diff --git a/CHANGELOG.md b/CHANGELOG.md
index 186c28cc..5f047336 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,8 +8,10 @@
     * **Note** Upgraded go version to 1.22 to align with the go [release policy](https://go.dev/doc/devel/release#policy). [#376](https://github.com/patrickcping/pingone-go-sdk-v2/pull/376)
 * `github.com/patrickcping/pingone-go-sdk-v2/credentials` : [v0.9.1](./credentials/CHANGELOG.md)
     * **Note** Upgraded go version to 1.22 to align with the go [release policy](https://go.dev/doc/devel/release#policy). [#376](https://github.com/patrickcping/pingone-go-sdk-v2/pull/376)
-* `github.com/patrickcping/pingone-go-sdk-v2/management` : [v0.43.1](./management/CHANGELOG.md)
-    * **Note** Upgraded go version to 1.22 to align with the go [release policy](https://go.dev/doc/devel/release#policy). [#376](https://github.com/patrickcping/pingone-go-sdk-v2/pull/376)
+* `github.com/patrickcping/pingone-go-sdk-v2/management` : [v0.44.0](./management/CHANGELOG.md)
+    * **Note** Upgraded go version to 1.22 to align with the go [release policy](https://go.dev/doc/devel/release#policy). [#376](https://github.com/patrickcping/
+    pingone-go-sdk-v2/pull/376)
+    * **Enhancement** Added the ability to create applications with a custom client ID and secret.
 * `github.com/patrickcping/pingone-go-sdk-v2/mfa` : [v0.20.1](./mfa/CHANGELOG.md)
     * **Note** Upgraded go version to 1.22 to align with the go [release policy](https://go.dev/doc/devel/release#policy). [#376](https://github.com/patrickcping/pingone-go-sdk-v2/pull/376)
 * `github.com/patrickcping/pingone-go-sdk-v2/risk` : [v0.16.1](./risk/CHANGELOG.md)
diff --git a/management/.version b/management/.version
index cdb454e9..299c9c30 100644
--- a/management/.version
+++ b/management/.version
@@ -1 +1 @@
-0.43.1
\ No newline at end of file
+0.44.0
\ No newline at end of file
diff --git a/management/CHANGELOG.md b/management/CHANGELOG.md
index 5d1eb12a..b0fdf016 100644
--- a/management/CHANGELOG.md
+++ b/management/CHANGELOG.md
@@ -1,6 +1,7 @@
-# v0.43.1 (Unreleased)
+# v0.44.0 (Unreleased)
 
 * **Note** Upgraded go version to 1.22 to align with the go [release policy](https://go.dev/doc/devel/release#policy). [#376](https://github.com/patrickcping/pingone-go-sdk-v2/pull/376)
+* **Enhancement** Added the ability to create applications with a custom client ID and secret.
 
 # v0.43.0 (2024-07-22)
 
diff --git a/management/README.md b/management/README.md
index cc44882c..2110030f 100644
--- a/management/README.md
+++ b/management/README.md
@@ -6,7 +6,7 @@ The PingOne Platform API covering the base and SSO services (otherwise known as
 This API client was generated by the [OpenAPI Generator](https://openapi-generator.tech) project.  By using the [OpenAPI-spec](https://www.openapis.org/) from a remote server, you can easily generate an API client.
 
 - API version: 2023-06-29
-- Package version: 0.43.1
+- Package version: 0.44.0
 - Build package: org.openapitools.codegen.languages.GoClientCodegen
 
