From 12bbf342a2b39be15fa7140eadaef0cfdc3e84b5 Mon Sep 17 00:00:00 2001
From: "authentik-automation[bot]"
 <135050075+authentik-automation[bot]@users.noreply.github.com>
Date: Tue, 23 Jan 2024 13:47:30 +0000
Subject: [PATCH] Update API Client

---
 .openapi-generator/FILES                      |   34 +-
 README.md                                     |   49 +-
 docs/AdminApi.md                              |  149 +
 docs/AppEnum.md                               |    4 +-
 docs/Brand.md                                 |   23 +
 docs/BrandRequest.md                          |   22 +
 docs/CoreApi.md                               |  474 ++-
 docs/{CurrentTenant.md => CurrentBrand.md}    |    2 +-
 docs/Domain.md                                |   13 +
 docs/DomainRequest.md                         |   12 +
 docs/Event.md                                 |    2 +-
 docs/EventRequest.md                          |    2 +-
 docs/EventsApi.md                             |   16 +-
 docs/ModelEnum.md                             |    4 +-
 docs/PaginatedBrandList.md                    |   11 +
 docs/PaginatedDomainList.md                   |   11 +
 docs/PatchedBrandRequest.md                   |   22 +
 docs/PatchedDomainRequest.md                  |   12 +
 docs/PatchedEventRequest.md                   |    2 +-
 docs/PatchedSettingsRequest.md                |   17 +
 docs/PatchedTenantRequest.md                  |   17 +-
 docs/RbacApi.md                               |    8 +-
 docs/Settings.md                              |   17 +
 docs/SettingsRequest.md                       |   17 +
 docs/SystemInfo.md                            |    3 +-
 docs/Tenant.md                                |   17 +-
 docs/TenantAdminGroupRequestRequest.md        |   10 +
 docs/TenantRecoveryKeyRequestRequest.md       |   11 +
 docs/TenantRecoveryKeyResponse.md             |   11 +
 docs/TenantRequest.md                         |   17 +-
 docs/TenantsApi.md                            |  701 ++++
 docs/UserSelf.md                              |    2 +-
 schema.yml                                    | 3652 ++++++++++-------
 .../io/goauthentik/api/apis/AdminApi.kt       |  215 +
 .../kotlin/io/goauthentik/api/apis/CoreApi.kt |  872 ++--
 .../io/goauthentik/api/apis/EventsApi.kt      |   44 +-
 .../kotlin/io/goauthentik/api/apis/RbacApi.kt |   18 +-
 .../io/goauthentik/api/apis/TenantsApi.kt     | 1123 +++++
 .../io/goauthentik/api/models/AppEnum.kt      |   11 +-
 .../kotlin/io/goauthentik/api/models/Brand.kt |   89 +
 .../io/goauthentik/api/models/BrandRequest.kt |   85 +
 .../{CurrentTenant.kt => CurrentBrand.kt}     |    6 +-
 .../io/goauthentik/api/models/Domain.kt       |   47 +
 .../goauthentik/api/models/DomainRequest.kt   |   43 +
 .../kotlin/io/goauthentik/api/models/Event.kt |    6 +-
 .../io/goauthentik/api/models/EventRequest.kt |    6 +-
 .../io/goauthentik/api/models/ModelEnum.kt    |   11 +-
 .../api/models/PaginatedBrandList.kt          |   41 +
 .../api/models/PaginatedDomainList.kt         |   41 +
 .../api/models/PatchedBrandRequest.kt         |   85 +
 .../api/models/PatchedDomainRequest.kt        |   43 +
 .../api/models/PatchedEventRequest.kt         |    6 +-
 .../api/models/PatchedSettingsRequest.kt      |   71 +
 .../api/models/PatchedTenantRequest.kt        |   65 +-
 .../io/goauthentik/api/models/Settings.kt     |   71 +
 .../goauthentik/api/models/SettingsRequest.kt |   71 +
 .../io/goauthentik/api/models/SystemInfo.kt   |   13 +-
 .../io/goauthentik/api/models/Tenant.kt       |   65 +-
 .../models/TenantAdminGroupRequestRequest.kt  |   35 +
 .../models/TenantRecoveryKeyRequestRequest.kt |   39 +
 .../api/models/TenantRecoveryKeyResponse.kt   |   39 +
 .../goauthentik/api/models/TenantRequest.kt   |   65 +-
 .../io/goauthentik/api/models/UserSelf.kt     |    4 +-
 63 files changed, 6311 insertions(+), 2383 deletions(-)
 create mode 100644 docs/Brand.md
 create mode 100644 docs/BrandRequest.md
 rename docs/{CurrentTenant.md => CurrentBrand.md} (98%)
 create mode 100644 docs/Domain.md
 create mode 100644 docs/DomainRequest.md
 create mode 100644 docs/PaginatedBrandList.md
 create mode 100644 docs/PaginatedDomainList.md
 create mode 100644 docs/PatchedBrandRequest.md
 create mode 100644 docs/PatchedDomainRequest.md
 create mode 100644 docs/PatchedSettingsRequest.md
 create mode 100644 docs/Settings.md
 create mode 100644 docs/SettingsRequest.md
 create mode 100644 docs/TenantAdminGroupRequestRequest.md
 create mode 100644 docs/TenantRecoveryKeyRequestRequest.md
 create mode 100644 docs/TenantRecoveryKeyResponse.md
 create mode 100644 docs/TenantsApi.md
 create mode 100644 src/main/kotlin/io/goauthentik/api/apis/TenantsApi.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/Brand.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/BrandRequest.kt
 rename src/main/kotlin/io/goauthentik/api/models/{CurrentTenant.kt => CurrentBrand.kt} (92%)
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/Domain.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/DomainRequest.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/PaginatedBrandList.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/PaginatedDomainList.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/PatchedBrandRequest.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/PatchedDomainRequest.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/PatchedSettingsRequest.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/Settings.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/SettingsRequest.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/TenantAdminGroupRequestRequest.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyRequestRequest.kt
 create mode 100644 src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyResponse.kt

diff --git a/.openapi-generator/FILES b/.openapi-generator/FILES
index c7ab1dc..f611d6f 100644
--- a/.openapi-generator/FILES
+++ b/.openapi-generator/FILES
@@ -54,6 +54,8 @@ docs/BlueprintFile.md
 docs/BlueprintInstance.md
 docs/BlueprintInstanceRequest.md
 docs/BlueprintInstanceStatusEnum.md
+docs/Brand.md
+docs/BrandRequest.md
 docs/Cache.md
 docs/CapabilitiesEnum.md
 docs/CaptchaChallenge.md
@@ -79,7 +81,7 @@ docs/ContextualFlowInfoLayoutEnum.md
 docs/Coordinate.md
 docs/CoreApi.md
 docs/CryptoApi.md
-docs/CurrentTenant.md
+docs/CurrentBrand.md
 docs/DeniedActionEnum.md
 docs/DenyStage.md
 docs/DenyStageRequest.md
@@ -91,6 +93,8 @@ docs/DigestAlgorithmEnum.md
 docs/DigitsEnum.md
 docs/DockerServiceConnection.md
 docs/DockerServiceConnectionRequest.md
+docs/Domain.md
+docs/DomainRequest.md
 docs/DummyChallenge.md
 docs/DummyChallengeResponseRequest.md
 docs/DummyPolicy.md
@@ -220,11 +224,13 @@ docs/PaginatedAuthenticatorStaticStageList.md
 docs/PaginatedAuthenticatorTOTPStageList.md
 docs/PaginatedAuthenticatorValidateStageList.md
 docs/PaginatedBlueprintInstanceList.md
+docs/PaginatedBrandList.md
 docs/PaginatedCaptchaStageList.md
 docs/PaginatedCertificateKeyPairList.md
 docs/PaginatedConsentStageList.md
 docs/PaginatedDenyStageList.md
 docs/PaginatedDockerServiceConnectionList.md
+docs/PaginatedDomainList.md
 docs/PaginatedDummyPolicyList.md
 docs/PaginatedDummyStageList.md
 docs/PaginatedDuoDeviceList.md
@@ -320,11 +326,13 @@ docs/PatchedAuthenticatorStaticStageRequest.md
 docs/PatchedAuthenticatorTOTPStageRequest.md
 docs/PatchedAuthenticatorValidateStageRequest.md
 docs/PatchedBlueprintInstanceRequest.md
+docs/PatchedBrandRequest.md
 docs/PatchedCaptchaStageRequest.md
 docs/PatchedCertificateKeyPairRequest.md
 docs/PatchedConsentStageRequest.md
 docs/PatchedDenyStageRequest.md
 docs/PatchedDockerServiceConnectionRequest.md
+docs/PatchedDomainRequest.md
 docs/PatchedDummyPolicyRequest.md
 docs/PatchedDummyStageRequest.md
 docs/PatchedDuoDeviceRequest.md
@@ -373,6 +381,7 @@ docs/PatchedSCIMMappingRequest.md
 docs/PatchedSCIMProviderRequest.md
 docs/PatchedSMSDeviceRequest.md
 docs/PatchedScopeMappingRequest.md
+docs/PatchedSettingsRequest.md
 docs/PatchedStaticDeviceRequest.md
 docs/PatchedTOTPDeviceRequest.md
 docs/PatchedTenantRequest.md
@@ -465,6 +474,8 @@ docs/ServiceConnection.md
 docs/ServiceConnectionRequest.md
 docs/ServiceConnectionState.md
 docs/SessionUser.md
+docs/Settings.md
+docs/SettingsRequest.md
 docs/SeverityEnum.md
 docs/ShellChallenge.md
 docs/SignatureAlgorithmEnum.md
@@ -489,7 +500,11 @@ docs/TOTPDeviceRequest.md
 docs/Task.md
 docs/TaskStatusEnum.md
 docs/Tenant.md
+docs/TenantAdminGroupRequestRequest.md
+docs/TenantRecoveryKeyRequestRequest.md
+docs/TenantRecoveryKeyResponse.md
 docs/TenantRequest.md
+docs/TenantsApi.md
 docs/Token.md
 docs/TokenModel.md
 docs/TokenRequest.md
@@ -566,6 +581,7 @@ src/main/kotlin/io/goauthentik/api/apis/RootApi.kt
 src/main/kotlin/io/goauthentik/api/apis/SchemaApi.kt
 src/main/kotlin/io/goauthentik/api/apis/SourcesApi.kt
 src/main/kotlin/io/goauthentik/api/apis/StagesApi.kt
+src/main/kotlin/io/goauthentik/api/apis/TenantsApi.kt
 src/main/kotlin/io/goauthentik/api/infrastructure/ApiAbstractions.kt
 src/main/kotlin/io/goauthentik/api/infrastructure/ApiClient.kt
 src/main/kotlin/io/goauthentik/api/infrastructure/ApiResponse.kt
@@ -636,6 +652,8 @@ src/main/kotlin/io/goauthentik/api/models/BlueprintFile.kt
 src/main/kotlin/io/goauthentik/api/models/BlueprintInstance.kt
 src/main/kotlin/io/goauthentik/api/models/BlueprintInstanceRequest.kt
 src/main/kotlin/io/goauthentik/api/models/BlueprintInstanceStatusEnum.kt
+src/main/kotlin/io/goauthentik/api/models/Brand.kt
+src/main/kotlin/io/goauthentik/api/models/BrandRequest.kt
 src/main/kotlin/io/goauthentik/api/models/Cache.kt
 src/main/kotlin/io/goauthentik/api/models/CapabilitiesEnum.kt
 src/main/kotlin/io/goauthentik/api/models/CaptchaChallenge.kt
@@ -659,7 +677,7 @@ src/main/kotlin/io/goauthentik/api/models/ConsentStageRequest.kt
 src/main/kotlin/io/goauthentik/api/models/ContextualFlowInfo.kt
 src/main/kotlin/io/goauthentik/api/models/ContextualFlowInfoLayoutEnum.kt
 src/main/kotlin/io/goauthentik/api/models/Coordinate.kt
-src/main/kotlin/io/goauthentik/api/models/CurrentTenant.kt
+src/main/kotlin/io/goauthentik/api/models/CurrentBrand.kt
 src/main/kotlin/io/goauthentik/api/models/DeniedActionEnum.kt
 src/main/kotlin/io/goauthentik/api/models/DenyStage.kt
 src/main/kotlin/io/goauthentik/api/models/DenyStageRequest.kt
@@ -671,6 +689,8 @@ src/main/kotlin/io/goauthentik/api/models/DigestAlgorithmEnum.kt
 src/main/kotlin/io/goauthentik/api/models/DigitsEnum.kt
 src/main/kotlin/io/goauthentik/api/models/DockerServiceConnection.kt
 src/main/kotlin/io/goauthentik/api/models/DockerServiceConnectionRequest.kt
+src/main/kotlin/io/goauthentik/api/models/Domain.kt
+src/main/kotlin/io/goauthentik/api/models/DomainRequest.kt
 src/main/kotlin/io/goauthentik/api/models/DummyChallenge.kt
 src/main/kotlin/io/goauthentik/api/models/DummyChallengeResponseRequest.kt
 src/main/kotlin/io/goauthentik/api/models/DummyPolicy.kt
@@ -794,11 +814,13 @@ src/main/kotlin/io/goauthentik/api/models/PaginatedAuthenticatorStaticStageList.
 src/main/kotlin/io/goauthentik/api/models/PaginatedAuthenticatorTOTPStageList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedAuthenticatorValidateStageList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedBlueprintInstanceList.kt
+src/main/kotlin/io/goauthentik/api/models/PaginatedBrandList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedCaptchaStageList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedCertificateKeyPairList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedConsentStageList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedDenyStageList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedDockerServiceConnectionList.kt
+src/main/kotlin/io/goauthentik/api/models/PaginatedDomainList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedDummyPolicyList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedDummyStageList.kt
 src/main/kotlin/io/goauthentik/api/models/PaginatedDuoDeviceList.kt
@@ -894,11 +916,13 @@ src/main/kotlin/io/goauthentik/api/models/PatchedAuthenticatorStaticStageRequest
 src/main/kotlin/io/goauthentik/api/models/PatchedAuthenticatorTOTPStageRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedAuthenticatorValidateStageRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedBlueprintInstanceRequest.kt
+src/main/kotlin/io/goauthentik/api/models/PatchedBrandRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedCaptchaStageRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedCertificateKeyPairRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedConsentStageRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedDenyStageRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedDockerServiceConnectionRequest.kt
+src/main/kotlin/io/goauthentik/api/models/PatchedDomainRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedDummyPolicyRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedDummyStageRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedDuoDeviceRequest.kt
@@ -947,6 +971,7 @@ src/main/kotlin/io/goauthentik/api/models/PatchedSCIMMappingRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedSCIMProviderRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedSMSDeviceRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedScopeMappingRequest.kt
+src/main/kotlin/io/goauthentik/api/models/PatchedSettingsRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedStaticDeviceRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedTOTPDeviceRequest.kt
 src/main/kotlin/io/goauthentik/api/models/PatchedTenantRequest.kt
@@ -1032,6 +1057,8 @@ src/main/kotlin/io/goauthentik/api/models/ServiceConnection.kt
 src/main/kotlin/io/goauthentik/api/models/ServiceConnectionRequest.kt
 src/main/kotlin/io/goauthentik/api/models/ServiceConnectionState.kt
 src/main/kotlin/io/goauthentik/api/models/SessionUser.kt
+src/main/kotlin/io/goauthentik/api/models/Settings.kt
+src/main/kotlin/io/goauthentik/api/models/SettingsRequest.kt
 src/main/kotlin/io/goauthentik/api/models/SeverityEnum.kt
 src/main/kotlin/io/goauthentik/api/models/ShellChallenge.kt
 src/main/kotlin/io/goauthentik/api/models/SignatureAlgorithmEnum.kt
@@ -1054,6 +1081,9 @@ src/main/kotlin/io/goauthentik/api/models/TOTPDeviceRequest.kt
 src/main/kotlin/io/goauthentik/api/models/Task.kt
 src/main/kotlin/io/goauthentik/api/models/TaskStatusEnum.kt
 src/main/kotlin/io/goauthentik/api/models/Tenant.kt
+src/main/kotlin/io/goauthentik/api/models/TenantAdminGroupRequestRequest.kt
+src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyRequestRequest.kt
+src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyResponse.kt
 src/main/kotlin/io/goauthentik/api/models/TenantRequest.kt
 src/main/kotlin/io/goauthentik/api/models/Token.kt
 src/main/kotlin/io/goauthentik/api/models/TokenModel.kt
diff --git a/README.md b/README.md
index 5252572..eff891a 100644
--- a/README.md
+++ b/README.md
@@ -26,6 +26,9 @@ Class | Method | HTTP request | Description
 *AdminApi* | [**adminAppsList**](docs/AdminApi.md#adminappslist) | **GET** /admin/apps/ | 
 *AdminApi* | [**adminMetricsRetrieve**](docs/AdminApi.md#adminmetricsretrieve) | **GET** /admin/metrics/ | 
 *AdminApi* | [**adminModelsList**](docs/AdminApi.md#adminmodelslist) | **GET** /admin/models/ | 
+*AdminApi* | [**adminSettingsPartialUpdate**](docs/AdminApi.md#adminsettingspartialupdate) | **PATCH** /admin/settings/ | 
+*AdminApi* | [**adminSettingsRetrieve**](docs/AdminApi.md#adminsettingsretrieve) | **GET** /admin/settings/ | 
+*AdminApi* | [**adminSettingsUpdate**](docs/AdminApi.md#adminsettingsupdate) | **PUT** /admin/settings/ | 
 *AdminApi* | [**adminSystemCreate**](docs/AdminApi.md#adminsystemcreate) | **POST** /admin/system/ | 
 *AdminApi* | [**adminSystemRetrieve**](docs/AdminApi.md#adminsystemretrieve) | **GET** /admin/system/ | 
 *AdminApi* | [**adminSystemTasksList**](docs/AdminApi.md#adminsystemtaskslist) | **GET** /admin/system_tasks/ | 
@@ -110,6 +113,14 @@ Class | Method | HTTP request | Description
 *CoreApi* | [**coreAuthenticatedSessionsList**](docs/CoreApi.md#coreauthenticatedsessionslist) | **GET** /core/authenticated_sessions/ | 
 *CoreApi* | [**coreAuthenticatedSessionsRetrieve**](docs/CoreApi.md#coreauthenticatedsessionsretrieve) | **GET** /core/authenticated_sessions/{uuid}/ | 
 *CoreApi* | [**coreAuthenticatedSessionsUsedByList**](docs/CoreApi.md#coreauthenticatedsessionsusedbylist) | **GET** /core/authenticated_sessions/{uuid}/used_by/ | 
+*CoreApi* | [**coreBrandsCreate**](docs/CoreApi.md#corebrandscreate) | **POST** /core/brands/ | 
+*CoreApi* | [**coreBrandsCurrentRetrieve**](docs/CoreApi.md#corebrandscurrentretrieve) | **GET** /core/brands/current/ | 
+*CoreApi* | [**coreBrandsDestroy**](docs/CoreApi.md#corebrandsdestroy) | **DELETE** /core/brands/{brand_uuid}/ | 
+*CoreApi* | [**coreBrandsList**](docs/CoreApi.md#corebrandslist) | **GET** /core/brands/ | 
+*CoreApi* | [**coreBrandsPartialUpdate**](docs/CoreApi.md#corebrandspartialupdate) | **PATCH** /core/brands/{brand_uuid}/ | 
+*CoreApi* | [**coreBrandsRetrieve**](docs/CoreApi.md#corebrandsretrieve) | **GET** /core/brands/{brand_uuid}/ | 
+*CoreApi* | [**coreBrandsUpdate**](docs/CoreApi.md#corebrandsupdate) | **PUT** /core/brands/{brand_uuid}/ | 
+*CoreApi* | [**coreBrandsUsedByList**](docs/CoreApi.md#corebrandsusedbylist) | **GET** /core/brands/{brand_uuid}/used_by/ | 
 *CoreApi* | [**coreGroupsAddUserCreate**](docs/CoreApi.md#coregroupsaddusercreate) | **POST** /core/groups/{group_uuid}/add_user/ | 
 *CoreApi* | [**coreGroupsCreate**](docs/CoreApi.md#coregroupscreate) | **POST** /core/groups/ | 
 *CoreApi* | [**coreGroupsDestroy**](docs/CoreApi.md#coregroupsdestroy) | **DELETE** /core/groups/{group_uuid}/ | 
@@ -119,14 +130,6 @@ Class | Method | HTTP request | Description
 *CoreApi* | [**coreGroupsRetrieve**](docs/CoreApi.md#coregroupsretrieve) | **GET** /core/groups/{group_uuid}/ | 
 *CoreApi* | [**coreGroupsUpdate**](docs/CoreApi.md#coregroupsupdate) | **PUT** /core/groups/{group_uuid}/ | 
 *CoreApi* | [**coreGroupsUsedByList**](docs/CoreApi.md#coregroupsusedbylist) | **GET** /core/groups/{group_uuid}/used_by/ | 
-*CoreApi* | [**coreTenantsCreate**](docs/CoreApi.md#coretenantscreate) | **POST** /core/tenants/ | 
-*CoreApi* | [**coreTenantsCurrentRetrieve**](docs/CoreApi.md#coretenantscurrentretrieve) | **GET** /core/tenants/current/ | 
-*CoreApi* | [**coreTenantsDestroy**](docs/CoreApi.md#coretenantsdestroy) | **DELETE** /core/tenants/{tenant_uuid}/ | 
-*CoreApi* | [**coreTenantsList**](docs/CoreApi.md#coretenantslist) | **GET** /core/tenants/ | 
-*CoreApi* | [**coreTenantsPartialUpdate**](docs/CoreApi.md#coretenantspartialupdate) | **PATCH** /core/tenants/{tenant_uuid}/ | 
-*CoreApi* | [**coreTenantsRetrieve**](docs/CoreApi.md#coretenantsretrieve) | **GET** /core/tenants/{tenant_uuid}/ | 
-*CoreApi* | [**coreTenantsUpdate**](docs/CoreApi.md#coretenantsupdate) | **PUT** /core/tenants/{tenant_uuid}/ | 
-*CoreApi* | [**coreTenantsUsedByList**](docs/CoreApi.md#coretenantsusedbylist) | **GET** /core/tenants/{tenant_uuid}/used_by/ | 
 *CoreApi* | [**coreTokensCreate**](docs/CoreApi.md#coretokenscreate) | **POST** /core/tokens/ | 
 *CoreApi* | [**coreTokensDestroy**](docs/CoreApi.md#coretokensdestroy) | **DELETE** /core/tokens/{identifier}/ | 
 *CoreApi* | [**coreTokensList**](docs/CoreApi.md#coretokenslist) | **GET** /core/tokens/ | 
@@ -712,6 +715,20 @@ Class | Method | HTTP request | Description
 *StagesApi* | [**stagesUserWriteRetrieve**](docs/StagesApi.md#stagesuserwriteretrieve) | **GET** /stages/user_write/{stage_uuid}/ | 
 *StagesApi* | [**stagesUserWriteUpdate**](docs/StagesApi.md#stagesuserwriteupdate) | **PUT** /stages/user_write/{stage_uuid}/ | 
 *StagesApi* | [**stagesUserWriteUsedByList**](docs/StagesApi.md#stagesuserwriteusedbylist) | **GET** /stages/user_write/{stage_uuid}/used_by/ | 
+*TenantsApi* | [**tenantsDomainsCreate**](docs/TenantsApi.md#tenantsdomainscreate) | **POST** /tenants/domains/ | 
+*TenantsApi* | [**tenantsDomainsDestroy**](docs/TenantsApi.md#tenantsdomainsdestroy) | **DELETE** /tenants/domains/{id}/ | 
+*TenantsApi* | [**tenantsDomainsList**](docs/TenantsApi.md#tenantsdomainslist) | **GET** /tenants/domains/ | 
+*TenantsApi* | [**tenantsDomainsPartialUpdate**](docs/TenantsApi.md#tenantsdomainspartialupdate) | **PATCH** /tenants/domains/{id}/ | 
+*TenantsApi* | [**tenantsDomainsRetrieve**](docs/TenantsApi.md#tenantsdomainsretrieve) | **GET** /tenants/domains/{id}/ | 
+*TenantsApi* | [**tenantsDomainsUpdate**](docs/TenantsApi.md#tenantsdomainsupdate) | **PUT** /tenants/domains/{id}/ | 
+*TenantsApi* | [**tenantsTenantsCreate**](docs/TenantsApi.md#tenantstenantscreate) | **POST** /tenants/tenants/ | 
+*TenantsApi* | [**tenantsTenantsCreateAdminGroupCreate**](docs/TenantsApi.md#tenantstenantscreateadmingroupcreate) | **POST** /tenants/tenants/{tenant_uuid}/create_admin_group/ | 
+*TenantsApi* | [**tenantsTenantsCreateRecoveryKeyCreate**](docs/TenantsApi.md#tenantstenantscreaterecoverykeycreate) | **POST** /tenants/tenants/{tenant_uuid}/create_recovery_key/ | 
+*TenantsApi* | [**tenantsTenantsDestroy**](docs/TenantsApi.md#tenantstenantsdestroy) | **DELETE** /tenants/tenants/{tenant_uuid}/ | 
+*TenantsApi* | [**tenantsTenantsList**](docs/TenantsApi.md#tenantstenantslist) | **GET** /tenants/tenants/ | 
+*TenantsApi* | [**tenantsTenantsPartialUpdate**](docs/TenantsApi.md#tenantstenantspartialupdate) | **PATCH** /tenants/tenants/{tenant_uuid}/ | 
+*TenantsApi* | [**tenantsTenantsRetrieve**](docs/TenantsApi.md#tenantstenantsretrieve) | **GET** /tenants/tenants/{tenant_uuid}/ | 
+*TenantsApi* | [**tenantsTenantsUpdate**](docs/TenantsApi.md#tenantstenantsupdate) | **PUT** /tenants/tenants/{tenant_uuid}/ | 
 
 
 ## Documentation For Models
@@ -768,6 +785,8 @@ Class | Method | HTTP request | Description
  - [BlueprintInstance](docs/BlueprintInstance.md)
  - [BlueprintInstanceRequest](docs/BlueprintInstanceRequest.md)
  - [BlueprintInstanceStatusEnum](docs/BlueprintInstanceStatusEnum.md)
+ - [Brand](docs/Brand.md)
+ - [BrandRequest](docs/BrandRequest.md)
  - [Cache](docs/Cache.md)
  - [CapabilitiesEnum](docs/CapabilitiesEnum.md)
  - [CaptchaChallenge](docs/CaptchaChallenge.md)
@@ -791,7 +810,7 @@ Class | Method | HTTP request | Description
  - [ContextualFlowInfo](docs/ContextualFlowInfo.md)
  - [ContextualFlowInfoLayoutEnum](docs/ContextualFlowInfoLayoutEnum.md)
  - [Coordinate](docs/Coordinate.md)
- - [CurrentTenant](docs/CurrentTenant.md)
+ - [CurrentBrand](docs/CurrentBrand.md)
  - [DeniedActionEnum](docs/DeniedActionEnum.md)
  - [DenyStage](docs/DenyStage.md)
  - [DenyStageRequest](docs/DenyStageRequest.md)
@@ -803,6 +822,8 @@ Class | Method | HTTP request | Description
  - [DigitsEnum](docs/DigitsEnum.md)
  - [DockerServiceConnection](docs/DockerServiceConnection.md)
  - [DockerServiceConnectionRequest](docs/DockerServiceConnectionRequest.md)
+ - [Domain](docs/Domain.md)
+ - [DomainRequest](docs/DomainRequest.md)
  - [DummyChallenge](docs/DummyChallenge.md)
  - [DummyChallengeResponseRequest](docs/DummyChallengeResponseRequest.md)
  - [DummyPolicy](docs/DummyPolicy.md)
@@ -926,11 +947,13 @@ Class | Method | HTTP request | Description
  - [PaginatedAuthenticatorTOTPStageList](docs/PaginatedAuthenticatorTOTPStageList.md)
  - [PaginatedAuthenticatorValidateStageList](docs/PaginatedAuthenticatorValidateStageList.md)
  - [PaginatedBlueprintInstanceList](docs/PaginatedBlueprintInstanceList.md)
+ - [PaginatedBrandList](docs/PaginatedBrandList.md)
  - [PaginatedCaptchaStageList](docs/PaginatedCaptchaStageList.md)
  - [PaginatedCertificateKeyPairList](docs/PaginatedCertificateKeyPairList.md)
  - [PaginatedConsentStageList](docs/PaginatedConsentStageList.md)
  - [PaginatedDenyStageList](docs/PaginatedDenyStageList.md)
  - [PaginatedDockerServiceConnectionList](docs/PaginatedDockerServiceConnectionList.md)
+ - [PaginatedDomainList](docs/PaginatedDomainList.md)
  - [PaginatedDummyPolicyList](docs/PaginatedDummyPolicyList.md)
  - [PaginatedDummyStageList](docs/PaginatedDummyStageList.md)
  - [PaginatedDuoDeviceList](docs/PaginatedDuoDeviceList.md)
@@ -1026,11 +1049,13 @@ Class | Method | HTTP request | Description
  - [PatchedAuthenticatorTOTPStageRequest](docs/PatchedAuthenticatorTOTPStageRequest.md)
  - [PatchedAuthenticatorValidateStageRequest](docs/PatchedAuthenticatorValidateStageRequest.md)
  - [PatchedBlueprintInstanceRequest](docs/PatchedBlueprintInstanceRequest.md)
+ - [PatchedBrandRequest](docs/PatchedBrandRequest.md)
  - [PatchedCaptchaStageRequest](docs/PatchedCaptchaStageRequest.md)
  - [PatchedCertificateKeyPairRequest](docs/PatchedCertificateKeyPairRequest.md)
  - [PatchedConsentStageRequest](docs/PatchedConsentStageRequest.md)
  - [PatchedDenyStageRequest](docs/PatchedDenyStageRequest.md)
  - [PatchedDockerServiceConnectionRequest](docs/PatchedDockerServiceConnectionRequest.md)
+ - [PatchedDomainRequest](docs/PatchedDomainRequest.md)
  - [PatchedDummyPolicyRequest](docs/PatchedDummyPolicyRequest.md)
  - [PatchedDummyStageRequest](docs/PatchedDummyStageRequest.md)
  - [PatchedDuoDeviceRequest](docs/PatchedDuoDeviceRequest.md)
@@ -1079,6 +1104,7 @@ Class | Method | HTTP request | Description
  - [PatchedSCIMProviderRequest](docs/PatchedSCIMProviderRequest.md)
  - [PatchedSMSDeviceRequest](docs/PatchedSMSDeviceRequest.md)
  - [PatchedScopeMappingRequest](docs/PatchedScopeMappingRequest.md)
+ - [PatchedSettingsRequest](docs/PatchedSettingsRequest.md)
  - [PatchedStaticDeviceRequest](docs/PatchedStaticDeviceRequest.md)
  - [PatchedTOTPDeviceRequest](docs/PatchedTOTPDeviceRequest.md)
  - [PatchedTenantRequest](docs/PatchedTenantRequest.md)
@@ -1164,6 +1190,8 @@ Class | Method | HTTP request | Description
  - [ServiceConnectionRequest](docs/ServiceConnectionRequest.md)
  - [ServiceConnectionState](docs/ServiceConnectionState.md)
  - [SessionUser](docs/SessionUser.md)
+ - [Settings](docs/Settings.md)
+ - [SettingsRequest](docs/SettingsRequest.md)
  - [SeverityEnum](docs/SeverityEnum.md)
  - [ShellChallenge](docs/ShellChallenge.md)
  - [SignatureAlgorithmEnum](docs/SignatureAlgorithmEnum.md)
@@ -1186,6 +1214,9 @@ Class | Method | HTTP request | Description
  - [Task](docs/Task.md)
  - [TaskStatusEnum](docs/TaskStatusEnum.md)
  - [Tenant](docs/Tenant.md)
+ - [TenantAdminGroupRequestRequest](docs/TenantAdminGroupRequestRequest.md)
+ - [TenantRecoveryKeyRequestRequest](docs/TenantRecoveryKeyRequestRequest.md)
+ - [TenantRecoveryKeyResponse](docs/TenantRecoveryKeyResponse.md)
  - [TenantRequest](docs/TenantRequest.md)
  - [Token](docs/Token.md)
  - [TokenModel](docs/TokenModel.md)
diff --git a/docs/AdminApi.md b/docs/AdminApi.md
index 0d4f91b..c04b8ca 100644
--- a/docs/AdminApi.md
+++ b/docs/AdminApi.md
@@ -7,6 +7,9 @@ Method | HTTP request | Description
 [**adminAppsList**](AdminApi.md#adminAppsList) | **GET** /admin/apps/ | 
 [**adminMetricsRetrieve**](AdminApi.md#adminMetricsRetrieve) | **GET** /admin/metrics/ | 
 [**adminModelsList**](AdminApi.md#adminModelsList) | **GET** /admin/models/ | 
+[**adminSettingsPartialUpdate**](AdminApi.md#adminSettingsPartialUpdate) | **PATCH** /admin/settings/ | 
+[**adminSettingsRetrieve**](AdminApi.md#adminSettingsRetrieve) | **GET** /admin/settings/ | 
+[**adminSettingsUpdate**](AdminApi.md#adminSettingsUpdate) | **PUT** /admin/settings/ | 
 [**adminSystemCreate**](AdminApi.md#adminSystemCreate) | **POST** /admin/system/ | 
 [**adminSystemRetrieve**](AdminApi.md#adminSystemRetrieve) | **GET** /admin/system/ | 
 [**adminSystemTasksList**](AdminApi.md#adminSystemTasksList) | **GET** /admin/system_tasks/ | 
@@ -154,6 +157,152 @@ Configure authentik:
  - **Content-Type**: Not defined
  - **Accept**: application/json
 
+<a id="adminSettingsPartialUpdate"></a>
+# **adminSettingsPartialUpdate**
+> Settings adminSettingsPartialUpdate(patchedSettingsRequest)
+
+
+
+Settings view
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = AdminApi()
+val patchedSettingsRequest : PatchedSettingsRequest =  // PatchedSettingsRequest | 
+try {
+    val result : Settings = apiInstance.adminSettingsPartialUpdate(patchedSettingsRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling AdminApi#adminSettingsPartialUpdate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling AdminApi#adminSettingsPartialUpdate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **patchedSettingsRequest** | [**PatchedSettingsRequest**](PatchedSettingsRequest.md)|  | [optional]
+
+### Return type
+
+[**Settings**](Settings.md)
+
+### Authorization
+
+
+Configure authentik:
+    ApiClient.apiKey["Authorization"] = ""
+    ApiClient.apiKeyPrefix["Authorization"] = ""
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
+<a id="adminSettingsRetrieve"></a>
+# **adminSettingsRetrieve**
+> Settings adminSettingsRetrieve()
+
+
+
+Settings view
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = AdminApi()
+try {
+    val result : Settings = apiInstance.adminSettingsRetrieve()
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling AdminApi#adminSettingsRetrieve")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling AdminApi#adminSettingsRetrieve")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+This endpoint does not need any parameter.
+
+### Return type
+
+[**Settings**](Settings.md)
+
+### Authorization
+
+
+Configure authentik:
+    ApiClient.apiKey["Authorization"] = ""
+    ApiClient.apiKeyPrefix["Authorization"] = ""
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+<a id="adminSettingsUpdate"></a>
+# **adminSettingsUpdate**
+> Settings adminSettingsUpdate(settingsRequest)
+
+
+
+Settings view
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = AdminApi()
+val settingsRequest : SettingsRequest =  // SettingsRequest | 
+try {
+    val result : Settings = apiInstance.adminSettingsUpdate(settingsRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling AdminApi#adminSettingsUpdate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling AdminApi#adminSettingsUpdate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **settingsRequest** | [**SettingsRequest**](SettingsRequest.md)|  | [optional]
+
+### Return type
+
+[**Settings**](Settings.md)
+
+### Authorization
+
+
+Configure authentik:
+    ApiClient.apiKey["Authorization"] = ""
+    ApiClient.apiKeyPrefix["Authorization"] = ""
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
 <a id="adminSystemCreate"></a>
 # **adminSystemCreate**
 > SystemInfo adminSystemCreate()
diff --git a/docs/AppEnum.md b/docs/AppEnum.md
index 347481a..fc01814 100644
--- a/docs/AppEnum.md
+++ b/docs/AppEnum.md
@@ -4,6 +4,8 @@
 ## Enum
 
 
+    * `tenants` (value: `"authentik.tenants"`)
+
     * `admin` (value: `"authentik.admin"`)
 
     * `api` (value: `"authentik.api"`)
@@ -94,7 +96,7 @@
 
     * `stagesPeriodUserWrite` (value: `"authentik.stages.user_write"`)
 
-    * `tenants` (value: `"authentik.tenants"`)
+    * `brands` (value: `"authentik.brands"`)
 
     * `blueprints` (value: `"authentik.blueprints"`)
 
diff --git a/docs/Brand.md b/docs/Brand.md
new file mode 100644
index 0000000..c91c9c2
--- /dev/null
+++ b/docs/Brand.md
@@ -0,0 +1,23 @@
+
+# Brand
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**brandUuid** | [**java.util.UUID**](java.util.UUID.md) |  |  [readonly]
+**domain** | **kotlin.String** | Domain that activates this brand. Can be a superset, i.e. &#x60;a.b&#x60; for &#x60;aa.b&#x60; and &#x60;ba.b&#x60; | 
+**default** | **kotlin.Boolean** |  |  [optional]
+**brandingTitle** | **kotlin.String** |  |  [optional]
+**brandingLogo** | **kotlin.String** |  |  [optional]
+**brandingFavicon** | **kotlin.String** |  |  [optional]
+**flowAuthentication** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowInvalidation** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowRecovery** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowUnenrollment** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowUserSettings** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowDeviceCode** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**webCertificate** | [**java.util.UUID**](java.util.UUID.md) | Web Certificate used by the authentik Core webserver. |  [optional]
+**attributes** | [**kotlin.Any**](.md) |  |  [optional]
+
+
+
diff --git a/docs/BrandRequest.md b/docs/BrandRequest.md
new file mode 100644
index 0000000..f955625
--- /dev/null
+++ b/docs/BrandRequest.md
@@ -0,0 +1,22 @@
+
+# BrandRequest
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**domain** | **kotlin.String** | Domain that activates this brand. Can be a superset, i.e. &#x60;a.b&#x60; for &#x60;aa.b&#x60; and &#x60;ba.b&#x60; | 
+**default** | **kotlin.Boolean** |  |  [optional]
+**brandingTitle** | **kotlin.String** |  |  [optional]
+**brandingLogo** | **kotlin.String** |  |  [optional]
+**brandingFavicon** | **kotlin.String** |  |  [optional]
+**flowAuthentication** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowInvalidation** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowRecovery** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowUnenrollment** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowUserSettings** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowDeviceCode** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**webCertificate** | [**java.util.UUID**](java.util.UUID.md) | Web Certificate used by the authentik Core webserver. |  [optional]
+**attributes** | [**kotlin.Any**](.md) |  |  [optional]
+
+
+
diff --git a/docs/CoreApi.md b/docs/CoreApi.md
index b67e580..c1759cf 100644
--- a/docs/CoreApi.md
+++ b/docs/CoreApi.md
@@ -19,6 +19,14 @@ Method | HTTP request | Description
 [**coreAuthenticatedSessionsList**](CoreApi.md#coreAuthenticatedSessionsList) | **GET** /core/authenticated_sessions/ | 
 [**coreAuthenticatedSessionsRetrieve**](CoreApi.md#coreAuthenticatedSessionsRetrieve) | **GET** /core/authenticated_sessions/{uuid}/ | 
 [**coreAuthenticatedSessionsUsedByList**](CoreApi.md#coreAuthenticatedSessionsUsedByList) | **GET** /core/authenticated_sessions/{uuid}/used_by/ | 
+[**coreBrandsCreate**](CoreApi.md#coreBrandsCreate) | **POST** /core/brands/ | 
+[**coreBrandsCurrentRetrieve**](CoreApi.md#coreBrandsCurrentRetrieve) | **GET** /core/brands/current/ | 
+[**coreBrandsDestroy**](CoreApi.md#coreBrandsDestroy) | **DELETE** /core/brands/{brand_uuid}/ | 
+[**coreBrandsList**](CoreApi.md#coreBrandsList) | **GET** /core/brands/ | 
+[**coreBrandsPartialUpdate**](CoreApi.md#coreBrandsPartialUpdate) | **PATCH** /core/brands/{brand_uuid}/ | 
+[**coreBrandsRetrieve**](CoreApi.md#coreBrandsRetrieve) | **GET** /core/brands/{brand_uuid}/ | 
+[**coreBrandsUpdate**](CoreApi.md#coreBrandsUpdate) | **PUT** /core/brands/{brand_uuid}/ | 
+[**coreBrandsUsedByList**](CoreApi.md#coreBrandsUsedByList) | **GET** /core/brands/{brand_uuid}/used_by/ | 
 [**coreGroupsAddUserCreate**](CoreApi.md#coreGroupsAddUserCreate) | **POST** /core/groups/{group_uuid}/add_user/ | 
 [**coreGroupsCreate**](CoreApi.md#coreGroupsCreate) | **POST** /core/groups/ | 
 [**coreGroupsDestroy**](CoreApi.md#coreGroupsDestroy) | **DELETE** /core/groups/{group_uuid}/ | 
@@ -28,14 +36,6 @@ Method | HTTP request | Description
 [**coreGroupsRetrieve**](CoreApi.md#coreGroupsRetrieve) | **GET** /core/groups/{group_uuid}/ | 
 [**coreGroupsUpdate**](CoreApi.md#coreGroupsUpdate) | **PUT** /core/groups/{group_uuid}/ | 
 [**coreGroupsUsedByList**](CoreApi.md#coreGroupsUsedByList) | **GET** /core/groups/{group_uuid}/used_by/ | 
-[**coreTenantsCreate**](CoreApi.md#coreTenantsCreate) | **POST** /core/tenants/ | 
-[**coreTenantsCurrentRetrieve**](CoreApi.md#coreTenantsCurrentRetrieve) | **GET** /core/tenants/current/ | 
-[**coreTenantsDestroy**](CoreApi.md#coreTenantsDestroy) | **DELETE** /core/tenants/{tenant_uuid}/ | 
-[**coreTenantsList**](CoreApi.md#coreTenantsList) | **GET** /core/tenants/ | 
-[**coreTenantsPartialUpdate**](CoreApi.md#coreTenantsPartialUpdate) | **PATCH** /core/tenants/{tenant_uuid}/ | 
-[**coreTenantsRetrieve**](CoreApi.md#coreTenantsRetrieve) | **GET** /core/tenants/{tenant_uuid}/ | 
-[**coreTenantsUpdate**](CoreApi.md#coreTenantsUpdate) | **PUT** /core/tenants/{tenant_uuid}/ | 
-[**coreTenantsUsedByList**](CoreApi.md#coreTenantsUsedByList) | **GET** /core/tenants/{tenant_uuid}/used_by/ | 
 [**coreTokensCreate**](CoreApi.md#coreTokensCreate) | **POST** /core/tokens/ | 
 [**coreTokensDestroy**](CoreApi.md#coreTokensDestroy) | **DELETE** /core/tokens/{identifier}/ | 
 [**coreTokensList**](CoreApi.md#coreTokensList) | **GET** /core/tokens/ | 
@@ -858,13 +858,13 @@ Configure authentik:
  - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreGroupsAddUserCreate"></a>
-# **coreGroupsAddUserCreate**
-> coreGroupsAddUserCreate(groupUuid, userAccountRequest)
+<a id="coreBrandsCreate"></a>
+# **coreBrandsCreate**
+> Brand coreBrandsCreate(brandRequest)
 
 
 
-Add user to group
+Brand Viewset
 
 ### Example
 ```kotlin
@@ -873,15 +873,15 @@ Add user to group
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
-val userAccountRequest : UserAccountRequest =  // UserAccountRequest | 
+val brandRequest : BrandRequest =  // BrandRequest | 
 try {
-    apiInstance.coreGroupsAddUserCreate(groupUuid, userAccountRequest)
+    val result : Brand = apiInstance.coreBrandsCreate(brandRequest)
+    println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsAddUserCreate")
+    println("4xx response calling CoreApi#coreBrandsCreate")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsAddUserCreate")
+    println("5xx response calling CoreApi#coreBrandsCreate")
     e.printStackTrace()
 }
 ```
@@ -890,12 +890,11 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
- **userAccountRequest** | [**UserAccountRequest**](UserAccountRequest.md)|  |
+ **brandRequest** | [**BrandRequest**](BrandRequest.md)|  |
 
 ### Return type
 
-null (empty response body)
+[**Brand**](Brand.md)
 
 ### Authorization
 
@@ -909,13 +908,13 @@ Configure authentik:
  - **Content-Type**: application/json
  - **Accept**: application/json
 
-<a id="coreGroupsCreate"></a>
-# **coreGroupsCreate**
-> Group coreGroupsCreate(groupRequest)
+<a id="coreBrandsCurrentRetrieve"></a>
+# **coreBrandsCurrentRetrieve**
+> CurrentBrand coreBrandsCurrentRetrieve()
 
 
 
-Group Viewset
+Get current brand
 
 ### Example
 ```kotlin
@@ -924,28 +923,24 @@ Group Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val groupRequest : GroupRequest =  // GroupRequest | 
 try {
-    val result : Group = apiInstance.coreGroupsCreate(groupRequest)
+    val result : CurrentBrand = apiInstance.coreBrandsCurrentRetrieve()
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsCreate")
+    println("4xx response calling CoreApi#coreBrandsCurrentRetrieve")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsCreate")
+    println("5xx response calling CoreApi#coreBrandsCurrentRetrieve")
     e.printStackTrace()
 }
 ```
 
 ### Parameters
-
-Name | Type | Description  | Notes
-------------- | ------------- | ------------- | -------------
- **groupRequest** | [**GroupRequest**](GroupRequest.md)|  |
+This endpoint does not need any parameter.
 
