      nullable: true
      properties:
        errorCode:
          description: The errorCode field.
          readOnly: false
          type: string
        errorMessage:
          description: The errorMessage field.
          readOnly: false
          type: string
        outcomeTime:
          format: date-time
          readOnly: false
          type: string
      title: Action Outcome Error
      type: object
      x-speakeasy-name-override: ActionOutcomeError
    c1.api.policy.v1.ActionOutcomeSuccess:
      description: The ActionOutcomeSuccess message.
      nullable: true
      properties:
        outcomeTime:
          format: date-time
          readOnly: false
          type: string
      title: Action Outcome Success
      type: object
      x-speakeasy-name-override: ActionOutcomeSuccess
    c1.api.policy.v1.ApprovedAction:
      description: >-
        The approved action indicates that the approvalinstance had an outcome
        of approved.
      nullable: true
      properties:
        approvedAt:
          format: date-time
          readOnly: true
          type: string
        entitlements:
          description: >-
            The entitlements that were approved. This will only ever be a list
            of one entitlement.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference'
          nullable: true
          readOnly: true
          type: array
        stepUpTransactionId:
          description: >-
            The ID of the step-up transaction that was used for this approval,
            if step-up was required.
          readOnly: true
          type: string
        userId:
          description: The UserID that approved this step.
          readOnly: true
          type: string
      title: Approved Action
      type: object
      x-speakeasy-name-override: ApprovedAction
    c1.api.policy.v1.DeniedAction:
      description: >-
        The denied action indicates that the c1.api.policy.v1.ApprovalInstance
        had an outcome of denied.
      nullable: true
      properties:
        deniedAt:
          format: date-time
          readOnly: true
          type: string
        userId:
          description: The UserID that denied this step.
          readOnly: true
          type: string
      title: Denied Action
      type: object
      x-speakeasy-name-override: DeniedAction
    c1.api.policy.v1.EscalationInstance:
      description: >
        The EscalationInstance message.


        This message contains a oneof named escalation_policy. Only a single
        field of the following list may be set at a time:
          - replacePolicy
          - reassignToApprovers
          - cancelTicket
          - skipStep
      properties:
        alreadyEscalated:
          description: The alreadyEscalated field.
          readOnly: false
          type: boolean
        cancelTicket:
          $ref: >-
            #/components/schemas/c1.api.policy.v1.EscalationInstance.CancelTicket
        escalationComment:
          description: The escalationComment field.
          readOnly: false
          type: string
        expiresAt:
          format: date-time
          readOnly: false
          type: string
        reassignToApprovers:
          $ref: >-
            #/components/schemas/c1.api.policy.v1.EscalationInstance.ReassignToApprovers
        replacePolicy:
          $ref: >-
            #/components/schemas/c1.api.policy.v1.EscalationInstance.ReplacePolicy
        skipStep:
          $ref: '#/components/schemas/c1.api.policy.v1.EscalationInstance.SkipStep'
      title: Escalation Instance
      type: object
      x-speakeasy-name-override: EscalationInstance
    c1.api.policy.v1.ReassignedAction:
      description: >-
        The ReassignedAction object describes the outcome of a policy step that
        has been reassigned.
      nullable: true
      properties:
        newPolicyStepId:
          description: >-
            The ID of the policy step that was created as a result of this
            reassignment.
          readOnly: true
          type: string
        reassignedAt:
          format: date-time
          readOnly: true
          type: string
        userId:
          description: The UserID of the person who reassigned this step.
          readOnly: true
          type: string
      title: Reassigned Action
      type: object
      x-speakeasy-name-override: ReassignedAction
    c1.api.policy.v1.ReassignedByErrorAction:
      description: >-
        The ReassignedByErrorAction object describes the outcome of a policy
        step that has been reassigned because it had an error provisioning.
      nullable: true
      properties:
        description:
          description: >-
            The description of the error with more details on why this was
            reassigned.
          readOnly: true
          type: string
        errorCode:
          description: >-
            Additional information about the error, like http status codes or
            error messages from SDKs.
          readOnly: true
          type: string
        errorUserId:
          description: >-
            The UserID of the user who reassigned this due to an error. This
            will exclusively be the System's UserID.
          readOnly: true
          type: string
        erroredAt:
          format: date-time
          readOnly: true
          type: string
        newPolicyStepId:
          description: The ID of the policy step that was created by this reassignment.
          readOnly: true
          type: string
        reassignedAt:
          format: date-time
          readOnly: true
          type: string
      title: Reassigned By Error Action
      type: object
      x-speakeasy-name-override: ReassignedByErrorAction
    c1.api.policy.v1.RestartAction:
      description: >-
        The restart action describes the outcome of policy steps for when the
        task was restarted. This can be applied to multiple steps since restart
        skips all pending next steps.
      nullable: true
      properties:
        oldPolicyStepId:
          description: >-
            The step ID that was restarted. Potentially multiple "history" steps
            will reference this ID to indicate by what step they were restarted.
          readOnly: true
          type: string
        restartedAt:
          format: date-time
          readOnly: true
          type: string
        userId:
          description: The user that submitted the restart action.
          readOnly: true
          type: string
      title: Restart Action
      type: object
      x-speakeasy-name-override: RestartAction
    c1.api.policy.v1.SkippedAction:
      description: >-
        The SkippedAction object describes the outcome of a policy step that has
        been skipped.
      nullable: true
      properties:
        newPolicyStepId:
          description: >-
            The ID of the policy step that was created as a result of this
            skipping.
          readOnly: true
          type: string
        skippedAt:
          format: date-time
          readOnly: true
          type: string
        userId:
          description: The UserID of the user who skipped this step.
          readOnly: true
          type: string
      title: Skipped Action
      type: object
      x-speakeasy-name-override: SkippedAction
    c1.api.policy.v1.FormCompletedAction:
      description: The FormCompletedAction message.
      nullable: true
      properties:
        completedAt:
          format: date-time
          readOnly: false
          type: string
        userId:
          description: The userId field.
          readOnly: false
          type: string
      title: Form Completed Action
      type: object
      x-speakeasy-name-override: FormCompletedAction
    c1.api.policy.v1.CancelledAction:
      description: The outcome of a provision instance that is cancelled.
      nullable: true
      properties:
        cancelledAt:
          format: date-time
          readOnly: false
          type: string
        cancelledByUserId:
          description: The userID, usually the system, that cancells a provision instance.