 ## Installation
diff --git a/management/api/openapi.yaml b/management/api/openapi.yaml
index 1763f356..d3e3b61f 100644
--- a/management/api/openapi.yaml
+++ b/management/api/openapi.yaml
@@ -28159,6 +28159,21 @@ components:
               only on the POST request. The property is ignored when included in a
               PUT request.
             type: boolean
+          clientId:
+            description: "(Required when `clientSecret` is specified.) Supported only\
+              \ for `POST` operations. This is the UUID of an external application\
+              \ that is being migrated to PingOne. The UUID must be a minimum of 8\
+              \ alpha-numeric characters, and must be globally unique in PingOne."
+            minLength: 8
+            type: string
+          clientSecret:
+            description: (Required when `clientId` is specified.) Supported only for
+              `POST` operations. This is the client secret associated with `clientId`
+              for an external application that is being migrated to PingOne. This
+              must be a minimum of 8 alpha-numeric characters.
+            format: password
+            minLength: 8
+            type: string
           corsSettings:
             $ref: '#/components/schemas/ApplicationCorsSettings'
           devicePathId:
@@ -34218,6 +34233,7 @@ components:
         applicationPermissionsSettings:
           claimEnabled: true
         audience: audience
+        clientId: clientId
         _links:
           key:
             href: https://openapi-generator.tech
@@ -34230,6 +34246,7 @@ components:
           id: id
         accessTokenValiditySeconds: 0
         name: name
+        clientSecret: clientSecret
         id: id
         introspectEndpointAuthMethod: null
         updatedAt: 2000-01-23T04:56:07.000+00:00
@@ -34252,6 +34269,21 @@ components:
             \ and must not contain `pingone` or `pingidentity` (for example, `https://api.bxretail.org`).\
             \ If a URL is not specified, the resource name is used."
           type: string
+        clientId:
+          description: "(Required when `clientSecret` is specified.) Supported only\
+            \ for the `POST` operation. This is the UUID of an external resource that\
+            \ is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric\
+            \ characters, and must be globally unique in PingOne."
+          minLength: 8
+          type: string
+        clientSecret:
+          description: (Required when clientId is specified.) Supported only for the
+            POST operation. This is the client secret associated with clientId for
+            an external resource that is being migrated to PingOne. This must be a
+            minimum of 8 alpha-numeric characters.
+          format: password
+          minLength: 8
+          type: string
         createdAt:
           description: The time the resource was created.
           format: date-time
diff --git a/management/configuration.go b/management/configuration.go
index 788937ad..6b566a25 100644
--- a/management/configuration.go
+++ b/management/configuration.go
@@ -91,7 +91,7 @@ type Configuration struct {
 func NewConfiguration() *Configuration {
 	cfg := &Configuration{
 		DefaultHeader:    make(map[string]string),
-		UserAgent:        "pingtools PingOne-GOLANG-SDK-management/0.43.1",
+		UserAgent:        "pingtools PingOne-GOLANG-SDK-management/0.44.0",
 		Debug:            false,
 		DefaultServerIndex: 0,
 		Servers:          ServerConfigurations{
diff --git a/management/docs/ApplicationOIDC.md b/management/docs/ApplicationOIDC.md
index 44291417..477be73e 100644
--- a/management/docs/ApplicationOIDC.md
+++ b/management/docs/ApplicationOIDC.md
@@ -21,6 +21,8 @@ Name | Type | Description | Notes
 **AdditionalRefreshTokenReplayProtectionEnabled** | Pointer to **bool** | When set to `true` (the default), if you attempt to reuse the refresh token, the authorization server immediately revokes the reused refresh token, as well as all descendant tokens. Setting this to null equates to a `false` setting. | [optional] [default to true]
 **AllowWildcardInRedirectUris** | Pointer to **bool** | A boolean to specify whether wildcards are allowed in redirect URIs. For more information, see [Wildcards in Redirect URIs](https://docs.pingidentity.com/csh?context=p1_c_wildcard_redirect_uri). | [optional] 
 **AssignActorRoles** | Pointer to **bool** | A boolean that specifies whether the permissions service should assign default roles to the application. This property is set only on the POST request. The property is ignored when included in a PUT request. | [optional] 
+**ClientId** | Pointer to **string** | (Required when `clientSecret` is specified.) Supported only for `POST` operations. This is the UUID of an external application that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne. | [optional] 
+**ClientSecret** | Pointer to **string** | (Required when `clientId` is specified.) Supported only for `POST` operations. This is the client secret associated with `clientId` for an external application that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters. | [optional] 
 **CorsSettings** | Pointer to [**ApplicationCorsSettings**](ApplicationCorsSettings.md) |  | [optional] 
 **DevicePathId** | Pointer to **string** | A string that specifies a unique identifier within an environment for a device authorization grant flow to provide a short identifier to the application. This property is ignored when the `deviceCustomVerificationUri` property is configured. The string can contain any letters, numbers, and some special characters (regex `a-zA-Z0-9_-`). It can have a length of no more than 50 characters (`min`/`max`=`1`/`50`). | [optional] 
 **DeviceCustomVerificationUri** | Pointer to **string** | A string that specifies an optional custom verification URI that is returned for the `/device_authorization` endpoint. | [optional] 
@@ -476,6 +478,56 @@ SetAssignActorRoles sets AssignActorRoles field to given value.
 
 HasAssignActorRoles returns a boolean if a field has been set.
 
+### GetClientId
+
+`func (o *ApplicationOIDC) GetClientId() string`
+
+GetClientId returns the ClientId field if non-nil, zero value otherwise.
+
+### GetClientIdOk
+
+`func (o *ApplicationOIDC) GetClientIdOk() (*string, bool)`
+
+GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientId
+
+`func (o *ApplicationOIDC) SetClientId(v string)`
+
+SetClientId sets ClientId field to given value.
+
+### HasClientId
+
+`func (o *ApplicationOIDC) HasClientId() bool`
+
+HasClientId returns a boolean if a field has been set.
+
+### GetClientSecret
+
+`func (o *ApplicationOIDC) GetClientSecret() string`
+
+GetClientSecret returns the ClientSecret field if non-nil, zero value otherwise.
+
+### GetClientSecretOk
+
+`func (o *ApplicationOIDC) GetClientSecretOk() (*string, bool)`
+
+GetClientSecretOk returns a tuple with the ClientSecret field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientSecret
+
+`func (o *ApplicationOIDC) SetClientSecret(v string)`
+
+SetClientSecret sets ClientSecret field to given value.
+
+### HasClientSecret
+
+`func (o *ApplicationOIDC) HasClientSecret() bool`
+
+HasClientSecret returns a boolean if a field has been set.
+
 ### GetCorsSettings
 