 ### Return type
 
-[**Group**](Group.md)
+[**CurrentBrand**](CurrentBrand.md)
 
 ### Authorization
 
@@ -956,16 +951,16 @@ Configure authentik:
 
 ### HTTP request headers
 
- - **Content-Type**: application/json
+ - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreGroupsDestroy"></a>
-# **coreGroupsDestroy**
-> coreGroupsDestroy(groupUuid)
+<a id="coreBrandsDestroy"></a>
+# **coreBrandsDestroy**
+> coreBrandsDestroy(brandUuid)
 
 
 
-Group Viewset
+Brand Viewset
 
 ### Example
 ```kotlin
@@ -974,14 +969,14 @@ Group Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
+val brandUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Brand.
 try {
-    apiInstance.coreGroupsDestroy(groupUuid)
+    apiInstance.coreBrandsDestroy(brandUuid)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsDestroy")
+    println("4xx response calling CoreApi#coreBrandsDestroy")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsDestroy")
+    println("5xx response calling CoreApi#coreBrandsDestroy")
     e.printStackTrace()
 }
 ```
@@ -990,7 +985,7 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
+ **brandUuid** | **java.util.UUID**| A UUID string identifying this Brand. |
 
 ### Return type
 
@@ -1008,13 +1003,13 @@ Configure authentik:
  - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreGroupsList"></a>
-# **coreGroupsList**
-> PaginatedGroupList coreGroupsList(attributes, isSuperuser, membersByPk, membersByUsername, name, ordering, page, pageSize, search)
+<a id="coreBrandsList"></a>
+# **coreBrandsList**
+> PaginatedBrandList coreBrandsList(brandUuid, brandingFavicon, brandingLogo, brandingTitle, default, domain, flowAuthentication, flowDeviceCode, flowInvalidation, flowRecovery, flowUnenrollment, flowUserSettings, ordering, page, pageSize, search, webCertificate)
 
 
 
-Group Viewset
+Brand Viewset
 
 ### Example
 ```kotlin
@@ -1023,23 +1018,31 @@ Group Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val attributes : kotlin.String = attributes_example // kotlin.String | Attributes
-val isSuperuser : kotlin.Boolean = true // kotlin.Boolean | 
-val membersByPk : kotlin.collections.List<kotlin.Int> =  // kotlin.collections.List<kotlin.Int> | 
-val membersByUsername : kotlin.collections.List<kotlin.String> =  // kotlin.collections.List<kotlin.String> | Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.
-val name : kotlin.String = name_example // kotlin.String | 
+val brandUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
+val brandingFavicon : kotlin.String = brandingFavicon_example // kotlin.String | 
+val brandingLogo : kotlin.String = brandingLogo_example // kotlin.String | 
+val brandingTitle : kotlin.String = brandingTitle_example // kotlin.String | 
+val default : kotlin.Boolean = true // kotlin.Boolean | 
+val domain : kotlin.String = domain_example // kotlin.String | 
+val flowAuthentication : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
+val flowDeviceCode : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
+val flowInvalidation : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
+val flowRecovery : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
+val flowUnenrollment : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
+val flowUserSettings : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
 val ordering : kotlin.String = ordering_example // kotlin.String | Which field to use when ordering the results.
 val page : kotlin.Int = 56 // kotlin.Int | A page number within the paginated result set.
 val pageSize : kotlin.Int = 56 // kotlin.Int | Number of results to return per page.
 val search : kotlin.String = search_example // kotlin.String | A search term.
+val webCertificate : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
 try {
-    val result : PaginatedGroupList = apiInstance.coreGroupsList(attributes, isSuperuser, membersByPk, membersByUsername, name, ordering, page, pageSize, search)
+    val result : PaginatedBrandList = apiInstance.coreBrandsList(brandUuid, brandingFavicon, brandingLogo, brandingTitle, default, domain, flowAuthentication, flowDeviceCode, flowInvalidation, flowRecovery, flowUnenrollment, flowUserSettings, ordering, page, pageSize, search, webCertificate)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsList")
+    println("4xx response calling CoreApi#coreBrandsList")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsList")
+    println("5xx response calling CoreApi#coreBrandsList")
     e.printStackTrace()
 }
 ```
@@ -1048,19 +1051,27 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **attributes** | **kotlin.String**| Attributes | [optional]
- **isSuperuser** | **kotlin.Boolean**|  | [optional]
- **membersByPk** | [**kotlin.collections.List&lt;kotlin.Int&gt;**](kotlin.Int.md)|  | [optional]
- **membersByUsername** | [**kotlin.collections.List&lt;kotlin.String&gt;**](kotlin.String.md)| Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. | [optional]
- **name** | **kotlin.String**|  | [optional]
+ **brandUuid** | **java.util.UUID**|  | [optional]
+ **brandingFavicon** | **kotlin.String**|  | [optional]
+ **brandingLogo** | **kotlin.String**|  | [optional]
+ **brandingTitle** | **kotlin.String**|  | [optional]
+ **default** | **kotlin.Boolean**|  | [optional]
+ **domain** | **kotlin.String**|  | [optional]
+ **flowAuthentication** | **java.util.UUID**|  | [optional]
+ **flowDeviceCode** | **java.util.UUID**|  | [optional]
+ **flowInvalidation** | **java.util.UUID**|  | [optional]
+ **flowRecovery** | **java.util.UUID**|  | [optional]
+ **flowUnenrollment** | **java.util.UUID**|  | [optional]
+ **flowUserSettings** | **java.util.UUID**|  | [optional]
  **ordering** | **kotlin.String**| Which field to use when ordering the results. | [optional]
  **page** | **kotlin.Int**| A page number within the paginated result set. | [optional]
  **pageSize** | **kotlin.Int**| Number of results to return per page. | [optional]
  **search** | **kotlin.String**| A search term. | [optional]
+ **webCertificate** | **java.util.UUID**|  | [optional]
 
 ### Return type
 
-[**PaginatedGroupList**](PaginatedGroupList.md)
+[**PaginatedBrandList**](PaginatedBrandList.md)
 
 ### Authorization
 
@@ -1074,13 +1085,13 @@ Configure authentik:
  - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreGroupsPartialUpdate"></a>
-# **coreGroupsPartialUpdate**
-> Group coreGroupsPartialUpdate(groupUuid, patchedGroupRequest)
+<a id="coreBrandsPartialUpdate"></a>
+# **coreBrandsPartialUpdate**
+> Brand coreBrandsPartialUpdate(brandUuid, patchedBrandRequest)
 
 
 
-Group Viewset
+Brand Viewset
 
 ### Example
 ```kotlin
@@ -1089,16 +1100,16 @@ Group Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
-val patchedGroupRequest : PatchedGroupRequest =  // PatchedGroupRequest | 
+val brandUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Brand.
+val patchedBrandRequest : PatchedBrandRequest =  // PatchedBrandRequest | 
 try {
-    val result : Group = apiInstance.coreGroupsPartialUpdate(groupUuid, patchedGroupRequest)
+    val result : Brand = apiInstance.coreBrandsPartialUpdate(brandUuid, patchedBrandRequest)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsPartialUpdate")
+    println("4xx response calling CoreApi#coreBrandsPartialUpdate")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsPartialUpdate")
+    println("5xx response calling CoreApi#coreBrandsPartialUpdate")
     e.printStackTrace()
 }
 ```
@@ -1107,12 +1118,12 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
- **patchedGroupRequest** | [**PatchedGroupRequest**](PatchedGroupRequest.md)|  | [optional]
+ **brandUuid** | **java.util.UUID**| A UUID string identifying this Brand. |
+ **patchedBrandRequest** | [**PatchedBrandRequest**](PatchedBrandRequest.md)|  | [optional]
 
 ### Return type
 
-[**Group**](Group.md)
+[**Brand**](Brand.md)
 
 ### Authorization
 
@@ -1126,13 +1137,13 @@ Configure authentik:
  - **Content-Type**: application/json
  - **Accept**: application/json
 
-<a id="coreGroupsRemoveUserCreate"></a>
-# **coreGroupsRemoveUserCreate**
-> coreGroupsRemoveUserCreate(groupUuid, userAccountRequest)
+<a id="coreBrandsRetrieve"></a>
+# **coreBrandsRetrieve**
+> Brand coreBrandsRetrieve(brandUuid)
 
 
 
-Add user to group
+Brand Viewset
 
 ### Example
 ```kotlin
@@ -1141,15 +1152,15 @@ Add user to group
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
-val userAccountRequest : UserAccountRequest =  // UserAccountRequest | 
+val brandUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Brand.
 try {
-    apiInstance.coreGroupsRemoveUserCreate(groupUuid, userAccountRequest)
+    val result : Brand = apiInstance.coreBrandsRetrieve(brandUuid)
+    println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsRemoveUserCreate")
+    println("4xx response calling CoreApi#coreBrandsRetrieve")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsRemoveUserCreate")
+    println("5xx response calling CoreApi#coreBrandsRetrieve")
     e.printStackTrace()
 }
 ```
@@ -1158,12 +1169,11 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
- **userAccountRequest** | [**UserAccountRequest**](UserAccountRequest.md)|  |
+ **brandUuid** | **java.util.UUID**| A UUID string identifying this Brand. |
 
 ### Return type
 
-null (empty response body)
+[**Brand**](Brand.md)
 
 ### Authorization
 
@@ -1174,16 +1184,16 @@ Configure authentik:
 
 ### HTTP request headers
 
- - **Content-Type**: application/json
+ - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreGroupsRetrieve"></a>
-# **coreGroupsRetrieve**
-> Group coreGroupsRetrieve(groupUuid)
+<a id="coreBrandsUpdate"></a>
+# **coreBrandsUpdate**
+> Brand coreBrandsUpdate(brandUuid, brandRequest)
 
 
 
-Group Viewset
+Brand Viewset
 
 ### Example
 ```kotlin
@@ -1192,15 +1202,16 @@ Group Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
+val brandUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Brand.
+val brandRequest : BrandRequest =  // BrandRequest | 
 try {
-    val result : Group = apiInstance.coreGroupsRetrieve(groupUuid)
+    val result : Brand = apiInstance.coreBrandsUpdate(brandUuid, brandRequest)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsRetrieve")
+    println("4xx response calling CoreApi#coreBrandsUpdate")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsRetrieve")
+    println("5xx response calling CoreApi#coreBrandsUpdate")
     e.printStackTrace()
 }
 ```
@@ -1209,11 +1220,12 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
+ **brandUuid** | **java.util.UUID**| A UUID string identifying this Brand. |
+ **brandRequest** | [**BrandRequest**](BrandRequest.md)|  |
 
 ### Return type
 
-[**Group**](Group.md)
+[**Brand**](Brand.md)
 
 ### Authorization
 
@@ -1224,16 +1236,16 @@ Configure authentik:
 
 ### HTTP request headers
 
- - **Content-Type**: Not defined
+ - **Content-Type**: application/json
  - **Accept**: application/json
 
-<a id="coreGroupsUpdate"></a>
-# **coreGroupsUpdate**
-> Group coreGroupsUpdate(groupUuid, groupRequest)
+<a id="coreBrandsUsedByList"></a>
+# **coreBrandsUsedByList**
+> kotlin.collections.List&lt;UsedBy&gt; coreBrandsUsedByList(brandUuid)
 
 
 
-Group Viewset
+Get a list of all objects that use this object
 
 ### Example
 ```kotlin
@@ -1242,16 +1254,15 @@ Group Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
-val groupRequest : GroupRequest =  // GroupRequest | 
+val brandUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Brand.
 try {
-    val result : Group = apiInstance.coreGroupsUpdate(groupUuid, groupRequest)
+    val result : kotlin.collections.List<UsedBy> = apiInstance.coreBrandsUsedByList(brandUuid)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsUpdate")
+    println("4xx response calling CoreApi#coreBrandsUsedByList")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsUpdate")
+    println("5xx response calling CoreApi#coreBrandsUsedByList")
     e.printStackTrace()
 }
 ```
@@ -1260,12 +1271,11 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
- **groupRequest** | [**GroupRequest**](GroupRequest.md)|  |
+ **brandUuid** | **java.util.UUID**| A UUID string identifying this Brand. |
 
 ### Return type
 
-[**Group**](Group.md)
+[**kotlin.collections.List&lt;UsedBy&gt;**](UsedBy.md)
 
 ### Authorization
 
@@ -1276,16 +1286,16 @@ Configure authentik:
 
 ### HTTP request headers
 
- - **Content-Type**: application/json
+ - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreGroupsUsedByList"></a>
-# **coreGroupsUsedByList**
-> kotlin.collections.List&lt;UsedBy&gt; coreGroupsUsedByList(groupUuid)
+<a id="coreGroupsAddUserCreate"></a>
+# **coreGroupsAddUserCreate**
+> coreGroupsAddUserCreate(groupUuid, userAccountRequest)
 
 
 
-Get a list of all objects that use this object
+Add user to group
 
 ### Example
 ```kotlin
@@ -1295,14 +1305,14 @@ Get a list of all objects that use this object
 
 val apiInstance = CoreApi()
 val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
+val userAccountRequest : UserAccountRequest =  // UserAccountRequest | 
 try {
-    val result : kotlin.collections.List<UsedBy> = apiInstance.coreGroupsUsedByList(groupUuid)
-    println(result)
+    apiInstance.coreGroupsAddUserCreate(groupUuid, userAccountRequest)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreGroupsUsedByList")
+    println("4xx response calling CoreApi#coreGroupsAddUserCreate")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreGroupsUsedByList")
+    println("5xx response calling CoreApi#coreGroupsAddUserCreate")
     e.printStackTrace()
 }
 ```
@@ -1312,10 +1322,11 @@ try {
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
  **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
+ **userAccountRequest** | [**UserAccountRequest**](UserAccountRequest.md)|  |
 
 ### Return type
 
-[**kotlin.collections.List&lt;UsedBy&gt;**](UsedBy.md)
+null (empty response body)
 
 ### Authorization
 
@@ -1326,16 +1337,16 @@ Configure authentik:
 
 ### HTTP request headers
 
- - **Content-Type**: Not defined
+ - **Content-Type**: application/json
  - **Accept**: application/json
 
-<a id="coreTenantsCreate"></a>
-# **coreTenantsCreate**
-> Tenant coreTenantsCreate(tenantRequest)
+<a id="coreGroupsCreate"></a>
+# **coreGroupsCreate**
+> Group coreGroupsCreate(groupRequest)
 
 
 
-Tenant Viewset
+Group Viewset
 
 ### Example
 ```kotlin
@@ -1344,15 +1355,15 @@ Tenant Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val tenantRequest : TenantRequest =  // TenantRequest | 
+val groupRequest : GroupRequest =  // GroupRequest | 
 try {
-    val result : Tenant = apiInstance.coreTenantsCreate(tenantRequest)
+    val result : Group = apiInstance.coreGroupsCreate(groupRequest)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreTenantsCreate")
+    println("4xx response calling CoreApi#coreGroupsCreate")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreTenantsCreate")
+    println("5xx response calling CoreApi#coreGroupsCreate")
     e.printStackTrace()
 }
 ```
@@ -1361,11 +1372,11 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **tenantRequest** | [**TenantRequest**](TenantRequest.md)|  |
+ **groupRequest** | [**GroupRequest**](GroupRequest.md)|  |
 
 ### Return type
 
-[**Tenant**](Tenant.md)
+[**Group**](Group.md)
 
 ### Authorization
 
@@ -1379,13 +1390,13 @@ Configure authentik:
  - **Content-Type**: application/json
  - **Accept**: application/json
 
-<a id="coreTenantsCurrentRetrieve"></a>
-# **coreTenantsCurrentRetrieve**
-> CurrentTenant coreTenantsCurrentRetrieve()
+<a id="coreGroupsDestroy"></a>
+# **coreGroupsDestroy**
+> coreGroupsDestroy(groupUuid)
 
 
 
-Get current tenant
+Group Viewset
 
 ### Example
 ```kotlin
@@ -1394,24 +1405,27 @@ Get current tenant
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
+val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
 try {
-    val result : CurrentTenant = apiInstance.coreTenantsCurrentRetrieve()
-    println(result)
+    apiInstance.coreGroupsDestroy(groupUuid)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreTenantsCurrentRetrieve")
+    println("4xx response calling CoreApi#coreGroupsDestroy")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreTenantsCurrentRetrieve")
+    println("5xx response calling CoreApi#coreGroupsDestroy")
     e.printStackTrace()
 }
 ```
 
 ### Parameters
-This endpoint does not need any parameter.
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
 
 ### Return type
 
-[**CurrentTenant**](CurrentTenant.md)
+null (empty response body)
 
 ### Authorization
 
@@ -1425,13 +1439,13 @@ Configure authentik:
  - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreTenantsDestroy"></a>
-# **coreTenantsDestroy**
-> coreTenantsDestroy(tenantUuid)
+<a id="coreGroupsList"></a>
+# **coreGroupsList**
+> PaginatedGroupList coreGroupsList(attributes, isSuperuser, membersByPk, membersByUsername, name, ordering, page, pageSize, search)
 
 
 
-Tenant Viewset
+Group Viewset
 
 ### Example
 ```kotlin
@@ -1440,14 +1454,23 @@ Tenant Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+val attributes : kotlin.String = attributes_example // kotlin.String | Attributes
+val isSuperuser : kotlin.Boolean = true // kotlin.Boolean | 
+val membersByPk : kotlin.collections.List<kotlin.Int> =  // kotlin.collections.List<kotlin.Int> | 
+val membersByUsername : kotlin.collections.List<kotlin.String> =  // kotlin.collections.List<kotlin.String> | Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only.
+val name : kotlin.String = name_example // kotlin.String | 
+val ordering : kotlin.String = ordering_example // kotlin.String | Which field to use when ordering the results.
+val page : kotlin.Int = 56 // kotlin.Int | A page number within the paginated result set.
+val pageSize : kotlin.Int = 56 // kotlin.Int | Number of results to return per page.
+val search : kotlin.String = search_example // kotlin.String | A search term.
 try {
-    apiInstance.coreTenantsDestroy(tenantUuid)
+    val result : PaginatedGroupList = apiInstance.coreGroupsList(attributes, isSuperuser, membersByPk, membersByUsername, name, ordering, page, pageSize, search)
+    println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreTenantsDestroy")
+    println("4xx response calling CoreApi#coreGroupsList")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreTenantsDestroy")
+    println("5xx response calling CoreApi#coreGroupsList")
     e.printStackTrace()
 }
 ```
@@ -1456,11 +1479,19 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+ **attributes** | **kotlin.String**| Attributes | [optional]
+ **isSuperuser** | **kotlin.Boolean**|  | [optional]
+ **membersByPk** | [**kotlin.collections.List&lt;kotlin.Int&gt;**](kotlin.Int.md)|  | [optional]
+ **membersByUsername** | [**kotlin.collections.List&lt;kotlin.String&gt;**](kotlin.String.md)| Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. | [optional]
+ **name** | **kotlin.String**|  | [optional]
+ **ordering** | **kotlin.String**| Which field to use when ordering the results. | [optional]
+ **page** | **kotlin.Int**| A page number within the paginated result set. | [optional]
+ **pageSize** | **kotlin.Int**| Number of results to return per page. | [optional]
+ **search** | **kotlin.String**| A search term. | [optional]
 
 ### Return type
 
-null (empty response body)
+[**PaginatedGroupList**](PaginatedGroupList.md)
 
 ### Authorization
 
@@ -1474,13 +1505,13 @@ Configure authentik:
  - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreTenantsList"></a>
-# **coreTenantsList**
-> PaginatedTenantList coreTenantsList(brandingFavicon, brandingLogo, brandingTitle, default, domain, eventRetention, flowAuthentication, flowDeviceCode, flowInvalidation, flowRecovery, flowUnenrollment, flowUserSettings, ordering, page, pageSize, search, tenantUuid, webCertificate)
+<a id="coreGroupsPartialUpdate"></a>
+# **coreGroupsPartialUpdate**
+> Group coreGroupsPartialUpdate(groupUuid, patchedGroupRequest)
 
 
 
-Tenant Viewset
+Group Viewset
 
 ### Example
 ```kotlin
@@ -1489,32 +1520,16 @@ Tenant Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val brandingFavicon : kotlin.String = brandingFavicon_example // kotlin.String | 
-val brandingLogo : kotlin.String = brandingLogo_example // kotlin.String | 
-val brandingTitle : kotlin.String = brandingTitle_example // kotlin.String | 
-val default : kotlin.Boolean = true // kotlin.Boolean | 
-val domain : kotlin.String = domain_example // kotlin.String | 
-val eventRetention : kotlin.String = eventRetention_example // kotlin.String | 
-val flowAuthentication : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
-val flowDeviceCode : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
-val flowInvalidation : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
-val flowRecovery : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
-val flowUnenrollment : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
-val flowUserSettings : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
-val ordering : kotlin.String = ordering_example // kotlin.String | Which field to use when ordering the results.
-val page : kotlin.Int = 56 // kotlin.Int | A page number within the paginated result set.
-val pageSize : kotlin.Int = 56 // kotlin.Int | Number of results to return per page.
-val search : kotlin.String = search_example // kotlin.String | A search term.
-val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
-val webCertificate : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | 
+val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
+val patchedGroupRequest : PatchedGroupRequest =  // PatchedGroupRequest | 
 try {
-    val result : PaginatedTenantList = apiInstance.coreTenantsList(brandingFavicon, brandingLogo, brandingTitle, default, domain, eventRetention, flowAuthentication, flowDeviceCode, flowInvalidation, flowRecovery, flowUnenrollment, flowUserSettings, ordering, page, pageSize, search, tenantUuid, webCertificate)
+    val result : Group = apiInstance.coreGroupsPartialUpdate(groupUuid, patchedGroupRequest)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreTenantsList")
+    println("4xx response calling CoreApi#coreGroupsPartialUpdate")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreTenantsList")
+    println("5xx response calling CoreApi#coreGroupsPartialUpdate")
     e.printStackTrace()
 }
 ```
@@ -1523,28 +1538,12 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **brandingFavicon** | **kotlin.String**|  | [optional]
- **brandingLogo** | **kotlin.String**|  | [optional]
- **brandingTitle** | **kotlin.String**|  | [optional]
- **default** | **kotlin.Boolean**|  | [optional]
- **domain** | **kotlin.String**|  | [optional]
- **eventRetention** | **kotlin.String**|  | [optional]
- **flowAuthentication** | **java.util.UUID**|  | [optional]
- **flowDeviceCode** | **java.util.UUID**|  | [optional]
- **flowInvalidation** | **java.util.UUID**|  | [optional]
- **flowRecovery** | **java.util.UUID**|  | [optional]
- **flowUnenrollment** | **java.util.UUID**|  | [optional]
- **flowUserSettings** | **java.util.UUID**|  | [optional]
- **ordering** | **kotlin.String**| Which field to use when ordering the results. | [optional]
- **page** | **kotlin.Int**| A page number within the paginated result set. | [optional]
- **pageSize** | **kotlin.Int**| Number of results to return per page. | [optional]
- **search** | **kotlin.String**| A search term. | [optional]
- **tenantUuid** | **java.util.UUID**|  | [optional]
- **webCertificate** | **java.util.UUID**|  | [optional]
+ **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
+ **patchedGroupRequest** | [**PatchedGroupRequest**](PatchedGroupRequest.md)|  | [optional]
 
 ### Return type
 
-[**PaginatedTenantList**](PaginatedTenantList.md)
+[**Group**](Group.md)
 
 ### Authorization
 
@@ -1555,16 +1554,16 @@ Configure authentik:
 
 ### HTTP request headers
 
- - **Content-Type**: Not defined
+ - **Content-Type**: application/json
  - **Accept**: application/json
 
-<a id="coreTenantsPartialUpdate"></a>
-# **coreTenantsPartialUpdate**
-> Tenant coreTenantsPartialUpdate(tenantUuid, patchedTenantRequest)
+<a id="coreGroupsRemoveUserCreate"></a>
+# **coreGroupsRemoveUserCreate**
+> coreGroupsRemoveUserCreate(groupUuid, userAccountRequest)
 
 
 
-Tenant Viewset
+Add user to group
 
 ### Example
 ```kotlin
@@ -1573,16 +1572,15 @@ Tenant Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
-val patchedTenantRequest : PatchedTenantRequest =  // PatchedTenantRequest | 
+val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
+val userAccountRequest : UserAccountRequest =  // UserAccountRequest | 
 try {
-    val result : Tenant = apiInstance.coreTenantsPartialUpdate(tenantUuid, patchedTenantRequest)
-    println(result)
+    apiInstance.coreGroupsRemoveUserCreate(groupUuid, userAccountRequest)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreTenantsPartialUpdate")
+    println("4xx response calling CoreApi#coreGroupsRemoveUserCreate")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreTenantsPartialUpdate")
+    println("5xx response calling CoreApi#coreGroupsRemoveUserCreate")
     e.printStackTrace()
 }
 ```
@@ -1591,12 +1589,12 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
- **patchedTenantRequest** | [**PatchedTenantRequest**](PatchedTenantRequest.md)|  | [optional]
+ **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
+ **userAccountRequest** | [**UserAccountRequest**](UserAccountRequest.md)|  |
 
 ### Return type
 
-[**Tenant**](Tenant.md)
+null (empty response body)
 
 ### Authorization
 
@@ -1610,13 +1608,13 @@ Configure authentik:
  - **Content-Type**: application/json
  - **Accept**: application/json
 
-<a id="coreTenantsRetrieve"></a>
-# **coreTenantsRetrieve**
-> Tenant coreTenantsRetrieve(tenantUuid)
+<a id="coreGroupsRetrieve"></a>
+# **coreGroupsRetrieve**
+> Group coreGroupsRetrieve(groupUuid)
 
 
 
-Tenant Viewset
+Group Viewset
 
 ### Example
 ```kotlin
@@ -1625,15 +1623,15 @@ Tenant Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
 try {
-    val result : Tenant = apiInstance.coreTenantsRetrieve(tenantUuid)
+    val result : Group = apiInstance.coreGroupsRetrieve(groupUuid)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreTenantsRetrieve")
+    println("4xx response calling CoreApi#coreGroupsRetrieve")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreTenantsRetrieve")
+    println("5xx response calling CoreApi#coreGroupsRetrieve")
     e.printStackTrace()
 }
 ```
@@ -1642,11 +1640,11 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+ **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
 
 ### Return type
 
-[**Tenant**](Tenant.md)
+[**Group**](Group.md)
 
 ### Authorization
 
@@ -1660,13 +1658,13 @@ Configure authentik:
  - **Content-Type**: Not defined
  - **Accept**: application/json
 
-<a id="coreTenantsUpdate"></a>
-# **coreTenantsUpdate**
-> Tenant coreTenantsUpdate(tenantUuid, tenantRequest)
+<a id="coreGroupsUpdate"></a>
+# **coreGroupsUpdate**
+> Group coreGroupsUpdate(groupUuid, groupRequest)
 
 
 
-Tenant Viewset
+Group Viewset
 
 ### Example
 ```kotlin
@@ -1675,16 +1673,16 @@ Tenant Viewset
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
-val tenantRequest : TenantRequest =  // TenantRequest | 
+val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
+val groupRequest : GroupRequest =  // GroupRequest | 
 try {
-    val result : Tenant = apiInstance.coreTenantsUpdate(tenantUuid, tenantRequest)
+    val result : Group = apiInstance.coreGroupsUpdate(groupUuid, groupRequest)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreTenantsUpdate")
+    println("4xx response calling CoreApi#coreGroupsUpdate")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreTenantsUpdate")
+    println("5xx response calling CoreApi#coreGroupsUpdate")
     e.printStackTrace()
 }
 ```
@@ -1693,12 +1691,12 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
- **tenantRequest** | [**TenantRequest**](TenantRequest.md)|  |
+ **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
+ **groupRequest** | [**GroupRequest**](GroupRequest.md)|  |
 
 ### Return type
 
-[**Tenant**](Tenant.md)
+[**Group**](Group.md)
 
 ### Authorization
 
@@ -1712,9 +1710,9 @@ Configure authentik:
  - **Content-Type**: application/json
  - **Accept**: application/json
 
-<a id="coreTenantsUsedByList"></a>
-# **coreTenantsUsedByList**
-> kotlin.collections.List&lt;UsedBy&gt; coreTenantsUsedByList(tenantUuid)
+<a id="coreGroupsUsedByList"></a>
+# **coreGroupsUsedByList**
+> kotlin.collections.List&lt;UsedBy&gt; coreGroupsUsedByList(groupUuid)
 
 
 
@@ -1727,15 +1725,15 @@ Get a list of all objects that use this object
 //import io.goauthentik.api.models.*
 
