diff --git a/docs/data-sources/certificate.md b/docs/data-sources/certificate.md
index cb7334c..fc5f284 100644
--- a/docs/data-sources/certificate.md
+++ b/docs/data-sources/certificate.md
@@ -27,12 +27,12 @@ description: |-
 
 - `alias` (String)
 - `audit` (Attributes) (see [below for nested schema](#nestedatt--audit))
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
 - `global` (Boolean)
-- `key_data` (List of String)
+- `key_data` (String)
 - `links` (Attributes List) (see [below for nested schema](#nestedatt--links))
 - `permissions` (Attributes List) (see [below for nested schema](#nestedatt--permissions))
 - `subject_dn` (String)
diff --git a/docs/data-sources/client.md b/docs/data-sources/client.md
index 2ec248d..1f9c060 100644
--- a/docs/data-sources/client.md
+++ b/docs/data-sources/client.md
@@ -843,7 +843,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
diff --git a/docs/data-sources/directory.md b/docs/data-sources/directory.md
index 05093c5..f272d96 100644
--- a/docs/data-sources/directory.md
+++ b/docs/data-sources/directory.md
@@ -259,7 +259,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -299,7 +299,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -339,7 +339,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
diff --git a/docs/data-sources/group.md b/docs/data-sources/group.md
index 3aac077..85e8098 100644
--- a/docs/data-sources/group.md
+++ b/docs/data-sources/group.md
@@ -203,7 +203,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -531,6 +531,7 @@ Read-Only:
 - `provisioned_ldap` (Attributes) (see [below for nested schema](#nestedatt--administered_systems--provisioned_ldap))
 - `provisioned_ldap_directory` (Attributes) (see [below for nested schema](#nestedatt--administered_systems--provisioned_ldap_directory))
 - `provisioned_namespace` (Attributes) (see [below for nested schema](#nestedatt--administered_systems--provisioned_namespace))
+- `provisioned_scim` (Attributes) (see [below for nested schema](#nestedatt--administered_systems--provisioned_scim))
 - `self_service_existing_groups` (Boolean)
 - `self_service_new_groups` (Boolean)
 - `self_service_new_namespaces` (Boolean)
@@ -569,7 +570,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -609,7 +610,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -649,7 +650,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -1010,7 +1011,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -1249,6 +1250,21 @@ Read-Only:
 
 
 
+<a id="nestedatt--administered_systems--provisioned_scim"></a>
+### Nested Schema for `administered_systems.provisioned_scim`
+
+Read-Only:
+
+- `authentication_scheme` (String)
+- `basic_auth_password` (String)
+- `basic_auth_username` (String)
+- `bearer_token` (String)
+- `custom_header_name` (String)
+- `custom_header_value` (String)
+- `url` (String)
+- `vendor_escaped` (String)
+
+
 <a id="nestedatt--administered_systems--technical_administrator"></a>
 ### Nested Schema for `administered_systems.technical_administrator`
 
@@ -2786,6 +2802,7 @@ Read-Only:
 - `provisioned_ldap` (Attributes) (see [below for nested schema](#nestedatt--content_administered_systems--provisioned_ldap))
 - `provisioned_ldap_directory` (Attributes) (see [below for nested schema](#nestedatt--content_administered_systems--provisioned_ldap_directory))
 - `provisioned_namespace` (Attributes) (see [below for nested schema](#nestedatt--content_administered_systems--provisioned_namespace))
+- `provisioned_scim` (Attributes) (see [below for nested schema](#nestedatt--content_administered_systems--provisioned_scim))
 - `self_service_existing_groups` (Boolean)
 - `self_service_new_groups` (Boolean)
 - `self_service_new_namespaces` (Boolean)
@@ -2824,7 +2841,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -2864,7 +2881,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -2904,7 +2921,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -3265,7 +3282,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -3504,6 +3521,21 @@ Read-Only:
 
 
 
+<a id="nestedatt--content_administered_systems--provisioned_scim"></a>
+### Nested Schema for `content_administered_systems.provisioned_scim`
+
+Read-Only:
+
+- `authentication_scheme` (String)
+- `basic_auth_password` (String)
+- `basic_auth_username` (String)
+- `bearer_token` (String)
+- `custom_header_name` (String)
+- `custom_header_value` (String)
+- `url` (String)
+- `vendor_escaped` (String)
+
+
 <a id="nestedatt--content_administered_systems--technical_administrator"></a>
 ### Nested Schema for `content_administered_systems.technical_administrator`
 
@@ -4048,7 +4080,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -4579,7 +4611,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -4619,7 +4651,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -4659,7 +4691,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -5013,6 +5045,7 @@ Read-Only:
 - `provisioned_ldap` (Attributes) (see [below for nested schema](#nestedatt--owned_systems--provisioned_ldap))
 - `provisioned_ldap_directory` (Attributes) (see [below for nested schema](#nestedatt--owned_systems--provisioned_ldap_directory))
 - `provisioned_namespace` (Attributes) (see [below for nested schema](#nestedatt--owned_systems--provisioned_namespace))
+- `provisioned_scim` (Attributes) (see [below for nested schema](#nestedatt--owned_systems--provisioned_scim))
 - `self_service_existing_groups` (Boolean)
 - `self_service_new_groups` (Boolean)
 - `self_service_new_namespaces` (Boolean)
@@ -5051,7 +5084,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -5091,7 +5124,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -5131,7 +5164,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -5492,7 +5525,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -5731,6 +5764,21 @@ Read-Only:
 
 
 
+<a id="nestedatt--owned_systems--provisioned_scim"></a>
+### Nested Schema for `owned_systems.provisioned_scim`
+
+Read-Only:
+
+- `authentication_scheme` (String)
+- `basic_auth_password` (String)
+- `basic_auth_username` (String)
+- `bearer_token` (String)
+- `custom_header_name` (String)
+- `custom_header_value` (String)
+- `url` (String)
+- `vendor_escaped` (String)
+
+
 <a id="nestedatt--owned_systems--technical_administrator"></a>
 ### Nested Schema for `owned_systems.technical_administrator`
 
@@ -6498,7 +6546,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -6733,7 +6781,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
diff --git a/docs/data-sources/system.md b/docs/data-sources/system.md
index 245644b..d2f3145 100644
--- a/docs/data-sources/system.md
+++ b/docs/data-sources/system.md
@@ -49,6 +49,7 @@ description: |-
 - `provisioned_ldap` (Attributes) (see [below for nested schema](#nestedatt--provisioned_ldap))
 - `provisioned_ldap_directory` (Attributes) (see [below for nested schema](#nestedatt--provisioned_ldap_directory))
 - `provisioned_namespace` (Attributes) (see [below for nested schema](#nestedatt--provisioned_namespace))
+- `provisioned_scim` (Attributes) (see [below for nested schema](#nestedatt--provisioned_scim))
 - `self_service_existing_groups` (Boolean)
 - `self_service_new_groups` (Boolean)
 - `self_service_new_namespaces` (Boolean)
@@ -88,7 +89,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -128,7 +129,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -168,7 +169,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -845,7 +846,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -1084,6 +1085,21 @@ Read-Only:
 
 
 
+<a id="nestedatt--provisioned_scim"></a>
+### Nested Schema for `provisioned_scim`
+
+Read-Only:
+
+- `authentication_scheme` (String)
+- `basic_auth_password` (String)
+- `basic_auth_username` (String)
+- `bearer_token` (String)
+- `custom_header_name` (String)
+- `custom_header_value` (String)
+- `url` (String)
+- `vendor_escaped` (String)
+
+
 <a id="nestedatt--statistics"></a>
 ### Nested Schema for `statistics`
 
diff --git a/docs/data-sources/webhook.md b/docs/data-sources/webhook.md
index 78bdb9f..aff1450 100644
--- a/docs/data-sources/webhook.md
+++ b/docs/data-sources/webhook.md
@@ -139,7 +139,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
@@ -374,7 +374,7 @@ Read-Only:
 Read-Only:
 
 - `alias` (String)
-- `certificate_data` (List of String)
+- `certificate_data` (String)
 - `expiration` (String)
 - `fingerprint_sha1` (String)
 - `fingerprint_sha256` (String)
diff --git a/docs/resources/group.md b/docs/resources/group.md
index 3203fd4..4825366 100644
--- a/docs/resources/group.md
+++ b/docs/resources/group.md
@@ -349,6 +349,7 @@ Optional:
 - `provisioned_ldap` (Attributes) (see [below for nested schema](#nestedatt--administered_systems--provisioned_ldap))
 - `provisioned_ldap_directory` (Attributes) (see [below for nested schema](#nestedatt--administered_systems--provisioned_ldap_directory))
 - `provisioned_namespace` (Attributes) (see [below for nested schema](#nestedatt--administered_systems--provisioned_namespace))
+- `provisioned_scim` (Attributes) (see [below for nested schema](#nestedatt--administered_systems--provisioned_scim))
 - `self_service_existing_groups` (Boolean)
 - `self_service_new_groups` (Boolean)
 - `self_service_new_namespaces` (Boolean)
@@ -513,6 +514,24 @@ Required:
 - `service_account_dn` (String)
 
 
+<a id="nestedatt--administered_systems--provisioned_scim"></a>
+### Nested Schema for `administered_systems.provisioned_scim`
+
+Required:
+
+- `url` (String)
+
+Optional:
+
+- `authentication_scheme` (String)
+- `basic_auth_password` (String)
+- `basic_auth_username` (String)
+- `bearer_token` (String)
+- `custom_header_name` (String)
+- `custom_header_value` (String)
+- `vendor_escaped` (String)
+
+
 <a id="nestedatt--administered_systems--links"></a>
 ### Nested Schema for `administered_systems.links`
 
@@ -714,6 +733,7 @@ Optional:
 - `provisioned_ldap` (Attributes) (see [below for nested schema](#nestedatt--content_administered_systems--provisioned_ldap))
 - `provisioned_ldap_directory` (Attributes) (see [below for nested schema](#nestedatt--content_administered_systems--provisioned_ldap_directory))
 - `provisioned_namespace` (Attributes) (see [below for nested schema](#nestedatt--content_administered_systems--provisioned_namespace))
+- `provisioned_scim` (Attributes) (see [below for nested schema](#nestedatt--content_administered_systems--provisioned_scim))
 - `self_service_existing_groups` (Boolean)
 - `self_service_new_groups` (Boolean)
 - `self_service_new_namespaces` (Boolean)
@@ -878,6 +898,24 @@ Required:
 - `service_account_dn` (String)
 