 `func (o *ApplicationOIDC) GetCorsSettings() ApplicationCorsSettings`
diff --git a/management/docs/CreateApplication201Response.md b/management/docs/CreateApplication201Response.md
index 19927d6d..f8ce8527 100644
--- a/management/docs/CreateApplication201Response.md
+++ b/management/docs/CreateApplication201Response.md
@@ -39,6 +39,8 @@ Name | Type | Description | Notes
 **AdditionalRefreshTokenReplayProtectionEnabled** | Pointer to **bool** | When set to `true` (the default), if you attempt to reuse the refresh token, the authorization server immediately revokes the reused refresh token, as well as all descendant tokens. Setting this to null equates to a `false` setting. | [optional] [default to true]
 **AllowWildcardInRedirectUris** | Pointer to **bool** | A boolean to specify whether wildcards are allowed in redirect URIs. For more information, see [Wildcards in Redirect URIs](https://docs.pingidentity.com/csh?context=p1_c_wildcard_redirect_uri). | [optional] 
 **AssignActorRoles** | Pointer to **bool** | A boolean that specifies whether the permissions service should assign default roles to the application. This property is set only on the POST request. The property is ignored when included in a PUT request. | [optional] 
+**ClientId** | Pointer to **string** | (Required when `clientSecret` is specified.) Supported only for `POST` operations. This is the UUID of an external application that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne. | [optional] 
+**ClientSecret** | Pointer to **string** | (Required when `clientId` is specified.) Supported only for `POST` operations. This is the client secret associated with `clientId` for an external application that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters. | [optional] 
 **DevicePathId** | Pointer to **string** | A string that specifies a unique identifier within an environment for a device authorization grant flow to provide a short identifier to the application. This property is ignored when the `deviceCustomVerificationUri` property is configured. The string can contain any letters, numbers, and some special characters (regex `a-zA-Z0-9_-`). It can have a length of no more than 50 characters (`min`/`max`=`1`/`50`). | [optional] 
 **DeviceCustomVerificationUri** | Pointer to **string** | A string that specifies an optional custom verification URI that is returned for the `/device_authorization` endpoint. | [optional] 
 **DeviceTimeout** | Pointer to **int32** | An integer that specifies the length of time (in seconds) that the `userCode` and `deviceCode` returned by the `/device_authorization` endpoint are valid. This property is required only for applications in which the `grantTypes` property is set to `device_code`. The default value is `600` seconds. It can have a value of no more than `3600` seconds (`min`/`max`=`1`/`3600`). | [optional] [default to 600]
@@ -919,6 +921,56 @@ SetAssignActorRoles sets AssignActorRoles field to given value.
 
 HasAssignActorRoles returns a boolean if a field has been set.
 
+### GetClientId
+
+`func (o *CreateApplication201Response) GetClientId() string`
+
+GetClientId returns the ClientId field if non-nil, zero value otherwise.
+
+### GetClientIdOk
+
+`func (o *CreateApplication201Response) GetClientIdOk() (*string, bool)`
+
+GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientId
+
+`func (o *CreateApplication201Response) SetClientId(v string)`
+
+SetClientId sets ClientId field to given value.
+
+### HasClientId
+
+`func (o *CreateApplication201Response) HasClientId() bool`
+
+HasClientId returns a boolean if a field has been set.
+
+### GetClientSecret
+
+`func (o *CreateApplication201Response) GetClientSecret() string`
+
+GetClientSecret returns the ClientSecret field if non-nil, zero value otherwise.
+
+### GetClientSecretOk
+
+`func (o *CreateApplication201Response) GetClientSecretOk() (*string, bool)`
+
+GetClientSecretOk returns a tuple with the ClientSecret field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientSecret
+
+`func (o *CreateApplication201Response) SetClientSecret(v string)`
+
+SetClientSecret sets ClientSecret field to given value.
+
+### HasClientSecret
+
+`func (o *CreateApplication201Response) HasClientSecret() bool`
+
+HasClientSecret returns a boolean if a field has been set.
+
 ### GetDevicePathId
 
 `func (o *CreateApplication201Response) GetDevicePathId() string`
diff --git a/management/docs/CreateApplicationRequest.md b/management/docs/CreateApplicationRequest.md
index 1e5afbb9..29dd5c48 100644
--- a/management/docs/CreateApplicationRequest.md
+++ b/management/docs/CreateApplicationRequest.md
@@ -39,6 +39,8 @@ Name | Type | Description | Notes
 **AdditionalRefreshTokenReplayProtectionEnabled** | Pointer to **bool** | When set to `true` (the default), if you attempt to reuse the refresh token, the authorization server immediately revokes the reused refresh token, as well as all descendant tokens. Setting this to null equates to a `false` setting. | [optional] [default to true]
 **AllowWildcardInRedirectUris** | Pointer to **bool** | A boolean to specify whether wildcards are allowed in redirect URIs. For more information, see [Wildcards in Redirect URIs](https://docs.pingidentity.com/csh?context=p1_c_wildcard_redirect_uri). | [optional] 
 **AssignActorRoles** | Pointer to **bool** | A boolean that specifies whether the permissions service should assign default roles to the application. This property is set only on the POST request. The property is ignored when included in a PUT request. | [optional] 
+**ClientId** | Pointer to **string** | (Required when `clientSecret` is specified.) Supported only for `POST` operations. This is the UUID of an external application that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne. | [optional] 
+**ClientSecret** | Pointer to **string** | (Required when `clientId` is specified.) Supported only for `POST` operations. This is the client secret associated with `clientId` for an external application that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters. | [optional] 
 **DevicePathId** | Pointer to **string** | A string that specifies a unique identifier within an environment for a device authorization grant flow to provide a short identifier to the application. This property is ignored when the `deviceCustomVerificationUri` property is configured. The string can contain any letters, numbers, and some special characters (regex `a-zA-Z0-9_-`). It can have a length of no more than 50 characters (`min`/`max`=`1`/`50`). | [optional] 
 **DeviceCustomVerificationUri** | Pointer to **string** | A string that specifies an optional custom verification URI that is returned for the `/device_authorization` endpoint. | [optional] 
 **DeviceTimeout** | Pointer to **int32** | An integer that specifies the length of time (in seconds) that the `userCode` and `deviceCode` returned by the `/device_authorization` endpoint are valid. This property is required only for applications in which the `grantTypes` property is set to `device_code`. The default value is `600` seconds. It can have a value of no more than `3600` seconds (`min`/`max`=`1`/`3600`). | [optional] [default to 600]
@@ -919,6 +921,56 @@ SetAssignActorRoles sets AssignActorRoles field to given value.
 