 val apiInstance = CoreApi()
-val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+val groupUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Group.
 try {
-    val result : kotlin.collections.List<UsedBy> = apiInstance.coreTenantsUsedByList(tenantUuid)
+    val result : kotlin.collections.List<UsedBy> = apiInstance.coreGroupsUsedByList(groupUuid)
     println(result)
 } catch (e: ClientException) {
-    println("4xx response calling CoreApi#coreTenantsUsedByList")
+    println("4xx response calling CoreApi#coreGroupsUsedByList")
     e.printStackTrace()
 } catch (e: ServerException) {
-    println("5xx response calling CoreApi#coreTenantsUsedByList")
+    println("5xx response calling CoreApi#coreGroupsUsedByList")
     e.printStackTrace()
 }
 ```
@@ -1744,7 +1742,7 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+ **groupUuid** | **java.util.UUID**| A UUID string identifying this Group. |
 
 ### Return type
 
diff --git a/docs/CurrentTenant.md b/docs/CurrentBrand.md
similarity index 98%
rename from docs/CurrentTenant.md
rename to docs/CurrentBrand.md
index 658dac5..bde4024 100644
--- a/docs/CurrentTenant.md
+++ b/docs/CurrentBrand.md
@@ -1,5 +1,5 @@
 
-# CurrentTenant
+# CurrentBrand
 
 ## Properties
 Name | Type | Description | Notes
diff --git a/docs/Domain.md b/docs/Domain.md
new file mode 100644
index 0000000..48d1894
--- /dev/null
+++ b/docs/Domain.md
@@ -0,0 +1,13 @@
+
+# Domain
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**id** | **kotlin.Int** |  |  [readonly]
+**domain** | **kotlin.String** |  | 
+**tenant** | [**java.util.UUID**](java.util.UUID.md) |  | 
+**isPrimary** | **kotlin.Boolean** |  |  [optional]
+
+
+
diff --git a/docs/DomainRequest.md b/docs/DomainRequest.md
new file mode 100644
index 0000000..9a56a40
--- /dev/null
+++ b/docs/DomainRequest.md
@@ -0,0 +1,12 @@
+
+# DomainRequest
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**domain** | **kotlin.String** |  | 
+**tenant** | [**java.util.UUID**](java.util.UUID.md) |  | 
+**isPrimary** | **kotlin.Boolean** |  |  [optional]
+
+
+
diff --git a/docs/Event.md b/docs/Event.md
index 080fa81..57cbb6d 100644
--- a/docs/Event.md
+++ b/docs/Event.md
@@ -12,7 +12,7 @@ Name | Type | Description | Notes
 **context** | [**kotlin.Any**](.md) |  |  [optional]
 **clientIp** | **kotlin.String** |  |  [optional]
 **expires** | [**java.time.OffsetDateTime**](java.time.OffsetDateTime.md) |  |  [optional]
-**tenant** | [**kotlin.Any**](.md) |  |  [optional]
+**brand** | [**kotlin.Any**](.md) |  |  [optional]
 
 
 
diff --git a/docs/EventRequest.md b/docs/EventRequest.md
index 5e68812..f3d57bd 100644
--- a/docs/EventRequest.md
+++ b/docs/EventRequest.md
@@ -10,7 +10,7 @@ Name | Type | Description | Notes
 **context** | [**kotlin.Any**](.md) |  |  [optional]
 **clientIp** | **kotlin.String** |  |  [optional]
 **expires** | [**java.time.OffsetDateTime**](java.time.OffsetDateTime.md) |  |  [optional]
-**tenant** | [**kotlin.Any**](.md) |  |  [optional]
+**brand** | [**kotlin.Any**](.md) |  |  [optional]
 
 
 
diff --git a/docs/EventsApi.md b/docs/EventsApi.md
index 6ec3a77..c49692e 100644
--- a/docs/EventsApi.md
+++ b/docs/EventsApi.md
@@ -185,7 +185,7 @@ Configure authentik:
 
 <a id="eventsEventsList"></a>
 # **eventsEventsList**
-> PaginatedEventList eventsEventsList(action, clientIp, contextAuthorizedApp, contextModelApp, contextModelName, contextModelPk, ordering, page, pageSize, search, tenantName, username)
+> PaginatedEventList eventsEventsList(action, brandName, clientIp, contextAuthorizedApp, contextModelApp, contextModelName, contextModelPk, ordering, page, pageSize, search, username)
 
 
 
@@ -199,6 +199,7 @@ Event Read-Only Viewset
 
 val apiInstance = EventsApi()
 val action : kotlin.String = action_example // kotlin.String | 
+val brandName : kotlin.String = brandName_example // kotlin.String | Brand name
 val clientIp : kotlin.String = clientIp_example // kotlin.String | 
 val contextAuthorizedApp : kotlin.String = contextAuthorizedApp_example // kotlin.String | Context Authorized application
 val contextModelApp : kotlin.String = contextModelApp_example // kotlin.String | Context Model App
@@ -208,10 +209,9 @@ val ordering : kotlin.String = ordering_example // kotlin.String | Which field t
 val page : kotlin.Int = 56 // kotlin.Int | A page number within the paginated result set.
 val pageSize : kotlin.Int = 56 // kotlin.Int | Number of results to return per page.
 val search : kotlin.String = search_example // kotlin.String | A search term.
-val tenantName : kotlin.String = tenantName_example // kotlin.String | Tenant name
 val username : kotlin.String = username_example // kotlin.String | Username
 try {
-    val result : PaginatedEventList = apiInstance.eventsEventsList(action, clientIp, contextAuthorizedApp, contextModelApp, contextModelName, contextModelPk, ordering, page, pageSize, search, tenantName, username)
+    val result : PaginatedEventList = apiInstance.eventsEventsList(action, brandName, clientIp, contextAuthorizedApp, contextModelApp, contextModelName, contextModelPk, ordering, page, pageSize, search, username)
     println(result)
 } catch (e: ClientException) {
     println("4xx response calling EventsApi#eventsEventsList")
@@ -227,6 +227,7 @@ try {
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
  **action** | **kotlin.String**|  | [optional]
+ **brandName** | **kotlin.String**| Brand name | [optional]
  **clientIp** | **kotlin.String**|  | [optional]
  **contextAuthorizedApp** | **kotlin.String**| Context Authorized application | [optional]
  **contextModelApp** | **kotlin.String**| Context Model App | [optional]
@@ -236,7 +237,6 @@ Name | Type | Description  | Notes
  **page** | **kotlin.Int**| A page number within the paginated result set. | [optional]
  **pageSize** | **kotlin.Int**| Number of results to return per page. | [optional]
  **search** | **kotlin.String**| A search term. | [optional]
- **tenantName** | **kotlin.String**| Tenant name | [optional]
  **username** | **kotlin.String**| Username | [optional]
 
 ### Return type
@@ -515,7 +515,7 @@ Configure authentik:
 
 <a id="eventsEventsVolumeList"></a>
 # **eventsEventsVolumeList**
-> kotlin.collections.List&lt;Coordinate&gt; eventsEventsVolumeList(action, clientIp, contextAuthorizedApp, contextModelApp, contextModelName, contextModelPk, ordering, search, tenantName, username)
+> kotlin.collections.List&lt;Coordinate&gt; eventsEventsVolumeList(action, brandName, clientIp, contextAuthorizedApp, contextModelApp, contextModelName, contextModelPk, ordering, search, username)
 
 
 
@@ -529,6 +529,7 @@ Get event volume for specified filters and timeframe
 
 val apiInstance = EventsApi()
 val action : kotlin.String = action_example // kotlin.String | 
+val brandName : kotlin.String = brandName_example // kotlin.String | Brand name
 val clientIp : kotlin.String = clientIp_example // kotlin.String | 
 val contextAuthorizedApp : kotlin.String = contextAuthorizedApp_example // kotlin.String | Context Authorized application
 val contextModelApp : kotlin.String = contextModelApp_example // kotlin.String | Context Model App
@@ -536,10 +537,9 @@ val contextModelName : kotlin.String = contextModelName_example // kotlin.String
 val contextModelPk : kotlin.String = contextModelPk_example // kotlin.String | Context Model Primary Key
 val ordering : kotlin.String = ordering_example // kotlin.String | Which field to use when ordering the results.
 val search : kotlin.String = search_example // kotlin.String | A search term.
-val tenantName : kotlin.String = tenantName_example // kotlin.String | Tenant name
 val username : kotlin.String = username_example // kotlin.String | Username
 try {
-    val result : kotlin.collections.List<Coordinate> = apiInstance.eventsEventsVolumeList(action, clientIp, contextAuthorizedApp, contextModelApp, contextModelName, contextModelPk, ordering, search, tenantName, username)
+    val result : kotlin.collections.List<Coordinate> = apiInstance.eventsEventsVolumeList(action, brandName, clientIp, contextAuthorizedApp, contextModelApp, contextModelName, contextModelPk, ordering, search, username)
     println(result)
 } catch (e: ClientException) {
     println("4xx response calling EventsApi#eventsEventsVolumeList")
@@ -555,6 +555,7 @@ try {
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
  **action** | **kotlin.String**|  | [optional]
+ **brandName** | **kotlin.String**| Brand name | [optional]
  **clientIp** | **kotlin.String**|  | [optional]
  **contextAuthorizedApp** | **kotlin.String**| Context Authorized application | [optional]
  **contextModelApp** | **kotlin.String**| Context Model App | [optional]
@@ -562,7 +563,6 @@ Name | Type | Description  | Notes
  **contextModelPk** | **kotlin.String**| Context Model Primary Key | [optional]
  **ordering** | **kotlin.String**| Which field to use when ordering the results. | [optional]
  **search** | **kotlin.String**| A search term. | [optional]
- **tenantName** | **kotlin.String**| Tenant name | [optional]
  **username** | **kotlin.String**| Username | [optional]
 
 ### Return type
diff --git a/docs/ModelEnum.md b/docs/ModelEnum.md
index 585a0f7..fa8c585 100644
--- a/docs/ModelEnum.md
+++ b/docs/ModelEnum.md
@@ -4,6 +4,8 @@
 ## Enum
 
 
+    * `tenantsPeriodDomain` (value: `"authentik_tenants.domain"`)
+
     * `cryptoPeriodCertificatekeypair` (value: `"authentik_crypto.certificatekeypair"`)
 
     * `eventsPeriodEvent` (value: `"authentik_events.event"`)
@@ -138,7 +140,7 @@
 
     * `stagesUserWritePeriodUserwritestage` (value: `"authentik_stages_user_write.userwritestage"`)
 
-    * `tenantsPeriodTenant` (value: `"authentik_tenants.tenant"`)
+    * `brandsPeriodBrand` (value: `"authentik_brands.brand"`)
 
     * `blueprintsPeriodBlueprintinstance` (value: `"authentik_blueprints.blueprintinstance"`)
 
diff --git a/docs/PaginatedBrandList.md b/docs/PaginatedBrandList.md
new file mode 100644
index 0000000..56a8d31
--- /dev/null
+++ b/docs/PaginatedBrandList.md
@@ -0,0 +1,11 @@
+
+# PaginatedBrandList
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**pagination** | [**Pagination**](Pagination.md) |  | 
+**results** | [**kotlin.collections.List&lt;Brand&gt;**](Brand.md) |  | 
+
+
+
diff --git a/docs/PaginatedDomainList.md b/docs/PaginatedDomainList.md
new file mode 100644
index 0000000..c0f3f9b
--- /dev/null
+++ b/docs/PaginatedDomainList.md
@@ -0,0 +1,11 @@
+
+# PaginatedDomainList
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**pagination** | [**Pagination**](Pagination.md) |  | 
+**results** | [**kotlin.collections.List&lt;Domain&gt;**](Domain.md) |  | 
+
+
+
diff --git a/docs/PatchedBrandRequest.md b/docs/PatchedBrandRequest.md
new file mode 100644
index 0000000..380149b
--- /dev/null
+++ b/docs/PatchedBrandRequest.md
@@ -0,0 +1,22 @@
+
+# PatchedBrandRequest
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**domain** | **kotlin.String** | Domain that activates this brand. Can be a superset, i.e. &#x60;a.b&#x60; for &#x60;aa.b&#x60; and &#x60;ba.b&#x60; |  [optional]
+**default** | **kotlin.Boolean** |  |  [optional]
+**brandingTitle** | **kotlin.String** |  |  [optional]
+**brandingLogo** | **kotlin.String** |  |  [optional]
+**brandingFavicon** | **kotlin.String** |  |  [optional]
+**flowAuthentication** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowInvalidation** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowRecovery** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowUnenrollment** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowUserSettings** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**flowDeviceCode** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+**webCertificate** | [**java.util.UUID**](java.util.UUID.md) | Web Certificate used by the authentik Core webserver. |  [optional]
+**attributes** | [**kotlin.Any**](.md) |  |  [optional]
+
+
+
diff --git a/docs/PatchedDomainRequest.md b/docs/PatchedDomainRequest.md
new file mode 100644
index 0000000..a10b65a
--- /dev/null
+++ b/docs/PatchedDomainRequest.md
@@ -0,0 +1,12 @@
+
+# PatchedDomainRequest
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**domain** | **kotlin.String** |  |  [optional]
+**isPrimary** | **kotlin.Boolean** |  |  [optional]
+**tenant** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
+
+
+
diff --git a/docs/PatchedEventRequest.md b/docs/PatchedEventRequest.md
index 3e5b752..faf3b7e 100644
--- a/docs/PatchedEventRequest.md
+++ b/docs/PatchedEventRequest.md
@@ -10,7 +10,7 @@ Name | Type | Description | Notes
 **context** | [**kotlin.Any**](.md) |  |  [optional]
 **clientIp** | **kotlin.String** |  |  [optional]
 **expires** | [**java.time.OffsetDateTime**](java.time.OffsetDateTime.md) |  |  [optional]
-**tenant** | [**kotlin.Any**](.md) |  |  [optional]
+**brand** | [**kotlin.Any**](.md) |  |  [optional]
 
 
 
diff --git a/docs/PatchedSettingsRequest.md b/docs/PatchedSettingsRequest.md
new file mode 100644
index 0000000..d87b3a2
--- /dev/null
+++ b/docs/PatchedSettingsRequest.md
@@ -0,0 +1,17 @@
+
+# PatchedSettingsRequest
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**avatars** | **kotlin.String** | Configure how authentik should show avatars for users. |  [optional]
+**defaultUserChangeName** | **kotlin.Boolean** | Enable the ability for users to change their name. |  [optional]
+**defaultUserChangeEmail** | **kotlin.Boolean** | Enable the ability for users to change their email address. |  [optional]
+**defaultUserChangeUsername** | **kotlin.Boolean** | Enable the ability for users to change their username. |  [optional]
+**eventRetention** | **kotlin.String** | Events will be deleted after this duration.(Format: weeks&#x3D;3;days&#x3D;2;hours&#x3D;3,seconds&#x3D;2). |  [optional]
+**footerLinks** | [**kotlin.Any**](.md) | The option configures the footer links on the flow executor pages. |  [optional]
+**gdprCompliance** | **kotlin.Boolean** | When enabled, all the events caused by a user will be deleted upon the user&#39;s deletion. |  [optional]
+**impersonation** | **kotlin.Boolean** | Globally enable/disable impersonation. |  [optional]
+
+
+
diff --git a/docs/PatchedTenantRequest.md b/docs/PatchedTenantRequest.md
index 9b407d0..d817bc1 100644
--- a/docs/PatchedTenantRequest.md
+++ b/docs/PatchedTenantRequest.md
@@ -4,20 +4,9 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**domain** | **kotlin.String** | Domain that activates this tenant. Can be a superset, i.e. &#x60;a.b&#x60; for &#x60;aa.b&#x60; and &#x60;ba.b&#x60; |  [optional]
-**default** | **kotlin.Boolean** |  |  [optional]
-**brandingTitle** | **kotlin.String** |  |  [optional]
-**brandingLogo** | **kotlin.String** |  |  [optional]
-**brandingFavicon** | **kotlin.String** |  |  [optional]
-**flowAuthentication** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowInvalidation** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowRecovery** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowUnenrollment** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowUserSettings** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowDeviceCode** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**eventRetention** | **kotlin.String** | Events will be deleted after this duration.(Format: weeks&#x3D;3;days&#x3D;2;hours&#x3D;3,seconds&#x3D;2). |  [optional]
-**webCertificate** | [**java.util.UUID**](java.util.UUID.md) | Web Certificate used by the authentik Core webserver. |  [optional]
-**attributes** | [**kotlin.Any**](.md) |  |  [optional]
+**schemaName** | **kotlin.String** |  |  [optional]
+**name** | **kotlin.String** |  |  [optional]
+**ready** | **kotlin.Boolean** |  |  [optional]
 
 
 
diff --git a/docs/RbacApi.md b/docs/RbacApi.md
index c45e8a3..d975dad 100644
--- a/docs/RbacApi.md
+++ b/docs/RbacApi.md
@@ -89,7 +89,7 @@ Get assigned object permissions for a single object
 //import io.goauthentik.api.models.*
 
 val apiInstance = RbacApi()
-val model : kotlin.String = model_example // kotlin.String | * `authentik_crypto.certificatekeypair` - Certificate-Key Pair * `authentik_events.event` - Event * `authentik_events.notificationtransport` - Notification Transport * `authentik_events.notification` - Notification * `authentik_events.notificationrule` - Notification Rule * `authentik_events.notificationwebhookmapping` - Webhook Mapping * `authentik_flows.flow` - Flow * `authentik_flows.flowstagebinding` - Flow Stage Binding * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection * `authentik_outposts.outpost` - Outpost * `authentik_policies_dummy.dummypolicy` - Dummy Policy * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy * `authentik_policies_expression.expressionpolicy` - Expression Policy * `authentik_policies_password.passwordpolicy` - Password Policy * `authentik_policies_reputation.reputationpolicy` - Reputation Policy * `authentik_policies_reputation.reputation` - Reputation Score * `authentik_policies.policybinding` - Policy Binding * `authentik_providers_ldap.ldapprovider` - LDAP Provider * `authentik_providers_oauth2.scopemapping` - Scope Mapping * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider * `authentik_providers_oauth2.authorizationcode` - Authorization Code * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token * `authentik_providers_proxy.proxyprovider` - Proxy Provider * `authentik_providers_radius.radiusprovider` - Radius Provider * `authentik_providers_saml.samlprovider` - SAML Provider * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping * `authentik_providers_scim.scimprovider` - SCIM Provider * `authentik_providers_scim.scimmapping` - SCIM Mapping * `authentik_rbac.role` - Role * `authentik_sources_ldap.ldapsource` - LDAP Source * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping * `authentik_sources_oauth.oauthsource` - OAuth Source * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection * `authentik_sources_plex.plexsource` - Plex Source * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection * `authentik_sources_saml.samlsource` - SAML Source * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage * `authentik_stages_authenticator_duo.duodevice` - Duo Device * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage * `authentik_stages_authenticator_sms.smsdevice` - SMS Device * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage * `authentik_stages_authenticator_static.staticdevice` - Static Device * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device * `authentik_stages_captcha.captchastage` - Captcha Stage * `authentik_stages_consent.consentstage` - Consent Stage * `authentik_stages_consent.userconsent` - User Consent * `authentik_stages_deny.denystage` - Deny Stage * `authentik_stages_dummy.dummystage` - Dummy Stage * `authentik_stages_email.emailstage` - Email Stage * `authentik_stages_identification.identificationstage` - Identification Stage * `authentik_stages_invitation.invitationstage` - Invitation Stage * `authentik_stages_invitation.invitation` - Invitation * `authentik_stages_password.passwordstage` - Password Stage * `authentik_stages_prompt.prompt` - Prompt * `authentik_stages_prompt.promptstage` - Prompt Stage * `authentik_stages_user_delete.userdeletestage` - User Delete Stage * `authentik_stages_user_login.userloginstage` - User Login Stage * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage * `authentik_stages_user_write.userwritestage` - User Write Stage * `authentik_tenants.tenant` - Tenant * `authentik_blueprints.blueprintinstance` - Blueprint Instance * `authentik_core.group` - Group * `authentik_core.user` - User * `authentik_core.application` - Application * `authentik_core.token` - Token * `authentik_enterprise.license` - License * `authentik_providers_rac.racprovider` - RAC Provider * `authentik_providers_rac.endpoint` - RAC Endpoint * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
+val model : kotlin.String = model_example // kotlin.String | * `authentik_tenants.domain` - Domain * `authentik_crypto.certificatekeypair` - Certificate-Key Pair * `authentik_events.event` - Event * `authentik_events.notificationtransport` - Notification Transport * `authentik_events.notification` - Notification * `authentik_events.notificationrule` - Notification Rule * `authentik_events.notificationwebhookmapping` - Webhook Mapping * `authentik_flows.flow` - Flow * `authentik_flows.flowstagebinding` - Flow Stage Binding * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection * `authentik_outposts.outpost` - Outpost * `authentik_policies_dummy.dummypolicy` - Dummy Policy * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy * `authentik_policies_expression.expressionpolicy` - Expression Policy * `authentik_policies_password.passwordpolicy` - Password Policy * `authentik_policies_reputation.reputationpolicy` - Reputation Policy * `authentik_policies_reputation.reputation` - Reputation Score * `authentik_policies.policybinding` - Policy Binding * `authentik_providers_ldap.ldapprovider` - LDAP Provider * `authentik_providers_oauth2.scopemapping` - Scope Mapping * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider * `authentik_providers_oauth2.authorizationcode` - Authorization Code * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token * `authentik_providers_proxy.proxyprovider` - Proxy Provider * `authentik_providers_radius.radiusprovider` - Radius Provider * `authentik_providers_saml.samlprovider` - SAML Provider * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping * `authentik_providers_scim.scimprovider` - SCIM Provider * `authentik_providers_scim.scimmapping` - SCIM Mapping * `authentik_rbac.role` - Role * `authentik_sources_ldap.ldapsource` - LDAP Source * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping * `authentik_sources_oauth.oauthsource` - OAuth Source * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection * `authentik_sources_plex.plexsource` - Plex Source * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection * `authentik_sources_saml.samlsource` - SAML Source * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage * `authentik_stages_authenticator_duo.duodevice` - Duo Device * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage * `authentik_stages_authenticator_sms.smsdevice` - SMS Device * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage * `authentik_stages_authenticator_static.staticdevice` - Static Device * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device * `authentik_stages_captcha.captchastage` - Captcha Stage * `authentik_stages_consent.consentstage` - Consent Stage * `authentik_stages_consent.userconsent` - User Consent * `authentik_stages_deny.denystage` - Deny Stage * `authentik_stages_dummy.dummystage` - Dummy Stage * `authentik_stages_email.emailstage` - Email Stage * `authentik_stages_identification.identificationstage` - Identification Stage * `authentik_stages_invitation.invitationstage` - Invitation Stage * `authentik_stages_invitation.invitation` - Invitation * `authentik_stages_password.passwordstage` - Password Stage * `authentik_stages_prompt.prompt` - Prompt * `authentik_stages_prompt.promptstage` - Prompt Stage * `authentik_stages_user_delete.userdeletestage` - User Delete Stage * `authentik_stages_user_login.userloginstage` - User Login Stage * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage * `authentik_stages_user_write.userwritestage` - User Write Stage * `authentik_brands.brand` - Brand * `authentik_blueprints.blueprintinstance` - Blueprint Instance * `authentik_core.group` - Group * `authentik_core.user` - User * `authentik_core.application` - Application * `authentik_core.token` - Token * `authentik_enterprise.license` - License * `authentik_providers_rac.racprovider` - RAC Provider * `authentik_providers_rac.endpoint` - RAC Endpoint * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
 val objectPk : kotlin.String = objectPk_example // kotlin.String | 
 val ordering : kotlin.String = ordering_example // kotlin.String | Which field to use when ordering the results.
 val page : kotlin.Int = 56 // kotlin.Int | A page number within the paginated result set.
@@ -111,7 +111,7 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **model** | **kotlin.String**| * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_tenants.tenant&#x60; - Tenant * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping | [enum: authentik_blueprints.blueprintinstance, authentik_core.application, authentik_core.group, authentik_core.token, authentik_core.user, authentik_crypto.certificatekeypair, authentik_enterprise.license, authentik_events.event, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationtransport, authentik_events.notificationwebhookmapping, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies.policybinding, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputation, authentik_policies_reputation.reputationpolicy, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.accesstoken, authentik_providers_oauth2.authorizationcode, authentik_providers_oauth2.oauth2provider, authentik_providers_oauth2.refreshtoken, authentik_providers_oauth2.scopemapping, authentik_providers_proxy.proxyprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_providers_rac.racprovider, authentik_providers_radius.radiusprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_scim.scimmapping, authentik_providers_scim.scimprovider, authentik_rbac.role, authentik_sources_ldap.ldappropertymapping, authentik_sources_ldap.ldapsource, authentik_sources_oauth.oauthsource, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.usersamlsourceconnection, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatewebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitation, authentik_stages_invitation.invitationstage, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_tenants.tenant]
+ **model** | **kotlin.String**| * &#x60;authentik_tenants.domain&#x60; - Domain * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_brands.brand&#x60; - Brand * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping | [enum: authentik_blueprints.blueprintinstance, authentik_brands.brand, authentik_core.application, authentik_core.group, authentik_core.token, authentik_core.user, authentik_crypto.certificatekeypair, authentik_enterprise.license, authentik_events.event, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationtransport, authentik_events.notificationwebhookmapping, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies.policybinding, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputation, authentik_policies_reputation.reputationpolicy, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.accesstoken, authentik_providers_oauth2.authorizationcode, authentik_providers_oauth2.oauth2provider, authentik_providers_oauth2.refreshtoken, authentik_providers_oauth2.scopemapping, authentik_providers_proxy.proxyprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_providers_rac.racprovider, authentik_providers_radius.radiusprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_scim.scimmapping, authentik_providers_scim.scimprovider, authentik_rbac.role, authentik_sources_ldap.ldappropertymapping, authentik_sources_ldap.ldapsource, authentik_sources_oauth.oauthsource, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.usersamlsourceconnection, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatewebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitation, authentik_stages_invitation.invitationstage, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_tenants.domain]
  **objectPk** | **kotlin.String**|  | [optional]
  **ordering** | **kotlin.String**| Which field to use when ordering the results. | [optional]
  **page** | **kotlin.Int**| A page number within the paginated result set. | [optional]
@@ -251,7 +251,7 @@ Get assigned object permissions for a single object
 //import io.goauthentik.api.models.*
 
 val apiInstance = RbacApi()
-val model : kotlin.String = model_example // kotlin.String | * `authentik_crypto.certificatekeypair` - Certificate-Key Pair * `authentik_events.event` - Event * `authentik_events.notificationtransport` - Notification Transport * `authentik_events.notification` - Notification * `authentik_events.notificationrule` - Notification Rule * `authentik_events.notificationwebhookmapping` - Webhook Mapping * `authentik_flows.flow` - Flow * `authentik_flows.flowstagebinding` - Flow Stage Binding * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection * `authentik_outposts.outpost` - Outpost * `authentik_policies_dummy.dummypolicy` - Dummy Policy * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy * `authentik_policies_expression.expressionpolicy` - Expression Policy * `authentik_policies_password.passwordpolicy` - Password Policy * `authentik_policies_reputation.reputationpolicy` - Reputation Policy * `authentik_policies_reputation.reputation` - Reputation Score * `authentik_policies.policybinding` - Policy Binding * `authentik_providers_ldap.ldapprovider` - LDAP Provider * `authentik_providers_oauth2.scopemapping` - Scope Mapping * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider * `authentik_providers_oauth2.authorizationcode` - Authorization Code * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token * `authentik_providers_proxy.proxyprovider` - Proxy Provider * `authentik_providers_radius.radiusprovider` - Radius Provider * `authentik_providers_saml.samlprovider` - SAML Provider * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping * `authentik_providers_scim.scimprovider` - SCIM Provider * `authentik_providers_scim.scimmapping` - SCIM Mapping * `authentik_rbac.role` - Role * `authentik_sources_ldap.ldapsource` - LDAP Source * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping * `authentik_sources_oauth.oauthsource` - OAuth Source * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection * `authentik_sources_plex.plexsource` - Plex Source * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection * `authentik_sources_saml.samlsource` - SAML Source * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage * `authentik_stages_authenticator_duo.duodevice` - Duo Device * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage * `authentik_stages_authenticator_sms.smsdevice` - SMS Device * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage * `authentik_stages_authenticator_static.staticdevice` - Static Device * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device * `authentik_stages_captcha.captchastage` - Captcha Stage * `authentik_stages_consent.consentstage` - Consent Stage * `authentik_stages_consent.userconsent` - User Consent * `authentik_stages_deny.denystage` - Deny Stage * `authentik_stages_dummy.dummystage` - Dummy Stage * `authentik_stages_email.emailstage` - Email Stage * `authentik_stages_identification.identificationstage` - Identification Stage * `authentik_stages_invitation.invitationstage` - Invitation Stage * `authentik_stages_invitation.invitation` - Invitation * `authentik_stages_password.passwordstage` - Password Stage * `authentik_stages_prompt.prompt` - Prompt * `authentik_stages_prompt.promptstage` - Prompt Stage * `authentik_stages_user_delete.userdeletestage` - User Delete Stage * `authentik_stages_user_login.userloginstage` - User Login Stage * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage * `authentik_stages_user_write.userwritestage` - User Write Stage * `authentik_tenants.tenant` - Tenant * `authentik_blueprints.blueprintinstance` - Blueprint Instance * `authentik_core.group` - Group * `authentik_core.user` - User * `authentik_core.application` - Application * `authentik_core.token` - Token * `authentik_enterprise.license` - License * `authentik_providers_rac.racprovider` - RAC Provider * `authentik_providers_rac.endpoint` - RAC Endpoint * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
+val model : kotlin.String = model_example // kotlin.String | * `authentik_tenants.domain` - Domain * `authentik_crypto.certificatekeypair` - Certificate-Key Pair * `authentik_events.event` - Event * `authentik_events.notificationtransport` - Notification Transport * `authentik_events.notification` - Notification * `authentik_events.notificationrule` - Notification Rule * `authentik_events.notificationwebhookmapping` - Webhook Mapping * `authentik_flows.flow` - Flow * `authentik_flows.flowstagebinding` - Flow Stage Binding * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection * `authentik_outposts.outpost` - Outpost * `authentik_policies_dummy.dummypolicy` - Dummy Policy * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy * `authentik_policies_expression.expressionpolicy` - Expression Policy * `authentik_policies_password.passwordpolicy` - Password Policy * `authentik_policies_reputation.reputationpolicy` - Reputation Policy * `authentik_policies_reputation.reputation` - Reputation Score * `authentik_policies.policybinding` - Policy Binding * `authentik_providers_ldap.ldapprovider` - LDAP Provider * `authentik_providers_oauth2.scopemapping` - Scope Mapping * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider * `authentik_providers_oauth2.authorizationcode` - Authorization Code * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token * `authentik_providers_proxy.proxyprovider` - Proxy Provider * `authentik_providers_radius.radiusprovider` - Radius Provider * `authentik_providers_saml.samlprovider` - SAML Provider * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping * `authentik_providers_scim.scimprovider` - SCIM Provider * `authentik_providers_scim.scimmapping` - SCIM Mapping * `authentik_rbac.role` - Role * `authentik_sources_ldap.ldapsource` - LDAP Source * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping * `authentik_sources_oauth.oauthsource` - OAuth Source * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection * `authentik_sources_plex.plexsource` - Plex Source * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection * `authentik_sources_saml.samlsource` - SAML Source * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage * `authentik_stages_authenticator_duo.duodevice` - Duo Device * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage * `authentik_stages_authenticator_sms.smsdevice` - SMS Device * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage * `authentik_stages_authenticator_static.staticdevice` - Static Device * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device * `authentik_stages_captcha.captchastage` - Captcha Stage * `authentik_stages_consent.consentstage` - Consent Stage * `authentik_stages_consent.userconsent` - User Consent * `authentik_stages_deny.denystage` - Deny Stage * `authentik_stages_dummy.dummystage` - Dummy Stage * `authentik_stages_email.emailstage` - Email Stage * `authentik_stages_identification.identificationstage` - Identification Stage * `authentik_stages_invitation.invitationstage` - Invitation Stage * `authentik_stages_invitation.invitation` - Invitation * `authentik_stages_password.passwordstage` - Password Stage * `authentik_stages_prompt.prompt` - Prompt * `authentik_stages_prompt.promptstage` - Prompt Stage * `authentik_stages_user_delete.userdeletestage` - User Delete Stage * `authentik_stages_user_login.userloginstage` - User Login Stage * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage * `authentik_stages_user_write.userwritestage` - User Write Stage * `authentik_brands.brand` - Brand * `authentik_blueprints.blueprintinstance` - Blueprint Instance * `authentik_core.group` - Group * `authentik_core.user` - User * `authentik_core.application` - Application * `authentik_core.token` - Token * `authentik_enterprise.license` - License * `authentik_providers_rac.racprovider` - RAC Provider * `authentik_providers_rac.endpoint` - RAC Endpoint * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
 val objectPk : kotlin.String = objectPk_example // kotlin.String | 
 val ordering : kotlin.String = ordering_example // kotlin.String | Which field to use when ordering the results.
 val page : kotlin.Int = 56 // kotlin.Int | A page number within the paginated result set.
@@ -273,7 +273,7 @@ try {
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **model** | **kotlin.String**| * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_tenants.tenant&#x60; - Tenant * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping | [enum: authentik_blueprints.blueprintinstance, authentik_core.application, authentik_core.group, authentik_core.token, authentik_core.user, authentik_crypto.certificatekeypair, authentik_enterprise.license, authentik_events.event, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationtransport, authentik_events.notificationwebhookmapping, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies.policybinding, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputation, authentik_policies_reputation.reputationpolicy, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.accesstoken, authentik_providers_oauth2.authorizationcode, authentik_providers_oauth2.oauth2provider, authentik_providers_oauth2.refreshtoken, authentik_providers_oauth2.scopemapping, authentik_providers_proxy.proxyprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_providers_rac.racprovider, authentik_providers_radius.radiusprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_scim.scimmapping, authentik_providers_scim.scimprovider, authentik_rbac.role, authentik_sources_ldap.ldappropertymapping, authentik_sources_ldap.ldapsource, authentik_sources_oauth.oauthsource, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.usersamlsourceconnection, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatewebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitation, authentik_stages_invitation.invitationstage, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_tenants.tenant]
+ **model** | **kotlin.String**| * &#x60;authentik_tenants.domain&#x60; - Domain * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_brands.brand&#x60; - Brand * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping | [enum: authentik_blueprints.blueprintinstance, authentik_brands.brand, authentik_core.application, authentik_core.group, authentik_core.token, authentik_core.user, authentik_crypto.certificatekeypair, authentik_enterprise.license, authentik_events.event, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationtransport, authentik_events.notificationwebhookmapping, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies.policybinding, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputation, authentik_policies_reputation.reputationpolicy, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.accesstoken, authentik_providers_oauth2.authorizationcode, authentik_providers_oauth2.oauth2provider, authentik_providers_oauth2.refreshtoken, authentik_providers_oauth2.scopemapping, authentik_providers_proxy.proxyprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_providers_rac.racprovider, authentik_providers_radius.radiusprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_scim.scimmapping, authentik_providers_scim.scimprovider, authentik_rbac.role, authentik_sources_ldap.ldappropertymapping, authentik_sources_ldap.ldapsource, authentik_sources_oauth.oauthsource, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.usersamlsourceconnection, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatewebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitation, authentik_stages_invitation.invitationstage, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_tenants.domain]
  **objectPk** | **kotlin.String**|  | [optional]
  **ordering** | **kotlin.String**| Which field to use when ordering the results. | [optional]
  **page** | **kotlin.Int**| A page number within the paginated result set. | [optional]
diff --git a/docs/Settings.md b/docs/Settings.md
new file mode 100644
index 0000000..943f25d
--- /dev/null
+++ b/docs/Settings.md
@@ -0,0 +1,17 @@
+
+# Settings
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**avatars** | **kotlin.String** | Configure how authentik should show avatars for users. |  [optional]
+**defaultUserChangeName** | **kotlin.Boolean** | Enable the ability for users to change their name. |  [optional]
+**defaultUserChangeEmail** | **kotlin.Boolean** | Enable the ability for users to change their email address. |  [optional]
+**defaultUserChangeUsername** | **kotlin.Boolean** | Enable the ability for users to change their username. |  [optional]
+**eventRetention** | **kotlin.String** | Events will be deleted after this duration.(Format: weeks&#x3D;3;days&#x3D;2;hours&#x3D;3,seconds&#x3D;2). |  [optional]
+**footerLinks** | [**kotlin.Any**](.md) | The option configures the footer links on the flow executor pages. |  [optional]
+**gdprCompliance** | **kotlin.Boolean** | When enabled, all the events caused by a user will be deleted upon the user&#39;s deletion. |  [optional]
+**impersonation** | **kotlin.Boolean** | Globally enable/disable impersonation. |  [optional]
+
+
+
diff --git a/docs/SettingsRequest.md b/docs/SettingsRequest.md
new file mode 100644
index 0000000..e185ebe
--- /dev/null
+++ b/docs/SettingsRequest.md
@@ -0,0 +1,17 @@
+
+# SettingsRequest
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**avatars** | **kotlin.String** | Configure how authentik should show avatars for users. |  [optional]
+**defaultUserChangeName** | **kotlin.Boolean** | Enable the ability for users to change their name. |  [optional]
+**defaultUserChangeEmail** | **kotlin.Boolean** | Enable the ability for users to change their email address. |  [optional]
+**defaultUserChangeUsername** | **kotlin.Boolean** | Enable the ability for users to change their username. |  [optional]
+**eventRetention** | **kotlin.String** | Events will be deleted after this duration.(Format: weeks&#x3D;3;days&#x3D;2;hours&#x3D;3,seconds&#x3D;2). |  [optional]
+**footerLinks** | [**kotlin.Any**](.md) | The option configures the footer links on the flow executor pages. |  [optional]
+**gdprCompliance** | **kotlin.Boolean** | When enabled, all the events caused by a user will be deleted upon the user&#39;s deletion. |  [optional]
+**impersonation** | **kotlin.Boolean** | Globally enable/disable impersonation. |  [optional]
+
+
+
diff --git a/docs/SystemInfo.md b/docs/SystemInfo.md
index 143eb48..7f612e1 100644
--- a/docs/SystemInfo.md
+++ b/docs/SystemInfo.md
@@ -8,8 +8,9 @@ Name | Type | Description | Notes
 **httpHost** | **kotlin.String** | Get HTTP host |  [readonly]
 **httpIsSecure** | **kotlin.Boolean** | Get HTTP Secure flag |  [readonly]
 **runtime** | [**SystemInfoRuntime**](SystemInfoRuntime.md) |  | 
-**tenant** | **kotlin.String** | Currently active tenant |  [readonly]
+**brand** | **kotlin.String** | Currently active brand |  [readonly]
 **serverTime** | [**java.time.OffsetDateTime**](java.time.OffsetDateTime.md) | Current server time |  [readonly]
+**embeddedOutpostDisabled** | **kotlin.Boolean** | Whether the embedded outpost is disabled |  [readonly]
 **embeddedOutpostHost** | **kotlin.String** | Get the FQDN configured on the embedded outpost |  [readonly]
 
 
diff --git a/docs/Tenant.md b/docs/Tenant.md
index f7471fc..4f7f3d6 100644
--- a/docs/Tenant.md
+++ b/docs/Tenant.md
@@ -5,20 +5,9 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **tenantUuid** | [**java.util.UUID**](java.util.UUID.md) |  |  [readonly]
-**domain** | **kotlin.String** | Domain that activates this tenant. Can be a superset, i.e. &#x60;a.b&#x60; for &#x60;aa.b&#x60; and &#x60;ba.b&#x60; | 
-**default** | **kotlin.Boolean** |  |  [optional]
-**brandingTitle** | **kotlin.String** |  |  [optional]
-**brandingLogo** | **kotlin.String** |  |  [optional]
-**brandingFavicon** | **kotlin.String** |  |  [optional]
-**flowAuthentication** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowInvalidation** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowRecovery** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowUnenrollment** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowUserSettings** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowDeviceCode** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**eventRetention** | **kotlin.String** | Events will be deleted after this duration.(Format: weeks&#x3D;3;days&#x3D;2;hours&#x3D;3,seconds&#x3D;2). |  [optional]
-**webCertificate** | [**java.util.UUID**](java.util.UUID.md) | Web Certificate used by the authentik Core webserver. |  [optional]
-**attributes** | [**kotlin.Any**](.md) |  |  [optional]
+**schemaName** | **kotlin.String** |  | 
+**name** | **kotlin.String** |  | 
+**ready** | **kotlin.Boolean** |  |  [optional]
 
 
 
diff --git a/docs/TenantAdminGroupRequestRequest.md b/docs/TenantAdminGroupRequestRequest.md
new file mode 100644
index 0000000..666c2de
--- /dev/null
+++ b/docs/TenantAdminGroupRequestRequest.md
@@ -0,0 +1,10 @@
+
+# TenantAdminGroupRequestRequest
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**user** | **kotlin.String** |  | 
+
+
+
diff --git a/docs/TenantRecoveryKeyRequestRequest.md b/docs/TenantRecoveryKeyRequestRequest.md
new file mode 100644
index 0000000..078058a
--- /dev/null
+++ b/docs/TenantRecoveryKeyRequestRequest.md
@@ -0,0 +1,11 @@
+
+# TenantRecoveryKeyRequestRequest
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**user** | **kotlin.String** |  | 
+**durationDays** | **kotlin.Int** |  | 
+
+
+
diff --git a/docs/TenantRecoveryKeyResponse.md b/docs/TenantRecoveryKeyResponse.md
new file mode 100644
index 0000000..a77e5e0
--- /dev/null
+++ b/docs/TenantRecoveryKeyResponse.md
@@ -0,0 +1,11 @@
+
+# TenantRecoveryKeyResponse
+
+## Properties
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**expiry** | [**java.time.OffsetDateTime**](java.time.OffsetDateTime.md) |  | 
+**url** | **kotlin.String** |  | 
+
+
+
diff --git a/docs/TenantRequest.md b/docs/TenantRequest.md
index c5eb25d..e9a8741 100644
--- a/docs/TenantRequest.md
+++ b/docs/TenantRequest.md
@@ -4,20 +4,9 @@
 ## Properties
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**domain** | **kotlin.String** | Domain that activates this tenant. Can be a superset, i.e. &#x60;a.b&#x60; for &#x60;aa.b&#x60; and &#x60;ba.b&#x60; | 
-**default** | **kotlin.Boolean** |  |  [optional]
-**brandingTitle** | **kotlin.String** |  |  [optional]
-**brandingLogo** | **kotlin.String** |  |  [optional]
-**brandingFavicon** | **kotlin.String** |  |  [optional]
-**flowAuthentication** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowInvalidation** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowRecovery** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowUnenrollment** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowUserSettings** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**flowDeviceCode** | [**java.util.UUID**](java.util.UUID.md) |  |  [optional]
-**eventRetention** | **kotlin.String** | Events will be deleted after this duration.(Format: weeks&#x3D;3;days&#x3D;2;hours&#x3D;3,seconds&#x3D;2). |  [optional]
-**webCertificate** | [**java.util.UUID**](java.util.UUID.md) | Web Certificate used by the authentik Core webserver. |  [optional]
-**attributes** | [**kotlin.Any**](.md) |  |  [optional]
+**schemaName** | **kotlin.String** |  | 
+**name** | **kotlin.String** |  | 
+**ready** | **kotlin.Boolean** |  |  [optional]
 
 
 
diff --git a/docs/TenantsApi.md b/docs/TenantsApi.md
new file mode 100644
index 0000000..159a06c
--- /dev/null
+++ b/docs/TenantsApi.md
@@ -0,0 +1,701 @@
+# TenantsApi
+
+All URIs are relative to *http://localhost/api/v3*
+
+Method | HTTP request | Description
+------------- | ------------- | -------------
+[**tenantsDomainsCreate**](TenantsApi.md#tenantsDomainsCreate) | **POST** /tenants/domains/ | 
+[**tenantsDomainsDestroy**](TenantsApi.md#tenantsDomainsDestroy) | **DELETE** /tenants/domains/{id}/ | 
+[**tenantsDomainsList**](TenantsApi.md#tenantsDomainsList) | **GET** /tenants/domains/ | 
+[**tenantsDomainsPartialUpdate**](TenantsApi.md#tenantsDomainsPartialUpdate) | **PATCH** /tenants/domains/{id}/ | 
+[**tenantsDomainsRetrieve**](TenantsApi.md#tenantsDomainsRetrieve) | **GET** /tenants/domains/{id}/ | 
+[**tenantsDomainsUpdate**](TenantsApi.md#tenantsDomainsUpdate) | **PUT** /tenants/domains/{id}/ | 
+[**tenantsTenantsCreate**](TenantsApi.md#tenantsTenantsCreate) | **POST** /tenants/tenants/ | 
+[**tenantsTenantsCreateAdminGroupCreate**](TenantsApi.md#tenantsTenantsCreateAdminGroupCreate) | **POST** /tenants/tenants/{tenant_uuid}/create_admin_group/ | 
+[**tenantsTenantsCreateRecoveryKeyCreate**](TenantsApi.md#tenantsTenantsCreateRecoveryKeyCreate) | **POST** /tenants/tenants/{tenant_uuid}/create_recovery_key/ | 
+[**tenantsTenantsDestroy**](TenantsApi.md#tenantsTenantsDestroy) | **DELETE** /tenants/tenants/{tenant_uuid}/ | 
+[**tenantsTenantsList**](TenantsApi.md#tenantsTenantsList) | **GET** /tenants/tenants/ | 
+[**tenantsTenantsPartialUpdate**](TenantsApi.md#tenantsTenantsPartialUpdate) | **PATCH** /tenants/tenants/{tenant_uuid}/ | 
+[**tenantsTenantsRetrieve**](TenantsApi.md#tenantsTenantsRetrieve) | **GET** /tenants/tenants/{tenant_uuid}/ | 
+[**tenantsTenantsUpdate**](TenantsApi.md#tenantsTenantsUpdate) | **PUT** /tenants/tenants/{tenant_uuid}/ | 
+
+
+<a id="tenantsDomainsCreate"></a>
+# **tenantsDomainsCreate**
+> Domain tenantsDomainsCreate(domainRequest)
+
+
+
+Domain ViewSet
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val domainRequest : DomainRequest =  // DomainRequest | 
+try {
+    val result : Domain = apiInstance.tenantsDomainsCreate(domainRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsDomainsCreate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsDomainsCreate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **domainRequest** | [**DomainRequest**](DomainRequest.md)|  |
+
+### Return type
+
+[**Domain**](Domain.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
+<a id="tenantsDomainsDestroy"></a>
+# **tenantsDomainsDestroy**
+> tenantsDomainsDestroy(id)
+
+
+
+Domain ViewSet
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val id : kotlin.Int = 56 // kotlin.Int | A unique integer value identifying this Domain.
+try {
+    apiInstance.tenantsDomainsDestroy(id)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsDomainsDestroy")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsDomainsDestroy")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **id** | **kotlin.Int**| A unique integer value identifying this Domain. |
+
+### Return type
+
+null (empty response body)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+<a id="tenantsDomainsList"></a>
+# **tenantsDomainsList**
+> PaginatedDomainList tenantsDomainsList(ordering, page, pageSize, search)
+
+
+
+Domain ViewSet
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val ordering : kotlin.String = ordering_example // kotlin.String | Which field to use when ordering the results.
+val page : kotlin.Int = 56 // kotlin.Int | A page number within the paginated result set.
+val pageSize : kotlin.Int = 56 // kotlin.Int | Number of results to return per page.
+val search : kotlin.String = search_example // kotlin.String | A search term.
+try {
+    val result : PaginatedDomainList = apiInstance.tenantsDomainsList(ordering, page, pageSize, search)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsDomainsList")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsDomainsList")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **ordering** | **kotlin.String**| Which field to use when ordering the results. | [optional]
+ **page** | **kotlin.Int**| A page number within the paginated result set. | [optional]
+ **pageSize** | **kotlin.Int**| Number of results to return per page. | [optional]
+ **search** | **kotlin.String**| A search term. | [optional]
+
+### Return type
+
+[**PaginatedDomainList**](PaginatedDomainList.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+<a id="tenantsDomainsPartialUpdate"></a>
+# **tenantsDomainsPartialUpdate**
+> Domain tenantsDomainsPartialUpdate(id, patchedDomainRequest)
+
+
+
+Domain ViewSet
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val id : kotlin.Int = 56 // kotlin.Int | A unique integer value identifying this Domain.
+val patchedDomainRequest : PatchedDomainRequest =  // PatchedDomainRequest | 
+try {
+    val result : Domain = apiInstance.tenantsDomainsPartialUpdate(id, patchedDomainRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsDomainsPartialUpdate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsDomainsPartialUpdate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **id** | **kotlin.Int**| A unique integer value identifying this Domain. |
+ **patchedDomainRequest** | [**PatchedDomainRequest**](PatchedDomainRequest.md)|  | [optional]
+
+### Return type
+
+[**Domain**](Domain.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
+<a id="tenantsDomainsRetrieve"></a>
+# **tenantsDomainsRetrieve**
+> Domain tenantsDomainsRetrieve(id)
+
+
+
+Domain ViewSet
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val id : kotlin.Int = 56 // kotlin.Int | A unique integer value identifying this Domain.
+try {
+    val result : Domain = apiInstance.tenantsDomainsRetrieve(id)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsDomainsRetrieve")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsDomainsRetrieve")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **id** | **kotlin.Int**| A unique integer value identifying this Domain. |
+
+### Return type
+
+[**Domain**](Domain.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+<a id="tenantsDomainsUpdate"></a>
+# **tenantsDomainsUpdate**
+> Domain tenantsDomainsUpdate(id, domainRequest)
+
+
+
+Domain ViewSet
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val id : kotlin.Int = 56 // kotlin.Int | A unique integer value identifying this Domain.
+val domainRequest : DomainRequest =  // DomainRequest | 
+try {
+    val result : Domain = apiInstance.tenantsDomainsUpdate(id, domainRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsDomainsUpdate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsDomainsUpdate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **id** | **kotlin.Int**| A unique integer value identifying this Domain. |
+ **domainRequest** | [**DomainRequest**](DomainRequest.md)|  |
+
+### Return type
+
+[**Domain**](Domain.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
+<a id="tenantsTenantsCreate"></a>
+# **tenantsTenantsCreate**
+> Tenant tenantsTenantsCreate(tenantRequest)
+
+
+
+Tenant Viewset
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val tenantRequest : TenantRequest =  // TenantRequest | 
+try {
+    val result : Tenant = apiInstance.tenantsTenantsCreate(tenantRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsTenantsCreate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsTenantsCreate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **tenantRequest** | [**TenantRequest**](TenantRequest.md)|  |
+
+### Return type
+
+[**Tenant**](Tenant.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
+<a id="tenantsTenantsCreateAdminGroupCreate"></a>
+# **tenantsTenantsCreateAdminGroupCreate**
+> tenantsTenantsCreateAdminGroupCreate(tenantUuid, tenantAdminGroupRequestRequest)
+
+
+
+Create admin group and add user to it.
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+val tenantAdminGroupRequestRequest : TenantAdminGroupRequestRequest =  // TenantAdminGroupRequestRequest | 
+try {
+    apiInstance.tenantsTenantsCreateAdminGroupCreate(tenantUuid, tenantAdminGroupRequestRequest)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsTenantsCreateAdminGroupCreate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsTenantsCreateAdminGroupCreate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+ **tenantAdminGroupRequestRequest** | [**TenantAdminGroupRequestRequest**](TenantAdminGroupRequestRequest.md)|  |
+
+### Return type
+
+null (empty response body)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
+<a id="tenantsTenantsCreateRecoveryKeyCreate"></a>
+# **tenantsTenantsCreateRecoveryKeyCreate**
+> TenantRecoveryKeyResponse tenantsTenantsCreateRecoveryKeyCreate(tenantUuid, tenantRecoveryKeyRequestRequest)
+
+
+
+Create recovery key for user.
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+val tenantRecoveryKeyRequestRequest : TenantRecoveryKeyRequestRequest =  // TenantRecoveryKeyRequestRequest | 
+try {
+    val result : TenantRecoveryKeyResponse = apiInstance.tenantsTenantsCreateRecoveryKeyCreate(tenantUuid, tenantRecoveryKeyRequestRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsTenantsCreateRecoveryKeyCreate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsTenantsCreateRecoveryKeyCreate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+ **tenantRecoveryKeyRequestRequest** | [**TenantRecoveryKeyRequestRequest**](TenantRecoveryKeyRequestRequest.md)|  |
+
+### Return type
+
+[**TenantRecoveryKeyResponse**](TenantRecoveryKeyResponse.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
+<a id="tenantsTenantsDestroy"></a>
+# **tenantsTenantsDestroy**
+> tenantsTenantsDestroy(tenantUuid)
+
+
+
+Tenant Viewset
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+try {
+    apiInstance.tenantsTenantsDestroy(tenantUuid)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsTenantsDestroy")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsTenantsDestroy")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+
+### Return type
+
+null (empty response body)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+<a id="tenantsTenantsList"></a>
+# **tenantsTenantsList**
+> PaginatedTenantList tenantsTenantsList(ordering, page, pageSize, search)
+
+
+
+Tenant Viewset
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val ordering : kotlin.String = ordering_example // kotlin.String | Which field to use when ordering the results.
+val page : kotlin.Int = 56 // kotlin.Int | A page number within the paginated result set.
+val pageSize : kotlin.Int = 56 // kotlin.Int | Number of results to return per page.
+val search : kotlin.String = search_example // kotlin.String | A search term.
+try {
+    val result : PaginatedTenantList = apiInstance.tenantsTenantsList(ordering, page, pageSize, search)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsTenantsList")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsTenantsList")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **ordering** | **kotlin.String**| Which field to use when ordering the results. | [optional]
+ **page** | **kotlin.Int**| A page number within the paginated result set. | [optional]
+ **pageSize** | **kotlin.Int**| Number of results to return per page. | [optional]
+ **search** | **kotlin.String**| A search term. | [optional]
+
+### Return type
+
+[**PaginatedTenantList**](PaginatedTenantList.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+<a id="tenantsTenantsPartialUpdate"></a>
+# **tenantsTenantsPartialUpdate**
+> Tenant tenantsTenantsPartialUpdate(tenantUuid, patchedTenantRequest)
+
+
+
+Tenant Viewset
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+val patchedTenantRequest : PatchedTenantRequest =  // PatchedTenantRequest | 
+try {
+    val result : Tenant = apiInstance.tenantsTenantsPartialUpdate(tenantUuid, patchedTenantRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsTenantsPartialUpdate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsTenantsPartialUpdate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+ **patchedTenantRequest** | [**PatchedTenantRequest**](PatchedTenantRequest.md)|  | [optional]
+
+### Return type
+
+[**Tenant**](Tenant.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
+<a id="tenantsTenantsRetrieve"></a>
+# **tenantsTenantsRetrieve**
+> Tenant tenantsTenantsRetrieve(tenantUuid)
+
+
+
+Tenant Viewset
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+try {
+    val result : Tenant = apiInstance.tenantsTenantsRetrieve(tenantUuid)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsTenantsRetrieve")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsTenantsRetrieve")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+
+### Return type
+
+[**Tenant**](Tenant.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: Not defined
+ - **Accept**: application/json
+
+<a id="tenantsTenantsUpdate"></a>
+# **tenantsTenantsUpdate**
+> Tenant tenantsTenantsUpdate(tenantUuid, tenantRequest)
+
+
+
+Tenant Viewset
+
+### Example
+```kotlin
+// Import classes:
+//import io.goauthentik.api.infrastructure.*
+//import io.goauthentik.api.models.*
+
+val apiInstance = TenantsApi()
+val tenantUuid : java.util.UUID = 38400000-8cf0-11bd-b23e-10b96e4ef00d // java.util.UUID | A UUID string identifying this Tenant.
+val tenantRequest : TenantRequest =  // TenantRequest | 
+try {
+    val result : Tenant = apiInstance.tenantsTenantsUpdate(tenantUuid, tenantRequest)
+    println(result)
+} catch (e: ClientException) {
+    println("4xx response calling TenantsApi#tenantsTenantsUpdate")
+    e.printStackTrace()
+} catch (e: ServerException) {
+    println("5xx response calling TenantsApi#tenantsTenantsUpdate")
+    e.printStackTrace()
+}
+```
+
+### Parameters
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **tenantUuid** | **java.util.UUID**| A UUID string identifying this Tenant. |
+ **tenantRequest** | [**TenantRequest**](TenantRequest.md)|  |
+
+### Return type
+
+[**Tenant**](Tenant.md)
+
+### Authorization
+
+No authorization required
+
+### HTTP request headers
+
+ - **Content-Type**: application/json
+ - **Accept**: application/json
+
diff --git a/docs/UserSelf.md b/docs/UserSelf.md
index 7f75534..948710d 100644
--- a/docs/UserSelf.md
+++ b/docs/UserSelf.md
@@ -12,7 +12,7 @@ Name | Type | Description | Notes
 **groups** | [**kotlin.collections.List&lt;UserSelfGroups&gt;**](UserSelfGroups.md) |  |  [readonly]
 **avatar** | **kotlin.String** |  |  [readonly]
 **uid** | **kotlin.String** |  |  [readonly]
-**settings** | [**kotlin.collections.Map&lt;kotlin.String, kotlin.Any&gt;**](kotlin.Any.md) | Get user settings with tenant and group settings applied |  [readonly]
+**settings** | [**kotlin.collections.Map&lt;kotlin.String, kotlin.Any&gt;**](kotlin.Any.md) | Get user settings with brand and group settings applied |  [readonly]
 **systemPermissions** | **kotlin.collections.List&lt;kotlin.String&gt;** | Get all system permissions assigned to the user |  [readonly]
 **email** | **kotlin.String** |  |  [optional]
 **type** | [**UserTypeEnum**](UserTypeEnum.md) |  |  [optional]
diff --git a/schema.yml b/schema.yml
index a838ce9..2394b86 100644
--- a/schema.yml
+++ b/schema.yml
@@ -94,6 +94,95 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
+  /admin/settings/:
+    get:
+      operationId: admin_settings_retrieve
+      description: Settings view
+      tags:
+      - admin
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Settings'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    put:
+      operationId: admin_settings_update
+      description: Settings view
+      tags:
+      - admin
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SettingsRequest'
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Settings'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    patch:
+      operationId: admin_settings_partial_update
+      description: Settings view
+      tags:
+      - admin
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/PatchedSettingsRequest'
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Settings'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
   /admin/system/:
     get:
       operationId: admin_system_retrieve
@@ -3254,42 +3343,66 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /core/groups/:
+  /core/brands/:
     get:
-      operationId: core_groups_list
-      description: Group Viewset
+      operationId: core_brands_list
+      description: Brand Viewset
       parameters:
       - in: query
-        name: attributes
+        name: brand_uuid
         schema:
           type: string
-        description: Attributes
+          format: uuid
       - in: query
-        name: is_superuser
+        name: branding_favicon
+        schema:
+          type: string
+      - in: query
+        name: branding_logo
+        schema:
+          type: string
+      - in: query
+        name: branding_title
+        schema:
+          type: string
+      - in: query
+        name: default
         schema:
           type: boolean
       - in: query
-        name: members_by_pk
+        name: domain
         schema:
-          type: array
-          items:
-            type: integer
-        explode: true
-        style: form
+          type: string
       - in: query
-        name: members_by_username
+        name: flow_authentication
         schema:
-          type: array
-          items:
-            type: string
-        description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
-          only.
-        explode: true
-        style: form
+          type: string
+          format: uuid
       - in: query
-        name: name
+        name: flow_device_code
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: flow_invalidation
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: flow_recovery
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: flow_unenrollment
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: flow_user_settings
         schema:
           type: string
+          format: uuid
       - name: ordering
         required: false
         in: query
@@ -3314,6 +3427,11 @@ paths:
         description: A search term.
         schema:
           type: string
+      - in: query
+        name: web_certificate
+        schema:
+          type: string
+          format: uuid
       tags:
       - core
       security:
@@ -3323,7 +3441,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedGroupList'
+                $ref: '#/components/schemas/PaginatedBrandList'
           description: ''
         '400':
           content:
@@ -3338,15 +3456,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: core_groups_create
-      description: Group Viewset
+      operationId: core_brands_create
+      description: Brand Viewset
       tags:
       - core
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/GroupRequest'
+              $ref: '#/components/schemas/BrandRequest'
         required: true
       security:
       - authentik: []
@@ -3355,7 +3473,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Group'
+                $ref: '#/components/schemas/Brand'
           description: ''
         '400':
           content:
@@ -3369,17 +3487,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /core/groups/{group_uuid}/:
+  /core/brands/{brand_uuid}/:
     get:
-      operationId: core_groups_retrieve
-      description: Group Viewset
+      operationId: core_brands_retrieve
+      description: Brand Viewset
       parameters:
       - in: path
-        name: group_uuid
+        name: brand_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Group.
+        description: A UUID string identifying this Brand.
         required: true
       tags:
       - core
@@ -3390,7 +3508,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Group'
+                $ref: '#/components/schemas/Brand'
           description: ''
         '400':
           content:
@@ -3405,15 +3523,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: core_groups_update
-      description: Group Viewset
+      operationId: core_brands_update
+      description: Brand Viewset
       parameters:
       - in: path
-        name: group_uuid
+        name: brand_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Group.
+        description: A UUID string identifying this Brand.
         required: true
       tags:
       - core
@@ -3421,7 +3539,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/GroupRequest'
+              $ref: '#/components/schemas/BrandRequest'
         required: true
       security:
       - authentik: []
@@ -3430,7 +3548,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Group'
+                $ref: '#/components/schemas/Brand'
           description: ''
         '400':
           content:
@@ -3445,15 +3563,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: core_groups_partial_update
-      description: Group Viewset
+      operationId: core_brands_partial_update
+      description: Brand Viewset
       parameters:
       - in: path
-        name: group_uuid
+        name: brand_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Group.
+        description: A UUID string identifying this Brand.
         required: true
       tags:
       - core
@@ -3461,7 +3579,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedGroupRequest'
+              $ref: '#/components/schemas/PatchedBrandRequest'
       security:
       - authentik: []
       responses:
@@ -3469,7 +3587,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Group'
+                $ref: '#/components/schemas/Brand'
           description: ''
         '400':
           content:
@@ -3484,15 +3602,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: core_groups_destroy
-      description: Group Viewset
+      operationId: core_brands_destroy
+      description: Brand Viewset
       parameters:
       - in: path
-        name: group_uuid