          readOnly: false
          type: string
      title: Cancelled Action
      type: object
      x-speakeasy-name-override: CancelledAction
    c1.api.policy.v1.CompletedAction:
      description: The outcome of a provision instance that has been completed succesfully.
      nullable: true
      properties:
        completedAt:
          format: date-time
          readOnly: false
          type: string
        entitlements:
          description: >-
            The list of entitlements that were provisioned. This is leftover
            from an older design, and is only ever going to be a single
            entitlement.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference'
          nullable: true
          readOnly: false
          type: array
        userId:
          description: >-
            The UserID of who completed provisioning. For connector provisioning
            this is the system user id, for manual provisioning this is who
            clicked "provision complete"
          readOnly: false
          type: string
      title: Completed Action
      type: object
      x-speakeasy-name-override: CompletedAction
    c1.api.policy.v1.ErroredAction:
      description: The outcome of a provision instance that has errored.
      nullable: true
      properties:
        description:
          description: The description of a provision instance that has errored.
          readOnly: false
          type: string
        errorCode:
          description: >-
            The error code of a provision instance that has errored. This is
            only PEC-1 for now, but more will be added in the future.
          readOnly: false
          type: string
        erroredAt:
          format: date-time
          readOnly: false
          type: string
      title: Errored Action
      type: object
      x-speakeasy-name-override: ErroredAction
    c1.api.policy.v1.WaitConditionInstance:
      description: >-
        Used by the policy engine to describe an instantiated condition to wait
        on.
      nullable: true
      properties:
        condition:
          description: >-
            The condition that has to be true for this wait condition instance
            to continue.
          readOnly: false
          type: string
      title: Wait Condition Instance
      type: object
      x-speakeasy-name-override: WaitConditionInstance
    c1.api.policy.v1.WaitInstance.ConditionSucceeded:
      description: The ConditionSucceeded message.
      nullable: true
      properties:
        succeededAt:
          format: date-time
          readOnly: false
          type: string
      title: Condition Succeeded
      type: object
      x-speakeasy-name-override: ConditionSucceeded
    c1.api.policy.v1.WaitInstance.ConditionTimedOut:
      description: The ConditionTimedOut message.
      nullable: true
      properties:
        timedOutAt:
          format: date-time
          readOnly: false
          type: string
      title: Condition Timed Out
      type: object
      x-speakeasy-name-override: ConditionTimedOut
    c1.api.policy.v1.WaitUntilTimeInstance:
      description: The WaitUntilTimeInstance message.
      nullable: true
      properties:
        durationIfExists:
          format: duration
          readOnly: false
          type: string
        untilTime:
          format: date-time
          readOnly: false
          type: string
      title: Wait Until Time Instance
      type: object
      x-speakeasy-name-override: WaitUntilTimeInstance
    c1.api.policy.v1.ActionTargetAutomation:
      description: The ActionTargetAutomation message.
      nullable: true
      properties:
        automationTemplateId:
          description: The automationTemplateId field.
          readOnly: false
          type: string
      title: Action Target Automation
      type: object
      x-speakeasy-name-override: ActionTargetAutomation
    c1.api.policy.v1.AgentApproval:
      description: The agent to assign the task to.
      nullable: true
      properties:
        agentFailureAction:
          description: >-
            The action to take if the agent fails to approve, deny, or reassign
            the task.
          enum:
            - APPROVAL_AGENT_FAILURE_ACTION_UNSPECIFIED
            - APPROVAL_AGENT_FAILURE_ACTION_REASSIGN_TO_USERS
            - APPROVAL_AGENT_FAILURE_ACTION_REASSIGN_TO_SUPER_ADMINS
            - APPROVAL_AGENT_FAILURE_ACTION_SKIP_POLICY_STEP
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
        agentMode:
          description: >-
            The mode of the agent, full control, change policy only, or comment
            only.
          enum:
            - APPROVAL_AGENT_MODE_UNSPECIFIED
            - APPROVAL_AGENT_MODE_FULL_CONTROL
            - APPROVAL_AGENT_MODE_CHANGE_POLICY_ONLY
            - APPROVAL_AGENT_MODE_COMMENT_ONLY
          readOnly: false
          type: string
          x-speakeasy-unknown-values: allow
        agentUserId:
          description: The agent user ID to assign the task to.
          readOnly: false
          type: string
        instructions:
          description: Instructions for the agent.
          readOnly: false
          type: string
        policyIds:
          description: The allow list of policy IDs to re-route the task to.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        reassignToUserIds:
          description: >-
            The users to reassign the task to if the agent failure action is
            reassign to users.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
      title: Agent Approval
      type: object
      x-speakeasy-name-override: AgentApproval
    c1.api.policy.v1.AppOwnerApproval:
      description: >-
        App owner approval provides the configuration for an approval step when
        the app owner is the target.
      nullable: true
      properties:
        allowSelfApproval:
          description: >-
            Configuration that allows a user to self approve if they are an app
            owner during this approval step.
          readOnly: false
          type: boolean
        requireDistinctApprovers:
          description: >-
            Configuration to require distinct approvers across approval steps of
            a rule.
          readOnly: false
          type: boolean
      title: App Owner Approval
      type: object
      x-speakeasy-name-override: AppOwnerApproval
    c1.api.policy.v1.EntitlementOwnerApproval:
      description: >-
        The entitlement owner approval allows configuration of the approval step
        when the target approvers are the entitlement owners.
      nullable: true
      properties:
        allowSelfApproval:
          description: >-
            Configuration to allow self approval if the target user is an
            entitlement owner during this step.
          readOnly: false
          type: boolean
        fallback:
          description: >-
            Configuration to allow a fallback if the entitlement owner cannot be
            identified.
          readOnly: false
          type: boolean
        fallbackGroupIds:
          description: >-
            Configuration to specify which groups to fallback to if fallback is
            enabled and the entitlement owner cannot be identified.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference'
          nullable: true
          readOnly: false
          type: array
        fallbackUserIds:
          description: >-
            Configuration to specific which users to fallback to if fallback is
            enabled and the entitlement owner cannot be identified.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        isGroupFallbackEnabled:
          description: Configuration to enable fallback for group fallback.
          readOnly: false
          type: boolean
        requireDistinctApprovers:
          description: >-
            Configuration to require distinct approvers across approval steps of
            a rule.
          readOnly: false
          type: boolean
      title: Entitlement Owner Approval
      type: object
      x-speakeasy-name-override: EntitlementOwnerApproval
    c1.api.policy.v1.Escalation:
      description: >
        The Escalation message.


