cloudflare
diff --git a/‎.stats.yml
Lines changed: 1 addition & 1 deletion b/‎.stats.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/cloudflare/resources/zero_trust/access/applications/applications.py
Lines changed: 36 additions & 128 deletions b/‎src/cloudflare/resources/zero_trust/access/applications/applications.py
Lines changed: 36 additions & 128 deletions
diff --git a/‎src/cloudflare/resources/zero_trust/organizations/organizations.py
Lines changed: 2 additions & 50 deletions b/‎src/cloudflare/resources/zero_trust/organizations/organizations.py
Lines changed: 2 additions & 50 deletions
diff --git a/‎src/cloudflare/types/zero_trust/access/application_create_params.py
Lines changed: 12 additions & 93 deletions b/‎src/cloudflare/types/zero_trust/access/application_create_params.py
Lines changed: 12 additions & 93 deletions
@@ -1,2 +1,2 @@
 configured_endpoints: 1449
-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-1c6fe7515b7879a7cd51bbe9433aeee5d3d30feaf519f42d0d81c64b19f45875.yml
+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-f3bf5786ed274253519d4c0cf9abb19fb072872380a2c0bf90917f78f16cfaa6.yml
@@ -335,10 +335,6 @@ def revoke_users(
         email: str,
         account_id: str | NotGiven = NOT_GIVEN,
         zone_id: str | NotGiven = NOT_GIVEN,
-        query_devices: bool | NotGiven = NOT_GIVEN,
-        body_devices: bool | NotGiven = NOT_GIVEN,
-        user_uid: str | NotGiven = NOT_GIVEN,
-        warp_session_reauth: bool | NotGiven = NOT_GIVEN,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
@@ -356,16 +352,6 @@ def revoke_users(
 
           zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
 
-          query_devices: When set to `true`, all devices associated with the user will be revoked.
-
-          body_devices: When set to `true`, all devices associated with the user will be revoked.
-
-          user_uid: The uuid of the user to revoke.
-
-          warp_session_reauth: When set to `true`, the user will be required to re-authenticate to WARP for all
-              Gateway policies that enforce a WARP client session duration. When `false`, the
-              user’s WARP session will remain active
-
           extra_headers: Send extra headers
 
           extra_query: Add additional query parameters to the request
@@ -388,23 +374,12 @@ def revoke_users(
             account_or_zone_id = zone_id
         return self._post(
             f"/{account_or_zone}/{account_or_zone_id}/access/organizations/revoke_user",
-            body=maybe_transform(
-                {
-                    "email": email,
-                    "body_devices": body_devices,
-                    "user_uid": user_uid,
-                    "warp_session_reauth": warp_session_reauth,
-                },
-                organization_revoke_users_params.OrganizationRevokeUsersParams,
-            ),
+            body=maybe_transform({"email": email}, organization_revoke_users_params.OrganizationRevokeUsersParams),
             options=make_request_options(
                 extra_headers=extra_headers,
                 extra_query=extra_query,
                 extra_body=extra_body,
                 timeout=timeout,
-                query=maybe_transform(
-                    {"query_devices": query_devices}, organization_revoke_users_params.OrganizationRevokeUsersParams
-                ),
                 post_parser=ResultWrapper[Optional[OrganizationRevokeUsersResponse]]._unwrapper,
             ),
             cast_to=cast(
@@ -707,10 +682,6 @@ async def revoke_users(
         email: str,
         account_id: str | NotGiven = NOT_GIVEN,
         zone_id: str | NotGiven = NOT_GIVEN,
-        query_devices: bool | NotGiven = NOT_GIVEN,
-        body_devices: bool | NotGiven = NOT_GIVEN,
-        user_uid: str | NotGiven = NOT_GIVEN,
-        warp_session_reauth: bool | NotGiven = NOT_GIVEN,
         # Use the following arguments if you need to pass additional parameters to the API that aren't available via kwargs.
         # The extra values given here take precedence over values defined on the client or passed to this method.
         extra_headers: Headers | None = None,
@@ -728,16 +699,6 @@ async def revoke_users(
 
           zone_id: The Zone ID to use for this endpoint. Mutually exclusive with the Account ID.
 