 
+<a id="nestedatt--content_administered_systems--provisioned_scim"></a>
+### Nested Schema for `content_administered_systems.provisioned_scim`
+
+Required:
+
+- `url` (String)
+
+Optional:
+
+- `authentication_scheme` (String)
+- `basic_auth_password` (String)
+- `basic_auth_username` (String)
+- `bearer_token` (String)
+- `custom_header_name` (String)
+- `custom_header_value` (String)
+- `vendor_escaped` (String)
+
+
 <a id="nestedatt--content_administered_systems--links"></a>
 ### Nested Schema for `content_administered_systems.links`
 
@@ -1435,6 +1473,7 @@ Optional:
 - `provisioned_ldap` (Attributes) (see [below for nested schema](#nestedatt--owned_systems--provisioned_ldap))
 - `provisioned_ldap_directory` (Attributes) (see [below for nested schema](#nestedatt--owned_systems--provisioned_ldap_directory))
 - `provisioned_namespace` (Attributes) (see [below for nested schema](#nestedatt--owned_systems--provisioned_namespace))
+- `provisioned_scim` (Attributes) (see [below for nested schema](#nestedatt--owned_systems--provisioned_scim))
 - `self_service_existing_groups` (Boolean)
 - `self_service_new_groups` (Boolean)
 - `self_service_new_namespaces` (Boolean)
@@ -1599,6 +1638,24 @@ Required:
 - `service_account_dn` (String)
 
 
+<a id="nestedatt--owned_systems--provisioned_scim"></a>
+### Nested Schema for `owned_systems.provisioned_scim`
+
+Required:
+
+- `url` (String)
+
+Optional:
+
+- `authentication_scheme` (String)
+- `basic_auth_password` (String)
+- `basic_auth_username` (String)
+- `bearer_token` (String)
+- `custom_header_name` (String)
+- `custom_header_value` (String)
+- `vendor_escaped` (String)
+
+
 <a id="nestedatt--owned_systems--links"></a>
 ### Nested Schema for `owned_systems.links`
 
diff --git a/go.mod b/go.mod
index 7c6746d..340c1de 100644
--- a/go.mod
+++ b/go.mod
@@ -8,10 +8,10 @@ require (
 	github.com/hashicorp/terraform-plugin-framework v1.4.2
 	github.com/hashicorp/terraform-plugin-framework-validators v0.12.0
 	github.com/hashicorp/terraform-plugin-log v0.9.0
-	github.com/microsoft/kiota-abstractions-go v1.5.0
-	github.com/topicuskeyhub/sdk-go v0.29.1-0.20231115090905-2e3dacc95093
+	github.com/microsoft/kiota-abstractions-go v1.5.3
+	github.com/topicuskeyhub/sdk-go v0.30.1
 	github.com/topicuskeyhub/terraform-provider-keyhub-generator v0.0.8
-	golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa
+	golang.org/x/exp v0.0.0-20231127185646-65229373498e
 )
 
 require (
@@ -24,7 +24,7 @@ require (
 	github.com/bgentry/speakeasy v0.1.0 // indirect
 	github.com/cjlapao/common-go v0.0.39 // indirect
 	github.com/cloudflare/circl v1.3.3 // indirect
-	github.com/coreos/go-oidc/v3 v3.7.0 // indirect
+	github.com/coreos/go-oidc/v3 v3.8.0 // indirect
 	github.com/fatih/color v1.16.0 // indirect
 	github.com/getkin/kin-openapi v0.120.0 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.1 // indirect
@@ -44,7 +44,7 @@ require (
 	github.com/hashicorp/hc-install v0.5.2 // indirect
 	github.com/hashicorp/terraform-exec v0.18.1 // indirect
 	github.com/hashicorp/terraform-json v0.17.1 // indirect
-	github.com/hashicorp/terraform-plugin-go v0.19.0 // indirect
+	github.com/hashicorp/terraform-plugin-go v0.19.1 // indirect
 	github.com/hashicorp/terraform-registry-address v0.2.3 // indirect
 	github.com/hashicorp/terraform-svchost v0.1.1 // indirect
 	github.com/hashicorp/yamux v0.1.1 // indirect
@@ -55,7 +55,7 @@ require (
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/microsoft/kiota-http-go v1.1.0 // indirect
+	github.com/microsoft/kiota-http-go v1.1.1 // indirect
 	github.com/microsoft/kiota-serialization-json-go v1.0.4 // indirect
 	github.com/mitchellh/cli v1.1.5 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
@@ -68,21 +68,21 @@ require (
 	github.com/russross/blackfriday v1.6.0 // indirect
 	github.com/shopspring/decimal v1.3.1 // indirect
 	github.com/spf13/cast v1.5.0 // indirect
-	github.com/std-uritemplate/std-uritemplate/go v0.0.46 // indirect
+	github.com/std-uritemplate/std-uritemplate/go v0.0.47 // indirect
 	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/zclconf/go-cty v1.14.1 // indirect
-	go.opentelemetry.io/otel v1.20.0 // indirect
-	go.opentelemetry.io/otel/metric v1.20.0 // indirect
-	go.opentelemetry.io/otel/trace v1.20.0 // indirect
-	golang.org/x/crypto v0.15.0 // indirect
+	go.opentelemetry.io/otel v1.21.0 // indirect
+	go.opentelemetry.io/otel/metric v1.21.0 // indirect
+	go.opentelemetry.io/otel/trace v1.21.0 // indirect
+	golang.org/x/crypto v0.16.0 // indirect
 	golang.org/x/mod v0.14.0 // indirect
-	golang.org/x/net v0.18.0 // indirect
-	golang.org/x/oauth2 v0.14.0 // indirect
-	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/net v0.19.0 // indirect
+	golang.org/x/oauth2 v0.15.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4 // indirect
 	google.golang.org/grpc v1.59.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
diff --git a/go.sum b/go.sum
index 8315f80..33c1c1a 100644
--- a/go.sum
+++ b/go.sum
@@ -25,6 +25,8 @@ github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEM
 github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
 github.com/coreos/go-oidc/v3 v3.7.0 h1:FTdj0uexT4diYIPlF4yoFVI5MRO1r5+SEcIpEw9vC0o=
 github.com/coreos/go-oidc/v3 v3.7.0/go.mod h1:yQzSCqBnK3e6Fs5l+f5i0F8Kwf0zpH9bPEsbY00KanM=
+github.com/coreos/go-oidc/v3 v3.8.0 h1:s3e30r6VEl3/M7DTSCEuImmrfu1/1WBgA0cXkdzkrAY=
+github.com/coreos/go-oidc/v3 v3.8.0/go.mod h1:yQzSCqBnK3e6Fs5l+f5i0F8Kwf0zpH9bPEsbY00KanM=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -96,6 +98,8 @@ github.com/hashicorp/terraform-plugin-framework-validators v0.12.0 h1:HOjBuMbOEz
 github.com/hashicorp/terraform-plugin-framework-validators v0.12.0/go.mod h1:jfHGE/gzjxYz6XoUwi/aYiiKrJDeutQNUtGQXkaHklg=
 github.com/hashicorp/terraform-plugin-go v0.19.0 h1:BuZx/6Cp+lkmiG0cOBk6Zps0Cb2tmqQpDM3iAtnhDQU=
 github.com/hashicorp/terraform-plugin-go v0.19.0/go.mod h1:EhRSkEPNoylLQntYsk5KrDHTZJh9HQoumZXbOGOXmec=
+github.com/hashicorp/terraform-plugin-go v0.19.1 h1:lf/jTGTeELcz5IIbn/94mJdmnTjRYm6S6ct/JqCSr50=
+github.com/hashicorp/terraform-plugin-go v0.19.1/go.mod h1:5NMIS+DXkfacX6o5HCpswda5yjkSYfKzn1Nfl9l+qRs=
 github.com/hashicorp/terraform-plugin-log v0.9.0 h1:i7hOA+vdAItN1/7UrfBqBwvYPQ9TFvymaRGZED3FCV0=
 github.com/hashicorp/terraform-plugin-log v0.9.0/go.mod h1:rKL8egZQ/eXSyDqzLUuwUYLVdlYeamldAHSxjUFADow=
 github.com/hashicorp/terraform-registry-address v0.2.3 h1:2TAiKJ1A3MAkZlH1YI/aTVcLZRu7JseiXNRHbOAyoTI=
@@ -134,8 +138,12 @@ github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWE
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/microsoft/kiota-abstractions-go v1.5.0 h1:CD36eKsJ6NZLLu6LS5UqDPApIkrZEq2L7E0Uw/CTKzc=
 github.com/microsoft/kiota-abstractions-go v1.5.0/go.mod h1:NRJnAFg8qqOoX/VQWTe3ZYmcIbLa20LNC+eTqO2j60U=
+github.com/microsoft/kiota-abstractions-go v1.5.3 h1:qUTwuXCbMi99EkHaTh5NGMK5MOKxJn7u/M2FbYcesLY=
+github.com/microsoft/kiota-abstractions-go v1.5.3/go.mod h1:xyBzTVCYrp7QBW4/p+RFi44PHwp/IPn2dZepuV4nF80=
 github.com/microsoft/kiota-http-go v1.1.0 h1:L5I93EiNtlP/X6YzeTlhjWt7Q1DxzC9CmWSVtX3b0tE=
 github.com/microsoft/kiota-http-go v1.1.0/go.mod h1:zESUM6ovki9LEupqziCbxJ+FAYoF0dFDYZVpOkAfSLc=
+github.com/microsoft/kiota-http-go v1.1.1 h1:W4Olo7Z/MwNZCfkcvH/5eLhnn7koRBMMRhLEnf5MPKo=
+github.com/microsoft/kiota-http-go v1.1.1/go.mod h1:QzhhfW5xkoUuT+/ohflpHJvumWeXIxa/Xl0GmQ2M6mY=
 github.com/microsoft/kiota-serialization-json-go v1.0.4 h1:5TaISWwd2Me8clrK7SqNATo0tv9seOq59y4I5953egQ=
 github.com/microsoft/kiota-serialization-json-go v1.0.4/go.mod h1:rM4+FsAY+9AEpBsBzkFFis+b/LZLlNKKewuLwK9Q6Mg=
 github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng=
@@ -173,6 +181,8 @@ github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w=
 github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU=
 github.com/std-uritemplate/std-uritemplate/go v0.0.46 h1:rWcEym/hz9YhPTXJELTXfrq48lTx69jNVhv+dOMmyZY=
 github.com/std-uritemplate/std-uritemplate/go v0.0.46/go.mod h1:Qov4Ay4U83j37XjgxMYevGJFLbnZ2o9cEOhGufBKgKY=
+github.com/std-uritemplate/std-uritemplate/go v0.0.47 h1:erzz/DR4sOzWr0ca2MgSTkMckpLEsDySaTZwVFQq9zw=
+github.com/std-uritemplate/std-uritemplate/go v0.0.47/go.mod h1:Qov4Ay4U83j37XjgxMYevGJFLbnZ2o9cEOhGufBKgKY=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@@ -182,6 +192,8 @@ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1F
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/topicuskeyhub/sdk-go v0.29.1-0.20231115090905-2e3dacc95093 h1:p7OfnBznCA59fRB+E9GL8qxuIAKA+ixdvNcyBWp4MDY=
 github.com/topicuskeyhub/sdk-go v0.29.1-0.20231115090905-2e3dacc95093/go.mod h1:0I6HAiTtujy+fsOaCT78L6/wflACImwejPcSfAWKPbU=
+github.com/topicuskeyhub/sdk-go v0.30.1 h1:pESRNuUGfKneJ3faeJsUVrmF7inCfcLVcfj2uX2MsF8=
+github.com/topicuskeyhub/sdk-go v0.30.1/go.mod h1:4ChMATD8LqFBHR/c9x762xFnWHDvPpykF/oP5WmXkg8=
 github.com/topicuskeyhub/terraform-provider-keyhub-generator v0.0.8 h1:FltyUDCUkhpd8zq+8AQgcLx54tkf9S0lvOuDKK06cvQ=
 github.com/topicuskeyhub/terraform-provider-keyhub-generator v0.0.8/go.mod h1:Cneu5QPgWXynzT5IzOW6sX9aAxypPQArE44f0fLyIvg=
 github.com/ugorji/go/codec v1.2.7 h1:YPXUKf7fYbp/y8xloBqZOw2qaVggbfwMlI8WM3wZUJ0=
@@ -195,10 +207,16 @@ github.com/zclconf/go-cty v1.14.1 h1:t9fyA35fwjjUMcmL5hLER+e/rEPqrbCK1/OSE4SI9KA
 github.com/zclconf/go-cty v1.14.1/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE=
 go.opentelemetry.io/otel v1.20.0 h1:vsb/ggIY+hUjD/zCAQHpzTmndPqv/ml2ArbsbfBYTAc=
 go.opentelemetry.io/otel v1.20.0/go.mod h1:oUIGj3D77RwJdM6PPZImDpSZGDvkD9fhesHny69JFrs=
+go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc=
+go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo=
 go.opentelemetry.io/otel/metric v1.20.0 h1:ZlrO8Hu9+GAhnepmRGhSU7/VkpjrNowxRN9GyKR4wzA=
 go.opentelemetry.io/otel/metric v1.20.0/go.mod h1:90DRw3nfK4D7Sm/75yQ00gTJxtkBxX+wu6YaNymbpVM=
+go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4=
+go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM=
 go.opentelemetry.io/otel/trace v1.20.0 h1:+yxVAPZPbQhbC3OfAkeIVTky6iTFpcr4SiY9om7mXSQ=
 go.opentelemetry.io/otel/trace v1.20.0/go.mod h1:HJSK7F/hA5RlzpZ0zKDCHCDHm556LCDtKaAo6JmBFUU=
+go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc=
+go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
@@ -206,8 +224,12 @@ golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=
 golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
+golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
+golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ=
 golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE=
+golang.org/x/exp v0.0.0-20231127185646-65229373498e h1:Gvh4YaCaXNs6dKTlfgismwWZKyjVZXwOPfIyUaqU3No=
+golang.org/x/exp v0.0.0-20231127185646-65229373498e/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
 golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
@@ -217,8 +239,12 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg=
 golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ=
+golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c=
+golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U=
 golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0=
 golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM=
+golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ=
+golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -237,6 +263,8 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
 golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -254,6 +282,8 @@ google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAs
 google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4 h1:DC7wcm+i+P1rN3Ff07vL+OndGg5OhNddHyTA+ocPqYE=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4/go.mod h1:eJVxU6o+4G1PSczBr85xmyvSNYAKvAYgkub40YGomFM=
 google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
 google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
diff --git a/internal/provider/full-data-struct-ds.go b/internal/provider/full-data-struct-ds.go
index 7555ef2..1a7bf07 100644
--- a/internal/provider/full-data-struct-ds.go
+++ b/internal/provider/full-data-struct-ds.go
@@ -176,7 +176,7 @@ type certificateCertificateDataDS struct {
 	Permissions                      types.List   `tfsdk:"permissions"`
 	Alias                            types.String `tfsdk:"alias"`
 	CertificateCertificatePrimerType types.String `tfsdk:"type"`
-	CertificateData                  types.List   `tfsdk:"certificate_data"`
+	CertificateData                  types.String `tfsdk:"certificate_data"`
 	Expiration                       types.String `tfsdk:"expiration"`
 	FingerprintSha1                  types.String `tfsdk:"fingerprint_sha1"`
 	FingerprintSha256                types.String `tfsdk:"fingerprint_sha256"`
@@ -185,7 +185,7 @@ type certificateCertificateDataDS struct {
 	UUID                             types.String `tfsdk:"uuid"`
 	Additional                       types.List   `tfsdk:"additional"`
 	Audit                            types.Object `tfsdk:"audit" tkhao:"audit"`
-	KeyData                          types.List   `tfsdk:"key_data"`
+	KeyData                          types.String `tfsdk:"key_data"`
 }
 