        This message contains a oneof named escalation_policy. Only a single
        field of the following list may be set at a time:
          - replacePolicy
          - reassignToApprovers
          - cancelTicket
          - skipStep
      properties:
        cancelTicket:
          $ref: '#/components/schemas/c1.api.policy.v1.Escalation.CancelTicket'
        escalationComment:
          description: The escalationComment field.
          readOnly: false
          type: string
        expiration:
          description: The expiration field.
          format: int64
          readOnly: false
          type: string
        reassignToApprovers:
          $ref: '#/components/schemas/c1.api.policy.v1.Escalation.ReassignToApprovers'
        replacePolicy:
          $ref: '#/components/schemas/c1.api.policy.v1.Escalation.ReplacePolicy'
        skipStep:
          $ref: '#/components/schemas/c1.api.policy.v1.Escalation.SkipStep'
      title: Escalation
      type: object
      x-speakeasy-name-override: Escalation
    c1.api.policy.v1.ExpressionApproval:
      description: The ExpressionApproval message.
      nullable: true
      properties:
        allowSelfApproval:
          description: >-
            Configuration to allow self approval of if the user is specified and
            also the target of the ticket.
          readOnly: false
          type: boolean
        assignedUserIds:
          description: The assignedUserIds field.
          items:
            type: string
          nullable: true
          readOnly: true
          type: array
        expressions:
          description: >-
            Array of dynamic expressions to determine the approvers.  The first
            expression to return a non-empty list of users will be used.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        fallback:
          description: >-
            Configuration to allow a fallback if the expression does not return
            a valid list of users.
          readOnly: false
          type: boolean
        fallbackGroupIds:
          description: >-
            Configuration to specify which groups to fallback to if fallback is
            enabled and the expression does not return a valid list of users.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference'
          nullable: true
          readOnly: false
          type: array
        fallbackUserIds:
          description: >-
            Configuration to specific which users to fallback to if and the
            expression does not return a valid list of users.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        isGroupFallbackEnabled:
          description: Configuration to enable fallback for group fallback.
          readOnly: false
          type: boolean
        requireDistinctApprovers:
          description: >-
            Configuration to require distinct approvers across approval steps of
            a rule.
          readOnly: false
          type: boolean
      title: Expression Approval
      type: object
      x-speakeasy-name-override: ExpressionApproval
    c1.api.policy.v1.AppGroupApproval:
      description: >-
        The AppGroupApproval object provides the configuration for setting a
        group as the approvers of an approval policy step.
      nullable: true
      properties:
        allowSelfApproval:
          description: >-
            Configuration to allow self approval if the target user is a member
            of the group during this step.
          readOnly: false
          type: boolean
        appGroupId:
          description: The ID of the group specified for approval.
          readOnly: false
          type: string
        appId:
          description: The ID of the app that contains the group specified for approval.
          readOnly: false
          type: string
        fallback:
          description: Configuration to allow a fallback if the group is empty.
          readOnly: false
          type: boolean
        fallbackGroupIds:
          description: >-
            Configuration to specify which groups to fallback to if fallback is
            enabled and the group is empty.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference'
          nullable: true
          readOnly: false
          type: array
        fallbackUserIds:
          description: >-
            Configuration to specific which users to fallback to if fallback is
            enabled and the group is empty.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        isGroupFallbackEnabled:
          description: Configuration to enable fallback for group fallback.
          readOnly: false
          type: boolean
        requireDistinctApprovers:
          description: >-
            Configuration to require distinct approvers across approval steps of
            a rule.
          readOnly: false
          type: boolean
      title: App Group Approval
      type: object
      x-speakeasy-name-override: AppGroupApproval
    c1.api.policy.v1.ManagerApproval:
      description: >-
        The manager approval object provides configuration options for approval
        when the target of the approval is the manager of the user in the task.
      nullable: true
      properties:
        allowSelfApproval:
          description: >-
            Configuration to allow self approval if the target user is their own
            manager. This may occur if a service account has an identity user
            and manager specified as the same person.
          readOnly: false
          type: boolean
        assignedUserIds:
          description: >-
            The array of users determined to be the manager during processing
            time.
          items:
            type: string
          nullable: true
          readOnly: true
          type: array
        fallback:
          description: Configuration to allow a fallback if no manager is found.
          readOnly: false
          type: boolean
        fallbackGroupIds:
          description: >-
            Configuration to specify which groups to fallback to if fallback is
            enabled and no manager is found.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference'
          nullable: true
          readOnly: false
          type: array
        fallbackUserIds:
          description: >-
            Configuration to specific which users to fallback to if fallback is
            enabled and no manager is found.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        isGroupFallbackEnabled:
          description: Configuration to enable fallback for group fallback.
          readOnly: false
          type: boolean
        requireDistinctApprovers:
          description: >-
            Configuration to require distinct approvers across approval steps of
            a rule.
          readOnly: false
          type: boolean
      title: Manager Approval
      type: object
      x-speakeasy-name-override: ManagerApproval
    c1.api.policy.v1.ResourceOwnerApproval:
      description: >-
        The resource owner approval allows configuration of the approval step
        when the target approvers are the resource owners.
      nullable: true
      properties:
        allowSelfApproval:
          description: >-
            Configuration to allow self approval if the target user is an
            resource owner during this step.
          readOnly: false
          type: boolean
        fallback:
          description: >-
            Configuration to allow a fallback if the resource owner cannot be
            identified.
          readOnly: false
          type: boolean
        fallbackGroupIds:
          description: >-
            Configuration to specify which groups to fallback to if fallback is
            enabled and the resource owner cannot be identified.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference'
          nullable: true
          readOnly: false
          type: array
        fallbackUserIds:
          description: >-
            Configuration to specific which users to fallback to if fallback is
            enabled and the resource owner cannot be identified.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        isGroupFallbackEnabled:
          description: Configuration to enable fallback for group fallback.
          readOnly: false
          type: boolean
        requireDistinctApprovers:
          description: >-
            Configuration to require distinct approvers across approval steps of
            a rule.
          readOnly: false
          type: boolean
      title: Resource Owner Approval
      type: object
      x-speakeasy-name-override: ResourceOwnerApproval
    c1.api.policy.v1.SelfApproval:
      description: >-
        The self approval object describes the configuration of a policy step
        that needs to be approved by the target of the request.
      nullable: true
      properties:
        assignedUserIds:
          description: >-
            The array of users determined to be themselves during approval. This
            should only ever be one person, but is saved because it may change
            if the owner of an app user changes while the ticket is open.