+        name: brand_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Group.
+        description: A UUID string identifying this Brand.
         required: true
       tags:
       - core
@@ -3513,72 +3631,31 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /core/groups/{group_uuid}/add_user/:
-    post:
-      operationId: core_groups_add_user_create
-      description: Add user to group
+  /core/brands/{brand_uuid}/used_by/:
+    get:
+      operationId: core_brands_used_by_list
+      description: Get a list of all objects that use this object
       parameters:
       - in: path
-        name: group_uuid
+        name: brand_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Group.
+        description: A UUID string identifying this Brand.
         required: true
       tags:
       - core
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/UserAccountRequest'
-        required: true
       security:
       - authentik: []
       responses:
-        '204':
-          description: User added
-        '404':
-          description: User not found
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
+        '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/GenericError'
+                type: array
+                items:
+                  $ref: '#/components/schemas/UsedBy'
           description: ''
-  /core/groups/{group_uuid}/remove_user/:
-    post:
-      operationId: core_groups_remove_user_create
-      description: Add user to group
-      parameters:
-      - in: path
-        name: group_uuid
-        schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this Group.
-        required: true
-      tags:
-      - core
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/UserAccountRequest'
-        required: true
-      security:
-      - authentik: []
-      responses:
-        '204':
-          description: User added
-        '404':
-          description: User not found
         '400':
           content:
             application/json:
@@ -3591,30 +3668,21 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /core/groups/{group_uuid}/used_by/:
+  /core/brands/current/:
     get:
-      operationId: core_groups_used_by_list
-      description: Get a list of all objects that use this object
-      parameters:
-      - in: path
-        name: group_uuid
-        schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this Group.
-        required: true
+      operationId: core_brands_current_retrieve
+      description: Get current brand
       tags:
       - core
       security:
       - authentik: []
+      - {}
       responses:
         '200':
           content:
             application/json:
               schema:
-                type: array
-                items:
-                  $ref: '#/components/schemas/UsedBy'
+                $ref: '#/components/schemas/CurrentBrand'
           description: ''
         '400':
           content:
@@ -3628,65 +3696,42 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /core/tenants/:
+  /core/groups/:
     get:
-      operationId: core_tenants_list
-      description: Tenant Viewset
+      operationId: core_groups_list
+      description: Group Viewset
       parameters:
       - in: query
-        name: branding_favicon
-        schema:
-          type: string
-      - in: query
-        name: branding_logo
-        schema:
-          type: string
-      - in: query
-        name: branding_title
+        name: attributes
         schema:
           type: string
+        description: Attributes
       - in: query
-        name: default
+        name: is_superuser
         schema:
           type: boolean
       - in: query
-        name: domain
-        schema:
-          type: string
-      - in: query
-        name: event_retention
-        schema:
-          type: string
-      - in: query
-        name: flow_authentication
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: flow_device_code
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: flow_invalidation
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: flow_recovery
+        name: members_by_pk
         schema:
-          type: string
-          format: uuid
+          type: array
+          items:
+            type: integer
+        explode: true
+        style: form
       - in: query
-        name: flow_unenrollment
+        name: members_by_username
         schema:
-          type: string
-          format: uuid
+          type: array
+          items:
+            type: string
+        description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
+          only.
+        explode: true
+        style: form
       - in: query
-        name: flow_user_settings
+        name: name
         schema:
           type: string
-          format: uuid
       - name: ordering
         required: false
         in: query
@@ -3711,16 +3756,6 @@ paths:
         description: A search term.
         schema:
           type: string
-      - in: query
-        name: tenant_uuid
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: web_certificate
-        schema:
-          type: string
-          format: uuid
       tags:
       - core
       security:
@@ -3730,7 +3765,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedTenantList'
+                $ref: '#/components/schemas/PaginatedGroupList'
           description: ''
         '400':
           content:
@@ -3745,15 +3780,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: core_tenants_create
-      description: Tenant Viewset
+      operationId: core_groups_create
+      description: Group Viewset
       tags:
       - core
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/TenantRequest'
+              $ref: '#/components/schemas/GroupRequest'
         required: true
       security:
       - authentik: []
@@ -3762,7 +3797,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Tenant'
+                $ref: '#/components/schemas/Group'
           description: ''
         '400':
           content:
@@ -3776,17 +3811,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /core/tenants/{tenant_uuid}/:
+  /core/groups/{group_uuid}/:
     get:
-      operationId: core_tenants_retrieve
-      description: Tenant Viewset
+      operationId: core_groups_retrieve
+      description: Group Viewset
       parameters:
       - in: path
-        name: tenant_uuid
+        name: group_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Tenant.
+        description: A UUID string identifying this Group.
         required: true
       tags:
       - core
@@ -3797,7 +3832,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Tenant'
+                $ref: '#/components/schemas/Group'
           description: ''
         '400':
           content:
@@ -3812,15 +3847,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: core_tenants_update
-      description: Tenant Viewset
+      operationId: core_groups_update
+      description: Group Viewset
       parameters:
       - in: path
-        name: tenant_uuid
+        name: group_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Tenant.
+        description: A UUID string identifying this Group.
         required: true
       tags:
       - core
@@ -3828,7 +3863,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/TenantRequest'
+              $ref: '#/components/schemas/GroupRequest'
         required: true
       security:
       - authentik: []
@@ -3837,7 +3872,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Tenant'
+                $ref: '#/components/schemas/Group'
           description: ''
         '400':
           content:
@@ -3852,15 +3887,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: core_tenants_partial_update
-      description: Tenant Viewset
+      operationId: core_groups_partial_update
+      description: Group Viewset
       parameters:
       - in: path
-        name: tenant_uuid
+        name: group_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Tenant.
+        description: A UUID string identifying this Group.
         required: true
       tags:
       - core
@@ -3868,7 +3903,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedTenantRequest'
+              $ref: '#/components/schemas/PatchedGroupRequest'
       security:
       - authentik: []
       responses:
@@ -3876,7 +3911,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Tenant'
+                $ref: '#/components/schemas/Group'
           description: ''
         '400':
           content:
@@ -3891,15 +3926,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: core_tenants_destroy
-      description: Tenant Viewset
+      operationId: core_groups_destroy
+      description: Group Viewset
       parameters:
       - in: path
-        name: tenant_uuid
+        name: group_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Tenant.
+        description: A UUID string identifying this Group.
         required: true
       tags:
       - core
@@ -3920,31 +3955,72 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /core/tenants/{tenant_uuid}/used_by/:
-    get:
-      operationId: core_tenants_used_by_list
-      description: Get a list of all objects that use this object
+  /core/groups/{group_uuid}/add_user/:
+    post:
+      operationId: core_groups_add_user_create
+      description: Add user to group
       parameters:
       - in: path
-        name: tenant_uuid
+        name: group_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Tenant.
+        description: A UUID string identifying this Group.
         required: true
       tags:
       - core
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/UserAccountRequest'
+        required: true
       security:
       - authentik: []
       responses:
-        '200':
+        '204':
+          description: User added
+        '404':
+          description: User not found
+        '400':
           content:
             application/json:
               schema:
-                type: array
-                items:
-                  $ref: '#/components/schemas/UsedBy'
+                $ref: '#/components/schemas/ValidationError'
           description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /core/groups/{group_uuid}/remove_user/:
+    post:
+      operationId: core_groups_remove_user_create
+      description: Add user to group
+      parameters:
+      - in: path
+        name: group_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this Group.
+        required: true
+      tags:
+      - core
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/UserAccountRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '204':
+          description: User added
+        '404':
+          description: User not found
         '400':
           content:
             application/json:
@@ -3957,21 +4033,30 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /core/tenants/current/:
+  /core/groups/{group_uuid}/used_by/:
     get:
-      operationId: core_tenants_current_retrieve
-      description: Get current tenant
+      operationId: core_groups_used_by_list
+      description: Get a list of all objects that use this object
+      parameters:
+      - in: path
+        name: group_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this Group.
+        required: true
       tags:
       - core
       security:
       - authentik: []
-      - {}
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/CurrentTenant'
+                type: array
+                items:
+                  $ref: '#/components/schemas/UsedBy'
           description: ''
         '400':
           content:
@@ -5914,6 +5999,11 @@ paths:
         name: action
         schema:
           type: string
+      - in: query
+        name: brand_name
+        schema:
+          type: string
+        description: Brand name
       - in: query
         name: client_ip
         schema:
@@ -5962,11 +6052,6 @@ paths:
         description: A search term.
         schema:
           type: string
-      - in: query
-        name: tenant_name
-        schema:
-          type: string
-        description: Tenant name
       - in: query
         name: username
         schema:
@@ -6285,6 +6370,11 @@ paths:
         name: action
         schema:
           type: string
+      - in: query
+        name: brand_name
+        schema:
+          type: string
+        description: Brand name
       - in: query
         name: client_ip
         schema:
@@ -6321,11 +6411,6 @@ paths:
         description: A search term.
         schema:
           type: string
-      - in: query
-        name: tenant_name
-        schema:
-          type: string
-        description: Tenant name
       - in: query
         name: username
         schema:
@@ -18064,6 +18149,7 @@ paths:
           type: string
           enum:
           - authentik_blueprints.blueprintinstance
+          - authentik_brands.brand
           - authentik_core.application
           - authentik_core.group
           - authentik_core.token
@@ -18139,8 +18225,9 @@ paths:
           - authentik_stages_user_login.userloginstage
           - authentik_stages_user_logout.userlogoutstage
           - authentik_stages_user_write.userwritestage
-          - authentik_tenants.tenant
+          - authentik_tenants.domain
         description: |-
+          * `authentik_tenants.domain` - Domain
           * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
           * `authentik_events.event` - Event
           * `authentik_events.notificationtransport` - Notification Transport
@@ -18208,7 +18295,7 @@ paths:
           * `authentik_stages_user_login.userloginstage` - User Login Stage
           * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
           * `authentik_stages_user_write.userwritestage` - User Write Stage
-          * `authentik_tenants.tenant` - Tenant
+          * `authentik_brands.brand` - Brand
           * `authentik_blueprints.blueprintinstance` - Blueprint Instance
           * `authentik_core.group` - Group
           * `authentik_core.user` - User
@@ -18358,6 +18445,7 @@ paths:
           type: string
           enum:
           - authentik_blueprints.blueprintinstance
+          - authentik_brands.brand
           - authentik_core.application
           - authentik_core.group
           - authentik_core.token
@@ -18433,8 +18521,9 @@ paths:
           - authentik_stages_user_login.userloginstage
           - authentik_stages_user_logout.userlogoutstage
           - authentik_stages_user_write.userwritestage
-          - authentik_tenants.tenant
+          - authentik_tenants.domain
         description: |-
+          * `authentik_tenants.domain` - Domain
           * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
           * `authentik_events.event` - Event
           * `authentik_events.notificationtransport` - Notification Transport
@@ -18502,7 +18591,7 @@ paths:
           * `authentik_stages_user_login.userloginstage` - User Login Stage
           * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
           * `authentik_stages_user_write.userwritestage` - User Write Stage
-          * `authentik_tenants.tenant` - Tenant
+          * `authentik_brands.brand` - Brand
           * `authentik_blueprints.blueprintinstance` - Blueprint Instance
           * `authentik_core.group` - Group
           * `authentik_core.user` - User
@@ -23413,7 +23502,615 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList'
+                $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    post:
+      operationId: stages_authenticator_totp_create
+      description: AuthenticatorTOTPStage Viewset
+      tags:
+      - stages
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '201':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AuthenticatorTOTPStage'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /stages/authenticator/totp/{stage_uuid}/:
+    get:
+      operationId: stages_authenticator_totp_retrieve
+      description: AuthenticatorTOTPStage Viewset
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        required: true
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AuthenticatorTOTPStage'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    put:
+      operationId: stages_authenticator_totp_update
+      description: AuthenticatorTOTPStage Viewset
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        required: true
+      tags:
+      - stages
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AuthenticatorTOTPStage'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    patch:
+      operationId: stages_authenticator_totp_partial_update
+      description: AuthenticatorTOTPStage Viewset
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        required: true
+      tags:
+      - stages
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest'
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AuthenticatorTOTPStage'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    delete:
+      operationId: stages_authenticator_totp_destroy
+      description: AuthenticatorTOTPStage Viewset
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        required: true
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '204':
+          description: No response body
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /stages/authenticator/totp/{stage_uuid}/used_by/:
+    get:
+      operationId: stages_authenticator_totp_used_by_list
+      description: Get a list of all objects that use this object
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        required: true
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/UsedBy'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /stages/authenticator/validate/:
+    get:
+      operationId: stages_authenticator_validate_list
+      description: AuthenticatorValidateStage Viewset
+      parameters:
+      - in: query
+        name: configuration_stages
+        schema:
+          type: array
+          items:
+            type: string
+            format: uuid
+        explode: true
+        style: form
+      - in: query
+        name: name
+        schema:
+          type: string
+      - in: query
+        name: not_configured_action
+        schema:
+          type: string
+          enum:
+          - configure
+          - deny
+          - skip
+        description: |-
+          * `skip` - Skip
+          * `deny` - Deny
+          * `configure` - Configure
+      - name: ordering
+        required: false
+        in: query
+        description: Which field to use when ordering the results.
+        schema:
+          type: string
+      - name: page
+        required: false
+        in: query
+        description: A page number within the paginated result set.
+        schema:
+          type: integer
+      - name: page_size
+        required: false
+        in: query
+        description: Number of results to return per page.
+        schema:
+          type: integer
+      - name: search
+        required: false
+        in: query
+        description: A search term.
+        schema:
+          type: string
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    post:
+      operationId: stages_authenticator_validate_create
+      description: AuthenticatorValidateStage Viewset
+      tags:
+      - stages
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/AuthenticatorValidateStageRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '201':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AuthenticatorValidateStage'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /stages/authenticator/validate/{stage_uuid}/:
+    get:
+      operationId: stages_authenticator_validate_retrieve
+      description: AuthenticatorValidateStage Viewset
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this Authenticator Validation Stage.
+        required: true
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AuthenticatorValidateStage'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    put:
+      operationId: stages_authenticator_validate_update
+      description: AuthenticatorValidateStage Viewset
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this Authenticator Validation Stage.
+        required: true
+      tags:
+      - stages
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/AuthenticatorValidateStageRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AuthenticatorValidateStage'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    patch:
+      operationId: stages_authenticator_validate_partial_update
+      description: AuthenticatorValidateStage Viewset
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this Authenticator Validation Stage.
+        required: true
+      tags:
+      - stages
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest'
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/AuthenticatorValidateStage'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+    delete:
+      operationId: stages_authenticator_validate_destroy
+      description: AuthenticatorValidateStage Viewset
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this Authenticator Validation Stage.
+        required: true
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '204':
+          description: No response body
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /stages/authenticator/validate/{stage_uuid}/used_by/:
+    get:
+      operationId: stages_authenticator_validate_used_by_list
+      description: Get a list of all objects that use this object
+      parameters:
+      - in: path
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this Authenticator Validation Stage.
+        required: true
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/UsedBy'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /stages/authenticator/webauthn/:
+    get:
+      operationId: stages_authenticator_webauthn_list
+      description: AuthenticateWebAuthnStage Viewset
+      parameters:
+      - in: query
+        name: authenticator_attachment
+        schema:
+          type: string
+          nullable: true
+          enum:
+          - cross-platform
+          - platform
+        description: |-
+          * `platform` - Platform
+          * `cross-platform` - Cross Platform
+      - in: query
+        name: configure_flow
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: friendly_name
+        schema:
+          type: string
+      - in: query
+        name: name
+        schema:
+          type: string
+      - name: ordering
+        required: false
+        in: query
+        description: Which field to use when ordering the results.
+        schema:
+          type: string
+      - name: page
+        required: false
+        in: query
+        description: A page number within the paginated result set.
+        schema:
+          type: integer
+      - name: page_size
+        required: false
+        in: query
+        description: Number of results to return per page.
+        schema:
+          type: integer
+      - in: query
+        name: resident_key_requirement
+        schema:
+          type: string
+          enum:
+          - discouraged
+          - preferred
+          - required
+        description: |-
+          * `discouraged` - Discouraged
+          * `preferred` - Preferred
+          * `required` - Required
+      - name: search
+        required: false
+        in: query
+        description: A search term.
+        schema:
+          type: string
+      - in: query
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: user_verification
+        schema:
+          type: string
+          enum:
+          - discouraged
+          - preferred
+          - required
+        description: |-
+          * `required` - Required
+          * `preferred` - Preferred
+          * `discouraged` - Discouraged
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList'
           description: ''
         '400':
           content:
@@ -23428,15 +24125,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_authenticator_totp_create
-      description: AuthenticatorTOTPStage Viewset
+      operationId: stages_authenticator_webauthn_create
+      description: AuthenticateWebAuthnStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
+              $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
         required: true
       security:
       - authentik: []
@@ -23445,7 +24142,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticatorTOTPStage'
+                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
           description: ''
         '400':
           content:
@@ -23459,17 +24156,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/authenticator/totp/{stage_uuid}/:
+  /stages/authenticator/webauthn/{stage_uuid}/:
     get:
-      operationId: stages_authenticator_totp_retrieve
-      description: AuthenticatorTOTPStage Viewset
+      operationId: stages_authenticator_webauthn_retrieve
+      description: AuthenticateWebAuthnStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
         required: true
       tags:
       - stages
@@ -23480,7 +24177,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticatorTOTPStage'
+                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
           description: ''
         '400':
           content:
@@ -23495,15 +24192,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_authenticator_totp_update
-      description: AuthenticatorTOTPStage Viewset
+      operationId: stages_authenticator_webauthn_update
+      description: AuthenticateWebAuthnStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
         required: true
       tags:
       - stages
@@ -23511,7 +24208,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
+              $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
         required: true
       security:
       - authentik: []
@@ -23520,7 +24217,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticatorTOTPStage'
+                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
           description: ''
         '400':
           content:
@@ -23535,15 +24232,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_authenticator_totp_partial_update
-      description: AuthenticatorTOTPStage Viewset
+      operationId: stages_authenticator_webauthn_partial_update
+      description: AuthenticateWebAuthnStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
         required: true
       tags:
       - stages
@@ -23551,7 +24248,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest'
+              $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest'
       security:
       - authentik: []
       responses:
@@ -23559,7 +24256,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticatorTOTPStage'
+                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
           description: ''
         '400':
           content:
@@ -23574,15 +24271,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_authenticator_totp_destroy
-      description: AuthenticatorTOTPStage Viewset
+      operationId: stages_authenticator_webauthn_destroy
+      description: AuthenticateWebAuthnStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
         required: true
       tags:
       - stages
@@ -23603,9 +24300,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/authenticator/totp/{stage_uuid}/used_by/:
+  /stages/authenticator/webauthn/{stage_uuid}/used_by/:
     get:
-      operationId: stages_authenticator_totp_used_by_list
+      operationId: stages_authenticator_webauthn_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -23613,7 +24310,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this TOTP Authenticator Setup Stage.
+        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
         required: true
       tags:
       - stages
@@ -23640,36 +24337,15 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/authenticator/validate/:
+  /stages/captcha/:
     get:
-      operationId: stages_authenticator_validate_list
-      description: AuthenticatorValidateStage Viewset
+      operationId: stages_captcha_list
+      description: CaptchaStage Viewset
       parameters:
-      - in: query
-        name: configuration_stages
-        schema:
-          type: array
-          items:
-            type: string
-            format: uuid
-        explode: true
-        style: form
       - in: query
         name: name
         schema:
           type: string
-      - in: query
-        name: not_configured_action
-        schema:
-          type: string
-          enum:
-          - configure
-          - deny
-          - skip
-        description: |-
-          * `skip` - Skip
-          * `deny` - Deny
-          * `configure` - Configure
       - name: ordering
         required: false
         in: query
@@ -23688,6 +24364,10 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
+      - in: query
+        name: public_key
+        schema:
+          type: string
       - name: search
         required: false
         in: query
@@ -23703,7 +24383,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList'
+                $ref: '#/components/schemas/PaginatedCaptchaStageList'
           description: ''
         '400':
           content:
@@ -23718,15 +24398,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_authenticator_validate_create
-      description: AuthenticatorValidateStage Viewset
+      operationId: stages_captcha_create
+      description: CaptchaStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/AuthenticatorValidateStageRequest'
+              $ref: '#/components/schemas/CaptchaStageRequest'
         required: true
       security:
       - authentik: []
@@ -23735,7 +24415,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticatorValidateStage'
+                $ref: '#/components/schemas/CaptchaStage'
           description: ''
         '400':
           content:
@@ -23749,17 +24429,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/authenticator/validate/{stage_uuid}/:
+  /stages/captcha/{stage_uuid}/:
     get:
-      operationId: stages_authenticator_validate_retrieve
-      description: AuthenticatorValidateStage Viewset
+      operationId: stages_captcha_retrieve
+      description: CaptchaStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Authenticator Validation Stage.
+        description: A UUID string identifying this Captcha Stage.
         required: true
       tags:
       - stages
@@ -23770,7 +24450,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticatorValidateStage'
+                $ref: '#/components/schemas/CaptchaStage'
           description: ''
         '400':
           content:
@@ -23785,15 +24465,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_authenticator_validate_update
-      description: AuthenticatorValidateStage Viewset
+      operationId: stages_captcha_update
+      description: CaptchaStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Authenticator Validation Stage.
+        description: A UUID string identifying this Captcha Stage.
         required: true
       tags:
       - stages
@@ -23801,7 +24481,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/AuthenticatorValidateStageRequest'
+              $ref: '#/components/schemas/CaptchaStageRequest'
         required: true
       security:
       - authentik: []
@@ -23810,7 +24490,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticatorValidateStage'
+                $ref: '#/components/schemas/CaptchaStage'
           description: ''
         '400':
           content:
@@ -23825,15 +24505,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_authenticator_validate_partial_update
-      description: AuthenticatorValidateStage Viewset
+      operationId: stages_captcha_partial_update
+      description: CaptchaStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Authenticator Validation Stage.
+        description: A UUID string identifying this Captcha Stage.
         required: true
       tags:
       - stages
@@ -23841,7 +24521,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest'
+              $ref: '#/components/schemas/PatchedCaptchaStageRequest'
       security:
       - authentik: []
       responses:
@@ -23849,7 +24529,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticatorValidateStage'
+                $ref: '#/components/schemas/CaptchaStage'
           description: ''
         '400':
           content:
@@ -23864,15 +24544,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_authenticator_validate_destroy
-      description: AuthenticatorValidateStage Viewset
+      operationId: stages_captcha_destroy
+      description: CaptchaStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Authenticator Validation Stage.
+        description: A UUID string identifying this Captcha Stage.
         required: true
       tags:
       - stages
@@ -23893,9 +24573,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/authenticator/validate/{stage_uuid}/used_by/:
+  /stages/captcha/{stage_uuid}/used_by/:
     get:
-      operationId: stages_authenticator_validate_used_by_list
+      operationId: stages_captcha_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -23903,7 +24583,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Authenticator Validation Stage.
+        description: A UUID string identifying this Captcha Stage.
         required: true
       tags:
       - stages
@@ -23930,31 +24610,27 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/authenticator/webauthn/:
+  /stages/consent/:
     get:
-      operationId: stages_authenticator_webauthn_list
-      description: AuthenticateWebAuthnStage Viewset
+      operationId: stages_consent_list
+      description: ConsentStage Viewset
       parameters:
       - in: query
-        name: authenticator_attachment
-        schema:
-          type: string
-          nullable: true
-          enum:
-          - cross-platform
-          - platform
-        description: |-
-          * `platform` - Platform
-          * `cross-platform` - Cross Platform
-      - in: query
-        name: configure_flow
+        name: consent_expire_in
         schema:
           type: string
-          format: uuid
       - in: query
-        name: friendly_name
+        name: mode
         schema:
           type: string
+          enum:
+          - always_require
+          - expiring
+          - permanent
+        description: |-
+          * `always_require` - Always Require
+          * `permanent` - Permanent
+          * `expiring` - Expiring
       - in: query
         name: name
         schema:
@@ -23977,18 +24653,6 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
-      - in: query
-        name: resident_key_requirement
-        schema:
-          type: string
-          enum:
-          - discouraged
-          - preferred
-          - required
-        description: |-
-          * `discouraged` - Discouraged
-          * `preferred` - Preferred
-          * `required` - Required
       - name: search
         required: false
         in: query
@@ -24000,18 +24664,6 @@ paths:
         schema:
           type: string
           format: uuid
-      - in: query
-        name: user_verification
-        schema:
-          type: string
-          enum:
-          - discouraged
-          - preferred
-          - required
-        description: |-
-          * `required` - Required
-          * `preferred` - Preferred
-          * `discouraged` - Discouraged
       tags:
       - stages
       security:
@@ -24021,7 +24673,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList'
+                $ref: '#/components/schemas/PaginatedConsentStageList'
           description: ''
         '400':
           content:
@@ -24036,15 +24688,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_authenticator_webauthn_create
-      description: AuthenticateWebAuthnStage Viewset
+      operationId: stages_consent_create
+      description: ConsentStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
+              $ref: '#/components/schemas/ConsentStageRequest'
         required: true
       security:
       - authentik: []
@@ -24053,7 +24705,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+                $ref: '#/components/schemas/ConsentStage'
           description: ''
         '400':
           content:
@@ -24067,17 +24719,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/authenticator/webauthn/{stage_uuid}/:
+  /stages/consent/{stage_uuid}/:
     get:
-      operationId: stages_authenticator_webauthn_retrieve
-      description: AuthenticateWebAuthnStage Viewset
+      operationId: stages_consent_retrieve
+      description: ConsentStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+        description: A UUID string identifying this Consent Stage.
         required: true
       tags:
       - stages
@@ -24088,7 +24740,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+                $ref: '#/components/schemas/ConsentStage'
           description: ''
         '400':
           content:
@@ -24103,15 +24755,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_authenticator_webauthn_update
-      description: AuthenticateWebAuthnStage Viewset
+      operationId: stages_consent_update
+      description: ConsentStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+        description: A UUID string identifying this Consent Stage.
         required: true
       tags:
       - stages
@@ -24119,7 +24771,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
+              $ref: '#/components/schemas/ConsentStageRequest'
         required: true
       security:
       - authentik: []
@@ -24128,7 +24780,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+                $ref: '#/components/schemas/ConsentStage'
           description: ''
         '400':
           content:
@@ -24143,15 +24795,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_authenticator_webauthn_partial_update
-      description: AuthenticateWebAuthnStage Viewset
+      operationId: stages_consent_partial_update
+      description: ConsentStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+        description: A UUID string identifying this Consent Stage.
         required: true
       tags:
       - stages
@@ -24159,7 +24811,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest'
+              $ref: '#/components/schemas/PatchedConsentStageRequest'
       security:
       - authentik: []
       responses:
@@ -24167,7 +24819,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+                $ref: '#/components/schemas/ConsentStage'
           description: ''
         '400':
           content:
@@ -24182,15 +24834,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_authenticator_webauthn_destroy
-      description: AuthenticateWebAuthnStage Viewset
+      operationId: stages_consent_destroy
+      description: ConsentStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+        description: A UUID string identifying this Consent Stage.
         required: true
       tags:
       - stages
@@ -24211,9 +24863,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/authenticator/webauthn/{stage_uuid}/used_by/:
+  /stages/consent/{stage_uuid}/used_by/:
     get:
-      operationId: stages_authenticator_webauthn_used_by_list
+      operationId: stages_consent_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -24221,7 +24873,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+        description: A UUID string identifying this Consent Stage.
         required: true
       tags:
       - stages
@@ -24248,11 +24900,15 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/captcha/:
+  /stages/deny/:
     get:
-      operationId: stages_captcha_list
-      description: CaptchaStage Viewset
+      operationId: stages_deny_list
+      description: DenyStage Viewset
       parameters:
+      - in: query
+        name: deny_message
+        schema:
+          type: string
       - in: query
         name: name
         schema:
@@ -24275,16 +24931,17 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
-      - in: query
-        name: public_key
-        schema:
-          type: string
       - name: search
         required: false
         in: query
         description: A search term.
         schema:
           type: string
+      - in: query
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
       tags:
       - stages
       security:
@@ -24294,7 +24951,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedCaptchaStageList'
+                $ref: '#/components/schemas/PaginatedDenyStageList'
           description: ''
         '400':
           content:
@@ -24309,15 +24966,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_captcha_create
-      description: CaptchaStage Viewset
+      operationId: stages_deny_create
+      description: DenyStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/CaptchaStageRequest'
+              $ref: '#/components/schemas/DenyStageRequest'
         required: true
       security:
       - authentik: []
@@ -24326,7 +24983,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/CaptchaStage'
+                $ref: '#/components/schemas/DenyStage'
           description: ''
         '400':
           content:
@@ -24340,17 +24997,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/captcha/{stage_uuid}/:
+  /stages/deny/{stage_uuid}/:
     get:
-      operationId: stages_captcha_retrieve
-      description: CaptchaStage Viewset
+      operationId: stages_deny_retrieve
+      description: DenyStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Captcha Stage.
+        description: A UUID string identifying this Deny Stage.
         required: true
       tags:
       - stages
@@ -24361,7 +25018,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/CaptchaStage'
+                $ref: '#/components/schemas/DenyStage'
           description: ''
         '400':
           content:
@@ -24376,15 +25033,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_captcha_update
-      description: CaptchaStage Viewset
+      operationId: stages_deny_update
+      description: DenyStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Captcha Stage.
+        description: A UUID string identifying this Deny Stage.
         required: true
       tags:
       - stages
@@ -24392,7 +25049,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/CaptchaStageRequest'
+              $ref: '#/components/schemas/DenyStageRequest'
         required: true
       security:
       - authentik: []
@@ -24401,7 +25058,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/CaptchaStage'
+                $ref: '#/components/schemas/DenyStage'
           description: ''
         '400':
           content:
@@ -24416,15 +25073,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_captcha_partial_update
-      description: CaptchaStage Viewset
+      operationId: stages_deny_partial_update
+      description: DenyStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Captcha Stage.
+        description: A UUID string identifying this Deny Stage.
         required: true
       tags:
       - stages
@@ -24432,7 +25089,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedCaptchaStageRequest'
+              $ref: '#/components/schemas/PatchedDenyStageRequest'
       security:
       - authentik: []
       responses:
@@ -24440,7 +25097,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/CaptchaStage'
+                $ref: '#/components/schemas/DenyStage'
           description: ''
         '400':
           content:
@@ -24455,15 +25112,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_captcha_destroy
-      description: CaptchaStage Viewset
+      operationId: stages_deny_destroy
+      description: DenyStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Captcha Stage.
+        description: A UUID string identifying this Deny Stage.
         required: true
       tags:
       - stages
@@ -24484,9 +25141,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/captcha/{stage_uuid}/used_by/:
+  /stages/deny/{stage_uuid}/used_by/:
     get:
-      operationId: stages_captcha_used_by_list
+      operationId: stages_deny_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -24494,7 +25151,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Captcha Stage.
+        description: A UUID string identifying this Deny Stage.
         required: true
       tags:
       - stages
@@ -24521,27 +25178,11 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/consent/:
+  /stages/dummy/:
     get:
-      operationId: stages_consent_list
-      description: ConsentStage Viewset
+      operationId: stages_dummy_list
+      description: DummyStage Viewset
       parameters:
-      - in: query
-        name: consent_expire_in
-        schema:
-          type: string
-      - in: query
-        name: mode
-        schema:
-          type: string
-          enum:
-          - always_require
-          - expiring
-          - permanent
-        description: |-
-          * `always_require` - Always Require
-          * `permanent` - Permanent
-          * `expiring` - Expiring
       - in: query
         name: name
         schema:
@@ -24575,6 +25216,10 @@ paths:
         schema:
           type: string
           format: uuid
+      - in: query
+        name: throw_error
+        schema:
+          type: boolean
       tags:
       - stages
       security:
@@ -24584,7 +25229,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedConsentStageList'
+                $ref: '#/components/schemas/PaginatedDummyStageList'
           description: ''
         '400':
           content:
@@ -24599,15 +25244,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_consent_create
-      description: ConsentStage Viewset
+      operationId: stages_dummy_create
+      description: DummyStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/ConsentStageRequest'
+              $ref: '#/components/schemas/DummyStageRequest'
         required: true
       security:
       - authentik: []
@@ -24616,7 +25261,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/ConsentStage'
+                $ref: '#/components/schemas/DummyStage'
           description: ''
         '400':
           content:
@@ -24630,17 +25275,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/consent/{stage_uuid}/:
+  /stages/dummy/{stage_uuid}/:
     get:
-      operationId: stages_consent_retrieve
-      description: ConsentStage Viewset
+      operationId: stages_dummy_retrieve
+      description: DummyStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Consent Stage.
+        description: A UUID string identifying this Dummy Stage.
         required: true
       tags:
       - stages
@@ -24651,7 +25296,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/ConsentStage'
+                $ref: '#/components/schemas/DummyStage'
           description: ''
         '400':
           content:
@@ -24666,15 +25311,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_consent_update
-      description: ConsentStage Viewset
+      operationId: stages_dummy_update
+      description: DummyStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Consent Stage.
+        description: A UUID string identifying this Dummy Stage.
         required: true
       tags:
       - stages
@@ -24682,7 +25327,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/ConsentStageRequest'
+              $ref: '#/components/schemas/DummyStageRequest'
         required: true
       security:
       - authentik: []
@@ -24691,7 +25336,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/ConsentStage'
+                $ref: '#/components/schemas/DummyStage'
           description: ''
         '400':
           content:
@@ -24706,15 +25351,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_consent_partial_update
-      description: ConsentStage Viewset
+      operationId: stages_dummy_partial_update
+      description: DummyStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Consent Stage.
+        description: A UUID string identifying this Dummy Stage.
         required: true
       tags:
       - stages
@@ -24722,7 +25367,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedConsentStageRequest'
+              $ref: '#/components/schemas/PatchedDummyStageRequest'
       security:
       - authentik: []
       responses:
@@ -24730,7 +25375,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/ConsentStage'
+                $ref: '#/components/schemas/DummyStage'
           description: ''
         '400':
           content:
@@ -24745,15 +25390,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_consent_destroy
-      description: ConsentStage Viewset
+      operationId: stages_dummy_destroy
+      description: DummyStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Consent Stage.
+        description: A UUID string identifying this Dummy Stage.
         required: true
       tags:
       - stages
@@ -24774,9 +25419,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/consent/{stage_uuid}/used_by/:
+  /stages/dummy/{stage_uuid}/used_by/:
     get:
-      operationId: stages_consent_used_by_list
+      operationId: stages_dummy_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -24784,7 +25429,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Consent Stage.
+        description: A UUID string identifying this Dummy Stage.
         required: true
       tags:
       - stages
@@ -24811,13 +25456,21 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/deny/:
+  /stages/email/:
     get:
-      operationId: stages_deny_list
-      description: DenyStage Viewset
+      operationId: stages_email_list
+      description: EmailStage Viewset
       parameters:
       - in: query
-        name: deny_message
+        name: activate_user_on_success
+        schema:
+          type: boolean
+      - in: query
+        name: from_address
+        schema:
+          type: string
+      - in: query
+        name: host
         schema:
           type: string
       - in: query
@@ -24842,6 +25495,10 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
+      - in: query
+        name: port
+        schema:
+          type: integer
       - name: search
         required: false
         in: query
@@ -24849,10 +25506,37 @@ paths:
         schema:
           type: string
       - in: query
-        name: stage_uuid
+        name: subject
+        schema:
+          type: string
+      - in: query
+        name: template
+        schema:
+          type: string
+      - in: query
+        name: timeout
+        schema:
+          type: integer
+      - in: query
+        name: token_expiry
+        schema:
+          type: integer
+      - in: query
+        name: use_global_settings
+        schema:
+          type: boolean
+      - in: query
+        name: use_ssl
+        schema:
+          type: boolean
+      - in: query
+        name: use_tls
+        schema:
+          type: boolean
+      - in: query
+        name: username
         schema:
           type: string
-          format: uuid
       tags:
       - stages
       security:
@@ -24862,7 +25546,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedDenyStageList'
+                $ref: '#/components/schemas/PaginatedEmailStageList'
           description: ''
         '400':
           content:
@@ -24877,15 +25561,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_deny_create
-      description: DenyStage Viewset
+      operationId: stages_email_create
+      description: EmailStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/DenyStageRequest'
+              $ref: '#/components/schemas/EmailStageRequest'
         required: true
       security:
       - authentik: []
@@ -24894,7 +25578,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/DenyStage'
+                $ref: '#/components/schemas/EmailStage'
           description: ''
         '400':
           content:
@@ -24908,17 +25592,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/deny/{stage_uuid}/:
+  /stages/email/{stage_uuid}/:
     get:
-      operationId: stages_deny_retrieve
-      description: DenyStage Viewset
+      operationId: stages_email_retrieve
+      description: EmailStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Deny Stage.
+        description: A UUID string identifying this Email Stage.
         required: true
       tags:
       - stages
@@ -24929,7 +25613,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/DenyStage'
+                $ref: '#/components/schemas/EmailStage'
           description: ''
         '400':
           content:
@@ -24944,15 +25628,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_deny_update
-      description: DenyStage Viewset
+      operationId: stages_email_update
+      description: EmailStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Deny Stage.
+        description: A UUID string identifying this Email Stage.
         required: true
       tags:
       - stages
@@ -24960,7 +25644,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/DenyStageRequest'
+              $ref: '#/components/schemas/EmailStageRequest'
         required: true
       security:
       - authentik: []
@@ -24969,7 +25653,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/DenyStage'
+                $ref: '#/components/schemas/EmailStage'
           description: ''
         '400':
           content:
@@ -24984,15 +25668,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_deny_partial_update
-      description: DenyStage Viewset
+      operationId: stages_email_partial_update
+      description: EmailStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Deny Stage.
+        description: A UUID string identifying this Email Stage.
         required: true
       tags:
       - stages
@@ -25000,7 +25684,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedDenyStageRequest'
+              $ref: '#/components/schemas/PatchedEmailStageRequest'
       security:
       - authentik: []
       responses:
@@ -25008,7 +25692,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/DenyStage'
+                $ref: '#/components/schemas/EmailStage'
           description: ''
         '400':
           content:
@@ -25023,15 +25707,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_deny_destroy
-      description: DenyStage Viewset
+      operationId: stages_email_destroy
+      description: EmailStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Deny Stage.
+        description: A UUID string identifying this Email Stage.
         required: true
       tags:
       - stages
@@ -25052,9 +25736,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/deny/{stage_uuid}/used_by/:
+  /stages/email/{stage_uuid}/used_by/:
     get:
-      operationId: stages_deny_used_by_list
+      operationId: stages_email_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -25062,7 +25746,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Deny Stage.
+        description: A UUID string identifying this Email Stage.
         required: true
       tags:
       - stages
@@ -25089,11 +25773,49 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/dummy/:
+  /stages/email/templates/:
     get:
-      operationId: stages_dummy_list
-      description: DummyStage Viewset
+      operationId: stages_email_templates_list
+      description: Get all available templates, including custom templates
+      tags:
+      - stages
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/TypeCreate'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /stages/identification/:
+    get:
+      operationId: stages_identification_list
+      description: IdentificationStage Viewset
       parameters:
+      - in: query
+        name: case_insensitive_matching
+        schema:
+          type: boolean
+      - in: query
+        name: enrollment_flow
+        schema:
+          type: string
+          format: uuid
       - in: query
         name: name
         schema:
@@ -25116,6 +25838,21 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
+      - in: query
+        name: password_stage
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: passwordless_flow
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: recovery_flow
+        schema:
+          type: string
+          format: uuid
       - name: search
         required: false
         in: query
@@ -25123,12 +25860,11 @@ paths:
         schema:
           type: string
       - in: query
-        name: stage_uuid
+        name: show_matched_user
         schema:
-          type: string
-          format: uuid
+          type: boolean
       - in: query
-        name: throw_error
+        name: show_source_labels
         schema:
           type: boolean
       tags:
@@ -25140,7 +25876,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedDummyStageList'
+                $ref: '#/components/schemas/PaginatedIdentificationStageList'
           description: ''
         '400':
           content:
@@ -25155,15 +25891,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_dummy_create
-      description: DummyStage Viewset
+      operationId: stages_identification_create
+      description: IdentificationStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/DummyStageRequest'
+              $ref: '#/components/schemas/IdentificationStageRequest'
         required: true
       security:
       - authentik: []
@@ -25172,7 +25908,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/DummyStage'
+                $ref: '#/components/schemas/IdentificationStage'
           description: ''
         '400':
           content:
@@ -25186,17 +25922,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/dummy/{stage_uuid}/:
+  /stages/identification/{stage_uuid}/:
     get:
-      operationId: stages_dummy_retrieve
-      description: DummyStage Viewset
+      operationId: stages_identification_retrieve
+      description: IdentificationStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Dummy Stage.
+        description: A UUID string identifying this Identification Stage.
         required: true
       tags:
       - stages
@@ -25207,7 +25943,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/DummyStage'
+                $ref: '#/components/schemas/IdentificationStage'
           description: ''
         '400':
           content:
@@ -25222,15 +25958,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_dummy_update
-      description: DummyStage Viewset
+      operationId: stages_identification_update
+      description: IdentificationStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Dummy Stage.
+        description: A UUID string identifying this Identification Stage.
         required: true
       tags:
       - stages
@@ -25238,7 +25974,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/DummyStageRequest'
+              $ref: '#/components/schemas/IdentificationStageRequest'
         required: true
       security:
       - authentik: []
@@ -25247,7 +25983,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/DummyStage'
+                $ref: '#/components/schemas/IdentificationStage'
           description: ''
         '400':
           content:
@@ -25262,15 +25998,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_dummy_partial_update
-      description: DummyStage Viewset
+      operationId: stages_identification_partial_update
+      description: IdentificationStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Dummy Stage.
+        description: A UUID string identifying this Identification Stage.
         required: true
       tags:
       - stages
@@ -25278,7 +26014,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedDummyStageRequest'
+              $ref: '#/components/schemas/PatchedIdentificationStageRequest'
       security:
       - authentik: []
       responses:
@@ -25286,7 +26022,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/DummyStage'
+                $ref: '#/components/schemas/IdentificationStage'
           description: ''
         '400':
           content:
@@ -25301,15 +26037,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_dummy_destroy
-      description: DummyStage Viewset
+      operationId: stages_identification_destroy
+      description: IdentificationStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Dummy Stage.
+        description: A UUID string identifying this Identification Stage.
         required: true
       tags:
       - stages
@@ -25330,9 +26066,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/dummy/{stage_uuid}/used_by/:
+  /stages/identification/{stage_uuid}/used_by/:
     get:
-      operationId: stages_dummy_used_by_list
+      operationId: stages_identification_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -25340,7 +26076,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Dummy Stage.
+        description: A UUID string identifying this Identification Stage.
         required: true
       tags:
       - stages
@@ -25367,21 +26103,22 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/email/:
+  /stages/invitation/invitations/:
     get:
-      operationId: stages_email_list
-      description: EmailStage Viewset
+      operationId: stages_invitation_invitations_list
+      description: Invitation Viewset
       parameters:
       - in: query
-        name: activate_user_on_success
+        name: created_by__username
         schema:
-          type: boolean
+          type: string
       - in: query
-        name: from_address
+        name: expires
         schema:
           type: string
+          format: date-time
       - in: query
-        name: host
+        name: flow__slug
         schema:
           type: string
       - in: query
@@ -25406,48 +26143,12 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
-      - in: query
-        name: port
-        schema:
-          type: integer
       - name: search
         required: false
         in: query
         description: A search term.
         schema:
           type: string
-      - in: query
-        name: subject
-        schema:
-          type: string
-      - in: query
-        name: template
-        schema:
-          type: string
-      - in: query
-        name: timeout
-        schema:
-          type: integer
-      - in: query
-        name: token_expiry
-        schema:
-          type: integer
-      - in: query
-        name: use_global_settings
-        schema:
-          type: boolean
-      - in: query
-        name: use_ssl
-        schema:
-          type: boolean
-      - in: query
-        name: use_tls
-        schema:
-          type: boolean
-      - in: query
-        name: username
-        schema:
-          type: string
       tags:
       - stages
       security:
@@ -25457,7 +26158,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedEmailStageList'
+                $ref: '#/components/schemas/PaginatedInvitationList'
           description: ''
         '400':
           content:
@@ -25472,15 +26173,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_email_create
-      description: EmailStage Viewset
+      operationId: stages_invitation_invitations_create
+      description: Invitation Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/EmailStageRequest'
+              $ref: '#/components/schemas/InvitationRequest'
         required: true
       security:
       - authentik: []
@@ -25489,7 +26190,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/EmailStage'
+                $ref: '#/components/schemas/Invitation'
           description: ''
         '400':
           content:
@@ -25503,17 +26204,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/email/{stage_uuid}/:
+  /stages/invitation/invitations/{invite_uuid}/:
     get:
-      operationId: stages_email_retrieve
-      description: EmailStage Viewset
+      operationId: stages_invitation_invitations_retrieve
+      description: Invitation Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: invite_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Email Stage.
+        description: A UUID string identifying this Invitation.
         required: true
       tags:
       - stages
@@ -25524,7 +26225,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/EmailStage'
+                $ref: '#/components/schemas/Invitation'
           description: ''
         '400':
           content:
@@ -25539,15 +26240,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_email_update
-      description: EmailStage Viewset
+      operationId: stages_invitation_invitations_update
+      description: Invitation Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: invite_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Email Stage.
+        description: A UUID string identifying this Invitation.
         required: true
       tags:
       - stages
@@ -25555,7 +26256,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/EmailStageRequest'
+              $ref: '#/components/schemas/InvitationRequest'
         required: true
       security:
       - authentik: []
@@ -25564,7 +26265,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/EmailStage'
+                $ref: '#/components/schemas/Invitation'
           description: ''
         '400':
           content:
@@ -25579,15 +26280,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_email_partial_update
-      description: EmailStage Viewset
+      operationId: stages_invitation_invitations_partial_update
+      description: Invitation Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: invite_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Email Stage.
+        description: A UUID string identifying this Invitation.
         required: true
       tags:
       - stages
@@ -25595,7 +26296,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedEmailStageRequest'
+              $ref: '#/components/schemas/PatchedInvitationRequest'
       security:
       - authentik: []
       responses:
@@ -25603,7 +26304,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/EmailStage'
+                $ref: '#/components/schemas/Invitation'
           description: ''
         '400':
           content:
@@ -25618,15 +26319,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_email_destroy
-      description: EmailStage Viewset
+      operationId: stages_invitation_invitations_destroy
+      description: Invitation Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: invite_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Email Stage.
+        description: A UUID string identifying this Invitation.
         required: true
       tags:
       - stages
@@ -25647,17 +26348,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/email/{stage_uuid}/used_by/:
+  /stages/invitation/invitations/{invite_uuid}/used_by/:
     get:
-      operationId: stages_email_used_by_list
+      operationId: stages_invitation_invitations_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
-        name: stage_uuid
+        name: invite_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Email Stage.
+        description: A UUID string identifying this Invitation.
         required: true
       tags:
       - stages
@@ -25684,53 +26385,23 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/email/templates/:
-    get:
-      operationId: stages_email_templates_list
-      description: Get all available templates, including custom templates
-      tags:
-      - stages
-      security:
-      - authentik: []
-      responses:
-        '200':
-          content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: '#/components/schemas/TypeCreate'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-  /stages/identification/:
+  /stages/invitation/stages/:
     get:
-      operationId: stages_identification_list
-      description: IdentificationStage Viewset
+      operationId: stages_invitation_stages_list
+      description: InvitationStage Viewset
       parameters:
       - in: query
-        name: case_insensitive_matching
+        name: continue_flow_without_invitation
         schema:
           type: boolean
       - in: query
-        name: enrollment_flow
+        name: name
         schema:
           type: string
-          format: uuid
       - in: query
-        name: name
+        name: no_flows
         schema:
-          type: string
+          type: boolean
       - name: ordering
         required: false
         in: query
@@ -25749,21 +26420,6 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
-      - in: query
-        name: password_stage
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: passwordless_flow
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: recovery_flow
-        schema:
-          type: string
-          format: uuid
       - name: search
         required: false
         in: query
@@ -25771,13 +26427,10 @@ paths:
         schema:
           type: string
       - in: query
-        name: show_matched_user
-        schema:
-          type: boolean
-      - in: query
-        name: show_source_labels
+        name: stage_uuid
         schema:
-          type: boolean
+          type: string
+          format: uuid