 var certificateCertificatePrimerAttrTypesDS = objectAttrsTypeDSCertificateCertificatePrimer(false)
@@ -196,7 +196,7 @@ type certificateCertificatePrimerDataDS struct {
 	Permissions                      types.List   `tfsdk:"permissions"`
 	Alias                            types.String `tfsdk:"alias"`
 	CertificateCertificatePrimerType types.String `tfsdk:"type"`
-	CertificateData                  types.List   `tfsdk:"certificate_data"`
+	CertificateData                  types.String `tfsdk:"certificate_data"`
 	Expiration                       types.String `tfsdk:"expiration"`
 	FingerprintSha1                  types.String `tfsdk:"fingerprint_sha1"`
 	FingerprintSha256                types.String `tfsdk:"fingerprint_sha256"`
@@ -1177,6 +1177,20 @@ type provisioningProvisionedNamespaceDataDS struct {
 	ServiceAccountDN types.String `tfsdk:"service_account_dn"`
 }
 
+var provisioningProvisionedSCIMAttrTypesDS = objectAttrsTypeDSProvisioningProvisionedSCIM(false)
+var provisioningProvisionedSCIMAttrTypesDSRecurse = objectAttrsTypeDSProvisioningProvisionedSCIM(true)
+
+type provisioningProvisionedSCIMDataDS struct {
+	AuthenticationScheme types.String `tfsdk:"authentication_scheme"`
+	BasicAuthPassword    types.String `tfsdk:"basic_auth_password"`
+	BasicAuthUsername    types.String `tfsdk:"basic_auth_username"`
+	BearerToken          types.String `tfsdk:"bearer_token"`
+	CustomHeaderName     types.String `tfsdk:"custom_header_name"`
+	CustomHeaderValue    types.String `tfsdk:"custom_header_value"`
+	URL                  types.String `tfsdk:"url"`
+	VendorEscaped        types.String `tfsdk:"vendor_escaped"`
+}
+
 var provisioningProvisionedSystemAttrTypesDS = objectAttrsTypeDSProvisioningProvisionedSystem(false)
 var provisioningProvisionedSystemAttrTypesDSRecurse = objectAttrsTypeDSProvisioningProvisionedSystem(true)
 
@@ -1217,6 +1231,7 @@ type provisioningProvisionedSystemDataDS struct {
 	ProvisionedLDAP                         types.Object `tfsdk:"provisioned_ldap"`
 	ProvisionedLDAPDirectory                types.Object `tfsdk:"provisioned_ldap_directory"`
 	ProvisionedNamespace                    types.Object `tfsdk:"provisioned_namespace"`
+	ProvisionedSCIM                         types.Object `tfsdk:"provisioned_scim"`
 }
 
 var provisioningProvisionedSystemLinkableWrapperAttrTypesDS = objectAttrsTypeDSProvisioningProvisionedSystemLinkableWrapper(false)
diff --git a/internal/provider/full-data-struct-rs.go b/internal/provider/full-data-struct-rs.go
index 909607f..12e04c8 100644
--- a/internal/provider/full-data-struct-rs.go
+++ b/internal/provider/full-data-struct-rs.go
@@ -83,7 +83,7 @@ type certificateCertificatePrimerDataRS struct {
 	Permissions                      types.List   `tfsdk:"permissions"`
 	Alias                            types.String `tfsdk:"alias"`
 	CertificateCertificatePrimerType types.String `tfsdk:"type"`
-	CertificateData                  types.List   `tfsdk:"certificate_data"`
+	CertificateData                  types.String `tfsdk:"certificate_data"`
 	Expiration                       types.String `tfsdk:"expiration"`
 	FingerprintSha1                  types.String `tfsdk:"fingerprint_sha1"`
 	FingerprintSha256                types.String `tfsdk:"fingerprint_sha256"`
@@ -1040,6 +1040,20 @@ type provisioningProvisionedNamespaceDataRS struct {
 	ServiceAccountDN types.String `tfsdk:"service_account_dn"`
 }
 