          items:
            type: string
          nullable: true
          readOnly: true
          type: array
        fallback:
          description: >-
            Configuration to allow a fallback if the identity user of the target
            app user cannot be determined.
          readOnly: false
          type: boolean
        fallbackGroupIds:
          description: >-
            Configuration to specify which groups to fallback to if fallback is
            enabled and the identity user of the target app user cannot be
            determined.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.AppEntitlementReference'
          nullable: true
          readOnly: false
          type: array
        fallbackUserIds:
          description: >-
            Configuration to specific which users to fallback to if fallback is
            enabled and the identity user of the target app user cannot be
            determined.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        isGroupFallbackEnabled:
          description: Configuration to enable fallback for group fallback.
          readOnly: false
          type: boolean
      title: Self Approval
      type: object
      x-speakeasy-name-override: SelfApproval
    c1.api.policy.v1.UserApproval:
      description: >-
        The user approval object describes the approval configuration of a
        policy step that needs to be approved by a specific list of users.
      nullable: true
      properties:
        allowSelfApproval:
          description: >-
            Configuration to allow self approval of if the user is specified and
            also the target of the ticket.
          readOnly: false
          type: boolean
        requireDistinctApprovers:
          description: >-
            Configuration to require distinct approvers across approval steps of
            a rule.
          readOnly: false
          type: boolean
        userIds:
          description: Array of users configured for approval.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
      title: User Approval
      type: object
      x-speakeasy-name-override: UserApproval
    c1.api.policy.v1.WebhookApproval:
      description: The WebhookApproval message.
      nullable: true
      properties:
        webhookId:
          description: The ID of the webhook to call for approval.
          readOnly: false
          type: string
      title: Webhook Approval
      type: object
      x-speakeasy-name-override: WebhookApproval
    c1.api.policy.v1.ProvisionPolicy:
      description: >
        ProvisionPolicy is a oneOf that indicates how a provision step should be
        processed.


        This message contains a oneof named typ. Only a single field of the
        following list may be set at a time:
          - connector
          - manual
          - delegated
          - webhook
          - multiStep
          - externalTicket
          - unconfigured
          - action
      properties:
        action:
          $ref: '#/components/schemas/c1.api.policy.v1.ActionProvision'
        connector:
          $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision'
        delegated:
          $ref: '#/components/schemas/c1.api.policy.v1.DelegatedProvision'
        externalTicket:
          $ref: '#/components/schemas/c1.api.policy.v1.ExternalTicketProvision'
        manual:
          $ref: '#/components/schemas/c1.api.policy.v1.ManualProvision'
        multiStep:
          $ref: '#/components/schemas/c1.api.policy.v1.MultiStep'
        unconfigured:
          $ref: '#/components/schemas/c1.api.policy.v1.UnconfiguredProvision'
        webhook:
          $ref: '#/components/schemas/c1.api.policy.v1.WebhookProvision'
      title: Provision Policy
      type: object
      x-speakeasy-name-override: ProvisionPolicy
    c1.api.policy.v1.ProvisionTarget:
      description: >-
        ProvisionTarget indicates the specific app, app entitlement, and if
        known, the app user and grant duration of this provision step
      properties:
        appEntitlementId:
          description: The app entitlement that should be provisioned.
          readOnly: false
          type: string
        appId:
          description: The app in which the entitlement should be provisioned
          readOnly: false
          type: string
        appUserId:
          description: >-
            The app user that should be provisioned. May be unset if the app
            user is unknown
          readOnly: false
          type: string
        grantDuration:
          format: duration
          readOnly: false
          type: string
      title: Provision Target
      type: object
      x-speakeasy-name-override: ProvisionTarget
    c1.api.policy.v1.WaitCondition:
      description: The WaitCondition message.
      nullable: true
      properties:
        condition:
          description: >-
            The condition that has to be true for this wait condition to
            continue.
          readOnly: false
          type: string
      title: Wait Condition
      type: object
      x-speakeasy-name-override: WaitCondition
    c1.api.policy.v1.WaitDuration:
      description: The WaitDuration message.
      nullable: true
      properties:
        duration:
          format: duration
          readOnly: false
          type: string
      title: Wait Duration
      type: object
      x-speakeasy-name-override: WaitDuration
    c1.api.policy.v1.WaitUntilTime:
      description: Waits until a specific time of the day (UTC)
      nullable: true
      properties:
        hours:
          description: The hours field.
          format: uint32
          readOnly: false
          type: integer
        minutes:
          description: The minutes field.
          format: uint32
          readOnly: false
          type: integer
        timezone:
          description: The timezone field.
          readOnly: false
          type: string
      title: Wait Until Time
      type: object
      x-speakeasy-name-override: WaitUntilTime
    c1.api.task.v1.TaskRevokeSourceExpired:
      description: >-
        The TaskRevokeSourceExpired message indicates that the source of the
        revoke task is due to a grant expiring.
      nullable: true
      properties:
        expiredAt:
          format: date-time
          readOnly: false
          type: string
      title: Task Revoke Source Expired
      type: object
      x-speakeasy-name-override: TaskRevokeSourceExpired
    c1.api.task.v1.TaskRevokeSourceNonUsage:
      description: >-
        The TaskRevokeSourceNonUsage message indicates that the source of the
        revoke task is due to the grant not being used.
      nullable: true
      properties:
        expiresAt:
          format: date-time
          readOnly: false
          type: string
        lastLogin:
          format: date-time
          readOnly: false
          type: string
      title: Task Revoke Source Non Usage
      type: object
      x-speakeasy-name-override: TaskRevokeSourceNonUsage
    c1.api.task.v1.TaskRevokeSourceRequest:
      description: >-
        The TaskRevokeSourceRequest message indicates that the source of the
        revoke task was a request.
      nullable: true
      properties:
        requestUserId:
          description: The ID of the user who initiated the revoke request.
          readOnly: false
          type: string
      title: Task Revoke Source Request
      type: object
      x-speakeasy-name-override: TaskRevokeSourceRequest
    c1.api.task.v1.TaskRevokeSourceReview:
      description: >-
        The TaskRevokeSourceReview message tracks which access review was the
        source of the specificed revoke ticket.
      nullable: true
      properties:
        accessReviewId:
          description: The ID of the access review associated with the revoke task.
          readOnly: false
          type: string
        certTicketId:
          description: >-
            The ID of the certify ticket that was denied and created this revoke
            task.
