feat(IAM Identity): add few new account settings (#317)

Signed-off-by: Madhuri Bhooma <madhuri.bhooma@ibm.com>

Author: Madhuri-Bhuma

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "package-lock.json|go.sum|^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2025-03-10T16:45:41Z",
+  "generated_at": "2025-10-31T17:17:55Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -88,49 +88,57 @@
         "hashed_secret": "a2190c299b60e882d9fb33736d5e6ab6ffe42708",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1256,
+        "line_number": 1457,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "cf4d2385b84329a52ca542285b93d9c4618420df",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2115,
+        "line_number": 2134,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "469f62fa9e1c6afe62e8808180668934ee548e8f",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 2397,
         "type": "Secret Keyword",
         "verified_result": null
       }
     ],
     "iam-identity/v1.ts": [
       {
-        "hashed_secret": "aa4ad361672f4c98fd64bf0db80127dd79be59d0",
+        "hashed_secret": "0a49d517da94f14c36ac92806c1d15cf95fbca67",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 316,
+        "line_number": 1031,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
-        "hashed_secret": "0a49d517da94f14c36ac92806c1d15cf95fbca67",
+        "hashed_secret": "aa4ad361672f4c98fd64bf0db80127dd79be59d0",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 799,
+        "line_number": 1109,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "835e124f126ae02c1c18b3c992a28dde441f5e04",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2335,
+        "line_number": 3057,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "e058a1c493ad749bd67d368340e9056ed1c2f3ed",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 6908,
+        "line_number": 7687,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -150,15 +158,23 @@
         "hashed_secret": "a2190c299b60e882d9fb33736d5e6ab6ffe42708",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1485,
+        "line_number": 1656,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "cf4d2385b84329a52ca542285b93d9c4618420df",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 2208,
+        "line_number": 2387,
+        "type": "Secret Keyword",
+        "verified_result": null
+      },
+      {
+        "hashed_secret": "469f62fa9e1c6afe62e8808180668934ee548e8f",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 2484,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -256,23 +272,15 @@
         "hashed_secret": "b8473b86d4c2072ca9b08bd28e373e8253e865c4",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1083,
-        "type": "Secret Keyword",
-        "verified_result": null
-      },
-      {
-        "hashed_secret": "cf4d2385b84329a52ca542285b93d9c4618420df",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 3573,
+        "line_number": 1400,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "469f62fa9e1c6afe62e8808180668934ee548e8f",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 5072,
+        "line_number": 7467,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -304,7 +312,7 @@
       }
     ]
   },
-  "version": "0.13.1+ibm.62.dss",
+  "version": "0.13.1+ibm.64.dss",
   "word_list": {
     "file": null,
     "hash": null

examples/iam-identity.v1.test.js

@@ -2109,15 +2109,45 @@ test('createApiKey request example', async () => {
     originalLog('createAccountSettingsTemplate() result:');
 
     // begin-create_account_settings_template
-    const settings = {
-      mfa: "LEVEL1",
-      system_access_token_expiration_in_seconds: "3000",
-    }
+    // UserMfa
+    const userMfaModel = {
+      iam_id: iamId,
+      mfa: 'LEVEL1',
+    };
+
+    // AccountSettingsUserDomainRestriction
+    const accountSettingsUserDomainRestrictionModel = {
+      realm_id: 'IBMid',
+      invitation_email_allow_patterns: ["*.*@sap.com"],
+      restrict_invitation: false,
+    };
+
+    // TemplateAccountSettingsRestrictUserDomains
+    const templateAccountSettingsRestrictUserDomainsModel = {
+      account_sufficient: false,
+      restrictions: [accountSettingsUserDomainRestrictionModel],
+    };
+
+    // TemplateAccountSettings
+    const templateAccountSettingsModel = {
+      restrict_create_service_id: 'RESTRICTED',
+      restrict_create_platform_apikey: 'RESTRICTED',
+      mfa: 'LEVEL1',
+      user_mfa: [userMfaModel],
+      session_expiration_in_seconds: '86400',
+      session_invalidation_in_seconds: '7200',
+      max_sessions_per_identity: '10',
+      system_access_token_expiration_in_seconds: '3600',
+      system_refresh_token_expiration_in_seconds: '259200',
+      restrict_user_list_visibility: 'NOT_RESTRICTED',
+      restrict_user_domains: templateAccountSettingsRestrictUserDomainsModel,
+    };
+
     const templateParams = {
       name: accountSettingsTemplateName,
       description: "IAM enterprise account settings template example",
       accountId: enterpriseAccountId,
-      accountSettings: settings,
+      accountSettings: templateAccountSettingsModel,
     }
 
     try {
@@ -2201,18 +2231,48 @@ test('createApiKey request example', async () => {
     originalLog('updateAccountSettingsTemplate() result:');
 