+var provisioningProvisionedSCIMAttrTypesRS = objectAttrsTypeRSProvisioningProvisionedSCIM(false)
+var provisioningProvisionedSCIMAttrTypesRSRecurse = objectAttrsTypeRSProvisioningProvisionedSCIM(true)
+
+type provisioningProvisionedSCIMDataRS struct {
+	AuthenticationScheme types.String `tfsdk:"authentication_scheme"`
+	BasicAuthPassword    types.String `tfsdk:"basic_auth_password"`
+	BasicAuthUsername    types.String `tfsdk:"basic_auth_username"`
+	BearerToken          types.String `tfsdk:"bearer_token"`
+	CustomHeaderName     types.String `tfsdk:"custom_header_name"`
+	CustomHeaderValue    types.String `tfsdk:"custom_header_value"`
+	URL                  types.String `tfsdk:"url"`
+	VendorEscaped        types.String `tfsdk:"vendor_escaped"`
+}
+
 var provisioningProvisionedSystemAttrTypesRS = objectAttrsTypeRSProvisioningProvisionedSystem(false)
 var provisioningProvisionedSystemAttrTypesRSRecurse = objectAttrsTypeRSProvisioningProvisionedSystem(true)
 
@@ -1080,6 +1094,7 @@ type provisioningProvisionedSystemDataRS struct {
 	ProvisionedLDAP                         types.Object `tfsdk:"provisioned_ldap"`
 	ProvisionedLDAPDirectory                types.Object `tfsdk:"provisioned_ldap_directory"`
 	ProvisionedNamespace                    types.Object `tfsdk:"provisioned_namespace"`
+	ProvisionedSCIM                         types.Object `tfsdk:"provisioned_scim"`
 }
 
 var provisioningProvisionedSystemLinkableWrapperAttrTypesRS = objectAttrsTypeRSProvisioningProvisionedSystemLinkableWrapper(false)
diff --git a/internal/provider/full-object-attrs-ds.go b/internal/provider/full-object-attrs-ds.go
index 9a1d18d..4953e53 100644
--- a/internal/provider/full-object-attrs-ds.go
+++ b/internal/provider/full-object-attrs-ds.go
@@ -172,14 +172,14 @@ func objectAttrsTypeDSCertificateCertificate(recurse bool) map[string]attr.Type
 	objectAttrs["permissions"] = types.ListType{ElemType: types.ObjectType{AttrTypes: objectAttrsTypeDSAuthPermission(recurse)}}
 	objectAttrs["alias"] = types.StringType
 	objectAttrs["type"] = types.StringType
-	objectAttrs["certificate_data"] = types.ListType{ElemType: types.StringType}
+	objectAttrs["certificate_data"] = types.StringType
 	objectAttrs["expiration"] = types.StringType
 	objectAttrs["fingerprint_sha1"] = types.StringType
 	objectAttrs["fingerprint_sha256"] = types.StringType
 	objectAttrs["global"] = types.BoolType
 	objectAttrs["subject_dn"] = types.StringType
 	objectAttrs["uuid"] = types.StringType
-	objectAttrs["key_data"] = types.ListType{ElemType: types.StringType}
+	objectAttrs["key_data"] = types.StringType
 	return objectAttrs
 }
 
@@ -189,7 +189,7 @@ func objectAttrsTypeDSCertificateCertificatePrimer(recurse bool) map[string]attr
 	objectAttrs["permissions"] = types.ListType{ElemType: types.ObjectType{AttrTypes: objectAttrsTypeDSAuthPermission(recurse)}}
 	objectAttrs["alias"] = types.StringType
 	objectAttrs["type"] = types.StringType
-	objectAttrs["certificate_data"] = types.ListType{ElemType: types.StringType}
+	objectAttrs["certificate_data"] = types.StringType
 	objectAttrs["expiration"] = types.StringType
 	objectAttrs["fingerprint_sha1"] = types.StringType
 	objectAttrs["fingerprint_sha256"] = types.StringType
@@ -1153,6 +1153,19 @@ func objectAttrsTypeDSProvisioningProvisionedNamespace(recurse bool) map[string]
 	return objectAttrs
 }
 
+func objectAttrsTypeDSProvisioningProvisionedSCIM(recurse bool) map[string]attr.Type {
+	objectAttrs := make(map[string]attr.Type)
+	objectAttrs["authentication_scheme"] = types.StringType
+	objectAttrs["basic_auth_password"] = types.StringType
+	objectAttrs["basic_auth_username"] = types.StringType
+	objectAttrs["bearer_token"] = types.StringType
+	objectAttrs["custom_header_name"] = types.StringType
+	objectAttrs["custom_header_value"] = types.StringType
+	objectAttrs["url"] = types.StringType
+	objectAttrs["vendor_escaped"] = types.StringType
+	return objectAttrs
+}
+
 func objectAttrsTypeDSProvisioningProvisionedSystem(recurse bool) map[string]attr.Type {
 	objectAttrs := make(map[string]attr.Type)
 	if recurse {
@@ -1195,6 +1208,7 @@ func objectAttrsTypeDSProvisioningProvisionedSystem(recurse bool) map[string]att
 	objectAttrs["provisioned_ldap"] = types.ObjectType{AttrTypes: objectAttrsTypeDSProvisioningProvisionedLDAP(false)}
 	objectAttrs["provisioned_ldap_directory"] = types.ObjectType{AttrTypes: objectAttrsTypeDSProvisioningProvisionedLDAPDirectory(false)}
 	objectAttrs["provisioned_namespace"] = types.ObjectType{AttrTypes: objectAttrsTypeDSProvisioningProvisionedNamespace(false)}
+	objectAttrs["provisioned_scim"] = types.ObjectType{AttrTypes: objectAttrsTypeDSProvisioningProvisionedSCIM(false)}
 	return objectAttrs
 }
 
diff --git a/internal/provider/full-object-attrs-rs.go b/internal/provider/full-object-attrs-rs.go
index 5051c69..206f8b8 100644
--- a/internal/provider/full-object-attrs-rs.go
+++ b/internal/provider/full-object-attrs-rs.go
@@ -75,7 +75,7 @@ func objectAttrsTypeRSCertificateCertificatePrimer(recurse bool) map[string]attr
 	objectAttrs["permissions"] = types.ListType{ElemType: types.ObjectType{AttrTypes: objectAttrsTypeRSAuthPermission(recurse)}}
 	objectAttrs["alias"] = types.StringType
 	objectAttrs["type"] = types.StringType
-	objectAttrs["certificate_data"] = types.ListType{ElemType: types.StringType}
+	objectAttrs["certificate_data"] = types.StringType
 	objectAttrs["expiration"] = types.StringType
 	objectAttrs["fingerprint_sha1"] = types.StringType
 	objectAttrs["fingerprint_sha256"] = types.StringType
@@ -1020,6 +1020,19 @@ func objectAttrsTypeRSProvisioningProvisionedNamespace(recurse bool) map[string]
 	return objectAttrs
 }
 
+func objectAttrsTypeRSProvisioningProvisionedSCIM(recurse bool) map[string]attr.Type {
+	objectAttrs := make(map[string]attr.Type)
+	objectAttrs["authentication_scheme"] = types.StringType
+	objectAttrs["basic_auth_password"] = types.StringType
+	objectAttrs["basic_auth_username"] = types.StringType
+	objectAttrs["bearer_token"] = types.StringType
+	objectAttrs["custom_header_name"] = types.StringType
+	objectAttrs["custom_header_value"] = types.StringType
+	objectAttrs["url"] = types.StringType
+	objectAttrs["vendor_escaped"] = types.StringType
+	return objectAttrs
+}
+
 func objectAttrsTypeRSProvisioningProvisionedSystem(recurse bool) map[string]attr.Type {
 	objectAttrs := make(map[string]attr.Type)
 	if recurse {
@@ -1062,6 +1075,7 @@ func objectAttrsTypeRSProvisioningProvisionedSystem(recurse bool) map[string]att
 	objectAttrs["provisioned_ldap"] = types.ObjectType{AttrTypes: objectAttrsTypeRSProvisioningProvisionedLDAP(false)}
 	objectAttrs["provisioned_ldap_directory"] = types.ObjectType{AttrTypes: objectAttrsTypeRSProvisioningProvisionedLDAPDirectory(false)}
 	objectAttrs["provisioned_namespace"] = types.ObjectType{AttrTypes: objectAttrsTypeRSProvisioningProvisionedNamespace(false)}
+	objectAttrs["provisioned_scim"] = types.ObjectType{AttrTypes: objectAttrsTypeRSProvisioningProvisionedSCIM(false)}
 	return objectAttrs
 }
 