          readOnly: false
          type: string
      title: Task Revoke Source Review
      type: object
      x-speakeasy-name-override: TaskRevokeSourceReview
    c1.api.form.v1.AppUserFilter:
      description: The AppUserFilter message.
      nullable: true
      properties:
        appId:
          description: The appId field.
          readOnly: false
          type: string
      title: App User Filter
      type: object
      x-speakeasy-name-override: AppUserFilter
    c1.api.form.v1.AppResourceFilter:
      description: The AppResourceFilter message.
      nullable: true
      properties:
        appId:
          description: The appId field.
          readOnly: false
          type: string
        resourceTypeId:
          description: The resourceTypeId field.
          readOnly: false
          type: string
      title: App Resource Filter
      type: object
      x-speakeasy-name-override: AppResourceFilter
    c1.api.form.v1.SelectOption:
      description: The SelectOption message.
      properties:
        description:
          description: Used for type BUTTONS
          readOnly: false
          type: string
        displayName:
          description: The displayName field.
          readOnly: false
          type: string
        value:
          description: The value field.
          readOnly: false
          type: string
      title: Select Option
      type: object
      x-speakeasy-name-override: SelectOption
    validate.FieldRules:
      description: >
        FieldRules encapsulates the rules for each type of field. Depending on
        the
         field, the correct set should be used to ensure proper validations.

        This message contains a oneof named type. Only a single field of the
        following list may be set at a time:
          - float
          - double
          - int32
          - int64
          - uint32
          - uint64
          - sint32
          - sint64
          - fixed32
          - fixed64
          - sfixed32
          - sfixed64
          - bool
          - string
          - bytes
          - enum
          - repeated
          - map
          - any
          - duration
          - timestamp
      properties:
        any:
          $ref: '#/components/schemas/validate.AnyRules'
        bool:
          $ref: '#/components/schemas/validate.BoolRules'
        bytes:
          $ref: '#/components/schemas/validate.BytesRules'
        double:
          $ref: '#/components/schemas/validate.DoubleRules'
        duration:
          $ref: '#/components/schemas/validate.DurationRules'
        enum:
          $ref: '#/components/schemas/validate.EnumRules'
        fixed32:
          $ref: '#/components/schemas/validate.Fixed32Rules'
        fixed64:
          $ref: '#/components/schemas/validate.Fixed64Rules'
        float:
          $ref: '#/components/schemas/validate.FloatRules'
        int32:
          $ref: '#/components/schemas/validate.Int32Rules'
        int64:
          $ref: '#/components/schemas/validate.Int64Rules'
        map:
          $ref: '#/components/schemas/validate.MapRules'
        message:
          $ref: '#/components/schemas/validate.MessageRules'
        repeated:
          $ref: '#/components/schemas/validate.RepeatedRules'
        sfixed32:
          $ref: '#/components/schemas/validate.SFixed32Rules'
        sfixed64:
          $ref: '#/components/schemas/validate.SFixed64Rules'
        sint32:
          $ref: '#/components/schemas/validate.SInt32Rules'
        sint64:
          $ref: '#/components/schemas/validate.SInt64Rules'
        string:
          $ref: '#/components/schemas/validate.StringRules'
        timestamp:
          $ref: '#/components/schemas/validate.TimestampRules'
        uint32:
          $ref: '#/components/schemas/validate.UInt32Rules'
        uint64:
          $ref: '#/components/schemas/validate.UInt64Rules'
      title: Field Rules
      type: object
      x-speakeasy-name-override: FieldRules
    c1.api.policy.v1.AppEntitlementReference:
      description: This object references an app entitlement's ID and AppID.
      properties:
        appEntitlementId:
          description: The ID of the Entitlement.
          readOnly: false
          type: string
        appId:
          description: The ID of the App this entitlement belongs to.
          readOnly: false
          type: string
      title: App Entitlement Reference
      type: object
      x-speakeasy-name-override: AppEntitlementReference
    c1.api.policy.v1.EscalationInstance.CancelTicket:
      description: The CancelTicket message.
      nullable: true
      title: Cancel Ticket
      type: object
      x-speakeasy-name-override: CancelTicket
    c1.api.policy.v1.EscalationInstance.ReassignToApprovers:
      description: The ReassignToApprovers message.
      nullable: true
      properties:
        approverIds:
          description: The approverIds field.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
      title: Reassign To Approvers
      type: object
      x-speakeasy-name-override: ReassignToApprovers
    c1.api.policy.v1.EscalationInstance.ReplacePolicy:
      description: The ReplacePolicy message.
      nullable: true
      properties:
        policyId:
          description: The policyId field.
          readOnly: false
          type: string
      title: Replace Policy
      type: object
      x-speakeasy-name-override: ReplacePolicy
    c1.api.policy.v1.EscalationInstance.SkipStep:
      description: The SkipStep message.
      nullable: true
      title: Skip Step
      type: object
      x-speakeasy-name-override: SkipStep
    c1.api.policy.v1.Escalation.CancelTicket:
      description: The CancelTicket message.
      nullable: true
      title: Cancel Ticket
      type: object
      x-speakeasy-name-override: CancelTicket
    c1.api.policy.v1.Escalation.ReassignToApprovers:
      description: The ReassignToApprovers message.
      nullable: true
      properties:
        approverIds:
          description: The approverIds field.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
      title: Reassign To Approvers
      type: object
      x-speakeasy-name-override: ReassignToApprovers
    c1.api.policy.v1.Escalation.ReplacePolicy:
      description: The ReplacePolicy message.
      nullable: true
      properties:
        policyId:
          description: The policyId field.
          readOnly: false
          type: string
      title: Replace Policy
      type: object
      x-speakeasy-name-override: ReplacePolicy
    c1.api.policy.v1.Escalation.SkipStep:
      description: The SkipStep message.
      nullable: true
      title: Skip Step
      type: object
      x-speakeasy-name-override: SkipStep
    c1.api.policy.v1.ActionProvision:
      description: >-
        This provision step indicates that account lifecycle action should be
        called to provision this entitlement.
      nullable: true
      properties:
        actionName:
          description: The actionName field.
          readOnly: false
          type: string
        appId:
          description: The appId field.
          readOnly: false
          type: string
        connectorId:
          description: The connectorId field.
          readOnly: false
          type: string
        displayName:
          description: The displayName field.
          readOnly: false
          type: string
      title: Action Provision
      type: object
      x-speakeasy-name-override: ActionProvision
    c1.api.policy.v1.ConnectorProvision:
      description: >
        Indicates that a connector should perform the provisioning. This object
        has no fields.