       tags:
       - stages
       security:
@@ -25787,7 +26440,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedIdentificationStageList'
+                $ref: '#/components/schemas/PaginatedInvitationStageList'
           description: ''
         '400':
           content:
@@ -25802,15 +26455,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_identification_create
-      description: IdentificationStage Viewset
+      operationId: stages_invitation_stages_create
+      description: InvitationStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/IdentificationStageRequest'
+              $ref: '#/components/schemas/InvitationStageRequest'
         required: true
       security:
       - authentik: []
@@ -25819,7 +26472,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/IdentificationStage'
+                $ref: '#/components/schemas/InvitationStage'
           description: ''
         '400':
           content:
@@ -25833,17 +26486,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/identification/{stage_uuid}/:
+  /stages/invitation/stages/{stage_uuid}/:
     get:
-      operationId: stages_identification_retrieve
-      description: IdentificationStage Viewset
+      operationId: stages_invitation_stages_retrieve
+      description: InvitationStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Identification Stage.
+        description: A UUID string identifying this Invitation Stage.
         required: true
       tags:
       - stages
@@ -25854,7 +26507,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/IdentificationStage'
+                $ref: '#/components/schemas/InvitationStage'
           description: ''
         '400':
           content:
@@ -25869,15 +26522,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_identification_update
-      description: IdentificationStage Viewset
+      operationId: stages_invitation_stages_update
+      description: InvitationStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Identification Stage.
+        description: A UUID string identifying this Invitation Stage.
         required: true
       tags:
       - stages
@@ -25885,7 +26538,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/IdentificationStageRequest'
+              $ref: '#/components/schemas/InvitationStageRequest'
         required: true
       security:
       - authentik: []
@@ -25894,7 +26547,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/IdentificationStage'
+                $ref: '#/components/schemas/InvitationStage'
           description: ''
         '400':
           content:
@@ -25909,15 +26562,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_identification_partial_update
-      description: IdentificationStage Viewset
+      operationId: stages_invitation_stages_partial_update
+      description: InvitationStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Identification Stage.
+        description: A UUID string identifying this Invitation Stage.
         required: true
       tags:
       - stages
@@ -25925,7 +26578,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedIdentificationStageRequest'
+              $ref: '#/components/schemas/PatchedInvitationStageRequest'
       security:
       - authentik: []
       responses:
@@ -25933,7 +26586,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/IdentificationStage'
+                $ref: '#/components/schemas/InvitationStage'
           description: ''
         '400':
           content:
@@ -25948,15 +26601,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_identification_destroy
-      description: IdentificationStage Viewset
+      operationId: stages_invitation_stages_destroy
+      description: InvitationStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Identification Stage.
+        description: A UUID string identifying this Invitation Stage.
         required: true
       tags:
       - stages
@@ -25977,9 +26630,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/identification/{stage_uuid}/used_by/:
+  /stages/invitation/stages/{stage_uuid}/used_by/:
     get:
-      operationId: stages_identification_used_by_list
+      operationId: stages_invitation_stages_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -25987,7 +26640,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Identification Stage.
+        description: A UUID string identifying this Invitation Stage.
         required: true
       tags:
       - stages
@@ -26014,24 +26667,20 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/invitation/invitations/:
+  /stages/password/:
     get:
-      operationId: stages_invitation_invitations_list
-      description: Invitation Viewset
+      operationId: stages_password_list
+      description: PasswordStage Viewset
       parameters:
       - in: query
-        name: created_by__username
-        schema:
-          type: string
-      - in: query
-        name: expires
+        name: configure_flow
         schema:
           type: string
-          format: date-time
+          format: uuid
       - in: query
-        name: flow__slug
+        name: failed_attempts_before_cancel
         schema:
-          type: string
+          type: integer
       - in: query
         name: name
         schema:
@@ -26069,7 +26718,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedInvitationList'
+                $ref: '#/components/schemas/PaginatedPasswordStageList'
           description: ''
         '400':
           content:
@@ -26084,15 +26733,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_invitation_invitations_create
-      description: Invitation Viewset
+      operationId: stages_password_create
+      description: PasswordStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/InvitationRequest'
+              $ref: '#/components/schemas/PasswordStageRequest'
         required: true
       security:
       - authentik: []
@@ -26101,7 +26750,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Invitation'
+                $ref: '#/components/schemas/PasswordStage'
           description: ''
         '400':
           content:
@@ -26115,17 +26764,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/invitation/invitations/{invite_uuid}/:
+  /stages/password/{stage_uuid}/:
     get:
-      operationId: stages_invitation_invitations_retrieve
-      description: Invitation Viewset
+      operationId: stages_password_retrieve
+      description: PasswordStage Viewset
       parameters:
       - in: path
-        name: invite_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation.
+        description: A UUID string identifying this Password Stage.
         required: true
       tags:
       - stages
@@ -26136,7 +26785,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Invitation'
+                $ref: '#/components/schemas/PasswordStage'
           description: ''
         '400':
           content:
@@ -26151,15 +26800,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_invitation_invitations_update
-      description: Invitation Viewset
+      operationId: stages_password_update
+      description: PasswordStage Viewset
       parameters:
       - in: path
-        name: invite_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation.
+        description: A UUID string identifying this Password Stage.
         required: true
       tags:
       - stages
@@ -26167,7 +26816,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/InvitationRequest'
+              $ref: '#/components/schemas/PasswordStageRequest'
         required: true
       security:
       - authentik: []
@@ -26176,7 +26825,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Invitation'
+                $ref: '#/components/schemas/PasswordStage'
           description: ''
         '400':
           content:
@@ -26191,15 +26840,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_invitation_invitations_partial_update
-      description: Invitation Viewset
+      operationId: stages_password_partial_update
+      description: PasswordStage Viewset
       parameters:
       - in: path
-        name: invite_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation.
+        description: A UUID string identifying this Password Stage.
         required: true
       tags:
       - stages
@@ -26207,7 +26856,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedInvitationRequest'
+              $ref: '#/components/schemas/PatchedPasswordStageRequest'
       security:
       - authentik: []
       responses:
@@ -26215,7 +26864,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Invitation'
+                $ref: '#/components/schemas/PasswordStage'
           description: ''
         '400':
           content:
@@ -26230,15 +26879,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_invitation_invitations_destroy
-      description: Invitation Viewset
+      operationId: stages_password_destroy
+      description: PasswordStage Viewset
       parameters:
       - in: path
-        name: invite_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation.
+        description: A UUID string identifying this Password Stage.
         required: true
       tags:
       - stages
@@ -26259,17 +26908,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/invitation/invitations/{invite_uuid}/used_by/:
+  /stages/password/{stage_uuid}/used_by/:
     get:
-      operationId: stages_invitation_invitations_used_by_list
+      operationId: stages_password_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
-        name: invite_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation.
+        description: A UUID string identifying this Password Stage.
         required: true
       tags:
       - stages
@@ -26296,23 +26945,23 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/invitation/stages/:
+  /stages/prompt/prompts/:
     get:
-      operationId: stages_invitation_stages_list
-      description: InvitationStage Viewset
+      operationId: stages_prompt_prompts_list
+      description: Prompt Viewset
       parameters:
       - in: query
-        name: continue_flow_without_invitation
+        name: field_key
         schema:
-          type: boolean
+          type: string
       - in: query
-        name: name
+        name: label
         schema:
           type: string
       - in: query
-        name: no_flows
+        name: name
         schema:
-          type: boolean
+          type: string
       - name: ordering
         required: false
         in: query
@@ -26331,6 +26980,10 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
+      - in: query
+        name: placeholder
+        schema:
+          type: string
       - name: search
         required: false
         in: query
@@ -26338,10 +26991,47 @@ paths:
         schema:
           type: string
       - in: query
-        name: stage_uuid
+        name: type
         schema:
           type: string
-          format: uuid
+          enum:
+          - ak-locale
+          - checkbox
+          - date
+          - date-time
+          - dropdown
+          - email
+          - file
+          - hidden
+          - number
+          - password
+          - radio-button-group
+          - separator
+          - static
+          - text
+          - text_area
+          - text_area_read_only
+          - text_read_only
+          - username
+        description: |-
+          * `text` - Text: Simple Text input
+          * `text_area` - Text area: Multiline Text Input.
+          * `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
+          * `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
+          * `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
+          * `email` - Email: Text field with Email type.
+          * `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
+          * `number` - Number
+          * `checkbox` - Checkbox
+          * `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
+          * `dropdown` - Fixed choice field rendered as a dropdown.
+          * `date` - Date
+          * `date-time` - Date Time
+          * `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
+          * `separator` - Separator: Static Separator Line
+          * `hidden` - Hidden: Hidden field, can be used to insert data into form.
+          * `static` - Static: Static value, displayed as-is.
+          * `ak-locale` - authentik: Selection of locales authentik supports
       tags:
       - stages
       security:
@@ -26351,7 +27041,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedInvitationStageList'
+                $ref: '#/components/schemas/PaginatedPromptList'
           description: ''
         '400':
           content:
@@ -26366,15 +27056,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_invitation_stages_create
-      description: InvitationStage Viewset
+      operationId: stages_prompt_prompts_create
+      description: Prompt Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/InvitationStageRequest'
+              $ref: '#/components/schemas/PromptRequest'
         required: true
       security:
       - authentik: []
@@ -26383,7 +27073,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/InvitationStage'
+                $ref: '#/components/schemas/Prompt'
           description: ''
         '400':
           content:
@@ -26397,17 +27087,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/invitation/stages/{stage_uuid}/:
+  /stages/prompt/prompts/{prompt_uuid}/:
     get:
-      operationId: stages_invitation_stages_retrieve
-      description: InvitationStage Viewset
+      operationId: stages_prompt_prompts_retrieve
+      description: Prompt Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: prompt_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation Stage.
+        description: A UUID string identifying this Prompt.
         required: true
       tags:
       - stages
@@ -26418,7 +27108,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/InvitationStage'
+                $ref: '#/components/schemas/Prompt'
           description: ''
         '400':
           content:
@@ -26433,15 +27123,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_invitation_stages_update
-      description: InvitationStage Viewset
+      operationId: stages_prompt_prompts_update
+      description: Prompt Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: prompt_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation Stage.
+        description: A UUID string identifying this Prompt.
         required: true
       tags:
       - stages
@@ -26449,7 +27139,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/InvitationStageRequest'
+              $ref: '#/components/schemas/PromptRequest'
         required: true
       security:
       - authentik: []
@@ -26458,7 +27148,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/InvitationStage'
+                $ref: '#/components/schemas/Prompt'
           description: ''
         '400':
           content:
@@ -26473,15 +27163,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_invitation_stages_partial_update
-      description: InvitationStage Viewset
+      operationId: stages_prompt_prompts_partial_update
+      description: Prompt Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: prompt_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation Stage.
+        description: A UUID string identifying this Prompt.
         required: true
       tags:
       - stages
@@ -26489,7 +27179,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedInvitationStageRequest'
+              $ref: '#/components/schemas/PatchedPromptRequest'
       security:
       - authentik: []
       responses:
@@ -26497,7 +27187,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/InvitationStage'
+                $ref: '#/components/schemas/Prompt'
           description: ''
         '400':
           content:
@@ -26512,15 +27202,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_invitation_stages_destroy
-      description: InvitationStage Viewset
+      operationId: stages_prompt_prompts_destroy
+      description: Prompt Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: prompt_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation Stage.
+        description: A UUID string identifying this Prompt.
         required: true
       tags:
       - stages
@@ -26541,17 +27231,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/invitation/stages/{stage_uuid}/used_by/:
+  /stages/prompt/prompts/{prompt_uuid}/used_by/:
     get:
-      operationId: stages_invitation_stages_used_by_list
+      operationId: stages_prompt_prompts_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
-        name: stage_uuid
+        name: prompt_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Invitation Stage.
+        description: A UUID string identifying this Prompt.
         required: true
       tags:
       - stages
@@ -26578,20 +27268,53 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/password/:
+  /stages/prompt/prompts/preview/:
+    post:
+      operationId: stages_prompt_prompts_preview_create
+      description: Preview a prompt as a challenge, just like a flow would receive
+      tags:
+      - stages
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/PromptRequest'
+        required: true
+      security:
+      - authentik: []
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/PromptChallenge'
+          description: ''
+        '400':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ValidationError'
+          description: ''
+        '403':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/GenericError'
+          description: ''
+  /stages/prompt/stages/:
     get:
-      operationId: stages_password_list
-      description: PasswordStage Viewset
+      operationId: stages_prompt_stages_list
+      description: PromptStage Viewset
       parameters:
       - in: query
-        name: configure_flow
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: failed_attempts_before_cancel
+        name: fields
         schema:
-          type: integer
+          type: array
+          items:
+            type: string
+            format: uuid
+        explode: true
+        style: form
       - in: query
         name: name
         schema:
@@ -26620,6 +27343,20 @@ paths:
         description: A search term.
         schema:
           type: string
+      - in: query
+        name: stage_uuid
+        schema:
+          type: string
+          format: uuid
+      - in: query
+        name: validation_policies
+        schema:
+          type: array
+          items:
+            type: string
+            format: uuid
+        explode: true
+        style: form
       tags:
       - stages
       security:
@@ -26629,7 +27366,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedPasswordStageList'
+                $ref: '#/components/schemas/PaginatedPromptStageList'
           description: ''
         '400':
           content:
@@ -26644,15 +27381,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_password_create
-      description: PasswordStage Viewset
+      operationId: stages_prompt_stages_create
+      description: PromptStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PasswordStageRequest'
+              $ref: '#/components/schemas/PromptStageRequest'
         required: true
       security:
       - authentik: []
@@ -26661,7 +27398,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PasswordStage'
+                $ref: '#/components/schemas/PromptStage'
           description: ''
         '400':
           content:
@@ -26675,17 +27412,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/password/{stage_uuid}/:
+  /stages/prompt/stages/{stage_uuid}/:
     get:
-      operationId: stages_password_retrieve
-      description: PasswordStage Viewset
+      operationId: stages_prompt_stages_retrieve
+      description: PromptStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Password Stage.
+        description: A UUID string identifying this Prompt Stage.
         required: true
       tags:
       - stages
@@ -26696,7 +27433,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PasswordStage'
+                $ref: '#/components/schemas/PromptStage'
           description: ''
         '400':
           content:
@@ -26711,15 +27448,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_password_update
-      description: PasswordStage Viewset
+      operationId: stages_prompt_stages_update
+      description: PromptStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Password Stage.
+        description: A UUID string identifying this Prompt Stage.
         required: true
       tags:
       - stages
@@ -26727,7 +27464,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PasswordStageRequest'
+              $ref: '#/components/schemas/PromptStageRequest'
         required: true
       security:
       - authentik: []
@@ -26736,7 +27473,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PasswordStage'
+                $ref: '#/components/schemas/PromptStage'
           description: ''
         '400':
           content:
@@ -26751,15 +27488,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_password_partial_update
-      description: PasswordStage Viewset
+      operationId: stages_prompt_stages_partial_update
+      description: PromptStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Password Stage.
+        description: A UUID string identifying this Prompt Stage.
         required: true
       tags:
       - stages
@@ -26767,7 +27504,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedPasswordStageRequest'
+              $ref: '#/components/schemas/PatchedPromptStageRequest'
       security:
       - authentik: []
       responses:
@@ -26775,7 +27512,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PasswordStage'
+                $ref: '#/components/schemas/PromptStage'
           description: ''
         '400':
           content:
@@ -26790,15 +27527,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_password_destroy
-      description: PasswordStage Viewset
+      operationId: stages_prompt_stages_destroy
+      description: PromptStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Password Stage.
+        description: A UUID string identifying this Prompt Stage.
         required: true
       tags:
       - stages
@@ -26819,9 +27556,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/password/{stage_uuid}/used_by/:
+  /stages/prompt/stages/{stage_uuid}/used_by/:
     get:
-      operationId: stages_password_used_by_list
+      operationId: stages_prompt_stages_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -26829,7 +27566,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Password Stage.
+        description: A UUID string identifying this Prompt Stage.
         required: true
       tags:
       - stages
@@ -26856,19 +27593,11 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/prompt/prompts/:
+  /stages/user_delete/:
     get:
-      operationId: stages_prompt_prompts_list
-      description: Prompt Viewset
+      operationId: stages_user_delete_list
+      description: UserDeleteStage Viewset
       parameters:
-      - in: query
-        name: field_key
-        schema:
-          type: string
-      - in: query
-        name: label
-        schema:
-          type: string
       - in: query
         name: name
         schema:
@@ -26891,10 +27620,6 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
-      - in: query
-        name: placeholder
-        schema:
-          type: string
       - name: search
         required: false
         in: query
@@ -26902,47 +27627,10 @@ paths:
         schema:
           type: string
       - in: query
-        name: type
+        name: stage_uuid
         schema:
           type: string
-          enum:
-          - ak-locale
-          - checkbox
-          - date
-          - date-time
-          - dropdown
-          - email
-          - file
-          - hidden
-          - number
-          - password
-          - radio-button-group
-          - separator
-          - static
-          - text
-          - text_area
-          - text_area_read_only
-          - text_read_only
-          - username
-        description: |-
-          * `text` - Text: Simple Text input
-          * `text_area` - Text area: Multiline Text Input.
-          * `text_read_only` - Text (read-only): Simple Text input, but cannot be edited.
-          * `text_area_read_only` - Text area (read-only): Multiline Text input, but cannot be edited.
-          * `username` - Username: Same as Text input, but checks for and prevents duplicate usernames.
-          * `email` - Email: Text field with Email type.
-          * `password` - Password: Masked input, multiple inputs of this type on the same prompt need to be identical.
-          * `number` - Number
-          * `checkbox` - Checkbox
-          * `radio-button-group` - Fixed choice field rendered as a group of radio buttons.
-          * `dropdown` - Fixed choice field rendered as a dropdown.
-          * `date` - Date
-          * `date-time` - Date Time
-          * `file` - File: File upload for arbitrary files. File content will be available in flow context as data-URI
-          * `separator` - Separator: Static Separator Line
-          * `hidden` - Hidden: Hidden field, can be used to insert data into form.
-          * `static` - Static: Static value, displayed as-is.
-          * `ak-locale` - authentik: Selection of locales authentik supports
+          format: uuid
       tags:
       - stages
       security:
@@ -26952,7 +27640,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedPromptList'
+                $ref: '#/components/schemas/PaginatedUserDeleteStageList'
           description: ''
         '400':
           content:
@@ -26967,15 +27655,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_prompt_prompts_create
-      description: Prompt Viewset
+      operationId: stages_user_delete_create
+      description: UserDeleteStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PromptRequest'
+              $ref: '#/components/schemas/UserDeleteStageRequest'
         required: true
       security:
       - authentik: []
@@ -26984,7 +27672,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Prompt'
+                $ref: '#/components/schemas/UserDeleteStage'
           description: ''
         '400':
           content:
@@ -26998,17 +27686,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/prompt/prompts/{prompt_uuid}/:
+  /stages/user_delete/{stage_uuid}/:
     get:
-      operationId: stages_prompt_prompts_retrieve
-      description: Prompt Viewset
+      operationId: stages_user_delete_retrieve
+      description: UserDeleteStage Viewset
       parameters:
       - in: path
-        name: prompt_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt.
+        description: A UUID string identifying this User Delete Stage.
         required: true
       tags:
       - stages
@@ -27019,7 +27707,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Prompt'
+                $ref: '#/components/schemas/UserDeleteStage'
           description: ''
         '400':
           content:
@@ -27034,15 +27722,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_prompt_prompts_update
-      description: Prompt Viewset
+      operationId: stages_user_delete_update
+      description: UserDeleteStage Viewset
       parameters:
       - in: path
-        name: prompt_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt.
+        description: A UUID string identifying this User Delete Stage.
         required: true
       tags:
       - stages
@@ -27050,7 +27738,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PromptRequest'
+              $ref: '#/components/schemas/UserDeleteStageRequest'
         required: true
       security:
       - authentik: []
@@ -27059,7 +27747,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Prompt'
+                $ref: '#/components/schemas/UserDeleteStage'
           description: ''
         '400':
           content:
@@ -27074,15 +27762,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_prompt_prompts_partial_update
-      description: Prompt Viewset
+      operationId: stages_user_delete_partial_update
+      description: UserDeleteStage Viewset
       parameters:
       - in: path
-        name: prompt_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt.
+        description: A UUID string identifying this User Delete Stage.
         required: true
       tags:
       - stages
@@ -27090,7 +27778,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedPromptRequest'
+              $ref: '#/components/schemas/PatchedUserDeleteStageRequest'
       security:
       - authentik: []
       responses:
@@ -27098,7 +27786,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/Prompt'
+                $ref: '#/components/schemas/UserDeleteStage'
           description: ''
         '400':
           content:
@@ -27113,15 +27801,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_prompt_prompts_destroy
-      description: Prompt Viewset
+      operationId: stages_user_delete_destroy
+      description: UserDeleteStage Viewset
       parameters:
       - in: path
-        name: prompt_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt.
+        description: A UUID string identifying this User Delete Stage.
         required: true
       tags:
       - stages
@@ -27142,17 +27830,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/prompt/prompts/{prompt_uuid}/used_by/:
+  /stages/user_delete/{stage_uuid}/used_by/:
     get:
-      operationId: stages_prompt_prompts_used_by_list
+      operationId: stages_user_delete_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
-        name: prompt_uuid
+        name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt.
+        description: A UUID string identifying this User Delete Stage.
         required: true
       tags:
       - stages
@@ -27179,57 +27867,47 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/prompt/prompts/preview/:
-    post:
-      operationId: stages_prompt_prompts_preview_create
-      description: Preview a prompt as a challenge, just like a flow would receive
-      tags:
-      - stages
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/PromptRequest'
-        required: true
-      security:
-      - authentik: []
-      responses:
-        '200':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/PromptChallenge'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-  /stages/prompt/stages/:
+  /stages/user_login/:
     get:
-      operationId: stages_prompt_stages_list
-      description: PromptStage Viewset
+      operationId: stages_user_login_list
+      description: UserLoginStage Viewset
       parameters:
       - in: query
-        name: fields
+        name: geoip_binding
         schema:
-          type: array
-          items:
-            type: string
-            format: uuid
-        explode: true
-        style: form
+          type: string
+          enum:
+          - bind_continent
+          - bind_continent_country
+          - bind_continent_country_city
+          - no_binding
+        description: |-
+          Bind sessions created by this stage to the configured GeoIP location
+
+          * `no_binding` - No Binding
+          * `bind_continent` - Bind Continent
+          * `bind_continent_country` - Bind Continent Country
+          * `bind_continent_country_city` - Bind Continent Country City
       - in: query
         name: name
         schema:
           type: string
+      - in: query
+        name: network_binding
+        schema:
+          type: string
+          enum:
+          - bind_asn
+          - bind_asn_network
+          - bind_asn_network_ip
+          - no_binding
+        description: |-
+          Bind sessions created by this stage to the configured network
+
+          * `no_binding` - No Binding
+          * `bind_asn` - Bind Asn
+          * `bind_asn_network` - Bind Asn Network
+          * `bind_asn_network_ip` - Bind Asn Network Ip
       - name: ordering
         required: false
         in: query
@@ -27248,26 +27926,29 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
+      - in: query
+        name: remember_me_offset
+        schema:
+          type: string
       - name: search
         required: false
         in: query
         description: A search term.
         schema:
           type: string
+      - in: query
+        name: session_duration
+        schema:
+          type: string
       - in: query
         name: stage_uuid
         schema:
           type: string
           format: uuid
       - in: query
-        name: validation_policies
+        name: terminate_other_sessions
         schema:
-          type: array
-          items:
-            type: string
-            format: uuid
-        explode: true
-        style: form
+          type: boolean
       tags:
       - stages
       security:
@@ -27277,7 +27958,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedPromptStageList'
+                $ref: '#/components/schemas/PaginatedUserLoginStageList'
           description: ''
         '400':
           content:
@@ -27292,15 +27973,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_prompt_stages_create
-      description: PromptStage Viewset
+      operationId: stages_user_login_create
+      description: UserLoginStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PromptStageRequest'
+              $ref: '#/components/schemas/UserLoginStageRequest'
         required: true
       security:
       - authentik: []
@@ -27309,7 +27990,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PromptStage'
+                $ref: '#/components/schemas/UserLoginStage'
           description: ''
         '400':
           content:
@@ -27323,17 +28004,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/prompt/stages/{stage_uuid}/:
+  /stages/user_login/{stage_uuid}/:
     get:
-      operationId: stages_prompt_stages_retrieve
-      description: PromptStage Viewset
+      operationId: stages_user_login_retrieve
+      description: UserLoginStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt Stage.
+        description: A UUID string identifying this User Login Stage.
         required: true
       tags:
       - stages
@@ -27344,7 +28025,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PromptStage'
+                $ref: '#/components/schemas/UserLoginStage'
           description: ''
         '400':
           content:
@@ -27359,15 +28040,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_prompt_stages_update
-      description: PromptStage Viewset
+      operationId: stages_user_login_update
+      description: UserLoginStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt Stage.
+        description: A UUID string identifying this User Login Stage.
         required: true
       tags:
       - stages
@@ -27375,7 +28056,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PromptStageRequest'
+              $ref: '#/components/schemas/UserLoginStageRequest'
         required: true
       security:
       - authentik: []
@@ -27384,7 +28065,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PromptStage'
+                $ref: '#/components/schemas/UserLoginStage'
           description: ''
         '400':
           content:
@@ -27399,15 +28080,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_prompt_stages_partial_update
-      description: PromptStage Viewset
+      operationId: stages_user_login_partial_update
+      description: UserLoginStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt Stage.
+        description: A UUID string identifying this User Login Stage.
         required: true
       tags:
       - stages
@@ -27415,7 +28096,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedPromptStageRequest'
+              $ref: '#/components/schemas/PatchedUserLoginStageRequest'
       security:
       - authentik: []
       responses:
@@ -27423,7 +28104,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PromptStage'
+                $ref: '#/components/schemas/UserLoginStage'
           description: ''
         '400':
           content:
@@ -27438,15 +28119,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_prompt_stages_destroy
-      description: PromptStage Viewset
+      operationId: stages_user_login_destroy
+      description: UserLoginStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt Stage.
+        description: A UUID string identifying this User Login Stage.
         required: true
       tags:
       - stages
@@ -27467,9 +28148,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/prompt/stages/{stage_uuid}/used_by/:
+  /stages/user_login/{stage_uuid}/used_by/:
     get:
-      operationId: stages_prompt_stages_used_by_list
+      operationId: stages_user_login_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -27477,7 +28158,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this Prompt Stage.
+        description: A UUID string identifying this User Login Stage.
         required: true
       tags:
       - stages
@@ -27504,10 +28185,10 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_delete/:
+  /stages/user_logout/:
     get:
-      operationId: stages_user_delete_list
-      description: UserDeleteStage Viewset
+      operationId: stages_user_logout_list
+      description: UserLogoutStage Viewset
       parameters:
       - in: query
         name: name
@@ -27551,7 +28232,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedUserDeleteStageList'
+                $ref: '#/components/schemas/PaginatedUserLogoutStageList'
           description: ''
         '400':
           content:
@@ -27566,15 +28247,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_user_delete_create
-      description: UserDeleteStage Viewset
+      operationId: stages_user_logout_create
+      description: UserLogoutStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/UserDeleteStageRequest'
+              $ref: '#/components/schemas/UserLogoutStageRequest'
         required: true
       security:
       - authentik: []
@@ -27583,7 +28264,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserDeleteStage'
+                $ref: '#/components/schemas/UserLogoutStage'
           description: ''
         '400':
           content:
@@ -27597,17 +28278,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_delete/{stage_uuid}/:
+  /stages/user_logout/{stage_uuid}/:
     get:
-      operationId: stages_user_delete_retrieve
-      description: UserDeleteStage Viewset
+      operationId: stages_user_logout_retrieve
+      description: UserLogoutStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Delete Stage.
+        description: A UUID string identifying this User Logout Stage.
         required: true
       tags:
       - stages
@@ -27618,7 +28299,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserDeleteStage'
+                $ref: '#/components/schemas/UserLogoutStage'
           description: ''
         '400':
           content:
@@ -27633,15 +28314,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_user_delete_update
-      description: UserDeleteStage Viewset
+      operationId: stages_user_logout_update
+      description: UserLogoutStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Delete Stage.
+        description: A UUID string identifying this User Logout Stage.
         required: true
       tags:
       - stages
@@ -27649,7 +28330,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/UserDeleteStageRequest'
+              $ref: '#/components/schemas/UserLogoutStageRequest'
         required: true
       security:
       - authentik: []
@@ -27658,7 +28339,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserDeleteStage'
+                $ref: '#/components/schemas/UserLogoutStage'
           description: ''
         '400':
           content:
@@ -27673,15 +28354,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_user_delete_partial_update
-      description: UserDeleteStage Viewset
+      operationId: stages_user_logout_partial_update
+      description: UserLogoutStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Delete Stage.
+        description: A UUID string identifying this User Logout Stage.
         required: true
       tags:
       - stages
@@ -27689,7 +28370,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedUserDeleteStageRequest'
+              $ref: '#/components/schemas/PatchedUserLogoutStageRequest'
       security:
       - authentik: []
       responses:
@@ -27697,7 +28378,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserDeleteStage'
+                $ref: '#/components/schemas/UserLogoutStage'
           description: ''
         '400':
           content:
@@ -27712,15 +28393,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_user_delete_destroy
-      description: UserDeleteStage Viewset
+      operationId: stages_user_logout_destroy
+      description: UserLogoutStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Delete Stage.
+        description: A UUID string identifying this User Logout Stage.
         required: true
       tags:
       - stages
@@ -27741,9 +28422,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_delete/{stage_uuid}/used_by/:
+  /stages/user_logout/{stage_uuid}/used_by/:
     get:
-      operationId: stages_user_delete_used_by_list
+      operationId: stages_user_logout_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -27751,7 +28432,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Delete Stage.
+        description: A UUID string identifying this User Logout Stage.
         required: true
       tags:
       - stages
@@ -27778,47 +28459,24 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_login/:
+  /stages/user_write/:
     get:
-      operationId: stages_user_login_list
-      description: UserLoginStage Viewset
+      operationId: stages_user_write_list
+      description: UserWriteStage Viewset
       parameters:
       - in: query
-        name: geoip_binding
+        name: create_users_as_inactive
         schema:
-          type: string
-          enum:
-          - bind_continent
-          - bind_continent_country
-          - bind_continent_country_city
-          - no_binding
-        description: |-
-          Bind sessions created by this stage to the configured GeoIP location
-
-          * `no_binding` - No Binding
-          * `bind_continent` - Bind Continent
-          * `bind_continent_country` - Bind Continent Country
-          * `bind_continent_country_city` - Bind Continent Country City
+          type: boolean
       - in: query
-        name: name
+        name: create_users_group
         schema:
           type: string
+          format: uuid
       - in: query
-        name: network_binding
+        name: name
         schema:
           type: string
-          enum:
-          - bind_asn
-          - bind_asn_network
-          - bind_asn_network_ip
-          - no_binding
-        description: |-
-          Bind sessions created by this stage to the configured network
-
-          * `no_binding` - No Binding
-          * `bind_asn` - Bind Asn
-          * `bind_asn_network` - Bind Asn Network
-          * `bind_asn_network_ip` - Bind Asn Network Ip
       - name: ordering
         required: false
         in: query
@@ -27837,10 +28495,6 @@ paths:
         description: Number of results to return per page.
         schema:
           type: integer
-      - in: query
-        name: remember_me_offset
-        schema:
-          type: string
       - name: search
         required: false
         in: query
@@ -27848,18 +28502,40 @@ paths:
         schema:
           type: string
       - in: query
-        name: session_duration
+        name: stage_uuid
         schema:
           type: string
+          format: uuid
       - in: query
-        name: stage_uuid
+        name: user_creation_mode
         schema:
           type: string
-          format: uuid
+          enum:
+          - always_create
+          - create_when_required
+          - never_create
+        description: |-
+          * `never_create` - Never Create
+          * `create_when_required` - Create When Required
+          * `always_create` - Always Create
       - in: query
-        name: terminate_other_sessions
+        name: user_path_template
         schema:
-          type: boolean
+          type: string
+      - in: query
+        name: user_type
+        schema:
+          type: string
+          enum:
+          - external
+          - internal
+          - internal_service_account
+          - service_account
+        description: |-
+          * `internal` - Internal
+          * `external` - External
+          * `service_account` - Service Account
+          * `internal_service_account` - Internal Service Account
       tags:
       - stages
       security:
@@ -27869,7 +28545,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedUserLoginStageList'
+                $ref: '#/components/schemas/PaginatedUserWriteStageList'
           description: ''
         '400':
           content:
@@ -27884,15 +28560,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_user_login_create
-      description: UserLoginStage Viewset
+      operationId: stages_user_write_create
+      description: UserWriteStage Viewset
       tags:
       - stages
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/UserLoginStageRequest'
+              $ref: '#/components/schemas/UserWriteStageRequest'
         required: true
       security:
       - authentik: []
@@ -27901,7 +28577,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserLoginStage'
+                $ref: '#/components/schemas/UserWriteStage'
           description: ''
         '400':
           content:
@@ -27915,17 +28591,17 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_login/{stage_uuid}/:
+  /stages/user_write/{stage_uuid}/:
     get:
-      operationId: stages_user_login_retrieve
-      description: UserLoginStage Viewset
+      operationId: stages_user_write_retrieve
+      description: UserWriteStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Login Stage.
+        description: A UUID string identifying this User Write Stage.
         required: true
       tags:
       - stages
@@ -27936,7 +28612,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserLoginStage'
+                $ref: '#/components/schemas/UserWriteStage'
           description: ''
         '400':
           content:
@@ -27951,15 +28627,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_user_login_update
-      description: UserLoginStage Viewset
+      operationId: stages_user_write_update
+      description: UserWriteStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Login Stage.
+        description: A UUID string identifying this User Write Stage.
         required: true
       tags:
       - stages
@@ -27967,7 +28643,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/UserLoginStageRequest'
+              $ref: '#/components/schemas/UserWriteStageRequest'
         required: true
       security:
       - authentik: []
@@ -27976,7 +28652,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserLoginStage'
+                $ref: '#/components/schemas/UserWriteStage'
           description: ''
         '400':
           content:
@@ -27991,15 +28667,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_user_login_partial_update
-      description: UserLoginStage Viewset
+      operationId: stages_user_write_partial_update
+      description: UserWriteStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Login Stage.
+        description: A UUID string identifying this User Write Stage.
         required: true
       tags:
       - stages
@@ -28007,7 +28683,7 @@ paths:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedUserLoginStageRequest'
+              $ref: '#/components/schemas/PatchedUserWriteStageRequest'
       security:
       - authentik: []
       responses:
@@ -28015,7 +28691,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserLoginStage'
+                $ref: '#/components/schemas/UserWriteStage'
           description: ''
         '400':
           content:
@@ -28030,15 +28706,15 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_user_login_destroy
-      description: UserLoginStage Viewset
+      operationId: stages_user_write_destroy
+      description: UserWriteStage Viewset
       parameters:
       - in: path
         name: stage_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Login Stage.
+        description: A UUID string identifying this User Write Stage.
         required: true
       tags:
       - stages
@@ -28059,9 +28735,9 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_login/{stage_uuid}/used_by/:
+  /stages/user_write/{stage_uuid}/used_by/:
     get:
-      operationId: stages_user_login_used_by_list
+      operationId: stages_user_write_used_by_list
       description: Get a list of all objects that use this object
       parameters:
       - in: path
@@ -28069,7 +28745,7 @@ paths:
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Login Stage.
+        description: A UUID string identifying this User Write Stage.
         required: true
       tags:
       - stages
@@ -28096,15 +28772,11 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_logout/:
+  /tenants/domains/:
     get:
-      operationId: stages_user_logout_list
-      description: UserLogoutStage Viewset
+      operationId: tenants_domains_list
+      description: Domain ViewSet
       parameters:
-      - in: query
-        name: name
-        schema:
-          type: string
       - name: ordering
         required: false
         in: query
@@ -28129,21 +28801,14 @@ paths:
         description: A search term.
         schema:
           type: string
-      - in: query
-        name: stage_uuid
-        schema:
-          type: string
-          format: uuid
       tags:
-      - stages
-      security:
-      - authentik: []
+      - tenants
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedUserLogoutStageList'
+                $ref: '#/components/schemas/PaginatedDomainList'
           description: ''
         '400':
           content:
@@ -28158,24 +28823,22 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_user_logout_create
-      description: UserLogoutStage Viewset
+      operationId: tenants_domains_create
+      description: Domain ViewSet
       tags:
-      - stages
+      - tenants
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/UserLogoutStageRequest'
+              $ref: '#/components/schemas/DomainRequest'
         required: true
-      security:
-      - authentik: []
       responses:
         '201':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserLogoutStage'
+                $ref: '#/components/schemas/Domain'
           description: ''
         '400':
           content:
@@ -28189,28 +28852,25 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_logout/{stage_uuid}/:
+  /tenants/domains/{id}/:
     get:
-      operationId: stages_user_logout_retrieve
-      description: UserLogoutStage Viewset
+      operationId: tenants_domains_retrieve
+      description: Domain ViewSet
       parameters:
       - in: path
-        name: stage_uuid
+        name: id
         schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this User Logout Stage.
+          type: integer
+        description: A unique integer value identifying this Domain.
         required: true
       tags:
-      - stages
-      security:
-      - authentik: []
+      - tenants
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserLogoutStage'
+                $ref: '#/components/schemas/Domain'
           description: ''
         '400':
           content:
@@ -28225,32 +28885,29 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_user_logout_update
-      description: UserLogoutStage Viewset
+      operationId: tenants_domains_update
+      description: Domain ViewSet
       parameters:
       - in: path
-        name: stage_uuid
+        name: id
         schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this User Logout Stage.
+          type: integer
+        description: A unique integer value identifying this Domain.
         required: true
       tags:
-      - stages
+      - tenants
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/UserLogoutStageRequest'
+              $ref: '#/components/schemas/DomainRequest'
         required: true
-      security:
-      - authentik: []
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserLogoutStage'
+                $ref: '#/components/schemas/Domain'
           description: ''
         '400':
           content:
@@ -28265,31 +28922,28 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_user_logout_partial_update
-      description: UserLogoutStage Viewset
+      operationId: tenants_domains_partial_update
+      description: Domain ViewSet
       parameters:
       - in: path
-        name: stage_uuid
+        name: id
         schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this User Logout Stage.
+          type: integer
+        description: A unique integer value identifying this Domain.
         required: true
       tags:
-      - stages
+      - tenants
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedUserLogoutStageRequest'
-      security:
-      - authentik: []
+              $ref: '#/components/schemas/PatchedDomainRequest'
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserLogoutStage'
+                $ref: '#/components/schemas/Domain'
           description: ''
         '400':
           content:
@@ -28304,20 +28958,17 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_user_logout_destroy
-      description: UserLogoutStage Viewset
+      operationId: tenants_domains_destroy
+      description: Domain ViewSet
       parameters:
       - in: path
-        name: stage_uuid
+        name: id
         schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this User Logout Stage.
+          type: integer
+        description: A unique integer value identifying this Domain.
         required: true
       tags:
-      - stages
-      security:
-      - authentik: []
+      - tenants
       responses:
         '204':
           description: No response body
@@ -28333,61 +28984,11 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_logout/{stage_uuid}/used_by/:
-    get:
-      operationId: stages_user_logout_used_by_list
-      description: Get a list of all objects that use this object
-      parameters:
-      - in: path
-        name: stage_uuid
-        schema:
-          type: string
-          format: uuid
-        description: A UUID string identifying this User Logout Stage.
-        required: true
-      tags:
-      - stages
-      security:
-      - authentik: []
-      responses:
-        '200':
-          content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: '#/components/schemas/UsedBy'
-          description: ''
-        '400':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/ValidationError'
-          description: ''
-        '403':
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/GenericError'
-          description: ''
-  /stages/user_write/:
+  /tenants/tenants/:
     get:
-      operationId: stages_user_write_list
-      description: UserWriteStage Viewset
+      operationId: tenants_tenants_list
+      description: Tenant Viewset
       parameters:
-      - in: query
-        name: create_users_as_inactive
-        schema:
-          type: boolean
-      - in: query
-        name: create_users_group
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: name
-        schema:
-          type: string
       - name: ordering
         required: false
         in: query
@@ -28412,51 +29013,14 @@ paths:
         description: A search term.
         schema:
           type: string
-      - in: query
-        name: stage_uuid
-        schema:
-          type: string
-          format: uuid
-      - in: query
-        name: user_creation_mode
-        schema:
-          type: string
-          enum:
-          - always_create
-          - create_when_required
-          - never_create
-        description: |-
-          * `never_create` - Never Create
-          * `create_when_required` - Create When Required
-          * `always_create` - Always Create
-      - in: query
-        name: user_path_template
-        schema:
-          type: string
-      - in: query
-        name: user_type
-        schema:
-          type: string
-          enum:
-          - external
-          - internal
-          - internal_service_account
-          - service_account
-        description: |-
-          * `internal` - Internal
-          * `external` - External
-          * `service_account` - Service Account
-          * `internal_service_account` - Internal Service Account
       tags:
-      - stages
-      security:
-      - authentik: []
+      - tenants
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/PaginatedUserWriteStageList'
+                $ref: '#/components/schemas/PaginatedTenantList'
           description: ''
         '400':
           content:
@@ -28471,24 +29035,22 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     post:
-      operationId: stages_user_write_create
-      description: UserWriteStage Viewset
+      operationId: tenants_tenants_create
+      description: Tenant Viewset
       tags:
-      - stages
+      - tenants
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/UserWriteStageRequest'
+              $ref: '#/components/schemas/TenantRequest'
         required: true
-      security:
-      - authentik: []
       responses:
         '201':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserWriteStage'
+                $ref: '#/components/schemas/Tenant'
           description: ''
         '400':
           content:
@@ -28502,28 +29064,26 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_write/{stage_uuid}/:
+  /tenants/tenants/{tenant_uuid}/:
     get:
-      operationId: stages_user_write_retrieve
-      description: UserWriteStage Viewset
+      operationId: tenants_tenants_retrieve
+      description: Tenant Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: tenant_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Write Stage.
+        description: A UUID string identifying this Tenant.
         required: true
       tags:
-      - stages
-      security:
-      - authentik: []
+      - tenants
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserWriteStage'
+                $ref: '#/components/schemas/Tenant'
           description: ''
         '400':
           content:
@@ -28538,32 +29098,30 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     put:
-      operationId: stages_user_write_update
-      description: UserWriteStage Viewset
+      operationId: tenants_tenants_update
+      description: Tenant Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: tenant_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Write Stage.
+        description: A UUID string identifying this Tenant.
         required: true
       tags:
-      - stages
+      - tenants
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/UserWriteStageRequest'
+              $ref: '#/components/schemas/TenantRequest'
         required: true
-      security:
-      - authentik: []
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserWriteStage'
+                $ref: '#/components/schemas/Tenant'
           description: ''
         '400':
           content:
@@ -28578,31 +29136,29 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     patch:
-      operationId: stages_user_write_partial_update
-      description: UserWriteStage Viewset
+      operationId: tenants_tenants_partial_update
+      description: Tenant Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: tenant_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Write Stage.
+        description: A UUID string identifying this Tenant.
         required: true
       tags:
-      - stages
+      - tenants
       requestBody:
         content:
           application/json:
             schema:
-              $ref: '#/components/schemas/PatchedUserWriteStageRequest'
-      security:
-      - authentik: []
+              $ref: '#/components/schemas/PatchedTenantRequest'
       responses:
         '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/UserWriteStage'
+                $ref: '#/components/schemas/Tenant'
           description: ''
         '400':
           content:
@@ -28617,20 +29173,18 @@ paths:
                 $ref: '#/components/schemas/GenericError'
           description: ''
     delete:
-      operationId: stages_user_write_destroy
-      description: UserWriteStage Viewset
+      operationId: tenants_tenants_destroy
+      description: Tenant Viewset
       parameters:
       - in: path
-        name: stage_uuid
+        name: tenant_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Write Stage.
+        description: A UUID string identifying this Tenant.
         required: true
       tags:
-      - stages
-      security:
-      - authentik: []
+      - tenants
       responses:
         '204':
           description: No response body
@@ -28646,37 +29200,70 @@ paths:
               schema:
                 $ref: '#/components/schemas/GenericError'
           description: ''
-  /stages/user_write/{stage_uuid}/used_by/:
-    get:
-      operationId: stages_user_write_used_by_list
-      description: Get a list of all objects that use this object
+  /tenants/tenants/{tenant_uuid}/create_admin_group/:
+    post:
+      operationId: tenants_tenants_create_admin_group_create
+      description: Create admin group and add user to it.
       parameters:
       - in: path
-        name: stage_uuid
+        name: tenant_uuid
         schema:
           type: string
           format: uuid
-        description: A UUID string identifying this User Write Stage.
+        description: A UUID string identifying this Tenant.
         required: true
       tags:
-      - stages
-      security:
-      - authentik: []
+      - tenants
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/TenantAdminGroupRequestRequest'
+        required: true
       responses:
-        '200':
+        '204':
+          description: Group created successfully.
+        '400':
+          description: Bad request
+        '404':
+          description: User not found
+        '403':
           content:
             application/json:
               schema:
-                type: array
-                items:
-                  $ref: '#/components/schemas/UsedBy'
+                $ref: '#/components/schemas/GenericError'
           description: ''
-        '400':
+  /tenants/tenants/{tenant_uuid}/create_recovery_key/:
+    post:
+      operationId: tenants_tenants_create_recovery_key_create
+      description: Create recovery key for user.
+      parameters:
+      - in: path
+        name: tenant_uuid
+        schema:
+          type: string
+          format: uuid
+        description: A UUID string identifying this Tenant.
+        required: true
+      tags:
+      - tenants
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/TenantRecoveryKeyRequestRequest'
+        required: true
+      responses:
+        '200':
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/ValidationError'
+                $ref: '#/components/schemas/TenantRecoveryKeyResponse'
           description: ''
+        '400':
+          description: Bad request
+        '404':
+          description: User not found
         '403':
           content:
             application/json:
@@ -28725,6 +29312,7 @@ components:
       - name
     AppEnum:
       enum:
+      - authentik.tenants
       - authentik.admin
       - authentik.api
       - authentik.crypto
@@ -28770,13 +29358,14 @@ components:
       - authentik.stages.user_login
       - authentik.stages.user_logout
       - authentik.stages.user_write
-      - authentik.tenants
+      - authentik.brands
       - authentik.blueprints
       - authentik.core
       - authentik.enterprise
       - authentik.enterprise.providers.rac
       type: string
       description: |-
+        * `authentik.tenants` - authentik Tenants
         * `authentik.admin` - authentik Admin
         * `authentik.api` - authentik API
         * `authentik.crypto` - authentik Crypto
@@ -28822,7 +29411,7 @@ components:
         * `authentik.stages.user_login` - authentik Stages.User Login
         * `authentik.stages.user_logout` - authentik Stages.User Logout
         * `authentik.stages.user_write` - authentik Stages.User Write
-        * `authentik.tenants` - authentik Tenants
+        * `authentik.brands` - authentik Brands
         * `authentik.blueprints` - authentik Blueprints
         * `authentik.core` - authentik Core
         * `authentik.enterprise` - authentik Enterprise
@@ -30159,6 +30748,111 @@ components:
         * `error` - Error
         * `orphaned` - Orphaned
         * `unknown` - Unknown
+    Brand:
+      type: object
+      description: Brand Serializer
+      properties:
+        brand_uuid:
+          type: string
+          format: uuid
+          readOnly: true
+        domain:
+          type: string
+          description: Domain that activates this brand. Can be a superset, i.e. `a.b`
+            for `aa.b` and `ba.b`
+        default:
+          type: boolean
+        branding_title:
+          type: string
+        branding_logo:
+          type: string
+        branding_favicon:
+          type: string
+        flow_authentication:
+          type: string
+          format: uuid
+          nullable: true
+        flow_invalidation:
+          type: string
+          format: uuid
+          nullable: true
+        flow_recovery:
+          type: string
+          format: uuid
+          nullable: true
+        flow_unenrollment:
+          type: string
+          format: uuid
+          nullable: true
+        flow_user_settings:
+          type: string
+          format: uuid
+          nullable: true
+        flow_device_code:
+          type: string
+          format: uuid
+          nullable: true
+        web_certificate:
+          type: string
+          format: uuid
+          nullable: true
+          description: Web Certificate used by the authentik Core webserver.
+        attributes: {}
+      required:
+      - brand_uuid
+      - domain
+    BrandRequest:
+      type: object
+      description: Brand Serializer
+      properties:
+        domain:
+          type: string
+          minLength: 1
+          description: Domain that activates this brand. Can be a superset, i.e. `a.b`
+            for `aa.b` and `ba.b`
+        default:
+          type: boolean
+        branding_title:
+          type: string
+          minLength: 1
+        branding_logo:
+          type: string
+          minLength: 1
+        branding_favicon:
+          type: string
+          minLength: 1
+        flow_authentication:
+          type: string
+          format: uuid
+          nullable: true
+        flow_invalidation:
+          type: string
+          format: uuid
+          nullable: true
+        flow_recovery:
+          type: string
+          format: uuid
+          nullable: true
+        flow_unenrollment:
+          type: string
+          format: uuid
+          nullable: true
+        flow_user_settings:
+          type: string
+          format: uuid
+          nullable: true
+        flow_device_code:
+          type: string
+          format: uuid
+          nullable: true
+        web_certificate:
+          type: string
+          format: uuid
+          nullable: true
+          description: Web Certificate used by the authentik Core webserver.
+        attributes: {}
+      required:
+      - domain
     Cache:
       type: object
       description: Generic cache stats for an object
@@ -30691,9 +31385,9 @@ components:
       required:
       - x_cord
       - y_cord
-    CurrentTenant:
+    CurrentBrand:
       type: object
-      description: Partial tenant information for styling
+      description: Partial brand information for styling
       properties:
         matched_domain:
           type: string
@@ -30708,7 +31402,6 @@ components:
           items:
             $ref: '#/components/schemas/FooterLink'
           readOnly: true
-          default: []
         ui_theme:
           allOf:
           - $ref: '#/components/schemas/UiThemeEnum'
@@ -30989,6 +31682,41 @@ components:
       required:
       - name
       - url
+    Domain:
+      type: object
+      description: Domain Serializer
+      properties:
+        id:
+          type: integer
+          readOnly: true
+        domain:
+          type: string
+          maxLength: 253
+        is_primary:
+          type: boolean
+        tenant:
+          type: string
+          format: uuid
+      required:
+      - domain
+      - id
+      - tenant
+    DomainRequest:
+      type: object
+      description: Domain Serializer
