feat(generated)!: regenerate from spec (8 changes)

[workos-sdk-automation]

Summary

feat(vault): Add Vault service with key management and object storage APIs

• New VaultApi service providing encryption key management and encrypted object storage
• Key management: create_data_key, create_decrypt, create_rekey for cryptographic operations
• Object storage: list_kv, create_kv, get_kv, get_name, update_kv, delete_kv for managing encrypted key-value pairs
• Metadata operations: list_kv_metadata and list_kv_versions for inspecting object history without decryption

feat(organization_membership)!: Split organization membership operations from user_management into dedicated service

• New OrganizationMembershipApi service with full CRUD and role management for organization memberships
• Moved from UserManagementApi: list/create/get/update/delete/deactivate/reactivate operations
• Breaking change: symbols removed from user_management and moved to organization_membership (see compat_breaking list)
• Group membership listing now accessible via organization_membership.list_organization_membership_groups

feat(radar)!: Remove deprecated action and control fields from Radar standalone assessment

• Removed deprecated enum variants: RadarStandaloneAssessRequestAction::Login, RadarStandaloneAssessRequestAction::Signup, RadarStandaloneResponseControl::CredentialStuffing, RadarStandaloneResponseControl::IpSignUpRateLimit
• Updated action enum values: SignUp wire value changed from 'sign up' to 'sign-up', SignIn wire value changed from 'sign in' to 'sign-in'
• Removed fields from RadarStandaloneAssessRequest: device_fingerprint and bot_score (marked breaking in spec)

feat(api_key): Add expires_at field to API key models

• New optional expires_at field added to ApiKey, OrganizationApiKey, OrganizationApiKeyWithValue, UserApiKey, UserApiKeyWithValue models
• Allows setting expiration timestamps on API keys; null means no expiration
• Event data models updated: ApiKeyCreatedData and ApiKeyRevokedData now include expires_at
• New optional parameter expires_at in CreateOrganizationApiKey and CreateUserApiKey request bodies

feat(webhooks): Add Pipes connected account events to webhook subscriptions

• Three new webhook event types for Pipes integrations: PIPES_CONNECTED_ACCOUNT_CONNECTED, PIPES_CONNECTED_ACCOUNT_DISCONNECTED, PIPES_CONNECTED_ACCOUNT_REAUTHORIZATION_NEEDED
• New model types: PipeConnectedAccount, PipesConnectedAccountConnected, PipesConnectedAccountDisconnected, PipesConnectedAccountReauthorizationNeeded
• New enum PipeConnectedAccountState for connected account status tracking

fix(generated): Standardize type names and fix parameter defaults in authorization service

• Added resource_id, resource_external_id, and resource_type_slug filters to ListRoleAssignmentsParams for more granular assignment filtering
• Added role_slug filter to ListRoleAssignmentsForResourceParams and ListRoleAssignmentsForResourceByExternalIdParams
• Removed search parameter from ListResourcesParams (deprecated)
• Renamed audit log types: AuditLogActionJson → AuditLogAction, AuditLogExportJson → AuditLogExport, AuditLogSchema → AuditLogSchemaDto, AuditLogsRetentionJson → AuditLogsRetention
• Renamed webhook type: WebhookEndpointJson → WebhookEndpoint and WebhookEndpointJsonStatus → WebhookEndpointStatus

fix(connect): Fix last_used_at field type in application credentials

• NewConnectApplicationSecret.last_used_at type changed from invalid string value to ISO 8601 timestamp
• ApplicationCredentialsListItem.last_used_at type changed from invalid string value to ISO 8601 timestamp
• Ensures consistency with API contract for credential timestamp tracking

fix(sso): Expand login_hint documentation to include custom SAML

• Updated GetAuthorizationUrlParams.login_hint documentation to indicate support for custom SAML connections in addition to existing OAuth/OpenID Connect/Okta/Entra ID support

Triggered by workos/openapi-spec@b0eb6fb

BEGIN_COMMIT_OVERRIDE
feat(vault): Add Vault service with key management and object storage APIs (#97)
feat(organization_membership)!: Split organization membership operations from user_management into dedicated service (#97)
feat(radar)!: Remove deprecated action and control fields from Radar standalone assessment (#97)
feat(api_key): Add expires_at field to API key models (#97)
feat(webhooks): Add Pipes connected account events to webhook subscriptions (#97)
fix(generated): Standardize type names and fix parameter defaults in authorization service (#97)
fix(connect): Fix last_used_at field type in application credentials (#97)
fix(sso): Expand login_hint documentation to include custom SAML (#97)
END_COMMIT_OVERRIDE