        This message contains a oneof named provision_type. Only a single field
        of the following list may be set at a time:
          - defaultBehavior
          - account
          - deleteAccount
      nullable: true
      properties:
        account:
          $ref: >-
            #/components/schemas/c1.api.policy.v1.ConnectorProvision.AccountProvision
        defaultBehavior:
          $ref: >-
            #/components/schemas/c1.api.policy.v1.ConnectorProvision.DefaultBehavior
        deleteAccount:
          $ref: >-
            #/components/schemas/c1.api.policy.v1.ConnectorProvision.DeleteAccount
      title: Connector Provision
      type: object
      x-speakeasy-name-override: ConnectorProvision
    c1.api.policy.v1.DelegatedProvision:
      description: >-
        This provision step indicates that we should delegate provisioning to
        the configuration of another app entitlement. This app entitlement does
        not have to be one from the same app, but MUST be configured as a proxy
        binding leading into this entitlement.
      nullable: true
      properties:
        appId:
          description: The AppID of the entitlement to delegate provisioning to.
          readOnly: false
          type: string
        entitlementId:
          description: The ID of the entitlement we are delegating provisioning to.
          readOnly: false
          type: string
        implicit:
          description: >-
            If true, a binding will be automatically created from the
            entitlement of the parent app.
          readOnly: false
          type: boolean
      title: Delegated Provision
      type: object
      x-speakeasy-name-override: DelegatedProvision
    c1.api.policy.v1.ExternalTicketProvision:
      description: >-
        This provision step indicates that we should check an external ticket to
        provision this entitlement
      nullable: true
      properties:
        appId:
          description: The appId field.
          readOnly: false
          type: string
        connectorId:
          description: The connectorId field.
          readOnly: false
          type: string
        externalTicketProvisionerConfigId:
          description: The externalTicketProvisionerConfigId field.
          readOnly: false
          type: string
        instructions:
          description: >-
            This field indicates a text body of instructions for the provisioner
            to indicate.
          readOnly: false
          type: string
      title: External Ticket Provision
      type: object
      x-speakeasy-name-override: ExternalTicketProvision
    c1.api.policy.v1.ManualProvision:
      description: >-
        Manual provisioning indicates that a human must intervene for the
        provisioning of this step.
      nullable: true
      properties:
        instructions:
          description: >-
            This field indicates a text body of instructions for the provisioner
            to indicate.
          readOnly: false
          type: string
        userIds:
          description: An array of users that are required to provision during this step.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
      title: Manual Provision
      type: object
      x-speakeasy-name-override: ManualProvision
    c1.api.policy.v1.MultiStep:
      description: >-
        MultiStep indicates that this provision step has multiple steps to
        process.
      nullable: true
      properties:
        provisionSteps:
          description: The array of provision steps to process.
          items:
            $ref: '#/components/schemas/c1.api.policy.v1.ProvisionPolicy'
          nullable: true
          readOnly: false
          type: array
      title: Multi Step
      type: object
      x-speakeasy-name-override: MultiStep
    c1.api.policy.v1.UnconfiguredProvision:
      description: The UnconfiguredProvision message.
      nullable: true
      title: Unconfigured Provision
      type: object
      x-speakeasy-name-override: UnconfiguredProvision
    c1.api.policy.v1.WebhookProvision:
      description: >-
        This provision step indicates that a webhook should be called to
        provision this entitlement.
      nullable: true
      properties:
        webhookId:
          description: The ID of the webhook to call for provisioning.
          readOnly: false
          type: string
      title: Webhook Provision
      type: object
      x-speakeasy-name-override: WebhookProvision
    validate.AnyRules:
      description: |-
        AnyRules describe constraints applied exclusively to the
         `google.protobuf.Any` well-known type
      nullable: true
      properties:
        in:
          description: >-
            In specifies that this field's `type_url` must be equal to one of
            the
             specified values.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        notIn:
          description: >-
            NotIn specifies that this field's `type_url` must not be equal to
            any of
             the specified values.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
        required:
          description: Required specifies that this field must be set
          readOnly: false
          type: boolean
      title: Any Rules
      type: object
      x-speakeasy-name-override: AnyRules
    validate.BytesRules:
      description: >
        BytesRules describe the constraints applied to `bytes` values


        This message contains a oneof named well_known. Only a single field of
        the following list may be set at a time:
          - ip
          - ipv4
          - ipv6
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: base64
          readOnly: false
          type: string
        contains:
          description: |-
            Contains specifies that this field must have the specified bytes
             anywhere in the string.
          format: base64
          readOnly: false
          type: string
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: base64
            type: string
          nullable: true
          readOnly: false
          type: array
        ip:
          description: |-
            Ip specifies that the field must be a valid IP (v4 or v6) address in
             byte format
            This field is part of the `well_known` oneof.
            See the documentation for `validate.BytesRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        ipv4:
          description: |-
            Ipv4 specifies that the field must be a valid IPv4 address in byte
             format
            This field is part of the `well_known` oneof.
            See the documentation for `validate.BytesRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        ipv6:
          description: |-
            Ipv6 specifies that the field must be a valid IPv6 address in byte
             format
            This field is part of the `well_known` oneof.
            See the documentation for `validate.BytesRules` for more details.
          nullable: true
          readOnly: false
          type: boolean
        len:
          description: Len specifies that this field must be the specified number of bytes
          format: uint64
          readOnly: false
          type: string
        maxLen:
          description: >-
            MaxLen specifies that this field must be the specified number of
            bytes
             at a maximum
          format: uint64
          readOnly: false
          type: string
        minLen:
          description: >-
            MinLen specifies that this field must be the specified number of
            bytes
             at a minimum
          format: uint64
          readOnly: false
          type: string
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: base64
            type: string
          nullable: true
          readOnly: false
          type: array
        pattern:
          description: |-
            Pattern specifes that this field must match against the specified
             regular expression (RE2 syntax). The included expression should elide
             any delimiters.
          readOnly: false
          type: string
        prefix:
          description: >-
            Prefix specifies that this field must have the specified bytes at
            the
             beginning of the string.
          format: base64
          readOnly: false
          type: string
        suffix:
          description: >-
            Suffix specifies that this field must have the specified bytes at
            the
             end of the string.