+      properties:
+        domain:
+          type: string
+          minLength: 1
+          maxLength: 253
+        is_primary:
+          type: boolean
+        tenant:
+          type: string
+          format: uuid
+      required:
+      - domain
+      - tenant
     DummyChallenge:
       type: object
       description: Dummy challenge
@@ -31492,7 +32220,7 @@ components:
         expires:
           type: string
           format: date-time
-        tenant: {}
+        brand: {}
       required:
       - action
       - app
@@ -31637,6 +32365,7 @@ components:
           description: |-
             Match events created by selected application. When left empty, all applications are matched.
 
+            * `authentik.tenants` - authentik Tenants
             * `authentik.admin` - authentik Admin
             * `authentik.api` - authentik API
             * `authentik.crypto` - authentik Crypto
@@ -31682,7 +32411,7 @@ components:
             * `authentik.stages.user_login` - authentik Stages.User Login
             * `authentik.stages.user_logout` - authentik Stages.User Logout
             * `authentik.stages.user_write` - authentik Stages.User Write
-            * `authentik.tenants` - authentik Tenants
+            * `authentik.brands` - authentik Brands
             * `authentik.blueprints` - authentik Blueprints
             * `authentik.core` - authentik Core
             * `authentik.enterprise` - authentik Enterprise
@@ -31694,6 +32423,7 @@ components:
           description: |-
             Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
 
+            * `authentik_tenants.domain` - Domain
             * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
             * `authentik_events.event` - Event
             * `authentik_events.notificationtransport` - Notification Transport
@@ -31761,7 +32491,7 @@ components:
             * `authentik_stages_user_login.userloginstage` - User Login Stage
             * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
             * `authentik_stages_user_write.userwritestage` - User Write Stage
-            * `authentik_tenants.tenant` - Tenant
+            * `authentik_brands.brand` - Brand
             * `authentik_blueprints.blueprintinstance` - Blueprint Instance
             * `authentik_core.group` - Group
             * `authentik_core.user` - User
@@ -31837,6 +32567,7 @@ components:
           description: |-
             Match events created by selected application. When left empty, all applications are matched.
 
+            * `authentik.tenants` - authentik Tenants
             * `authentik.admin` - authentik Admin
             * `authentik.api` - authentik API
             * `authentik.crypto` - authentik Crypto
@@ -31882,7 +32613,7 @@ components:
             * `authentik.stages.user_login` - authentik Stages.User Login
             * `authentik.stages.user_logout` - authentik Stages.User Logout
             * `authentik.stages.user_write` - authentik Stages.User Write
-            * `authentik.tenants` - authentik Tenants
+            * `authentik.brands` - authentik Brands
             * `authentik.blueprints` - authentik Blueprints
             * `authentik.core` - authentik Core
             * `authentik.enterprise` - authentik Enterprise
@@ -31894,6 +32625,7 @@ components:
           description: |-
             Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
 
+            * `authentik_tenants.domain` - Domain
             * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
             * `authentik_events.event` - Event
             * `authentik_events.notificationtransport` - Notification Transport
@@ -31961,7 +32693,7 @@ components:
             * `authentik_stages_user_login.userloginstage` - User Login Stage
             * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
             * `authentik_stages_user_write.userwritestage` - User Write Stage
-            * `authentik_tenants.tenant` - Tenant
+            * `authentik_brands.brand` - Brand
             * `authentik_blueprints.blueprintinstance` - Blueprint Instance
             * `authentik_core.group` - Group
             * `authentik_core.user` - User
@@ -31991,7 +32723,7 @@ components:
         expires:
           type: string
           format: date-time
-        tenant: {}
+        brand: {}
       required:
       - action
       - app
@@ -34212,6 +34944,7 @@ components:
       - name
     ModelEnum:
       enum:
+      - authentik_tenants.domain
       - authentik_crypto.certificatekeypair
       - authentik_events.event
       - authentik_events.notificationtransport
@@ -34279,7 +35012,7 @@ components:
       - authentik_stages_user_login.userloginstage
       - authentik_stages_user_logout.userlogoutstage
       - authentik_stages_user_write.userwritestage
-      - authentik_tenants.tenant
+      - authentik_brands.brand
       - authentik_blueprints.blueprintinstance
       - authentik_core.group
       - authentik_core.user
@@ -34291,6 +35024,7 @@ components:
       - authentik_providers_rac.racpropertymapping
       type: string
       description: |-
+        * `authentik_tenants.domain` - Domain
         * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
         * `authentik_events.event` - Event
         * `authentik_events.notificationtransport` - Notification Transport
@@ -34358,7 +35092,7 @@ components:
         * `authentik_stages_user_login.userloginstage` - User Login Stage
         * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
         * `authentik_stages_user_write.userwritestage` - User Write Stage
-        * `authentik_tenants.tenant` - Tenant
+        * `authentik_brands.brand` - Brand
         * `authentik_blueprints.blueprintinstance` - Blueprint Instance
         * `authentik_core.group` - Group
         * `authentik_core.user` - User
@@ -35469,6 +36203,18 @@ components:
       required:
       - pagination
       - results
+    PaginatedBrandList:
+      type: object
+      properties:
+        pagination:
+          $ref: '#/components/schemas/Pagination'
+        results:
+          type: array
+          items:
+            $ref: '#/components/schemas/Brand'
+      required:
+      - pagination
+      - results
     PaginatedCaptchaStageList:
       type: object
       properties:
@@ -35529,6 +36275,18 @@ components:
       required:
       - pagination
       - results
+    PaginatedDomainList:
+      type: object
+      properties:
+        pagination:
+          $ref: '#/components/schemas/Pagination'
+        results:
+          type: array
+          items:
+            $ref: '#/components/schemas/Domain'
+      required:
+      - pagination
+      - results
     PaginatedDummyPolicyList:
       type: object
       properties:
@@ -37088,6 +37846,56 @@ components:
           type: boolean
         content:
           type: string
+    PatchedBrandRequest:
+      type: object
+      description: Brand Serializer
+      properties:
+        domain:
+          type: string
+          minLength: 1
+          description: Domain that activates this brand. Can be a superset, i.e. `a.b`
+            for `aa.b` and `ba.b`
+        default:
+          type: boolean
+        branding_title:
+          type: string
+          minLength: 1
+        branding_logo:
+          type: string
+          minLength: 1
+        branding_favicon:
+          type: string
+          minLength: 1
+        flow_authentication:
+          type: string
+          format: uuid
+          nullable: true
+        flow_invalidation:
+          type: string
+          format: uuid
+          nullable: true
+        flow_recovery:
+          type: string
+          format: uuid
+          nullable: true
+        flow_unenrollment:
+          type: string
+          format: uuid
+          nullable: true
+        flow_user_settings:
+          type: string
+          format: uuid
+          nullable: true
+        flow_device_code:
+          type: string
+          format: uuid
+          nullable: true
+        web_certificate:
+          type: string
+          format: uuid
+          nullable: true
+          description: Web Certificate used by the authentik Core webserver.
+        attributes: {}
     PatchedCaptchaStageRequest:
       type: object
       description: CaptchaStage Serializer
@@ -37191,6 +37999,19 @@ components:
           nullable: true
           description: Certificate/Key used for authentication. Can be left empty
             for no authentication.
+    PatchedDomainRequest:
+      type: object
+      description: Domain Serializer
+      properties:
+        domain:
+          type: string
+          minLength: 1
+          maxLength: 253
+        is_primary:
+          type: boolean
+        tenant:
+          type: string
+          format: uuid
     PatchedDummyPolicyRequest:
       type: object
       description: Dummy Policy Serializer
@@ -37372,6 +38193,7 @@ components:
           description: |-
             Match events created by selected application. When left empty, all applications are matched.
 
+            * `authentik.tenants` - authentik Tenants
             * `authentik.admin` - authentik Admin
             * `authentik.api` - authentik API
             * `authentik.crypto` - authentik Crypto
@@ -37417,7 +38239,7 @@ components:
             * `authentik.stages.user_login` - authentik Stages.User Login
             * `authentik.stages.user_logout` - authentik Stages.User Logout
             * `authentik.stages.user_write` - authentik Stages.User Write
-            * `authentik.tenants` - authentik Tenants
+            * `authentik.brands` - authentik Brands
             * `authentik.blueprints` - authentik Blueprints
             * `authentik.core` - authentik Core
             * `authentik.enterprise` - authentik Enterprise
@@ -37429,6 +38251,7 @@ components:
           description: |-
             Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
 
+            * `authentik_tenants.domain` - Domain
             * `authentik_crypto.certificatekeypair` - Certificate-Key Pair
             * `authentik_events.event` - Event
             * `authentik_events.notificationtransport` - Notification Transport
@@ -37496,7 +38319,7 @@ components:
             * `authentik_stages_user_login.userloginstage` - User Login Stage
             * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage
             * `authentik_stages_user_write.userwritestage` - User Write Stage
-            * `authentik_tenants.tenant` - Tenant
+            * `authentik_brands.brand` - Brand
             * `authentik_blueprints.blueprintinstance` - Blueprint Instance
             * `authentik_core.group` - Group
             * `authentik_core.user` - User
@@ -37524,7 +38347,7 @@ components:
         expires:
           type: string
           format: date-time
-        tenant: {}
+        brand: {}
     PatchedExpressionPolicyRequest:
       type: object
       description: Group Membership Policy Serializer
@@ -39049,6 +39872,37 @@ components:
           type: string
           description: Description shown to the user when consenting. If left empty,
             the user won't be informed.
+    PatchedSettingsRequest:
+      type: object
+      description: Settings Serializer
+      properties:
+        avatars:
+          type: string
+          minLength: 1
+          description: Configure how authentik should show avatars for users.
+        default_user_change_name:
+          type: boolean
+          description: Enable the ability for users to change their name.
+        default_user_change_email:
+          type: boolean
+          description: Enable the ability for users to change their email address.
+        default_user_change_username:
+          type: boolean
+          description: Enable the ability for users to change their username.
+        event_retention:
+          type: string
+          minLength: 1
+          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
+        footer_links:
+          description: The option configures the footer links on the flow executor
+            pages.
+        gdpr_compliance:
+          type: boolean
+          description: When enabled, all the events caused by a user will be deleted
+            upon the user's deletion.
+        impersonation:
+          type: boolean
+          description: Globally enable/disable impersonation.
     PatchedStaticDeviceRequest:
       type: object
       description: Serializer for static authenticator devices
@@ -39071,56 +39925,15 @@ components:
       type: object
       description: Tenant Serializer
       properties:
-        domain:
+        schema_name:
           type: string
           minLength: 1
-          description: Domain that activates this tenant. Can be a superset, i.e.
-            `a.b` for `aa.b` and `ba.b`
-        default:
-          type: boolean
-        branding_title:
-          type: string
-          minLength: 1
-        branding_logo:
-          type: string
-          minLength: 1
-        branding_favicon:
-          type: string
-          minLength: 1
-        flow_authentication:
-          type: string
-          format: uuid
-          nullable: true
-        flow_invalidation:
-          type: string
-          format: uuid
-          nullable: true
-        flow_recovery:
-          type: string
-          format: uuid
-          nullable: true
-        flow_unenrollment:
-          type: string
-          format: uuid
-          nullable: true
-        flow_user_settings:
-          type: string
-          format: uuid
-          nullable: true
-        flow_device_code:
-          type: string
-          format: uuid
-          nullable: true
-        event_retention:
+          maxLength: 63
+        name:
           type: string
           minLength: 1
-          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
-        web_certificate:
-          type: string
-          format: uuid
-          nullable: true
-          description: Web Certificate used by the authentik Core webserver.
-        attributes: {}
+        ready:
+          type: boolean
     PatchedTokenRequest:
       type: object
       description: Token Serializer
@@ -42189,6 +43002,66 @@ components:
           $ref: '#/components/schemas/UserSelf'
       required:
       - user
+    Settings:
+      type: object
+      description: Settings Serializer
+      properties:
+        avatars:
+          type: string
+          description: Configure how authentik should show avatars for users.
+        default_user_change_name:
+          type: boolean
+          description: Enable the ability for users to change their name.
+        default_user_change_email:
+          type: boolean
+          description: Enable the ability for users to change their email address.
+        default_user_change_username:
+          type: boolean
+          description: Enable the ability for users to change their username.
+        event_retention:
+          type: string
+          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
+        footer_links:
+          description: The option configures the footer links on the flow executor
+            pages.
+        gdpr_compliance:
+          type: boolean
+          description: When enabled, all the events caused by a user will be deleted
+            upon the user's deletion.
+        impersonation:
+          type: boolean
+          description: Globally enable/disable impersonation.
+    SettingsRequest:
+      type: object
+      description: Settings Serializer
+      properties:
+        avatars:
+          type: string
+          minLength: 1
+          description: Configure how authentik should show avatars for users.
+        default_user_change_name:
+          type: boolean
+          description: Enable the ability for users to change their name.
+        default_user_change_email:
+          type: boolean
+          description: Enable the ability for users to change their email address.
+        default_user_change_username:
+          type: boolean
+          description: Enable the ability for users to change their username.
+        event_retention:
+          type: string
+          minLength: 1
+          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
+        footer_links:
+          description: The option configures the footer links on the flow executor
+            pages.
+        gdpr_compliance:
+          type: boolean
+          description: When enabled, all the events caused by a user will be deleted
+            upon the user's deletion.
+        impersonation:
+          type: boolean
+          description: Globally enable/disable impersonation.
     SeverityEnum:
       enum:
       - notice
@@ -42613,27 +43486,32 @@ components:
           - python_version
           - uname
           readOnly: true
-        tenant:
+        brand:
           type: string
-          description: Currently active tenant
+          description: Currently active brand
           readOnly: true
         server_time:
           type: string
           format: date-time
           description: Current server time
           readOnly: true
+        embedded_outpost_disabled:
+          type: boolean
+          description: Whether the embedded outpost is disabled
+          readOnly: true
         embedded_outpost_host:
           type: string
           description: Get the FQDN configured on the embedded outpost
           readOnly: true
       required:
+      - brand
+      - embedded_outpost_disabled
       - embedded_outpost_host
       - http_headers
       - http_host
       - http_is_secure
       - runtime
       - server_time
-      - tenant
     TOTPDevice:
       type: object
       description: Serializer for totp authenticator devices
@@ -42707,110 +43585,66 @@ components:
           type: string
           format: uuid
           readOnly: true
-        domain:
-          type: string
-          description: Domain that activates this tenant. Can be a superset, i.e.
-            `a.b` for `aa.b` and `ba.b`
-        default:
-          type: boolean
-        branding_title:
+        schema_name:
           type: string
-        branding_logo:
-          type: string
-        branding_favicon:
-          type: string
-        flow_authentication:
-          type: string
-          format: uuid
-          nullable: true
-        flow_invalidation:
-          type: string
-          format: uuid
-          nullable: true
-        flow_recovery:
-          type: string
-          format: uuid
-          nullable: true
-        flow_unenrollment:
-          type: string
-          format: uuid
-          nullable: true
-        flow_user_settings:
-          type: string
-          format: uuid
-          nullable: true
-        flow_device_code:
-          type: string
-          format: uuid
-          nullable: true
-        event_retention:
-          type: string
-          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
-        web_certificate:
+          maxLength: 63
+        name:
           type: string
-          format: uuid
-          nullable: true
-          description: Web Certificate used by the authentik Core webserver.
-        attributes: {}
+        ready:
+          type: boolean
       required:
-      - domain
+      - name
+      - schema_name
       - tenant_uuid
-    TenantRequest:
+    TenantAdminGroupRequestRequest:
       type: object
-      description: Tenant Serializer
+      description: Tenant admin group creation request serializer
       properties:
-        domain:
-          type: string
-          minLength: 1
-          description: Domain that activates this tenant. Can be a superset, i.e.
-            `a.b` for `aa.b` and `ba.b`
-        default:
-          type: boolean
-        branding_title:
-          type: string
-          minLength: 1
-        branding_logo:
+        user:
           type: string
           minLength: 1
-        branding_favicon:
+      required:
+      - user
+    TenantRecoveryKeyRequestRequest:
+      type: object
+      description: Tenant recovery key creation request serializer
+      properties:
+        user:
           type: string
           minLength: 1
-        flow_authentication:
-          type: string
-          format: uuid
-          nullable: true
-        flow_invalidation:
-          type: string
-          format: uuid
-          nullable: true
-        flow_recovery:
-          type: string
-          format: uuid
-          nullable: true
-        flow_unenrollment:
-          type: string
-          format: uuid
-          nullable: true
-        flow_user_settings:
+        duration_days:
+          type: integer
+      required:
+      - duration_days
+      - user
+    TenantRecoveryKeyResponse:
+      type: object
+      description: Tenant recovery key creation response serializer
+      properties:
+        expiry:
           type: string
-          format: uuid
-          nullable: true
-        flow_device_code:
+          format: date-time
+        url:
           type: string
-          format: uuid
-          nullable: true
-        event_retention:
+      required:
+      - expiry
+      - url
+    TenantRequest:
+      type: object
+      description: Tenant Serializer
+      properties:
+        schema_name:
           type: string
           minLength: 1
-          description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
-        web_certificate:
+          maxLength: 63
+        name:
           type: string
-          format: uuid
-          nullable: true
-          description: Web Certificate used by the authentik Core webserver.
-        attributes: {}
+          minLength: 1
+        ready:
+          type: boolean
       required:
-      - domain
+      - name
+      - schema_name
     Token:
       type: object
       description: Token Serializer
@@ -43745,7 +44579,7 @@ components:
         settings:
           type: object
           additionalProperties: {}
-          description: Get user settings with tenant and group settings applied
+          description: Get user settings with brand and group settings applied
           readOnly: true
         type:
           $ref: '#/components/schemas/UserTypeEnum'
diff --git a/src/main/kotlin/io/goauthentik/api/apis/AdminApi.kt b/src/main/kotlin/io/goauthentik/api/apis/AdminApi.kt
index d5c7fd5..93c4ac4 100644
--- a/src/main/kotlin/io/goauthentik/api/apis/AdminApi.kt
+++ b/src/main/kotlin/io/goauthentik/api/apis/AdminApi.kt
@@ -22,6 +22,9 @@ import okhttp3.HttpUrl
 import io.goauthentik.api.models.App
 import io.goauthentik.api.models.GenericError
 import io.goauthentik.api.models.LoginMetrics
+import io.goauthentik.api.models.PatchedSettingsRequest
+import io.goauthentik.api.models.Settings
+import io.goauthentik.api.models.SettingsRequest
 import io.goauthentik.api.models.SystemInfo
 import io.goauthentik.api.models.Task
 import io.goauthentik.api.models.ValidationError
@@ -256,6 +259,218 @@ class AdminApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
         )
     }
 
+    /**
+     * 
+     * Settings view
+     * @param patchedSettingsRequest  (optional)
+     * @return Settings
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun adminSettingsPartialUpdate(patchedSettingsRequest: PatchedSettingsRequest? = null) : Settings {
+        val localVarResponse = adminSettingsPartialUpdateWithHttpInfo(patchedSettingsRequest = patchedSettingsRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Settings
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Settings view
+     * @param patchedSettingsRequest  (optional)
+     * @return ApiResponse<Settings?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun adminSettingsPartialUpdateWithHttpInfo(patchedSettingsRequest: PatchedSettingsRequest?) : ApiResponse<Settings?> {
+        val localVariableConfig = adminSettingsPartialUpdateRequestConfig(patchedSettingsRequest = patchedSettingsRequest)
+
+        return request<PatchedSettingsRequest, Settings>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation adminSettingsPartialUpdate
+     *
+     * @param patchedSettingsRequest  (optional)
+     * @return RequestConfig
+     */
+    fun adminSettingsPartialUpdateRequestConfig(patchedSettingsRequest: PatchedSettingsRequest?) : RequestConfig<PatchedSettingsRequest> {
+        val localVariableBody = patchedSettingsRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.PATCH,
+            path = "/admin/settings/",
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = true,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Settings view
+     * @return Settings
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun adminSettingsRetrieve() : Settings {
+        val localVarResponse = adminSettingsRetrieveWithHttpInfo()
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Settings
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Settings view
+     * @return ApiResponse<Settings?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun adminSettingsRetrieveWithHttpInfo() : ApiResponse<Settings?> {
+        val localVariableConfig = adminSettingsRetrieveRequestConfig()
+
+        return request<Unit, Settings>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation adminSettingsRetrieve
+     *
+     * @return RequestConfig
+     */
+    fun adminSettingsRetrieveRequestConfig() : RequestConfig<Unit> {
+        val localVariableBody = null
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.GET,
+            path = "/admin/settings/",
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = true,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Settings view
+     * @param settingsRequest  (optional)
+     * @return Settings
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun adminSettingsUpdate(settingsRequest: SettingsRequest? = null) : Settings {
+        val localVarResponse = adminSettingsUpdateWithHttpInfo(settingsRequest = settingsRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Settings
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Settings view
+     * @param settingsRequest  (optional)
+     * @return ApiResponse<Settings?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun adminSettingsUpdateWithHttpInfo(settingsRequest: SettingsRequest?) : ApiResponse<Settings?> {
+        val localVariableConfig = adminSettingsUpdateRequestConfig(settingsRequest = settingsRequest)
+
+        return request<SettingsRequest, Settings>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation adminSettingsUpdate
+     *
+     * @param settingsRequest  (optional)
+     * @return RequestConfig
+     */
+    fun adminSettingsUpdateRequestConfig(settingsRequest: SettingsRequest?) : RequestConfig<SettingsRequest> {
+        val localVariableBody = settingsRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.PUT,
+            path = "/admin/settings/",
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = true,
+            body = localVariableBody
+        )
+    }
+
     /**
      * 
      * Get system information.
diff --git a/src/main/kotlin/io/goauthentik/api/apis/CoreApi.kt b/src/main/kotlin/io/goauthentik/api/apis/CoreApi.kt
index 253f925..cf8e0c3 100644
--- a/src/main/kotlin/io/goauthentik/api/apis/CoreApi.kt
+++ b/src/main/kotlin/io/goauthentik/api/apis/CoreApi.kt
@@ -22,8 +22,10 @@ import okhttp3.HttpUrl
 import io.goauthentik.api.models.Application
 import io.goauthentik.api.models.ApplicationRequest
 import io.goauthentik.api.models.AuthenticatedSession
+import io.goauthentik.api.models.Brand
+import io.goauthentik.api.models.BrandRequest
 import io.goauthentik.api.models.Coordinate
-import io.goauthentik.api.models.CurrentTenant
+import io.goauthentik.api.models.CurrentBrand
 import io.goauthentik.api.models.FilePathRequest
 import io.goauthentik.api.models.GenericError
 import io.goauthentik.api.models.Group
@@ -31,20 +33,18 @@ import io.goauthentik.api.models.GroupRequest
 import io.goauthentik.api.models.Link
 import io.goauthentik.api.models.PaginatedApplicationList
 import io.goauthentik.api.models.PaginatedAuthenticatedSessionList
+import io.goauthentik.api.models.PaginatedBrandList
 import io.goauthentik.api.models.PaginatedGroupList
-import io.goauthentik.api.models.PaginatedTenantList
 import io.goauthentik.api.models.PaginatedTokenList
 import io.goauthentik.api.models.PaginatedUserConsentList
 import io.goauthentik.api.models.PaginatedUserList
 import io.goauthentik.api.models.PatchedApplicationRequest
+import io.goauthentik.api.models.PatchedBrandRequest
 import io.goauthentik.api.models.PatchedGroupRequest
-import io.goauthentik.api.models.PatchedTenantRequest
 import io.goauthentik.api.models.PatchedTokenRequest
 import io.goauthentik.api.models.PatchedUserRequest
 import io.goauthentik.api.models.PolicyTestResult
 import io.goauthentik.api.models.SessionUser
-import io.goauthentik.api.models.Tenant
-import io.goauthentik.api.models.TenantRequest
 import io.goauthentik.api.models.Token
 import io.goauthentik.api.models.TokenRequest
 import io.goauthentik.api.models.TokenSetKeyRequest
@@ -1281,22 +1281,22 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Add user to group
-     * @param groupUuid A UUID string identifying this Group.
-     * @param userAccountRequest 
-     * @return void
+     * Brand Viewset
+     * @param brandRequest 
+     * @return Brand
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
      * @throws ClientException If the API returns a client error response
      * @throws ServerException If the API returns a server error response
      */
+    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsAddUserCreate(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : Unit {
-        val localVarResponse = coreGroupsAddUserCreateWithHttpInfo(groupUuid = groupUuid, userAccountRequest = userAccountRequest)
+    fun coreBrandsCreate(brandRequest: BrandRequest) : Brand {
+        val localVarResponse = coreBrandsCreateWithHttpInfo(brandRequest = brandRequest)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> Unit
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Brand
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -1312,31 +1312,30 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Add user to group
-     * @param groupUuid A UUID string identifying this Group.
-     * @param userAccountRequest 
-     * @return ApiResponse<Unit?>
+     * Brand Viewset
+     * @param brandRequest 
+     * @return ApiResponse<Brand?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
+    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsAddUserCreateWithHttpInfo(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : ApiResponse<Unit?> {
-        val localVariableConfig = coreGroupsAddUserCreateRequestConfig(groupUuid = groupUuid, userAccountRequest = userAccountRequest)
+    fun coreBrandsCreateWithHttpInfo(brandRequest: BrandRequest) : ApiResponse<Brand?> {
+        val localVariableConfig = coreBrandsCreateRequestConfig(brandRequest = brandRequest)
 
-        return request<UserAccountRequest, Unit>(
+        return request<BrandRequest, Brand>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsAddUserCreate
+     * To obtain the request config of the operation coreBrandsCreate
      *
-     * @param groupUuid A UUID string identifying this Group.
-     * @param userAccountRequest 
+     * @param brandRequest 
      * @return RequestConfig
      */
-    fun coreGroupsAddUserCreateRequestConfig(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : RequestConfig<UserAccountRequest> {
-        val localVariableBody = userAccountRequest
+    fun coreBrandsCreateRequestConfig(brandRequest: BrandRequest) : RequestConfig<BrandRequest> {
+        val localVariableBody = brandRequest
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
         localVariableHeaders["Content-Type"] = "application/json"
@@ -1344,7 +1343,7 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
         return RequestConfig(
             method = RequestMethod.POST,
-            path = "/core/groups/{group_uuid}/add_user/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
+            path = "/core/brands/",
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1354,9 +1353,8 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupRequest 
-     * @return Group
+     * Get current brand
+     * @return CurrentBrand
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -1365,11 +1363,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsCreate(groupRequest: GroupRequest) : Group {
-        val localVarResponse = coreGroupsCreateWithHttpInfo(groupRequest = groupRequest)
+    fun coreBrandsCurrentRetrieve() : CurrentBrand {
+        val localVarResponse = coreBrandsCurrentRetrieveWithHttpInfo()
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as Group
+            ResponseType.Success -> (localVarResponse as Success<*>).data as CurrentBrand
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -1385,38 +1383,35 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupRequest 
-     * @return ApiResponse<Group?>
+     * Get current brand
+     * @return ApiResponse<CurrentBrand?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsCreateWithHttpInfo(groupRequest: GroupRequest) : ApiResponse<Group?> {
-        val localVariableConfig = coreGroupsCreateRequestConfig(groupRequest = groupRequest)
+    fun coreBrandsCurrentRetrieveWithHttpInfo() : ApiResponse<CurrentBrand?> {
+        val localVariableConfig = coreBrandsCurrentRetrieveRequestConfig()
 
-        return request<GroupRequest, Group>(
+        return request<Unit, CurrentBrand>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsCreate
+     * To obtain the request config of the operation coreBrandsCurrentRetrieve
      *
-     * @param groupRequest 
      * @return RequestConfig
      */
-    fun coreGroupsCreateRequestConfig(groupRequest: GroupRequest) : RequestConfig<GroupRequest> {
-        val localVariableBody = groupRequest
+    fun coreBrandsCurrentRetrieveRequestConfig() : RequestConfig<Unit> {
+        val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
-        localVariableHeaders["Content-Type"] = "application/json"
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.POST,
-            path = "/core/groups/",
+            method = RequestMethod.GET,
+            path = "/core/brands/current/",
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1426,8 +1421,8 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupUuid A UUID string identifying this Group.
+     * Brand Viewset
+     * @param brandUuid A UUID string identifying this Brand.
      * @return void
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
@@ -1436,8 +1431,8 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      * @throws ServerException If the API returns a server error response
      */
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsDestroy(groupUuid: java.util.UUID) : Unit {
-        val localVarResponse = coreGroupsDestroyWithHttpInfo(groupUuid = groupUuid)
+    fun coreBrandsDestroy(brandUuid: java.util.UUID) : Unit {
+        val localVarResponse = coreBrandsDestroyWithHttpInfo(brandUuid = brandUuid)
 
         return when (localVarResponse.responseType) {
             ResponseType.Success -> Unit
@@ -1456,15 +1451,15 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupUuid A UUID string identifying this Group.
+     * Brand Viewset
+     * @param brandUuid A UUID string identifying this Brand.
      * @return ApiResponse<Unit?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsDestroyWithHttpInfo(groupUuid: java.util.UUID) : ApiResponse<Unit?> {
-        val localVariableConfig = coreGroupsDestroyRequestConfig(groupUuid = groupUuid)
+    fun coreBrandsDestroyWithHttpInfo(brandUuid: java.util.UUID) : ApiResponse<Unit?> {
+        val localVariableConfig = coreBrandsDestroyRequestConfig(brandUuid = brandUuid)
 
         return request<Unit, Unit>(
             localVariableConfig
@@ -1472,12 +1467,12 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsDestroy
+     * To obtain the request config of the operation coreBrandsDestroy
      *
-     * @param groupUuid A UUID string identifying this Group.
+     * @param brandUuid A UUID string identifying this Brand.
      * @return RequestConfig
      */
-    fun coreGroupsDestroyRequestConfig(groupUuid: java.util.UUID) : RequestConfig<Unit> {
+    fun coreBrandsDestroyRequestConfig(brandUuid: java.util.UUID) : RequestConfig<Unit> {
         val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
@@ -1485,7 +1480,7 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
         return RequestConfig(
             method = RequestMethod.DELETE,
-            path = "/core/groups/{group_uuid}/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
+            path = "/core/brands/{brand_uuid}/".replace("{"+"brand_uuid"+"}", encodeURIComponent(brandUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1495,17 +1490,25 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param attributes Attributes (optional)
-     * @param isSuperuser  (optional)
-     * @param membersByPk  (optional)
-     * @param membersByUsername Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. (optional)
-     * @param name  (optional)
+     * Brand Viewset
+     * @param brandUuid  (optional)
+     * @param brandingFavicon  (optional)
+     * @param brandingLogo  (optional)
+     * @param brandingTitle  (optional)
+     * @param default  (optional)
+     * @param domain  (optional)
+     * @param flowAuthentication  (optional)
+     * @param flowDeviceCode  (optional)
+     * @param flowInvalidation  (optional)
+     * @param flowRecovery  (optional)
+     * @param flowUnenrollment  (optional)
+     * @param flowUserSettings  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
      * @param pageSize Number of results to return per page. (optional)
      * @param search A search term. (optional)
-     * @return PaginatedGroupList
+     * @param webCertificate  (optional)
+     * @return PaginatedBrandList
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -1514,11 +1517,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsList(attributes: kotlin.String? = null, isSuperuser: kotlin.Boolean? = null, membersByPk: kotlin.collections.List<kotlin.Int>? = null, membersByUsername: kotlin.collections.List<kotlin.String>? = null, name: kotlin.String? = null, ordering: kotlin.String? = null, page: kotlin.Int? = null, pageSize: kotlin.Int? = null, search: kotlin.String? = null) : PaginatedGroupList {
-        val localVarResponse = coreGroupsListWithHttpInfo(attributes = attributes, isSuperuser = isSuperuser, membersByPk = membersByPk, membersByUsername = membersByUsername, name = name, ordering = ordering, page = page, pageSize = pageSize, search = search)
+    fun coreBrandsList(brandUuid: java.util.UUID? = null, brandingFavicon: kotlin.String? = null, brandingLogo: kotlin.String? = null, brandingTitle: kotlin.String? = null, default: kotlin.Boolean? = null, domain: kotlin.String? = null, flowAuthentication: java.util.UUID? = null, flowDeviceCode: java.util.UUID? = null, flowInvalidation: java.util.UUID? = null, flowRecovery: java.util.UUID? = null, flowUnenrollment: java.util.UUID? = null, flowUserSettings: java.util.UUID? = null, ordering: kotlin.String? = null, page: kotlin.Int? = null, pageSize: kotlin.Int? = null, search: kotlin.String? = null, webCertificate: java.util.UUID? = null) : PaginatedBrandList {
+        val localVarResponse = coreBrandsListWithHttpInfo(brandUuid = brandUuid, brandingFavicon = brandingFavicon, brandingLogo = brandingLogo, brandingTitle = brandingTitle, default = default, domain = domain, flowAuthentication = flowAuthentication, flowDeviceCode = flowDeviceCode, flowInvalidation = flowInvalidation, flowRecovery = flowRecovery, flowUnenrollment = flowUnenrollment, flowUserSettings = flowUserSettings, ordering = ordering, page = page, pageSize = pageSize, search = search, webCertificate = webCertificate)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as PaginatedGroupList
+            ResponseType.Success -> (localVarResponse as Success<*>).data as PaginatedBrandList
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -1534,62 +1537,99 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param attributes Attributes (optional)
-     * @param isSuperuser  (optional)
-     * @param membersByPk  (optional)
-     * @param membersByUsername Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. (optional)
-     * @param name  (optional)
+     * Brand Viewset
+     * @param brandUuid  (optional)
+     * @param brandingFavicon  (optional)
+     * @param brandingLogo  (optional)
+     * @param brandingTitle  (optional)
+     * @param default  (optional)
+     * @param domain  (optional)
+     * @param flowAuthentication  (optional)
+     * @param flowDeviceCode  (optional)
+     * @param flowInvalidation  (optional)
+     * @param flowRecovery  (optional)
+     * @param flowUnenrollment  (optional)
+     * @param flowUserSettings  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
      * @param pageSize Number of results to return per page. (optional)
      * @param search A search term. (optional)
-     * @return ApiResponse<PaginatedGroupList?>
+     * @param webCertificate  (optional)
+     * @return ApiResponse<PaginatedBrandList?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsListWithHttpInfo(attributes: kotlin.String?, isSuperuser: kotlin.Boolean?, membersByPk: kotlin.collections.List<kotlin.Int>?, membersByUsername: kotlin.collections.List<kotlin.String>?, name: kotlin.String?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?) : ApiResponse<PaginatedGroupList?> {
-        val localVariableConfig = coreGroupsListRequestConfig(attributes = attributes, isSuperuser = isSuperuser, membersByPk = membersByPk, membersByUsername = membersByUsername, name = name, ordering = ordering, page = page, pageSize = pageSize, search = search)
+    fun coreBrandsListWithHttpInfo(brandUuid: java.util.UUID?, brandingFavicon: kotlin.String?, brandingLogo: kotlin.String?, brandingTitle: kotlin.String?, default: kotlin.Boolean?, domain: kotlin.String?, flowAuthentication: java.util.UUID?, flowDeviceCode: java.util.UUID?, flowInvalidation: java.util.UUID?, flowRecovery: java.util.UUID?, flowUnenrollment: java.util.UUID?, flowUserSettings: java.util.UUID?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?, webCertificate: java.util.UUID?) : ApiResponse<PaginatedBrandList?> {
+        val localVariableConfig = coreBrandsListRequestConfig(brandUuid = brandUuid, brandingFavicon = brandingFavicon, brandingLogo = brandingLogo, brandingTitle = brandingTitle, default = default, domain = domain, flowAuthentication = flowAuthentication, flowDeviceCode = flowDeviceCode, flowInvalidation = flowInvalidation, flowRecovery = flowRecovery, flowUnenrollment = flowUnenrollment, flowUserSettings = flowUserSettings, ordering = ordering, page = page, pageSize = pageSize, search = search, webCertificate = webCertificate)
 
-        return request<Unit, PaginatedGroupList>(
+        return request<Unit, PaginatedBrandList>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsList
+     * To obtain the request config of the operation coreBrandsList
      *
-     * @param attributes Attributes (optional)
-     * @param isSuperuser  (optional)
-     * @param membersByPk  (optional)
-     * @param membersByUsername Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. (optional)
-     * @param name  (optional)
+     * @param brandUuid  (optional)
+     * @param brandingFavicon  (optional)
+     * @param brandingLogo  (optional)
+     * @param brandingTitle  (optional)
+     * @param default  (optional)
+     * @param domain  (optional)
+     * @param flowAuthentication  (optional)
+     * @param flowDeviceCode  (optional)
+     * @param flowInvalidation  (optional)
+     * @param flowRecovery  (optional)
+     * @param flowUnenrollment  (optional)
+     * @param flowUserSettings  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
      * @param pageSize Number of results to return per page. (optional)
      * @param search A search term. (optional)
+     * @param webCertificate  (optional)
      * @return RequestConfig
      */
-    fun coreGroupsListRequestConfig(attributes: kotlin.String?, isSuperuser: kotlin.Boolean?, membersByPk: kotlin.collections.List<kotlin.Int>?, membersByUsername: kotlin.collections.List<kotlin.String>?, name: kotlin.String?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?) : RequestConfig<Unit> {
+    fun coreBrandsListRequestConfig(brandUuid: java.util.UUID?, brandingFavicon: kotlin.String?, brandingLogo: kotlin.String?, brandingTitle: kotlin.String?, default: kotlin.Boolean?, domain: kotlin.String?, flowAuthentication: java.util.UUID?, flowDeviceCode: java.util.UUID?, flowInvalidation: java.util.UUID?, flowRecovery: java.util.UUID?, flowUnenrollment: java.util.UUID?, flowUserSettings: java.util.UUID?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?, webCertificate: java.util.UUID?) : RequestConfig<Unit> {
         val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf<kotlin.String, kotlin.collections.List<kotlin.String>>()
             .apply {
-                if (attributes != null) {
-                    put("attributes", listOf(attributes.toString()))
+                if (brandUuid != null) {
+                    put("brand_uuid", listOf(brandUuid.toString()))
                 }
-                if (isSuperuser != null) {
-                    put("is_superuser", listOf(isSuperuser.toString()))
+                if (brandingFavicon != null) {
+                    put("branding_favicon", listOf(brandingFavicon.toString()))
                 }
-                if (membersByPk != null) {
-                    put("members_by_pk", toMultiValue(membersByPk.toList(), "multi"))
+                if (brandingLogo != null) {
+                    put("branding_logo", listOf(brandingLogo.toString()))
                 }
-                if (membersByUsername != null) {
-                    put("members_by_username", toMultiValue(membersByUsername.toList(), "multi"))
+                if (brandingTitle != null) {
+                    put("branding_title", listOf(brandingTitle.toString()))
                 }
-                if (name != null) {
-                    put("name", listOf(name.toString()))
+                if (default != null) {
+                    put("default", listOf(default.toString()))
+                }
+                if (domain != null) {
+                    put("domain", listOf(domain.toString()))
+                }
+                if (flowAuthentication != null) {
+                    put("flow_authentication", listOf(flowAuthentication.toString()))
+                }
+                if (flowDeviceCode != null) {
+                    put("flow_device_code", listOf(flowDeviceCode.toString()))
+                }
+                if (flowInvalidation != null) {
+                    put("flow_invalidation", listOf(flowInvalidation.toString()))
+                }
+                if (flowRecovery != null) {
+                    put("flow_recovery", listOf(flowRecovery.toString()))
+                }
+                if (flowUnenrollment != null) {
+                    put("flow_unenrollment", listOf(flowUnenrollment.toString()))
+                }
+                if (flowUserSettings != null) {
+                    put("flow_user_settings", listOf(flowUserSettings.toString()))
                 }
                 if (ordering != null) {
                     put("ordering", listOf(ordering.toString()))
@@ -1603,13 +1643,16 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
                 if (search != null) {
                     put("search", listOf(search.toString()))
                 }
+                if (webCertificate != null) {
+                    put("web_certificate", listOf(webCertificate.toString()))
+                }
             }
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
             method = RequestMethod.GET,
-            path = "/core/groups/",
+            path = "/core/brands/",
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1619,10 +1662,10 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupUuid A UUID string identifying this Group.
-     * @param patchedGroupRequest  (optional)
-     * @return Group
+     * Brand Viewset
+     * @param brandUuid A UUID string identifying this Brand.
+     * @param patchedBrandRequest  (optional)
+     * @return Brand
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -1631,11 +1674,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsPartialUpdate(groupUuid: java.util.UUID, patchedGroupRequest: PatchedGroupRequest? = null) : Group {
-        val localVarResponse = coreGroupsPartialUpdateWithHttpInfo(groupUuid = groupUuid, patchedGroupRequest = patchedGroupRequest)
+    fun coreBrandsPartialUpdate(brandUuid: java.util.UUID, patchedBrandRequest: PatchedBrandRequest? = null) : Brand {
+        val localVarResponse = coreBrandsPartialUpdateWithHttpInfo(brandUuid = brandUuid, patchedBrandRequest = patchedBrandRequest)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as Group
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Brand
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -1651,32 +1694,32 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupUuid A UUID string identifying this Group.
-     * @param patchedGroupRequest  (optional)
-     * @return ApiResponse<Group?>
+     * Brand Viewset
+     * @param brandUuid A UUID string identifying this Brand.
+     * @param patchedBrandRequest  (optional)
+     * @return ApiResponse<Brand?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsPartialUpdateWithHttpInfo(groupUuid: java.util.UUID, patchedGroupRequest: PatchedGroupRequest?) : ApiResponse<Group?> {
-        val localVariableConfig = coreGroupsPartialUpdateRequestConfig(groupUuid = groupUuid, patchedGroupRequest = patchedGroupRequest)
+    fun coreBrandsPartialUpdateWithHttpInfo(brandUuid: java.util.UUID, patchedBrandRequest: PatchedBrandRequest?) : ApiResponse<Brand?> {
+        val localVariableConfig = coreBrandsPartialUpdateRequestConfig(brandUuid = brandUuid, patchedBrandRequest = patchedBrandRequest)
 
-        return request<PatchedGroupRequest, Group>(
+        return request<PatchedBrandRequest, Brand>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsPartialUpdate
+     * To obtain the request config of the operation coreBrandsPartialUpdate
      *
-     * @param groupUuid A UUID string identifying this Group.
-     * @param patchedGroupRequest  (optional)
+     * @param brandUuid A UUID string identifying this Brand.
+     * @param patchedBrandRequest  (optional)
      * @return RequestConfig
      */
-    fun coreGroupsPartialUpdateRequestConfig(groupUuid: java.util.UUID, patchedGroupRequest: PatchedGroupRequest?) : RequestConfig<PatchedGroupRequest> {
-        val localVariableBody = patchedGroupRequest
+    fun coreBrandsPartialUpdateRequestConfig(brandUuid: java.util.UUID, patchedBrandRequest: PatchedBrandRequest?) : RequestConfig<PatchedBrandRequest> {
+        val localVariableBody = patchedBrandRequest
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
         localVariableHeaders["Content-Type"] = "application/json"
@@ -1684,7 +1727,7 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
         return RequestConfig(
             method = RequestMethod.PATCH,
-            path = "/core/groups/{group_uuid}/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
+            path = "/core/brands/{brand_uuid}/".replace("{"+"brand_uuid"+"}", encodeURIComponent(brandUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1694,22 +1737,22 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Add user to group
-     * @param groupUuid A UUID string identifying this Group.
-     * @param userAccountRequest 
-     * @return void
+     * Brand Viewset
+     * @param brandUuid A UUID string identifying this Brand.
+     * @return Brand
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
      * @throws ClientException If the API returns a client error response
      * @throws ServerException If the API returns a server error response
      */
+    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsRemoveUserCreate(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : Unit {
-        val localVarResponse = coreGroupsRemoveUserCreateWithHttpInfo(groupUuid = groupUuid, userAccountRequest = userAccountRequest)
+    fun coreBrandsRetrieve(brandUuid: java.util.UUID) : Brand {
+        val localVarResponse = coreBrandsRetrieveWithHttpInfo(brandUuid = brandUuid)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> Unit
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Brand
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -1725,39 +1768,37 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Add user to group
-     * @param groupUuid A UUID string identifying this Group.
-     * @param userAccountRequest 
-     * @return ApiResponse<Unit?>
+     * Brand Viewset
+     * @param brandUuid A UUID string identifying this Brand.
+     * @return ApiResponse<Brand?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
+    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsRemoveUserCreateWithHttpInfo(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : ApiResponse<Unit?> {
-        val localVariableConfig = coreGroupsRemoveUserCreateRequestConfig(groupUuid = groupUuid, userAccountRequest = userAccountRequest)
+    fun coreBrandsRetrieveWithHttpInfo(brandUuid: java.util.UUID) : ApiResponse<Brand?> {
+        val localVariableConfig = coreBrandsRetrieveRequestConfig(brandUuid = brandUuid)
 
-        return request<UserAccountRequest, Unit>(
+        return request<Unit, Brand>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsRemoveUserCreate
+     * To obtain the request config of the operation coreBrandsRetrieve
      *
-     * @param groupUuid A UUID string identifying this Group.
-     * @param userAccountRequest 
+     * @param brandUuid A UUID string identifying this Brand.
      * @return RequestConfig
      */
-    fun coreGroupsRemoveUserCreateRequestConfig(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : RequestConfig<UserAccountRequest> {
-        val localVariableBody = userAccountRequest
+    fun coreBrandsRetrieveRequestConfig(brandUuid: java.util.UUID) : RequestConfig<Unit> {
+        val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
-        localVariableHeaders["Content-Type"] = "application/json"
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.POST,
-            path = "/core/groups/{group_uuid}/remove_user/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
+            method = RequestMethod.GET,
+            path = "/core/brands/{brand_uuid}/".replace("{"+"brand_uuid"+"}", encodeURIComponent(brandUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1767,9 +1808,10 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupUuid A UUID string identifying this Group.
-     * @return Group
+     * Brand Viewset
+     * @param brandUuid A UUID string identifying this Brand.
+     * @param brandRequest 
+     * @return Brand
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -1778,11 +1820,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsRetrieve(groupUuid: java.util.UUID) : Group {
-        val localVarResponse = coreGroupsRetrieveWithHttpInfo(groupUuid = groupUuid)
+    fun coreBrandsUpdate(brandUuid: java.util.UUID, brandRequest: BrandRequest) : Brand {
+        val localVarResponse = coreBrandsUpdateWithHttpInfo(brandUuid = brandUuid, brandRequest = brandRequest)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as Group
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Brand
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -1798,37 +1840,40 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupUuid A UUID string identifying this Group.
-     * @return ApiResponse<Group?>
+     * Brand Viewset
+     * @param brandUuid A UUID string identifying this Brand.
+     * @param brandRequest 
+     * @return ApiResponse<Brand?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsRetrieveWithHttpInfo(groupUuid: java.util.UUID) : ApiResponse<Group?> {
-        val localVariableConfig = coreGroupsRetrieveRequestConfig(groupUuid = groupUuid)
+    fun coreBrandsUpdateWithHttpInfo(brandUuid: java.util.UUID, brandRequest: BrandRequest) : ApiResponse<Brand?> {
+        val localVariableConfig = coreBrandsUpdateRequestConfig(brandUuid = brandUuid, brandRequest = brandRequest)
 
-        return request<Unit, Group>(
+        return request<BrandRequest, Brand>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsRetrieve
+     * To obtain the request config of the operation coreBrandsUpdate
      *
-     * @param groupUuid A UUID string identifying this Group.
+     * @param brandUuid A UUID string identifying this Brand.
+     * @param brandRequest 
      * @return RequestConfig
      */
-    fun coreGroupsRetrieveRequestConfig(groupUuid: java.util.UUID) : RequestConfig<Unit> {
-        val localVariableBody = null
+    fun coreBrandsUpdateRequestConfig(brandUuid: java.util.UUID, brandRequest: BrandRequest) : RequestConfig<BrandRequest> {
+        val localVariableBody = brandRequest
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.GET,
-            path = "/core/groups/{group_uuid}/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
+            method = RequestMethod.PUT,
+            path = "/core/brands/{brand_uuid}/".replace("{"+"brand_uuid"+"}", encodeURIComponent(brandUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1838,10 +1883,9 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupUuid A UUID string identifying this Group.
-     * @param groupRequest 
-     * @return Group
+     * Get a list of all objects that use this object
+     * @param brandUuid A UUID string identifying this Brand.
+     * @return kotlin.collections.List<UsedBy>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -1850,11 +1894,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsUpdate(groupUuid: java.util.UUID, groupRequest: GroupRequest) : Group {
-        val localVarResponse = coreGroupsUpdateWithHttpInfo(groupUuid = groupUuid, groupRequest = groupRequest)
+    fun coreBrandsUsedByList(brandUuid: java.util.UUID) : kotlin.collections.List<UsedBy> {
+        val localVarResponse = coreBrandsUsedByListWithHttpInfo(brandUuid = brandUuid)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as Group
+            ResponseType.Success -> (localVarResponse as Success<*>).data as kotlin.collections.List<UsedBy>
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -1870,40 +1914,37 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Group Viewset
-     * @param groupUuid A UUID string identifying this Group.
-     * @param groupRequest 
-     * @return ApiResponse<Group?>
+     * Get a list of all objects that use this object
+     * @param brandUuid A UUID string identifying this Brand.
+     * @return ApiResponse<kotlin.collections.List<UsedBy>?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsUpdateWithHttpInfo(groupUuid: java.util.UUID, groupRequest: GroupRequest) : ApiResponse<Group?> {
-        val localVariableConfig = coreGroupsUpdateRequestConfig(groupUuid = groupUuid, groupRequest = groupRequest)
+    fun coreBrandsUsedByListWithHttpInfo(brandUuid: java.util.UUID) : ApiResponse<kotlin.collections.List<UsedBy>?> {
+        val localVariableConfig = coreBrandsUsedByListRequestConfig(brandUuid = brandUuid)
 
-        return request<GroupRequest, Group>(
+        return request<Unit, kotlin.collections.List<UsedBy>>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsUpdate
+     * To obtain the request config of the operation coreBrandsUsedByList
      *
-     * @param groupUuid A UUID string identifying this Group.
-     * @param groupRequest 
+     * @param brandUuid A UUID string identifying this Brand.
      * @return RequestConfig
      */
-    fun coreGroupsUpdateRequestConfig(groupUuid: java.util.UUID, groupRequest: GroupRequest) : RequestConfig<GroupRequest> {
-        val localVariableBody = groupRequest
+    fun coreBrandsUsedByListRequestConfig(brandUuid: java.util.UUID) : RequestConfig<Unit> {
+        val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
-        localVariableHeaders["Content-Type"] = "application/json"
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.PUT,
-            path = "/core/groups/{group_uuid}/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
+            method = RequestMethod.GET,
+            path = "/core/brands/{brand_uuid}/used_by/".replace("{"+"brand_uuid"+"}", encodeURIComponent(brandUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1913,22 +1954,22 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Get a list of all objects that use this object
+     * Add user to group
      * @param groupUuid A UUID string identifying this Group.
-     * @return kotlin.collections.List<UsedBy>
+     * @param userAccountRequest 
+     * @return void
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
      * @throws ClientException If the API returns a client error response
      * @throws ServerException If the API returns a server error response
      */
-    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreGroupsUsedByList(groupUuid: java.util.UUID) : kotlin.collections.List<UsedBy> {
-        val localVarResponse = coreGroupsUsedByListWithHttpInfo(groupUuid = groupUuid)
+    fun coreGroupsAddUserCreate(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : Unit {
+        val localVarResponse = coreGroupsAddUserCreateWithHttpInfo(groupUuid = groupUuid, userAccountRequest = userAccountRequest)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as kotlin.collections.List<UsedBy>
+            ResponseType.Success -> Unit
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -1944,37 +1985,39 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Get a list of all objects that use this object
+     * Add user to group
      * @param groupUuid A UUID string identifying this Group.
-     * @return ApiResponse<kotlin.collections.List<UsedBy>?>
+     * @param userAccountRequest 
+     * @return ApiResponse<Unit?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
-    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreGroupsUsedByListWithHttpInfo(groupUuid: java.util.UUID) : ApiResponse<kotlin.collections.List<UsedBy>?> {
-        val localVariableConfig = coreGroupsUsedByListRequestConfig(groupUuid = groupUuid)
+    fun coreGroupsAddUserCreateWithHttpInfo(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : ApiResponse<Unit?> {
+        val localVariableConfig = coreGroupsAddUserCreateRequestConfig(groupUuid = groupUuid, userAccountRequest = userAccountRequest)
 
-        return request<Unit, kotlin.collections.List<UsedBy>>(
+        return request<UserAccountRequest, Unit>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreGroupsUsedByList
+     * To obtain the request config of the operation coreGroupsAddUserCreate
      *
      * @param groupUuid A UUID string identifying this Group.
+     * @param userAccountRequest 
      * @return RequestConfig
      */
-    fun coreGroupsUsedByListRequestConfig(groupUuid: java.util.UUID) : RequestConfig<Unit> {
-        val localVariableBody = null
+    fun coreGroupsAddUserCreateRequestConfig(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : RequestConfig<UserAccountRequest> {
+        val localVariableBody = userAccountRequest
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.GET,
-            path = "/core/groups/{group_uuid}/used_by/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
+            method = RequestMethod.POST,
+            path = "/core/groups/{group_uuid}/add_user/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -1984,9 +2027,9 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantRequest 
-     * @return Tenant
+     * Group Viewset
+     * @param groupRequest 
+     * @return Group
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -1995,11 +2038,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreTenantsCreate(tenantRequest: TenantRequest) : Tenant {
-        val localVarResponse = coreTenantsCreateWithHttpInfo(tenantRequest = tenantRequest)
+    fun coreGroupsCreate(groupRequest: GroupRequest) : Group {
+        val localVarResponse = coreGroupsCreateWithHttpInfo(groupRequest = groupRequest)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as Tenant
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Group
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -2015,30 +2058,30 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantRequest 
-     * @return ApiResponse<Tenant?>
+     * Group Viewset
+     * @param groupRequest 
+     * @return ApiResponse<Group?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreTenantsCreateWithHttpInfo(tenantRequest: TenantRequest) : ApiResponse<Tenant?> {
-        val localVariableConfig = coreTenantsCreateRequestConfig(tenantRequest = tenantRequest)
+    fun coreGroupsCreateWithHttpInfo(groupRequest: GroupRequest) : ApiResponse<Group?> {
+        val localVariableConfig = coreGroupsCreateRequestConfig(groupRequest = groupRequest)
 
-        return request<TenantRequest, Tenant>(
+        return request<GroupRequest, Group>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreTenantsCreate
+     * To obtain the request config of the operation coreGroupsCreate
      *
-     * @param tenantRequest 
+     * @param groupRequest 
      * @return RequestConfig
      */
-    fun coreTenantsCreateRequestConfig(tenantRequest: TenantRequest) : RequestConfig<TenantRequest> {
-        val localVariableBody = tenantRequest
+    fun coreGroupsCreateRequestConfig(groupRequest: GroupRequest) : RequestConfig<GroupRequest> {
+        val localVariableBody = groupRequest
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
         localVariableHeaders["Content-Type"] = "application/json"
@@ -2046,7 +2089,7 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
         return RequestConfig(
             method = RequestMethod.POST,
-            path = "/core/tenants/",
+            path = "/core/groups/",
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -2056,21 +2099,21 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Get current tenant
-     * @return CurrentTenant
+     * Group Viewset
+     * @param groupUuid A UUID string identifying this Group.
+     * @return void
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
      * @throws ClientException If the API returns a client error response
      * @throws ServerException If the API returns a server error response
      */
-    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreTenantsCurrentRetrieve() : CurrentTenant {
-        val localVarResponse = coreTenantsCurrentRetrieveWithHttpInfo()
+    fun coreGroupsDestroy(groupUuid: java.util.UUID) : Unit {
+        val localVarResponse = coreGroupsDestroyWithHttpInfo(groupUuid = groupUuid)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as CurrentTenant
+            ResponseType.Success -> Unit
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -2086,35 +2129,36 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Get current tenant
-     * @return ApiResponse<CurrentTenant?>
+     * Group Viewset
+     * @param groupUuid A UUID string identifying this Group.
+     * @return ApiResponse<Unit?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
-    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreTenantsCurrentRetrieveWithHttpInfo() : ApiResponse<CurrentTenant?> {
-        val localVariableConfig = coreTenantsCurrentRetrieveRequestConfig()
+    fun coreGroupsDestroyWithHttpInfo(groupUuid: java.util.UUID) : ApiResponse<Unit?> {
+        val localVariableConfig = coreGroupsDestroyRequestConfig(groupUuid = groupUuid)
 
-        return request<Unit, CurrentTenant>(
+        return request<Unit, Unit>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreTenantsCurrentRetrieve
+     * To obtain the request config of the operation coreGroupsDestroy
      *
+     * @param groupUuid A UUID string identifying this Group.
      * @return RequestConfig
      */
-    fun coreTenantsCurrentRetrieveRequestConfig() : RequestConfig<Unit> {
+    fun coreGroupsDestroyRequestConfig(groupUuid: java.util.UUID) : RequestConfig<Unit> {
         val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.GET,
-            path = "/core/tenants/current/",
+            method = RequestMethod.DELETE,
+            path = "/core/groups/{group_uuid}/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -2124,21 +2168,30 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @return void
+     * Group Viewset
+     * @param attributes Attributes (optional)
+     * @param isSuperuser  (optional)
+     * @param membersByPk  (optional)
+     * @param membersByUsername Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. (optional)