diff --git a/internal/provider/full-schema-ds.go b/internal/provider/full-schema-ds.go
index 7a1f678..e161ebc 100644
--- a/internal/provider/full-schema-ds.go
+++ b/internal/provider/full-schema-ds.go
@@ -399,9 +399,8 @@ func dataSourceSchemaAttrsCertificateCertificate(recurse bool) map[string]dssche
 	schemaAttrs["type"] = dsschema.StringAttribute{
 		Computed: true,
 	}
-	schemaAttrs["certificate_data"] = dsschema.ListAttribute{
-		ElementType: types.StringType,
-		Computed:    true,
+	schemaAttrs["certificate_data"] = dsschema.StringAttribute{
+		Computed: true,
 	}
 	schemaAttrs["expiration"] = dsschema.StringAttribute{
 		Computed: true,
@@ -426,9 +425,8 @@ func dataSourceSchemaAttrsCertificateCertificate(recurse bool) map[string]dssche
 			stringvalidator.RegexMatches(regexp.MustCompile("[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}"), "The value must be a valid UUID"),
 		},
 	}
-	schemaAttrs["key_data"] = dsschema.ListAttribute{
-		ElementType: types.StringType,
-		Computed:    true,
+	schemaAttrs["key_data"] = dsschema.StringAttribute{
+		Computed: true,
 	}
 	return schemaAttrs
 }
@@ -452,9 +450,8 @@ func dataSourceSchemaAttrsCertificateCertificatePrimer(recurse bool) map[string]
 	schemaAttrs["type"] = dsschema.StringAttribute{
 		Computed: true,
 	}
-	schemaAttrs["certificate_data"] = dsschema.ListAttribute{
-		ElementType: types.StringType,
-		Computed:    true,
+	schemaAttrs["certificate_data"] = dsschema.StringAttribute{
+		Computed: true,
 	}
 	schemaAttrs["expiration"] = dsschema.StringAttribute{
 		Computed: true,
@@ -2921,6 +2918,34 @@ func dataSourceSchemaAttrsProvisioningProvisionedNamespace(recurse bool) map[str
 	}
 	return schemaAttrs
 }
+func dataSourceSchemaAttrsProvisioningProvisionedSCIM(recurse bool) map[string]dsschema.Attribute {
+	schemaAttrs := make(map[string]dsschema.Attribute)
+	schemaAttrs["authentication_scheme"] = dsschema.StringAttribute{
+		Computed: true,
+	}
+	schemaAttrs["basic_auth_password"] = dsschema.StringAttribute{
+		Computed: true,
+	}
+	schemaAttrs["basic_auth_username"] = dsschema.StringAttribute{
+		Computed: true,
+	}
+	schemaAttrs["bearer_token"] = dsschema.StringAttribute{
+		Computed: true,
+	}
+	schemaAttrs["custom_header_name"] = dsschema.StringAttribute{
+		Computed: true,
+	}
+	schemaAttrs["custom_header_value"] = dsschema.StringAttribute{
+		Computed: true,
+	}
+	schemaAttrs["url"] = dsschema.StringAttribute{
+		Computed: true,
+	}
+	schemaAttrs["vendor_escaped"] = dsschema.StringAttribute{
+		Computed: true,
+	}
+	return schemaAttrs
+}
 func dataSourceSchemaAttrsProvisioningProvisionedSystem(recurse bool) map[string]dsschema.Attribute {
 	schemaAttrs := make(map[string]dsschema.Attribute)
 	if recurse {
@@ -3081,6 +3106,13 @@ func dataSourceSchemaAttrsProvisioningProvisionedSystem(recurse bool) map[string
 		attr.Computed = true
 		schemaAttrs["provisioned_namespace"] = attr
 	}
+	{
+		attr := dsschema.SingleNestedAttribute{
+			Attributes: dataSourceSchemaAttrsProvisioningProvisionedSCIM(false),
+		}
+		attr.Computed = true
+		schemaAttrs["provisioned_scim"] = attr
+	}
 	return schemaAttrs
 }
 func dataSourceSchemaAttrsProvisioningProvisionedSystemLinkableWrapper(recurse bool) map[string]dsschema.Attribute {
diff --git a/internal/provider/full-schema-rs.go b/internal/provider/full-schema-rs.go
index 9c4fe8b..90908d9 100644
--- a/internal/provider/full-schema-rs.go
+++ b/internal/provider/full-schema-rs.go
@@ -184,9 +184,8 @@ func resourceSchemaAttrsCertificateCertificatePrimer(recurse bool) map[string]rs
 		Computed:      true,
 		PlanModifiers: []planmodifier.String{stringplanmodifier.UseStateForUnknown()},
 	}
-	schemaAttrs["certificate_data"] = rsschema.ListAttribute{
-		ElementType: types.StringType,
-		Optional:    true,
+	schemaAttrs["certificate_data"] = rsschema.StringAttribute{
+		Optional: true,
 	}
 	schemaAttrs["expiration"] = rsschema.StringAttribute{
 		Computed: true,
@@ -2287,7 +2286,7 @@ func resourceSchemaAttrsNestedProvisioningGroupOnSystem(recurse bool) map[string
 		Required: true,
 		Validators: []validator.String{
 			stringvalidator.OneOf(
-				"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP",
+				"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP", "SCIM",
 			),
 		},
 	}
@@ -2590,7 +2589,7 @@ func resourceSchemaAttrsProvisioningGroupOnSystem(recurse bool) map[string]rssch
 		Required: true,
 		Validators: []validator.String{
 			stringvalidator.OneOf(
-				"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP",
+				"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP", "SCIM",
 			),
 		},
 	}
@@ -2644,7 +2643,7 @@ func resourceSchemaAttrsProvisioningGroupOnSystemPrimer(recurse bool) map[string
 		Required: true,
 		Validators: []validator.String{
 			stringvalidator.OneOf(
-				"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP",
+				"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP", "SCIM",
 			),
 		},
 	}
@@ -2661,7 +2660,7 @@ func resourceSchemaAttrsProvisioningGroupOnSystemTypes(recurse bool) map[string]
 		Validators: []validator.List{
 			listvalidator.ValueStringsAre(
 				stringvalidator.OneOf(
-					"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP",
+					"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP", "SCIM",
 				),
 			),
 		},
@@ -2949,6 +2948,66 @@ func resourceSchemaAttrsProvisioningProvisionedNamespace(recurse bool) map[strin
 	}
 	return schemaAttrs
 }
+func resourceSchemaAttrsProvisioningProvisionedSCIM(recurse bool) map[string]rsschema.Attribute {
+	schemaAttrs := make(map[string]rsschema.Attribute)
+	schemaAttrs["authentication_scheme"] = rsschema.StringAttribute{
+		Computed: true,
+		Optional: true,
+		Default:  stringdefault.StaticString("NONE"),
+		Validators: []validator.String{
+			stringvalidator.OneOf(
+				"NONE", "BASIC", "BEARER", "CUSTOM",
+			),
+		},
+	}
+	schemaAttrs["basic_auth_password"] = rsschema.StringAttribute{
+		Optional: true,
+		Validators: []validator.String{
+			stringvalidator.UTF8LengthBetween(0, 512),
+		},
+	}
+	schemaAttrs["basic_auth_username"] = rsschema.StringAttribute{
+		Optional: true,
+		Validators: []validator.String{
+			stringvalidator.UTF8LengthBetween(0, 512),
+		},
+	}
+	schemaAttrs["bearer_token"] = rsschema.StringAttribute{
+		Optional: true,
+		Validators: []validator.String{
+			stringvalidator.UTF8LengthBetween(0, 1024),
+		},
+	}
+	schemaAttrs["custom_header_name"] = rsschema.StringAttribute{
+		Optional: true,
+		Validators: []validator.String{
+			stringvalidator.UTF8LengthBetween(0, 64),
+		},
+	}
+	schemaAttrs["custom_header_value"] = rsschema.StringAttribute{
+		Optional: true,
+		Validators: []validator.String{
+			stringvalidator.UTF8LengthBetween(0, 1024),
+		},
+	}
+	schemaAttrs["url"] = rsschema.StringAttribute{
+		Required: true,
+		Validators: []validator.String{
+			stringvalidator.UTF8LengthBetween(0, 512),
+		},
+	}
+	schemaAttrs["vendor_escaped"] = rsschema.StringAttribute{
+		Computed: true,
+		Optional: true,
+		Default:  stringdefault.StaticString("DEFAULT"),
+		Validators: []validator.String{
+			stringvalidator.OneOf(
+				"DEFAULT", "AWS", "KEYSTONE",
+			),
+		},
+	}
+	return schemaAttrs
+}
 func resourceSchemaAttrsProvisioningProvisionedSystem(recurse bool) map[string]rsschema.Attribute {
 	schemaAttrs := make(map[string]rsschema.Attribute)
 	if recurse {
@@ -3009,6 +3068,7 @@ func resourceSchemaAttrsProvisioningProvisionedSystem(recurse bool) map[string]r
 		Computed: true,
 	}
 	schemaAttrs["content_administrator_uuid"] = rsschema.StringAttribute{
+		Computed: true,
 		Optional: true,
 		Validators: []validator.String{
 			stringvalidator.RegexMatches(regexp.MustCompile("[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}"), "The value must be a valid UUID"),
@@ -3123,6 +3183,13 @@ func resourceSchemaAttrsProvisioningProvisionedSystem(recurse bool) map[string]r
 		attr.Optional = true
 		schemaAttrs["provisioned_namespace"] = attr
 	}
+	{
+		attr := rsschema.SingleNestedAttribute{
+			Attributes: resourceSchemaAttrsProvisioningProvisionedSCIM(false),
+		}
+		attr.Optional = true
+		schemaAttrs["provisioned_scim"] = attr
+	}
 	return schemaAttrs
 }
 func resourceSchemaAttrsProvisioningProvisionedSystemLinkableWrapper(recurse bool) map[string]rsschema.Attribute {
@@ -3386,7 +3453,7 @@ func resourceSchemaAttrsServiceaccountServiceAccountGroup(recurse bool) map[stri
 		Required: true,
 		Validators: []validator.String{
 			stringvalidator.OneOf(
-				"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP",
+				"POSIX_GROUP", "GROUP_OF_NAMES", "GROUP_OF_UNIQUE_NAMES", "GROUP", "AZURE_ROLE", "AZURE_UNIFIED_GROUP", "AZURE_SECURITY_GROUP", "SCIM",
 			),
 		},
 	}
diff --git a/internal/provider/full-tf-to-data-struct-ds.go b/internal/provider/full-tf-to-data-struct-ds.go
index 0b5ed66..88828b8 100644
--- a/internal/provider/full-tf-to-data-struct-ds.go
+++ b/internal/provider/full-tf-to-data-struct-ds.go
@@ -135,7 +135,7 @@ func fillDataStructFromTFObjectDSCertificateCertificate(data *certificateCertifi
 	data.Permissions = obj.Attributes()["permissions"].(basetypes.ListValue)
 	data.Alias = obj.Attributes()["alias"].(basetypes.StringValue)
 	data.CertificateCertificatePrimerType = obj.Attributes()["type"].(basetypes.StringValue)
-	data.CertificateData = obj.Attributes()["certificate_data"].(basetypes.ListValue)
+	data.CertificateData = obj.Attributes()["certificate_data"].(basetypes.StringValue)
 	data.Expiration = obj.Attributes()["expiration"].(basetypes.StringValue)
 	data.FingerprintSha1 = obj.Attributes()["fingerprint_sha1"].(basetypes.StringValue)
 	data.FingerprintSha256 = obj.Attributes()["fingerprint_sha256"].(basetypes.StringValue)
@@ -144,7 +144,7 @@ func fillDataStructFromTFObjectDSCertificateCertificate(data *certificateCertifi
 	data.UUID = obj.Attributes()["uuid"].(basetypes.StringValue)
 	data.Additional = obj.Attributes()["additional"].(basetypes.ListValue)
 	data.Audit = obj.Attributes()["audit"].(basetypes.ObjectValue)
-	data.KeyData = obj.Attributes()["key_data"].(basetypes.ListValue)
+	data.KeyData = obj.Attributes()["key_data"].(basetypes.StringValue)
 }
 