-          query_devices: When set to `true`, all devices associated with the user will be revoked.
-
-          body_devices: When set to `true`, all devices associated with the user will be revoked.
-
-          user_uid: The uuid of the user to revoke.
-
-          warp_session_reauth: When set to `true`, the user will be required to re-authenticate to WARP for all
-              Gateway policies that enforce a WARP client session duration. When `false`, the
-              user’s WARP session will remain active
-
           extra_headers: Send extra headers
 
           extra_query: Add additional query parameters to the request
@@ -761,22 +722,13 @@ async def revoke_users(
         return await self._post(
             f"/{account_or_zone}/{account_or_zone_id}/access/organizations/revoke_user",
             body=await async_maybe_transform(
-                {
-                    "email": email,
-                    "body_devices": body_devices,
-                    "user_uid": user_uid,
-                    "warp_session_reauth": warp_session_reauth,
-                },
-                organization_revoke_users_params.OrganizationRevokeUsersParams,
+                {"email": email}, organization_revoke_users_params.OrganizationRevokeUsersParams
             ),
             options=make_request_options(
                 extra_headers=extra_headers,
                 extra_query=extra_query,
                 extra_body=extra_body,
                 timeout=timeout,
-                query=await async_maybe_transform(
-                    {"query_devices": query_devices}, organization_revoke_users_params.OrganizationRevokeUsersParams
-                ),
                 post_parser=ResultWrapper[Optional[OrganizationRevokeUsersResponse]]._unwrapper,
             ),
             cast_to=cast(
 
@@ -22,7 +22,6 @@
 __all__ = [
     "ApplicationCreateParams",
     "SelfHostedApplication",
-    "SelfHostedApplicationDestination",
     "SelfHostedApplicationPolicy",
     "SelfHostedApplicationPolicyAccessAppPolicyLink",
     "SelfHostedApplicationPolicyUnionMember2",
@@ -36,14 +35,12 @@
     "SaaSApplicationSCIMConfig",
     "SaaSApplicationSCIMConfigAuthentication",
     "BrowserSSHApplication",
-    "BrowserSSHApplicationDestination",
     "BrowserSSHApplicationPolicy",
     "BrowserSSHApplicationPolicyAccessAppPolicyLink",
     "BrowserSSHApplicationPolicyUnionMember2",
     "BrowserSSHApplicationSCIMConfig",
     "BrowserSSHApplicationSCIMConfigAuthentication",
     "BrowserVNCApplication",
-    "BrowserVNCApplicationDestination",
     "BrowserVNCApplicationPolicy",
     "BrowserVNCApplicationPolicyAccessAppPolicyLink",
     "BrowserVNCApplicationPolicyUnionMember2",
@@ -84,9 +81,10 @@
 
 class SelfHostedApplication(TypedDict, total=False):
     domain: Required[str]
-    """The primary hostname and path secured by Access.
+    """The primary hostname and path that Access will secure.
 
-    This domain will be displayed if the app is visible in the App Launcher.
+    If the app is visible in the App Launcher dashboard, this is the domain that
+    will be displayed.
     """
 
     type: Required[str]
@@ -146,14 +144,6 @@ class SelfHostedApplication(TypedDict, total=False):
     custom_pages: List[str]
     """The custom pages that will be displayed when applicable for this application"""
 
-    destinations: Iterable[SelfHostedApplicationDestination]
-    """List of destinations secured by Access.
-
-    This supersedes `self_hosted_domains` to allow for more flexibility in defining
-    different types of domains. If `destinations` are provided, then
-    `self_hosted_domains` will be ignored.
-    """
-
     enable_binding_cookie: bool
     """
     Enables the binding cookie, which increases security against compromised
@@ -204,12 +194,7 @@ class SelfHostedApplication(TypedDict, total=False):
     """
 
     self_hosted_domains: List[SelfHostedDomains]
-    """List of public domains that Access will secure.
-
-    This field is deprecated in favor of `destinations` and will be supported until
-    **November 21, 2025.** If `destinations` are provided, then
-    `self_hosted_domains` will be ignored.
-    """
+    """List of domains that Access will secure."""
 
     service_auth_401_redirect: bool
     """Returns a 401 status code when the request is blocked by a Service Auth policy."""
@@ -231,20 +216,6 @@ class SelfHostedApplication(TypedDict, total=False):
     """
 
 
-class SelfHostedApplicationDestination(TypedDict, total=False):
-    type: Literal["public", "private"]
-
-    uri: str
-    """The URI of the destination.
-
-    Public destinations can include a domain and path with
-    [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/).
-    Private destinations are an early access feature and gated behind a feature
-    flag. Private destinations support private IPv4, IPv6, and Server Name
-    Indications (SNI) with optional port ranges.
-    """
-
-
 class SelfHostedApplicationPolicyAccessAppPolicyLink(TypedDict, total=False):
     id: str
     """The UUID of the policy"""
@@ -497,9 +468,10 @@ class SaaSApplicationSCIMConfig(TypedDict, total=False):
 
 class BrowserSSHApplication(TypedDict, total=False):
     domain: Required[str]
-    """The primary hostname and path secured by Access.
+    """The primary hostname and path that Access will secure.
 
