IBM · pyrooka · Oct 30, 2025 · Oct 29, 2025
diff --git a/.secrets.baseline b/.secrets.baseline
@@ -3,7 +3,7 @@
     "files": "^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2025-01-09T22:39:35Z",
+  "generated_at": "2025-10-30T10:03:11Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -78,19 +78,27 @@
   ],
   "results": {
     "examples/test_iam_identity_v1_examples.py": [
+      {
+        "hashed_secret": "469f62fa9e1c6afe62e8808180668934ee548e8f",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1598,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
       {
         "hashed_secret": "a2190c299b60e882d9fb33736d5e6ab6ffe42708",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 939,
+        "line_number": 1697,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "cf4d2385b84329a52ca542285b93d9c4618420df",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1618,
+        "line_number": 1816,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -117,18 +125,18 @@
     ],
     "test/integration/test_iam_identity_v1.py": [
       {
-        "hashed_secret": "a2190c299b60e882d9fb33736d5e6ab6ffe42708",
+        "hashed_secret": "469f62fa9e1c6afe62e8808180668934ee548e8f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1148,
+        "line_number": 1874,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
-        "hashed_secret": "cf4d2385b84329a52ca542285b93d9c4618420df",
+        "hashed_secret": "a2190c299b60e882d9fb33736d5e6ab6ffe42708",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1702,
+        "line_number": 1964,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -270,31 +278,23 @@
         "hashed_secret": "d4c3d66fd0c38547a3c7a4c6bdc29c36911bc030",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1575,
+        "line_number": 1969,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
-        "hashed_secret": "cf4d2385b84329a52ca542285b93d9c4618420df",
+        "hashed_secret": "b8473b86d4c2072ca9b08bd28e373e8253e865c4",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 4055,
+        "line_number": 12008,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "469f62fa9e1c6afe62e8808180668934ee548e8f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 9511,
-        "type": "Secret Keyword",
-        "verified_result": null
-      },
-      {
-        "hashed_secret": "b8473b86d4c2072ca9b08bd28e373e8253e865c4",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 10632,
+        "line_number": 12086,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -352,7 +352,7 @@
       }
     ]
   },
-  "version": "0.13.1+ibm.62.dss",
+  "version": "0.13.1+ibm.64.dss",
   "word_list": {
     "file": null,
     "hash": null

diff --git a/examples/test_iam_identity_v1_examples.py b/examples/test_iam_identity_v1_examples.py
@@ -171,7 +171,7 @@ def waitUntilTrustedProfileAssignmentFinished(cls, service, assignmentId):
                     profile_template_assignment_etag is not None
                     break
             except ApiException as e:
-                if e.code == 404:
+                if getattr(e, "status_code", None) == 404:
                     finished = True
                     break
             time.sleep(10)
@@ -191,7 +191,7 @@ def waitUntilAccountSettingsAssignmentFinished(cls, service, assignmentId):
                     account_settings_template_assignment_etag is not None
                     break
             except ApiException as e:
-                if e.code == 404:
+                if getattr(e, "status_code", None) == 404:
                     finished = True
                     break
             time.sleep(10)
@@ -1576,15 +1576,42 @@ def test_create_account_settings_template(self):
             print('\ncreate_account_settings_template() result:')
             # begin-create_account_settings_template
 
-            account_settings = {}
-            account_settings['mfa'] = 'LEVEL1'
-            account_settings['system_access_token_expiration_in_seconds'] = 3000
+            # Construct a dict representation of a UserMfa model
+            user_mfa_model = {
+                'iam_id': iam_id,
+                'mfa': 'LEVEL2',
+            }
+            # Construct a dict representation of a AccountSettingsUserDomainRestriction model
+            account_settings_user_domain_restriction_model = {
+                'realm_id': 'IBMid',
+                'invitation_email_allow_patterns': ["*.*@ibm.com"],
+                'restrict_invitation': True,
+            }
+            # Construct a dict representation of a TemplateAccountSettingsRestrictUserDomains model
+            template_account_settings_restrict_user_domains_model = {
+                'account_sufficient': True,
+                'restrictions': [account_settings_user_domain_restriction_model],
+            }
+            # Construct a dict representation of a TemplateAccountSettings model
+            template_account_settings_model = {
+                'restrict_create_service_id': 'NOT_SET',
+                'restrict_create_platform_apikey': 'NOT_SET',
+                'mfa': 'LEVEL1',
+                'user_mfa': [user_mfa_model],
+                'session_expiration_in_seconds': '86400',
+                'session_invalidation_in_seconds': '7200',
+                'max_sessions_per_identity': '10',
+                'system_access_token_expiration_in_seconds': '3600',
+                'system_refresh_token_expiration_in_seconds': '259200',
+                'restrict_user_list_visibility': 'RESTRICTED',
+                'restrict_user_domains': template_account_settings_restrict_user_domains_model,
+            }
 