+     * @param name  (optional)
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
+     * @return PaginatedGroupList
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
      * @throws ClientException If the API returns a client error response
      * @throws ServerException If the API returns a server error response
      */
+    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreTenantsDestroy(tenantUuid: java.util.UUID) : Unit {
-        val localVarResponse = coreTenantsDestroyWithHttpInfo(tenantUuid = tenantUuid)
+    fun coreGroupsList(attributes: kotlin.String? = null, isSuperuser: kotlin.Boolean? = null, membersByPk: kotlin.collections.List<kotlin.Int>? = null, membersByUsername: kotlin.collections.List<kotlin.String>? = null, name: kotlin.String? = null, ordering: kotlin.String? = null, page: kotlin.Int? = null, pageSize: kotlin.Int? = null, search: kotlin.String? = null) : PaginatedGroupList {
+        val localVarResponse = coreGroupsListWithHttpInfo(attributes = attributes, isSuperuser = isSuperuser, membersByPk = membersByPk, membersByUsername = membersByUsername, name = name, ordering = ordering, page = page, pageSize = pageSize, search = search)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> Unit
+            ResponseType.Success -> (localVarResponse as Success<*>).data as PaginatedGroupList
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -2154,36 +2207,82 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @return ApiResponse<Unit?>
+     * Group Viewset
+     * @param attributes Attributes (optional)
+     * @param isSuperuser  (optional)
+     * @param membersByPk  (optional)
+     * @param membersByUsername Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. (optional)
+     * @param name  (optional)
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
+     * @return ApiResponse<PaginatedGroupList?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
+    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreTenantsDestroyWithHttpInfo(tenantUuid: java.util.UUID) : ApiResponse<Unit?> {
-        val localVariableConfig = coreTenantsDestroyRequestConfig(tenantUuid = tenantUuid)
+    fun coreGroupsListWithHttpInfo(attributes: kotlin.String?, isSuperuser: kotlin.Boolean?, membersByPk: kotlin.collections.List<kotlin.Int>?, membersByUsername: kotlin.collections.List<kotlin.String>?, name: kotlin.String?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?) : ApiResponse<PaginatedGroupList?> {
+        val localVariableConfig = coreGroupsListRequestConfig(attributes = attributes, isSuperuser = isSuperuser, membersByPk = membersByPk, membersByUsername = membersByUsername, name = name, ordering = ordering, page = page, pageSize = pageSize, search = search)
 
-        return request<Unit, Unit>(
+        return request<Unit, PaginatedGroupList>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreTenantsDestroy
+     * To obtain the request config of the operation coreGroupsList
      *
-     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param attributes Attributes (optional)
+     * @param isSuperuser  (optional)
+     * @param membersByPk  (optional)
+     * @param membersByUsername Required. 150 characters or fewer. Letters, digits and @/./+/-/_ only. (optional)
+     * @param name  (optional)
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
      * @return RequestConfig
      */
-    fun coreTenantsDestroyRequestConfig(tenantUuid: java.util.UUID) : RequestConfig<Unit> {
+    fun coreGroupsListRequestConfig(attributes: kotlin.String?, isSuperuser: kotlin.Boolean?, membersByPk: kotlin.collections.List<kotlin.Int>?, membersByUsername: kotlin.collections.List<kotlin.String>?, name: kotlin.String?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?) : RequestConfig<Unit> {
         val localVariableBody = null
-        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableQuery: MultiValueMap = mutableMapOf<kotlin.String, kotlin.collections.List<kotlin.String>>()
+            .apply {
+                if (attributes != null) {
+                    put("attributes", listOf(attributes.toString()))
+                }
+                if (isSuperuser != null) {
+                    put("is_superuser", listOf(isSuperuser.toString()))
+                }
+                if (membersByPk != null) {
+                    put("members_by_pk", toMultiValue(membersByPk.toList(), "multi"))
+                }
+                if (membersByUsername != null) {
+                    put("members_by_username", toMultiValue(membersByUsername.toList(), "multi"))
+                }
+                if (name != null) {
+                    put("name", listOf(name.toString()))
+                }
+                if (ordering != null) {
+                    put("ordering", listOf(ordering.toString()))
+                }
+                if (page != null) {
+                    put("page", listOf(page.toString()))
+                }
+                if (pageSize != null) {
+                    put("page_size", listOf(pageSize.toString()))
+                }
+                if (search != null) {
+                    put("search", listOf(search.toString()))
+                }
+            }
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.DELETE,
-            path = "/core/tenants/{tenant_uuid}/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            method = RequestMethod.GET,
+            path = "/core/groups/",
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -2193,26 +2292,10 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param brandingFavicon  (optional)
-     * @param brandingLogo  (optional)
-     * @param brandingTitle  (optional)
-     * @param default  (optional)
-     * @param domain  (optional)
-     * @param eventRetention  (optional)
-     * @param flowAuthentication  (optional)
-     * @param flowDeviceCode  (optional)
-     * @param flowInvalidation  (optional)
-     * @param flowRecovery  (optional)
-     * @param flowUnenrollment  (optional)
-     * @param flowUserSettings  (optional)
-     * @param ordering Which field to use when ordering the results. (optional)
-     * @param page A page number within the paginated result set. (optional)
-     * @param pageSize Number of results to return per page. (optional)
-     * @param search A search term. (optional)
-     * @param tenantUuid  (optional)
-     * @param webCertificate  (optional)
-     * @return PaginatedTenantList
+     * Group Viewset
+     * @param groupUuid A UUID string identifying this Group.
+     * @param patchedGroupRequest  (optional)
+     * @return Group
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -2221,11 +2304,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreTenantsList(brandingFavicon: kotlin.String? = null, brandingLogo: kotlin.String? = null, brandingTitle: kotlin.String? = null, default: kotlin.Boolean? = null, domain: kotlin.String? = null, eventRetention: kotlin.String? = null, flowAuthentication: java.util.UUID? = null, flowDeviceCode: java.util.UUID? = null, flowInvalidation: java.util.UUID? = null, flowRecovery: java.util.UUID? = null, flowUnenrollment: java.util.UUID? = null, flowUserSettings: java.util.UUID? = null, ordering: kotlin.String? = null, page: kotlin.Int? = null, pageSize: kotlin.Int? = null, search: kotlin.String? = null, tenantUuid: java.util.UUID? = null, webCertificate: java.util.UUID? = null) : PaginatedTenantList {
-        val localVarResponse = coreTenantsListWithHttpInfo(brandingFavicon = brandingFavicon, brandingLogo = brandingLogo, brandingTitle = brandingTitle, default = default, domain = domain, eventRetention = eventRetention, flowAuthentication = flowAuthentication, flowDeviceCode = flowDeviceCode, flowInvalidation = flowInvalidation, flowRecovery = flowRecovery, flowUnenrollment = flowUnenrollment, flowUserSettings = flowUserSettings, ordering = ordering, page = page, pageSize = pageSize, search = search, tenantUuid = tenantUuid, webCertificate = webCertificate)
+    fun coreGroupsPartialUpdate(groupUuid: java.util.UUID, patchedGroupRequest: PatchedGroupRequest? = null) : Group {
+        val localVarResponse = coreGroupsPartialUpdateWithHttpInfo(groupUuid = groupUuid, patchedGroupRequest = patchedGroupRequest)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as PaginatedTenantList
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Group
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -2241,127 +2324,40 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param brandingFavicon  (optional)
-     * @param brandingLogo  (optional)
-     * @param brandingTitle  (optional)
-     * @param default  (optional)
-     * @param domain  (optional)
-     * @param eventRetention  (optional)
-     * @param flowAuthentication  (optional)
-     * @param flowDeviceCode  (optional)
-     * @param flowInvalidation  (optional)
-     * @param flowRecovery  (optional)
-     * @param flowUnenrollment  (optional)
-     * @param flowUserSettings  (optional)
-     * @param ordering Which field to use when ordering the results. (optional)
-     * @param page A page number within the paginated result set. (optional)
-     * @param pageSize Number of results to return per page. (optional)
-     * @param search A search term. (optional)
-     * @param tenantUuid  (optional)
-     * @param webCertificate  (optional)
-     * @return ApiResponse<PaginatedTenantList?>
+     * Group Viewset
+     * @param groupUuid A UUID string identifying this Group.
+     * @param patchedGroupRequest  (optional)
+     * @return ApiResponse<Group?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreTenantsListWithHttpInfo(brandingFavicon: kotlin.String?, brandingLogo: kotlin.String?, brandingTitle: kotlin.String?, default: kotlin.Boolean?, domain: kotlin.String?, eventRetention: kotlin.String?, flowAuthentication: java.util.UUID?, flowDeviceCode: java.util.UUID?, flowInvalidation: java.util.UUID?, flowRecovery: java.util.UUID?, flowUnenrollment: java.util.UUID?, flowUserSettings: java.util.UUID?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?, tenantUuid: java.util.UUID?, webCertificate: java.util.UUID?) : ApiResponse<PaginatedTenantList?> {
-        val localVariableConfig = coreTenantsListRequestConfig(brandingFavicon = brandingFavicon, brandingLogo = brandingLogo, brandingTitle = brandingTitle, default = default, domain = domain, eventRetention = eventRetention, flowAuthentication = flowAuthentication, flowDeviceCode = flowDeviceCode, flowInvalidation = flowInvalidation, flowRecovery = flowRecovery, flowUnenrollment = flowUnenrollment, flowUserSettings = flowUserSettings, ordering = ordering, page = page, pageSize = pageSize, search = search, tenantUuid = tenantUuid, webCertificate = webCertificate)
+    fun coreGroupsPartialUpdateWithHttpInfo(groupUuid: java.util.UUID, patchedGroupRequest: PatchedGroupRequest?) : ApiResponse<Group?> {
+        val localVariableConfig = coreGroupsPartialUpdateRequestConfig(groupUuid = groupUuid, patchedGroupRequest = patchedGroupRequest)
 
-        return request<Unit, PaginatedTenantList>(
+        return request<PatchedGroupRequest, Group>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreTenantsList
+     * To obtain the request config of the operation coreGroupsPartialUpdate
      *
-     * @param brandingFavicon  (optional)
-     * @param brandingLogo  (optional)
-     * @param brandingTitle  (optional)
-     * @param default  (optional)
-     * @param domain  (optional)
-     * @param eventRetention  (optional)
-     * @param flowAuthentication  (optional)
-     * @param flowDeviceCode  (optional)
-     * @param flowInvalidation  (optional)
-     * @param flowRecovery  (optional)
-     * @param flowUnenrollment  (optional)
-     * @param flowUserSettings  (optional)
-     * @param ordering Which field to use when ordering the results. (optional)
-     * @param page A page number within the paginated result set. (optional)
-     * @param pageSize Number of results to return per page. (optional)
-     * @param search A search term. (optional)
-     * @param tenantUuid  (optional)
-     * @param webCertificate  (optional)
+     * @param groupUuid A UUID string identifying this Group.
+     * @param patchedGroupRequest  (optional)
      * @return RequestConfig
      */
-    fun coreTenantsListRequestConfig(brandingFavicon: kotlin.String?, brandingLogo: kotlin.String?, brandingTitle: kotlin.String?, default: kotlin.Boolean?, domain: kotlin.String?, eventRetention: kotlin.String?, flowAuthentication: java.util.UUID?, flowDeviceCode: java.util.UUID?, flowInvalidation: java.util.UUID?, flowRecovery: java.util.UUID?, flowUnenrollment: java.util.UUID?, flowUserSettings: java.util.UUID?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?, tenantUuid: java.util.UUID?, webCertificate: java.util.UUID?) : RequestConfig<Unit> {
-        val localVariableBody = null
-        val localVariableQuery: MultiValueMap = mutableMapOf<kotlin.String, kotlin.collections.List<kotlin.String>>()
-            .apply {
-                if (brandingFavicon != null) {
-                    put("branding_favicon", listOf(brandingFavicon.toString()))
-                }
-                if (brandingLogo != null) {
-                    put("branding_logo", listOf(brandingLogo.toString()))
-                }
-                if (brandingTitle != null) {
-                    put("branding_title", listOf(brandingTitle.toString()))
-                }
-                if (default != null) {
-                    put("default", listOf(default.toString()))
-                }
-                if (domain != null) {
-                    put("domain", listOf(domain.toString()))
-                }
-                if (eventRetention != null) {
-                    put("event_retention", listOf(eventRetention.toString()))
-                }
-                if (flowAuthentication != null) {
-                    put("flow_authentication", listOf(flowAuthentication.toString()))
-                }
-                if (flowDeviceCode != null) {
-                    put("flow_device_code", listOf(flowDeviceCode.toString()))
-                }
-                if (flowInvalidation != null) {
-                    put("flow_invalidation", listOf(flowInvalidation.toString()))
-                }
-                if (flowRecovery != null) {
-                    put("flow_recovery", listOf(flowRecovery.toString()))
-                }
-                if (flowUnenrollment != null) {
-                    put("flow_unenrollment", listOf(flowUnenrollment.toString()))
-                }
-                if (flowUserSettings != null) {
-                    put("flow_user_settings", listOf(flowUserSettings.toString()))
-                }
-                if (ordering != null) {
-                    put("ordering", listOf(ordering.toString()))
-                }
-                if (page != null) {
-                    put("page", listOf(page.toString()))
-                }
-                if (pageSize != null) {
-                    put("page_size", listOf(pageSize.toString()))
-                }
-                if (search != null) {
-                    put("search", listOf(search.toString()))
-                }
-                if (tenantUuid != null) {
-                    put("tenant_uuid", listOf(tenantUuid.toString()))
-                }
-                if (webCertificate != null) {
-                    put("web_certificate", listOf(webCertificate.toString()))
-                }
-            }
+    fun coreGroupsPartialUpdateRequestConfig(groupUuid: java.util.UUID, patchedGroupRequest: PatchedGroupRequest?) : RequestConfig<PatchedGroupRequest> {
+        val localVariableBody = patchedGroupRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.GET,
-            path = "/core/tenants/",
+            method = RequestMethod.PATCH,
+            path = "/core/groups/{group_uuid}/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -2371,23 +2367,22 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @param patchedTenantRequest  (optional)
-     * @return Tenant
+     * Add user to group
+     * @param groupUuid A UUID string identifying this Group.
+     * @param userAccountRequest 
+     * @return void
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
      * @throws ClientException If the API returns a client error response
      * @throws ServerException If the API returns a server error response
      */
-    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreTenantsPartialUpdate(tenantUuid: java.util.UUID, patchedTenantRequest: PatchedTenantRequest? = null) : Tenant {
-        val localVarResponse = coreTenantsPartialUpdateWithHttpInfo(tenantUuid = tenantUuid, patchedTenantRequest = patchedTenantRequest)
+    fun coreGroupsRemoveUserCreate(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : Unit {
+        val localVarResponse = coreGroupsRemoveUserCreateWithHttpInfo(groupUuid = groupUuid, userAccountRequest = userAccountRequest)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as Tenant
+            ResponseType.Success -> Unit
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -2403,40 +2398,39 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @param patchedTenantRequest  (optional)
-     * @return ApiResponse<Tenant?>
+     * Add user to group
+     * @param groupUuid A UUID string identifying this Group.
+     * @param userAccountRequest 
+     * @return ApiResponse<Unit?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
-    @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreTenantsPartialUpdateWithHttpInfo(tenantUuid: java.util.UUID, patchedTenantRequest: PatchedTenantRequest?) : ApiResponse<Tenant?> {
-        val localVariableConfig = coreTenantsPartialUpdateRequestConfig(tenantUuid = tenantUuid, patchedTenantRequest = patchedTenantRequest)
+    fun coreGroupsRemoveUserCreateWithHttpInfo(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : ApiResponse<Unit?> {
+        val localVariableConfig = coreGroupsRemoveUserCreateRequestConfig(groupUuid = groupUuid, userAccountRequest = userAccountRequest)
 
-        return request<PatchedTenantRequest, Tenant>(
+        return request<UserAccountRequest, Unit>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreTenantsPartialUpdate
+     * To obtain the request config of the operation coreGroupsRemoveUserCreate
      *
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @param patchedTenantRequest  (optional)
+     * @param groupUuid A UUID string identifying this Group.
+     * @param userAccountRequest 
      * @return RequestConfig
      */
-    fun coreTenantsPartialUpdateRequestConfig(tenantUuid: java.util.UUID, patchedTenantRequest: PatchedTenantRequest?) : RequestConfig<PatchedTenantRequest> {
-        val localVariableBody = patchedTenantRequest
+    fun coreGroupsRemoveUserCreateRequestConfig(groupUuid: java.util.UUID, userAccountRequest: UserAccountRequest) : RequestConfig<UserAccountRequest> {
+        val localVariableBody = userAccountRequest
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
         localVariableHeaders["Content-Type"] = "application/json"
         localVariableHeaders["Accept"] = "application/json"
 
         return RequestConfig(
-            method = RequestMethod.PATCH,
-            path = "/core/tenants/{tenant_uuid}/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            method = RequestMethod.POST,
+            path = "/core/groups/{group_uuid}/remove_user/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -2446,9 +2440,9 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @return Tenant
+     * Group Viewset
+     * @param groupUuid A UUID string identifying this Group.
+     * @return Group
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -2457,11 +2451,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreTenantsRetrieve(tenantUuid: java.util.UUID) : Tenant {
-        val localVarResponse = coreTenantsRetrieveWithHttpInfo(tenantUuid = tenantUuid)
+    fun coreGroupsRetrieve(groupUuid: java.util.UUID) : Group {
+        val localVarResponse = coreGroupsRetrieveWithHttpInfo(groupUuid = groupUuid)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as Tenant
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Group
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -2477,29 +2471,29 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @return ApiResponse<Tenant?>
+     * Group Viewset
+     * @param groupUuid A UUID string identifying this Group.
+     * @return ApiResponse<Group?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreTenantsRetrieveWithHttpInfo(tenantUuid: java.util.UUID) : ApiResponse<Tenant?> {
-        val localVariableConfig = coreTenantsRetrieveRequestConfig(tenantUuid = tenantUuid)
+    fun coreGroupsRetrieveWithHttpInfo(groupUuid: java.util.UUID) : ApiResponse<Group?> {
+        val localVariableConfig = coreGroupsRetrieveRequestConfig(groupUuid = groupUuid)
 
-        return request<Unit, Tenant>(
+        return request<Unit, Group>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreTenantsRetrieve
+     * To obtain the request config of the operation coreGroupsRetrieve
      *
-     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param groupUuid A UUID string identifying this Group.
      * @return RequestConfig
      */
-    fun coreTenantsRetrieveRequestConfig(tenantUuid: java.util.UUID) : RequestConfig<Unit> {
+    fun coreGroupsRetrieveRequestConfig(groupUuid: java.util.UUID) : RequestConfig<Unit> {
         val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
@@ -2507,7 +2501,7 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
         return RequestConfig(
             method = RequestMethod.GET,
-            path = "/core/tenants/{tenant_uuid}/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            path = "/core/groups/{group_uuid}/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -2517,10 +2511,10 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @param tenantRequest 
-     * @return Tenant
+     * Group Viewset
+     * @param groupUuid A UUID string identifying this Group.
+     * @param groupRequest 
+     * @return Group
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      * @throws UnsupportedOperationException If the API returns an informational or redirection response
@@ -2529,11 +2523,11 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreTenantsUpdate(tenantUuid: java.util.UUID, tenantRequest: TenantRequest) : Tenant {
-        val localVarResponse = coreTenantsUpdateWithHttpInfo(tenantUuid = tenantUuid, tenantRequest = tenantRequest)
+    fun coreGroupsUpdate(groupUuid: java.util.UUID, groupRequest: GroupRequest) : Group {
+        val localVarResponse = coreGroupsUpdateWithHttpInfo(groupUuid = groupUuid, groupRequest = groupRequest)
 
         return when (localVarResponse.responseType) {
-            ResponseType.Success -> (localVarResponse as Success<*>).data as Tenant
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Group
             ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
             ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
             ResponseType.ClientError -> {
@@ -2549,32 +2543,32 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
     /**
      * 
-     * Tenant Viewset
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @param tenantRequest 
-     * @return ApiResponse<Tenant?>
+     * Group Viewset
+     * @param groupUuid A UUID string identifying this Group.
+     * @param groupRequest 
+     * @return ApiResponse<Group?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreTenantsUpdateWithHttpInfo(tenantUuid: java.util.UUID, tenantRequest: TenantRequest) : ApiResponse<Tenant?> {
-        val localVariableConfig = coreTenantsUpdateRequestConfig(tenantUuid = tenantUuid, tenantRequest = tenantRequest)
+    fun coreGroupsUpdateWithHttpInfo(groupUuid: java.util.UUID, groupRequest: GroupRequest) : ApiResponse<Group?> {
+        val localVariableConfig = coreGroupsUpdateRequestConfig(groupUuid = groupUuid, groupRequest = groupRequest)
 
-        return request<TenantRequest, Tenant>(
+        return request<GroupRequest, Group>(
             localVariableConfig
         )
     }
 
     /**
-     * To obtain the request config of the operation coreTenantsUpdate
+     * To obtain the request config of the operation coreGroupsUpdate
      *
-     * @param tenantUuid A UUID string identifying this Tenant.
-     * @param tenantRequest 
+     * @param groupUuid A UUID string identifying this Group.
+     * @param groupRequest 
      * @return RequestConfig
      */
-    fun coreTenantsUpdateRequestConfig(tenantUuid: java.util.UUID, tenantRequest: TenantRequest) : RequestConfig<TenantRequest> {
-        val localVariableBody = tenantRequest
+    fun coreGroupsUpdateRequestConfig(groupUuid: java.util.UUID, groupRequest: GroupRequest) : RequestConfig<GroupRequest> {
+        val localVariableBody = groupRequest
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
         localVariableHeaders["Content-Type"] = "application/json"
@@ -2582,7 +2576,7 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
         return RequestConfig(
             method = RequestMethod.PUT,
-            path = "/core/tenants/{tenant_uuid}/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            path = "/core/groups/{group_uuid}/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
@@ -2593,7 +2587,7 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
     /**
      * 
      * Get a list of all objects that use this object
-     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param groupUuid A UUID string identifying this Group.
      * @return kotlin.collections.List<UsedBy>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
@@ -2603,8 +2597,8 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun coreTenantsUsedByList(tenantUuid: java.util.UUID) : kotlin.collections.List<UsedBy> {
-        val localVarResponse = coreTenantsUsedByListWithHttpInfo(tenantUuid = tenantUuid)
+    fun coreGroupsUsedByList(groupUuid: java.util.UUID) : kotlin.collections.List<UsedBy> {
+        val localVarResponse = coreGroupsUsedByListWithHttpInfo(groupUuid = groupUuid)
 
         return when (localVarResponse.responseType) {
             ResponseType.Success -> (localVarResponse as Success<*>).data as kotlin.collections.List<UsedBy>
@@ -2624,15 +2618,15 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
     /**
      * 
      * Get a list of all objects that use this object
-     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param groupUuid A UUID string identifying this Group.
      * @return ApiResponse<kotlin.collections.List<UsedBy>?>
      * @throws IllegalStateException If the request is not correctly configured
      * @throws IOException Rethrows the OkHttp execute method exception
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun coreTenantsUsedByListWithHttpInfo(tenantUuid: java.util.UUID) : ApiResponse<kotlin.collections.List<UsedBy>?> {
-        val localVariableConfig = coreTenantsUsedByListRequestConfig(tenantUuid = tenantUuid)
+    fun coreGroupsUsedByListWithHttpInfo(groupUuid: java.util.UUID) : ApiResponse<kotlin.collections.List<UsedBy>?> {
+        val localVariableConfig = coreGroupsUsedByListRequestConfig(groupUuid = groupUuid)
 
         return request<Unit, kotlin.collections.List<UsedBy>>(
             localVariableConfig
@@ -2640,12 +2634,12 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
     }
 
     /**
-     * To obtain the request config of the operation coreTenantsUsedByList
+     * To obtain the request config of the operation coreGroupsUsedByList
      *
-     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param groupUuid A UUID string identifying this Group.
      * @return RequestConfig
      */
-    fun coreTenantsUsedByListRequestConfig(tenantUuid: java.util.UUID) : RequestConfig<Unit> {
+    fun coreGroupsUsedByListRequestConfig(groupUuid: java.util.UUID) : RequestConfig<Unit> {
         val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf()
         val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
@@ -2653,7 +2647,7 @@ class CoreApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
 
         return RequestConfig(
             method = RequestMethod.GET,
-            path = "/core/tenants/{tenant_uuid}/used_by/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            path = "/core/groups/{group_uuid}/used_by/".replace("{"+"group_uuid"+"}", encodeURIComponent(groupUuid.toString())),
             query = localVariableQuery,
             headers = localVariableHeaders,
             requiresAuthentication = true,
diff --git a/src/main/kotlin/io/goauthentik/api/apis/EventsApi.kt b/src/main/kotlin/io/goauthentik/api/apis/EventsApi.kt
index 8275261..9bbcd7f 100644
--- a/src/main/kotlin/io/goauthentik/api/apis/EventsApi.kt
+++ b/src/main/kotlin/io/goauthentik/api/apis/EventsApi.kt
@@ -280,6 +280,7 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * 
      * Event Read-Only Viewset
      * @param action  (optional)
+     * @param brandName Brand name (optional)
      * @param clientIp  (optional)
      * @param contextAuthorizedApp Context Authorized application (optional)
      * @param contextModelApp Context Model App (optional)
@@ -289,7 +290,6 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * @param page A page number within the paginated result set. (optional)
      * @param pageSize Number of results to return per page. (optional)
      * @param search A search term. (optional)
-     * @param tenantName Tenant name (optional)
      * @param username Username (optional)
      * @return PaginatedEventList
      * @throws IllegalStateException If the request is not correctly configured
@@ -300,8 +300,8 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun eventsEventsList(action: kotlin.String? = null, clientIp: kotlin.String? = null, contextAuthorizedApp: kotlin.String? = null, contextModelApp: kotlin.String? = null, contextModelName: kotlin.String? = null, contextModelPk: kotlin.String? = null, ordering: kotlin.String? = null, page: kotlin.Int? = null, pageSize: kotlin.Int? = null, search: kotlin.String? = null, tenantName: kotlin.String? = null, username: kotlin.String? = null) : PaginatedEventList {
-        val localVarResponse = eventsEventsListWithHttpInfo(action = action, clientIp = clientIp, contextAuthorizedApp = contextAuthorizedApp, contextModelApp = contextModelApp, contextModelName = contextModelName, contextModelPk = contextModelPk, ordering = ordering, page = page, pageSize = pageSize, search = search, tenantName = tenantName, username = username)
+    fun eventsEventsList(action: kotlin.String? = null, brandName: kotlin.String? = null, clientIp: kotlin.String? = null, contextAuthorizedApp: kotlin.String? = null, contextModelApp: kotlin.String? = null, contextModelName: kotlin.String? = null, contextModelPk: kotlin.String? = null, ordering: kotlin.String? = null, page: kotlin.Int? = null, pageSize: kotlin.Int? = null, search: kotlin.String? = null, username: kotlin.String? = null) : PaginatedEventList {
+        val localVarResponse = eventsEventsListWithHttpInfo(action = action, brandName = brandName, clientIp = clientIp, contextAuthorizedApp = contextAuthorizedApp, contextModelApp = contextModelApp, contextModelName = contextModelName, contextModelPk = contextModelPk, ordering = ordering, page = page, pageSize = pageSize, search = search, username = username)
 
         return when (localVarResponse.responseType) {
             ResponseType.Success -> (localVarResponse as Success<*>).data as PaginatedEventList
@@ -322,6 +322,7 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * 
      * Event Read-Only Viewset
      * @param action  (optional)
+     * @param brandName Brand name (optional)
      * @param clientIp  (optional)
      * @param contextAuthorizedApp Context Authorized application (optional)
      * @param contextModelApp Context Model App (optional)
@@ -331,7 +332,6 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * @param page A page number within the paginated result set. (optional)
      * @param pageSize Number of results to return per page. (optional)
      * @param search A search term. (optional)
-     * @param tenantName Tenant name (optional)
      * @param username Username (optional)
      * @return ApiResponse<PaginatedEventList?>
      * @throws IllegalStateException If the request is not correctly configured
@@ -339,8 +339,8 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun eventsEventsListWithHttpInfo(action: kotlin.String?, clientIp: kotlin.String?, contextAuthorizedApp: kotlin.String?, contextModelApp: kotlin.String?, contextModelName: kotlin.String?, contextModelPk: kotlin.String?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?, tenantName: kotlin.String?, username: kotlin.String?) : ApiResponse<PaginatedEventList?> {
-        val localVariableConfig = eventsEventsListRequestConfig(action = action, clientIp = clientIp, contextAuthorizedApp = contextAuthorizedApp, contextModelApp = contextModelApp, contextModelName = contextModelName, contextModelPk = contextModelPk, ordering = ordering, page = page, pageSize = pageSize, search = search, tenantName = tenantName, username = username)
+    fun eventsEventsListWithHttpInfo(action: kotlin.String?, brandName: kotlin.String?, clientIp: kotlin.String?, contextAuthorizedApp: kotlin.String?, contextModelApp: kotlin.String?, contextModelName: kotlin.String?, contextModelPk: kotlin.String?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?, username: kotlin.String?) : ApiResponse<PaginatedEventList?> {
+        val localVariableConfig = eventsEventsListRequestConfig(action = action, brandName = brandName, clientIp = clientIp, contextAuthorizedApp = contextAuthorizedApp, contextModelApp = contextModelApp, contextModelName = contextModelName, contextModelPk = contextModelPk, ordering = ordering, page = page, pageSize = pageSize, search = search, username = username)
 
         return request<Unit, PaginatedEventList>(
             localVariableConfig
@@ -351,6 +351,7 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * To obtain the request config of the operation eventsEventsList
      *
      * @param action  (optional)
+     * @param brandName Brand name (optional)
      * @param clientIp  (optional)
      * @param contextAuthorizedApp Context Authorized application (optional)
      * @param contextModelApp Context Model App (optional)
@@ -360,17 +361,19 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * @param page A page number within the paginated result set. (optional)
      * @param pageSize Number of results to return per page. (optional)
      * @param search A search term. (optional)
-     * @param tenantName Tenant name (optional)
      * @param username Username (optional)
      * @return RequestConfig
      */
-    fun eventsEventsListRequestConfig(action: kotlin.String?, clientIp: kotlin.String?, contextAuthorizedApp: kotlin.String?, contextModelApp: kotlin.String?, contextModelName: kotlin.String?, contextModelPk: kotlin.String?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?, tenantName: kotlin.String?, username: kotlin.String?) : RequestConfig<Unit> {
+    fun eventsEventsListRequestConfig(action: kotlin.String?, brandName: kotlin.String?, clientIp: kotlin.String?, contextAuthorizedApp: kotlin.String?, contextModelApp: kotlin.String?, contextModelName: kotlin.String?, contextModelPk: kotlin.String?, ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?, username: kotlin.String?) : RequestConfig<Unit> {
         val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf<kotlin.String, kotlin.collections.List<kotlin.String>>()
             .apply {
                 if (action != null) {
                     put("action", listOf(action.toString()))
                 }
+                if (brandName != null) {
+                    put("brand_name", listOf(brandName.toString()))
+                }
                 if (clientIp != null) {
                     put("client_ip", listOf(clientIp.toString()))
                 }
@@ -398,9 +401,6 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
                 if (search != null) {
                     put("search", listOf(search.toString()))
                 }
-                if (tenantName != null) {
-                    put("tenant_name", listOf(tenantName.toString()))
-                }
                 if (username != null) {
                     put("username", listOf(username.toString()))
                 }
@@ -807,6 +807,7 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * 
      * Get event volume for specified filters and timeframe
      * @param action  (optional)
+     * @param brandName Brand name (optional)
      * @param clientIp  (optional)
      * @param contextAuthorizedApp Context Authorized application (optional)
      * @param contextModelApp Context Model App (optional)
@@ -814,7 +815,6 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * @param contextModelPk Context Model Primary Key (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param search A search term. (optional)
-     * @param tenantName Tenant name (optional)
      * @param username Username (optional)
      * @return kotlin.collections.List<Coordinate>
      * @throws IllegalStateException If the request is not correctly configured
@@ -825,8 +825,8 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
-    fun eventsEventsVolumeList(action: kotlin.String? = null, clientIp: kotlin.String? = null, contextAuthorizedApp: kotlin.String? = null, contextModelApp: kotlin.String? = null, contextModelName: kotlin.String? = null, contextModelPk: kotlin.String? = null, ordering: kotlin.String? = null, search: kotlin.String? = null, tenantName: kotlin.String? = null, username: kotlin.String? = null) : kotlin.collections.List<Coordinate> {
-        val localVarResponse = eventsEventsVolumeListWithHttpInfo(action = action, clientIp = clientIp, contextAuthorizedApp = contextAuthorizedApp, contextModelApp = contextModelApp, contextModelName = contextModelName, contextModelPk = contextModelPk, ordering = ordering, search = search, tenantName = tenantName, username = username)
+    fun eventsEventsVolumeList(action: kotlin.String? = null, brandName: kotlin.String? = null, clientIp: kotlin.String? = null, contextAuthorizedApp: kotlin.String? = null, contextModelApp: kotlin.String? = null, contextModelName: kotlin.String? = null, contextModelPk: kotlin.String? = null, ordering: kotlin.String? = null, search: kotlin.String? = null, username: kotlin.String? = null) : kotlin.collections.List<Coordinate> {
+        val localVarResponse = eventsEventsVolumeListWithHttpInfo(action = action, brandName = brandName, clientIp = clientIp, contextAuthorizedApp = contextAuthorizedApp, contextModelApp = contextModelApp, contextModelName = contextModelName, contextModelPk = contextModelPk, ordering = ordering, search = search, username = username)
 
         return when (localVarResponse.responseType) {
             ResponseType.Success -> (localVarResponse as Success<*>).data as kotlin.collections.List<Coordinate>
@@ -847,6 +847,7 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * 
      * Get event volume for specified filters and timeframe
      * @param action  (optional)
+     * @param brandName Brand name (optional)
      * @param clientIp  (optional)
      * @param contextAuthorizedApp Context Authorized application (optional)
      * @param contextModelApp Context Model App (optional)
@@ -854,7 +855,6 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * @param contextModelPk Context Model Primary Key (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param search A search term. (optional)
-     * @param tenantName Tenant name (optional)
      * @param username Username (optional)
      * @return ApiResponse<kotlin.collections.List<Coordinate>?>
      * @throws IllegalStateException If the request is not correctly configured
@@ -862,8 +862,8 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      */
     @Suppress("UNCHECKED_CAST")
     @Throws(IllegalStateException::class, IOException::class)
-    fun eventsEventsVolumeListWithHttpInfo(action: kotlin.String?, clientIp: kotlin.String?, contextAuthorizedApp: kotlin.String?, contextModelApp: kotlin.String?, contextModelName: kotlin.String?, contextModelPk: kotlin.String?, ordering: kotlin.String?, search: kotlin.String?, tenantName: kotlin.String?, username: kotlin.String?) : ApiResponse<kotlin.collections.List<Coordinate>?> {
-        val localVariableConfig = eventsEventsVolumeListRequestConfig(action = action, clientIp = clientIp, contextAuthorizedApp = contextAuthorizedApp, contextModelApp = contextModelApp, contextModelName = contextModelName, contextModelPk = contextModelPk, ordering = ordering, search = search, tenantName = tenantName, username = username)
+    fun eventsEventsVolumeListWithHttpInfo(action: kotlin.String?, brandName: kotlin.String?, clientIp: kotlin.String?, contextAuthorizedApp: kotlin.String?, contextModelApp: kotlin.String?, contextModelName: kotlin.String?, contextModelPk: kotlin.String?, ordering: kotlin.String?, search: kotlin.String?, username: kotlin.String?) : ApiResponse<kotlin.collections.List<Coordinate>?> {
+        val localVariableConfig = eventsEventsVolumeListRequestConfig(action = action, brandName = brandName, clientIp = clientIp, contextAuthorizedApp = contextAuthorizedApp, contextModelApp = contextModelApp, contextModelName = contextModelName, contextModelPk = contextModelPk, ordering = ordering, search = search, username = username)
 
         return request<Unit, kotlin.collections.List<Coordinate>>(
             localVariableConfig
@@ -874,6 +874,7 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * To obtain the request config of the operation eventsEventsVolumeList
      *
      * @param action  (optional)
+     * @param brandName Brand name (optional)
      * @param clientIp  (optional)
      * @param contextAuthorizedApp Context Authorized application (optional)
      * @param contextModelApp Context Model App (optional)
@@ -881,17 +882,19 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
      * @param contextModelPk Context Model Primary Key (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param search A search term. (optional)
-     * @param tenantName Tenant name (optional)
      * @param username Username (optional)
      * @return RequestConfig
      */
-    fun eventsEventsVolumeListRequestConfig(action: kotlin.String?, clientIp: kotlin.String?, contextAuthorizedApp: kotlin.String?, contextModelApp: kotlin.String?, contextModelName: kotlin.String?, contextModelPk: kotlin.String?, ordering: kotlin.String?, search: kotlin.String?, tenantName: kotlin.String?, username: kotlin.String?) : RequestConfig<Unit> {
+    fun eventsEventsVolumeListRequestConfig(action: kotlin.String?, brandName: kotlin.String?, clientIp: kotlin.String?, contextAuthorizedApp: kotlin.String?, contextModelApp: kotlin.String?, contextModelName: kotlin.String?, contextModelPk: kotlin.String?, ordering: kotlin.String?, search: kotlin.String?, username: kotlin.String?) : RequestConfig<Unit> {
         val localVariableBody = null
         val localVariableQuery: MultiValueMap = mutableMapOf<kotlin.String, kotlin.collections.List<kotlin.String>>()
             .apply {
                 if (action != null) {
                     put("action", listOf(action.toString()))
                 }
+                if (brandName != null) {
+                    put("brand_name", listOf(brandName.toString()))
+                }
                 if (clientIp != null) {
                     put("client_ip", listOf(clientIp.toString()))
                 }
@@ -913,9 +916,6 @@ class EventsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient
                 if (search != null) {
                     put("search", listOf(search.toString()))
                 }
-                if (tenantName != null) {
-                    put("tenant_name", listOf(tenantName.toString()))
-                }
                 if (username != null) {
                     put("username", listOf(username.toString()))
                 }
diff --git a/src/main/kotlin/io/goauthentik/api/apis/RbacApi.kt b/src/main/kotlin/io/goauthentik/api/apis/RbacApi.kt
index cfc1430..76590e1 100644
--- a/src/main/kotlin/io/goauthentik/api/apis/RbacApi.kt
+++ b/src/main/kotlin/io/goauthentik/api/apis/RbacApi.kt
@@ -137,6 +137,7 @@ class RbacApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
      enum class ModelRbacPermissionsAssignedByRolesList(val value: kotlin.String) {
          @Json(name = "authentik_blueprints.blueprintinstance") blueprintsPeriodBlueprintinstance("authentik_blueprints.blueprintinstance"),
+         @Json(name = "authentik_brands.brand") brandsPeriodBrand("authentik_brands.brand"),
          @Json(name = "authentik_core.application") corePeriodApplication("authentik_core.application"),
          @Json(name = "authentik_core.group") corePeriodGroup("authentik_core.group"),
          @Json(name = "authentik_core.token") corePeriodToken("authentik_core.token"),
@@ -212,13 +213,13 @@ class RbacApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
          @Json(name = "authentik_stages_user_login.userloginstage") stagesUserLoginPeriodUserloginstage("authentik_stages_user_login.userloginstage"),
          @Json(name = "authentik_stages_user_logout.userlogoutstage") stagesUserLogoutPeriodUserlogoutstage("authentik_stages_user_logout.userlogoutstage"),
          @Json(name = "authentik_stages_user_write.userwritestage") stagesUserWritePeriodUserwritestage("authentik_stages_user_write.userwritestage"),
-         @Json(name = "authentik_tenants.tenant") tenantsPeriodTenant("authentik_tenants.tenant"),
+         @Json(name = "authentik_tenants.domain") tenantsPeriodDomain("authentik_tenants.domain"),
      }
 
     /**
      * 
      * Get assigned object permissions for a single object
-     * @param model * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_tenants.tenant&#x60; - Tenant * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
+     * @param model * &#x60;authentik_tenants.domain&#x60; - Domain * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_brands.brand&#x60; - Brand * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
      * @param objectPk  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
@@ -254,7 +255,7 @@ class RbacApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
     /**
      * 
      * Get assigned object permissions for a single object
-     * @param model * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_tenants.tenant&#x60; - Tenant * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
+     * @param model * &#x60;authentik_tenants.domain&#x60; - Domain * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_brands.brand&#x60; - Brand * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
      * @param objectPk  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
@@ -277,7 +278,7 @@ class RbacApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
     /**
      * To obtain the request config of the operation rbacPermissionsAssignedByRolesList
      *
-     * @param model * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_tenants.tenant&#x60; - Tenant * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
+     * @param model * &#x60;authentik_tenants.domain&#x60; - Domain * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_brands.brand&#x60; - Brand * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
      * @param objectPk  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
@@ -470,6 +471,7 @@ class RbacApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
      */
      enum class ModelRbacPermissionsAssignedByUsersList(val value: kotlin.String) {
          @Json(name = "authentik_blueprints.blueprintinstance") blueprintsPeriodBlueprintinstance("authentik_blueprints.blueprintinstance"),
+         @Json(name = "authentik_brands.brand") brandsPeriodBrand("authentik_brands.brand"),
          @Json(name = "authentik_core.application") corePeriodApplication("authentik_core.application"),
          @Json(name = "authentik_core.group") corePeriodGroup("authentik_core.group"),
          @Json(name = "authentik_core.token") corePeriodToken("authentik_core.token"),
@@ -545,13 +547,13 @@ class RbacApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
          @Json(name = "authentik_stages_user_login.userloginstage") stagesUserLoginPeriodUserloginstage("authentik_stages_user_login.userloginstage"),
          @Json(name = "authentik_stages_user_logout.userlogoutstage") stagesUserLogoutPeriodUserlogoutstage("authentik_stages_user_logout.userlogoutstage"),
          @Json(name = "authentik_stages_user_write.userwritestage") stagesUserWritePeriodUserwritestage("authentik_stages_user_write.userwritestage"),
-         @Json(name = "authentik_tenants.tenant") tenantsPeriodTenant("authentik_tenants.tenant"),
+         @Json(name = "authentik_tenants.domain") tenantsPeriodDomain("authentik_tenants.domain"),
      }
 
     /**
      * 
      * Get assigned object permissions for a single object
-     * @param model * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_tenants.tenant&#x60; - Tenant * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
+     * @param model * &#x60;authentik_tenants.domain&#x60; - Domain * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_brands.brand&#x60; - Brand * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
      * @param objectPk  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
@@ -587,7 +589,7 @@ class RbacApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
     /**
      * 
      * Get assigned object permissions for a single object
-     * @param model * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_tenants.tenant&#x60; - Tenant * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
+     * @param model * &#x60;authentik_tenants.domain&#x60; - Domain * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_brands.brand&#x60; - Brand * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
      * @param objectPk  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
@@ -610,7 +612,7 @@ class RbacApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient =
     /**
      * To obtain the request config of the operation rbacPermissionsAssignedByUsersList
      *
-     * @param model * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_tenants.tenant&#x60; - Tenant * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
+     * @param model * &#x60;authentik_tenants.domain&#x60; - Domain * &#x60;authentik_crypto.certificatekeypair&#x60; - Certificate-Key Pair * &#x60;authentik_events.event&#x60; - Event * &#x60;authentik_events.notificationtransport&#x60; - Notification Transport * &#x60;authentik_events.notification&#x60; - Notification * &#x60;authentik_events.notificationrule&#x60; - Notification Rule * &#x60;authentik_events.notificationwebhookmapping&#x60; - Webhook Mapping * &#x60;authentik_flows.flow&#x60; - Flow * &#x60;authentik_flows.flowstagebinding&#x60; - Flow Stage Binding * &#x60;authentik_outposts.dockerserviceconnection&#x60; - Docker Service-Connection * &#x60;authentik_outposts.kubernetesserviceconnection&#x60; - Kubernetes Service-Connection * &#x60;authentik_outposts.outpost&#x60; - Outpost * &#x60;authentik_policies_dummy.dummypolicy&#x60; - Dummy Policy * &#x60;authentik_policies_event_matcher.eventmatcherpolicy&#x60; - Event Matcher Policy * &#x60;authentik_policies_expiry.passwordexpirypolicy&#x60; - Password Expiry Policy * &#x60;authentik_policies_expression.expressionpolicy&#x60; - Expression Policy * &#x60;authentik_policies_password.passwordpolicy&#x60; - Password Policy * &#x60;authentik_policies_reputation.reputationpolicy&#x60; - Reputation Policy * &#x60;authentik_policies_reputation.reputation&#x60; - Reputation Score * &#x60;authentik_policies.policybinding&#x60; - Policy Binding * &#x60;authentik_providers_ldap.ldapprovider&#x60; - LDAP Provider * &#x60;authentik_providers_oauth2.scopemapping&#x60; - Scope Mapping * &#x60;authentik_providers_oauth2.oauth2provider&#x60; - OAuth2/OpenID Provider * &#x60;authentik_providers_oauth2.authorizationcode&#x60; - Authorization Code * &#x60;authentik_providers_oauth2.accesstoken&#x60; - OAuth2 Access Token * &#x60;authentik_providers_oauth2.refreshtoken&#x60; - OAuth2 Refresh Token * &#x60;authentik_providers_proxy.proxyprovider&#x60; - Proxy Provider * &#x60;authentik_providers_radius.radiusprovider&#x60; - Radius Provider * &#x60;authentik_providers_saml.samlprovider&#x60; - SAML Provider * &#x60;authentik_providers_saml.samlpropertymapping&#x60; - SAML Property Mapping * &#x60;authentik_providers_scim.scimprovider&#x60; - SCIM Provider * &#x60;authentik_providers_scim.scimmapping&#x60; - SCIM Mapping * &#x60;authentik_rbac.role&#x60; - Role * &#x60;authentik_sources_ldap.ldapsource&#x60; - LDAP Source * &#x60;authentik_sources_ldap.ldappropertymapping&#x60; - LDAP Property Mapping * &#x60;authentik_sources_oauth.oauthsource&#x60; - OAuth Source * &#x60;authentik_sources_oauth.useroauthsourceconnection&#x60; - User OAuth Source Connection * &#x60;authentik_sources_plex.plexsource&#x60; - Plex Source * &#x60;authentik_sources_plex.plexsourceconnection&#x60; - User Plex Source Connection * &#x60;authentik_sources_saml.samlsource&#x60; - SAML Source * &#x60;authentik_sources_saml.usersamlsourceconnection&#x60; - User SAML Source Connection * &#x60;authentik_stages_authenticator_duo.authenticatorduostage&#x60; - Duo Authenticator Setup Stage * &#x60;authentik_stages_authenticator_duo.duodevice&#x60; - Duo Device * &#x60;authentik_stages_authenticator_sms.authenticatorsmsstage&#x60; - SMS Authenticator Setup Stage * &#x60;authentik_stages_authenticator_sms.smsdevice&#x60; - SMS Device * &#x60;authentik_stages_authenticator_static.authenticatorstaticstage&#x60; - Static Authenticator Stage * &#x60;authentik_stages_authenticator_static.staticdevice&#x60; - Static Device * &#x60;authentik_stages_authenticator_totp.authenticatortotpstage&#x60; - TOTP Authenticator Setup Stage * &#x60;authentik_stages_authenticator_totp.totpdevice&#x60; - TOTP Device * &#x60;authentik_stages_authenticator_validate.authenticatorvalidatestage&#x60; - Authenticator Validation Stage * &#x60;authentik_stages_authenticator_webauthn.authenticatewebauthnstage&#x60; - WebAuthn Authenticator Setup Stage * &#x60;authentik_stages_authenticator_webauthn.webauthndevice&#x60; - WebAuthn Device * &#x60;authentik_stages_captcha.captchastage&#x60; - Captcha Stage * &#x60;authentik_stages_consent.consentstage&#x60; - Consent Stage * &#x60;authentik_stages_consent.userconsent&#x60; - User Consent * &#x60;authentik_stages_deny.denystage&#x60; - Deny Stage * &#x60;authentik_stages_dummy.dummystage&#x60; - Dummy Stage * &#x60;authentik_stages_email.emailstage&#x60; - Email Stage * &#x60;authentik_stages_identification.identificationstage&#x60; - Identification Stage * &#x60;authentik_stages_invitation.invitationstage&#x60; - Invitation Stage * &#x60;authentik_stages_invitation.invitation&#x60; - Invitation * &#x60;authentik_stages_password.passwordstage&#x60; - Password Stage * &#x60;authentik_stages_prompt.prompt&#x60; - Prompt * &#x60;authentik_stages_prompt.promptstage&#x60; - Prompt Stage * &#x60;authentik_stages_user_delete.userdeletestage&#x60; - User Delete Stage * &#x60;authentik_stages_user_login.userloginstage&#x60; - User Login Stage * &#x60;authentik_stages_user_logout.userlogoutstage&#x60; - User Logout Stage * &#x60;authentik_stages_user_write.userwritestage&#x60; - User Write Stage * &#x60;authentik_brands.brand&#x60; - Brand * &#x60;authentik_blueprints.blueprintinstance&#x60; - Blueprint Instance * &#x60;authentik_core.group&#x60; - Group * &#x60;authentik_core.user&#x60; - User * &#x60;authentik_core.application&#x60; - Application * &#x60;authentik_core.token&#x60; - Token * &#x60;authentik_enterprise.license&#x60; - License * &#x60;authentik_providers_rac.racprovider&#x60; - RAC Provider * &#x60;authentik_providers_rac.endpoint&#x60; - RAC Endpoint * &#x60;authentik_providers_rac.racpropertymapping&#x60; - RAC Property Mapping
      * @param objectPk  (optional)
      * @param ordering Which field to use when ordering the results. (optional)
      * @param page A page number within the paginated result set. (optional)
diff --git a/src/main/kotlin/io/goauthentik/api/apis/TenantsApi.kt b/src/main/kotlin/io/goauthentik/api/apis/TenantsApi.kt
new file mode 100644
index 0000000..d0f4da6
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/apis/TenantsApi.kt
@@ -0,0 +1,1123 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.apis
+
+import java.io.IOException
+import okhttp3.OkHttpClient
+import okhttp3.HttpUrl
+
+import io.goauthentik.api.models.Domain
+import io.goauthentik.api.models.DomainRequest
+import io.goauthentik.api.models.GenericError
+import io.goauthentik.api.models.PaginatedDomainList
+import io.goauthentik.api.models.PaginatedTenantList
+import io.goauthentik.api.models.PatchedDomainRequest
+import io.goauthentik.api.models.PatchedTenantRequest
+import io.goauthentik.api.models.Tenant
+import io.goauthentik.api.models.TenantAdminGroupRequestRequest
+import io.goauthentik.api.models.TenantRecoveryKeyRequestRequest
+import io.goauthentik.api.models.TenantRecoveryKeyResponse
+import io.goauthentik.api.models.TenantRequest
+import io.goauthentik.api.models.ValidationError
+
+import com.squareup.moshi.Json
+
+import io.goauthentik.api.infrastructure.ApiClient
+import io.goauthentik.api.infrastructure.ApiResponse
+import io.goauthentik.api.infrastructure.ClientException
+import io.goauthentik.api.infrastructure.ClientError
+import io.goauthentik.api.infrastructure.ServerException
+import io.goauthentik.api.infrastructure.ServerError
+import io.goauthentik.api.infrastructure.MultiValueMap
+import io.goauthentik.api.infrastructure.PartConfig
+import io.goauthentik.api.infrastructure.RequestConfig
+import io.goauthentik.api.infrastructure.RequestMethod
+import io.goauthentik.api.infrastructure.ResponseType
+import io.goauthentik.api.infrastructure.Success
+import io.goauthentik.api.infrastructure.toMultiValue
+
+class TenantsApi(basePath: kotlin.String = defaultBasePath, client: OkHttpClient = ApiClient.defaultClient) : ApiClient(basePath, client) {
+    companion object {
+        @JvmStatic
+        val defaultBasePath: String by lazy {
+            System.getProperties().getProperty(ApiClient.baseUrlKey, "http://localhost/api/v3")
+        }
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param domainRequest 
+     * @return Domain
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsDomainsCreate(domainRequest: DomainRequest) : Domain {
+        val localVarResponse = tenantsDomainsCreateWithHttpInfo(domainRequest = domainRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Domain
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param domainRequest 
+     * @return ApiResponse<Domain?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsDomainsCreateWithHttpInfo(domainRequest: DomainRequest) : ApiResponse<Domain?> {
+        val localVariableConfig = tenantsDomainsCreateRequestConfig(domainRequest = domainRequest)
+
+        return request<DomainRequest, Domain>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsDomainsCreate
+     *
+     * @param domainRequest 
+     * @return RequestConfig
+     */
+    fun tenantsDomainsCreateRequestConfig(domainRequest: DomainRequest) : RequestConfig<DomainRequest> {
+        val localVariableBody = domainRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.POST,
+            path = "/tenants/domains/",
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param id A unique integer value identifying this Domain.
+     * @return void
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsDomainsDestroy(id: kotlin.Int) : Unit {
+        val localVarResponse = tenantsDomainsDestroyWithHttpInfo(id = id)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> Unit
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param id A unique integer value identifying this Domain.
+     * @return ApiResponse<Unit?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsDomainsDestroyWithHttpInfo(id: kotlin.Int) : ApiResponse<Unit?> {
+        val localVariableConfig = tenantsDomainsDestroyRequestConfig(id = id)
+
+        return request<Unit, Unit>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsDomainsDestroy
+     *
+     * @param id A unique integer value identifying this Domain.
+     * @return RequestConfig
+     */
+    fun tenantsDomainsDestroyRequestConfig(id: kotlin.Int) : RequestConfig<Unit> {
+        val localVariableBody = null
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.DELETE,
+            path = "/tenants/domains/{id}/".replace("{"+"id"+"}", encodeURIComponent(id.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
+     * @return PaginatedDomainList
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsDomainsList(ordering: kotlin.String? = null, page: kotlin.Int? = null, pageSize: kotlin.Int? = null, search: kotlin.String? = null) : PaginatedDomainList {
+        val localVarResponse = tenantsDomainsListWithHttpInfo(ordering = ordering, page = page, pageSize = pageSize, search = search)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as PaginatedDomainList
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
+     * @return ApiResponse<PaginatedDomainList?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsDomainsListWithHttpInfo(ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?) : ApiResponse<PaginatedDomainList?> {
+        val localVariableConfig = tenantsDomainsListRequestConfig(ordering = ordering, page = page, pageSize = pageSize, search = search)
+
+        return request<Unit, PaginatedDomainList>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsDomainsList
+     *
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
+     * @return RequestConfig
+     */
+    fun tenantsDomainsListRequestConfig(ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?) : RequestConfig<Unit> {
+        val localVariableBody = null
+        val localVariableQuery: MultiValueMap = mutableMapOf<kotlin.String, kotlin.collections.List<kotlin.String>>()
+            .apply {
+                if (ordering != null) {
+                    put("ordering", listOf(ordering.toString()))
+                }
+                if (page != null) {
+                    put("page", listOf(page.toString()))
+                }
+                if (pageSize != null) {
+                    put("page_size", listOf(pageSize.toString()))
+                }
+                if (search != null) {
+                    put("search", listOf(search.toString()))
+                }
+            }
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.GET,
+            path = "/tenants/domains/",
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param id A unique integer value identifying this Domain.
+     * @param patchedDomainRequest  (optional)
+     * @return Domain
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsDomainsPartialUpdate(id: kotlin.Int, patchedDomainRequest: PatchedDomainRequest? = null) : Domain {
+        val localVarResponse = tenantsDomainsPartialUpdateWithHttpInfo(id = id, patchedDomainRequest = patchedDomainRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Domain
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param id A unique integer value identifying this Domain.
+     * @param patchedDomainRequest  (optional)
+     * @return ApiResponse<Domain?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsDomainsPartialUpdateWithHttpInfo(id: kotlin.Int, patchedDomainRequest: PatchedDomainRequest?) : ApiResponse<Domain?> {
+        val localVariableConfig = tenantsDomainsPartialUpdateRequestConfig(id = id, patchedDomainRequest = patchedDomainRequest)
+
+        return request<PatchedDomainRequest, Domain>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsDomainsPartialUpdate
+     *
+     * @param id A unique integer value identifying this Domain.
+     * @param patchedDomainRequest  (optional)
+     * @return RequestConfig
+     */
+    fun tenantsDomainsPartialUpdateRequestConfig(id: kotlin.Int, patchedDomainRequest: PatchedDomainRequest?) : RequestConfig<PatchedDomainRequest> {
+        val localVariableBody = patchedDomainRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.PATCH,
+            path = "/tenants/domains/{id}/".replace("{"+"id"+"}", encodeURIComponent(id.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param id A unique integer value identifying this Domain.
+     * @return Domain
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsDomainsRetrieve(id: kotlin.Int) : Domain {
+        val localVarResponse = tenantsDomainsRetrieveWithHttpInfo(id = id)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Domain
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param id A unique integer value identifying this Domain.
+     * @return ApiResponse<Domain?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsDomainsRetrieveWithHttpInfo(id: kotlin.Int) : ApiResponse<Domain?> {
+        val localVariableConfig = tenantsDomainsRetrieveRequestConfig(id = id)
+
+        return request<Unit, Domain>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsDomainsRetrieve
+     *
+     * @param id A unique integer value identifying this Domain.
+     * @return RequestConfig
+     */
+    fun tenantsDomainsRetrieveRequestConfig(id: kotlin.Int) : RequestConfig<Unit> {
+        val localVariableBody = null
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.GET,
+            path = "/tenants/domains/{id}/".replace("{"+"id"+"}", encodeURIComponent(id.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param id A unique integer value identifying this Domain.
+     * @param domainRequest 
+     * @return Domain
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsDomainsUpdate(id: kotlin.Int, domainRequest: DomainRequest) : Domain {
+        val localVarResponse = tenantsDomainsUpdateWithHttpInfo(id = id, domainRequest = domainRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Domain
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Domain ViewSet
+     * @param id A unique integer value identifying this Domain.
+     * @param domainRequest 
+     * @return ApiResponse<Domain?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsDomainsUpdateWithHttpInfo(id: kotlin.Int, domainRequest: DomainRequest) : ApiResponse<Domain?> {
+        val localVariableConfig = tenantsDomainsUpdateRequestConfig(id = id, domainRequest = domainRequest)
+
+        return request<DomainRequest, Domain>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsDomainsUpdate
+     *
+     * @param id A unique integer value identifying this Domain.
+     * @param domainRequest 
+     * @return RequestConfig
+     */
+    fun tenantsDomainsUpdateRequestConfig(id: kotlin.Int, domainRequest: DomainRequest) : RequestConfig<DomainRequest> {
+        val localVariableBody = domainRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.PUT,
+            path = "/tenants/domains/{id}/".replace("{"+"id"+"}", encodeURIComponent(id.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantRequest 
+     * @return Tenant
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsTenantsCreate(tenantRequest: TenantRequest) : Tenant {
+        val localVarResponse = tenantsTenantsCreateWithHttpInfo(tenantRequest = tenantRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Tenant
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantRequest 
+     * @return ApiResponse<Tenant?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsTenantsCreateWithHttpInfo(tenantRequest: TenantRequest) : ApiResponse<Tenant?> {
+        val localVariableConfig = tenantsTenantsCreateRequestConfig(tenantRequest = tenantRequest)
+
+        return request<TenantRequest, Tenant>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsTenantsCreate
+     *
+     * @param tenantRequest 
+     * @return RequestConfig
+     */
+    fun tenantsTenantsCreateRequestConfig(tenantRequest: TenantRequest) : RequestConfig<TenantRequest> {
+        val localVariableBody = tenantRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.POST,
+            path = "/tenants/tenants/",
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Create admin group and add user to it.
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantAdminGroupRequestRequest 
+     * @return void
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsTenantsCreateAdminGroupCreate(tenantUuid: java.util.UUID, tenantAdminGroupRequestRequest: TenantAdminGroupRequestRequest) : Unit {
+        val localVarResponse = tenantsTenantsCreateAdminGroupCreateWithHttpInfo(tenantUuid = tenantUuid, tenantAdminGroupRequestRequest = tenantAdminGroupRequestRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> Unit