 HasAssignActorRoles returns a boolean if a field has been set.
 
+### GetClientId
+
+`func (o *CreateApplicationRequest) GetClientId() string`
+
+GetClientId returns the ClientId field if non-nil, zero value otherwise.
+
+### GetClientIdOk
+
+`func (o *CreateApplicationRequest) GetClientIdOk() (*string, bool)`
+
+GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientId
+
+`func (o *CreateApplicationRequest) SetClientId(v string)`
+
+SetClientId sets ClientId field to given value.
+
+### HasClientId
+
+`func (o *CreateApplicationRequest) HasClientId() bool`
+
+HasClientId returns a boolean if a field has been set.
+
+### GetClientSecret
+
+`func (o *CreateApplicationRequest) GetClientSecret() string`
+
+GetClientSecret returns the ClientSecret field if non-nil, zero value otherwise.
+
+### GetClientSecretOk
+
+`func (o *CreateApplicationRequest) GetClientSecretOk() (*string, bool)`
+
+GetClientSecretOk returns a tuple with the ClientSecret field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientSecret
+
+`func (o *CreateApplicationRequest) SetClientSecret(v string)`
+
+SetClientSecret sets ClientSecret field to given value.
+
+### HasClientSecret
+
+`func (o *CreateApplicationRequest) HasClientSecret() bool`
+
+HasClientSecret returns a boolean if a field has been set.
+
 ### GetDevicePathId
 
 `func (o *CreateApplicationRequest) GetDevicePathId() string`
diff --git a/management/docs/EntityArrayEmbeddedResourcesInner.md b/management/docs/EntityArrayEmbeddedResourcesInner.md
index b51f679d..5e80e4ea 100644
--- a/management/docs/EntityArrayEmbeddedResourcesInner.md
+++ b/management/docs/EntityArrayEmbeddedResourcesInner.md
@@ -8,6 +8,8 @@ Name | Type | Description | Notes
 **AccessTokenValiditySeconds** | Pointer to **int32** | An integer that specifies the number of seconds that the access token is valid. If a value is not specified, the default is 3600. The minimum value is 300 seconds (5 minutes); the maximum value is 2592000 seconds (30 days). | [optional] 
 **ApplicationPermissionsSettings** | Pointer to [**ResourceApplicationPermissionsSettings**](ResourceApplicationPermissionsSettings.md) |  | [optional] 
 **Audience** | Pointer to **string** | A string that specifies a URL without a fragment or `@ObjectName` and must not contain `pingone` or `pingidentity` (for example, `https://api.bxretail.org`). If a URL is not specified, the resource name is used. | [optional] 
+**ClientId** | Pointer to **string** | (Required when `clientSecret` is specified.) Supported only for the `POST` operation. This is the UUID of an external resource that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne. | [optional] 
+**ClientSecret** | Pointer to **string** | (Required when clientId is specified.) Supported only for the POST operation. This is the client secret associated with clientId for an external resource that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters. | [optional] 
 **CreatedAt** | Pointer to **time.Time** | The time the resource was created. | [optional] [readonly] 
 **Description** | Pointer to **string** | The application resource's description. | [optional] 
 **Environment** | Pointer to [**ObjectEnvironment**](ObjectEnvironment.md) |  | [optional] 
@@ -138,6 +140,56 @@ SetAudience sets Audience field to given value.
 
 HasAudience returns a boolean if a field has been set.
 
+### GetClientId
+
+`func (o *EntityArrayEmbeddedResourcesInner) GetClientId() string`
+
+GetClientId returns the ClientId field if non-nil, zero value otherwise.
+
+### GetClientIdOk
+
+`func (o *EntityArrayEmbeddedResourcesInner) GetClientIdOk() (*string, bool)`
+
+GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientId
+
+`func (o *EntityArrayEmbeddedResourcesInner) SetClientId(v string)`
+
+SetClientId sets ClientId field to given value.
+
+### HasClientId
+
+`func (o *EntityArrayEmbeddedResourcesInner) HasClientId() bool`
+
+HasClientId returns a boolean if a field has been set.
+
+### GetClientSecret
+
+`func (o *EntityArrayEmbeddedResourcesInner) GetClientSecret() string`
+
+GetClientSecret returns the ClientSecret field if non-nil, zero value otherwise.
+
+### GetClientSecretOk
+
+`func (o *EntityArrayEmbeddedResourcesInner) GetClientSecretOk() (*string, bool)`
+
+GetClientSecretOk returns a tuple with the ClientSecret field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientSecret
+
+`func (o *EntityArrayEmbeddedResourcesInner) SetClientSecret(v string)`
+
+SetClientSecret sets ClientSecret field to given value.
+
+### HasClientSecret
+
+`func (o *EntityArrayEmbeddedResourcesInner) HasClientSecret() bool`
+
+HasClientSecret returns a boolean if a field has been set.
+
 ### GetCreatedAt
 