          format: base64
          readOnly: false
          type: string
      title: Bytes Rules
      type: object
      x-speakeasy-name-override: BytesRules
    validate.DoubleRules:
      description: DoubleRules describes the constraints applied to `double` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          readOnly: false
          type: number
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          readOnly: false
          type: number
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          readOnly: false
          type: number
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            type: number
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          readOnly: false
          type: number
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          readOnly: false
          type: number
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            type: number
          nullable: true
          readOnly: false
          type: array
      title: Double Rules
      type: object
      x-speakeasy-name-override: DoubleRules
    validate.DurationRules:
      description: |-
        DurationRules describe the constraints applied exclusively to the
         `google.protobuf.Duration` well-known type
      nullable: true
      properties:
        const:
          format: duration
          readOnly: false
          type: string
        gt:
          format: duration
          readOnly: false
          type: string
        gte:
          format: duration
          readOnly: false
          type: string
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: duration
            readOnly: false
            type: string
          nullable: true
          readOnly: false
          type: array
        lt:
          format: duration
          readOnly: false
          type: string
        lte:
          format: duration
          readOnly: false
          type: string
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: duration
            readOnly: false
            type: string
          nullable: true
          readOnly: false
          type: array
        required:
          description: Required specifies that this field must be set
          readOnly: false
          type: boolean
      title: Duration Rules
      type: object
      x-speakeasy-name-override: DurationRules
    validate.EnumRules:
      description: EnumRules describe the constraints applied to enum values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: int32
          readOnly: false
          type: integer
        definedOnly:
          description: >-
            DefinedOnly specifies that this field must be only one of the
            defined
             values for this enum, failing on any undefined value.
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: int32
            type: integer
          nullable: true
          readOnly: false
          type: array
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: int32
            type: integer
          nullable: true
          readOnly: false
          type: array
      title: Enum Rules
      type: object
      x-speakeasy-name-override: EnumRules
    validate.Fixed32Rules:
      description: Fixed32Rules describes the constraints applied to `fixed32` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: uint32
          readOnly: false
          type: integer
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: uint32
          readOnly: false
          type: integer
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: uint32
          readOnly: false
          type: integer
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: uint32
            type: integer
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: uint32
          readOnly: false
          type: integer
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: uint32
          readOnly: false
          type: integer
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: uint32
            type: integer
          nullable: true
          readOnly: false
          type: array
      title: Fixed 32 Rules
      type: object
      x-speakeasy-name-override: Fixed32Rules
    validate.Fixed64Rules:
      description: Fixed64Rules describes the constraints applied to `fixed64` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: uint64
          readOnly: false
          type: string
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: uint64
          readOnly: false
          type: string
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: uint64
          readOnly: false
          type: string
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: uint64
            type: string
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: uint64
          readOnly: false
          type: string
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: uint64
          readOnly: false
          type: string
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: uint64
            type: string
          nullable: true
          readOnly: false
          type: array
      title: Fixed 64 Rules
      type: object
      x-speakeasy-name-override: Fixed64Rules
    validate.FloatRules:
      description: FloatRules describes the constraints applied to `float` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          readOnly: false
          type: number
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          readOnly: false
          type: number
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          readOnly: false
          type: number
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            type: number
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          readOnly: false
          type: number
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          readOnly: false
          type: number
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            type: number
          nullable: true
          readOnly: false
          type: array
      title: Float Rules
      type: object
      x-speakeasy-name-override: FloatRules
    validate.Int32Rules:
      description: Int32Rules describes the constraints applied to `int32` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: int32
          readOnly: false
          type: integer
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: int32
          readOnly: false
          type: integer
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: int32
          readOnly: false
          type: integer
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: int32
            type: integer
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: int32
          readOnly: false
          type: integer
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: int32
          readOnly: false
          type: integer
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: int32
            type: integer
          nullable: true
          readOnly: false
          type: array
      title: Int 32 Rules
      type: object
      x-speakeasy-name-override: Int32Rules
    validate.MapRules:
      description: MapRules describe the constraints applied to `map` values
      nullable: true
      properties:
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        keys:
          $ref: '#/components/schemas/validate.FieldRules'
        maxPairs:
          description: |-
            MaxPairs specifies that this field must have the specified number of
             KVs at a maximum
          format: uint64
          readOnly: false
          type: string
        minPairs:
          description: |-
            MinPairs specifies that this field must have the specified number of
             KVs at a minimum
          format: uint64
          readOnly: false
          type: string
        noSparse:
          description: |-
            NoSparse specifies values in this field cannot be unset. This only
             applies to map's with message value types.
          readOnly: false
          type: boolean
        values:
          $ref: '#/components/schemas/validate.FieldRules'
      title: Map Rules
      type: object
      x-speakeasy-name-override: MapRules
    validate.MessageRules:
      description: >-
        MessageRules describe the constraints applied to embedded message
        values.
         For message-type fields, validation is performed recursively.
      properties:
        required:
          description: Required specifies that this field must be set
          readOnly: false
          type: boolean
        skip:
          description: |-
            Skip specifies that the validation rules of this field should not be
             evaluated
          readOnly: false
          type: boolean
      title: Message Rules
      type: object
      x-speakeasy-name-override: MessageRules
    validate.SFixed32Rules:
      description: SFixed32Rules describes the constraints applied to `sfixed32` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: int32
          readOnly: false
          type: integer
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: int32
          readOnly: false
          type: integer
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: int32
          readOnly: false
          type: integer
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: int32
            type: integer
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: int32
          readOnly: false
          type: integer
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: int32
          readOnly: false
          type: integer
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: int32
            type: integer
          nullable: true
          readOnly: false
          type: array
      title: S Fixed 32 Rules
      type: object
      x-speakeasy-name-override: SFixed32Rules
    validate.SFixed64Rules:
      description: SFixed64Rules describes the constraints applied to `sfixed64` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: int64
          readOnly: false
          type: string
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: int64
          readOnly: false
          type: string
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: int64
          readOnly: false
          type: string
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: int64
            type: string
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: int64
          readOnly: false
          type: string
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: int64
          readOnly: false
          type: string
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: int64
            type: string
          nullable: true
          readOnly: false
          type: array
      title: S Fixed 64 Rules
      type: object
      x-speakeasy-name-override: SFixed64Rules
    validate.SInt32Rules:
      description: SInt32Rules describes the constraints applied to `sint32` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: int32
          readOnly: false
          type: integer
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: int32
          readOnly: false
          type: integer
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: int32
          readOnly: false
          type: integer
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: int32
            type: integer
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: int32
          readOnly: false
          type: integer
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: int32
          readOnly: false
          type: integer
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: int32
            type: integer
          nullable: true
          readOnly: false
          type: array
      title: S Int 32 Rules
      type: object
      x-speakeasy-name-override: SInt32Rules
    validate.SInt64Rules:
      description: SInt64Rules describes the constraints applied to `sint64` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: int64
          readOnly: false
          type: string
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: int64
          readOnly: false
          type: string
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: int64
          readOnly: false
          type: string
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: int64
            type: string
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: int64
          readOnly: false
          type: string
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: int64
          readOnly: false
          type: string
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: int64
            type: string
          nullable: true
          readOnly: false
          type: array
      title: S Int 64 Rules
      type: object
      x-speakeasy-name-override: SInt64Rules
    validate.TimestampRules:
      description: |-
        TimestampRules describe the constraints applied exclusively to the
         `google.protobuf.Timestamp` well-known type
      nullable: true
      properties:
        const:
          format: date-time
          readOnly: false
          type: string
        gt:
          format: date-time
          readOnly: false
          type: string
        gtNow:
          description: >-
            GtNow specifies that this must be greater than the current time.