 func fillDataStructFromTFObjectDSCertificateCertificatePrimer(data *certificateCertificatePrimerDataDS, obj types.Object) {
@@ -152,7 +152,7 @@ func fillDataStructFromTFObjectDSCertificateCertificatePrimer(data *certificateC
 	data.Permissions = obj.Attributes()["permissions"].(basetypes.ListValue)
 	data.Alias = obj.Attributes()["alias"].(basetypes.StringValue)
 	data.CertificateCertificatePrimerType = obj.Attributes()["type"].(basetypes.StringValue)
-	data.CertificateData = obj.Attributes()["certificate_data"].(basetypes.ListValue)
+	data.CertificateData = obj.Attributes()["certificate_data"].(basetypes.StringValue)
 	data.Expiration = obj.Attributes()["expiration"].(basetypes.StringValue)
 	data.FingerprintSha1 = obj.Attributes()["fingerprint_sha1"].(basetypes.StringValue)
 	data.FingerprintSha256 = obj.Attributes()["fingerprint_sha256"].(basetypes.StringValue)
@@ -887,6 +887,17 @@ func fillDataStructFromTFObjectDSProvisioningProvisionedNamespace(data *provisio
 	data.ServiceAccountDN = obj.Attributes()["service_account_dn"].(basetypes.StringValue)
 }
 
+func fillDataStructFromTFObjectDSProvisioningProvisionedSCIM(data *provisioningProvisionedSCIMDataDS, obj types.Object) {
+	data.AuthenticationScheme = obj.Attributes()["authentication_scheme"].(basetypes.StringValue)
+	data.BasicAuthPassword = obj.Attributes()["basic_auth_password"].(basetypes.StringValue)
+	data.BasicAuthUsername = obj.Attributes()["basic_auth_username"].(basetypes.StringValue)
+	data.BearerToken = obj.Attributes()["bearer_token"].(basetypes.StringValue)
+	data.CustomHeaderName = obj.Attributes()["custom_header_name"].(basetypes.StringValue)
+	data.CustomHeaderValue = obj.Attributes()["custom_header_value"].(basetypes.StringValue)
+	data.URL = obj.Attributes()["url"].(basetypes.StringValue)
+	data.VendorEscaped = obj.Attributes()["vendor_escaped"].(basetypes.StringValue)
+}
+
 func fillDataStructFromTFObjectDSProvisioningProvisionedSystem(data *provisioningProvisionedSystemDataDS, obj types.Object) {
 	data.Links = obj.Attributes()["links"].(basetypes.ListValue)
 	data.Permissions = obj.Attributes()["permissions"].(basetypes.ListValue)
@@ -924,6 +935,7 @@ func fillDataStructFromTFObjectDSProvisioningProvisionedSystem(data *provisionin
 	data.ProvisionedLDAP = obj.Attributes()["provisioned_ldap"].(basetypes.ObjectValue)
 	data.ProvisionedLDAPDirectory = obj.Attributes()["provisioned_ldap_directory"].(basetypes.ObjectValue)
 	data.ProvisionedNamespace = obj.Attributes()["provisioned_namespace"].(basetypes.ObjectValue)
+	data.ProvisionedSCIM = obj.Attributes()["provisioned_scim"].(basetypes.ObjectValue)
 }
 
 func fillDataStructFromTFObjectDSProvisioningProvisionedSystemLinkableWrapper(data *provisioningProvisionedSystemLinkableWrapperDataDS, obj types.Object) {
diff --git a/internal/provider/full-tf-to-data-struct-rs.go b/internal/provider/full-tf-to-data-struct-rs.go
index 90ab290..effde3b 100644
--- a/internal/provider/full-tf-to-data-struct-rs.go
+++ b/internal/provider/full-tf-to-data-struct-rs.go
@@ -60,7 +60,7 @@ func fillDataStructFromTFObjectRSCertificateCertificatePrimer(data *certificateC
 	data.Permissions = obj.Attributes()["permissions"].(basetypes.ListValue)
 	data.Alias = obj.Attributes()["alias"].(basetypes.StringValue)
 	data.CertificateCertificatePrimerType = obj.Attributes()["type"].(basetypes.StringValue)
-	data.CertificateData = obj.Attributes()["certificate_data"].(basetypes.ListValue)
+	data.CertificateData = obj.Attributes()["certificate_data"].(basetypes.StringValue)
 	data.Expiration = obj.Attributes()["expiration"].(basetypes.StringValue)
 	data.FingerprintSha1 = obj.Attributes()["fingerprint_sha1"].(basetypes.StringValue)
 	data.FingerprintSha256 = obj.Attributes()["fingerprint_sha256"].(basetypes.StringValue)
@@ -786,6 +786,17 @@ func fillDataStructFromTFObjectRSProvisioningProvisionedNamespace(data *provisio
 	data.ServiceAccountDN = obj.Attributes()["service_account_dn"].(basetypes.StringValue)
 }
 
+func fillDataStructFromTFObjectRSProvisioningProvisionedSCIM(data *provisioningProvisionedSCIMDataRS, obj types.Object) {
+	data.AuthenticationScheme = obj.Attributes()["authentication_scheme"].(basetypes.StringValue)
+	data.BasicAuthPassword = obj.Attributes()["basic_auth_password"].(basetypes.StringValue)
+	data.BasicAuthUsername = obj.Attributes()["basic_auth_username"].(basetypes.StringValue)
+	data.BearerToken = obj.Attributes()["bearer_token"].(basetypes.StringValue)
+	data.CustomHeaderName = obj.Attributes()["custom_header_name"].(basetypes.StringValue)
+	data.CustomHeaderValue = obj.Attributes()["custom_header_value"].(basetypes.StringValue)
+	data.URL = obj.Attributes()["url"].(basetypes.StringValue)
+	data.VendorEscaped = obj.Attributes()["vendor_escaped"].(basetypes.StringValue)
+}
+
 func fillDataStructFromTFObjectRSProvisioningProvisionedSystem(data *provisioningProvisionedSystemDataRS, obj types.Object) {
 	data.Links = obj.Attributes()["links"].(basetypes.ListValue)
 	data.Permissions = obj.Attributes()["permissions"].(basetypes.ListValue)
@@ -823,6 +834,7 @@ func fillDataStructFromTFObjectRSProvisioningProvisionedSystem(data *provisionin
 	data.ProvisionedLDAP = obj.Attributes()["provisioned_ldap"].(basetypes.ObjectValue)
 	data.ProvisionedLDAPDirectory = obj.Attributes()["provisioned_ldap_directory"].(basetypes.ObjectValue)
 	data.ProvisionedNamespace = obj.Attributes()["provisioned_namespace"].(basetypes.ObjectValue)
+	data.ProvisionedSCIM = obj.Attributes()["provisioned_scim"].(basetypes.ObjectValue)
 }
 
 func fillDataStructFromTFObjectRSProvisioningProvisionedSystemLinkableWrapper(data *provisioningProvisionedSystemLinkableWrapperDataRS, obj types.Object) {
diff --git a/internal/provider/full-tf-to-tkh-ds.go b/internal/provider/full-tf-to-tkh-ds.go
index 29e14b3..1fb8aad 100644
--- a/internal/provider/full-tf-to-tkh-ds.go
+++ b/internal/provider/full-tf-to-tkh-ds.go
@@ -452,13 +452,7 @@ func tfObjectToTKHDSCertificateCertificate(ctx context.Context, recurse bool, ob
 		diags.Append(d...)
 		tkh.SetCertificateCertificatePrimerType(val)
 	}
-	{
-		val, d := tfToSlice(objAttrs["certificate_data"].(basetypes.ListValue), func(val attr.Value, diags *diag.Diagnostics) string {
-			return val.(basetypes.StringValue).ValueString()
-		})
-		diags.Append(d...)
-		tkh.SetCertificateData(val)
-	}
+	tkh.SetCertificateData(objAttrs["certificate_data"].(basetypes.StringValue).ValueStringPointer())
 	{
 		val, d := tfToTimePointer(objAttrs["expiration"].(basetypes.StringValue))
 		diags.Append(d...)
@@ -469,13 +463,7 @@ func tfObjectToTKHDSCertificateCertificate(ctx context.Context, recurse bool, ob
 	tkh.SetGlobal(objAttrs["global"].(basetypes.BoolValue).ValueBoolPointer())
 	tkh.SetSubjectDN(objAttrs["subject_dn"].(basetypes.StringValue).ValueStringPointer())
 	tkh.SetUuid(objAttrs["uuid"].(basetypes.StringValue).ValueStringPointer())
-	{
-		val, d := tfToSlice(objAttrs["key_data"].(basetypes.ListValue), func(val attr.Value, diags *diag.Diagnostics) string {
-			return val.(basetypes.StringValue).ValueString()
-		})
-		diags.Append(d...)
-		tkh.SetKeyData(val)
-	}
+	tkh.SetKeyData(objAttrs["key_data"].(basetypes.StringValue).ValueStringPointer())
 	if recurse {
 		{
 			val, d := tfObjectToTKHDSCertificateCertificate_additionalObjects(ctx, false, objVal)
@@ -520,13 +508,7 @@ func tfObjectToTKHDSCertificateCertificatePrimer(ctx context.Context, recurse bo
 		diags.Append(d...)
 		tkh.SetCertificateCertificatePrimerType(val)
 	}
-	{
-		val, d := tfToSlice(objAttrs["certificate_data"].(basetypes.ListValue), func(val attr.Value, diags *diag.Diagnostics) string {
-			return val.(basetypes.StringValue).ValueString()
-		})
-		diags.Append(d...)
-		tkh.SetCertificateData(val)
-	}
+	tkh.SetCertificateData(objAttrs["certificate_data"].(basetypes.StringValue).ValueStringPointer())
 	{
 		val, d := tfToTimePointer(objAttrs["expiration"].(basetypes.StringValue))
 		diags.Append(d...)
@@ -3259,6 +3241,37 @@ func tfObjectToTKHDSProvisioningProvisionedNamespace(ctx context.Context, recurs
 	return tkh, diags
 }
 