 `func (o *EntityArrayEmbeddedResourcesInner) GetCreatedAt() time.Time`
diff --git a/management/docs/ReadOneApplication200Response.md b/management/docs/ReadOneApplication200Response.md
index 74aab035..f37bc297 100644
--- a/management/docs/ReadOneApplication200Response.md
+++ b/management/docs/ReadOneApplication200Response.md
@@ -39,6 +39,8 @@ Name | Type | Description | Notes
 **AdditionalRefreshTokenReplayProtectionEnabled** | Pointer to **bool** | When set to `true` (the default), if you attempt to reuse the refresh token, the authorization server immediately revokes the reused refresh token, as well as all descendant tokens. Setting this to null equates to a `false` setting. | [optional] [default to true]
 **AllowWildcardInRedirectUris** | Pointer to **bool** | A boolean to specify whether wildcards are allowed in redirect URIs. For more information, see [Wildcards in Redirect URIs](https://docs.pingidentity.com/csh?context=p1_c_wildcard_redirect_uri). | [optional] 
 **AssignActorRoles** | Pointer to **bool** | A boolean that specifies whether the permissions service should assign default roles to the application. This property is set only on the POST request. The property is ignored when included in a PUT request. | [optional] 
+**ClientId** | Pointer to **string** | (Required when `clientSecret` is specified.) Supported only for `POST` operations. This is the UUID of an external application that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne. | [optional] 
+**ClientSecret** | Pointer to **string** | (Required when `clientId` is specified.) Supported only for `POST` operations. This is the client secret associated with `clientId` for an external application that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters. | [optional] 
 **DevicePathId** | Pointer to **string** | A string that specifies a unique identifier within an environment for a device authorization grant flow to provide a short identifier to the application. This property is ignored when the `deviceCustomVerificationUri` property is configured. The string can contain any letters, numbers, and some special characters (regex `a-zA-Z0-9_-`). It can have a length of no more than 50 characters (`min`/`max`=`1`/`50`). | [optional] 
 **DeviceCustomVerificationUri** | Pointer to **string** | A string that specifies an optional custom verification URI that is returned for the `/device_authorization` endpoint. | [optional] 
 **DeviceTimeout** | Pointer to **int32** | An integer that specifies the length of time (in seconds) that the `userCode` and `deviceCode` returned by the `/device_authorization` endpoint are valid. This property is required only for applications in which the `grantTypes` property is set to `device_code`. The default value is `600` seconds. It can have a value of no more than `3600` seconds (`min`/`max`=`1`/`3600`). | [optional] [default to 600]
@@ -921,6 +923,56 @@ SetAssignActorRoles sets AssignActorRoles field to given value.
 
 HasAssignActorRoles returns a boolean if a field has been set.
 
+### GetClientId
+
+`func (o *ReadOneApplication200Response) GetClientId() string`
+
+GetClientId returns the ClientId field if non-nil, zero value otherwise.
+
+### GetClientIdOk
+
+`func (o *ReadOneApplication200Response) GetClientIdOk() (*string, bool)`
+
+GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientId
+
+`func (o *ReadOneApplication200Response) SetClientId(v string)`
+
+SetClientId sets ClientId field to given value.
+
+### HasClientId
+
+`func (o *ReadOneApplication200Response) HasClientId() bool`
+
+HasClientId returns a boolean if a field has been set.
+
+### GetClientSecret
+
+`func (o *ReadOneApplication200Response) GetClientSecret() string`
+
+GetClientSecret returns the ClientSecret field if non-nil, zero value otherwise.
+
+### GetClientSecretOk
+
+`func (o *ReadOneApplication200Response) GetClientSecretOk() (*string, bool)`
+
+GetClientSecretOk returns a tuple with the ClientSecret field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientSecret
+
+`func (o *ReadOneApplication200Response) SetClientSecret(v string)`
+
+SetClientSecret sets ClientSecret field to given value.
+
+### HasClientSecret
+
+`func (o *ReadOneApplication200Response) HasClientSecret() bool`
+
+HasClientSecret returns a boolean if a field has been set.
+
 ### GetDevicePathId
 
 `func (o *ReadOneApplication200Response) GetDevicePathId() string`
diff --git a/management/docs/Resource.md b/management/docs/Resource.md
index e2943d53..9d51fc44 100644
--- a/management/docs/Resource.md
+++ b/management/docs/Resource.md
@@ -8,6 +8,8 @@ Name | Type | Description | Notes
 **AccessTokenValiditySeconds** | Pointer to **int32** | An integer that specifies the number of seconds that the access token is valid. If a value is not specified, the default is 3600. The minimum value is 300 seconds (5 minutes); the maximum value is 2592000 seconds (30 days). | [optional] 
 **ApplicationPermissionsSettings** | Pointer to [**ResourceApplicationPermissionsSettings**](ResourceApplicationPermissionsSettings.md) |  | [optional] 
 **Audience** | Pointer to **string** | A string that specifies a URL without a fragment or `@ObjectName` and must not contain `pingone` or `pingidentity` (for example, `https://api.bxretail.org`). If a URL is not specified, the resource name is used. | [optional] 
+**ClientId** | Pointer to **string** | (Required when `clientSecret` is specified.) Supported only for the `POST` operation. This is the UUID of an external resource that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne. | [optional] 
+**ClientSecret** | Pointer to **string** | (Required when clientId is specified.) Supported only for the POST operation. This is the client secret associated with clientId for an external resource that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters. | [optional] 
 **CreatedAt** | Pointer to **time.Time** | The time the resource was created. | [optional] [readonly] 
 **Description** | Pointer to **string** | A string that specifies the description of the resource. | [optional] 
 **Environment** | Pointer to [**ObjectEnvironment**](ObjectEnvironment.md) |  | [optional] 
@@ -137,6 +139,56 @@ SetAudience sets Audience field to given value.
 