             create_response = iam_identity_service.create_account_settings_template(
                 name=account_settings_template_name,
                 description='IAM enterprise account settings template example',
                 account_id=enterprise_account_id,
-                account_settings=account_settings,
+                account_settings=template_account_settings_model,
             )
             account_settings_template = create_response.get_result()
             print('\ncreate_account_settings_template() response: ', json.dumps(account_settings_template, indent=2))
@@ -1648,9 +1675,36 @@ def test_update_account_settings_template(self):
             global account_settings_template_etag
             # begin-update_account_settings_template_version
 
-            account_settings = {}
-            account_settings['mfa'] = 'LEVEL1'
-            account_settings['system_access_token_expiration_in_seconds'] = 3000
+            # Construct a dict representation of a UserMfa model
+            user_mfa_model = {
+                'iam_id': iam_id,
+                'mfa': 'LEVEL1',
+            }
+            # Construct a dict representation of a AccountSettingsUserDomainRestriction model
+            account_settings_user_domain_restriction_model = {
+                'realm_id': 'IBMid',
+                'invitation_email_allow_patterns': ["*.*@sap.com"],
+                'restrict_invitation': True,
+            }
+            # Construct a dict representation of a TemplateAccountSettingsRestrictUserDomains model
+            template_account_settings_restrict_user_domains_model = {
+                'account_sufficient': False,
+                'restrictions': [account_settings_user_domain_restriction_model],
+            }
+            # Construct a dict representation of a TemplateAccountSettings model
+            template_account_settings_model = {
+                'restrict_create_service_id': 'NOT_RESTRICTED',
+                'restrict_create_platform_apikey': 'NOT_RESTRICTED',
+                'mfa': 'LEVEL2',
+                'user_mfa': [user_mfa_model],
+                'session_expiration_in_seconds': '72400',
+                'session_invalidation_in_seconds': '6000',
+                'max_sessions_per_identity': '5',
+                'system_access_token_expiration_in_seconds': '3000',
+                'system_refresh_token_expiration_in_seconds': '200000',
+                'restrict_user_list_visibility': 'NOT_RESTRICTED',
+                'restrict_user_domains': template_account_settings_restrict_user_domains_model,
+            }
 
             update_response = iam_identity_service.update_account_settings_template_version(
                 account_id=enterprise_account_id,
@@ -1659,7 +1713,7 @@ def test_update_account_settings_template(self):
                 if_match=account_settings_template_etag,
                 name=account_settings_template_name,
                 description='IAM enterprise account settings template example - updated',
-                account_settings=account_settings,
+                account_settings=template_account_settings_model,
             )
             account_settings_template = update_response.get_result()
             print('\nupdate_account_settings_template() response: ', json.dumps(account_settings_template, indent=2))
@@ -1761,6 +1815,18 @@ def test_create_new_account_settings_template_version(self):
             account_settings['system_access_token_expiration_in_seconds'] = 2600
             account_settings['restrict_create_platform_apikey'] = 'RESTRICTED'
             account_settings['restrict_create_service_id'] = 'RESTRICTED'
+            account_settings['session_expiration_in_seconds'] = 75000
+            account_settings['session_invalidation_in_seconds'] = 5000
+            account_settings['max_sessions_per_identity'] = '7'
+            account_settings['restrict_user_list_visibility'] = 'RESTRICTED'
+            account_settings_user_mfa = {}
+            account_settings_user_mfa['iam_id'] = iam_id
+            account_settings_user_mfa['mfa'] = 'LEVEL2'
+            account_settings['user_mfa'] = [account_settings_user_mfa]
+            account_settings_user_domain_restriction_model = {}
+            account_settings_user_domain_restriction_model['realm_id'] = 'IBMid'
+            account_settings_user_domain_restriction_model['invitation_email_allow_patterns'] = ['*.*@example.com']
+            account_settings_user_domain_restriction_model['restrict_invitation'] = True
 
             create_response = iam_identity_service.create_account_settings_template_version(
                 template_id=account_settings_template_id,