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Create admin group and add user to it.
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantAdminGroupRequestRequest 
+     * @return ApiResponse<Unit?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsTenantsCreateAdminGroupCreateWithHttpInfo(tenantUuid: java.util.UUID, tenantAdminGroupRequestRequest: TenantAdminGroupRequestRequest) : ApiResponse<Unit?> {
+        val localVariableConfig = tenantsTenantsCreateAdminGroupCreateRequestConfig(tenantUuid = tenantUuid, tenantAdminGroupRequestRequest = tenantAdminGroupRequestRequest)
+
+        return request<TenantAdminGroupRequestRequest, Unit>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsTenantsCreateAdminGroupCreate
+     *
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantAdminGroupRequestRequest 
+     * @return RequestConfig
+     */
+    fun tenantsTenantsCreateAdminGroupCreateRequestConfig(tenantUuid: java.util.UUID, tenantAdminGroupRequestRequest: TenantAdminGroupRequestRequest) : RequestConfig<TenantAdminGroupRequestRequest> {
+        val localVariableBody = tenantAdminGroupRequestRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.POST,
+            path = "/tenants/tenants/{tenant_uuid}/create_admin_group/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Create recovery key for user.
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantRecoveryKeyRequestRequest 
+     * @return TenantRecoveryKeyResponse
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsTenantsCreateRecoveryKeyCreate(tenantUuid: java.util.UUID, tenantRecoveryKeyRequestRequest: TenantRecoveryKeyRequestRequest) : TenantRecoveryKeyResponse {
+        val localVarResponse = tenantsTenantsCreateRecoveryKeyCreateWithHttpInfo(tenantUuid = tenantUuid, tenantRecoveryKeyRequestRequest = tenantRecoveryKeyRequestRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as TenantRecoveryKeyResponse
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Create recovery key for user.
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantRecoveryKeyRequestRequest 
+     * @return ApiResponse<TenantRecoveryKeyResponse?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsTenantsCreateRecoveryKeyCreateWithHttpInfo(tenantUuid: java.util.UUID, tenantRecoveryKeyRequestRequest: TenantRecoveryKeyRequestRequest) : ApiResponse<TenantRecoveryKeyResponse?> {
+        val localVariableConfig = tenantsTenantsCreateRecoveryKeyCreateRequestConfig(tenantUuid = tenantUuid, tenantRecoveryKeyRequestRequest = tenantRecoveryKeyRequestRequest)
+
+        return request<TenantRecoveryKeyRequestRequest, TenantRecoveryKeyResponse>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsTenantsCreateRecoveryKeyCreate
+     *
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantRecoveryKeyRequestRequest 
+     * @return RequestConfig
+     */
+    fun tenantsTenantsCreateRecoveryKeyCreateRequestConfig(tenantUuid: java.util.UUID, tenantRecoveryKeyRequestRequest: TenantRecoveryKeyRequestRequest) : RequestConfig<TenantRecoveryKeyRequestRequest> {
+        val localVariableBody = tenantRecoveryKeyRequestRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.POST,
+            path = "/tenants/tenants/{tenant_uuid}/create_recovery_key/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @return void
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsTenantsDestroy(tenantUuid: java.util.UUID) : Unit {
+        val localVarResponse = tenantsTenantsDestroyWithHttpInfo(tenantUuid = tenantUuid)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> Unit
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @return ApiResponse<Unit?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsTenantsDestroyWithHttpInfo(tenantUuid: java.util.UUID) : ApiResponse<Unit?> {
+        val localVariableConfig = tenantsTenantsDestroyRequestConfig(tenantUuid = tenantUuid)
+
+        return request<Unit, Unit>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsTenantsDestroy
+     *
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @return RequestConfig
+     */
+    fun tenantsTenantsDestroyRequestConfig(tenantUuid: java.util.UUID) : RequestConfig<Unit> {
+        val localVariableBody = null
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.DELETE,
+            path = "/tenants/tenants/{tenant_uuid}/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
+     * @return PaginatedTenantList
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsTenantsList(ordering: kotlin.String? = null, page: kotlin.Int? = null, pageSize: kotlin.Int? = null, search: kotlin.String? = null) : PaginatedTenantList {
+        val localVarResponse = tenantsTenantsListWithHttpInfo(ordering = ordering, page = page, pageSize = pageSize, search = search)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as PaginatedTenantList
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
+     * @return ApiResponse<PaginatedTenantList?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsTenantsListWithHttpInfo(ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?) : ApiResponse<PaginatedTenantList?> {
+        val localVariableConfig = tenantsTenantsListRequestConfig(ordering = ordering, page = page, pageSize = pageSize, search = search)
+
+        return request<Unit, PaginatedTenantList>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsTenantsList
+     *
+     * @param ordering Which field to use when ordering the results. (optional)
+     * @param page A page number within the paginated result set. (optional)
+     * @param pageSize Number of results to return per page. (optional)
+     * @param search A search term. (optional)
+     * @return RequestConfig
+     */
+    fun tenantsTenantsListRequestConfig(ordering: kotlin.String?, page: kotlin.Int?, pageSize: kotlin.Int?, search: kotlin.String?) : RequestConfig<Unit> {
+        val localVariableBody = null
+        val localVariableQuery: MultiValueMap = mutableMapOf<kotlin.String, kotlin.collections.List<kotlin.String>>()
+            .apply {
+                if (ordering != null) {
+                    put("ordering", listOf(ordering.toString()))
+                }
+                if (page != null) {
+                    put("page", listOf(page.toString()))
+                }
+                if (pageSize != null) {
+                    put("page_size", listOf(pageSize.toString()))
+                }
+                if (search != null) {
+                    put("search", listOf(search.toString()))
+                }
+            }
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.GET,
+            path = "/tenants/tenants/",
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param patchedTenantRequest  (optional)
+     * @return Tenant
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsTenantsPartialUpdate(tenantUuid: java.util.UUID, patchedTenantRequest: PatchedTenantRequest? = null) : Tenant {
+        val localVarResponse = tenantsTenantsPartialUpdateWithHttpInfo(tenantUuid = tenantUuid, patchedTenantRequest = patchedTenantRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Tenant
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param patchedTenantRequest  (optional)
+     * @return ApiResponse<Tenant?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsTenantsPartialUpdateWithHttpInfo(tenantUuid: java.util.UUID, patchedTenantRequest: PatchedTenantRequest?) : ApiResponse<Tenant?> {
+        val localVariableConfig = tenantsTenantsPartialUpdateRequestConfig(tenantUuid = tenantUuid, patchedTenantRequest = patchedTenantRequest)
+
+        return request<PatchedTenantRequest, Tenant>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsTenantsPartialUpdate
+     *
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param patchedTenantRequest  (optional)
+     * @return RequestConfig
+     */
+    fun tenantsTenantsPartialUpdateRequestConfig(tenantUuid: java.util.UUID, patchedTenantRequest: PatchedTenantRequest?) : RequestConfig<PatchedTenantRequest> {
+        val localVariableBody = patchedTenantRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.PATCH,
+            path = "/tenants/tenants/{tenant_uuid}/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @return Tenant
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsTenantsRetrieve(tenantUuid: java.util.UUID) : Tenant {
+        val localVarResponse = tenantsTenantsRetrieveWithHttpInfo(tenantUuid = tenantUuid)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Tenant
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @return ApiResponse<Tenant?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsTenantsRetrieveWithHttpInfo(tenantUuid: java.util.UUID) : ApiResponse<Tenant?> {
+        val localVariableConfig = tenantsTenantsRetrieveRequestConfig(tenantUuid = tenantUuid)
+
+        return request<Unit, Tenant>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsTenantsRetrieve
+     *
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @return RequestConfig
+     */
+    fun tenantsTenantsRetrieveRequestConfig(tenantUuid: java.util.UUID) : RequestConfig<Unit> {
+        val localVariableBody = null
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.GET,
+            path = "/tenants/tenants/{tenant_uuid}/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantRequest 
+     * @return Tenant
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     * @throws UnsupportedOperationException If the API returns an informational or redirection response
+     * @throws ClientException If the API returns a client error response
+     * @throws ServerException If the API returns a server error response
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class, UnsupportedOperationException::class, ClientException::class, ServerException::class)
+    fun tenantsTenantsUpdate(tenantUuid: java.util.UUID, tenantRequest: TenantRequest) : Tenant {
+        val localVarResponse = tenantsTenantsUpdateWithHttpInfo(tenantUuid = tenantUuid, tenantRequest = tenantRequest)
+
+        return when (localVarResponse.responseType) {
+            ResponseType.Success -> (localVarResponse as Success<*>).data as Tenant
+            ResponseType.Informational -> throw UnsupportedOperationException("Client does not support Informational responses.")
+            ResponseType.Redirection -> throw UnsupportedOperationException("Client does not support Redirection responses.")
+            ResponseType.ClientError -> {
+                val localVarError = localVarResponse as ClientError<*>
+                throw ClientException("Client error : ${localVarError.statusCode} ${localVarError.message.orEmpty()}", localVarError.statusCode, localVarResponse)
+            }
+            ResponseType.ServerError -> {
+                val localVarError = localVarResponse as ServerError<*>
+                throw ServerException("Server error : ${localVarError.statusCode} ${localVarError.message.orEmpty()} ${localVarError.body}", localVarError.statusCode, localVarResponse)
+            }
+        }
+    }
+
+    /**
+     * 
+     * Tenant Viewset
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantRequest 
+     * @return ApiResponse<Tenant?>
+     * @throws IllegalStateException If the request is not correctly configured
+     * @throws IOException Rethrows the OkHttp execute method exception
+     */
+    @Suppress("UNCHECKED_CAST")
+    @Throws(IllegalStateException::class, IOException::class)
+    fun tenantsTenantsUpdateWithHttpInfo(tenantUuid: java.util.UUID, tenantRequest: TenantRequest) : ApiResponse<Tenant?> {
+        val localVariableConfig = tenantsTenantsUpdateRequestConfig(tenantUuid = tenantUuid, tenantRequest = tenantRequest)
+
+        return request<TenantRequest, Tenant>(
+            localVariableConfig
+        )
+    }
+
+    /**
+     * To obtain the request config of the operation tenantsTenantsUpdate
+     *
+     * @param tenantUuid A UUID string identifying this Tenant.
+     * @param tenantRequest 
+     * @return RequestConfig
+     */
+    fun tenantsTenantsUpdateRequestConfig(tenantUuid: java.util.UUID, tenantRequest: TenantRequest) : RequestConfig<TenantRequest> {
+        val localVariableBody = tenantRequest
+        val localVariableQuery: MultiValueMap = mutableMapOf()
+        val localVariableHeaders: MutableMap<String, String> = mutableMapOf()
+        localVariableHeaders["Content-Type"] = "application/json"
+        localVariableHeaders["Accept"] = "application/json"
+
+        return RequestConfig(
+            method = RequestMethod.PUT,
+            path = "/tenants/tenants/{tenant_uuid}/".replace("{"+"tenant_uuid"+"}", encodeURIComponent(tenantUuid.toString())),
+            query = localVariableQuery,
+            headers = localVariableHeaders,
+            requiresAuthentication = false,
+            body = localVariableBody
+        )
+    }
+
+
+    private fun encodeURIComponent(uriComponent: kotlin.String): kotlin.String =
+        HttpUrl.Builder().scheme("http").host("localhost").addPathSegment(uriComponent).build().encodedPathSegments[0]
+}
diff --git a/src/main/kotlin/io/goauthentik/api/models/AppEnum.kt b/src/main/kotlin/io/goauthentik/api/models/AppEnum.kt
index 9969f96..8eb89df 100644
--- a/src/main/kotlin/io/goauthentik/api/models/AppEnum.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/AppEnum.kt
@@ -20,14 +20,17 @@ import com.squareup.moshi.Json
 import com.squareup.moshi.JsonClass
 
 /**
- * * `authentik.admin` - authentik Admin * `authentik.api` - authentik API * `authentik.crypto` - authentik Crypto * `authentik.events` - authentik Events * `authentik.flows` - authentik Flows * `authentik.outposts` - authentik Outpost * `authentik.policies.dummy` - authentik Policies.Dummy * `authentik.policies.event_matcher` - authentik Policies.Event Matcher * `authentik.policies.expiry` - authentik Policies.Expiry * `authentik.policies.expression` - authentik Policies.Expression * `authentik.policies.password` - authentik Policies.Password * `authentik.policies.reputation` - authentik Policies.Reputation * `authentik.policies` - authentik Policies * `authentik.providers.ldap` - authentik Providers.LDAP * `authentik.providers.oauth2` - authentik Providers.OAuth2 * `authentik.providers.proxy` - authentik Providers.Proxy * `authentik.providers.radius` - authentik Providers.Radius * `authentik.providers.saml` - authentik Providers.SAML * `authentik.providers.scim` - authentik Providers.SCIM * `authentik.rbac` - authentik RBAC * `authentik.recovery` - authentik Recovery * `authentik.sources.ldap` - authentik Sources.LDAP * `authentik.sources.oauth` - authentik Sources.OAuth * `authentik.sources.plex` - authentik Sources.Plex * `authentik.sources.saml` - authentik Sources.SAML * `authentik.stages.authenticator` - authentik Stages.Authenticator * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn * `authentik.stages.captcha` - authentik Stages.Captcha * `authentik.stages.consent` - authentik Stages.Consent * `authentik.stages.deny` - authentik Stages.Deny * `authentik.stages.dummy` - authentik Stages.Dummy * `authentik.stages.email` - authentik Stages.Email * `authentik.stages.identification` - authentik Stages.Identification * `authentik.stages.invitation` - authentik Stages.User Invitation * `authentik.stages.password` - authentik Stages.Password * `authentik.stages.prompt` - authentik Stages.Prompt * `authentik.stages.user_delete` - authentik Stages.User Delete * `authentik.stages.user_login` - authentik Stages.User Login * `authentik.stages.user_logout` - authentik Stages.User Logout * `authentik.stages.user_write` - authentik Stages.User Write * `authentik.tenants` - authentik Tenants * `authentik.blueprints` - authentik Blueprints * `authentik.core` - authentik Core * `authentik.enterprise` - authentik Enterprise * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
+ * * `authentik.tenants` - authentik Tenants * `authentik.admin` - authentik Admin * `authentik.api` - authentik API * `authentik.crypto` - authentik Crypto * `authentik.events` - authentik Events * `authentik.flows` - authentik Flows * `authentik.outposts` - authentik Outpost * `authentik.policies.dummy` - authentik Policies.Dummy * `authentik.policies.event_matcher` - authentik Policies.Event Matcher * `authentik.policies.expiry` - authentik Policies.Expiry * `authentik.policies.expression` - authentik Policies.Expression * `authentik.policies.password` - authentik Policies.Password * `authentik.policies.reputation` - authentik Policies.Reputation * `authentik.policies` - authentik Policies * `authentik.providers.ldap` - authentik Providers.LDAP * `authentik.providers.oauth2` - authentik Providers.OAuth2 * `authentik.providers.proxy` - authentik Providers.Proxy * `authentik.providers.radius` - authentik Providers.Radius * `authentik.providers.saml` - authentik Providers.SAML * `authentik.providers.scim` - authentik Providers.SCIM * `authentik.rbac` - authentik RBAC * `authentik.recovery` - authentik Recovery * `authentik.sources.ldap` - authentik Sources.LDAP * `authentik.sources.oauth` - authentik Sources.OAuth * `authentik.sources.plex` - authentik Sources.Plex * `authentik.sources.saml` - authentik Sources.SAML * `authentik.stages.authenticator` - authentik Stages.Authenticator * `authentik.stages.authenticator_duo` - authentik Stages.Authenticator.Duo * `authentik.stages.authenticator_sms` - authentik Stages.Authenticator.SMS * `authentik.stages.authenticator_static` - authentik Stages.Authenticator.Static * `authentik.stages.authenticator_totp` - authentik Stages.Authenticator.TOTP * `authentik.stages.authenticator_validate` - authentik Stages.Authenticator.Validate * `authentik.stages.authenticator_webauthn` - authentik Stages.Authenticator.WebAuthn * `authentik.stages.captcha` - authentik Stages.Captcha * `authentik.stages.consent` - authentik Stages.Consent * `authentik.stages.deny` - authentik Stages.Deny * `authentik.stages.dummy` - authentik Stages.Dummy * `authentik.stages.email` - authentik Stages.Email * `authentik.stages.identification` - authentik Stages.Identification * `authentik.stages.invitation` - authentik Stages.User Invitation * `authentik.stages.password` - authentik Stages.Password * `authentik.stages.prompt` - authentik Stages.Prompt * `authentik.stages.user_delete` - authentik Stages.User Delete * `authentik.stages.user_login` - authentik Stages.User Login * `authentik.stages.user_logout` - authentik Stages.User Logout * `authentik.stages.user_write` - authentik Stages.User Write * `authentik.brands` - authentik Brands * `authentik.blueprints` - authentik Blueprints * `authentik.core` - authentik Core * `authentik.enterprise` - authentik Enterprise * `authentik.enterprise.providers.rac` - authentik Enterprise.Providers.RAC
  *
- * Values: admin,api,crypto,events,flows,outposts,policiesPeriodDummy,policiesPeriodEventMatcher,policiesPeriodExpiry,policiesPeriodExpression,policiesPeriodPassword,policiesPeriodReputation,policies,providersPeriodLdap,providersPeriodOauth2,providersPeriodProxy,providersPeriodRadius,providersPeriodSaml,providersPeriodScim,rbac,recovery,sourcesPeriodLdap,sourcesPeriodOauth,sourcesPeriodPlex,sourcesPeriodSaml,stagesPeriodAuthenticator,stagesPeriodAuthenticatorDuo,stagesPeriodAuthenticatorSms,stagesPeriodAuthenticatorStatic,stagesPeriodAuthenticatorTotp,stagesPeriodAuthenticatorValidate,stagesPeriodAuthenticatorWebauthn,stagesPeriodCaptcha,stagesPeriodConsent,stagesPeriodDeny,stagesPeriodDummy,stagesPeriodEmail,stagesPeriodIdentification,stagesPeriodInvitation,stagesPeriodPassword,stagesPeriodPrompt,stagesPeriodUserDelete,stagesPeriodUserLogin,stagesPeriodUserLogout,stagesPeriodUserWrite,tenants,blueprints,core,enterprise,enterprisePeriodProvidersPeriodRac,unknownDefaultOpenApi
+ * Values: tenants,admin,api,crypto,events,flows,outposts,policiesPeriodDummy,policiesPeriodEventMatcher,policiesPeriodExpiry,policiesPeriodExpression,policiesPeriodPassword,policiesPeriodReputation,policies,providersPeriodLdap,providersPeriodOauth2,providersPeriodProxy,providersPeriodRadius,providersPeriodSaml,providersPeriodScim,rbac,recovery,sourcesPeriodLdap,sourcesPeriodOauth,sourcesPeriodPlex,sourcesPeriodSaml,stagesPeriodAuthenticator,stagesPeriodAuthenticatorDuo,stagesPeriodAuthenticatorSms,stagesPeriodAuthenticatorStatic,stagesPeriodAuthenticatorTotp,stagesPeriodAuthenticatorValidate,stagesPeriodAuthenticatorWebauthn,stagesPeriodCaptcha,stagesPeriodConsent,stagesPeriodDeny,stagesPeriodDummy,stagesPeriodEmail,stagesPeriodIdentification,stagesPeriodInvitation,stagesPeriodPassword,stagesPeriodPrompt,stagesPeriodUserDelete,stagesPeriodUserLogin,stagesPeriodUserLogout,stagesPeriodUserWrite,brands,blueprints,core,enterprise,enterprisePeriodProvidersPeriodRac,unknownDefaultOpenApi
  */
 
 @JsonClass(generateAdapter = false)
 enum class AppEnum(val value: kotlin.String) {
 
+    @Json(name = "authentik.tenants")
+    tenants("authentik.tenants"),
+
     @Json(name = "authentik.admin")
     admin("authentik.admin"),
 
@@ -163,8 +166,8 @@ enum class AppEnum(val value: kotlin.String) {
     @Json(name = "authentik.stages.user_write")
     stagesPeriodUserWrite("authentik.stages.user_write"),
 
-    @Json(name = "authentik.tenants")
-    tenants("authentik.tenants"),
+    @Json(name = "authentik.brands")
+    brands("authentik.brands"),
 
     @Json(name = "authentik.blueprints")
     blueprints("authentik.blueprints"),
diff --git a/src/main/kotlin/io/goauthentik/api/models/Brand.kt b/src/main/kotlin/io/goauthentik/api/models/Brand.kt
new file mode 100644
index 0000000..69a03e5
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/Brand.kt
@@ -0,0 +1,89 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Brand Serializer
+ *
+ * @param brandUuid 
+ * @param domain Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b`
+ * @param default 
+ * @param brandingTitle 
+ * @param brandingLogo 
+ * @param brandingFavicon 
+ * @param flowAuthentication 
+ * @param flowInvalidation 
+ * @param flowRecovery 
+ * @param flowUnenrollment 
+ * @param flowUserSettings 
+ * @param flowDeviceCode 
+ * @param webCertificate Web Certificate used by the authentik Core webserver.
+ * @param attributes 
+ */
+
+
+data class Brand (
+
+    @Json(name = "brand_uuid")
+    val brandUuid: java.util.UUID,
+
+    /* Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` */
+    @Json(name = "domain")
+    val domain: kotlin.String,
+
+    @Json(name = "default")
+    val default: kotlin.Boolean? = null,
+
+    @Json(name = "branding_title")
+    val brandingTitle: kotlin.String? = null,
+
+    @Json(name = "branding_logo")
+    val brandingLogo: kotlin.String? = null,
+
+    @Json(name = "branding_favicon")
+    val brandingFavicon: kotlin.String? = null,
+
+    @Json(name = "flow_authentication")
+    val flowAuthentication: java.util.UUID? = null,
+
+    @Json(name = "flow_invalidation")
+    val flowInvalidation: java.util.UUID? = null,
+
+    @Json(name = "flow_recovery")
+    val flowRecovery: java.util.UUID? = null,
+
+    @Json(name = "flow_unenrollment")
+    val flowUnenrollment: java.util.UUID? = null,
+
+    @Json(name = "flow_user_settings")
+    val flowUserSettings: java.util.UUID? = null,
+
+    @Json(name = "flow_device_code")
+    val flowDeviceCode: java.util.UUID? = null,
+
+    /* Web Certificate used by the authentik Core webserver. */
+    @Json(name = "web_certificate")
+    val webCertificate: java.util.UUID? = null,
+
+    @Json(name = "attributes")
+    val attributes: kotlin.Any? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/BrandRequest.kt b/src/main/kotlin/io/goauthentik/api/models/BrandRequest.kt
new file mode 100644
index 0000000..3d1a42a
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/BrandRequest.kt
@@ -0,0 +1,85 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Brand Serializer
+ *
+ * @param domain Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b`
+ * @param default 
+ * @param brandingTitle 
+ * @param brandingLogo 
+ * @param brandingFavicon 
+ * @param flowAuthentication 
+ * @param flowInvalidation 
+ * @param flowRecovery 
+ * @param flowUnenrollment 
+ * @param flowUserSettings 
+ * @param flowDeviceCode 
+ * @param webCertificate Web Certificate used by the authentik Core webserver.
+ * @param attributes 
+ */
+
+
+data class BrandRequest (
+
+    /* Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` */
+    @Json(name = "domain")
+    val domain: kotlin.String,
+
+    @Json(name = "default")
+    val default: kotlin.Boolean? = null,
+
+    @Json(name = "branding_title")
+    val brandingTitle: kotlin.String? = null,
+
+    @Json(name = "branding_logo")
+    val brandingLogo: kotlin.String? = null,
+
+    @Json(name = "branding_favicon")
+    val brandingFavicon: kotlin.String? = null,
+
+    @Json(name = "flow_authentication")
+    val flowAuthentication: java.util.UUID? = null,
+
+    @Json(name = "flow_invalidation")
+    val flowInvalidation: java.util.UUID? = null,
+
+    @Json(name = "flow_recovery")
+    val flowRecovery: java.util.UUID? = null,
+
+    @Json(name = "flow_unenrollment")
+    val flowUnenrollment: java.util.UUID? = null,
+
+    @Json(name = "flow_user_settings")
+    val flowUserSettings: java.util.UUID? = null,
+
+    @Json(name = "flow_device_code")
+    val flowDeviceCode: java.util.UUID? = null,
+
+    /* Web Certificate used by the authentik Core webserver. */
+    @Json(name = "web_certificate")
+    val webCertificate: java.util.UUID? = null,
+
+    @Json(name = "attributes")
+    val attributes: kotlin.Any? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/CurrentTenant.kt b/src/main/kotlin/io/goauthentik/api/models/CurrentBrand.kt
similarity index 92%
rename from src/main/kotlin/io/goauthentik/api/models/CurrentTenant.kt
rename to src/main/kotlin/io/goauthentik/api/models/CurrentBrand.kt
index b8fc34b..a5ef8ce 100644
--- a/src/main/kotlin/io/goauthentik/api/models/CurrentTenant.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/CurrentBrand.kt
@@ -22,7 +22,7 @@ import com.squareup.moshi.Json
 import com.squareup.moshi.JsonClass
 
 /**
- * Partial tenant information for styling
+ * Partial brand information for styling
  *
  * @param matchedDomain 
  * @param brandingTitle 
@@ -40,7 +40,7 @@ import com.squareup.moshi.JsonClass
  */
 
 
-data class CurrentTenant (
+data class CurrentBrand (
 
     @Json(name = "matched_domain")
     val matchedDomain: kotlin.String,
@@ -55,7 +55,7 @@ data class CurrentTenant (
     val brandingFavicon: kotlin.String,
 
     @Json(name = "ui_footer_links")
-    val uiFooterLinks: kotlin.collections.List<FooterLink> = arrayListOf(),
+    val uiFooterLinks: kotlin.collections.List<FooterLink>,
 
     @Json(name = "ui_theme")
     val uiTheme: UiThemeEnum,
diff --git a/src/main/kotlin/io/goauthentik/api/models/Domain.kt b/src/main/kotlin/io/goauthentik/api/models/Domain.kt
new file mode 100644
index 0000000..04a7eed
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/Domain.kt
@@ -0,0 +1,47 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Domain Serializer
+ *
+ * @param id 
+ * @param domain 
+ * @param tenant 
+ * @param isPrimary 
+ */
+
+
+data class Domain (
+
+    @Json(name = "id")
+    val id: kotlin.Int,
+
+    @Json(name = "domain")
+    val domain: kotlin.String,
+
+    @Json(name = "tenant")
+    val tenant: java.util.UUID,
+
+    @Json(name = "is_primary")
+    val isPrimary: kotlin.Boolean? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/DomainRequest.kt b/src/main/kotlin/io/goauthentik/api/models/DomainRequest.kt
new file mode 100644
index 0000000..3baa3fd
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/DomainRequest.kt
@@ -0,0 +1,43 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Domain Serializer
+ *
+ * @param domain 
+ * @param tenant 
+ * @param isPrimary 
+ */
+
+
+data class DomainRequest (
+
+    @Json(name = "domain")
+    val domain: kotlin.String,
+
+    @Json(name = "tenant")
+    val tenant: java.util.UUID,
+
+    @Json(name = "is_primary")
+    val isPrimary: kotlin.Boolean? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/Event.kt b/src/main/kotlin/io/goauthentik/api/models/Event.kt
index c0e71e5..0490b0c 100644
--- a/src/main/kotlin/io/goauthentik/api/models/Event.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/Event.kt
@@ -31,7 +31,7 @@ import com.squareup.moshi.JsonClass
  * @param context 
  * @param clientIp 
  * @param expires 
- * @param tenant 
+ * @param brand 
  */
 
 
@@ -61,8 +61,8 @@ data class Event (
     @Json(name = "expires")
     val expires: java.time.OffsetDateTime? = null,
 
-    @Json(name = "tenant")
-    val tenant: kotlin.Any? = null
+    @Json(name = "brand")
+    val brand: kotlin.Any? = null
 
 )
 
diff --git a/src/main/kotlin/io/goauthentik/api/models/EventRequest.kt b/src/main/kotlin/io/goauthentik/api/models/EventRequest.kt
index 94c3798..9176247 100644
--- a/src/main/kotlin/io/goauthentik/api/models/EventRequest.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/EventRequest.kt
@@ -29,7 +29,7 @@ import com.squareup.moshi.JsonClass
  * @param context 
  * @param clientIp 
  * @param expires 
- * @param tenant 
+ * @param brand 
  */
 
 
@@ -53,8 +53,8 @@ data class EventRequest (
     @Json(name = "expires")
     val expires: java.time.OffsetDateTime? = null,
 
-    @Json(name = "tenant")
-    val tenant: kotlin.Any? = null
+    @Json(name = "brand")
+    val brand: kotlin.Any? = null
 
 )
 
diff --git a/src/main/kotlin/io/goauthentik/api/models/ModelEnum.kt b/src/main/kotlin/io/goauthentik/api/models/ModelEnum.kt
index 5f35d61..a9d2bff 100644
--- a/src/main/kotlin/io/goauthentik/api/models/ModelEnum.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/ModelEnum.kt
@@ -20,14 +20,17 @@ import com.squareup.moshi.Json
 import com.squareup.moshi.JsonClass
 
 /**
- * * `authentik_crypto.certificatekeypair` - Certificate-Key Pair * `authentik_events.event` - Event * `authentik_events.notificationtransport` - Notification Transport * `authentik_events.notification` - Notification * `authentik_events.notificationrule` - Notification Rule * `authentik_events.notificationwebhookmapping` - Webhook Mapping * `authentik_flows.flow` - Flow * `authentik_flows.flowstagebinding` - Flow Stage Binding * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection * `authentik_outposts.outpost` - Outpost * `authentik_policies_dummy.dummypolicy` - Dummy Policy * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy * `authentik_policies_expression.expressionpolicy` - Expression Policy * `authentik_policies_password.passwordpolicy` - Password Policy * `authentik_policies_reputation.reputationpolicy` - Reputation Policy * `authentik_policies_reputation.reputation` - Reputation Score * `authentik_policies.policybinding` - Policy Binding * `authentik_providers_ldap.ldapprovider` - LDAP Provider * `authentik_providers_oauth2.scopemapping` - Scope Mapping * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider * `authentik_providers_oauth2.authorizationcode` - Authorization Code * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token * `authentik_providers_proxy.proxyprovider` - Proxy Provider * `authentik_providers_radius.radiusprovider` - Radius Provider * `authentik_providers_saml.samlprovider` - SAML Provider * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping * `authentik_providers_scim.scimprovider` - SCIM Provider * `authentik_providers_scim.scimmapping` - SCIM Mapping * `authentik_rbac.role` - Role * `authentik_sources_ldap.ldapsource` - LDAP Source * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping * `authentik_sources_oauth.oauthsource` - OAuth Source * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection * `authentik_sources_plex.plexsource` - Plex Source * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection * `authentik_sources_saml.samlsource` - SAML Source * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage * `authentik_stages_authenticator_duo.duodevice` - Duo Device * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage * `authentik_stages_authenticator_sms.smsdevice` - SMS Device * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage * `authentik_stages_authenticator_static.staticdevice` - Static Device * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device * `authentik_stages_captcha.captchastage` - Captcha Stage * `authentik_stages_consent.consentstage` - Consent Stage * `authentik_stages_consent.userconsent` - User Consent * `authentik_stages_deny.denystage` - Deny Stage * `authentik_stages_dummy.dummystage` - Dummy Stage * `authentik_stages_email.emailstage` - Email Stage * `authentik_stages_identification.identificationstage` - Identification Stage * `authentik_stages_invitation.invitationstage` - Invitation Stage * `authentik_stages_invitation.invitation` - Invitation * `authentik_stages_password.passwordstage` - Password Stage * `authentik_stages_prompt.prompt` - Prompt * `authentik_stages_prompt.promptstage` - Prompt Stage * `authentik_stages_user_delete.userdeletestage` - User Delete Stage * `authentik_stages_user_login.userloginstage` - User Login Stage * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage * `authentik_stages_user_write.userwritestage` - User Write Stage * `authentik_tenants.tenant` - Tenant * `authentik_blueprints.blueprintinstance` - Blueprint Instance * `authentik_core.group` - Group * `authentik_core.user` - User * `authentik_core.application` - Application * `authentik_core.token` - Token * `authentik_enterprise.license` - License * `authentik_providers_rac.racprovider` - RAC Provider * `authentik_providers_rac.endpoint` - RAC Endpoint * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
+ * * `authentik_tenants.domain` - Domain * `authentik_crypto.certificatekeypair` - Certificate-Key Pair * `authentik_events.event` - Event * `authentik_events.notificationtransport` - Notification Transport * `authentik_events.notification` - Notification * `authentik_events.notificationrule` - Notification Rule * `authentik_events.notificationwebhookmapping` - Webhook Mapping * `authentik_flows.flow` - Flow * `authentik_flows.flowstagebinding` - Flow Stage Binding * `authentik_outposts.dockerserviceconnection` - Docker Service-Connection * `authentik_outposts.kubernetesserviceconnection` - Kubernetes Service-Connection * `authentik_outposts.outpost` - Outpost * `authentik_policies_dummy.dummypolicy` - Dummy Policy * `authentik_policies_event_matcher.eventmatcherpolicy` - Event Matcher Policy * `authentik_policies_expiry.passwordexpirypolicy` - Password Expiry Policy * `authentik_policies_expression.expressionpolicy` - Expression Policy * `authentik_policies_password.passwordpolicy` - Password Policy * `authentik_policies_reputation.reputationpolicy` - Reputation Policy * `authentik_policies_reputation.reputation` - Reputation Score * `authentik_policies.policybinding` - Policy Binding * `authentik_providers_ldap.ldapprovider` - LDAP Provider * `authentik_providers_oauth2.scopemapping` - Scope Mapping * `authentik_providers_oauth2.oauth2provider` - OAuth2/OpenID Provider * `authentik_providers_oauth2.authorizationcode` - Authorization Code * `authentik_providers_oauth2.accesstoken` - OAuth2 Access Token * `authentik_providers_oauth2.refreshtoken` - OAuth2 Refresh Token * `authentik_providers_proxy.proxyprovider` - Proxy Provider * `authentik_providers_radius.radiusprovider` - Radius Provider * `authentik_providers_saml.samlprovider` - SAML Provider * `authentik_providers_saml.samlpropertymapping` - SAML Property Mapping * `authentik_providers_scim.scimprovider` - SCIM Provider * `authentik_providers_scim.scimmapping` - SCIM Mapping * `authentik_rbac.role` - Role * `authentik_sources_ldap.ldapsource` - LDAP Source * `authentik_sources_ldap.ldappropertymapping` - LDAP Property Mapping * `authentik_sources_oauth.oauthsource` - OAuth Source * `authentik_sources_oauth.useroauthsourceconnection` - User OAuth Source Connection * `authentik_sources_plex.plexsource` - Plex Source * `authentik_sources_plex.plexsourceconnection` - User Plex Source Connection * `authentik_sources_saml.samlsource` - SAML Source * `authentik_sources_saml.usersamlsourceconnection` - User SAML Source Connection * `authentik_stages_authenticator_duo.authenticatorduostage` - Duo Authenticator Setup Stage * `authentik_stages_authenticator_duo.duodevice` - Duo Device * `authentik_stages_authenticator_sms.authenticatorsmsstage` - SMS Authenticator Setup Stage * `authentik_stages_authenticator_sms.smsdevice` - SMS Device * `authentik_stages_authenticator_static.authenticatorstaticstage` - Static Authenticator Stage * `authentik_stages_authenticator_static.staticdevice` - Static Device * `authentik_stages_authenticator_totp.authenticatortotpstage` - TOTP Authenticator Setup Stage * `authentik_stages_authenticator_totp.totpdevice` - TOTP Device * `authentik_stages_authenticator_validate.authenticatorvalidatestage` - Authenticator Validation Stage * `authentik_stages_authenticator_webauthn.authenticatewebauthnstage` - WebAuthn Authenticator Setup Stage * `authentik_stages_authenticator_webauthn.webauthndevice` - WebAuthn Device * `authentik_stages_captcha.captchastage` - Captcha Stage * `authentik_stages_consent.consentstage` - Consent Stage * `authentik_stages_consent.userconsent` - User Consent * `authentik_stages_deny.denystage` - Deny Stage * `authentik_stages_dummy.dummystage` - Dummy Stage * `authentik_stages_email.emailstage` - Email Stage * `authentik_stages_identification.identificationstage` - Identification Stage * `authentik_stages_invitation.invitationstage` - Invitation Stage * `authentik_stages_invitation.invitation` - Invitation * `authentik_stages_password.passwordstage` - Password Stage * `authentik_stages_prompt.prompt` - Prompt * `authentik_stages_prompt.promptstage` - Prompt Stage * `authentik_stages_user_delete.userdeletestage` - User Delete Stage * `authentik_stages_user_login.userloginstage` - User Login Stage * `authentik_stages_user_logout.userlogoutstage` - User Logout Stage * `authentik_stages_user_write.userwritestage` - User Write Stage * `authentik_brands.brand` - Brand * `authentik_blueprints.blueprintinstance` - Blueprint Instance * `authentik_core.group` - Group * `authentik_core.user` - User * `authentik_core.application` - Application * `authentik_core.token` - Token * `authentik_enterprise.license` - License * `authentik_providers_rac.racprovider` - RAC Provider * `authentik_providers_rac.endpoint` - RAC Endpoint * `authentik_providers_rac.racpropertymapping` - RAC Property Mapping
  *
- * Values: cryptoPeriodCertificatekeypair,eventsPeriodEvent,eventsPeriodNotificationtransport,eventsPeriodNotification,eventsPeriodNotificationrule,eventsPeriodNotificationwebhookmapping,flowsPeriodFlow,flowsPeriodFlowstagebinding,outpostsPeriodDockerserviceconnection,outpostsPeriodKubernetesserviceconnection,outpostsPeriodOutpost,policiesDummyPeriodDummypolicy,policiesEventMatcherPeriodEventmatcherpolicy,policiesExpiryPeriodPasswordexpirypolicy,policiesExpressionPeriodExpressionpolicy,policiesPasswordPeriodPasswordpolicy,policiesReputationPeriodReputationpolicy,policiesReputationPeriodReputation,policiesPeriodPolicybinding,providersLdapPeriodLdapprovider,providersOauth2PeriodScopemapping,providersOauth2PeriodOauth2provider,providersOauth2PeriodAuthorizationcode,providersOauth2PeriodAccesstoken,providersOauth2PeriodRefreshtoken,providersProxyPeriodProxyprovider,providersRadiusPeriodRadiusprovider,providersSamlPeriodSamlprovider,providersSamlPeriodSamlpropertymapping,providersScimPeriodScimprovider,providersScimPeriodScimmapping,rbacPeriodRole,sourcesLdapPeriodLdapsource,sourcesLdapPeriodLdappropertymapping,sourcesOauthPeriodOauthsource,sourcesOauthPeriodUseroauthsourceconnection,sourcesPlexPeriodPlexsource,sourcesPlexPeriodPlexsourceconnection,sourcesSamlPeriodSamlsource,sourcesSamlPeriodUsersamlsourceconnection,stagesAuthenticatorDuoPeriodAuthenticatorduostage,stagesAuthenticatorDuoPeriodDuodevice,stagesAuthenticatorSmsPeriodAuthenticatorsmsstage,stagesAuthenticatorSmsPeriodSmsdevice,stagesAuthenticatorStaticPeriodAuthenticatorstaticstage,stagesAuthenticatorStaticPeriodStaticdevice,stagesAuthenticatorTotpPeriodAuthenticatortotpstage,stagesAuthenticatorTotpPeriodTotpdevice,stagesAuthenticatorValidatePeriodAuthenticatorvalidatestage,stagesAuthenticatorWebauthnPeriodAuthenticatewebauthnstage,stagesAuthenticatorWebauthnPeriodWebauthndevice,stagesCaptchaPeriodCaptchastage,stagesConsentPeriodConsentstage,stagesConsentPeriodUserconsent,stagesDenyPeriodDenystage,stagesDummyPeriodDummystage,stagesEmailPeriodEmailstage,stagesIdentificationPeriodIdentificationstage,stagesInvitationPeriodInvitationstage,stagesInvitationPeriodInvitation,stagesPasswordPeriodPasswordstage,stagesPromptPeriodPrompt,stagesPromptPeriodPromptstage,stagesUserDeletePeriodUserdeletestage,stagesUserLoginPeriodUserloginstage,stagesUserLogoutPeriodUserlogoutstage,stagesUserWritePeriodUserwritestage,tenantsPeriodTenant,blueprintsPeriodBlueprintinstance,corePeriodGroup,corePeriodUser,corePeriodApplication,corePeriodToken,enterprisePeriodLicense,providersRacPeriodRacprovider,providersRacPeriodEndpoint,providersRacPeriodRacpropertymapping,unknownDefaultOpenApi
+ * Values: tenantsPeriodDomain,cryptoPeriodCertificatekeypair,eventsPeriodEvent,eventsPeriodNotificationtransport,eventsPeriodNotification,eventsPeriodNotificationrule,eventsPeriodNotificationwebhookmapping,flowsPeriodFlow,flowsPeriodFlowstagebinding,outpostsPeriodDockerserviceconnection,outpostsPeriodKubernetesserviceconnection,outpostsPeriodOutpost,policiesDummyPeriodDummypolicy,policiesEventMatcherPeriodEventmatcherpolicy,policiesExpiryPeriodPasswordexpirypolicy,policiesExpressionPeriodExpressionpolicy,policiesPasswordPeriodPasswordpolicy,policiesReputationPeriodReputationpolicy,policiesReputationPeriodReputation,policiesPeriodPolicybinding,providersLdapPeriodLdapprovider,providersOauth2PeriodScopemapping,providersOauth2PeriodOauth2provider,providersOauth2PeriodAuthorizationcode,providersOauth2PeriodAccesstoken,providersOauth2PeriodRefreshtoken,providersProxyPeriodProxyprovider,providersRadiusPeriodRadiusprovider,providersSamlPeriodSamlprovider,providersSamlPeriodSamlpropertymapping,providersScimPeriodScimprovider,providersScimPeriodScimmapping,rbacPeriodRole,sourcesLdapPeriodLdapsource,sourcesLdapPeriodLdappropertymapping,sourcesOauthPeriodOauthsource,sourcesOauthPeriodUseroauthsourceconnection,sourcesPlexPeriodPlexsource,sourcesPlexPeriodPlexsourceconnection,sourcesSamlPeriodSamlsource,sourcesSamlPeriodUsersamlsourceconnection,stagesAuthenticatorDuoPeriodAuthenticatorduostage,stagesAuthenticatorDuoPeriodDuodevice,stagesAuthenticatorSmsPeriodAuthenticatorsmsstage,stagesAuthenticatorSmsPeriodSmsdevice,stagesAuthenticatorStaticPeriodAuthenticatorstaticstage,stagesAuthenticatorStaticPeriodStaticdevice,stagesAuthenticatorTotpPeriodAuthenticatortotpstage,stagesAuthenticatorTotpPeriodTotpdevice,stagesAuthenticatorValidatePeriodAuthenticatorvalidatestage,stagesAuthenticatorWebauthnPeriodAuthenticatewebauthnstage,stagesAuthenticatorWebauthnPeriodWebauthndevice,stagesCaptchaPeriodCaptchastage,stagesConsentPeriodConsentstage,stagesConsentPeriodUserconsent,stagesDenyPeriodDenystage,stagesDummyPeriodDummystage,stagesEmailPeriodEmailstage,stagesIdentificationPeriodIdentificationstage,stagesInvitationPeriodInvitationstage,stagesInvitationPeriodInvitation,stagesPasswordPeriodPasswordstage,stagesPromptPeriodPrompt,stagesPromptPeriodPromptstage,stagesUserDeletePeriodUserdeletestage,stagesUserLoginPeriodUserloginstage,stagesUserLogoutPeriodUserlogoutstage,stagesUserWritePeriodUserwritestage,brandsPeriodBrand,blueprintsPeriodBlueprintinstance,corePeriodGroup,corePeriodUser,corePeriodApplication,corePeriodToken,enterprisePeriodLicense,providersRacPeriodRacprovider,providersRacPeriodEndpoint,providersRacPeriodRacpropertymapping,unknownDefaultOpenApi
  */
 
 @JsonClass(generateAdapter = false)
 enum class ModelEnum(val value: kotlin.String) {
 
+    @Json(name = "authentik_tenants.domain")
+    tenantsPeriodDomain("authentik_tenants.domain"),
+
     @Json(name = "authentik_crypto.certificatekeypair")
     cryptoPeriodCertificatekeypair("authentik_crypto.certificatekeypair"),
 
@@ -229,8 +232,8 @@ enum class ModelEnum(val value: kotlin.String) {
     @Json(name = "authentik_stages_user_write.userwritestage")
     stagesUserWritePeriodUserwritestage("authentik_stages_user_write.userwritestage"),
 
-    @Json(name = "authentik_tenants.tenant")
-    tenantsPeriodTenant("authentik_tenants.tenant"),
+    @Json(name = "authentik_brands.brand")
+    brandsPeriodBrand("authentik_brands.brand"),
 
     @Json(name = "authentik_blueprints.blueprintinstance")
     blueprintsPeriodBlueprintinstance("authentik_blueprints.blueprintinstance"),
diff --git a/src/main/kotlin/io/goauthentik/api/models/PaginatedBrandList.kt b/src/main/kotlin/io/goauthentik/api/models/PaginatedBrandList.kt
new file mode 100644
index 0000000..bc79ee6
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/PaginatedBrandList.kt
@@ -0,0 +1,41 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+import io.goauthentik.api.models.Brand
+import io.goauthentik.api.models.Pagination
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * 
+ *
+ * @param pagination 
+ * @param results 
+ */
+
+
+data class PaginatedBrandList (
+
+    @Json(name = "pagination")
+    val pagination: Pagination,
+
+    @Json(name = "results")
+    val results: kotlin.collections.List<Brand>
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/PaginatedDomainList.kt b/src/main/kotlin/io/goauthentik/api/models/PaginatedDomainList.kt
new file mode 100644
index 0000000..058b962
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/PaginatedDomainList.kt
@@ -0,0 +1,41 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+import io.goauthentik.api.models.Domain
+import io.goauthentik.api.models.Pagination
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * 
+ *
+ * @param pagination 
+ * @param results 
+ */
+
+
+data class PaginatedDomainList (
+
+    @Json(name = "pagination")
+    val pagination: Pagination,
+
+    @Json(name = "results")
+    val results: kotlin.collections.List<Domain>
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/PatchedBrandRequest.kt b/src/main/kotlin/io/goauthentik/api/models/PatchedBrandRequest.kt
new file mode 100644
index 0000000..36038e4
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/PatchedBrandRequest.kt
@@ -0,0 +1,85 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Brand Serializer
+ *
+ * @param domain Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b`
+ * @param default 
+ * @param brandingTitle 
+ * @param brandingLogo 
+ * @param brandingFavicon 
+ * @param flowAuthentication 
+ * @param flowInvalidation 
+ * @param flowRecovery 
+ * @param flowUnenrollment 
+ * @param flowUserSettings 
+ * @param flowDeviceCode 
+ * @param webCertificate Web Certificate used by the authentik Core webserver.
+ * @param attributes 
+ */
+
+
+data class PatchedBrandRequest (
+
+    /* Domain that activates this brand. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` */
+    @Json(name = "domain")
+    val domain: kotlin.String? = null,
+
+    @Json(name = "default")
+    val default: kotlin.Boolean? = null,
+
+    @Json(name = "branding_title")
+    val brandingTitle: kotlin.String? = null,
+
+    @Json(name = "branding_logo")
+    val brandingLogo: kotlin.String? = null,
+
+    @Json(name = "branding_favicon")
+    val brandingFavicon: kotlin.String? = null,
+
+    @Json(name = "flow_authentication")
+    val flowAuthentication: java.util.UUID? = null,
+
+    @Json(name = "flow_invalidation")
+    val flowInvalidation: java.util.UUID? = null,
+
+    @Json(name = "flow_recovery")
+    val flowRecovery: java.util.UUID? = null,
+
+    @Json(name = "flow_unenrollment")
+    val flowUnenrollment: java.util.UUID? = null,
+
+    @Json(name = "flow_user_settings")
+    val flowUserSettings: java.util.UUID? = null,
+
+    @Json(name = "flow_device_code")
+    val flowDeviceCode: java.util.UUID? = null,
+
+    /* Web Certificate used by the authentik Core webserver. */
+    @Json(name = "web_certificate")
+    val webCertificate: java.util.UUID? = null,
+
+    @Json(name = "attributes")
+    val attributes: kotlin.Any? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/PatchedDomainRequest.kt b/src/main/kotlin/io/goauthentik/api/models/PatchedDomainRequest.kt
new file mode 100644
index 0000000..1371b85
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/PatchedDomainRequest.kt
@@ -0,0 +1,43 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Domain Serializer
+ *
+ * @param domain 
+ * @param isPrimary 
+ * @param tenant 
+ */
+
+
+data class PatchedDomainRequest (
+
+    @Json(name = "domain")
+    val domain: kotlin.String? = null,
+
+    @Json(name = "is_primary")
+    val isPrimary: kotlin.Boolean? = null,
+
+    @Json(name = "tenant")
+    val tenant: java.util.UUID? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/PatchedEventRequest.kt b/src/main/kotlin/io/goauthentik/api/models/PatchedEventRequest.kt
index efc1c17..e0a8275 100644
--- a/src/main/kotlin/io/goauthentik/api/models/PatchedEventRequest.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/PatchedEventRequest.kt
@@ -29,7 +29,7 @@ import com.squareup.moshi.JsonClass
  * @param context 
  * @param clientIp 
  * @param expires 
- * @param tenant 
+ * @param brand 
  */
 
 
@@ -53,8 +53,8 @@ data class PatchedEventRequest (
     @Json(name = "expires")
     val expires: java.time.OffsetDateTime? = null,
 
-    @Json(name = "tenant")
-    val tenant: kotlin.Any? = null
+    @Json(name = "brand")
+    val brand: kotlin.Any? = null
 
 )
 
diff --git a/src/main/kotlin/io/goauthentik/api/models/PatchedSettingsRequest.kt b/src/main/kotlin/io/goauthentik/api/models/PatchedSettingsRequest.kt
new file mode 100644
index 0000000..2561096
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/PatchedSettingsRequest.kt
@@ -0,0 +1,71 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Settings Serializer
+ *
+ * @param avatars Configure how authentik should show avatars for users.
+ * @param defaultUserChangeName Enable the ability for users to change their name.
+ * @param defaultUserChangeEmail Enable the ability for users to change their email address.
+ * @param defaultUserChangeUsername Enable the ability for users to change their username.
+ * @param eventRetention Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).
+ * @param footerLinks The option configures the footer links on the flow executor pages.
+ * @param gdprCompliance When enabled, all the events caused by a user will be deleted upon the user's deletion.
+ * @param impersonation Globally enable/disable impersonation.
+ */
+
+
+data class PatchedSettingsRequest (
+
+    /* Configure how authentik should show avatars for users. */
+    @Json(name = "avatars")
+    val avatars: kotlin.String? = null,
+
+    /* Enable the ability for users to change their name. */
+    @Json(name = "default_user_change_name")
+    val defaultUserChangeName: kotlin.Boolean? = null,
+
+    /* Enable the ability for users to change their email address. */
+    @Json(name = "default_user_change_email")
+    val defaultUserChangeEmail: kotlin.Boolean? = null,
+
+    /* Enable the ability for users to change their username. */
+    @Json(name = "default_user_change_username")
+    val defaultUserChangeUsername: kotlin.Boolean? = null,
+
+    /* Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2). */
+    @Json(name = "event_retention")
+    val eventRetention: kotlin.String? = null,
+
+    /* The option configures the footer links on the flow executor pages. */
+    @Json(name = "footer_links")
+    val footerLinks: kotlin.Any? = null,
+
+    /* When enabled, all the events caused by a user will be deleted upon the user's deletion. */
+    @Json(name = "gdpr_compliance")
+    val gdprCompliance: kotlin.Boolean? = null,
+
+    /* Globally enable/disable impersonation. */
+    @Json(name = "impersonation")
+    val impersonation: kotlin.Boolean? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/PatchedTenantRequest.kt b/src/main/kotlin/io/goauthentik/api/models/PatchedTenantRequest.kt
index 0ba306c..0a9b31e 100644
--- a/src/main/kotlin/io/goauthentik/api/models/PatchedTenantRequest.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/PatchedTenantRequest.kt
@@ -22,69 +22,22 @@ import com.squareup.moshi.JsonClass
 /**
  * Tenant Serializer
  *
- * @param domain Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b`
- * @param default 
- * @param brandingTitle 
- * @param brandingLogo 
- * @param brandingFavicon 
- * @param flowAuthentication 
- * @param flowInvalidation 
- * @param flowRecovery 
- * @param flowUnenrollment 
- * @param flowUserSettings 
- * @param flowDeviceCode 
- * @param eventRetention Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).
- * @param webCertificate Web Certificate used by the authentik Core webserver.
- * @param attributes 
+ * @param schemaName 
+ * @param name 
+ * @param ready 
  */
 
 
 data class PatchedTenantRequest (
 
-    /* Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` */
-    @Json(name = "domain")
-    val domain: kotlin.String? = null,
+    @Json(name = "schema_name")
+    val schemaName: kotlin.String? = null,
 
-    @Json(name = "default")
-    val default: kotlin.Boolean? = null,
+    @Json(name = "name")
+    val name: kotlin.String? = null,
 
-    @Json(name = "branding_title")
-    val brandingTitle: kotlin.String? = null,
-
-    @Json(name = "branding_logo")
-    val brandingLogo: kotlin.String? = null,
-
-    @Json(name = "branding_favicon")
-    val brandingFavicon: kotlin.String? = null,
-
-    @Json(name = "flow_authentication")
-    val flowAuthentication: java.util.UUID? = null,
-
-    @Json(name = "flow_invalidation")
-    val flowInvalidation: java.util.UUID? = null,
-
-    @Json(name = "flow_recovery")
-    val flowRecovery: java.util.UUID? = null,
-
-    @Json(name = "flow_unenrollment")
-    val flowUnenrollment: java.util.UUID? = null,
-
-    @Json(name = "flow_user_settings")
-    val flowUserSettings: java.util.UUID? = null,
-
-    @Json(name = "flow_device_code")
-    val flowDeviceCode: java.util.UUID? = null,
-
-    /* Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2). */
-    @Json(name = "event_retention")
-    val eventRetention: kotlin.String? = null,
-
-    /* Web Certificate used by the authentik Core webserver. */
-    @Json(name = "web_certificate")
-    val webCertificate: java.util.UUID? = null,
-
-    @Json(name = "attributes")
-    val attributes: kotlin.Any? = null
+    @Json(name = "ready")
+    val ready: kotlin.Boolean? = null
 
 )
 
diff --git a/src/main/kotlin/io/goauthentik/api/models/Settings.kt b/src/main/kotlin/io/goauthentik/api/models/Settings.kt
new file mode 100644
index 0000000..0f6e043
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/Settings.kt
@@ -0,0 +1,71 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Settings Serializer
+ *
+ * @param avatars Configure how authentik should show avatars for users.
+ * @param defaultUserChangeName Enable the ability for users to change their name.
+ * @param defaultUserChangeEmail Enable the ability for users to change their email address.
+ * @param defaultUserChangeUsername Enable the ability for users to change their username.
+ * @param eventRetention Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).
+ * @param footerLinks The option configures the footer links on the flow executor pages.
+ * @param gdprCompliance When enabled, all the events caused by a user will be deleted upon the user's deletion.
+ * @param impersonation Globally enable/disable impersonation.
+ */
+
+
+data class Settings (
+
+    /* Configure how authentik should show avatars for users. */
+    @Json(name = "avatars")
+    val avatars: kotlin.String? = null,
+
+    /* Enable the ability for users to change their name. */
+    @Json(name = "default_user_change_name")
+    val defaultUserChangeName: kotlin.Boolean? = null,
+
+    /* Enable the ability for users to change their email address. */
+    @Json(name = "default_user_change_email")
+    val defaultUserChangeEmail: kotlin.Boolean? = null,
+
+    /* Enable the ability for users to change their username. */
+    @Json(name = "default_user_change_username")
+    val defaultUserChangeUsername: kotlin.Boolean? = null,
+
+    /* Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2). */
+    @Json(name = "event_retention")
+    val eventRetention: kotlin.String? = null,
+
+    /* The option configures the footer links on the flow executor pages. */
+    @Json(name = "footer_links")
+    val footerLinks: kotlin.Any? = null,
+
+    /* When enabled, all the events caused by a user will be deleted upon the user's deletion. */
+    @Json(name = "gdpr_compliance")
+    val gdprCompliance: kotlin.Boolean? = null,
+
+    /* Globally enable/disable impersonation. */
+    @Json(name = "impersonation")
+    val impersonation: kotlin.Boolean? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/SettingsRequest.kt b/src/main/kotlin/io/goauthentik/api/models/SettingsRequest.kt
new file mode 100644
index 0000000..8edb3cf
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/SettingsRequest.kt
@@ -0,0 +1,71 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Settings Serializer
+ *
+ * @param avatars Configure how authentik should show avatars for users.
+ * @param defaultUserChangeName Enable the ability for users to change their name.
+ * @param defaultUserChangeEmail Enable the ability for users to change their email address.
+ * @param defaultUserChangeUsername Enable the ability for users to change their username.
+ * @param eventRetention Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).
+ * @param footerLinks The option configures the footer links on the flow executor pages.
+ * @param gdprCompliance When enabled, all the events caused by a user will be deleted upon the user's deletion.
+ * @param impersonation Globally enable/disable impersonation.
+ */
+
+
+data class SettingsRequest (
+
+    /* Configure how authentik should show avatars for users. */
+    @Json(name = "avatars")
+    val avatars: kotlin.String? = null,
+
+    /* Enable the ability for users to change their name. */
+    @Json(name = "default_user_change_name")
+    val defaultUserChangeName: kotlin.Boolean? = null,
+
+    /* Enable the ability for users to change their email address. */
+    @Json(name = "default_user_change_email")
+    val defaultUserChangeEmail: kotlin.Boolean? = null,
+
+    /* Enable the ability for users to change their username. */
+    @Json(name = "default_user_change_username")
+    val defaultUserChangeUsername: kotlin.Boolean? = null,
+
+    /* Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2). */
+    @Json(name = "event_retention")
+    val eventRetention: kotlin.String? = null,
+
+    /* The option configures the footer links on the flow executor pages. */
+    @Json(name = "footer_links")
+    val footerLinks: kotlin.Any? = null,
+
+    /* When enabled, all the events caused by a user will be deleted upon the user's deletion. */
+    @Json(name = "gdpr_compliance")
+    val gdprCompliance: kotlin.Boolean? = null,
+
+    /* Globally enable/disable impersonation. */
+    @Json(name = "impersonation")
+    val impersonation: kotlin.Boolean? = null
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/SystemInfo.kt b/src/main/kotlin/io/goauthentik/api/models/SystemInfo.kt
index ca7a74c..6895cba 100644
--- a/src/main/kotlin/io/goauthentik/api/models/SystemInfo.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/SystemInfo.kt
@@ -27,8 +27,9 @@ import com.squareup.moshi.JsonClass
  * @param httpHost Get HTTP host
  * @param httpIsSecure Get HTTP Secure flag
  * @param runtime 
- * @param tenant Currently active tenant
+ * @param brand Currently active brand
  * @param serverTime Current server time
+ * @param embeddedOutpostDisabled Whether the embedded outpost is disabled
  * @param embeddedOutpostHost Get the FQDN configured on the embedded outpost
  */
 
@@ -50,14 +51,18 @@ data class SystemInfo (
     @Json(name = "runtime")
     val runtime: SystemInfoRuntime,
 
-    /* Currently active tenant */
-    @Json(name = "tenant")
-    val tenant: kotlin.String,
+    /* Currently active brand */
+    @Json(name = "brand")
+    val brand: kotlin.String,
 
     /* Current server time */
     @Json(name = "server_time")
     val serverTime: java.time.OffsetDateTime,
 
+    /* Whether the embedded outpost is disabled */
+    @Json(name = "embedded_outpost_disabled")
+    val embeddedOutpostDisabled: kotlin.Boolean,
+
     /* Get the FQDN configured on the embedded outpost */
     @Json(name = "embedded_outpost_host")
     val embeddedOutpostHost: kotlin.String
diff --git a/src/main/kotlin/io/goauthentik/api/models/Tenant.kt b/src/main/kotlin/io/goauthentik/api/models/Tenant.kt
index 94ef9f8..9e69044 100644
--- a/src/main/kotlin/io/goauthentik/api/models/Tenant.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/Tenant.kt
@@ -23,20 +23,9 @@ import com.squareup.moshi.JsonClass
  * Tenant Serializer
  *
  * @param tenantUuid 
- * @param domain Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b`
- * @param default 
- * @param brandingTitle 
- * @param brandingLogo 
- * @param brandingFavicon 
- * @param flowAuthentication 
- * @param flowInvalidation 
- * @param flowRecovery 
- * @param flowUnenrollment 
- * @param flowUserSettings 
- * @param flowDeviceCode 
- * @param eventRetention Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).
- * @param webCertificate Web Certificate used by the authentik Core webserver.
- * @param attributes 
+ * @param schemaName 
+ * @param name 
+ * @param ready 
  */
 
 
@@ -45,50 +34,14 @@ data class Tenant (
     @Json(name = "tenant_uuid")
     val tenantUuid: java.util.UUID,
 
-    /* Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` */
-    @Json(name = "domain")
-    val domain: kotlin.String,
+    @Json(name = "schema_name")
+    val schemaName: kotlin.String,
 
-    @Json(name = "default")
-    val default: kotlin.Boolean? = null,
+    @Json(name = "name")
+    val name: kotlin.String,
 
-    @Json(name = "branding_title")
-    val brandingTitle: kotlin.String? = null,
-
-    @Json(name = "branding_logo")
-    val brandingLogo: kotlin.String? = null,
-
-    @Json(name = "branding_favicon")
-    val brandingFavicon: kotlin.String? = null,
-
-    @Json(name = "flow_authentication")
-    val flowAuthentication: java.util.UUID? = null,
-
-    @Json(name = "flow_invalidation")
-    val flowInvalidation: java.util.UUID? = null,
-
-    @Json(name = "flow_recovery")
-    val flowRecovery: java.util.UUID? = null,
-
-    @Json(name = "flow_unenrollment")
-    val flowUnenrollment: java.util.UUID? = null,
-
-    @Json(name = "flow_user_settings")
-    val flowUserSettings: java.util.UUID? = null,
-
-    @Json(name = "flow_device_code")
-    val flowDeviceCode: java.util.UUID? = null,
-
-    /* Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2). */
-    @Json(name = "event_retention")
-    val eventRetention: kotlin.String? = null,
-
-    /* Web Certificate used by the authentik Core webserver. */
-    @Json(name = "web_certificate")
-    val webCertificate: java.util.UUID? = null,
-
-    @Json(name = "attributes")
-    val attributes: kotlin.Any? = null
+    @Json(name = "ready")
+    val ready: kotlin.Boolean? = null
 
 )
 
diff --git a/src/main/kotlin/io/goauthentik/api/models/TenantAdminGroupRequestRequest.kt b/src/main/kotlin/io/goauthentik/api/models/TenantAdminGroupRequestRequest.kt
new file mode 100644
index 0000000..947147e
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/TenantAdminGroupRequestRequest.kt
@@ -0,0 +1,35 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Tenant admin group creation request serializer
+ *
+ * @param user 
+ */
+
+
+data class TenantAdminGroupRequestRequest (
+
+    @Json(name = "user")
+    val user: kotlin.String
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyRequestRequest.kt b/src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyRequestRequest.kt
new file mode 100644
index 0000000..61f298e
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyRequestRequest.kt
@@ -0,0 +1,39 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Tenant recovery key creation request serializer
+ *
+ * @param user 
+ * @param durationDays 
+ */
+
+
+data class TenantRecoveryKeyRequestRequest (
+
+    @Json(name = "user")
+    val user: kotlin.String,
+
+    @Json(name = "duration_days")
+    val durationDays: kotlin.Int
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyResponse.kt b/src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyResponse.kt
new file mode 100644
index 0000000..541a67b
--- /dev/null
+++ b/src/main/kotlin/io/goauthentik/api/models/TenantRecoveryKeyResponse.kt
@@ -0,0 +1,39 @@
+/**
+ *
+ * Please note:
+ * This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * Do not edit this file manually.
+ *
+ */
+
+@file:Suppress(
+    "ArrayInDataClass",
+    "EnumEntryName",
+    "RemoveRedundantQualifierName",
+    "UnusedImport"
+)
+
+package io.goauthentik.api.models
+
+
+import com.squareup.moshi.Json
+import com.squareup.moshi.JsonClass
+
+/**
+ * Tenant recovery key creation response serializer
+ *
+ * @param expiry 
+ * @param url 
+ */
+
+
+data class TenantRecoveryKeyResponse (
+
+    @Json(name = "expiry")
+    val expiry: java.time.OffsetDateTime,
+
+    @Json(name = "url")
+    val url: kotlin.String
+
+)
+
diff --git a/src/main/kotlin/io/goauthentik/api/models/TenantRequest.kt b/src/main/kotlin/io/goauthentik/api/models/TenantRequest.kt
index 3c2fc4e..27eddaf 100644
--- a/src/main/kotlin/io/goauthentik/api/models/TenantRequest.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/TenantRequest.kt
@@ -22,69 +22,22 @@ import com.squareup.moshi.JsonClass
 /**
  * Tenant Serializer
  *
- * @param domain Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b`
- * @param default 
- * @param brandingTitle 
- * @param brandingLogo 
- * @param brandingFavicon 
- * @param flowAuthentication 
- * @param flowInvalidation 
- * @param flowRecovery 
- * @param flowUnenrollment 
- * @param flowUserSettings 
- * @param flowDeviceCode 
- * @param eventRetention Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).
- * @param webCertificate Web Certificate used by the authentik Core webserver.
- * @param attributes 
+ * @param schemaName 
+ * @param name 
+ * @param ready 
  */
 
 
 data class TenantRequest (
 
-    /* Domain that activates this tenant. Can be a superset, i.e. `a.b` for `aa.b` and `ba.b` */
-    @Json(name = "domain")
-    val domain: kotlin.String,
+    @Json(name = "schema_name")
+    val schemaName: kotlin.String,
 
-    @Json(name = "default")
-    val default: kotlin.Boolean? = null,
+    @Json(name = "name")
+    val name: kotlin.String,
 
-    @Json(name = "branding_title")
-    val brandingTitle: kotlin.String? = null,
-
-    @Json(name = "branding_logo")
-    val brandingLogo: kotlin.String? = null,
-
-    @Json(name = "branding_favicon")
-    val brandingFavicon: kotlin.String? = null,
-
-    @Json(name = "flow_authentication")
-    val flowAuthentication: java.util.UUID? = null,
-
-    @Json(name = "flow_invalidation")
-    val flowInvalidation: java.util.UUID? = null,
-
-    @Json(name = "flow_recovery")
-    val flowRecovery: java.util.UUID? = null,
-
-    @Json(name = "flow_unenrollment")
-    val flowUnenrollment: java.util.UUID? = null,
-
-    @Json(name = "flow_user_settings")
-    val flowUserSettings: java.util.UUID? = null,
-
-    @Json(name = "flow_device_code")
-    val flowDeviceCode: java.util.UUID? = null,
-
-    /* Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2). */
-    @Json(name = "event_retention")
-    val eventRetention: kotlin.String? = null,
-
-    /* Web Certificate used by the authentik Core webserver. */
-    @Json(name = "web_certificate")
-    val webCertificate: java.util.UUID? = null,
-
-    @Json(name = "attributes")
-    val attributes: kotlin.Any? = null
+    @Json(name = "ready")
+    val ready: kotlin.Boolean? = null
 
 )
 
diff --git a/src/main/kotlin/io/goauthentik/api/models/UserSelf.kt b/src/main/kotlin/io/goauthentik/api/models/UserSelf.kt
index eba4826..48693ff 100644
--- a/src/main/kotlin/io/goauthentik/api/models/UserSelf.kt
+++ b/src/main/kotlin/io/goauthentik/api/models/UserSelf.kt
@@ -32,7 +32,7 @@ import com.squareup.moshi.JsonClass
  * @param groups 
  * @param avatar 
  * @param uid 
- * @param settings Get user settings with tenant and group settings applied
+ * @param settings Get user settings with brand and group settings applied
  * @param systemPermissions Get all system permissions assigned to the user
  * @param email 
  * @param type 
@@ -68,7 +68,7 @@ data class UserSelf (
     @Json(name = "uid")
     val uid: kotlin.String,
 
-    /* Get user settings with tenant and group settings applied */
+    /* Get user settings with brand and group settings applied */
     @Json(name = "settings")
     val settings: kotlin.collections.Map<kotlin.String, kotlin.Any>,