googleapis
diff --git a/‎discovery/iamcredentials-v1.json
Lines changed: 113 additions & 2 deletions b/‎discovery/iamcredentials-v1.json
Lines changed: 113 additions & 2 deletions
@@ -15,6 +15,13 @@
   "description": "Creates short-lived credentials for impersonating IAM service accounts. Disabling this API also disables the IAM API (iam.googleapis.com). However, enabling this API doesn't enable the IAM API. ",
   "discoveryVersion": "v1",
   "documentationLink": "https://cloud.google.com/iam/docs/creating-short-lived-service-account-credentials",
+  "endpoints": [
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://iamcredentials.us-east7.rep.googleapis.com/",
+      "location": "us-east7"
+    }
+  ],
   "fullyEncodeReservedExpansion": true,
   "icons": {
     "x16": "http://www.google.com/images/icons/product/search-16.gif",
@@ -105,8 +112,68 @@
   },
   "protocol": "rest",
   "resources": {
+    "locations": {
+      "resources": {
+        "workforcePools": {
+          "methods": {
+            "getAllowedLocations": {
+              "description": "Returns the trust boundary info for a given workforce pool.",
+              "flatPath": "v1/locations/{locationsId}/workforcePools/{workforcePoolsId}/allowedLocations",
+              "httpMethod": "GET",
+              "id": "iamcredentials.locations.workforcePools.getAllowedLocations",
+              "parameterOrder": [
+                "name"
+              ],
+              "parameters": {
+                "name": {
+                  "description": "Required. Resource name of workforce pool.",
+                  "location": "path",
+                  "pattern": "^locations/[^/]+/workforcePools/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/{+name}/allowedLocations",
+              "response": {
+                "$ref": "WorkforcePoolAllowedLocations"
+              }
+            }
+          }
+        }
+      }
+    },
     "projects": {
       "resources": {
+        "locations": {
+          "resources": {
+            "workloadIdentityPools": {
+              "methods": {
+                "getAllowedLocations": {
+                  "description": "Returns the trust boundary info for a given workload identity pool.",
+                  "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/workloadIdentityPools/{workloadIdentityPoolsId}/allowedLocations",
+                  "httpMethod": "GET",
+                  "id": "iamcredentials.projects.locations.workloadIdentityPools.getAllowedLocations",
+                  "parameterOrder": [
+                    "name"
+                  ],
+                  "parameters": {
+                    "name": {
+                      "description": "Required. Resource name of workload identity pool.",
+                      "location": "path",
+                      "pattern": "^projects/[^/]+/locations/[^/]+/workloadIdentityPools/[^/]+$",
+                      "required": true,
+                      "type": "string"
+                    }
+                  },
+                  "path": "v1/{+name}/allowedLocations",
+                  "response": {
+                    "$ref": "WorkloadIdentityPoolAllowedLocations"
+                  }
+                }
+              }
+            }
+          }
+        },
         "serviceAccounts": {
           "methods": {
             "generateAccessToken": {
@@ -248,7 +315,7 @@
       }
     }
   },
-  "revision": "20241024",
+  "revision": "20250417",
   "rootUrl": "https://iamcredentials.googleapis.com/",
   "schemas": {
     "GenerateAccessTokenRequest": {
@@ -308,6 +375,10 @@
         "includeEmail": {
           "description": "Include the service account email in the token. If set to `true`, the token will contain `email` and `email_verified` claims.",
           "type": "boolean"
+        },
+        "organizationNumberIncluded": {
+          "description": "Include the organization number of the service account in the token. If set to `true`, the token will contain a `google.organization_number` claim. The value of the claim will be `null` if the service account isn't associated with an organization.",
+          "type": "boolean"
         }
       },
       "type": "object"
@@ -316,7 +387,7 @@
       "id": "GenerateIdTokenResponse",
       "properties": {
         "token": {
-          "description": "The OpenId Connect ID token.",
+          "description": "The OpenId Connect ID token. The token is a JSON Web Token (JWT) that contains a payload with claims. See the [JSON Web Token spec](https://tools.ietf.org/html/rfc7519) for more information. Here is an example of a decoded JWT payload: ``` { \"iss\": \"https://accounts.google.com\", \"iat\": 1496953245, \"exp\": 1496953245, \"aud\": \"https://www.example.com\", \"sub\": \"107517467455664443765\", \"azp\": \"107517467455664443765\", \"email\": \"my-iam-account@my-project.iam.gserviceaccount.com\", \"email_verified\": true, \"google\": { \"organization_number\": 123456 } } ```",
           "type": "string"
         }
       },
@@ -405,6 +476,46 @@
         }
       },
       "type": "object"
+    },
+    "WorkforcePoolAllowedLocations": {
+      "description": "Represents a list of allowed locations for given workforce pool.",
+      "id": "WorkforcePoolAllowedLocations",
+      "properties": {
+        "encodedLocations": {
+          "description": "Output only. The hex encoded bitmap of the trust boundary locations",
+          "readOnly": true,
+          "type": "string"
+        },
+        "locations": {
+          "description": "Output only. The human readable trust boundary locations. For example, [\"us-central1\", \"europe-west1\"]",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true,
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
+    "WorkloadIdentityPoolAllowedLocations": {
+      "description": "Represents a list of allowed locations for given workload identity pool.",
+      "id": "WorkloadIdentityPoolAllowedLocations",
+      "properties": {
+        "encodedLocations": {
+          "description": "Output only. The hex encoded bitmap of the trust boundary locations",
+          "readOnly": true,
+          "type": "string"
+        },
+        "locations": {
+          "description": "Output only. The human readable trust boundary locations. For example, [\"us-central1\", \"europe-west1\"]",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true,
+          "type": "array"
+        }
+      },
+      "type": "object"
     }
   },
   "servicePath": "",