 HasAudience returns a boolean if a field has been set.
 
+### GetClientId
+
+`func (o *Resource) GetClientId() string`
+
+GetClientId returns the ClientId field if non-nil, zero value otherwise.
+
+### GetClientIdOk
+
+`func (o *Resource) GetClientIdOk() (*string, bool)`
+
+GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientId
+
+`func (o *Resource) SetClientId(v string)`
+
+SetClientId sets ClientId field to given value.
+
+### HasClientId
+
+`func (o *Resource) HasClientId() bool`
+
+HasClientId returns a boolean if a field has been set.
+
+### GetClientSecret
+
+`func (o *Resource) GetClientSecret() string`
+
+GetClientSecret returns the ClientSecret field if non-nil, zero value otherwise.
+
+### GetClientSecretOk
+
+`func (o *Resource) GetClientSecretOk() (*string, bool)`
+
+GetClientSecretOk returns a tuple with the ClientSecret field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientSecret
+
+`func (o *Resource) SetClientSecret(v string)`
+
+SetClientSecret sets ClientSecret field to given value.
+
+### HasClientSecret
+
+`func (o *Resource) HasClientSecret() bool`
+
+HasClientSecret returns a boolean if a field has been set.
+
 ### GetCreatedAt
 
 `func (o *Resource) GetCreatedAt() time.Time`
diff --git a/management/docs/UpdateApplicationRequest.md b/management/docs/UpdateApplicationRequest.md
index 07f0aca7..929150a2 100644
--- a/management/docs/UpdateApplicationRequest.md
+++ b/management/docs/UpdateApplicationRequest.md
@@ -39,6 +39,8 @@ Name | Type | Description | Notes
 **AdditionalRefreshTokenReplayProtectionEnabled** | Pointer to **bool** | When set to `true` (the default), if you attempt to reuse the refresh token, the authorization server immediately revokes the reused refresh token, as well as all descendant tokens. Setting this to null equates to a `false` setting. | [optional] [default to true]
 **AllowWildcardInRedirectUris** | Pointer to **bool** | A boolean to specify whether wildcards are allowed in redirect URIs. For more information, see [Wildcards in Redirect URIs](https://docs.pingidentity.com/csh?context=p1_c_wildcard_redirect_uri). | [optional] 
 **AssignActorRoles** | Pointer to **bool** | A boolean that specifies whether the permissions service should assign default roles to the application. This property is set only on the POST request. The property is ignored when included in a PUT request. | [optional] 
+**ClientId** | Pointer to **string** | (Required when `clientSecret` is specified.) Supported only for `POST` operations. This is the UUID of an external application that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne. | [optional] 
+**ClientSecret** | Pointer to **string** | (Required when `clientId` is specified.) Supported only for `POST` operations. This is the client secret associated with `clientId` for an external application that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters. | [optional] 
 **DevicePathId** | Pointer to **string** | A string that specifies a unique identifier within an environment for a device authorization grant flow to provide a short identifier to the application. This property is ignored when the `deviceCustomVerificationUri` property is configured. The string can contain any letters, numbers, and some special characters (regex `a-zA-Z0-9_-`). It can have a length of no more than 50 characters (`min`/`max`=`1`/`50`). | [optional] 
 **DeviceCustomVerificationUri** | Pointer to **string** | A string that specifies an optional custom verification URI that is returned for the `/device_authorization` endpoint. | [optional] 
 **DeviceTimeout** | Pointer to **int32** | An integer that specifies the length of time (in seconds) that the `userCode` and `deviceCode` returned by the `/device_authorization` endpoint are valid. This property is required only for applications in which the `grantTypes` property is set to `device_code`. The default value is `600` seconds. It can have a value of no more than `3600` seconds (`min`/`max`=`1`/`3600`). | [optional] [default to 600]
@@ -921,6 +923,56 @@ SetAssignActorRoles sets AssignActorRoles field to given value.
 
 HasAssignActorRoles returns a boolean if a field has been set.
 
+### GetClientId
+
+`func (o *UpdateApplicationRequest) GetClientId() string`
+
+GetClientId returns the ClientId field if non-nil, zero value otherwise.
+
+### GetClientIdOk
+
+`func (o *UpdateApplicationRequest) GetClientIdOk() (*string, bool)`
+
+GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientId
+
+`func (o *UpdateApplicationRequest) SetClientId(v string)`
+
+SetClientId sets ClientId field to given value.
+
+### HasClientId
+
+`func (o *UpdateApplicationRequest) HasClientId() bool`
+
+HasClientId returns a boolean if a field has been set.
+
+### GetClientSecret
+
+`func (o *UpdateApplicationRequest) GetClientSecret() string`
+
+GetClientSecret returns the ClientSecret field if non-nil, zero value otherwise.
+
+### GetClientSecretOk
+
+`func (o *UpdateApplicationRequest) GetClientSecretOk() (*string, bool)`
+
+GetClientSecretOk returns a tuple with the ClientSecret field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetClientSecret
+
+`func (o *UpdateApplicationRequest) SetClientSecret(v string)`
+
+SetClientSecret sets ClientSecret field to given value.
+
+### HasClientSecret
+
+`func (o *UpdateApplicationRequest) HasClientSecret() bool`
+
+HasClientSecret returns a boolean if a field has been set.
+
 ### GetDevicePathId
 