+func tfObjectToTKHDSProvisioningProvisionedSCIM(ctx context.Context, recurse bool, objVal types.Object) (keyhubmodel.ProvisioningProvisionedSCIMable, diag.Diagnostics) {
+	var diags diag.Diagnostics
+	if objVal.IsNull() || objVal.IsUnknown() {
+		return nil, diags
+	}
+	objAttrs := objVal.Attributes()
+	var tkh keyhubmodel.ProvisioningProvisionedSCIMable
+	tkh = keyhubmodel.NewProvisioningProvisionedSCIM()
+	{
+		val, d := parseCastPointer(objAttrs["authentication_scheme"].(basetypes.StringValue), keyhubmodel.ParseHttpAuthenticationScheme, func(val any) keyhubmodel.HttpAuthenticationScheme {
+			return *val.(*keyhubmodel.HttpAuthenticationScheme)
+		})
+		diags.Append(d...)
+		tkh.SetAuthenticationScheme(val)
+	}
+	tkh.SetBasicAuthPassword(objAttrs["basic_auth_password"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetBasicAuthUsername(objAttrs["basic_auth_username"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetBearerToken(objAttrs["bearer_token"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetCustomHeaderName(objAttrs["custom_header_name"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetCustomHeaderValue(objAttrs["custom_header_value"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetUrl(objAttrs["url"].(basetypes.StringValue).ValueStringPointer())
+	{
+		val, d := parseCastPointer(objAttrs["vendor_escaped"].(basetypes.StringValue), keyhubmodel.ParseProvisioningProvisionedSCIMVendor, func(val any) keyhubmodel.ProvisioningProvisionedSCIMVendor {
+			return *val.(*keyhubmodel.ProvisioningProvisionedSCIMVendor)
+		})
+		diags.Append(d...)
+		tkh.SetVendorEscaped(val)
+	}
+	return tkh, diags
+}
+
 func tfObjectToTKHDSProvisioningProvisionedSystem(ctx context.Context, recurse bool, objVal types.Object) (keyhubmodel.ProvisioningProvisionedSystemable, diag.Diagnostics) {
 	var diags diag.Diagnostics
 	if objVal.IsNull() || objVal.IsUnknown() {
@@ -3399,6 +3412,14 @@ func tfObjectToTKHDSProvisioningProvisionedSystem(ctx context.Context, recurse b
 		val.SetTypeEscaped(dtype)
 		tkh = val
 	}
+	if !objAttrs["provisioned_scim"].IsNull() {
+		val, d := tfObjectToTKHDSProvisioningProvisionedSCIM(ctx, false, objAttrs["provisioned_scim"].(basetypes.ObjectValue))
+		diags.Append(d...)
+		dtype := val.GetTypeEscaped()
+		(*val.(*keyhubmodel.ProvisioningProvisionedSCIM)).ProvisioningProvisionedSystem = *tkh.(*keyhubmodel.ProvisioningProvisionedSystem)
+		val.SetTypeEscaped(dtype)
+		tkh = val
+	}
 	if recurse {
 		{
 			val, d := tfObjectToTKHDSProvisioningProvisionedSystem_additionalObjects(ctx, false, objVal)
@@ -4149,8 +4170,8 @@ func tfObjectToTKHDSWebhookWebhook(ctx context.Context, recurse bool, objVal typ
 	tkh.SetActive(objAttrs["active"].(basetypes.BoolValue).ValueBoolPointer())
 	tkh.SetAllTypes(objAttrs["all_types"].(basetypes.BoolValue).ValueBoolPointer())
 	{
-		val, d := parseCastPointer(objAttrs["authentication_scheme"].(basetypes.StringValue), keyhubmodel.ParseWebhookWebhookAuthenticationScheme, func(val any) keyhubmodel.WebhookWebhookAuthenticationScheme {
-			return *val.(*keyhubmodel.WebhookWebhookAuthenticationScheme)
+		val, d := parseCastPointer(objAttrs["authentication_scheme"].(basetypes.StringValue), keyhubmodel.ParseHttpAuthenticationScheme, func(val any) keyhubmodel.HttpAuthenticationScheme {
+			return *val.(*keyhubmodel.HttpAuthenticationScheme)
 		})
 		diags.Append(d...)
 		tkh.SetAuthenticationScheme(val)
diff --git a/internal/provider/full-tf-to-tkh-rs.go b/internal/provider/full-tf-to-tkh-rs.go
index 93328da..4678079 100644
--- a/internal/provider/full-tf-to-tkh-rs.go
+++ b/internal/provider/full-tf-to-tkh-rs.go
@@ -212,13 +212,7 @@ func tfObjectToTKHRSCertificateCertificatePrimer(ctx context.Context, recurse bo
 		diags.Append(d...)
 		tkh.SetCertificateCertificatePrimerType(val)
 	}
-	{
-		val, d := tfToSlice(objAttrs["certificate_data"].(basetypes.ListValue), func(val attr.Value, diags *diag.Diagnostics) string {
-			return val.(basetypes.StringValue).ValueString()
-		})
-		diags.Append(d...)
-		tkh.SetCertificateData(val)
-	}
+	tkh.SetCertificateData(objAttrs["certificate_data"].(basetypes.StringValue).ValueStringPointer())
 	{
 		val, d := tfToTimePointer(objAttrs["expiration"].(basetypes.StringValue))
 		diags.Append(d...)
@@ -2913,6 +2907,37 @@ func tfObjectToTKHRSProvisioningProvisionedNamespace(ctx context.Context, recurs
 	return tkh, diags
 }
 
+func tfObjectToTKHRSProvisioningProvisionedSCIM(ctx context.Context, recurse bool, objVal types.Object) (keyhubmodel.ProvisioningProvisionedSCIMable, diag.Diagnostics) {
+	var diags diag.Diagnostics
+	if objVal.IsNull() || objVal.IsUnknown() {
+		return nil, diags
+	}
+	objAttrs := objVal.Attributes()
+	var tkh keyhubmodel.ProvisioningProvisionedSCIMable
+	tkh = keyhubmodel.NewProvisioningProvisionedSCIM()
+	{
+		val, d := parseCastPointer(objAttrs["authentication_scheme"].(basetypes.StringValue), keyhubmodel.ParseHttpAuthenticationScheme, func(val any) keyhubmodel.HttpAuthenticationScheme {
+			return *val.(*keyhubmodel.HttpAuthenticationScheme)
+		})
+		diags.Append(d...)
+		tkh.SetAuthenticationScheme(val)
+	}
+	tkh.SetBasicAuthPassword(objAttrs["basic_auth_password"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetBasicAuthUsername(objAttrs["basic_auth_username"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetBearerToken(objAttrs["bearer_token"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetCustomHeaderName(objAttrs["custom_header_name"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetCustomHeaderValue(objAttrs["custom_header_value"].(basetypes.StringValue).ValueStringPointer())
+	tkh.SetUrl(objAttrs["url"].(basetypes.StringValue).ValueStringPointer())
+	{
+		val, d := parseCastPointer(objAttrs["vendor_escaped"].(basetypes.StringValue), keyhubmodel.ParseProvisioningProvisionedSCIMVendor, func(val any) keyhubmodel.ProvisioningProvisionedSCIMVendor {
+			return *val.(*keyhubmodel.ProvisioningProvisionedSCIMVendor)
+		})
+		diags.Append(d...)
+		tkh.SetVendorEscaped(val)
+	}
+	return tkh, diags
+}
+
 func tfObjectToTKHRSProvisioningProvisionedSystem(ctx context.Context, recurse bool, objVal types.Object) (keyhubmodel.ProvisioningProvisionedSystemable, diag.Diagnostics) {
 	var diags diag.Diagnostics
 	if objVal.IsNull() || objVal.IsUnknown() {
@@ -3053,6 +3078,14 @@ func tfObjectToTKHRSProvisioningProvisionedSystem(ctx context.Context, recurse b
 		val.SetTypeEscaped(dtype)
 		tkh = val
 	}
+	if !objAttrs["provisioned_scim"].IsNull() {
+		val, d := tfObjectToTKHRSProvisioningProvisionedSCIM(ctx, false, objAttrs["provisioned_scim"].(basetypes.ObjectValue))
+		diags.Append(d...)
+		dtype := val.GetTypeEscaped()
+		(*val.(*keyhubmodel.ProvisioningProvisionedSCIM)).ProvisioningProvisionedSystem = *tkh.(*keyhubmodel.ProvisioningProvisionedSystem)
+		val.SetTypeEscaped(dtype)
+		tkh = val
+	}
 	if recurse {
 		{
 			val, d := tfObjectToTKHRSProvisioningProvisionedSystem_additionalObjects(ctx, false, objVal)
@@ -3814,8 +3847,8 @@ func tfObjectToTKHRSWebhookWebhook(ctx context.Context, recurse bool, objVal typ
 	tkh.SetActive(objAttrs["active"].(basetypes.BoolValue).ValueBoolPointer())
 	tkh.SetAllTypes(objAttrs["all_types"].(basetypes.BoolValue).ValueBoolPointer())
 	{
-		val, d := parseCastPointer(objAttrs["authentication_scheme"].(basetypes.StringValue), keyhubmodel.ParseWebhookWebhookAuthenticationScheme, func(val any) keyhubmodel.WebhookWebhookAuthenticationScheme {
-			return *val.(*keyhubmodel.WebhookWebhookAuthenticationScheme)
+		val, d := parseCastPointer(objAttrs["authentication_scheme"].(basetypes.StringValue), keyhubmodel.ParseHttpAuthenticationScheme, func(val any) keyhubmodel.HttpAuthenticationScheme {
+			return *val.(*keyhubmodel.HttpAuthenticationScheme)
 		})
 		diags.Append(d...)
 		tkh.SetAuthenticationScheme(val)
diff --git a/internal/provider/full-tkh-to-tf-ds.go b/internal/provider/full-tkh-to-tf-ds.go
index 95ce432..03c8f30 100644
--- a/internal/provider/full-tkh-to-tf-ds.go
+++ b/internal/provider/full-tkh-to-tf-ds.go
@@ -507,28 +507,14 @@ func tkhToTFObjectDSCertificateCertificate(recurse bool, tkh keyhubmodel.Certifi
 	}
 	obj["alias"] = types.StringPointerValue(tkh.GetAlias())
 	obj["type"] = stringerToTF(tkh.GetCertificateCertificatePrimerType())
-	{
-		elemType := attrs["certificate_data"].(types.ListType).ElemType
-		val, d := sliceToTF(elemType, tkh.GetCertificateData(), func(tkh string, diags *diag.Diagnostics) attr.Value {
-			return types.StringValue(tkh)
-		})
-		diags.Append(d...)
-		obj["certificate_data"] = val
-	}
+	obj["certificate_data"] = types.StringPointerValue(tkh.GetCertificateData())
 	obj["expiration"] = timePointerToTF(tkh.GetExpiration())
 	obj["fingerprint_sha1"] = types.StringPointerValue(tkh.GetFingerprintSha1())
 	obj["fingerprint_sha256"] = types.StringPointerValue(tkh.GetFingerprintSha256())
 	obj["global"] = types.BoolPointerValue(tkh.GetGlobal())
 	obj["subject_dn"] = types.StringPointerValue(tkh.GetSubjectDN())
 	obj["uuid"] = types.StringPointerValue(tkh.GetUuid())
-	{
-		elemType := attrs["key_data"].(types.ListType).ElemType
-		val, d := sliceToTF(elemType, tkh.GetKeyData(), func(tkh string, diags *diag.Diagnostics) attr.Value {
-			return types.StringValue(tkh)
-		})
-		diags.Append(d...)
-		obj["key_data"] = val
-	}
+	obj["key_data"] = types.StringPointerValue(tkh.GetKeyData())
 