     // begin-update_account_settings_template_version
-    const settings = {
-      mfa: "LEVEL1",
-      system_access_token_expiration_in_seconds: "3000",
-    }
+    // UserMfa
+    const userMfaModel = {
+      iam_id: iamId,
+      mfa: 'LEVEL1',
+    };
+
+    // AccountSettingsUserDomainRestriction
+    const accountSettingsUserDomainRestrictionModel = {
+      realm_id: 'IBMid',
+      invitation_email_allow_patterns: ["*.*@sap.com"],
+      restrict_invitation: false,
+    };
+
+    // TemplateAccountSettingsRestrictUserDomains
+    const templateAccountSettingsRestrictUserDomainsModel = {
+      account_sufficient: false,
+      restrictions: [accountSettingsUserDomainRestrictionModel],
+    };
+
+    // TemplateAccountSettings
+    const templateAccountSettingsModel = {
+      restrict_create_service_id: 'NOT_SET',
+      restrict_create_platform_apikey: 'NOT_SET',
+      mfa: 'LEVEL1',
+      user_mfa: [userMfaModel],
+      session_expiration_in_seconds: '72400',
+      session_invalidation_in_seconds: '6000',
+      max_sessions_per_identity: '5',
+      system_access_token_expiration_in_seconds: '3000',
+      system_refresh_token_expiration_in_seconds: '59200',
+      restrict_user_list_visibility: 'RESTRICTED',
+      restrict_user_domains: templateAccountSettingsRestrictUserDomainsModel,
+    };
+
     const params = {
       accountId: enterpriseAccountId,
       templateId: accountSettingsTemplateId,
       version: accountSettingsTemplateVersion,
       ifMatch: accountSettingsTemplateEtag,
       name: accountSettingsTemplateName,
       description: "IAM enterprise account settings template example - updated",
-      accountSettings: settings,
+      accountSettings: templateAccountSettingsModel,
     }
     try {
       const res = await iamIdentityService.updateAccountSettingsTemplateVersion(params);
@@ -2312,18 +2372,46 @@ test('createApiKey request example', async () => {
     originalLog('createNewAccountSettingsTemplateVersion() result:');
 
     // begin-create_account_settings_template_version
-    const settings = {
-      mfa: "LEVEL1",
-      system_access_token_expiration_in_seconds: "2600",
-      restrict_create_platform_apikey: "RESTRICTED",
-      restrict_create_service_id: "RESTRICTED",
-    }
+     // UserMfa
+    const userMfaModel = {
+      iam_id: iamId,
+      mfa: 'LEVEL1',
+    };
+
+    // AccountSettingsUserDomainRestriction
+    const accountSettingsUserDomainRestrictionModel = {
+      realm_id: 'IBMid',
+      invitation_email_allow_patterns: ["*.*@sap.com"],
+      restrict_invitation: false,
+    };
+
+    // TemplateAccountSettingsRestrictUserDomains
+    const templateAccountSettingsRestrictUserDomainsModel = {
+      account_sufficient: false,
+      restrictions: [accountSettingsUserDomainRestrictionModel],
+    };
+
+    // TemplateAccountSettings
+    const templateAccountSettingsModel = {
+      restrict_create_service_id: 'NOT_SET',
+      restrict_create_platform_apikey: 'NOT_SET',
+      mfa: 'LEVEL1',
+      user_mfa: [userMfaModel],
+      session_expiration_in_seconds: '72400',
+      session_invalidation_in_seconds: '6000',
+      max_sessions_per_identity: '5',
+      system_access_token_expiration_in_seconds: '3000',
+      system_refresh_token_expiration_in_seconds: '59200',
+      restrict_user_list_visibility: 'RESTRICTED',
+      restrict_user_domains: templateAccountSettingsRestrictUserDomainsModel,
+    };
+
     const templateParams = {
       templateId: accountSettingsTemplateId,
       name: accountSettingsTemplateName,
       description: "IAM enterprise account settings template example - new version",
       accountId: enterpriseAccountId,
-      accountSettings: settings,
+      accountSettings: templateAccountSettingsModel,
     }
 
     try {