 `func (o *UpdateApplicationRequest) GetDevicePathId() string`
diff --git a/management/generate/pingone-management.yml b/management/generate/pingone-management.yml
index ef4ca3b9..510a349c 100644
--- a/management/generate/pingone-management.yml
+++ b/management/generate/pingone-management.yml
@@ -1101,6 +1101,15 @@ components:
             assignActorRoles:
               type: boolean
               description: A boolean that specifies whether the permissions service should assign default roles to the application. This property is set only on the POST request. The property is ignored when included in a PUT request.
+            clientId:
+              type: string
+              minLength: 8
+              description: (Required when `clientSecret` is specified.) Supported only for `POST` operations. This is the UUID of an external application that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne.
+            clientSecret:
+              type: string
+              format: password
+              minLength: 8
+              description: (Required when `clientId` is specified.) Supported only for `POST` operations. This is the client secret associated with `clientId` for an external application that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters.
             corsSettings:
               $ref: '#/components/schemas/ApplicationCorsSettings'
             devicePathId:
@@ -5626,6 +5635,15 @@ components:
         audience:
           type: string
           description: A string that specifies a URL without a fragment or `@ObjectName` and must not contain `pingone` or `pingidentity` (for example, `https://api.bxretail.org`). If a URL is not specified, the resource name is used.
+        clientId:
+          type: string
+          minLength: 8
+          description: (Required when `clientSecret` is specified.) Supported only for the `POST` operation. This is the UUID of an external resource that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne.
+        clientSecret:
+          type: string
+          format: password
+          minLength: 8
+          description: (Required when clientId is specified.) Supported only for the POST operation. This is the client secret associated with clientId for an external resource that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters.
         createdAt:
           type: string
           format: date-time
diff --git a/management/model_application_oidc.go b/management/model_application_oidc.go
index 8442a014..767d93d2 100644
--- a/management/model_application_oidc.go
+++ b/management/model_application_oidc.go
@@ -48,6 +48,10 @@ type ApplicationOIDC struct {
 	AllowWildcardInRedirectUris *bool `json:"allowWildcardInRedirectUris,omitempty"`
 	// A boolean that specifies whether the permissions service should assign default roles to the application. This property is set only on the POST request. The property is ignored when included in a PUT request.
 	AssignActorRoles *bool `json:"assignActorRoles,omitempty"`
+	// (Required when `clientSecret` is specified.) Supported only for `POST` operations. This is the UUID of an external application that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne.
+	ClientId *string `json:"clientId,omitempty"`
+	// (Required when `clientId` is specified.) Supported only for `POST` operations. This is the client secret associated with `clientId` for an external application that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters.
+	ClientSecret *string `json:"clientSecret,omitempty"`
 	CorsSettings *ApplicationCorsSettings `json:"corsSettings,omitempty"`
 	// A string that specifies a unique identifier within an environment for a device authorization grant flow to provide a short identifier to the application. This property is ignored when the `deviceCustomVerificationUri` property is configured. The string can contain any letters, numbers, and some special characters (regex `a-zA-Z0-9_-`). It can have a length of no more than 50 characters (`min`/`max`=`1`/`50`).
 	DevicePathId *string `json:"devicePathId,omitempty"`
@@ -663,6 +667,70 @@ func (o *ApplicationOIDC) SetAssignActorRoles(v bool) {
 	o.AssignActorRoles = &v
 }
 