-    This domain will be displayed if the app is visible in the App Launcher.
+    If the app is visible in the App Launcher dashboard, this is the domain that
+    will be displayed.
     """
 
     type: Required[str]
@@ -559,14 +531,6 @@ class BrowserSSHApplication(TypedDict, total=False):
     custom_pages: List[str]
     """The custom pages that will be displayed when applicable for this application"""
 
-    destinations: Iterable[BrowserSSHApplicationDestination]
-    """List of destinations secured by Access.
-
-    This supersedes `self_hosted_domains` to allow for more flexibility in defining
-    different types of domains. If `destinations` are provided, then
-    `self_hosted_domains` will be ignored.
-    """
-
     enable_binding_cookie: bool
     """
     Enables the binding cookie, which increases security against compromised
@@ -617,12 +581,7 @@ class BrowserSSHApplication(TypedDict, total=False):
     """
 
     self_hosted_domains: List[SelfHostedDomains]
-    """List of public domains that Access will secure.
-
-    This field is deprecated in favor of `destinations` and will be supported until
-    **November 21, 2025.** If `destinations` are provided, then
-    `self_hosted_domains` will be ignored.
-    """
+    """List of domains that Access will secure."""
 
     service_auth_401_redirect: bool
     """Returns a 401 status code when the request is blocked by a Service Auth policy."""
@@ -644,20 +603,6 @@ class BrowserSSHApplication(TypedDict, total=False):
     """
 
 
-class BrowserSSHApplicationDestination(TypedDict, total=False):
-    type: Literal["public", "private"]
-
-    uri: str
-    """The URI of the destination.
-
-    Public destinations can include a domain and path with
-    [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/).
-    Private destinations are an early access feature and gated behind a feature
-    flag. Private destinations support private IPv4, IPv6, and Server Name
-    Indications (SNI) with optional port ranges.
-    """
-
-
 class BrowserSSHApplicationPolicyAccessAppPolicyLink(TypedDict, total=False):
     id: str
     """The UUID of the policy"""
@@ -755,9 +700,10 @@ class BrowserSSHApplicationSCIMConfig(TypedDict, total=False):
 
 class BrowserVNCApplication(TypedDict, total=False):
     domain: Required[str]
-    """The primary hostname and path secured by Access.
+    """The primary hostname and path that Access will secure.
 
-    This domain will be displayed if the app is visible in the App Launcher.
+    If the app is visible in the App Launcher dashboard, this is the domain that
+    will be displayed.
     """
 
     type: Required[str]
@@ -817,14 +763,6 @@ class BrowserVNCApplication(TypedDict, total=False):
     custom_pages: List[str]
     """The custom pages that will be displayed when applicable for this application"""
 
-    destinations: Iterable[BrowserVNCApplicationDestination]
-    """List of destinations secured by Access.
-
-    This supersedes `self_hosted_domains` to allow for more flexibility in defining
-    different types of domains. If `destinations` are provided, then
-    `self_hosted_domains` will be ignored.
-    """
-
     enable_binding_cookie: bool
     """
     Enables the binding cookie, which increases security against compromised
@@ -875,12 +813,7 @@ class BrowserVNCApplication(TypedDict, total=False):
     """
 
     self_hosted_domains: List[SelfHostedDomains]
-    """List of public domains that Access will secure.
-
-    This field is deprecated in favor of `destinations` and will be supported until
-    **November 21, 2025.** If `destinations` are provided, then
-    `self_hosted_domains` will be ignored.
-    """
+    """List of domains that Access will secure."""
 
     service_auth_401_redirect: bool
     """Returns a 401 status code when the request is blocked by a Service Auth policy."""
@@ -902,20 +835,6 @@ class BrowserVNCApplication(TypedDict, total=False):
     """
 
 
-class BrowserVNCApplicationDestination(TypedDict, total=False):
-    type: Literal["public", "private"]
-
-    uri: str
-    """The URI of the destination.
-
-    Public destinations can include a domain and path with
-    [wildcards](https://developers.cloudflare.com/cloudflare-one/policies/access/app-paths/).
-    Private destinations are an early access feature and gated behind a feature
-    flag. Private destinations support private IPv4, IPv6, and Server Name
-    Indications (SNI) with optional port ranges.
-    """
-
-
 class BrowserVNCApplicationPolicyAccessAppPolicyLink(TypedDict, total=False):
     id: str
     """The UUID of the policy"""
Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`	`1`	`configured_endpoints: 1449`
`2`		`-openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-1c6fe7515b7879a7cd51bbe9433aeee5d3d30feaf519f42d0d81c64b19f45875.yml`
	`2`	`+openapi_spec_url: https://storage.googleapis.com/stainless-sdk-openapi-specs/cloudflare%2Fcloudflare-f3bf5786ed274253519d4c0cf9abb19fb072872380a2c0bf90917f78f16cfaa6.yml`