 	objVal, d := types.ObjectValue(attrs, obj)
 	diags.Append(d...)
@@ -570,14 +556,7 @@ func tkhToTFObjectDSCertificateCertificatePrimer(recurse bool, tkh keyhubmodel.C
 	}
 	obj["alias"] = types.StringPointerValue(tkh.GetAlias())
 	obj["type"] = stringerToTF(tkh.GetCertificateCertificatePrimerType())
-	{
-		elemType := attrs["certificate_data"].(types.ListType).ElemType
-		val, d := sliceToTF(elemType, tkh.GetCertificateData(), func(tkh string, diags *diag.Diagnostics) attr.Value {
-			return types.StringValue(tkh)
-		})
-		diags.Append(d...)
-		obj["certificate_data"] = val
-	}
+	obj["certificate_data"] = types.StringPointerValue(tkh.GetCertificateData())
 	obj["expiration"] = timePointerToTF(tkh.GetExpiration())
 	obj["fingerprint_sha1"] = types.StringPointerValue(tkh.GetFingerprintSha1())
 	obj["fingerprint_sha256"] = types.StringPointerValue(tkh.GetFingerprintSha256())
@@ -3831,6 +3810,33 @@ func tkhToTFObjectDSProvisioningProvisionedNamespace(recurse bool, tkh keyhubmod
 	return objVal, diags
 }
 
+func tkhToTFObjectDSProvisioningProvisionedSCIM(recurse bool, tkh keyhubmodel.ProvisioningProvisionedSCIMable) (types.Object, diag.Diagnostics) {
+	var diags diag.Diagnostics
+	var attrs map[string]attr.Type
+	if recurse {
+		attrs = provisioningProvisionedSCIMAttrTypesDSRecurse
+	} else {
+		attrs = provisioningProvisionedSCIMAttrTypesDS
+	}
+	if tkh == nil {
+		return types.ObjectNull(attrs), diags
+	}
+
+	obj := make(map[string]attr.Value)
+	obj["authentication_scheme"] = stringerToTF(tkh.GetAuthenticationScheme())
+	obj["basic_auth_password"] = types.StringPointerValue(tkh.GetBasicAuthPassword())
+	obj["basic_auth_username"] = types.StringPointerValue(tkh.GetBasicAuthUsername())
+	obj["bearer_token"] = types.StringPointerValue(tkh.GetBearerToken())
+	obj["custom_header_name"] = types.StringPointerValue(tkh.GetCustomHeaderName())
+	obj["custom_header_value"] = types.StringPointerValue(tkh.GetCustomHeaderValue())
+	obj["url"] = types.StringPointerValue(tkh.GetUrl())
+	obj["vendor_escaped"] = stringerToTF(tkh.GetVendorEscaped())
+
+	objVal, d := types.ObjectValue(attrs, obj)
+	diags.Append(d...)
+	return objVal, diags
+}
+
 func tkhToTFObjectDSProvisioningProvisionedSystem(recurse bool, tkh keyhubmodel.ProvisioningProvisionedSystemable) (types.Object, diag.Diagnostics) {
 	var diags diag.Diagnostics
 	var attrs map[string]attr.Type
@@ -3960,6 +3966,12 @@ func tkhToTFObjectDSProvisioningProvisionedSystem(recurse bool, tkh keyhubmodel.
 		diags.Append(d...)
 		obj["provisioned_namespace"] = val
 	}
+	{
+		tkhCast, _ := tkh.(keyhubmodel.ProvisioningProvisionedSCIMable)
+		val, d := tkhToTFObjectDSProvisioningProvisionedSCIM(false, tkhCast)
+		diags.Append(d...)
+		obj["provisioned_scim"] = val
+	}
 
 	objVal, d := types.ObjectValue(attrs, obj)
 	diags.Append(d...)
diff --git a/internal/provider/full-tkh-to-tf-rs.go b/internal/provider/full-tkh-to-tf-rs.go
index 1ce37cc..362eb61 100644
--- a/internal/provider/full-tkh-to-tf-rs.go
+++ b/internal/provider/full-tkh-to-tf-rs.go
@@ -256,14 +256,7 @@ func tkhToTFObjectRSCertificateCertificatePrimer(recurse bool, tkh keyhubmodel.C
 	}
 	obj["alias"] = types.StringPointerValue(tkh.GetAlias())
 	obj["type"] = stringerToTF(tkh.GetCertificateCertificatePrimerType())
-	{
-		elemType := attrs["certificate_data"].(types.ListType).ElemType
-		val, d := sliceToTF(elemType, tkh.GetCertificateData(), func(tkh string, diags *diag.Diagnostics) attr.Value {
-			return types.StringValue(tkh)
-		})
-		diags.Append(d...)
-		obj["certificate_data"] = val
-	}
+	obj["certificate_data"] = types.StringPointerValue(tkh.GetCertificateData())
 	obj["expiration"] = timePointerToTF(tkh.GetExpiration())
 	obj["fingerprint_sha1"] = types.StringPointerValue(tkh.GetFingerprintSha1())
 	obj["fingerprint_sha256"] = types.StringPointerValue(tkh.GetFingerprintSha256())
@@ -3189,6 +3182,33 @@ func tkhToTFObjectRSProvisioningProvisionedNamespace(recurse bool, tkh keyhubmod
 	return objVal, diags
 }
 
+func tkhToTFObjectRSProvisioningProvisionedSCIM(recurse bool, tkh keyhubmodel.ProvisioningProvisionedSCIMable) (types.Object, diag.Diagnostics) {
+	var diags diag.Diagnostics
+	var attrs map[string]attr.Type
+	if recurse {
+		attrs = provisioningProvisionedSCIMAttrTypesRSRecurse
+	} else {
+		attrs = provisioningProvisionedSCIMAttrTypesRS
+	}
+	if tkh == nil {
+		return types.ObjectNull(attrs), diags
+	}
+
+	obj := make(map[string]attr.Value)
+	obj["authentication_scheme"] = stringerToTF(tkh.GetAuthenticationScheme())
+	obj["basic_auth_password"] = types.StringPointerValue(tkh.GetBasicAuthPassword())
+	obj["basic_auth_username"] = types.StringPointerValue(tkh.GetBasicAuthUsername())
+	obj["bearer_token"] = types.StringPointerValue(tkh.GetBearerToken())
+	obj["custom_header_name"] = types.StringPointerValue(tkh.GetCustomHeaderName())
+	obj["custom_header_value"] = types.StringPointerValue(tkh.GetCustomHeaderValue())
+	obj["url"] = types.StringPointerValue(tkh.GetUrl())
+	obj["vendor_escaped"] = stringerToTF(tkh.GetVendorEscaped())
+
+	objVal, d := types.ObjectValue(attrs, obj)
+	diags.Append(d...)
+	return objVal, diags
+}
+
 func tkhToTFObjectRSProvisioningProvisionedSystem(recurse bool, tkh keyhubmodel.ProvisioningProvisionedSystemable) (types.Object, diag.Diagnostics) {
 	var diags diag.Diagnostics
 	var attrs map[string]attr.Type
@@ -3302,6 +3322,12 @@ func tkhToTFObjectRSProvisioningProvisionedSystem(recurse bool, tkh keyhubmodel.
 		diags.Append(d...)
 		obj["provisioned_namespace"] = val
 	}
+	{
+		tkhCast, _ := tkh.(keyhubmodel.ProvisioningProvisionedSCIMable)
+		val, d := tkhToTFObjectRSProvisioningProvisionedSCIM(false, tkhCast)
+		diags.Append(d...)
+		obj["provisioned_scim"] = val
+	}
 
 	objVal, d := types.ObjectValue(attrs, obj)
 	diags.Append(d...)