+// GetClientId returns the ClientId field value if set, zero value otherwise.
+func (o *ApplicationOIDC) GetClientId() string {
+	if o == nil || IsNil(o.ClientId) {
+		var ret string
+		return ret
+	}
+	return *o.ClientId
+}
+
+// GetClientIdOk returns a tuple with the ClientId field value if set, nil otherwise
+// and a boolean to check if the value has been set.
+func (o *ApplicationOIDC) GetClientIdOk() (*string, bool) {
+	if o == nil || IsNil(o.ClientId) {
+		return nil, false
+	}
+	return o.ClientId, true
+}
+
+// HasClientId returns a boolean if a field has been set.
+func (o *ApplicationOIDC) HasClientId() bool {
+	if o != nil && !IsNil(o.ClientId) {
+		return true
+	}
+
+	return false
+}
+
+// SetClientId gets a reference to the given string and assigns it to the ClientId field.
+func (o *ApplicationOIDC) SetClientId(v string) {
+	o.ClientId = &v
+}
+
+// GetClientSecret returns the ClientSecret field value if set, zero value otherwise.
+func (o *ApplicationOIDC) GetClientSecret() string {
+	if o == nil || IsNil(o.ClientSecret) {
+		var ret string
+		return ret
+	}
+	return *o.ClientSecret
+}
+
+// GetClientSecretOk returns a tuple with the ClientSecret field value if set, nil otherwise
+// and a boolean to check if the value has been set.
+func (o *ApplicationOIDC) GetClientSecretOk() (*string, bool) {
+	if o == nil || IsNil(o.ClientSecret) {
+		return nil, false
+	}
+	return o.ClientSecret, true
+}
+
+// HasClientSecret returns a boolean if a field has been set.
+func (o *ApplicationOIDC) HasClientSecret() bool {
+	if o != nil && !IsNil(o.ClientSecret) {
+		return true
+	}
+
+	return false
+}
+
+// SetClientSecret gets a reference to the given string and assigns it to the ClientSecret field.
+func (o *ApplicationOIDC) SetClientSecret(v string) {
+	o.ClientSecret = &v
+}
+
 // GetCorsSettings returns the CorsSettings field value if set, zero value otherwise.
 func (o *ApplicationOIDC) GetCorsSettings() ApplicationCorsSettings {
 	if o == nil || IsNil(o.CorsSettings) {
@@ -1666,6 +1734,12 @@ func (o ApplicationOIDC) ToMap() (map[string]interface{}, error) {
 	if !IsNil(o.AssignActorRoles) {
 		toSerialize["assignActorRoles"] = o.AssignActorRoles
 	}
+	if !IsNil(o.ClientId) {
+		toSerialize["clientId"] = o.ClientId
+	}
+	if !IsNil(o.ClientSecret) {
+		toSerialize["clientSecret"] = o.ClientSecret
+	}
 	if !IsNil(o.CorsSettings) {
 		toSerialize["corsSettings"] = o.CorsSettings
 	}
diff --git a/management/model_resource.go b/management/model_resource.go
index b49b7514..86071d08 100644
--- a/management/model_resource.go
+++ b/management/model_resource.go
@@ -26,6 +26,10 @@ type Resource struct {
 	ApplicationPermissionsSettings *ResourceApplicationPermissionsSettings `json:"applicationPermissionsSettings,omitempty"`
 	// A string that specifies a URL without a fragment or `@ObjectName` and must not contain `pingone` or `pingidentity` (for example, `https://api.bxretail.org`). If a URL is not specified, the resource name is used.
 	Audience *string `json:"audience,omitempty"`
+	// (Required when `clientSecret` is specified.) Supported only for the `POST` operation. This is the UUID of an external resource that is being migrated to PingOne. The UUID must be a minimum of 8 alpha-numeric characters, and must be globally unique in PingOne.
+	ClientId *string `json:"clientId,omitempty"`
+	// (Required when clientId is specified.) Supported only for the POST operation. This is the client secret associated with clientId for an external resource that is being migrated to PingOne. This must be a minimum of 8 alpha-numeric characters.
+	ClientSecret *string `json:"clientSecret,omitempty"`
 	// The time the resource was created.
 	CreatedAt *time.Time `json:"createdAt,omitempty"`
 	// A string that specifies the description of the resource.
@@ -188,6 +192,70 @@ func (o *Resource) SetAudience(v string) {
 	o.Audience = &v
 }
 
+// GetClientId returns the ClientId field value if set, zero value otherwise.
+func (o *Resource) GetClientId() string {
+	if o == nil || IsNil(o.ClientId) {
+		var ret string
+		return ret
+	}
+	return *o.ClientId
+}
+
+// GetClientIdOk returns a tuple with the ClientId field value if set, nil otherwise
+// and a boolean to check if the value has been set.
+func (o *Resource) GetClientIdOk() (*string, bool) {
+	if o == nil || IsNil(o.ClientId) {
+		return nil, false
+	}
+	return o.ClientId, true
+}
+
+// HasClientId returns a boolean if a field has been set.
+func (o *Resource) HasClientId() bool {
+	if o != nil && !IsNil(o.ClientId) {
+		return true
+	}
+
+	return false
+}
+
+// SetClientId gets a reference to the given string and assigns it to the ClientId field.
+func (o *Resource) SetClientId(v string) {
+	o.ClientId = &v
+}
+
+// GetClientSecret returns the ClientSecret field value if set, zero value otherwise.
+func (o *Resource) GetClientSecret() string {
+	if o == nil || IsNil(o.ClientSecret) {
+		var ret string
+		return ret
+	}
+	return *o.ClientSecret
+}
+
+// GetClientSecretOk returns a tuple with the ClientSecret field value if set, nil otherwise
+// and a boolean to check if the value has been set.
+func (o *Resource) GetClientSecretOk() (*string, bool) {
+	if o == nil || IsNil(o.ClientSecret) {
+		return nil, false
+	}
+	return o.ClientSecret, true
+}
+
+// HasClientSecret returns a boolean if a field has been set.
+func (o *Resource) HasClientSecret() bool {
+	if o != nil && !IsNil(o.ClientSecret) {
+		return true
+	}
+
+	return false
+}
+
+// SetClientSecret gets a reference to the given string and assigns it to the ClientSecret field.
+func (o *Resource) SetClientSecret(v string) {
+	o.ClientSecret = &v
+}
+
 // GetCreatedAt returns the CreatedAt field value if set, zero value otherwise.
 func (o *Resource) GetCreatedAt() time.Time {
 	if o == nil || IsNil(o.CreatedAt) {
@@ -490,6 +558,12 @@ func (o Resource) ToMap() (map[string]interface{}, error) {
 	if !IsNil(o.Audience) {
 		toSerialize["audience"] = o.Audience
 	}
+	if !IsNil(o.ClientId) {
+		toSerialize["clientId"] = o.ClientId
+	}
+	if !IsNil(o.ClientSecret) {
+		toSerialize["clientSecret"] = o.ClientSecret
+	}
 	if !IsNil(o.CreatedAt) {
 		toSerialize["createdAt"] = o.CreatedAt
 	}