            GtNow
             can only be used with the Within rule.
          readOnly: false
          type: boolean
        gte:
          format: date-time
          readOnly: false
          type: string
        lt:
          format: date-time
          readOnly: false
          type: string
        ltNow:
          description: |-
            LtNow specifies that this must be less than the current time. LtNow
             can only be used with the Within rule.
          readOnly: false
          type: boolean
        lte:
          format: date-time
          readOnly: false
          type: string
        required:
          description: Required specifies that this field must be set
          readOnly: false
          type: boolean
        within:
          format: duration
          readOnly: false
          type: string
      title: Timestamp Rules
      type: object
      x-speakeasy-name-override: TimestampRules
    validate.UInt32Rules:
      description: UInt32Rules describes the constraints applied to `uint32` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: uint32
          readOnly: false
          type: integer
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: uint32
          readOnly: false
          type: integer
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: uint32
          readOnly: false
          type: integer
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: uint32
            type: integer
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: uint32
          readOnly: false
          type: integer
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: uint32
          readOnly: false
          type: integer
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: uint32
            type: integer
          nullable: true
          readOnly: false
          type: array
      title: U Int 32 Rules
      type: object
      x-speakeasy-name-override: UInt32Rules
    validate.UInt64Rules:
      description: UInt64Rules describes the constraints applied to `uint64` values
      nullable: true
      properties:
        const:
          description: Const specifies that this field must be exactly the specified value
          format: uint64
          readOnly: false
          type: string
        gt:
          description: >-
            Gt specifies that this field must be greater than the specified
            value,
             exclusive. If the value of Gt is larger than a specified Lt or Lte, the
             range is reversed.
          format: uint64
          readOnly: false
          type: string
        gte:
          description: |-
            Gte specifies that this field must be greater than or equal to the
             specified value, inclusive. If the value of Gte is larger than a
             specified Lt or Lte, the range is reversed.
          format: uint64
          readOnly: false
          type: string
        ignoreEmpty:
          description: >-
            IgnoreEmpty specifies that the validation rules of this field should
            be
             evaluated only if the field is not empty
          readOnly: false
          type: boolean
        in:
          description: |-
            In specifies that this field must be equal to one of the specified
             values
          items:
            format: uint64
            type: string
          nullable: true
          readOnly: false
          type: array
        lt:
          description: |-
            Lt specifies that this field must be less than the specified value,
             exclusive
          format: uint64
          readOnly: false
          type: string
        lte:
          description: |-
            Lte specifies that this field must be less than or equal to the
             specified value, inclusive
          format: uint64
          readOnly: false
          type: string
        notIn:
          description: >-
            NotIn specifies that this field cannot be equal to one of the
            specified
             values
          items:
            format: uint64
            type: string
          nullable: true
          readOnly: false
          type: array
      title: U Int 64 Rules
      type: object
      x-speakeasy-name-override: UInt64Rules
    c1.api.policy.v1.ConnectorProvision.AccountProvision:
      description: >
        The AccountProvision message.


        This message contains a oneof named storage_type. Only a single field of
        the following list may be set at a time:
          - saveToVault
          - doNotSave
      nullable: true
      properties:
        config:
          additionalProperties: true
          readOnly: false
          type: object
        connectorId:
          description: The connectorId field.
          readOnly: false
          type: string
        doNotSave:
          $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision.DoNotSave'
        saveToVault:
          $ref: '#/components/schemas/c1.api.policy.v1.ConnectorProvision.SaveToVault'
        schemaId:
          description: The schemaId field.
          readOnly: false
          type: string
      title: Account Provision
      type: object
      x-speakeasy-name-override: AccountProvision
    c1.api.policy.v1.ConnectorProvision.DefaultBehavior:
      description: The DefaultBehavior message.
      nullable: true
      properties:
        connectorId:
          description: >-
            this checks if the entitlement is enabled by provisioning in a
            specific connector
             this can happen automatically and doesn't need any extra info
          readOnly: false
          type: string
      title: Default Behavior
      type: object
      x-speakeasy-name-override: DefaultBehavior
    c1.api.policy.v1.ConnectorProvision.DeleteAccount:
      description: The DeleteAccount message.
      nullable: true
      properties:
        connectorId:
          description: The connectorId field.
          readOnly: false
          type: string
      title: Delete Account
      type: object
      x-speakeasy-name-override: DeleteAccount
    c1.api.policy.v1.ConnectorProvision.DoNotSave:
      description: The DoNotSave message.
      nullable: true
      title: Do Not Save
      type: object
      x-speakeasy-name-override: DoNotSave
    c1.api.policy.v1.ConnectorProvision.SaveToVault:
      description: The SaveToVault message.
      nullable: true
      properties:
        vaultIds:
          description: The vaultIds field.
          items:
            type: string
          nullable: true
          readOnly: false
          type: array
      title: Save To Vault
      type: object
      x-speakeasy-name-override: SaveToVault
  securitySchemes:
    bearerAuth:
      scheme: bearer
      type: http
    oauth:
      description: >-
        This API uses OAuth2 with the Client Credential flow.

        Client Credentials must be sent in the BODY, not the headers.

        For an example of how to implement this, refer to the
        [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187)
        function.
      flows:
        clientCredentials:
          scopes: {}
          tokenUrl: /auth/v1/token
      type: oauth2

````